moving certs and keys to k8s secrets

author Keren Joseph <keren.joseph@amdocs.com>

Tue, 12 Sep 2017 07:13:15 +0000 (10:13 +0300)

committer Keren Joseph <keren.joseph@amdocs.com>

Tue, 12 Sep 2017 10:24:47 +0000 (13:24 +0300)
author Keren Joseph <keren.joseph@amdocs.com>
Tue, 12 Sep 2017 07:13:15 +0000 (10:13 +0300)
committer Keren Joseph <keren.joseph@amdocs.com>
Tue, 12 Sep 2017 10:24:47 +0000 (13:24 +0300)
diff --git a/templates/data-router-deployment.yaml b/templates/data-router-deployment.yaml

index f823061..0033208 100644 (file)
--- a/templates/data-router-deployment.yaml
+++ b/templates/data-router-deployment.yaml
@@ -35,6 +35,10 @@ spec:
          volumeMounts:
          - mountPath: /opt/app/data-router/config/
            name: data-router-config
+        - mountPath: /opt/app/data-router/config/auth/tomcat_keystore
+          name: data-router-tomcat-key
+        - mountPath: /opt/app/data-router/config/auth/client-cert-onap.p12 
+          name: data-router-client-cert
          - mountPath: /opt/app/data-router/dynamic/
            name: data-router-dynamic
          - mountPath: /logs/
@@ -56,6 +60,12 @@ spec:
        - name: data-router-logs
          hostPath:
            path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/data-router/logs/"
+      - name: data-router-tomcat-key
+        secret:
+          secretName: secret-{{ .Values.nsPrefix }}-aai
+      - name: data-router-client-cert
+        secret:
+          secretName: secret-{{ .Values.nsPrefix }}-aai
        restartPolicy: Always
        imagePullSecrets:
        - name: "{{ .Values.nsPrefix }}-docker-registry-key"
diff --git a/templates/modelloader-deployment.yaml b/templates/modelloader-deployment.yaml

index 5391273..ec6a917 100644 (file)
--- a/templates/modelloader-deployment.yaml
+++ b/templates/modelloader-deployment.yaml
@@ -20,6 +20,8 @@ spec:
          volumeMounts:
          - mountPath: /opt/app/model-loader/config/
            name: aai-model-loader-config
+        - mountPath: /opt/app/model-loader/config/auth/aai-os-cert.p12
+          name: aai-os-cert
          - mountPath: /logs/
            name: aai-model-loader-logs
          image: "{{ .Values.image.modelLoaderImage }}:{{ .Values.image.modelLoaderVersion }}"
@@ -35,6 +37,9 @@ spec:
        - name: aai-model-loader-logs
          hostPath:
            path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/model-loader/logs/"
+      - name: aai-os-cert
+        secret:
+          secretName: secret-{{ .Values.nsPrefix }}-aai
        restartPolicy: Always
        imagePullSecrets:
        - name: "{{ .Values.nsPrefix }}-docker-registry-key"
diff --git a/templates/search-data-service-deployment.yaml b/templates/search-data-service-deployment.yaml

index f2db937..8f4acef 100644 (file)
--- a/templates/search-data-service-deployment.yaml
+++ b/templates/search-data-service-deployment.yaml
@@ -27,6 +27,8 @@ spec:
          volumeMounts:
          - mountPath: /opt/app/search-data-service/config/
            name: aai-search-data-service-config
+        - mountPath: /opt/app/search-data-service/config/auth/tomcat_keystore
+          name: aai-tomcat-key
          - mountPath: /logs/
            name: aai-search-data-service-logs
          ports:
@@ -40,6 +42,9 @@ spec:
        - name: aai-search-data-service-config
          hostPath:
            path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/search-data-service/appconfig/"
+      - name: aai-tomcat-key
+        secret:
+          secretName: secret-{{ .Values.nsPrefix }}-aai
        - name: aai-search-data-service-logs
          hostPath:
            path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/search-data-service/logs/"
diff --git a/templates/sparky-be-deployment.yaml b/templates/sparky-be-deployment.yaml

index 6a8ff93..f4c44e2 100644 (file)
--- a/templates/sparky-be-deployment.yaml
+++ b/templates/sparky-be-deployment.yaml
@@ -27,6 +27,12 @@ spec:
          volumeMounts:
          - mountPath: /opt/app/sparky/config/
            name: aai-sparky-be-config
+        - mountPath: /opt/app/sparky/config/auth/client-cert-onap.p12 
+          name: aai-sparky-be-client-cert
+        - mountPath: /opt/app/sparky/config/auth/aai-os-cert.p12
+          name: aai-sparky-be-aai-os-cert
+        - mountPath: /opt/app/sparky/config/auth/inventory-ui-keystore
+          name: aai-sparky-be-inventory-key
          - mountPath: /logs/
            name: aai-sparky-be-logs
          ports:
@@ -43,6 +49,15 @@ spec:
        - name: aai-sparky-be-logs
          hostPath:
            path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/sparky-be/logs/"
+      - name: aai-sparky-be-client-cert
+        secret:
+          secretName: secret-{{ .Values.nsPrefix }}-aai
+      - name: aai-sparky-be-aai-os-cert
+        secret:
+          secretName: secret-{{ .Values.nsPrefix }}-aai
+      - name: aai-sparky-be-inventory-key
+        secret:
+          secretName: secret-{{ .Values.nsPrefix }}-aai
        restartPolicy: Always
        imagePullSecrets:
        - name: "{{ .Values.nsPrefix }}-docker-registry-key"
author	Keren Joseph <keren.joseph@amdocs.com>
	Tue, 12 Sep 2017 07:13:15 +0000 (10:13 +0300)
committer	Keren Joseph <keren.joseph@amdocs.com>
	Tue, 12 Sep 2017 10:24:47 +0000 (13:24 +0300)
templates/data-router-deployment.yaml		patch \| blob \| history
templates/modelloader-deployment.yaml		patch \| blob \| history
templates/search-data-service-deployment.yaml		patch \| blob \| history
templates/sparky-be-deployment.yaml		patch \| blob \| history