summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.helmignore21
-rw-r--r--Chart.yaml19
-rw-r--r--charts/aai-babel/.helmignore21
-rw-r--r--charts/aai-babel/Chart.yaml19
-rw-r--r--charts/aai-babel/requirements.yaml22
-rw-r--r--charts/aai-babel/resources/config/artifact-generator.properties285
-rw-r--r--charts/aai-babel/resources/config/auth/auth_policy.json47
-rw-r--r--charts/aai-babel/resources/config/auth/tomcat_keystorebin0 -> 2214 bytes
-rw-r--r--charts/aai-babel/resources/config/babel-auth.properties16
-rw-r--r--charts/aai-babel/resources/config/logback.xml194
-rw-r--r--charts/aai-babel/resources/config/tosca-mappings.json181
-rw-r--r--charts/aai-babel/resources/fproxy/config/auth/client-cert.p12bin0 -> 2556 bytes
-rw-r--r--charts/aai-babel/resources/fproxy/config/auth/tomcat_keystorebin0 -> 2214 bytes
-rw-r--r--charts/aai-babel/resources/fproxy/config/fproxy.properties2
-rw-r--r--charts/aai-babel/resources/fproxy/config/logback-spring.xml45
-rw-r--r--charts/aai-babel/resources/fproxy/config/readme.txt1
-rw-r--r--charts/aai-babel/resources/rproxy/config/auth/client-cert.p12bin0 -> 2556 bytes
-rw-r--r--charts/aai-babel/resources/rproxy/config/auth/tomcat_keystorebin0 -> 3594 bytes
-rw-r--r--charts/aai-babel/resources/rproxy/config/auth/uri-authorization.json93
-rw-r--r--charts/aai-babel/resources/rproxy/config/cadi.properties25
-rw-r--r--charts/aai-babel/resources/rproxy/config/forward-proxy.properties4
-rw-r--r--charts/aai-babel/resources/rproxy/config/logback-spring.xml45
-rw-r--r--charts/aai-babel/resources/rproxy/config/primary-service.properties3
-rw-r--r--charts/aai-babel/resources/rproxy/config/readme.txt1
-rw-r--r--charts/aai-babel/resources/rproxy/config/reverse-proxy.properties1
-rw-r--r--charts/aai-babel/resources/rproxy/config/security/keyfile27
-rw-r--r--charts/aai-babel/templates/configmap.yaml70
-rw-r--r--charts/aai-babel/templates/deployment.yaml251
-rw-r--r--charts/aai-babel/templates/secrets.yaml88
-rw-r--r--charts/aai-babel/templates/service.yaml52
-rw-r--r--charts/aai-babel/values.yaml81
-rw-r--r--charts/aai-champ/Chart.yaml19
-rw-r--r--charts/aai-champ/requirements.yaml22
-rw-r--r--charts/aai-champ/resources/config/appconfig/auth/champ_policy.json19
-rw-r--r--charts/aai-champ/resources/config/appconfig/auth/tomcat_keystorebin0 -> 3429 bytes
-rw-r--r--charts/aai-champ/resources/config/appconfig/champ-api.properties20
-rw-r--r--charts/aai-champ/resources/config/dynamic/conf/champ-beans.xml84
-rw-r--r--charts/aai-champ/resources/config/log/logback.xml176
-rw-r--r--charts/aai-champ/resources/fproxy/config/fproxy.properties2
-rw-r--r--charts/aai-champ/resources/fproxy/config/logback-spring.xml45
-rw-r--r--charts/aai-champ/resources/fproxy/config/readme.txt1
-rw-r--r--charts/aai-champ/resources/rproxy/config/auth/uri-authorization.json99
-rw-r--r--charts/aai-champ/resources/rproxy/config/cadi.properties39
-rw-r--r--charts/aai-champ/resources/rproxy/config/forward-proxy.properties4
-rw-r--r--charts/aai-champ/resources/rproxy/config/logback-spring.xml45
-rw-r--r--charts/aai-champ/resources/rproxy/config/primary-service.properties3
-rw-r--r--charts/aai-champ/resources/rproxy/config/readme.txt1
-rw-r--r--charts/aai-champ/resources/rproxy/config/reverse-proxy.properties1
-rw-r--r--charts/aai-champ/templates/configmap.yaml95
-rw-r--r--charts/aai-champ/templates/deployment.yaml277
-rw-r--r--charts/aai-champ/templates/secrets.yaml60
-rw-r--r--charts/aai-champ/templates/service.yaml53
-rw-r--r--charts/aai-champ/values.yaml90
-rw-r--r--charts/aai-data-router/.helmignore21
-rw-r--r--charts/aai-data-router/Chart.yaml18
-rw-r--r--charts/aai-data-router/resources/config/auth/client-cert-onap.p12bin0 -> 2556 bytes
-rw-r--r--charts/aai-data-router/resources/config/auth/data-router_policy.json18
-rw-r--r--charts/aai-data-router/resources/config/auth/tomcat_keystorebin0 -> 3429 bytes
-rw-r--r--charts/aai-data-router/resources/config/data-router.properties0
-rw-r--r--charts/aai-data-router/resources/config/log/logback.xml193
-rw-r--r--charts/aai-data-router/resources/config/schemaIngest.properties46
-rw-r--r--charts/aai-data-router/resources/dynamic/conf/data-router-oxm.xml22
-rw-r--r--charts/aai-data-router/resources/dynamic/conf/entity-event-policy.xml56
-rw-r--r--charts/aai-data-router/resources/dynamic/routes/entity-event.route4
-rw-r--r--charts/aai-data-router/templates/configmap.yaml68
-rw-r--r--charts/aai-data-router/templates/deployment.yaml188
-rw-r--r--charts/aai-data-router/templates/secret.yaml27
-rw-r--r--charts/aai-data-router/values.yaml108
-rw-r--r--charts/aai-elasticsearch/.helmignore21
-rw-r--r--charts/aai-elasticsearch/Chart.yaml18
-rw-r--r--charts/aai-elasticsearch/resources/bin/init_sg.sh11
-rw-r--r--charts/aai-elasticsearch/resources/bin/run.sh8
-rw-r--r--charts/aai-elasticsearch/resources/bin/wait_until_started.sh9
-rw-r--r--charts/aai-elasticsearch/resources/config/elasticsearch.yml397
-rw-r--r--charts/aai-elasticsearch/resources/config/jvm.options117
-rw-r--r--charts/aai-elasticsearch/resources/config/log4j2.properties88
-rw-r--r--charts/aai-elasticsearch/resources/config/sg/auth/esaai-keystore.jksbin0 -> 3979 bytes
-rw-r--r--charts/aai-elasticsearch/resources/config/sg/auth/sgadmin-keystore.p12bin0 -> 4575 bytes
-rw-r--r--charts/aai-elasticsearch/resources/config/sg/auth/truststore.jksbin0 -> 930 bytes
-rw-r--r--charts/aai-elasticsearch/resources/config/sg/sg_action_groups.yml137
-rw-r--r--charts/aai-elasticsearch/resources/config/sg/sg_config.yml221
-rw-r--r--charts/aai-elasticsearch/resources/config/sg/sg_internal_users.yml45
-rw-r--r--charts/aai-elasticsearch/resources/config/sg/sg_roles.yml262
-rw-r--r--charts/aai-elasticsearch/resources/config/sg/sg_roles_mapping.yml38
-rw-r--r--charts/aai-elasticsearch/templates/configmap.yaml52
-rw-r--r--charts/aai-elasticsearch/templates/deployment.yaml144
-rw-r--r--charts/aai-elasticsearch/templates/secrets.yaml22
-rw-r--r--charts/aai-elasticsearch/templates/service.yaml44
-rw-r--r--charts/aai-elasticsearch/values.yaml105
-rw-r--r--charts/aai-gizmo/.helmignore21
-rw-r--r--charts/aai-gizmo/Chart.yaml19
-rw-r--r--charts/aai-gizmo/resources/config/README.txt24
-rw-r--r--charts/aai-gizmo/resources/config/auth/champ-cert.p12bin0 -> 2556 bytes
-rw-r--r--charts/aai-gizmo/resources/config/auth/client-cert.p12bin0 -> 2556 bytes
-rw-r--r--charts/aai-gizmo/resources/config/auth/crud_policy.json18
-rw-r--r--charts/aai-gizmo/resources/config/auth/datarouter-cert.p12bin0 -> 2556 bytes
-rw-r--r--charts/aai-gizmo/resources/config/auth/tomcat_keystorebin0 -> 2214 bytes
-rw-r--r--charts/aai-gizmo/resources/config/crud-api.properties20
-rw-r--r--charts/aai-gizmo/resources/config/crud-beans.xml47
-rw-r--r--charts/aai-gizmo/resources/config/edgeprops-ingest.properties3
