changed location of used certs and keys files, updated deploy yamls and create/delete all
Issue-ID: OOM-293
Change-Id: I53766b7028d6b725bf381875105b196246ff2ee1
Signed-off-by: Keren Joseph <keren.joseph@amdocs.com>
18 files changed:
volumeMounts:
- mountPath: /opt/app/data-router/config/
name: data-router-config
volumeMounts:
- mountPath: /opt/app/data-router/config/
name: data-router-config
+ - mountPath: /opt/app/data-router/config/auth/tomcat_keystore
+ name: data-router-tomcat-key
+ - mountPath: /opt/app/data-router/config/auth/client-cert-onap.p12
+ name: data-router-client-cert
- mountPath: /opt/app/data-router/dynamic/
name: data-router-dynamic
- mountPath: /logs/
- mountPath: /opt/app/data-router/dynamic/
name: data-router-dynamic
- mountPath: /logs/
- name: data-router-logs
hostPath:
path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/data-router/logs/"
- name: data-router-logs
hostPath:
path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/data-router/logs/"
+ - name: data-router-tomcat-key
+ secret:
+ secretName: secret-{{ .Values.nsPrefix }}-aai
+ - name: data-router-client-cert
+ secret:
+ secretName: secret-{{ .Values.nsPrefix }}-aai
restartPolicy: Always
imagePullSecrets:
- name: "{{ .Values.nsPrefix }}-docker-registry-key"
restartPolicy: Always
imagePullSecrets:
- name: "{{ .Values.nsPrefix }}-docker-registry-key"
volumeMounts:
- mountPath: /opt/app/model-loader/config/
name: aai-model-loader-config
volumeMounts:
- mountPath: /opt/app/model-loader/config/
name: aai-model-loader-config
+ - mountPath: /opt/app/model-loader/config/auth/aai-os-cert.p12
+ name: aai-os-cert
- mountPath: /logs/
name: aai-model-loader-logs
image: "{{ .Values.image.modelLoaderImage }}:{{ .Values.image.modelLoaderVersion }}"
- mountPath: /logs/
name: aai-model-loader-logs
image: "{{ .Values.image.modelLoaderImage }}:{{ .Values.image.modelLoaderVersion }}"
- name: aai-model-loader-logs
hostPath:
path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/model-loader/logs/"
- name: aai-model-loader-logs
hostPath:
path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/model-loader/logs/"
+ - name: aai-os-cert
+ secret:
+ secretName: secret-{{ .Values.nsPrefix }}-aai
restartPolicy: Always
imagePullSecrets:
- name: "{{ .Values.nsPrefix }}-docker-registry-key"
restartPolicy: Always
imagePullSecrets:
- name: "{{ .Values.nsPrefix }}-docker-registry-key"
volumeMounts:
- mountPath: /opt/app/search-data-service/config/
name: aai-search-data-service-config
volumeMounts:
- mountPath: /opt/app/search-data-service/config/
name: aai-search-data-service-config
+ - mountPath: /opt/app/search-data-service/config/auth/tomcat_keystore
+ name: aai-tomcat-key
- mountPath: /logs/
name: aai-search-data-service-logs
ports:
- mountPath: /logs/
name: aai-search-data-service-logs
ports:
- name: aai-search-data-service-config
hostPath:
path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/search-data-service/appconfig/"
- name: aai-search-data-service-config
hostPath:
path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/search-data-service/appconfig/"
+ - name: aai-tomcat-key
+ secret:
+ secretName: secret-{{ .Values.nsPrefix }}-aai
- name: aai-search-data-service-logs
hostPath:
path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/search-data-service/logs/"
- name: aai-search-data-service-logs
hostPath:
path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/search-data-service/logs/"
volumeMounts:
- mountPath: /opt/app/sparky/config/
name: aai-sparky-be-config
volumeMounts:
- mountPath: /opt/app/sparky/config/
name: aai-sparky-be-config
+ - mountPath: /opt/app/sparky/config/auth/client-cert-onap.p12
+ name: aai-sparky-be-client-cert
+ - mountPath: /opt/app/sparky/config/auth/aai-os-cert.p12
+ name: aai-sparky-be-aai-os-cert
+ - mountPath: /opt/app/sparky/config/auth/inventory-ui-keystore
+ name: aai-sparky-be-inventory-key
- mountPath: /logs/
name: aai-sparky-be-logs
ports:
- mountPath: /logs/
name: aai-sparky-be-logs
ports:
- name: aai-sparky-be-logs
hostPath:
path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/sparky-be/logs/"
- name: aai-sparky-be-logs
hostPath:
path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/sparky-be/logs/"
+ - name: aai-sparky-be-client-cert
+ secret:
+ secretName: secret-{{ .Values.nsPrefix }}-aai
+ - name: aai-sparky-be-aai-os-cert
+ secret:
+ secretName: secret-{{ .Values.nsPrefix }}-aai
