initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end }}
+ command:
+ - sh
+ args:
+ - -c
+ - |
+ echo "cadi_keystore_password_p12=$PASSPHRASE_VALUE" > .enc
+ node .
env:
- name: HOST
value: 0.0.0.0
value: "{{ .Values.config.api.processor.grpc.port }}"
- name: API_BLUEPRINT_PROCESSOR_GRPC_AUTH_TOKEN
value: {{ .Values.config.api.processor.grpc.authToken }}
+ - name: KEYSTORE
+ value: "/certs/org.onap.sdnc-cds.p12"
+ - name: PASSPHRASE_VALUE
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-certs-pass" "key" "password") | indent 14 }}
readinessProbe:
tcpSocket:
port: {{ .Values.service.internalPort }}
- mountPath: /etc/localtime
name: localtime
readOnly: true
+ - mountPath: /certs
+ name: certs
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
- name: localtime
hostPath:
path: /etc/localtime
+ - name: certs
+ secret:
+ secretName: {{ include "common.fullname" . }}-certs
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+{{/*
+# Copyright © 2021 Orange
+# Modifications Copyright © 2018 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-certs
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }}
+---
+{{ include "common.secretFast" . }}
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
+
+#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+ - uid: cds-certs-pass
+ type: password
+ externalSecret: '{{ tpl (default "" .Values.certs.certsExternalSecret) . }}'
+ password: '{{ .Values.certs.password }}'
+
+certs:
+ password: "DG*HkOIe5W^F}XYI6o!2sD(6"
+ #certsExternalSecret:
+
subChartsOnly:
enabled: true
Code Review / oom.git / commitdiff