From a3854762a4d22de46cb56c52a5d9c401dfad6680 Mon Sep 17 00:00:00 2001
From: Krzysztof Opasiak <k.opasiak@samsung.com>
Date: Fri, 2 Apr 2021 10:02:05 +0200
Subject: [PATCH] [GLOBAL] Don't try to set keypassword when storetype is
 PKCS12

It seems that for PKCS12 stores there is no keypassword so we are
getting this error in our logs:

keytool error: java.lang.UnsupportedOperationException:
-keypasswd commands not supported if -storetype is PKCS12

Let's fix this by just not trying to set key password for PKCS12 stores.

Issue-ID: OOM-1
Change-Id: I8f4cc5a0b54029b3c1baa83b61092942e34ffab2
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
---
 kubernetes/a1policymanagement/values.yaml                   | 5 -----
 kubernetes/aai/components/aai-resources/values.yaml         | 5 -----
 kubernetes/aai/components/aai-traversal/values.yaml         | 5 -----
 kubernetes/holmes/components/holmes-engine-mgmt/values.yaml | 5 -----
 kubernetes/holmes/components/holmes-rule-mgmt/values.yaml   | 5 -----
 5 files changed, 25 deletions(-)

diff --git a/kubernetes/a1policymanagement/values.yaml b/kubernetes/a1policymanagement/values.yaml
index 7892142de3..489b4da318 100644
--- a/kubernetes/a1policymanagement/values.yaml
+++ b/kubernetes/a1policymanagement/values.yaml
@@ -56,11 +56,6 @@ certInitializer:
     keytool -storepasswd -new "${TRUSTSORE_PASSWORD}" \
       -storepass "${cadi_truststore_password}" \
       -keystore {{ .Values.fqi_namespace }}.trust.jks
-    echo "*** set key password as same password as keystore password"
-    keytool -keypasswd -new "${KEYSTORE_PASSWORD}" \
-      -keystore {{ .Values.fqi_namespace }}.p12 \
-      -keypass "${cadi_keystore_password_p12}" \
-      -storepass "${KEYSTORE_PASSWORD}" -alias {{ .Values.fqi }}
     echo "*** save the generated passwords"
     echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop
     echo "TRUSTSORE_PASSWORD=${TRUSTSORE_PASSWORD}" >> mycreds.prop
diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml
index 7509cb3bd6..b84139161e 100644
--- a/kubernetes/aai/components/aai-resources/values.yaml
+++ b/kubernetes/aai/components/aai-resources/values.yaml
@@ -147,11 +147,6 @@ certInitializer:
     keytool -storepasswd -new "${TRUSTSTORE_PASSWORD}" \
       -storepass "${cadi_truststore_password}" \
       -keystore {{ .Values.fqi_namespace }}.trust.jks
-    echo "*** set key password as same password as keystore password"
-    keytool -keypasswd -new "${KEYSTORE_PASSWORD}" \
-      -keystore {{ .Values.fqi_namespace }}.p12 \
-      -keypass "${cadi_keystore_password_p12}" \
-      -storepass "${KEYSTORE_PASSWORD}" -alias {{ .Values.fqi }}
     echo "*** save the generated passwords"
     echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop
     echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> mycreds.prop
diff --git a/kubernetes/aai/components/aai-traversal/values.yaml b/kubernetes/aai/components/aai-traversal/values.yaml
index 253f9b9e93..38011a0c98 100644
--- a/kubernetes/aai/components/aai-traversal/values.yaml
+++ b/kubernetes/aai/components/aai-traversal/values.yaml
@@ -133,11 +133,6 @@ certInitializer:
     keytool -storepasswd -new "${TRUSTSTORE_PASSWORD}" \
       -storepass "${cadi_truststore_password}" \
       -keystore {{ .Values.fqi_namespace }}.trust.jks
-    echo "*** set key password as same password as keystore password"
-    keytool -keypasswd -new "${KEYSTORE_PASSWORD}" \
-      -keystore {{ .Values.fqi_namespace }}.p12 \
-      -keypass "${cadi_keystore_password_p12}" \
-      -storepass "${KEYSTORE_PASSWORD}" -alias {{ .Values.fqi }}
     echo "*** save the generated passwords"
     echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop
     echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> mycreds.prop
diff --git a/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml b/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml
index f27f4bac79..f44faa1059 100644
--- a/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml
+++ b/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml
@@ -55,11 +55,6 @@ certInitializer:
     keytool -storepasswd -new "${TRUSTSORE_PASSWORD}" \
       -storepass "${cadi_truststore_password}" \
       -keystore {{ .Values.fqi_namespace }}.trust.jks
-    echo "*** set key password as same password as keystore password"
-    keytool -keypasswd -new "${KEYSTORE_PASSWORD}" \
-      -keystore {{ .Values.fqi_namespace }}.p12 \
-      -keypass "${cadi_keystore_password_p12}" \
-      -storepass "${KEYSTORE_PASSWORD}" -alias {{ .Values.fqi }}
     echo "*** save the generated passwords"
     echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop
     echo "TRUSTSORE_PASSWORD=${TRUSTSORE_PASSWORD}" >> mycreds.prop
diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml b/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml
index 91998f3809..9e2b656150 100644
--- a/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml
+++ b/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml
@@ -55,11 +55,6 @@ certInitializer:
     keytool -storepasswd -new "${TRUSTSORE_PASSWORD}" \
       -storepass "${cadi_truststore_password}" \
       -keystore {{ .Values.fqi_namespace }}.trust.jks
-    echo "*** set key password as same password as keystore password"
-    keytool -keypasswd -new "${KEYSTORE_PASSWORD}" \
-      -keystore {{ .Values.fqi_namespace }}.p12 \
-      -keypass "${cadi_keystore_password_p12}" \
-      -storepass "${KEYSTORE_PASSWORD}" -alias {{ .Values.fqi }}
     echo "*** save the generated passwords"
     echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop
     echo "TRUSTSORE_PASSWORD=${TRUSTSORE_PASSWORD}" >> mycreds.prop
-- 
2.16.6