Adjust DFC collector to use certificates from CMPv2

author Tomasz Wrobel <tomasz.wrobel@nokia.com>

Tue, 15 Sep 2020 13:13:23 +0000 (15:13 +0200)

committer Joanna Jeremicz <joanna.jeremicz@nokia.com>

Wed, 30 Dec 2020 12:43:32 +0000 (13:43 +0100)
author Tomasz Wrobel <tomasz.wrobel@nokia.com>
Tue, 15 Sep 2020 13:13:23 +0000 (15:13 +0200)
committer Joanna Jeremicz <joanna.jeremicz@nokia.com>
Wed, 30 Dec 2020 12:43:32 +0000 (13:43 +0100)
diff --git a/blueprints/k8s-datafile.yaml b/blueprints/k8s-datafile.yaml

index fda3c3d..c545b13 100644 (file)
--- a/blueprints/k8s-datafile.yaml
+++ b/blueprints/k8s-datafile.yaml
@@ -17,16 +17,16 @@ inputs:
      default: "/opt/app/datafile/etc/cert/"
    datafile-collector_cpu_limit:
      type: string
-    default: "250m"
+    default: "500m"
    datafile-collector_cpu_request:
      type: string
-    default: "250m"
+    default: "500m"
    datafile-collector_memory_limit:
      type: string
-    default: "512Mi"
+    default: "768Mi"
    datafile-collector_memory_request:
      type: string
-    default: "512Mi"
+    default: "768Mi"
    envs:
      default: {}
    external_port:
@@ -57,6 +57,28 @@ inputs:
    use_tls:
      type: boolean
      default: true
+  external_cert_ca_name:
+    type: string
+    description: Name of Certificate Authority configured on CertService side.
+    default: "RA"
+  external_cert_cert_type:
+    type: string
+    description: Format of provided certificates
+    default: "P12"
+  external_cert_common_name:
+    type: string
+    description: Common name which should be present in certificate.
+    default: "dcae-datafile-collector"
+  external_cert_sans:
+    type: string
+    description: '"List of Subject Alternative Names (SANs) which should be present
+      in certificate. Delimiter - , Should contain common_name value and other FQDNs
+      under which given component is accessible."'
+    default: "dcae-datafile-collector,datafile-collector,datafile"
+  external_cert_use_external_tls:
+    type: boolean
+    description: Flag to indicate external tls enable/disable.
+    default: false
  node_templates:
    datafile-collector:
      type: dcae.nodes.ContainerizedServiceComponentUsingDmaap
@@ -120,6 +142,20 @@ node_templates:
            get_input: cert_directory
          use_tls:
            get_input: use_tls
+      external_cert:
+        external_cert_directory:
+          get_input: cert_directory
+        use_external_tls:
+          get_input: external_cert_use_external_tls
+        ca_name:
+          get_input: external_cert_ca_name
+        cert_type:
+          get_input: external_cert_cert_type
+        external_certificate_parameters:
+          common_name:
+            get_input: external_cert_common_name
+          sans:
+            get_input: external_cert_sans
        resource_config:
          limits:
            cpu:
diff --git a/pom.xml b/pom.xml

index f58846e..a3958ff 100644 (file)
--- a/pom.xml
+++ b/pom.xml
@@ -29,7 +29,7 @@ ECOMP is a trademark and service mark of AT&T Intellectual Property.
    <groupId>org.onap.dcaegen2.deployments</groupId>
    <artifactId>k8s-bootstrap-container</artifactId>
    <name>dcaegen2-deployments-k8s-bootstrap-container</name>
-  <version>2.2.3-SNAPSHOT</version>
+  <version>2.2.4-SNAPSHOT</version>
    <url>http://maven.apache.org</url>
    <packaging>pom</packaging>
  
diff --git a/version.properties b/version.properties

index 703b401..f79400f 100644 (file)
--- a/version.properties
+++ b/version.properties
@@ -1,6 +1,6 @@
  major=2\r
  minor=2\r
-patch=3\r
+patch=4\r
  base_version=${major}.${minor}.${patch}\r
  release_version=${base_version}\r
  snapshot_version=${base_version}-SNAPSHOT\r
author	Tomasz Wrobel <tomasz.wrobel@nokia.com>
	Tue, 15 Sep 2020 13:13:23 +0000 (15:13 +0200)
committer	Joanna Jeremicz <joanna.jeremicz@nokia.com>
	Wed, 30 Dec 2020 12:43:32 +0000 (13:43 +0100)
blueprints/k8s-datafile.yaml		patch \| blob \| history
pom.xml		patch \| blob \| history
version.properties		patch \| blob \| history