Merge "[DMAAP] DMaaP ServiceMesh compatibility"

[oom.git] / kubernetes / cli / values.yaml

diff --git a/kubernetes/cli/values.yaml b/kubernetes/cli/values.yaml
index 6e711c5..58c649c 100644 (file)
--- a/kubernetes/cli/values.yaml
+++ b/kubernetes/cli/values.yaml
@@ -17,11 +17,49 @@
 #################################################################
 global:
   nodePortPrefix: 302
+
+#################################################################
+# Certificate configuration
+#################################################################
+certInitializer:
+  nameOverride: cli-cert-initializer
+  aafDeployFqi: deployer@people.osaaf.org
+  aafDeployPass: demo123456!
+  # aafDeployCredsExternalSecret: some secret
+  fqdn: "cli"
+  app_ns: "org.osaaf.aaf"
+  fqi_namespace: "org.onap.cli"
+  fqi: "cli@cli.onap.org"
+  public_fqdn: "aaf.osaaf.org"
+  cadi_longitude: "0.0"
+  cadi_latitude: "0.0"
+  credsPath: /opt/app/osaaf/local
+  aaf_add_config: |
+    echo "*** transform AAF certs into pem files"
+    mkdir -p {{ .Values.credsPath }}/certs
+    keytool -exportcert -rfc -file {{ .Values.credsPath }}/certs/cacert.pem \
+      -keystore {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.trust.jks \
+      -alias ca_local_0 \
+      -storepass $cadi_truststore_password
+    openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \
+      -nokeys -out {{ .Values.credsPath }}/certs/cert.pem \
+      -passin pass:$cadi_keystore_password_p12 \
+      -passout pass:$cadi_keystore_password_p12
+    echo "*** generating needed file"
+    cat {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key \
+        {{ .Values.credsPath }}/certs/cert.pem \
+        {{ .Values.credsPath }}/certs/cacert.pem \
+        > {{ .Values.credsPath }}/certs/fullchain.pem;
+    cat {{ .Values.credsPath }}/certs/fullchain.pem
+    echo "*** change ownership of certificates to targeted user"
+    chown -R 33 {{ .Values.credsPath }}
+
+
 #################################################################
 # Application configuration defaults.
 #################################################################
 # application image
-image: onap/cli:6.0.0
+image: onap/cli:6.0.1
 pullPolicy: Always
 flavor: small
 
@@ -52,9 +90,9 @@ service:
   type: NodePort
   name: cli
   externalPort: 443
-  externalPort1: 9090
+  externalPort1: 9443
   internalPort: "443"
-  internalPort1: 9090
+  internalPort1: 9443
   nodePort: "60"
   nodePort1: "71"
 
@@ -66,7 +104,7 @@ ingress:
       port: 443
     - baseaddr: "cli2.api"
       name: cli
-      port: 9090
+      port: 9443
   config:
     ssl: "redirect"
 
@@ -88,3 +126,9 @@ resources:
       cpu: 2
       memory: 4Gi
   unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+  nameOverride: cli
+  roles:
+    - read