From 9a6db20df8f3474dfaf2e8d5e7de86f73a7355a8 Mon Sep 17 00:00:00 2001
From: OZGCloud <ozgcloud@mgm-tp.com>
Date: Mon, 6 May 2024 13:37:26 +0200
Subject: [PATCH] ozg-3938 enable grpc tls

---
 run_helm_test.sh                               |  2 +-
 src/main/helm/templates/deployment.yaml        | 18 +++++++++++++++++-
 .../helm/deployment_routing_strategy_env.yaml  |  6 +++---
 3 files changed, 21 insertions(+), 5 deletions(-)

diff --git a/run_helm_test.sh b/run_helm_test.sh
index b19a9bc7c..ccc03d0fb 100755
--- a/run_helm_test.sh
+++ b/run_helm_test.sh
@@ -4,4 +4,4 @@ set -e
 
 helm template  ./src/main/helm/ -f src/test/helm-linter-values.yaml
 helm lint -f src/test/helm-linter-values.yaml ./src/main/helm/
-cd src/main/helm && helm unittest  -f '../../test/helm/**/*test.yaml' .
\ No newline at end of file
+cd src/main/helm && helm unittest  -f '../../test/helm/**/*.yaml' .
\ No newline at end of file
diff --git a/src/main/helm/templates/deployment.yaml b/src/main/helm/templates/deployment.yaml
index 89c0a9277..51d9cccd3 100644
--- a/src/main/helm/templates/deployment.yaml
+++ b/src/main/helm/templates/deployment.yaml
@@ -59,6 +59,8 @@ spec:
             app.kubernetes.io/name: {{ .Release.Name }}
       containers:
       - env:
+        - name: SERVICE_BINDING_ROOT
+          value: "/bindings"
         {{- range (.Values.env).grpc }}
         - name: {{ .name }} 
           value: {{ .value }}
@@ -79,7 +81,7 @@ spec:
         - name: grpc_client_vorgang-manager-{{ (.Values.routing).targetVorgangManagerName}}_address
           value: 'vorgang-manager.{{ coalesce (.Values.routing).targetNamespace .Release.Namespace }}:9090'
         - name: grpc_client_vorgang-manager-{{ (.Values.routing).targetVorgangManagerName}}_negotiationType
-          value: {{ (.Values.routing).negotiationType | default "PLAINTEXT" }}
+          value: {{ (.Values.routing).negotiationType | default "TLS" }}
         {{- end }}
         {{- with (.Values.env).customList }}
 {{ toYaml . | indent 8 }}
@@ -150,9 +152,23 @@ spec:
         volumeMounts:
           - name: temp-dir
             mountPath: "/tmp"
+          - name: namespace-ca-cert
+            mountPath: "/bindings/namespace-certificate"
+            readOnly: true
       volumes:
         - name: temp-dir
           emptyDir: {}
+        - name: namespace-ca-cert
+          projected:
+            sources:
+            - secret:
+                name: {{ include "app.namespace" . }}-ca-cert
+                optional: true
+                items:
+                  - key: ca.crt
+                    path: ca.crt
+            - configMap:
+                name: bindings-type
       dnsConfig: {}
       dnsPolicy: ClusterFirst
       imagePullSecrets:
diff --git a/src/test/helm/deployment_routing_strategy_env.yaml b/src/test/helm/deployment_routing_strategy_env.yaml
index dc9ae515b..cd24633db 100644
--- a/src/test/helm/deployment_routing_strategy_env.yaml
+++ b/src/test/helm/deployment_routing_strategy_env.yaml
@@ -49,13 +49,13 @@ tests:
           path: spec.template.spec.containers[0].env
           content:
             name: grpc_client_vorgang-manager-vorgang-manager_negotiationType
-            value: PLAINTEXT
+            value: TLS
   - it: validate routing infos
     set:
       routing:
         routingStrategy: MULTI
         fallbackStrategy: FUNDSTELLE
-        negotiationType: TLS
+        negotiationType: PLAINTEXT
     asserts:
       - contains:
           path: spec.template.spec.containers[0].env
@@ -71,4 +71,4 @@ tests:
           path: spec.template.spec.containers[0].env
           content:
             name: grpc_client_vorgang-manager-vorgang-manager_negotiationType
-            value: TLS
\ No newline at end of file
+            value: PLAINTEXT
\ No newline at end of file
-- 
GitLab