moving certificates from vid image to mounted catalog

author Bartosz Gardziejewski <bartosz.gardziejewski@nokia.com>

Wed, 7 Aug 2019 12:49:10 +0000 (14:49 +0200)

committer Ittay Stern <ittay.stern@att.com>

Mon, 12 Aug 2019 10:11:38 +0000 (10:11 +0000)
author Bartosz Gardziejewski <bartosz.gardziejewski@nokia.com>
Wed, 7 Aug 2019 12:49:10 +0000 (14:49 +0200)
committer Ittay Stern <ittay.stern@att.com>
Mon, 12 Aug 2019 10:11:38 +0000 (10:11 +0000)
diff --git a/kubernetes/vid/resources/certs/org.onap.vid.jks b/kubernetes/vid/resources/certs/org.onap.vid.jks

new file mode 100644 (file)

index 0000000..3c2ce91

Binary files /dev/null and b/kubernetes/vid/resources/certs/org.onap.vid.jks differ
diff --git a/kubernetes/vid/resources/certs/org.onap.vid.trust.jks b/kubernetes/vid/resources/certs/org.onap.vid.trust.jks

new file mode 100644 (file)

index 0000000..4caf7be

Binary files /dev/null and b/kubernetes/vid/resources/certs/org.onap.vid.trust.jks differ
diff --git a/kubernetes/vid/templates/deployment.yaml b/kubernetes/vid/templates/deployment.yaml

index 8bce2cf..a4e821e 100644 (file)
--- a/kubernetes/vid/templates/deployment.yaml
+++ b/kubernetes/vid/templates/deployment.yaml
@@ -109,6 +109,8 @@ spec:
              - name: VID_MYSQL_MAXCONNECTIONS
                value: "{{ .Values.config.vidmysqlmaxconnections }}"
            volumeMounts:
+          - mountPath: /opt/app/vid/etc
+            name: vid-certs
            - mountPath: /etc/localtime
              name: localtime
              readOnly: true
@@ -140,6 +142,9 @@ spec:
            - mountPath: /usr/share/filebeat/data
              name: vid-data-filebeat
        volumes:
+        - name: vid-certs
+          secret:
+            secretName: {{ include "common.fullname" . }}-certs
          - name: localtime
            hostPath:
              path: /etc/localtime
diff --git a/kubernetes/vid/templates/secrets.yaml b/kubernetes/vid/templates/secrets.yaml

index 729e0b1..222a3d5 100644 (file)
--- a/kubernetes/vid/templates/secrets.yaml
+++ b/kubernetes/vid/templates/secrets.yaml
@@ -25,3 +25,17 @@ metadata:
  type: Opaque
  data:
    vid-password: {{ .Values.config.vidmysqlpassword | b64enc | quote }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "common.fullname" . }}-certs
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }}
author	Bartosz Gardziejewski <bartosz.gardziejewski@nokia.com>
	Wed, 7 Aug 2019 12:49:10 +0000 (14:49 +0200)
committer	Ittay Stern <ittay.stern@att.com>
	Mon, 12 Aug 2019 10:11:38 +0000 (10:11 +0000)
kubernetes/vid/resources/certs/org.onap.vid.jks	[new file with mode: 0644]	patch \| blob
kubernetes/vid/resources/certs/org.onap.vid.trust.jks	[new file with mode: 0644]	patch \| blob
kubernetes/vid/templates/deployment.yaml		patch \| blob \| history
kubernetes/vid/templates/secrets.yaml		patch \| blob \| history