[DMAAP] Use common aaf template in dmaap-bc

Instead of copy-pasting code around aaf_agent usage let's use a common
template that automates this.

Issue-ID: AAF-1134
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I42bb5a8840701dfd99488df9913a5ffd01b17f64

diff --git a/kubernetes/dmaap/components/dmaap-bc/requirements.yaml b/kubernetes/dmaap/components/dmaap-bc/requirements.yaml
index e0d80e7..656fee7 100644 (file)
--- a/kubernetes/dmaap/components/dmaap-bc/requirements.yaml
+++ b/kubernetes/dmaap/components/dmaap-bc/requirements.yaml
@@ -16,6 +16,9 @@ dependencies:
   - name: common
     version: ~6.x-0
     repository: '@local'
+  - name: certInitializer
+    version: ~6.x-0
+    repository: '@local'
   - name: postgres
     version: ~6.x-0
     repository: '@local'

diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/aaf/org.onap.dmaap-bc.props b/kubernetes/dmaap/components/dmaap-bc/resources/aaf/org.onap.dmaap-bc.props
deleted file mode 100644 (file)
index 3c29073..0000000
--- a/kubernetes/dmaap/components/dmaap-bc/resources/aaf/org.onap.dmaap-bc.props
+++ /dev/null
@@ -1,15 +0,0 @@
-############################################################
-# Properties Generated by AT&T Certificate Manager
-#   by root
-#   on 2019-03-22T17:37:33.690+0000
-# @copyright 2016, AT&T
-############################################################
-aaf_env=DEV
-aaf_id=dmaap-bc@dmaap-bc.onap.org
-aaf_locate_url={{ .Values.aafLocateUrl }}
-aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1
-cadi_etc_dir=/opt/app/osaaf/local
-cadi_latitude=38.000
-cadi_longitude=-72.000
-cadi_prop_files=/opt/app/osaaf/local/org.onap.dmaap-bc.location.props:/opt/app/osaaf/local/org.onap.dmaap-bc.cred.props
-cm_url=https://AAF_LOCATE_URL/%CNS.%AAF_NS.cm:2.1

diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/configmap.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/configmap.yaml
index 46ef837..37d39ef 100644 (file)
--- a/kubernetes/dmaap/components/dmaap-bc/templates/configmap.yaml
+++ b/kubernetes/dmaap/components/dmaap-bc/templates/configmap.yaml
@@ -51,16 +51,3 @@ metadata:
     heritage: {{ .Release.Service }}
 data:
 {{ tpl (.Files.Glob "resources/dcaeLocations/*.json").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ include "common.fullname" . }}-aaf-config
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/aaf/*").AsConfig . | indent 2 }}
\ No newline at end of file

diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml
index ea2720f..e8bef02 100644 (file)
--- a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml
+++ b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml
@@ -24,63 +24,13 @@ spec:
 {{- if or .Values.global.aafEnabled .Values.PG.enabled }}
       initContainers:
 {{- if .Values.global.aafEnabled }}
-      - name: {{ include "common.name" . }}-aaf-readiness
-        command:
-        - /root/ready.py
-        args:
-        - --container-name
-        - aaf-locate
-        - --container-name
-        - aaf-cm
-        - --container-name
-        - aaf-service
-        env:
-        - name: NAMESPACE
-          valueFrom:
-            fieldRef:
-              apiVersion: v1
-              fieldPath: metadata.namespace
-        image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
-        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-      - name: {{ include "common.name" . }}-aaf-config
-        image: "{{ include "common.repository" . }}/{{ .Values.global.aafAgentImage }}"
-        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        command: ["bash","-c","exec /opt/app/aaf_config/bin/agent.sh"]
-        volumeMounts:
-        - mountPath: {{ .Values.persistence.aafCredsPath }}
-          name: {{ include "common.name" . }}-aaf-config-vol
-        env:
-        - name: APP_FQI
-          value: "{{ .Values.aafConfig.fqi }}"
-        - name: aaf_locate_url
-          value: "https://aaf-locate.{{ .Release.Namespace }}:8095"
-        - name: aaf_locator_container
-          value: "{{ .Values.global.aafLocatorContainer }}"
-        - name: aaf_locator_container_ns
-          value: "{{ .Release.Namespace }}"
-        - name: aaf_locator_fqdn
-          value: "{{ .Values.aafConfig.fqdn }}"
-        - name: aaf_locator_public_fqdn
-          value: "{{.Values.aafConfig.publicFqdn}}"
-        - name: aaf_locator_app_ns
-          value: "{{ .Values.global.aafAppNs }}"
-        - name: DEPLOY_FQI
-          value: "{{ .Values.aafConfig.aafDeployFqi }}"
-        - name: DEPLOY_PASSWORD
-          valueFrom:
-            secretKeyRef:
-              name: {{ include "common.fullname" . }}-secret
-              key: aaf-deploy-password
-        - name: cadi_longitude
-          value: "{{ .Values.aafConfig.cadiLongitude }}"
-        - name: cadi_latitude
-          value: "{{ .Values.aafConfig.cadiLatitude }}"
+
+{{ include "common.certInitializer.initContainer" . | nindent 6 }}
+
       - name: {{ include "common.name" . }}-permission-fixer
         image: "{{ .Values.global.busyBoxRepository }}/{{ .Values.global.busyBoxImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        volumeMounts:
-        - mountPath: {{ .Values.persistence.aafCredsPath }}
-          name: {{ include "common.name" . }}-aaf-config-vol
+        volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
         command: ["chown","-Rf","1000:1001", "/opt/app/"]
 #       See AAF-425 for explanation of why this is needed.
 #       This artifact is provisioned in AAF for both pks12 and jks format and apparently
@@ -89,9 +39,7 @@ spec:
       - name: {{ include "common.name" . }}-cred-fixer
         image: "{{ .Values.global.busyBoxRepository }}/{{ .Values.global.busyBoxImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        volumeMounts:
-        - mountPath: {{ .Values.persistence.aafCredsPath }}
-          name: {{ include "common.name" . }}-aaf-config-vol
+        volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
         command: ["/bin/sh"]
         args: [ "-c", "sed -i -e '/cadi_keystore_password=/d' -e '/cadi_keystore_password_jks/p' -e 's/cadi_keystore_password_jks/cadi_keystore_password/' -e 's/dmaap-bc.p12/dmaap-bc.jks/' /opt/app/osaaf/local/org.onap.dmaap-bc.cred.props" ]
 
