Skip to content

Commit

Permalink
[MOSIP-29204] Updated scripts & helm charts to mount keystore.p12 fil…
Browse files Browse the repository at this point in the history
…e from secret (#121)

Co-authored-by: syed-salman-technoforte <[email protected]>
  • Loading branch information
syedsalman3753 and syed-salman-technoforte authored Sep 28, 2023
1 parent 342dd74 commit d1fbb5a
Show file tree
Hide file tree
Showing 4 changed files with 26 additions and 1 deletion.
1 change: 1 addition & 0 deletions helm/mimoto/.gitignore
Original file line number Diff line number Diff line change
@@ -1 +1,2 @@
charts/
Chart.lock
3 changes: 3 additions & 0 deletions helm/mimoto/install.sh
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,9 @@ function installing_mimoto() {
kubectl -n config-server set env --keys=mimoto-oidc-partner-clientid --from secret/mimoto-oidc-partner-clientid deployment/config-server --prefix=SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_
kubectl -n config-server get deploy -o name | xargs -n1 -t kubectl -n config-server rollout status


kubectl -n $NS create secret generic mimoto --from-literal=keystore.p12=''

echo Installing mimoto
helm -n $NS install mimoto mosip/mimoto --version $MIMOTO_CHART_VERSION $ENABLE_INSECURE

Expand Down
17 changes: 16 additions & 1 deletion helm/mimoto/templates/deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -93,6 +93,8 @@ spec:
value: {{ .Values.containerSecurityContext.runAsUser }}
- name: JDK_JAVA_OPTIONS
value: {{ .Values.additionalResources.javaOpts }}
- name: KEYSTORE_P12_PATH
value: {{ .Values.volumes.secrets.mimoto.path }}
{{- if .Values.extraEnvVars }}
{{- include "common.tplvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
Expand All @@ -112,6 +114,12 @@ spec:
volumeMounts:
- name: landing-folder
mountPath: {{ .Values.persistence.mountDir }}
{{- if .Values.volumes.secrets }}
{{- range $secretName, $value := .Values.volumes.secrets }}
- name: {{ $secretName }}
mountPath: {{ $value.path }}
{{- end }}
{{- end }}
{{- if .Values.enable_insecure }}
- mountPath: /usr/local/openjdk-11/lib/security/cacerts
name: cacerts
Expand Down Expand Up @@ -146,7 +154,14 @@ spec:
claimName: {{ .Values.persistence.existingClaim | default (include "common.names.fullname" .) }}
{{- else }}
emptyDir: {}
{{ end }}
{{- end }}
{{- if .Values.volumes.secrets }}
{{- range $secretName, $value := .Values.volumes.secrets }}
- name: {{ $secretName }}
secret:
secretName: {{ $secretName }}
{{- end }}
{{- end }}
{{- if .Values.enable_insecure }}
- name: cacerts
emptyDir: {}
Expand Down
6 changes: 6 additions & 0 deletions helm/mimoto/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -461,3 +461,9 @@ istio:
rewrite: /v1/mimoto

enable_insecure: false

volumes:
secrets:
mimoto:
key: keystorep12
path: /home/mosip/certs

0 comments on commit d1fbb5a

Please sign in to comment.