- name: repositoryGenerator
version: ~7.x-0
repository: 'file://../repositoryGenerator'
+ - name: certInitializer
+ version: ~7.x-0
+ repository: 'file://../certInitializer'
\ No newline at end of file
#logging.file=/opt/app/music/logs/MUSIC/music-app.log
#logging.config=file:/opt/app/music/etc/logback.xml
security.require-ssl=true
-server.ssl.key-store=/opt/app/aafcertman/org.onap.music.jks
+server.ssl.key-store=/opt/app/aafcertman/local/org.onap.music.jks
server.ssl.key-store-password=${KEYSTORE_PASSWORD}
server.ssl.key-store-provider=SUN
server.ssl.key-store-type=JKS
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
+ {{ include "common.certInitializer.initContainer" . | indent 8 | trim }}
- command:
- sh
args:
- -c
- - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done"
+ - "export KEYSTORE_PASSWORD=$(cat /opt/app/aafcertman/local/.pass); cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done"
env:
- - name: KEYSTORE_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "music-keystore-pw" "key" "password") | indent 12}}
- name: CASSA_USER
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cassa-secret" "key" "login") | indent 12 }}
- name: CASSA_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cassa-secret" "key" "password") | indent 12 }}
- volumeMounts:
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- mountPath: /config-input
name: properties-music-scrubbed
- mountPath: /config
value: "{{ .Values.javaOpts }}"
- name: DEBUG
value: "{{ .Values.debug }}"
- volumeMounts:
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- name: localtime
mountPath: /etc/localtime
readOnly: true
- name: properties-music-scrubbed
mountPath: /opt/app/music/etc/logback.xml
subPath: logback.xml
- - name: certs-aaf
- mountPath: /opt/app/aafcertman/
- volumes:
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: shared-data
emptyDir: {}
- name: certificate-vol
- name: properties-music
emptyDir:
medium: Memory
- - name: certs-aaf
- secret:
- secretName: {{ include "common.secret.getSecretNameFast" (dict "global" . "uid" "music-certs") }}
# Secrets metaconfig
#################################################################
secrets:
- - uid: music-certs
- name: keystore.jks
- type: generic
- filePaths:
- - resources/keys/org.onap.music.jks
- - uid: music-keystore-pw
- name: keystore-pw
- type: password
- password: '{{ .Values.keystorePassword }}'
- passwordPolicy: required
- uid: cassa-secret
type: basicAuth
login: '{{ .Values.properties.cassandraUser }}'
ingress:
enabled: false
-keystorePassword: "ysF9CVS+xvuXr0vf&fRa5lew"
-
properties:
lockUsing: "cassandra"
# Comma dilimited list of hosts
metricsLogLevel: info
auditLogLevel: info
# Values must be uppercase: INFO, WARN, CRITICAL,DEBUG etc..
- rootLogLevel: INFO
\ No newline at end of file
+ rootLogLevel: INFO
+
+#sub-charts configuration
+certInitializer:
+ nameOverride: music-cert-initializer
+ fqdn: "music.onap"
+ app_ns: "org.osaaf.aaf"
+ fqi: "music@music.onap.org"
+ fqi_namespace: org.onap.music
+ public_fqdn: "music.onap.org"
+ aafDeployFqi: "deployer@people.osaaf.org"
+ aafDeployPass: demo123456!
+ cadi_latitude: "0.0"
+ cadi_longitude: "0.0"
+ credsPath: /opt/app/osaaf/local
+ appMountPath: /opt/app/aafcertman
+ aaf_add_config: >
+ cd {{ .Values.credsPath }};
+ /opt/app/aaf_config/bin/agent.sh local showpass {{.Values.fqi}} {{ .Values.fqdn }} | grep cadi_keystore_password_jks= | cut -d= -f 2 > {{ .Values.credsPath }}/.pass 2>&1;