-rw-r--r--charts/aai-gizmo/resources/config/log/filebeat/filebeat.yml55
-rw-r--r--charts/aai-gizmo/resources/config/log/logback.xml196
-rw-r--r--charts/aai-gizmo/resources/config/model/edge_properties_v10.json10
-rw-r--r--charts/aai-gizmo/resources/config/model/edge_properties_v11.json6
-rw-r--r--charts/aai-gizmo/resources/config/model/edge_properties_v12.json6
-rw-r--r--charts/aai-gizmo/resources/config/model/edge_properties_v13.json6
-rw-r--r--charts/aai-gizmo/resources/config/model/edge_properties_v14.json6
-rw-r--r--charts/aai-gizmo/resources/config/model/edge_properties_v15.json6
-rw-r--r--charts/aai-gizmo/resources/config/model/edge_properties_v7.json10
-rw-r--r--charts/aai-gizmo/resources/config/model/edge_properties_v8.json10
-rw-r--r--charts/aai-gizmo/resources/config/model/edge_properties_v9.json10
-rw-r--r--charts/aai-gizmo/resources/config/schema-ingest.properties45
-rw-r--r--charts/aai-gizmo/resources/fproxy/config/fproxy.properties2
-rw-r--r--charts/aai-gizmo/resources/fproxy/config/logback-spring.xml45
-rw-r--r--charts/aai-gizmo/resources/fproxy/config/readme.txt1
-rw-r--r--charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json99
-rw-r--r--charts/aai-gizmo/resources/rproxy/config/cadi.properties39
-rw-r--r--charts/aai-gizmo/resources/rproxy/config/forward-proxy.properties4
-rw-r--r--charts/aai-gizmo/resources/rproxy/config/logback-spring.xml45
-rw-r--r--charts/aai-gizmo/resources/rproxy/config/primary-service.properties3
-rw-r--r--charts/aai-gizmo/resources/rproxy/config/readme.txt1
-rw-r--r--charts/aai-gizmo/resources/rproxy/config/reverse-proxy.properties1
-rw-r--r--charts/aai-gizmo/templates/NOTES.txt33
-rw-r--r--charts/aai-gizmo/templates/configmap.yaml110
-rw-r--r--charts/aai-gizmo/templates/deployment.yaml271
-rw-r--r--charts/aai-gizmo/templates/secrets.yaml54
-rw-r--r--charts/aai-gizmo/templates/service.yaml54
-rw-r--r--charts/aai-gizmo/values.yaml81
-rw-r--r--charts/aai-graphadmin/.helmignore21
-rw-r--r--charts/aai-graphadmin/Chart.yaml23
-rw-r--r--charts/aai-graphadmin/resources/config/aaiconfig.properties123
-rw-r--r--charts/aai-graphadmin/resources/config/application.properties99
-rw-r--r--charts/aai-graphadmin/resources/config/janusgraph-cached.properties96
-rw-r--r--charts/aai-graphadmin/resources/config/janusgraph-realtime.properties89
-rw-r--r--charts/aai-graphadmin/resources/config/localhost-access-logback.xml60
-rw-r--r--charts/aai-graphadmin/resources/config/logback.xml614
-rw-r--r--charts/aai-graphadmin/resources/config/migration/janusgraph-migration-cached.properties70
-rw-r--r--charts/aai-graphadmin/resources/config/migration/janusgraph-migration-real.properties65
-rw-r--r--charts/aai-graphadmin/resources/config/realm.properties42
-rw-r--r--charts/aai-graphadmin/templates/configmap.yaml63
-rw-r--r--charts/aai-graphadmin/templates/deployment.yaml186
-rw-r--r--charts/aai-graphadmin/templates/job.yaml428
-rw-r--r--charts/aai-graphadmin/templates/pv.yaml42
-rw-r--r--charts/aai-graphadmin/templates/pvc.yaml51
-rw-r--r--charts/aai-graphadmin/templates/service.yaml49
-rw-r--r--charts/aai-graphadmin/values.yaml147
-rw-r--r--charts/aai-modelloader/.helmignore21
-rw-r--r--charts/aai-modelloader/Chart.yaml18
-rw-r--r--charts/aai-modelloader/resources/config/auth/aai-os-cert.p12bin0 -> 4357 bytes
-rw-r--r--charts/aai-modelloader/resources/config/auth/babel-client-cert.p12bin0 -> 2556 bytes
-rw-r--r--charts/aai-modelloader/resources/config/auth/tomcat_keystorebin0 -> 2214 bytes
-rw-r--r--charts/aai-modelloader/resources/config/log/logback.xml168
-rw-r--r--charts/aai-modelloader/resources/config/model-loader.properties46
-rw-r--r--charts/aai-modelloader/templates/configmap.yaml39
-rw-r--r--charts/aai-modelloader/templates/deployment.yaml109
-rw-r--r--charts/aai-modelloader/templates/secret.yaml27
-rw-r--r--charts/aai-modelloader/templates/service.yaml43
-rw-r--r--charts/aai-modelloader/values.yaml80
-rw-r--r--charts/aai-resources/.helmignore21
-rw-r--r--charts/aai-resources/Chart.yaml19
-rw-r--r--charts/aai-resources/resources/config/aaf/bath_config.csv33
-rw-r--r--charts/aai-resources/resources/config/aaf/cadi.properties8
-rw-r--r--charts/aai-resources/resources/config/aaf/org.onap.aai.keyfile27
-rw-r--r--charts/aai-resources/resources/config/aaf/org.onap.aai.p12bin0 -> 4307 bytes
-rw-r--r--charts/aai-resources/resources/config/aaf/org.onap.aai.props14
-rw-r--r--charts/aai-resources/resources/config/aaf/org.osaaf.location.props24
-rw-r--r--charts/aai-resources/resources/config/aaf/permissions.properties2
-rw-r--r--charts/aai-resources/resources/config/aaiconfig.properties88
-rw-r--r--charts/aai-resources/resources/config/application.properties94
-rw-r--r--charts/aai-resources/resources/config/auth/aai_policy.json298
-rw-r--r--charts/aai-resources/resources/config/janusgraph-cached.properties98
-rw-r--r--charts/aai-resources/resources/config/janusgraph-realtime.properties92
-rw-r--r--charts/aai-resources/resources/config/localhost-access-logback.xml63
-rw-r--r--charts/aai-resources/resources/config/logback.xml267
-rw-r--r--charts/aai-resources/resources/config/realm.properties37
-rw-r--r--charts/aai-resources/resources/fproxy/config/auth/client-cert.p12bin0 -> 3617 bytes
-rw-r--r--charts/aai-resources/resources/fproxy/config/auth/fproxy_truststorebin0 -> 4639 bytes
-rw-r--r--charts/aai-resources/resources/fproxy/config/auth/tomcat_keystorebin0 -> 2214 bytes
-rw-r--r--charts/aai-resources/resources/fproxy/config/fproxy.properties2
-rw-r--r--charts/aai-resources/resources/fproxy/config/logback-spring.xml45
-rw-r--r--charts/aai-resources/resources/fproxy/config/readme.txt1
-rw-r--r--charts/aai-resources/resources/rproxy/config/auth/client-cert.p12bin0 -> 4291 bytes
-rw-r--r--charts/aai-resources/resources/rproxy/config/auth/org.onap.aai.p12bin0 -> 4158 bytes
-rw-r--r--charts/aai-resources/resources/rproxy/config/auth/tomcat_keystorebin0 -> 4943 bytes
-rw-r--r--charts/aai-resources/resources/rproxy/config/auth/uri-authorization.json99
-rw-r--r--charts/aai-resources/resources/rproxy/config/cadi.properties39
-rw-r--r--charts/aai-resources/resources/rproxy/config/forward-proxy.properties4
-rw-r--r--charts/aai-resources/resources/rproxy/config/logback-spring.xml45
-rw-r--r--charts/aai-resources/resources/rproxy/config/primary-service.properties3
-rw-r--r--charts/aai-resources/resources/rproxy/config/readme.txt1
-rw-r--r--charts/aai-resources/resources/rproxy/config/reverse-proxy.properties1
-rw-r--r--charts/aai-resources/resources/rproxy/config/security/keyfile27
-rw-r--r--charts/aai-resources/templates/configmap.yaml158
-rw-r--r--charts/aai-resources/templates/deployment.yaml1102
-rw-r--r--charts/aai-resources/templates/service.yaml44
-rw-r--r--charts/aai-resources/values.yaml119
-rw-r--r--charts/aai-schema-service/.helmignore21
