1 {{- define "so.certificate.container_importer" -}}
2 {{- $dot := default . .dot -}}
3 {{- $initRoot := default $dot.Values.soHelpers .initRoot -}}
4 {{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }}
5 {{ include "common.certInitializer.initContainer" $subchartDot }}
6 {{- if $dot.Values.global.aafEnabled }}
7 - name: {{ include "common.name" $dot }}-msb-cert-importer
8 image: {{ include "repositoryGenerator.repository" $subchartDot }}/{{ $dot.Values.global.aafAgentImage }}
9 imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $subchartDot.Values.pullPolicy }}
15 export $(grep '^c' {{ $subchartDot.Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
16 keytool -import -trustcacerts -alias msb_root -file \
17 /certificates/msb-ca.crt -keystore \
18 "{{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }}" \
19 -storepass $cadi_truststore_password -noprompt
21 if [ "${EXIT_VALUE}" != "0" ]
23 echo "issue with password: $cadi_truststore_password"
26 keytool -importkeystore -srckeystore "{{ $subchartDot.Values.certInitializer.credsPath }}/truststoreONAPall.jks" \
27 -srcstorepass {{ $subchartDot.Values.certInitializer.trustStoreAllPass }} \
28 -destkeystore "{{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }}" \
29 -deststorepass $cadi_truststore_password -noprompt
34 {{ include "common.certInitializer.volumeMount" $subchartDot | indent 2 | trim }}
35 - name: {{ include "common.name" $dot }}-msb-certificate
36 mountPath: /certificates
40 {{- define "so.certificate.volumes" -}}
41 {{- $dot := default . .dot -}}
42 {{- $initRoot := default $dot.Values.soHelpers .initRoot -}}
43 {{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }}
44 {{ include "common.certInitializer.volumes" $subchartDot }}
45 {{- if $dot.Values.global.aafEnabled }}
46 - name: {{ include "common.name" $dot }}-msb-certificate
48 secretName: {{ include "common.secret.getSecretNameFast" (dict "global" $subchartDot "uid" "so-onap-certs") }}
52 {{- define "so.certificate.volumeMount" -}}
53 {{- $dot := default . .dot -}}
54 {{- $initRoot := default $dot.Values.soHelpers .initRoot -}}
55 {{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }}
56 {{ include "common.certInitializer.volumeMount" $subchartDot }}
59 {{- define "so.certificates.env" -}}
60 {{- $dot := default . .dot -}}
61 {{- $initRoot := default $dot.Values.soHelpers .initRoot -}}
62 {{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }}
63 {{- if $dot.Values.global.aafEnabled }}
65 value: {{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }}
66 {{- if $dot.Values.global.security.aaf.enabled }}
68 value: {{ $subchartDot.Values.certInitializer.credsPath }}/org.onap.so.p12