X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Faai%2Fcomponents%2Faai-resources%2Fvalues.yaml;h=ade593580888789f933889b08795cefe3c64ff6f;hb=b4e038d2e2e7f39fc69a234bb132f43ff6a69712;hp=5210a249d2433dab4c2f2a22d8a8a8c7003ad858;hpb=740de6d5e3e0744966114440583df27d141dfd03;p=oom.git diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml index 5210a249d2..ade5935808 100644 --- a/kubernetes/aai/components/aai-resources/values.yaml +++ b/kubernetes/aai/components/aai-resources/values.yaml @@ -24,9 +24,6 @@ global: # global defaults #Override it to aai-cassandra if localCluster is enabled. serviceName: cassandra - initContainers: - enabled: true - # Specifies a list of jobs to be run jobs: # When enabled, it will create the schema based on oxm and edge rules @@ -95,21 +92,6 @@ global: # global defaults edge: label: v12 - # Keystore configuration password and filename - keystore: - filename: aai_keystore - passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 - - # Truststore configuration password and filename - truststore: - filename: aai_keystore - passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 - - # Specifies a list of files to be included in auth volume - auth: - files: - - aai_keystore - # Specifies which clients should always default to realtime graph connection realtime: clients: SDNC,MSO,SO,robot-ete @@ -138,6 +120,38 @@ aai_enpoints: url: network - name: aai-externalSystem url: external-system +################################################################# +# Certificate configuration +################################################################# +certInitializer: + nameOverride: aai-resources-cert-initializer + aafDeployFqi: deployer@people.osaaf.org + aafDeployPass: demo123456! + # aafDeployCredsExternalSecret: some secret + fqdn: aai-resources + fqi: aai-resources@aai-resources.onap.org + public_fqdn: aai-resources.onap.org + cadi_longitude: "0.0" + cadi_latitude: "0.0" + app_ns: org.osaaf.aaf + credsPath: /opt/app/osaaf/local + fqi_namespace: org.onap.aai-resources + aaf_add_config: | + echo "*** retrieving password for keystore and trustore" + export $(/opt/app/aaf_config/bin/agent.sh local showpass \ + {{.Values.fqi}} {{ .Values.fqdn }} | grep '^c' | xargs -0) + if [ -z "$cadi_keystore_password_p12" ] + then + echo " /!\ certificates retrieval wasn't good" + exit 1 + else + echo "*** writing passwords into prop file" + echo "KEYSTORE_PASSWORD=${cadi_keystore_password_p12}" > {{ .Values.credsPath }}/mycreds.prop + echo "TRUSTSTORE_PASSWORD=${cadi_truststore_password}" >> {{ .Values.credsPath }}/mycreds.prop + echo "*** change ownership of certificates to targeted user" + chown -R 1000 {{ .Values.credsPath }} + fi + truststoreAllPassword: changeit # application image image: onap/aai-resources:1.7.2 @@ -190,12 +204,6 @@ readiness: initialDelaySeconds: 60 periodSeconds: 10 -# application configuration -sidecar: - keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - trustStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - service: type: ClusterIP portName: aai-resources-8447