+ - name: aai-sparky-be-inventory-key
+ secret:
+ secretName: secret-{{ .Values.nsPrefix }}-aai
restartPolicy: Always
imagePullSecrets:
- name: "{{ .Values.nsPrefix }}-docker-registry-key"
restartPolicy: Always
imagePullSecrets:
- name: "{{ .Values.nsPrefix }}-docker-registry-key"
#ignore config docker image files
docker
#ignore config docker image files
docker
-createConfig.sh
\ No newline at end of file
hostPath:
path: /dockerdata-nfs/{{ .Values.nsPrefix }}/message-router/dmaap/cadi.properties
- name: mykey
hostPath:
path: /dockerdata-nfs/{{ .Values.nsPrefix }}/message-router/dmaap/cadi.properties
- name: mykey
- hostPath:
- path: /dockerdata-nfs/{{ .Values.nsPrefix }}/message-router/dmaap/mykey
+ secret:
+ secretName: secret-{{ .Values.nsPrefix }}-message-router
imagePullSecrets:
- name: "{{ .Values.nsPrefix }}-docker-registry-key"
imagePullSecrets:
- name: "{{ .Values.nsPrefix }}-docker-registry-key"
volumeMounts:
- mountPath: /shared
name: mso
volumeMounts:
- mountPath: /shared
name: mso
+ - mountPath: /shared/aai.crt
+ name: mso-aai-crt
+ - mountPath: /shared/encryption.key
+ name: mso-key
- mountPath: /docker-files
name: mso-docker-files
env:
- mountPath: /docker-files
name: mso-docker-files
env:
- name: mso-docker-files
hostPath:
path: /dockerdata-nfs/{{ .Values.nsPrefix }}/mso/docker-files
- name: mso-docker-files
hostPath:
path: /dockerdata-nfs/{{ .Values.nsPrefix }}/mso/docker-files
+ - name: mso-aai-crt
+ secret:
+ secretName: secret-{{ .Values.nsPrefix }}-mso
+ - name: mso-key
+ secret:
+ secretName: secret-{{ .Values.nsPrefix }}-mso
imagePullSecrets:
- name: "{{ .Values.nsPrefix }}-docker-registry-key"
imagePullSecrets:
- name: "{{ .Values.nsPrefix }}-docker-registry-key"
kubectl --namespace $1-$2 create secret docker-registry $3 --docker-server=$4 --docker-username=$5 --docker-password=$6 --docker-email=$7
}
kubectl --namespace $1-$2 create secret docker-registry $3 --docker-server=$4 --docker-username=$5 --docker-password=$6 --docker-email=$7
}
+create_certs_secret() {
+ if [ -d $LOCATION/config/certs/$i/ ]; then
+ printf "\nCreating certs and keys secret **********\n"
+ _CERTS_FILES=$(find $LOCATION/config/certs/$2/ -type f | awk '$0="--from-file="$0' ORS=' ')
+ kubectl create secret generic secret-$1-$2 $_CERTS_FILES -n $1-$2
+ fi
+}
+
create_onap_helm() {
HELM_VALUES_ADDITION=""
if [[ ! -z $HELM_VALUES_FILEPATH ]]; then
create_onap_helm() {
HELM_VALUES_ADDITION=""
if [[ ! -z $HELM_VALUES_FILEPATH ]]; then
printf "\nCreating registry secret **********\n"
create_registry_key $NS $i ${NS}-docker-registry-key $ONAP_DOCKER_REGISTRY $DU $DP $ONAP_DOCKER_MAIL
printf "\nCreating registry secret **********\n"
create_registry_key $NS $i ${NS}-docker-registry-key $ONAP_DOCKER_REGISTRY $DU $DP $ONAP_DOCKER_MAIL
+ create_certs_secret $NS $i
+
printf "\nCreating deployments and services **********\n"
create_onap_helm $NS $i $start
printf "\nCreating deployments and services **********\n"
create_onap_helm $NS $i $start
kubectl --namespace $1-$2 delete secret ${1}-docker-registry-key
}
kubectl --namespace $1-$2 delete secret ${1}-docker-registry-key
}
+delete_certs_secret() {
+ if [ -d $LOCATION/config/certs/$i/ ]; then
+ kubectl delete secret secret-$1-$2 -n $1-$2
+ fi
+}
+
+
delete_app_helm() {
helm delete $1-$2 --purge
}
delete_app_helm() {
helm delete $1-$2 --purge
}
-while getopts ":n:u:s:a:" PARAM; do
+while getopts ":n:u:s:a:l:" PARAM; do
+ l)
+ LOCATION=${OPTARG}
+ ;;
for i in ${HELM_APPS[@]}; do
for i in ${HELM_APPS[@]}; do
+ delete_certs_secret $NS $i
delete_app_helm $NS $i
delete_namespace $NS $i
delete_app_helm $NS $i
delete_namespace $NS $i
volumeMounts:
- mountPath: /tmp/policy-install/config
name: drools
volumeMounts:
- mountPath: /tmp/policy-install/config
name: drools
+ - mountPath: /tmp/policy-install/config/policy-keystore
+ name: drools-keystore
- mountPath: /usr/share/maven/conf/settings.xml
name: drools-settingsxml
volumes:
- mountPath: /usr/share/maven/conf/settings.xml
name: drools-settingsxml
volumes:
- name: drools
hostPath:
path: /dockerdata-nfs/{{ .Values.nsPrefix }}/policy/opt/policy/config/drools/
- name: drools
hostPath:
path: /dockerdata-nfs/{{ .Values.nsPrefix }}/policy/opt/policy/config/drools/
+ - name: drools-keystore
+ secret:
+ secretName: secret-{{ .Values.nsPrefix }}-policy
imagePullSecrets:
- name: "{{ .Values.nsPrefix }}-docker-registry-key"
imagePullSecrets:
- name: "{{ .Values.nsPrefix }}-docker-registry-key"