X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fso%2Fcharts%2Fso-vnfm-adapter%2Ftemplates%2Fdeployment.yaml;h=a720753f475e319c1ffee240fa62f1feaf81b626;hb=3ea400b4e62a027caa9bbba14b52d2c04e07f6c0;hp=c297ac3ce83b43ce4d678de55de8dd58b879d8f3;hpb=e661fb39459ddef74def3e1259f9191a5a7386dc;p=oom.git

diff --git a/kubernetes/so/charts/so-vnfm-adapter/templates/deployment.yaml b/kubernetes/so/charts/so-vnfm-adapter/templates/deployment.yaml
index c297ac3ce8..a720753f47 100755
--- a/kubernetes/so/charts/so-vnfm-adapter/templates/deployment.yaml
+++ b/kubernetes/so/charts/so-vnfm-adapter/templates/deployment.yaml
@@ -34,22 +34,23 @@ spec:
         app: {{ include "common.name" . }}
         release: {{ include "common.release" . }}
     spec:
+      initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }}
       containers:
       - name: {{ include "common.name" . }}
         image: {{ include "common.repository" . }}/{{ .Values.image }}
         resources:
 {{ include "common.resources" . | indent 12 }}
-         {{- if eq .Values.global.security.aaf.enabled true }}
-        env: 
+        env:
         - name: TRUSTSTORE
-          value: /app/org.onap.so.trust.jks
+          value: {{ .Values.global.client.certs.truststore }}
         - name: TRUSTSTORE_PASSWORD
           valueFrom:
             secretKeyRef:
               name: {{ .Release.Name}}-so-client-certs-secret
               key: trustStorePassword
+        {{ if eq .Values.global.security.aaf.enabled true }}
         - name: KEYSTORE
-          value: /app/org.onap.so.jks
+          value: {{ .Values.global.client.certs.keystore }}
         - name: KEYSTORE_PASSWORD
           valueFrom:
             secretKeyRef:
@@ -60,12 +61,15 @@ spec:
         - configMapRef:
             name: {{ include "common.fullname" . }}-configmap
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        volumeMounts:
+        volumeMounts: {{ include "so.certificate.volume-mounts" . | nindent 8 }}
         - name: logs
           mountPath: /app/logs
         - name: config
           mountPath: /app/config
           readOnly: true
+        - name: {{ include "common.fullname" . }}-truststore
+          mountPath: /app/client
+          readonly: true
         livenessProbe:
           tcpSocket:
             port: {{ index .Values.livenessProbe.port }}
@@ -77,11 +81,14 @@ spec:
         - containerPort: {{ index .Values.containerPort }}
           name: {{ .Values.service.portName }}
           protocol: TCP
-      volumes:
+      volumes: {{ include "so.certificate.volumes" . | nindent 6 }}
       - name: logs
         emptyDir: {}
       - name: config
         configMap:
             name: {{ include "common.fullname" . }}-app-configmap
+      - name:  {{ include "common.fullname" . }}-truststore
+        secret:
+          secretName: {{ include "common.release" . }}-so-truststore-secret
       imagePullSecrets:
         - name: "{{ include "common.namespace" . }}-docker-registry-key"