Merge "[AAI] Remove unused AAF proxies"

[oom.git] / kubernetes / aai / values.yaml

diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml
index 0550730..516dcc4 100644 (file)
--- a/kubernetes/aai/values.yaml
+++ b/kubernetes/aai/values.yaml
@@ -274,6 +274,44 @@ global: # global defaults
         # since when this is enabled, it prints a lot of information to console
         enabled: false
 
+#################################################################
+# Certificate configuration
+#################################################################
+certInitializer:
+  nameOverride: aai-cert-initializer
+  aafDeployFqi: deployer@people.osaaf.org
+  aafDeployPass: demo123456!
+  # aafDeployCredsExternalSecret: some secret
+  fqdn: "aai"
+  app_ns: "org.osaaf.aaf"
+  fqi_namespace: "org.onap.aai"
+  fqi: "aai@aai.onap.org"
+  public_fqdn: "aaf.osaaf.org"
+  cadi_longitude: "0.0"
+  cadi_latitude: "0.0"
+  credsPath: /opt/app/osaaf/local
+  aaf_add_config: |
+    echo "*** retrieving passwords from AAF"
+    /opt/app/aaf_config/bin/agent.sh local showpass \
+      {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
+    export $(grep '^c' {{ .Values.credsPath }}/mycreds.prop | xargs -0)
+    echo "*** transform AAF certs into pem files"
+    mkdir -p {{ .Values.credsPath }}/certs
+    keytool -exportcert -rfc -file {{ .Values.credsPath }}/certs/cacert.pem \
+      -keystore {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.trust.jks \
+      -alias ca_local_0 \
+      -storepass $cadi_truststore_password
+    openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \
+      -nokeys -out {{ .Values.credsPath }}/certs/cert.pem \
+      -passin pass:$cadi_keystore_password_p12 \
+      -passout pass:$cadi_keystore_password_p12
+    echo "*** generating needed file"
+    cat {{ .Values.credsPath }}/certs/cert.pem \
+        {{ .Values.credsPath }}/certs/cacert.pem \
+        {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key \
+        > {{ .Values.credsPath }}/certs/fullchain.pem;
+    chown 1001 {{ .Values.credsPath }}/certs/*
+
 # application image
 dockerhubRepository: registry.hub.docker.com
 image: aaionap/haproxy:1.4.2