From 58685d08a390cf9678e88af54c343dbac4ee8196 Mon Sep 17 00:00:00 2001
From: Krzysztof Opasiak <k.opasiak@samsung.com>
Date: Thu, 29 Jul 2021 22:45:45 +0200
Subject: [PATCH] [DMAAP] Replace aafConfig with certInitializer

Use cert initializer instead of aafConfig to keep dmaap-dr-node
aligned with the rest of ONAP

Issue-ID: OOM-1
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I2b73e87bb8ae011416555216605ade9a6316261e
---
 .../components/dmaap-dr-node/requirements.yaml     |  3 ++
 .../dmaap-dr-node/resources/config/node.properties |  2 +-
 .../dmaap-dr-node/templates/statefulset.yaml       |  9 ++---
 .../dmaap/components/dmaap-dr-node/values.yaml     | 44 ++++++++++------------
 4 files changed, 28 insertions(+), 30 deletions(-)

diff --git a/kubernetes/dmaap/components/dmaap-dr-node/requirements.yaml b/kubernetes/dmaap/components/dmaap-dr-node/requirements.yaml
index 97ba957f4f..b7e9dceba7 100644
--- a/kubernetes/dmaap/components/dmaap-dr-node/requirements.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-node/requirements.yaml
@@ -28,3 +28,6 @@ dependencies:
   - name: serviceAccount
     version: ~8.x-0
     repository: '@local'
+  - name: certInitializer
+    version: ~8.x-0
+    repository: '@local'
diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties
index 1d0015ed7f..20030a79c8 100644
--- a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties
+++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties
@@ -103,4 +103,4 @@ AAFAction = publish
 CadiEnabled = false
 #
 #    AAF Props file path
-AAFPropsFilePath = {{ .Values.aafConfig.credsPath }}/org.onap.dmaap-dr.props
+AAFPropsFilePath = {{ .Values.certInitializer.credsPath }}/org.onap.dmaap-dr.props
diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml
index dfb435ce04..90db648028 100644
--- a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml
@@ -23,7 +23,7 @@ spec:
   template:
     metadata: {{- include "common.templateMetadata" . | nindent 6 }}
     spec:
-      initContainers:
+      initContainers: {{ include "common.certInitializer.initContainer" . | nindent 8 }}
         - name: {{ include "common.name" . }}-readiness
           image: {{ include "repositoryGenerator.image.readiness" . }}
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
@@ -38,11 +38,10 @@ spec:
               fieldRef:
                 apiVersion: v1
                 fieldPath: metadata.namespace
-        {{- if .Values.global.aafEnabled }}{{ include "common.aaf-config" . | nindent 8 }}{{ end }}
         - name: {{ include "common.name" . }}-permission-fixer
           image: {{ include "repositoryGenerator.image.busybox" . }}
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-          volumeMounts: {{- if .Values.global.aafEnabled }}{{ include "common.aaf-config-volume-mountpath" . | nindent 10 }}{{ end }}
+          volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
           - mountPath: {{ .Values.persistence.spool.path }}
             name: {{ include "common.fullname" . }}-spool
           - mountPath: {{ .Values.persistence.event.path }}
@@ -65,7 +64,7 @@ spec:
               port: {{.Values.readiness.port}}
             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
             periodSeconds: {{ .Values.readiness.periodSeconds }}
-          volumeMounts: {{- if .Values.global.aafEnabled }}{{ include "common.aaf-config-volume-mountpath" . | nindent 10 }}{{ end }}
+          volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
           - mountPath: {{ .Values.persistence.spool.path }}
             name: {{ include "common.fullname" . }}-spool
           - mountPath: {{ .Values.persistence.event.path }}
@@ -103,7 +102,7 @@ spec:
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"
       serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
-      volumes: {{ include "common.aaf-config-volumes" . | nindent 8 }}
+      volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
         - name: localtime
           hostPath:
             path: /etc/localtime
diff --git a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml
index ee231a0c06..ced70050a3 100644
--- a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml
@@ -20,6 +20,25 @@ global:
   persistence: {}
   aafEnabled: true
 
+#################################################################
+# AAF part
+#################################################################
+certInitializer:
+  nameOverride: dmaap-dr-node-cert-initializer
+  aafDeployFqi: deployer@people.osaaf.org
+  aafDeployPass: demo123456!
+  # aafDeployCredsExternalSecret: some secret
+  fqdn: dmaap-dr-node
+  fqi: dmaap-dr-node@dmaap-dr.onap.org
+  public_fqdn: dmaap-dr.onap.org
+  cadi_longitude: "0.0"
+  cadi_latitude: "0.0"
+  app_ns: org.osaaf.aaf
+  credsPath: /opt/app/osaaf/local
+  aaf_add_config: >
+    echo "cadi_keystore_password_p12=$cadi_keystore_password_p12" > {{ .Values.credsPath }}/mycreds.prop
+    echo "cadi_truststore_password=$cadi_truststore_password" >> {{ .Values.credsPath }}/mycreds.prop
+
 #################################################################
 # Application configuration defaults.
 #################################################################
@@ -77,33 +96,10 @@ persistence:
     labels:
       app.kubernetes.io/component: event-logs
 
-#################################################################
-# AAF part
-#################################################################
-aafConfig:
-  aafDeployFqi: deployer@people.osaaf.org
-  aafDeployPass: demo123456!
-  fqdn: dmaap-dr-node
-  fqi: dmaap-dr-node@dmaap-dr.onap.org
-  public_fqdn: dmaap-dr.onap.org
-  cadi_longitude: 0.0
-  cadi_latitude: 0.0
-  app_ns: org.osaaf.aaf
-  permission_user: 1000
-  permission_group: 1001
-  secret_uid: &aaf_secret_uid dmaap-dr-node-aaf-deploy-creds
-  credsPath: /opt/app/osaaf/local
-
 #################################################################
 # Secrets metaconfig
 #################################################################
-secrets:
-  - uid: *aaf_secret_uid
-    type: basicAuth
-    externalSecret: '{{ ternary (tpl (default "" .Values.aafConfig.aafDeployCredsExternalSecret) .) "aafIsDisabled" .Values.global.aafEnabled }}'
-    login: '{{ .Values.aafConfig.aafDeployFqi }}'
-    password: '{{ .Values.aafConfig.aafDeployPass }}'
-    passwordPolicy: required
+secrets: {}
 
 ingress:
   enabled: false
-- 
2.16.6