X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Faai%2Fcomponents%2Faai-sparky-be%2Fvalues.yaml;h=147feb13c842251f11400a8706374085052aa3e4;hb=a9a41d84026f059aae70f9042c0b99af5b72e619;hp=ed21030dc8c5b34acb2f649ac81e14e9649a45d1;hpb=a62fb750442e6ea93c950d933adf8fc2713eb801;p=oom.git diff --git a/kubernetes/aai/components/aai-sparky-be/values.yaml b/kubernetes/aai/components/aai-sparky-be/values.yaml index ed21030dc8..147feb13c8 100644 --- a/kubernetes/aai/components/aai-sparky-be/values.yaml +++ b/kubernetes/aai/components/aai-sparky-be/values.yaml @@ -27,6 +27,45 @@ global: # global defaults searchData: serviceName: aai-search-data + +################################################################# +# Certificate configuration +################################################################# +certInitializer: + nameOverride: aai-sparky-cert-initializer + aafDeployFqi: deployer@people.osaaf.org + aafDeployPass: demo123456! + # aafDeployCredsExternalSecret: some secret + fqdn: "aai" + app_ns: "org.osaaf.aaf" + fqi_namespace: "org.onap.aai" + fqi: "aai@aai.onap.org" + public_fqdn: "aaf.osaaf.org" + cadi_longitude: "0.0" + cadi_latitude: "0.0" + credsPath: /opt/app/osaaf/local + aaf_add_config: | + echo "*** changing passwords into shell safe ones" + export KEYSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) + export TRUSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) + cd {{ .Values.credsPath }} + keytool -storepasswd -new "${KEYSTORE_PASSWD}" \ + -storepass "${cadi_keystore_password_jks}" \ + -keystore {{ .Values.fqi_namespace }}.jks + keytool -storepasswd -new "${TRUSTORE_PASSWD}" \ + -storepass "${cadi_truststore_password}" \ + -keystore {{ .Values.fqi_namespace }}.trust.jks + echo "*** set key password as same password as keystore password" + keytool -keypasswd -new "${KEYSTORE_PASSWD}" \ + -keystore {{ .Values.fqi_namespace }}.jks \ + -keypass "${cadi_keystore_password_jks}" \ + -storepass "${KEYSTORE_PASSWD}" -alias {{ .Values.fqi }} + echo "*** save the generated passwords" + echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWD}" > mycreds.prop + echo "TRUSTSTORE_PASSWORD=${TRUSTORE_PASSWD}" >> mycreds.prop + echo "*** change ownership of certificates to targeted user" + chown -R 1000 {{ .Values.credsPath }} + # application image image: onap/sparky-be:2.0.2 pullPolicy: Always @@ -44,13 +83,7 @@ config: portalPassword: OBF:1t2v1vfv1unz1vgz1t3b portalCookieName: UserId portalAppRoles: ui_view - aafUsername: aai@aai.onap.org - aafNamespace: org.onap.aai - aafPassword: enc:xxYw1FqXU5UpianbPeH5Rezg0YfjzuwQrSiLcCmJGfz - cadiKeyFile: /opt/app/sparky/config/portal/keyFile - cadiTrustStore: /opt/app/sparky/config/auth/truststoreONAPall.jks cadiFileLocation: /opt/app/sparky/config/portal/cadi.properties - cadiTrustStorePassword: changeit cookieDecryptorClass: org.onap.aai.sparky.security.BaseCookieDecryptor # ONAP Cookie Processing - During initial development, the following flag, if true, will