-rw-r--r--charts/aai-schema-service/Chart.yaml19
-rw-r--r--charts/aai-schema-service/config/aaiconfig.properties43
-rw-r--r--charts/aai-schema-service/config/application.properties70
-rw-r--r--charts/aai-schema-service/config/localhost-access-logback.xml58
-rw-r--r--charts/aai-schema-service/config/logback.xml237
-rw-r--r--charts/aai-schema-service/config/realm.properties22
-rw-r--r--charts/aai-schema-service/templates/configmap.yaml78
-rw-r--r--charts/aai-schema-service/templates/deployment.yaml155
-rw-r--r--charts/aai-schema-service/templates/service.yaml44
-rw-r--r--charts/aai-schema-service/values.yaml90
-rw-r--r--charts/aai-search-data/.helmignore21
-rw-r--r--charts/aai-search-data/Chart.yaml18
-rw-r--r--charts/aai-search-data/resources/config/analysis-config.json32
-rw-r--r--charts/aai-search-data/resources/config/auth/search_policy.json18
-rw-r--r--charts/aai-search-data/resources/config/auth/tomcat_keystorebin0 -> 3117 bytes
-rw-r--r--charts/aai-search-data/resources/config/dynamic-custom-template.json12
-rw-r--r--charts/aai-search-data/resources/config/elastic-search.properties25
-rw-r--r--charts/aai-search-data/resources/config/es-payload-translation.json17
-rw-r--r--charts/aai-search-data/resources/config/filter-config.json7
-rw-r--r--charts/aai-search-data/resources/config/log/logback.xml193
-rw-r--r--charts/aai-search-data/templates/configmap.yaml39
-rw-r--r--charts/aai-search-data/templates/deployment.yaml144
-rw-r--r--charts/aai-search-data/templates/secret.yaml40
-rw-r--r--charts/aai-search-data/templates/service.yaml39
-rw-r--r--charts/aai-search-data/values.yaml79
-rw-r--r--charts/aai-sparky-be/.helmignore21
-rw-r--r--charts/aai-sparky-be/Chart.yaml18
-rw-r--r--charts/aai-sparky-be/resources/config/application-oxm-default.properties16
-rw-r--r--charts/aai-sparky-be/resources/config/application-oxm-override.properties16
-rw-r--r--charts/aai-sparky-be/resources/config/application-oxm-schema-prod.properties28
-rw-r--r--charts/aai-sparky-be/resources/config/application-resources.properties20
-rw-r--r--charts/aai-sparky-be/resources/config/application-ssl.properties20
-rw-r--r--charts/aai-sparky-be/resources/config/application-sync.properties6
-rw-r--r--charts/aai-sparky-be/resources/config/application.properties35
-rw-r--r--charts/aai-sparky-be/resources/config/auth/client-cert-onap.p12bin0 -> 2556 bytes
-rw-r--r--charts/aai-sparky-be/resources/config/auth/csp-cookie-filter.properties26
-rw-r--r--charts/aai-sparky-be/resources/config/auth/org.onap.aai.p12bin0 -> 4307 bytes
-rw-r--r--charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/key.properties1
-rw-r--r--charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties47
-rw-r--r--charts/aai-sparky-be/resources/config/portal/cadi.properties45
-rw-r--r--charts/aai-sparky-be/resources/config/portal/keyFile27
-rw-r--r--charts/aai-sparky-be/resources/config/portal/portal-authentication.properties31
-rw-r--r--charts/aai-sparky-be/resources/config/roles.config20
-rw-r--r--charts/aai-sparky-be/resources/config/users.config20
-rw-r--r--charts/aai-sparky-be/templates/configmap.yaml72
-rw-r--r--charts/aai-sparky-be/templates/deployment.yaml205
-rw-r--r--charts/aai-sparky-be/templates/secret.yaml27
-rw-r--r--charts/aai-sparky-be/templates/service.yaml38
-rw-r--r--charts/aai-sparky-be/values.yaml111
-rw-r--r--charts/aai-spike/Chart.yaml18
-rw-r--r--charts/aai-spike/requirements.yaml21
-rw-r--r--charts/aai-spike/resources/config/auth/client-cert.p12bin0 -> 3617 bytes
-rw-r--r--charts/aai-spike/resources/config/auth/tomcat_keystorebin0 -> 3429 bytes
-rw-r--r--charts/aai-spike/resources/config/edgeprops-ingest.properties23
-rw-r--r--charts/aai-spike/resources/config/logback.xml194
-rw-r--r--charts/aai-spike/resources/config/model/edge_props/edge_properties_v10.json10
-rw-r--r--charts/aai-spike/resources/config/model/edge_props/edge_properties_v11.json6
-rw-r--r--charts/aai-spike/resources/config/model/edge_props/edge_properties_v12.json6
-rw-r--r--charts/aai-spike/resources/config/model/edge_props/edge_properties_v13.json6
-rw-r--r--charts/aai-spike/resources/config/model/edge_props/edge_properties_v14.json6
-rw-r--r--charts/aai-spike/resources/config/model/edge_props/edge_properties_v15.json6
-rw-r--r--charts/aai-spike/resources/config/model/edge_props/edge_properties_v7.json10
-rw-r--r--charts/aai-spike/resources/config/model/edge_props/edge_properties_v8.json10
-rw-r--r--charts/aai-spike/resources/config/model/edge_props/edge_properties_v9.json10
-rw-r--r--charts/aai-spike/resources/config/schema-ingest.properties65
-rw-r--r--charts/aai-spike/resources/config/spike-beans.xml62
-rw-r--r--charts/aai-spike/resources/config/spike.properties28
-rw-r--r--charts/aai-spike/templates/configmap.yaml39
-rw-r--r--charts/aai-spike/templates/deployment.yaml166
-rw-r--r--charts/aai-spike/templates/secrets.yaml42
-rw-r--r--charts/aai-spike/templates/service.yaml39
-rw-r--r--charts/aai-spike/values.yaml88
-rw-r--r--charts/aai-traversal/.helmignore21
-rw-r--r--charts/aai-traversal/Chart.yaml18
-rw-r--r--charts/aai-traversal/resources/config/aaf/bath_config.csv33
-rw-r--r--charts/aai-traversal/resources/config/aaf/cadi.properties8
-rw-r--r--charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile27
-rw-r--r--charts/aai-traversal/resources/config/aaf/org.onap.aai.p12bin0 -> 4307 bytes
-rw-r--r--charts/aai-traversal/resources/config/aaf/org.onap.aai.props14
-rw-r--r--charts/aai-traversal/resources/config/aaf/org.osaaf.location.props23
-rw-r--r--charts/aai-traversal/resources/config/aaf/permissions.properties2
-rw-r--r--charts/aai-traversal/resources/config/aaiconfig.properties81
-rw-r--r--charts/aai-traversal/resources/config/application.properties97
-rw-r--r--charts/aai-traversal/resources/config/janusgraph-cached.properties98
-rw-r--r--charts/aai-traversal/resources/config/janusgraph-realtime.properties92
-rw-r--r--charts/aai-traversal/resources/config/localhost-access-logback.xml63
-rw-r--r--charts/aai-traversal/resources/config/logback.xml268
-rw-r--r--charts/aai-traversal/resources/config/realm.properties37
-rw-r--r--charts/aai-traversal/templates/configmap.yaml64
-rw-r--r--charts/aai-traversal/templates/deployment.yaml618
-rw-r--r--charts/aai-traversal/templates/job.yaml136
-rw-r--r--charts/aai-traversal/templates/service.yaml44
-rw-r--r--charts/aai-traversal/values.yaml95
-rw-r--r--requirements.yaml28
-rw-r--r--resources/config/aai/aai_keystorebin0 -> 7502 bytes
-rw-r--r--resources/config/auth/truststoreONAPall.jksbin0 -> 117990 bytes
-rw-r--r--resources/config/fproxy/auth/client-cert.p12bin0 -> 3591 bytes
-rw-r--r--resources/config/fproxy/auth/fproxy_truststorebin0 -> 4639 bytes
-rw-r--r--resources/config/fproxy/auth/tomcat_keystorebin0 -> 3607 bytes
