From ef766403ef1436c9462c2c00da83a8b29fca3b53 Mon Sep 17 00:00:00 2001
From: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Date: Thu, 11 Feb 2021 18:12:46 +0100
Subject: [PATCH] [AAF] Give `identities.dat` to working deployments

Today, `identities.dat` is put on cassandra deployment. But this file is
actually needed by "working" deployments (at least certman and service)
and not by cassandra.
This patch removes it from cassandra deployments and add it to the other
ones form "authz" family.

Issue-ID: OOM-2678
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I2a4b68f73797cd6c369060481e169525829a4217
---
 .../components/aaf-cass/templates/configmap.yaml   | 13 ------------
 .../components/aaf-cass/templates/deployment.yaml  | 23 ++--------------------
 .../aaf-templates/templates/_deployment.tpl        |  7 +++++++
 .../aaf-templates/templates/_initContainers.tpl    | 10 +++++++++-
 .../data}/identities.dat                           |  0
 kubernetes/aaf/templates/configmap.yaml            | 15 +++++++++++++-
 6 files changed, 32 insertions(+), 36 deletions(-)
 rename kubernetes/aaf/{components/aaf-cass/resources/cass-init-data => resources/data}/identities.dat (100%)

diff --git a/kubernetes/aaf/components/aaf-cass/templates/configmap.yaml b/kubernetes/aaf/components/aaf-cass/templates/configmap.yaml
index ebf09e75c5..a10bb8a7a1 100644
--- a/kubernetes/aaf/components/aaf-cass/templates/configmap.yaml
+++ b/kubernetes/aaf/components/aaf-cass/templates/configmap.yaml
@@ -30,16 +30,3 @@ metadata:
     heritage: {{ .Release.Service }}
 data:
 {{ tpl (.Files.Glob "resources/cass-init-dats/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ include "common.fullname" . }}-cass-init-data
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/cass-init-data/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/aaf/components/aaf-cass/templates/deployment.yaml b/kubernetes/aaf/components/aaf-cass/templates/deployment.yaml
index e62d387a0a..4e18b3b746 100644
--- a/kubernetes/aaf/components/aaf-cass/templates/deployment.yaml
+++ b/kubernetes/aaf/components/aaf-cass/templates/deployment.yaml
@@ -31,17 +31,9 @@ spec:
         args:
         - -c
         - |
-          echo "*** input data ***"
-          ls -l /config-input-data/*
-          echo "*** input dats ***"
-          ls -l /config-input-dats/*
-          cp -L /config-input-data/* /config-data/
+          echo "*** Move files from configmap to emptyDir"
           cp -L /config-input-dats/* /config-dats/
-          echo "*** output data ***"
-          ls -l /config-data/*
-          echo "*** output dats ***"
-          ls -l /config-dats/*
-          chown -R 1000:1000 /config-data
+          echo "*** set righ user to the different folders"
           chown -R 1000:1000 /config-dats
           chown -R 1000:1000 /var/lib/cassandra
           chown -R 1000:1000 /status
@@ -50,14 +42,10 @@ spec:
         volumeMounts:
           - mountPath: /var/lib/cassandra
             name: aaf-cass-vol
-          - mountPath: /config-input-data
-            name: config-cass-init-data
           - mountPath: /config-input-dats
             name: config-cass-init-dats
           - mountPath: /config-dats
             name: config-cass-dats
-          - mountPath: /config-data
-            name: config-cass-data
           - mountPath: /status
             name: aaf-status
         resources:
@@ -103,8 +91,6 @@ spec:
         - mountPath: /etc/localtime
           name: localtime
           readOnly: true
-        - mountPath: /opt/app/aaf/cass_init/data
-          name: config-cass-data
         - mountPath: /opt/app/aaf/cass_init/dats
           name: config-cass-dats
         - mountPath: /opt/app/aaf/status
@@ -144,12 +130,7 @@ spec:
       - name: config-cass-init-dats
         configMap:
           name: {{ include "common.fullname" . }}-cass-init-dats
-      - name: config-cass-init-data
-        configMap:
-          name: {{ include "common.fullname" . }}-cass-init-data
       - name: config-cass-dats
         emptyDir: {}
-      - name: config-cass-data
-        emptyDir: {}
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl b/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl
index afa5004a48..50da519a89 100644
--- a/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl
+++ b/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl
@@ -40,6 +40,8 @@ spec:
         - mountPath: /opt/app/osaaf/etc/org.osaaf.aaf.log4j.props
           name: aaf-log
           subPath: org.osaaf.aaf.log4j.props
+        - mountPath: /opt/app/osaaf/data/
+          name: config-identity
         {{- if eq .Values.liveness.enabled true }}
         livenessProbe:
           tcpSocket:
@@ -68,6 +70,11 @@ spec:
       - name: aaf-log
         configMap:
           name: {{ include "common.release" . }}-aaf-log
+      - name: config-init-identity
+        configMap:
+          name: {{ include "common.release" . }}-aaf-identity
+      - name: config-identity
+        emptyDir: {}
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"
 {{- end -}}
diff --git a/kubernetes/aaf/components/aaf-templates/templates/_initContainers.tpl b/kubernetes/aaf/components/aaf-templates/templates/_initContainers.tpl
index 7cdf4d072e..755315296d 100644
--- a/kubernetes/aaf/components/aaf-templates/templates/_initContainers.tpl
+++ b/kubernetes/aaf/components/aaf-templates/templates/_initContainers.tpl
@@ -15,12 +15,16 @@
 */}
 
 {{- define "aaf.permissionFixer" -}}
-- name: fix-permission
+- name: onboard-identity-and-fix-permission
   command:
   - /bin/sh
   args:
   - -c
   - |
+    echo "*** Move files from configmap to emptyDir"
+    cp -L /config-input-identity/* /config-identity/
+    echo "*** set righ user to the different folders"
+    chown -R 1000:1000 /config-identity
     chown -R 1000:1000 /opt/app/aaf
     chown -R 1000:1000 /opt/app/osaaf
   image: {{ include "repositoryGenerator.image.busybox" . }}
@@ -28,6 +32,10 @@
   volumeMounts:
   - mountPath: /opt/app/osaaf
     name: aaf-config-vol
+  - mountPath: /config-input-identity
+    name: config-init-identity
+  - mountPath: /config-identity
+    name: config-identity
   resources:
     limits:
       cpu: 100m
diff --git a/kubernetes/aaf/components/aaf-cass/resources/cass-init-data/identities.dat b/kubernetes/aaf/resources/data/identities.dat
similarity index 100%
rename from kubernetes/aaf/components/aaf-cass/resources/cass-init-data/identities.dat
rename to kubernetes/aaf/resources/data/identities.dat
diff --git a/kubernetes/aaf/templates/configmap.yaml b/kubernetes/aaf/templates/configmap.yaml
index 36628ea57a..969046551b 100644
--- a/kubernetes/aaf/templates/configmap.yaml
+++ b/kubernetes/aaf/templates/configmap.yaml
@@ -23,4 +23,17 @@ metadata:
     release: {{ include "common.release" . }}
     heritage: {{ .Release.Service }}
 data:
-{{ tpl (.Files.Glob "resources/log/*").AsConfig . | indent 2 }}
\ No newline at end of file
+{{ tpl (.Files.Glob "resources/log/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-identity
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ include "common.release" . }}
+    heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/data/*").AsConfig . | indent 2 }}
\ No newline at end of file
-- 
2.16.6