[CLI] Simplify cert retrieval script

As retrieving values is now done via a generic script, let's clean a
little bit cert retrieval in order to remove unneeded part.

Issue-ID: OOM-2688
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I47fe8224ce471a2b17f7fc376b4b1e2e1d6331fc

diff --git a/kubernetes/cli/values.yaml b/kubernetes/cli/values.yaml
index c521fb8..4dcee45 100644 (file)
--- a/kubernetes/cli/values.yaml
+++ b/kubernetes/cli/values.yaml
@@ -35,33 +35,24 @@ certInitializer:
   cadi_latitude: "0.0"
   credsPath: /opt/app/osaaf/local
   aaf_add_config: |
-    echo "*** retrieving password for keystore and trustore"
-    export $(/opt/app/aaf_config/bin/agent.sh local showpass \
-      {{.Values.fqi}} {{ .Values.fqdn }} | grep '^c' | xargs -0)
-    if [ -z "$cadi_keystore_password_p12" ]
-    then
-      echo "  /!\ certificates retrieval failed"
-      exit 1
-    else
-      echo "*** transform AAF certs into pem files"
-      mkdir -p {{ .Values.credsPath }}/certs
-      keytool -exportcert -rfc -file {{ .Values.credsPath }}/certs/cacert.pem \
-        -keystore {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.trust.jks \
-        -alias ca_local_0 \
-        -storepass $cadi_truststore_password
-      openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \
-        -nokeys -out {{ .Values.credsPath }}/certs/cert.pem \
-        -passin pass:$cadi_keystore_password_p12 \
-        -passout pass:$cadi_keystore_password_p12
-      echo "*** generating needed file"
-      cat {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key \
-          {{ .Values.credsPath }}/certs/cert.pem \
-          {{ .Values.credsPath }}/certs/cacert.pem \
-          > {{ .Values.credsPath }}/certs/fullchain.pem;
-      cat {{ .Values.credsPath }}/certs/fullchain.pem
-      echo "*** change ownership of certificates to targeted user"
-      chown -R 33 {{ .Values.credsPath }}
-    fi
+    echo "*** transform AAF certs into pem files"
+    mkdir -p {{ .Values.credsPath }}/certs
+    keytool -exportcert -rfc -file {{ .Values.credsPath }}/certs/cacert.pem \
+      -keystore {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.trust.jks \
+      -alias ca_local_0 \
+      -storepass $cadi_truststore_password
+    openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \
+      -nokeys -out {{ .Values.credsPath }}/certs/cert.pem \
+      -passin pass:$cadi_keystore_password_p12 \
+      -passout pass:$cadi_keystore_password_p12
+    echo "*** generating needed file"
+    cat {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key \
+        {{ .Values.credsPath }}/certs/cert.pem \
+        {{ .Values.credsPath }}/certs/cacert.pem \
+        > {{ .Values.credsPath }}/certs/fullchain.pem;
+    cat {{ .Values.credsPath }}/certs/fullchain.pem
+    echo "*** change ownership of certificates to targeted user"
+    chown -R 33 {{ .Values.credsPath }}
 
 
 #################################################################