-rw-r--r--resources/config/haproxy/aai.pem82
-rw-r--r--resources/config/haproxy/haproxy-pluggable-security.cfg138
-rw-r--r--resources/config/haproxy/haproxy.cfg138
-rw-r--r--resources/config/log/filebeat/filebeat.yml55
-rw-r--r--resources/config/rproxy/auth/client-cert.p12bin0 -> 2556 bytes
-rw-r--r--resources/config/rproxy/auth/org.onap.aai.p12bin0 -> 4158 bytes
-rw-r--r--resources/config/rproxy/auth/tomcat_keystorebin0 -> 3594 bytes
-rw-r--r--resources/config/rproxy/security/keyfile27
-rw-r--r--templates/configmap.yaml103
-rw-r--r--templates/deployment.yaml131
-rw-r--r--templates/secret.yaml36
-rw-r--r--templates/service.yaml47
-rw-r--r--values.yaml376
309 files changed, 18558 insertions, 0 deletions
diff --git a/.helmignore b/.helmignore
new file mode 100644
index 0000000..daebc7d
--- /dev/null
+++ b/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/Chart.yaml b/Chart.yaml
new file mode 100644
index 0000000..c4ad263
--- /dev/null
+++ b/Chart.yaml
@@ -0,0 +1,19 @@
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP Active and Available Inventory
+name: aai
+version: 4.0.0
diff --git a/charts/aai-babel/.helmignore b/charts/aai-babel/.helmignore
new file mode 100644
index 0000000..daebc7d
--- /dev/null
+++ b/charts/aai-babel/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/charts/aai-babel/Chart.yaml b/charts/aai-babel/Chart.yaml
new file mode 100644
index 0000000..fe1a4ce
--- /dev/null
+++ b/charts/aai-babel/Chart.yaml
@@ -0,0 +1,19 @@
+# Copyright © 2018 Amdocs, AT&T
+# Modifications Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: Babel microservice
+name: aai-babel
+version: 4.0.0
diff --git a/charts/aai-babel/requirements.yaml b/charts/aai-babel/requirements.yaml
new file mode 100644
index 0000000..78e822e
--- /dev/null
+++ b/charts/aai-babel/requirements.yaml
@@ -0,0 +1,22 @@
+# Copyright © 2018 Amdocs, AT&T
+# Modifications Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~4.x-0
+ # local reference to common chart, as it is
+ # a part of this chart's package and will not
+ # be published independently to a repo (at this point)
+ repository: '@local'
diff --git a/charts/aai-babel/resources/config/artifact-generator.properties b/charts/aai-babel/resources/config/artifact-generator.properties
new file mode 100644
index 0000000..e246b00
--- /dev/null
+++ b/charts/aai-babel/resources/config/artifact-generator.properties
@@ -0,0 +1,285 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+#action widget details
+AAI.model-version-id.action=fd7fb09e-d930-41b9-b83f-cfde9df48640
+AAI.model-invariant-id.action=af593b4b-490e-4665-ad74-2f6351c0a7ce
+#action-data widget details
+AAI.model-invariant-id.action-data=9551346c-7d8b-4daf-9926-b93e96e2344a
+AAI.model-version-id.action-data=2f80c596-27e5-4ca9-b5bb-e03a7fd4c0fd
+#allotted-resource widget details
+AAI.model-invariant-id.allotted-resource=f6d6a23d-a1a9-48ff-8419-b6530da2d381
+AAI.model-version-id.allotted-resource=7ad0915f-25c0-4a70-b9bc-185a75f87564
+#availability-zone widget details
+AAI.model-version-id.availability-zone=6c092fb1-21b2-456b-9e01-67fb4de1896e
+AAI.model-invariant-id.availability-zone=61b88c01-d819-41c0-8e21-7fd7ba47148e
+#az-and-dvs-switches widget details
+AAI.model-version-id.az-and-dvs-switches=b2dea88d-78a0-49bf-95c9-5819df08e966
+AAI.model-invariant-id.az-and-dvs-switches=53dc00d4-e6d9-48ec-b6cc-3d3797e9b896
+#class-of-service widget details
+AAI.model-version-id.class-of-service=d2fb27cc-15eb-4c4e-828e-71d41aaecc5b
+AAI.model-invariant-id.class-of-service=18094b19-d16d-4822-8acf-e92c6aefa178
+#cloud-region widget details
+AAI.model-version-id.cloud-region=2a160989-b202-47dd-874b-4a0f275998f7
+AAI.model-invariant-id.cloud-region=425b2158-e51d-4509-9945-dad4556474a3
+#complex widget details
+AAI.model-invariant-id.complex=af91c2f7-35fc-43cf-a13d-443f385b2353
+AAI.model-version-id.complex=3a8ab1ee-9220-4fe8-b89c-9251d160ddc2
+#configuration widget details
+AAI.model-invariant-id.configuration=166c050d-f69d-4305-943e-0bc58c3a26cf
+AAI.model-version-id.configuration=5a175add-57e4-4a5d-8b02-c36f1d69c52b
+#connector widget details
+AAI.model-version-id.connector=22104c9f-29fd-462f-be07-96cd6b46dd33
+AAI.model-invariant-id.connector=4c01c948-7607-4d66-8a6c-99c2c2717936
+#constrained-element-set widget details
+AAI.model-invariant-id.constrained-element-set=c0292b4f-ee97-40cc-8c2e-f967c48f5701
+AAI.model-version-id.constrained-element-set=01102126-9c04-4a89-945b-b131e61e95d7
+#ctag-assignment widget details
+AAI.model-version-id.ctag-assignment=44e5cb1f-0938-41aa-b766-d4595109fe89
+AAI.model-invariant-id.ctag-assignment=fcb8d46b-b656-4ad6-8fa4-22cef74b443f
+#ctag-pool widget details
+AAI.model-invariant-id.ctag-pool=46c51d4e-d67e-4a9c-b1f5-49b1e9c6fcaa
+AAI.model-version-id.ctag-pool=2056c41f-23b9-4de7-9f50-819adad37d76
+#customer widget details
+AAI.model-invariant-id.customer=c1d4305f-cdbd-4bbe-9069-a2f4978fd89e
+AAI.model-version-id.customer=d4df5c27-98a1-4812-a8aa-c17f055b7a3f
+#cvlan-tag-entry widget details
+AAI.model-version-id.cvlan-tag-entry=c3878ffb-8d85-4114-bee6-e4074a9db10b
+AAI.model-invariant-id.cvlan-tag-entry=245cf4b0-7cc5-4eea-bbd9-753e939adcab
+#dvs-switch widget details
+AAI.model-invariant-id.dvs-switch=98fbb471-1f86-428e-bd8a-c8a25de6fa23
+AAI.model-version-id.dvs-switch=4cb44ae8-e3ab-452a-9f95-bcc8a44c55ea
+#edge-prop-names widget details
+AAI.model-invariant-id.edge-prop-names=7a08cad4-8759-46a5-8245-095d1ba57ac6
+AAI.model-version-id.edge-prop-names=f0442326-8201-4d0e-857c-74b4ddcbfc9f
+#element-choice-set widget details
+AAI.model-invariant-id.element-choice-set=9a011958-7165-47a3-b872-00951d1f09ae
+AAI.model-version-id.element-choice-set=af27fbfd-598d-44da-aeae-0f9d3a5fcd6a
+#entitlement widget details
+AAI.model-version-id.entitlement=7e27ba2e-b7db-4e13-9fae-d142152ef98a
+AAI.model-invariant-id.entitlement=ae75b5a0-d5e1-4f3a-b8fb-37626a753da3
+#flavor widget details
+AAI.model-invariant-id.flavor=bace8d1c-a261-4041-9e37-823117415d0f
+AAI.model-version-id.flavor=36200fb5-f251-4f5d-a520-7c5ad5c2cd4b
+#generic-vnf widget details
+AAI.model-version-id.generic-vnf=93a6166f-b3d5-4f06-b4ba-aed48d009ad9
+AAI.model-invariant-id.generic-vnf=acc6edd8-a8d4-4b93-afaa-0994068be14c
+#group-assignment widget details
+AAI.model-invariant-id.group-assignment=7cc05f25-7ba2-42b7-a237-c5662a1689e1
+AAI.model-version-id.group-assignment=fe578080-ce19-4604-8760-fc264fbb2565
+#image widget details
+AAI.model-version-id.image=f6a038c2-820c-42ba-8c2b-375e24e8f932
+AAI.model-invariant-id.image=3f4c7204-739b-4bbb-87a7-8a6856439c90
+#include-node-filter widget details
+AAI.model-invariant-id.include-node-filter=2a2d8ad2-af0a-4e1f-9982-0c899e7dc827
+AAI.model-version-id.include-node-filter=f05f804d-7057-4ffe-bdc5-39f2f0c9c9fd
+#instance-group widget details
