[SO] Remove so-secret component

[oom.git] / kubernetes / so / components / so-etsi-nfvo-ns-lcm / templates / deployment.yaml

diff --git a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/deployment.yaml b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/deployment.yaml
index fbba76f..bf770bb 100644 (file)
--- a/kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/deployment.yaml
+++ b/kubernetes/so/components/so-etsi-nfvo-ns-lcm/templates/deployment.yaml
@@ -1,3 +1,4 @@
+{{/*
 # Copyright © 2020 Nordix Foundation
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -11,6 +12,7 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
+*/}}
 
 apiVersion: apps/v1
 kind: Deployment
@@ -40,7 +42,7 @@ spec:
               export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0)
               export TRUSTSTORE_PASSWORD="${cadi_truststore_password}"
               {{- if .Values.global.security.aaf.enabled }}
-              export KEYSTORE_PASSWORD="${cadi_keystore_password}"
+              export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}"
               {{- end }}
               {{- end }}
               ./start-app.sh
@@ -51,6 +53,24 @@ spec:
               {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "etsi-nfvo-nslcm-creds" "key" "login") | indent 14 }}
             - name: ETSI_NFVO_PASSWORD_INPUT
               {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "etsi-nfvo-nslcm-creds" "key" "password") | indent 14 }}
+            - name: DB_HOST
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "common.release" . }}-so-db-secrets
+                  key: mariadb.readwrite.host
+            - name: DB_PORT
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "common.release" . }}-so-db-secrets
+                  key: mariadb.readwrite.port
+            - name: DB_USERNAME
+              {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 14 }}
+            - name: DB_PASSWORD
+              {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "password") | indent 14 }}
+            - name: DB_ADMIN_USERNAME
+              {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 14 }}
+            - name: DB_ADMIN_PASSWORD
+              {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 14 }}
             {{ include "so.certificates.env" . | indent 12 | trim }}
           envFrom:
             - configMapRef:
@@ -62,9 +82,6 @@ spec:
             - name: config
               mountPath: /app/config
               readOnly: true
-            - name: {{ include "common.fullname" . }}-truststore
-              mountPath: /app/client
-              readonly: true
           livenessProbe:
             tcpSocket:
               port: {{ index .Values.livenessProbe.port }}
@@ -79,8 +96,5 @@ spec:
         - name: config
           configMap:
             name: {{ include "common.fullname" . }}-app-configmap
-        - name: {{ include "common.fullname" . }}-truststore
-          secret:
-            secretName: {{ include "common.release" . }}-so-truststore-secret
       imagePullSecrets:
         - name: "{{ include "common.namespace" . }}-docker-registry-key"