@@ -134,12 +82,10 @@ spec:
               scheme: {{ if (include "common.needTLS" .) }}HTTPS{{ else }}HTTP{{ end }}
             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
             periodSeconds: {{ .Values.readiness.periodSeconds }}
-          volumeMounts:
+          volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
           - mountPath: /etc/localtime
             name: localtime
             readOnly: true
-          - mountPath: {{ .Values.persistence.aafCredsPath }}
-            name: {{ include "common.name" . }}-aaf-config-vol
 # NOTE: on the following several configMaps, careful to include / at end
 #       since there may be more than one file in each mountPath
           - name: {{ include "common.name" . }}-config
@@ -151,14 +97,12 @@ spec:
         {{- if .Values.affinity }}
         affinity: {{ toYaml .Values.affinity | nindent 10 }}
         {{- end }}
-      volumes:
+      volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
         - name: localtime
           hostPath:
             path: /etc/localtime
         - name: {{ include "common.name" . }}-config
           configMap:
             name: {{ include "common.fullname" . }}-config
-        - name: {{ include "common.name" . }}-aaf-config-vol
-          emptyDir: {}
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"

diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/secrets.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/secrets.yaml
index e15a152..4e598a2 100644 (file)
--- a/kubernetes/dmaap/components/dmaap-bc/templates/secrets.yaml
+++ b/kubernetes/dmaap/components/dmaap-bc/templates/secrets.yaml
@@ -13,18 +13,3 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-{{- if .Values.global.aafEnabled }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ include "common.fullname" . }}-secret
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-type: Opaque
-data:
-  aaf-deploy-password: {{ index .Values.aafConfig.aafDeployPass | b64enc | quote }}
-{{- end }}

diff --git a/kubernetes/dmaap/components/dmaap-bc/values.yaml b/kubernetes/dmaap/components/dmaap-bc/values.yaml
index 3a18787..1ac0b7f 100644 (file)
--- a/kubernetes/dmaap/components/dmaap-bc/values.yaml
+++ b/kubernetes/dmaap/components/dmaap-bc/values.yaml
@@ -48,15 +48,21 @@ topicMgrPwd: demo123456!
 adminUser: aaf_admin@people.osaaf.org
 adminPwd: demo123456!
 
-#AAF local config
-aafConfig:
+#################################################################
+# AAF part
+#################################################################
+certInitializer:
+  nameOverride: dmaap-bc-cert-initializer
   aafDeployFqi: deployer@people.osaaf.org
   aafDeployPass: demo123456!
+  # aafDeployCredsExternalSecret: some secret
   fqdn: dmaap-bc
   fqi: dmaap-bc@dmaap-bc.onap.org
   publicFqdn: dmaap-bc.onap.org
   cadiLatitude: 0.0
   cadiLongitude: 0.0
+  app_ns: org.osaaf.aaf
+  credsPath: /opt/app/osaaf/local
 
 persistence:
   aafCredsPath: /opt/app/osaaf/local/