+AAI.model-version-id.instance-group=8e6ee9dc-9017-444a-83b3-219edb018128
+AAI.model-invariant-id.instance-group=3bf1e610-45f7-4ad6-b833-ca4c5ee6a3fd
+#inventory-item widget details
+AAI.model-invariant-id.inventory-item=cd57d844-9017-4078-aa19-926935a3d77c
+AAI.model-version-id.inventory-item=69957f4a-2155-4b95-8d72-d6dd9b88b27b
+#inventory-item-data widget details
+AAI.model-version-id.inventory-item-data=0e54bb87-bd6e-4a2b-ad1c-6d935b87ae51
+AAI.model-invariant-id.inventory-item-data=87a383ae-cf03-432e-a9de-04e6a622d0fd
+#ipsec-configuration widget details
+AAI.model-invariant-id.ipsec-configuration=aca4c310-cb45-42bd-9f88-73e40ba7b962
+AAI.model-version-id.ipsec-configuration=d949fd10-36bf-408a-ac7a-cad5004d2e0d
+#key-data widget details
+AAI.model-version-id.key-data=c23ea04d-1a3b-453d-bc49-a6c783a5e92b
+AAI.model-invariant-id.key-data=f5faa464-c2f2-4cc3-89d2-a90452dc3a07
+#l3-interface-ipv4-address-list widget details
+AAI.model-version-id.l3-interface-ipv4-address-list=41e76b6f-1e06-4fd4-82cd-81c50fc4574b
+AAI.model-invariant-id.l3-interface-ipv4-address-list=aad85df2-09be-40fa-b867-16415e4e10e2
+#l3-interface-ipv6-address-list widget details
+AAI.model-invariant-id.l3-interface-ipv6-address-list=82966045-43ee-4982-8307-7e9610866140
+AAI.model-version-id.l3-interface-ipv6-address-list=d040621d-541a-477b-bb1b-a2b61b14e295
+#l3-network widget details
+AAI.model-version-id.l3-network=9111f20f-e680-4001-b83f-19a2fc23bfc1
+AAI.model-invariant-id.l3-network=3d560d81-57d0-438b-a2a1-5334dba0651a
+#lag-interface widget details
+AAI.model-version-id.lag-interface=ce95f7c3-b61b-4758-ae9e-7e943b1c103d
+AAI.model-invariant-id.lag-interface=e0ee9bde-c1fc-4651-a95d-8e0597bf7d70
+#lag-link widget details
+AAI.model-version-id.lag-link=d29a087a-af59-4053-a3f8-0f95a92faa75
+AAI.model-invariant-id.lag-link=86ffe6e5-4d0e-4cec-80b5-5c38aa3eff98
+#license widget details
+AAI.model-invariant-id.license=b9a9b337-1f86-42d3-b9f9-f987a089507c
+AAI.model-version-id.license=6889274b-a1dc-40ab-9090-93677e13e2e6
+#license-key-resource widget details
+AAI.model-invariant-id.license-key-resource=9022ebfe-b54f-4911-a6b2-8c3f5ec189b7
+AAI.model-version-id.license-key-resource=24b25f8c-b8bd-4c62-9421-87c12667aac9
+#l-interface widget details
+AAI.model-version-id.l-interface=a32613fd-18b9-459e-aab8-fffb3912966a
+AAI.model-invariant-id.l-interface=cea0a982-8d55-4093-921e-418fbccf7060
+#logical-link widget details
+AAI.model-version-id.logical-link=a1481a38-f8ba-4ae4-bdf1-06c2c6af4c54
+AAI.model-invariant-id.logical-link=fe012535-2c31-4a39-a739-612374c638a0
+#metadatum widget details
+AAI.model-invariant-id.metadatum=86dbb63a-265e-4614-993f-6771c30b56a5
+AAI.model-version-id.metadatum=6bae950e-8939-41d3-a6a7-251b03e4c1fc
+#model widget details
+AAI.model-invariant-id.model=06d1418a-5faa-452d-a94b-a2829df5f67b
+AAI.model-version-id.model=1f51c05c-b164-4c27-9c03-5cbb239fd6be
+#model-constraint widget details
+AAI.model-invariant-id.model-constraint=c28966f3-e758-4483-b37b-a90b05d3dd33
+AAI.model-version-id.model-constraint=ad70dd19-f156-4fb5-a865-97b5563b0d37
+#model-element widget details
+AAI.model-invariant-id.model-element=2076e726-3577-477a-a300-7fa65cd4df11
+AAI.model-version-id.model-element=753e813a-ba9e-4a1d-ab34-b2f6dc6eec0c
+#multicast-configuration widget details
+AAI.model-invariant-id.multicast-configuration=ea78c9e3-514d-4a0a-9162-13837fa54c35
+AAI.model-version-id.multicast-configuration=666a06ee-4b57-46df-bacf-908da8f10c3f
+#named-query widget details
+AAI.model-version-id.named-query=5c3b7c33-afa3-4be5-8da7-1a5ac6f99896
+AAI.model-invariant-id.named-query=80b712fd-0ad3-4180-a99c-8c995cf1cc32
+#named-query-element widget details
+AAI.model-version-id.named-query-element=204c641a-3494-48c8-979a-86856f5fd32a
+AAI.model-invariant-id.named-query-element=3c504d40-b847-424c-9d25-4fb7e0a3e994
+#network-policy widget details
+AAI.model-invariant-id.network-policy=6aa05779-94d7-4d8b-9bee-59ef2ab0c246
+AAI.model-version-id.network-policy=a0ccd9dc-7062-4940-9bcc-e91dd28af510
+#network-profile widget details
+AAI.model-version-id.network-profile=01f45471-4240-498c-a9e1-235dc0b8b4a6
+AAI.model-invariant-id.network-profile=2734b44a-b8a2-40f6-957d-6256589e5d00
+#newvce widget details
+AAI.model-version-id.newvce=7c79e11f-a408-4593-aa86-ba948a1236af
+AAI.model-invariant-id.newvce=4b05ec9c-c55d-4987-83ff-e08d6ddb694f
+#oam-network widget details
+AAI.model-invariant-id.oam-network=2851cf01-9c40-4064-87d4-6184a6fcff35
+AAI.model-version-id.oam-network=f4fb34f3-fd6e-4a8f-a3fb-4ab61a343b79
+#physical-link widget details
+AAI.model-invariant-id.physical-link=c822d81f-822f-4304-9623-1025b53da568
+AAI.model-version-id.physical-link=9c523936-95b4-4d7f-9f53-6bdfe0cf2c05
+#p-interface widget details
+AAI.model-invariant-id.p-interface=94043c37-4e73-439c-a790-0fdd697924cd
+AAI.model-version-id.p-interface=d2cdb2d0-fc1f-4a57-a89e-591b1c4e3754
+#pnf widget details
+AAI.model-version-id.pnf=e9f1fa7d-c839-418a-9601-03dc0d2ad687
+AAI.model-invariant-id.pnf=862b25a1-262a-4961-bdaa-cdc55d69785a
+#port-group widget details
+AAI.model-version-id.port-group=03e8bb6b-b48a-46ae-b5d4-e5af577e6844
+AAI.model-invariant-id.port-group=8ce940fb-55d7-4230-9e7f-a56cc2741f77
+#property-constraint widget details
+AAI.model-version-id.property-constraint=81706bbd-981e-4362-ae20-995cbcb2d995
+AAI.model-invariant-id.property-constraint=f4a863c3-6886-470a-a6ae-05723837ea45
+#pserver widget details
+AAI.model-invariant-id.pserver=6d932c8f-463b-4e76-83fb-87acfbaa2e2d
+AAI.model-version-id.pserver=72f0d495-bc27-4653-9e1a-eef76bd34bc9
+#related-lookup widget details
+AAI.model-invariant-id.related-lookup=468f6f5b-2996-41bb-b2a3-7cf9613ebb9b
+AAI.model-version-id.related-lookup=0988bab5-bf4f-4938-a419-ab249867d12a
+#reserved-prop-names widget details
+AAI.model-invariant-id.reserved-prop-names=0c3e0ba3-618c-498d-9127-c8d42b00170f
+AAI.model-version-id.reserved-prop-names=ac49d26d-9163-430e-934a-13b738a04f5c
+#result-data widget details
+AAI.model-version-id.result-data=4e9b50aa-5227-4f6f-b489-62e6bbc03c79
+AAI.model-invariant-id.result-data=ff656f23-6185-406f-9006-4b26834f3e1c
+#route-table-reference widget details
+AAI.model-version-id.route-table-reference=fed7e326-03a7-45ff-a3f2-471470d268c4
+AAI.model-invariant-id.route-table-reference=a8614b63-2636-4c4f-98df-fd448c4241db
+#routing-instance widget details
+AAI.model-invariant-id.routing-instance=1c2ded4f-8b01-4193-829c-966847dfec3e
+AAI.model-version-id.routing-instance=3ccbcbc7-d19e-44d5-a52f-7e18aa8d69fa
+#secondary-filter widget details
+AAI.model-version-id.secondary-filter=1380619d-dd1a-4cec-b755-c6407833e065
+AAI.model-invariant-id.secondary-filter=738ff299-6290-4c00-8998-bd0e96a07b93
+#segmentation-assignment widget details
