From: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Date: Fri, 28 May 2021 19:52:04 +0000 (+0000)
Subject: Merge "[DCAEGEN2] Update CMPv2 certs usage in dcaegen2-services"
X-Git-Tag: 9.0.0~244
X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=84b962398213641e656e8d1750b83f480f531563;hp=-c;p=oom.git

Merge "[DCAEGEN2] Update CMPv2 certs usage in dcaegen2-services"
---

84b962398213641e656e8d1750b83f480f531563
diff --combined kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
index 4554b50de8,1e7c3b4c70..310d9ae662
--- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
+++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
@@@ -274,10 -274,6 +274,10 @@@ spec
          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
          name: {{ include "common.name" . }}
          env:
 +        {{- range $cred := .Values.credentials }}
 +        - name: {{ $cred.name }}
 +          {{- include "common.secret.envFromSecretFast" (dict "global" $ "uid" $cred.uid "key" $cred.key) | indent 10 }}
 +        {{- end }}
          {{- if $certDir }}
          - name: DCAE_CA_CERTPATH
            value: {{ $certDir }}/cacert.pem
@@@ -321,8 -317,6 +321,8 @@@
          volumeMounts:
          - mountPath: /app-config
            name: app-config
 +        - mountPath: /app-config-input
 +          name: app-config-input
          {{- if $logDir }}
          - mountPath: {{ $logDir}}
            name: component-log
@@@ -330,7 -324,7 +330,7 @@@
          {{- if $certDir }}
          - mountPath: {{ $certDir }}
            name: tls-info
-           {{- if and .Values.certificates .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration -}}
+           {{- if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}}
            {{- include "common.certManager.volumeMountsReadOnly" . | nindent 8 -}}
            {{- end -}}
          {{- end }}
@@@ -428,7 -422,7 +428,7 @@@
        {{- if $certDir }}
        - emptyDir: {}
          name: tls-info
-         {{ if and .Values.certificates .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration -}}
+         {{ if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}}
          {{ include "common.certManager.volumesReadOnly" . | nindent 6 }}
          {{- end }}
        {{- end }}
@@@ -449,7 -443,7 +449,7 @@@
  */}}
  {{- define "dcaegen2-services-common._certPostProcessor" -}}
    {{- $certDir := default "" .Values.certDirectory . -}}
-   {{- if and $certDir .Values.certificates .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration -}}
+   {{- if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}}
      {{- $cmpv2Certificate := (index .Values.certificates 0) -}}
      {{- $cmpv2CertificateDir := $cmpv2Certificate.mountPath -}}
      {{- $certType := "pem" -}}
@@@ -486,3 -480,16 +486,16 @@@
        value: {{ $keystoreDestinationPaths | quote }}
    {{- end }}
  {{- end -}}
+ 
+ {{/*
+   Template returns string "true" if CMPv2 certificates should be used and nothing (so it can be used in with statements)
+   when they shouldn't. Example use:
+     {{- if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}}
+ 
+ */}}
+ {{- define "dcaegen2-services-common.shouldUseCmpv2Certificates" -}}
+   {{- $certDir := default "" .Values.certDirectory . -}}
+   {{- if (and $certDir .Values.certificates .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration .Values.useCmpv2Certificates) -}}
+   true
+   {{- end -}}
+ {{- end -}}
diff --combined kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
index a675db6797,32f5072309..9e08ea1a69
--- a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
@@@ -41,7 -41,7 +41,7 @@@ certPostProcessorImage: onap/org.onap.o
  # Application configuration defaults.
  #################################################################
  # application image
 -image: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.8.0
 +image: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.9.2
  pullPolicy: Always
  
  # log directory where logging sidecar should look for log files
@@@ -58,8 -58,13 +58,13 @@@ certDirectory: /opt/app/dcae-certificat
  tlsServer: true
  
  # CMPv2 certificate
- # It is used only when global parameter cmpv2Enabled is true
+ # It is used only when:
+ # - certDirectory is set
+ # - global cmpv2Enabled flag is set to true
+ # - global CertManagerIntegration flag is set to true
+ # - flag useCmpv2Certificates is set to true
  # Disabled by default
+ useCmpv2Certificates: false
  certificates:
    - mountPath: /opt/app/dcae-certificate/external
      commonName: dcae-ves-collector