From 0a91dd5f30d6ebccd219f5e3a3279a32baef1bd6 Mon Sep 17 00:00:00 2001
From: "Gupta, Sangeet (sg774j)" <sg774j@att.com>
Date: Wed, 19 Aug 2020 21:52:11 +0000
Subject: [PATCH] feat-tls: Add certs to cinder scheduler and Volume.

This ps mounts certs to scheduler and Volume.

Change-Id: Ibc013ffd4e8fe7500fcfdd285ad896b0e6b97acc
---
 cinder/templates/deployment-scheduler.yaml | 2 ++
 cinder/templates/deployment-volume.yaml    | 1 +
 cinder/values_overrides/tls.yaml           | 2 ++
 3 files changed, 5 insertions(+)

diff --git a/cinder/templates/deployment-scheduler.yaml b/cinder/templates/deployment-scheduler.yaml
index 9b8badb5ac..5ab9ccdb6e 100644
--- a/cinder/templates/deployment-scheduler.yaml
+++ b/cinder/templates/deployment-scheduler.yaml
@@ -104,6 +104,7 @@ spec:
             - name: cinder-coordination
               mountPath: {{ ( split "://" .Values.conf.cinder.coordination.backend_url )._1 }}
             {{- end }}
+{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.volume.api.internal "path" "/etc/cinder/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
 {{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_db.auth.admin.secret.tls.internal "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
 {{ if $mounts_cinder_scheduler.volumeMounts }}{{ toYaml $mounts_cinder_scheduler.volumeMounts | indent 12 }}{{ end }}
       volumes:
@@ -123,6 +124,7 @@ spec:
         - name: cinder-coordination
           emptyDir: {}
         {{- end }}
+ {{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.volume.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
 {{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_db.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
 {{ if $mounts_cinder_scheduler.volumes }}{{ toYaml $mounts_cinder_scheduler.volumes | indent 8 }}{{ end }}
 {{- end }}
diff --git a/cinder/templates/deployment-volume.yaml b/cinder/templates/deployment-volume.yaml
index eadca43509..776a49b247 100755
--- a/cinder/templates/deployment-volume.yaml
+++ b/cinder/templates/deployment-volume.yaml
@@ -211,6 +211,7 @@ spec:
               mountPath: /usr/local/sbin/iscsiadm
               subPath: iscsiadm
             {{- end }}
+{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.volume.api.internal "path" "/etc/cinder/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
 {{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_db.auth.admin.secret.tls.internal "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
 {{ if $mounts_cinder_volume.volumeMounts }}{{ toYaml $mounts_cinder_volume.volumeMounts | indent 12 }}{{ end }}
       volumes:
diff --git a/cinder/values_overrides/tls.yaml b/cinder/values_overrides/tls.yaml
index b2dca77ebe..3849cde9ca 100644
--- a/cinder/values_overrides/tls.yaml
+++ b/cinder/values_overrides/tls.yaml
@@ -59,6 +59,8 @@ conf:
       SSLHonorCipherOrder     on
     </VirtualHost>
   cinder:
+    DEFAULT:
+      glance_ca_certificates_file: /etc/cinder/certs/ca.crt
     keystone_authtoken:
       cafile: /etc/cinder/certs/ca.crt