+AAI.model-invariant-id.segmentation-assignment=6e814aee-46e1-4583-a9d4-0049bfd2b59b
+AAI.model-version-id.segmentation-assignment=c5171ae0-44fb-4c04-b482-d56702241a44
+#service widget details
+AAI.model-version-id.service=ecce2c42-3957-4ae0-9442-54bc6afe27b6
+AAI.model-invariant-id.service=07a3a60b-1b6c-4367-8173-8014386f89e3
+#service-capability widget details
+AAI.model-invariant-id.service-capability=b1a7cc05-d19d-443b-a5d1-733e325c4232
+AAI.model-version-id.service-capability=f9cfec1b-18da-4bba-bd83-4b26cca115cd
+#service-instance widget details
+AAI.model-invariant-id.service-instance=82194af1-3c2c-485a-8f44-420e22a9eaa4
+AAI.model-version-id.service-instance=46b92144-923a-4d20-b85a-3cbd847668a9
+#service-subscription widget details
+AAI.model-invariant-id.service-subscription=2e1a602a-acd8-4f78-94ff-618b802a303b
+AAI.model-version-id.service-subscription=5e68299a-79f2-4bfb-8fbc-2bae877a2459
+#site-pair widget details
+AAI.model-version-id.site-pair=7106bc02-6552-4fc3-8a56-4f3df9034531
+AAI.model-invariant-id.site-pair=db63f3e6-f8d1-484e-8d5e-191600b7914b
+#site-pair-set widget details
+AAI.model-invariant-id.site-pair-set=5d4dae3e-b402-4bfd-909e-ece12ff75d26
+AAI.model-version-id.site-pair-set=a5c6c1bc-dc38-468e-9459-bb08f87247df
+#snapshot widget details
+AAI.model-version-id.snapshot=962a7c8b-687f-4d32-a775-fe098e214bcd
+AAI.model-invariant-id.snapshot=24de00ef-aead-4b52-995b-0adf8d4bd90d
+#sriov-vf widget details
+AAI.model-version-id.sriov-vf=1e8b331f-3d4a-4160-b7aa-f4d5a8916625
+AAI.model-invariant-id.sriov-vf=04b2935f-33c4-40a9-8af0-8b52690042dc
+#start-node-filter widget details
+AAI.model-version-id.start-node-filter=aad96fd3-e75f-42fc-9777-3450c36f1168
+AAI.model-invariant-id.start-node-filter=083093a3-e407-447a-ba5d-7583e4d23e1d
+#subnet widget details
+AAI.model-version-id.subnet=f902a6bc-6be4-4fe5-8458-a6ec0056b374
+AAI.model-invariant-id.subnet=1b2c9ba7-e449-4831-ba15-3073672f5ef2
+#tagged-inventory-item-list widget details
+AAI.model-invariant-id.tagged-inventory-item-list=e78a7eaa-f65d-4919-9c2b-5b258c8c4d7e
+AAI.model-version-id.tagged-inventory-item-list=c246f6e2-e3a1-4697-94c0-5672a7fbbf04
+#tenant widget details
+AAI.model-invariant-id.tenant=97c26c99-6870-44c1-8a07-1d900d3f4ce6
+AAI.model-version-id.tenant=abcc54bc-bb74-49dc-9043-7f7171707545
+#tunnel-xconnect widget details
+AAI.model-invariant-id.tunnel-xconnect=50b9e2fa-005c-4bbe-b651-3251dece4cd8
+AAI.model-version-id.tunnel-xconnect=e7cb4ca8-e1a5-4487-a716-4ae0bcd8aef5
+#update-node-key widget details
+AAI.model-version-id.update-node-key=6004cfa6-eb6d-4062-971f-b1fde6b74aa0
+AAI.model-invariant-id.update-node-key=fe81c801-f65d-408a-b2b7-a729a18f8154
+#vce widget details
+AAI.model-version-id.vce=b6cf54b5-ec45-43e1-be64-97b4e1513333
+AAI.model-invariant-id.vce=bab6dceb-e7e6-4301-a5e0-a7399b48d792
+#vf-module widget details
+AAI.model-invariant-id.vf-module=ef86f9c5-2165-44f3-8fc3-96018b609ea5
+AAI.model-version-id.vf-module=c00563ae-812b-4e62-8330-7c4d0f47088a
+#vig-server widget details
+AAI.model-version-id.vig-server=8e8c22f1-fbdf-48ea-844c-8bdeb44e7b16
+AAI.model-invariant-id.vig-server=bed7c3b7-35d0-4cd9-abde-41b20e68b28e
+#virtual-data-center widget details
+AAI.model-invariant-id.virtual-data-center=5150abcf-0c5f-4593-9afe-a19c48fc4824
+AAI.model-version-id.virtual-data-center=6dd43ced-d789-47af-a759-d3abc14e3ac1
+#vlan widget details
+AAI.model-version-id.vlan=257d88a5-a269-4c35-944f-aca04fbdb791
+AAI.model-invariant-id.vlan=d2b1eaf1-ae59-4116-9ee4-aa0179faa4f8
+#vnfc widget details
+AAI.model-invariant-id.vnfc=96129eb9-f0de-4e05-8af2-73146473f766
+AAI.model-version-id.vnfc=5761e0a7-c6df-4d8a-9ebd-b8f445054dec
+#vnf-image widget details
+AAI.model-invariant-id.vnf-image=f9a628ff-7aa0-40e2-a93d-02d91c950982
+AAI.model-version-id.vnf-image=c4d3e747-ba4a-4b17-9896-94c6f18c19d3
+#volume widget details
+AAI.model-version-id.volume=0fbe2e8f-4d91-4415-a772-88387049b38d
+AAI.model-invariant-id.volume=ddd739b4-2b25-46c4-affc-41a32af5cc42
+#volume-group widget details
+AAI.model-invariant-id.volume-group=fcec1b02-b2d0-4834-aef8-d71be04717dd
+AAI.model-version-id.volume-group=99d44c90-1f61-4418-b9a6-56586bf38c79
+#vpe widget details
+AAI.model-invariant-id.vpe=053ec3a7-5b72-492d-b54d-123805a9b967
+AAI.model-version-id.vpe=203817d3-829c-42d4-942d-2a935478e993
+#vpls-pe widget details
+AAI.model-version-id.vpls-pe=b1566228-6785-4ce1-aea2-053736f80341
+AAI.model-invariant-id.vpls-pe=457ba89b-334c-4fbd-acc4-160ac0e0cdc0
+#vpn-binding widget details
+AAI.model-invariant-id.vpn-binding=9e23b675-db2b-488b-b459-57aa9857baa0
+AAI.model-version-id.vpn-binding=21a146e5-9901-448c-9197-723076770119
+#vserver widget details
+AAI.model-invariant-id.vserver=ff69d4e0-a8e8-4108-bdb0-dd63217e63c7
+AAI.model-version-id.vserver=8ecb2c5d-7176-4317-a255-26274edfdd53
+#collection resource widget details
+AAI.model-invariant-id.cr=8bac3599-9a1c-4b7f-80e5-c1838f744c23
+AAI.model-version-id.cr=3f908abc-3a15-40d0-b674-2a639e52884d
diff --git a/charts/aai-babel/resources/config/auth/auth_policy.json b/charts/aai-babel/resources/config/auth/auth_policy.json
new file mode 100644
index 0000000..ff33c17
--- /dev/null
+++ b/charts/aai-babel/resources/config/auth/auth_policy.json
@@ -0,0 +1,47 @@
+{"roles": [
+ {
+ "name": "admin",
+ "functions": [
+ {
+ "name": "generateArtifacts",
+ "methods": [{"name": "POST"}]
+ }
+ ],
+ "users": [
+ {"username": "CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA"}
+ ]
+ },
+ {
+ "name": "ops",
+ "functions": [{
+ "name": "actions",
+ "methods": [{"name": "POST"}]
+ }],
+ "users": [
+ {"username": "CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA"}
+ ]
+ },
+ {
+ "name": "readonly",
+ "functions": [
+ {
+ "name": "actions",
+ "methods": [{"name": "GET"}]
+ }
+ ],
+ "users": [
+ {"username": "CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA"}
+ ]
+ },
+ {
+ "name": "basicauth",
+ "functions": [{
+ "name": "util",
+ "methods": [{"name": "GET"}]
+ }],
+ "users": [{
+ "user": "aai",
+ "pass": "OBF:deadbeef"
+ }]
+ }
+]}
diff --git a/charts/aai-babel/resources/config/auth/tomcat_keystore b/charts/aai-babel/resources/config/auth/tomcat_keystore
new file mode 100644
index 0000000..9eec841
--- /dev/null
+++ b/charts/aai-babel/resources/config/auth/tomcat_keystore
Binary files differ
diff --git a/charts/aai-babel/resources/config/babel-auth.properties b/charts/aai-babel/resources/config/babel-auth.properties
new file mode 100644
index 0000000..ef85c23
--- /dev/null
+++ b/charts/aai-babel/resources/config/babel-auth.properties
@@ -0,0 +1,16 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+auth.policy.file=/auth/auth_policy.json
+auth.authentication.disable=true
diff --git a/charts/aai-babel/resources/config/logback.xml b/charts/aai-babel/resources/config/logback.xml
