--- /dev/null
+{{- if .Values.certauth.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+ name: lcm-client
+ namespace: osm
+spec:
+ secretName: lcm-client-cert
+ privateKey:
+ rotationPolicy: Always
+ algorithm: ECDSA
+ size: 256
+ duration: "8760h"
+ renewBefore: "2208h"
+ dnsNames:
+ - lcm.osm.svc.cluster.local
+ usages:
+ - "client auth"
+ issuerRef:
+ name: ca-issuer
+ kind: ClusterIssuer
+ group: cert-manager.io
+{{- end }}
name: osm-ca
readOnly: true
subPath: osm-ca.crt
+ - mountPath: /etc/ssl/lcm-client/
+ name: lcm-client-cert
+ readOnly: true
volumes:
- name: osm-ca
secret:
- key: tls.crt
path: osm-ca.crt
secretName: osm-ca
+ - name: lcm-client-cert
+ secret:
+ defaultMode: 420
+ secretName: lcm-client-cert
{{- with .Values.global.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
projects / osm / devops.git / commitdiff