Add truststore

helm-charts/templates/data-plane/gateway-components/common-controller/common-controller-deployment.yaml

@@ -42,6 +42,8 @@ spec:
           ports:
             - containerPort: 18005
               protocol: TCP
+            - containerPort: 18002
+              protocol: TCP
 {{ include "apk-helm.deployment.resources" .Values.wso2.apk.dp.commonController.deployment.resources | indent 10 }}
 {{ include "apk-helm.deployment.env" .Values.wso2.apk.dp.commonController.deployment.env | indent 10 }}
           - name: OPERATOR_POD_NAMESPACE
@@ -77,6 +79,8 @@ spec:
               subPath: ca.crt
             {{- end }}
         {{ if and .Values.wso2.apk.dp.enabled .Values.wso2.apk.dp.ratelimiter.enabled }}
+            - name: enforcer-truststore-secret-volume
+              mountPath: /home/wso2/security/truststore/enforcer.crt
             - name: ratelimiter-truststore-secret-volume
               mountPath: /home/wso2/security/truststore/ratelimiter.crt
             {{- if and .Values.wso2.apk.dp.ratelimiter.configs .Values.wso2.apk.dp.ratelimiter.configs.tls }}
@@ -122,7 +126,7 @@ spec:
         runAsNonRoot: true
         seccompProfile:
           type: "RuntimeDefault"
-      volumes: 
+      volumes:
         - name: common-controller-keystore-secret-volume
           secret:
           {{- if and .Values.wso2.apk.dp.commonController.configs .Values.wso2.apk.dp.commonController.configs.tls }}
@@ -138,6 +142,13 @@ spec:
           secret:
             secretName: {{ template "apk-helm.resource.prefix" . }}-webhook-server-cert
             defaultMode: 420
+        - name: enforcer-truststore-secret-volume
+          secret: 
+          {{- if and .Values.wso2.apk.dp.gatewayRuntime.deployment.enforcer.configs .Values.wso2.apk.dp.gatewayRuntime.deployment.enforcer.configs.tls }}
+            secretName: {{ .Values.wso2.apk.dp.gatewayRuntime.deployment.enforcer.configs.tls.secretName | default (printf "%s-enforcer-server-cert" (include "apk-helm.resource.prefix" .)) }}
+          {{- else }}
+            secretName: {{ template "apk-helm.resource.prefix" . }}-enforcer-server-cert
+          {{- end }}
       {{ if and .Values.wso2.apk.dp.enabled .Values.wso2.apk.dp.ratelimiter.enabled }}
         - name: ratelimiter-truststore-secret-volume
           secret:

helm-charts/templates/data-plane/gateway-components/gateway-runtime/gateway-runtime-deployment.yaml

@@ -146,6 +146,8 @@ spec:
             {{- end }}
             - name: adapter-truststore-secret-volume
               mountPath: /home/wso2/security/truststore/adapter.crt
+            - name: common-controller-truststore-secret-volume
+              mountPath: /home/wso2/security/truststore/adapter.pem
             {{- if and .Values.wso2.apk.dp.adapter.configs .Values.wso2.apk.dp.adapter.configs.tls }}
               subPath: {{ .Values.wso2.apk.dp.adapter.configs.tls.certFilename | default "tls.crt" }}
             {{- else }}
@@ -338,6 +340,14 @@ spec:
             secretName: {{ template "apk-helm.resource.prefix" . }}-ratelimiter-server-cert
           {{- end }}
       {{ end }}
+        - name: common-controller-truststore-secret-volume
+          secret:
+          {{- if and .Values.wso2.apk.dp.commonController.configs .Values.wso2.apk.dp.commonController.configs.tls }}
+            secretName: {{ .Values.wso2.apk.dp.commonController.configs.tls.secretName | default (printf "%s-common-controller-server-cert" (include "apk-helm.resource.prefix" .)) }}
+          {{- else }}
+            secretName: {{ template "apk-helm.resource.prefix" . }}-common-controller-server-cert
+          {{- end }}
+            defaultMode: 420
         - name: enforcer-keystore-secret-volume
           secret: 
             {{- if and .Values.wso2.apk.dp.gatewayRuntime.deployment.enforcer.configs .Values.wso2.apk.dp.gatewayRuntime.deployment.enforcer.configs.tls }}