new file mode 100644
index 0000000..878d8c0
--- /dev/null
+++ b/charts/aai-babel/resources/config/logback.xml
@@ -0,0 +1,194 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+-->
+<!DOCTYPE xml>
+<configuration scan="true" scanPeriod="30 seconds" debug="true">
+ <include resource="org/springframework/boot/logging/logback/base.xml" />
+
+ <property name="componentName" value="AAI-BAS" />
+ <property name="logDirectory" value="/var/log/onap/${componentName}" />
+
+ <!-- default EELF log file names -->
+ <property name="generalLogName" value="error" />
+ <property name="metricsLogName" value="metrics" />
+ <property name="auditLogName" value="audit" />
+ <property name="debugLogName" value="debug" />
+
+ <property name="errorLogPattern"
+ value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{RequestId}|%thread|%mdc{ServiceName}|%mdc{PartnerName}|%mdc{TargetEntity}|%mdc{TargetServiceName}|%.-5level|%logger|%mdc{ClassName}|%msg%n" />
+
+ <property name="auditLogPattern"
+ value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{BeginTimestamp}|%mdc{EndTimestamp}|%mdc{RequestId}|%mdc{ServiceInstanceId}|%thread|%mdc{ServerFQDN}|%mdc{ServiceName}|%mdc{PartnerName}|%mdc{StatusCode}|%mdc{ResponseCode}|%mdc{ResponseDescription}|%logger|%.-5level|||%mdc{ElapsedTime}|%mdc{RemoteHost}|%mdc{ClientAddress}|%mdc{ClassName}|||%msg%n" />
+
+ <property name="metricsLogPattern"
+ value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{BeginTimestamp}|%mdc{EndTimestamp}|%mdc{RequestId}|%mdc{ServiceInstanceId}|%thread|%mdc{ServerFQDN}|%mdc{ServiceName}|%mdc{PartnerName}|%mdc{TargetEntity}|%mdc{TargetServiceName}|%mdc{StatusCode}|%mdc{ResponseCode}|%mdc{ResponseDescription}|%logger|%.-5level|||%mdc{ElapsedTime}|%mdc{RemoteHost}|%mdc{ClientAddress}|%mdc{ClassName}|||%msg%n" />
+
+ <!-- ============================================================================ -->
+ <!-- EELF Appenders -->
+ <!-- ============================================================================ -->
+
+ <appender name="EELF"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${generalLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip
+ </fileNamePattern>
+ <maxHistory>60</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${errorLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender">
+ <!-- deny all events with a level below INFO, that is TRACE and DEBUG -->
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>INFO</level>
+ </filter>
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELF" />
+ </appender>
+
+ <!-- EELF Audit Appender. This appender is used to record audit engine related logging events. The audit logger and appender
+ are specializations of the EELF application root logger and appender. This can be used to segregate Policy engine events
+ from other components, or it can be eliminated to record these events as part of the application root log. -->
+
+ <appender name="EELFAudit"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${auditLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip
+ </fileNamePattern>
+ <maxHistory>60</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${auditLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFAudit" />
+ </appender>
+
+ <appender name="EELFMetrics"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${metricsLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip
+ </fileNamePattern>
+ <maxHistory>60</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${metricsLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFMetrics" />
+ </appender>
+
+ <appender name="EELFDebug"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>
+ ${logDirectory}/${debugLogName}.log
+ </file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip
+ </fileNamePattern>
+ <maxHistory>60</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${errorLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender">
+ <!-- allow only events with a level below INFO, that is TRACE and DEBUG -->
+ <filter class="ch.qos.logback.core.filter.EvaluatorFilter">
+ <evaluator class="ch.qos.logback.classic.boolex.GEventEvaluator">
+ <expression>
+ e.level.toInt() &lt; INFO.toInt()
+ </expression>
+ </evaluator>
+ <OnMismatch>DENY</OnMismatch>
+ <OnMatch>NEUTRAL</OnMatch>
+ </filter>
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFDebug" />
+ <includeCallerData>false</includeCallerData>
+ </appender>
+
+ <!-- ============================================================================ -->
+ <!-- Default / root appenders -->
+ <!-- This determines the logging level for 3rd party code -->
+ <!-- ============================================================================ -->
+
+ <root level="INFO">
+ <appender-ref ref="asyncEELF" />
+ <appender-ref ref="asyncEELFDebug" />
+</root>
+
+ <!-- ============================================================================ -->
+ <!-- EELF loggers -->
+ <!-- ============================================================================ -->
+
+ <logger name="com.att.eelf" level="INFO" additivity="false">
+ <appender-ref ref="asyncEELF" />
+</logger>
+
+ <!-- The level of this logger determines the contents of the debug log -->
+ <logger name="com.att.eelf.debug" level="INFO" additivity="false">
+ <appender-ref ref="asyncEELFDebug" />
+</logger>
+
+ <logger name="com.att.eelf.audit" level="INFO" additivity="false">
+ <appender-ref ref="asyncEELFAudit" />
+</logger>
+
+ <logger name="com.att.eelf.metrics" level="INFO" additivity="false">
+ <appender-ref ref="asyncEELFMetrics" />
+</logger>
+
+ <!-- ============================================================================ -->
+ <!-- Non-EELF loggers -->
+ <!-- ============================================================================ -->
+
+ <!-- ATT packages including DMAAP message routing -->
+ <logger name="com.att" level="INFO" />
+
+ <!-- Spring related loggers -->
+ <logger name="org.springframework" level="WARN" />
+ <logger name="org.springframework.beans" level="WARN" />
+ <logger name="org.springframework.web" level="WARN" />
+
+ <!-- Other Loggers that may help troubleshoot -->
+ <logger name="org.apache" level="WARN" />
+ <logger name="org.apache.commons" level="WARN" />
+
+ <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging. May aid in troubleshooting) -->
+ <logger name="org.apache.camel" level="WARN" />
+ <logger name="org.apache.cxf" level="WARN" />
+ <logger name="org.apache.camel.processor.interceptor" level="WARN" />
+ <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" />
+ <logger name="org.apache.cxf.service" level="WARN" />
+ <logger name="org.restlet" level="WARN" />
+ <logger name="org.apache.camel.component.restlet" level="WARN" />
+
+ <!-- logback internals logging -->
