X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fa1policymanagement%2Fvalues.yaml;h=e118b35cfd884287db838fb0aeee8661b55136c1;hb=0c31367d791d773bda5687d5977497a1e8215e4f;hp=ac26f9b5750c2d94dc0c8d502c96e3dd24fd9d6f;hpb=a8934e9feb874baf84a3dba697013d429e04f921;p=oom.git

diff --git a/kubernetes/a1policymanagement/values.yaml b/kubernetes/a1policymanagement/values.yaml
index ac26f9b575..e118b35cfd 100644
--- a/kubernetes/a1policymanagement/values.yaml
+++ b/kubernetes/a1policymanagement/values.yaml
@@ -1,5 +1,6 @@
 ################################################################################
 #   Copyright (c) 2020 Nordix Foundation.                                      #
+#   Copyright Â© 2020 Samsung Electronics, Modifications                        #
 #                                                                              #
 #   Licensed under the Apache License, Version 2.0 (the "License");            #
 #   you may not use this file except in compliance with the License.           #
@@ -18,8 +19,7 @@
 # Declare variables to be passed into your templates.
 
 global:
-  nodePortPrefix: 300
-  envsubstImage: dibi/envsubst
+  nodePortPrefix: 302
 
 secrets:
   - uid: controller-secret
@@ -29,8 +29,47 @@ secrets:
     password: '{{ .Values.a1controller.password }}'
     passwordPolicy: required
 
-repository: nexus3.onap.org:10001
-image: onap/ccsdk-oran-a1policymanagementservice:1.1.0
+#################################################################
+# AAF part
+#################################################################
+certInitializer:
+  nameOverride: a1p-cert-initializer
+  aafDeployFqi: deployer@people.osaaf.org
+  aafDeployPass: demo123456!
+  # aafDeployCredsExternalSecret: some secret
+  fqdn: a1p
+  fqi: a1p@a1p.onap.org
+  public_fqdn: a1p.onap.org
+  cadi_longitude: "0.0"
+  cadi_latitude: "0.0"
+  app_ns: org.osaaf.aaf
+  credsPath: /opt/app/osaaf/local
+  fqi_namespace: org.onap.a1p
+  aaf_add_config: |
+    echo "*** changing them into shell safe ones"
+    export KEYSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
+    export TRUSTSORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
+    cd {{ .Values.credsPath }}
+    keytool -storepasswd -new "${KEYSTORE_PASSWORD}" \
+      -storepass "${cadi_keystore_password_p12}" \
+      -keystore {{ .Values.fqi_namespace }}.p12
+    keytool -storepasswd -new "${TRUSTSORE_PASSWORD}" \
+      -storepass "${cadi_truststore_password}" \
+      -keystore {{ .Values.fqi_namespace }}.trust.jks
+    echo "*** set key password as same password as keystore password"
+    keytool -keypasswd -new "${KEYSTORE_PASSWORD}" \
+      -keystore {{ .Values.fqi_namespace }}.p12 \
+      -keypass "${cadi_keystore_password_p12}" \
+      -storepass "${KEYSTORE_PASSWORD}" -alias {{ .Values.fqi }}
+    echo "*** save the generated passwords"
+    echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop
+    echo "TRUSTSORE_PASSWORD=${TRUSTSORE_PASSWORD}" >> mycreds.prop
+    echo "*** change ownership of certificates to targeted user"
+    chown -R 1000 .
+
+image: onap/ccsdk-oran-a1policymanagementservice:1.0.1
+userID: 1000 #Should match with image-defined user ID
+groupID: 999 #Should match with image-defined group ID
 pullPolicy: IfNotPresent
 replicaCount: 1