+ <logger name="ch.qos.logback.classic" level="WARN" />
+ <logger name="ch.qos.logback.core" level="WARN" />
+
+</configuration>
diff --git a/charts/aai-babel/resources/config/tosca-mappings.json b/charts/aai-babel/resources/config/tosca-mappings.json
new file mode 100644
index 0000000..a6fe82f
--- /dev/null
+++ b/charts/aai-babel/resources/config/tosca-mappings.json
@@ -0,0 +1,181 @@
+{
+ "instanceGroupTypes": [
+ "org.openecomp.groups.NetworkCollection",
+ "org.openecomp.groups.VfcInstanceGroup",
+ "org.openecomp.groups.ResourceInstanceGroup"
+ ],
+ "widgetTypes": [
+ {
+ "type": "SERVICE",
+ "name": "service-instance",
+ "deleteFlag": true,
+ "modelVersionId": "46b92144-923a-4d20-b85a-3cbd847668a9",
+ "modelInvariantId": "82194af1-3c2c-485a-8f44-420e22a9eaa4"
+ },
+ {
+ "type": "VF",
+ "name": "generic-vnf",
+ "deleteFlag": true,
+ "modelVersionId": "93a6166f-b3d5-4f06-b4ba-aed48d009ad9",
+ "modelInvariantId": "acc6edd8-a8d4-4b93-afaa-0994068be14c"
+ },
+ {
+ "type": "VFC",
+ "name": "vnfc",
+ "deleteFlag": true,
+ "modelVersionId": "5761e0a7-c6df-4d8a-9ebd-b8f445054dec",
+ "modelInvariantId": "96129eb9-f0de-4e05-8af2-73146473f766"
+ },
+ {
+ "type": "VSERVER",
+ "name": "vserver",
+ "deleteFlag": true,
+ "modelVersionId": "8ecb2c5d-7176-4317-a255-26274edfdd53",
+ "modelInvariantId": "ff69d4e0-a8e8-4108-bdb0-dd63217e63c7"
+ },
+ {
+ "type": "VOLUME",
+ "name": "volume",
+ "deleteFlag": true,
+ "modelVersionId": "0fbe2e8f-4d91-4415-a772-88387049b38d",
+ "modelInvariantId": "ddd739b4-2b25-46c4-affc-41a32af5cc42"
+ },
+ {
+ "type": "FLAVOR",
+ "name": "flavor",
+ "deleteFlag": false,
+ "modelVersionId": "36200fb5-f251-4f5d-a520-7c5ad5c2cd4b",
+ "modelInvariantId": "bace8d1c-a261-4041-9e37-823117415d0f"
+ },
+ {
+ "type": "TENANT",
+ "name": "tenant",
+ "deleteFlag": false,
+ "modelVersionId": "abcc54bc-bb74-49dc-9043-7f7171707545",
+ "modelInvariantId": "97c26c99-6870-44c1-8a07-1d900d3f4ce6"
+ },
+ {
+ "type": "VOLUME_GROUP",
+ "name": "volume-group",
+ "deleteFlag": true,
+ "modelVersionId": "99d44c90-1f61-4418-b9a6-56586bf38c79",
+ "modelInvariantId": "fcec1b02-b2d0-4834-aef8-d71be04717dd"
+ },
+ {
+ "type": "LINT",
+ "name": "l-interface",
+ "deleteFlag": true,
+ "modelVersionId": "a32613fd-18b9-459e-aab8-fffb3912966a",
+ "modelInvariantId": "cea0a982-8d55-4093-921e-418fbccf7060"
+ },
+ {
+ "type": "L3_NET",
+ "name": "l3-network",
+ "deleteFlag": true,
+ "modelVersionId": "9111f20f-e680-4001-b83f-19a2fc23bfc1",
+ "modelInvariantId": "3d560d81-57d0-438b-a2a1-5334dba0651a"
+ },
+ {
+ "type": "VFMODULE",
+ "name": "vf-module",
+ "deleteFlag": true,
+ "modelVersionId": "c00563ae-812b-4e62-8330-7c4d0f47088a",
+ "modelInvariantId": "ef86f9c5-2165-44f3-8fc3-96018b609ea5"
+ },
+ {
+ "type": "IMAGE",
+ "name": "image",
+ "deleteFlag": false,
+ "modelVersionId": "f6a038c2-820c-42ba-8c2b-375e24e8f932",
+ "modelInvariantId": "3f4c7204-739b-4bbb-87a7-8a6856439c90"
+ },
+ {
+ "type": "OAM_NETWORK",
+ "name": "oam-network",
+ "deleteFlag": true,
+ "modelVersionId": "f4fb34f3-fd6e-4a8f-a3fb-4ab61a343b79",
+ "modelInvariantId": "2851cf01-9c40-4064-87d4-6184a6fcff35"
+ },
+ {
+ "type": "ALLOTTED_RESOURCE",
+ "name": "allotted-resource",
+ "deleteFlag": true,
+ "modelVersionId": "7ad0915f-25c0-4a70-b9bc-185a75f87564",
+ "modelInvariantId": "f6d6a23d-a1a9-48ff-8419-b6530da2d381"
+ },
+ {
+ "type": "TUNNEL_XCONNECT",
+ "name": "tunnel-xconnect",
+ "deleteFlag": true,
+ "modelVersionId": "e7cb4ca8-e1a5-4487-a716-4ae0bcd8aef5",
+ "modelInvariantId": "50b9e2fa-005c-4bbe-b651-3251dece4cd8"
+ },
+ {
+ "type": "CONFIGURATION",
+ "name": "configuration",
+ "deleteFlag": true,
+ "modelVersionId": "5a175add-57e4-4a5d-8b02-c36f1d69c52b",
+ "modelInvariantId": "166c050d-f69d-4305-943e-0bc58c3a26cf"
+ },
+ {
+ "type": "CR",
+ "name": "cr",
+ "deleteFlag": true,
+ "modelVersionId": "3f908abc-3a15-40d0-b674-2a639e52884d",
+ "modelInvariantId": "8bac3599-9a1c-4b7f-80e5-c1838f744c23"
+ },
+ {
+ "type": "INSTANCE_GROUP",
+ "name": "instance-group",
+ "deleteFlag": true,
+ "modelVersionId": "8e6ee9dc-9017-444a-83b3-219edb018128",
+ "modelInvariantId": "3bf1e610-45f7-4ad6-b833-ca4c5ee6a3fd"
+ }
+ ],
+ "widgetMappings": [
+ {
+ "prefix": "org.openecomp.resource.vfc",
+ "type": "widget",
+ "widget": "VSERVER",
+ "deleteFlag": true
+ },
+ {
+ "prefix": "org.openecomp.resource.cp",
+ "type": "widget",
+ "widget": "LINT",
+ "deleteFlag": true
+ },
+ {
+ "prefix": "org.openecomp.cp",
+ "type": "widget",
+ "widget": "LINT",
+ "deleteFlag": true
+ },
+ {
+ "prefix": "org.openecomp.resource.vl",
+ "widget": "L3_NET",
+ "deleteFlag": false
+ },
+ {
+ "prefix": "org.openecomp.resource.vf",
+ "widget": "VF",
+ "deleteFlag": true
+ },
+ {
+ "prefix": "org.openecomp.groups.vfmodule",
+ "widget": "VFMODULE",
+ "deleteFlag": true
+ },
+ {
+ "prefix": "org.openecomp.groups.VfModule",
+ "widget": "VFMODULE",
+ "deleteFlag": true
+ },
+ {
+ "prefix": "org.openecomp.resource.vfc.nodes.heat.cinder",
+ "type": "widget",
+ "widget": "VOLUME",
+ "deleteFlag": true
+ }
+ ]
+}
diff --git a/charts/aai-babel/resources/fproxy/config/auth/client-cert.p12 b/charts/aai-babel/resources/fproxy/config/auth/client-cert.p12
new file mode 100644
index 0000000..dbf4fca
--- /dev/null
+++ b/charts/aai-babel/resources/fproxy/config/auth/client-cert.p12
Binary files differ
diff --git a/charts/aai-babel/resources/fproxy/config/auth/tomcat_keystore b/charts/aai-babel/resources/fproxy/config/auth/tomcat_keystore
new file mode 100644
index 0000000..9eec841
--- /dev/null
+++ b/charts/aai-babel/resources/fproxy/config/auth/tomcat_keystore
Binary files differ
diff --git a/charts/aai-babel/resources/fproxy/config/fproxy.properties b/charts/aai-babel/resources/fproxy/config/fproxy.properties
new file mode 100644
index 0000000..f512fb7
--- /dev/null
+++ b/charts/aai-babel/resources/fproxy/config/fproxy.properties
@@ -0,0 +1,2 @@
+credential.cache.timeout.ms=180000
+transactionid.header.name=X-TransactionId \ No newline at end of file
diff --git a/charts/aai-babel/resources/fproxy/config/logback-spring.xml b/charts/aai-babel/resources/fproxy/config/logback-spring.xml
new file mode 100644
index 0000000..0637cfb
--- /dev/null
+++ b/charts/aai-babel/resources/fproxy/config/logback-spring.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+
+ <property name="LOGS" value="./logs/AAF-FPS" />
+ <property name="FILEPREFIX" value="application" />
+
+ <appender name="Console"
+ class="ch.qos.logback.core.ConsoleAppender">
+ <layout class="ch.qos.logback.classic.PatternLayout">
+ <Pattern>
+ %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable
+ </Pattern>
+ </layout>
+ </appender>
+
+ <appender name="RollingFile"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${LOGS}/${FILEPREFIX}.log</file>
+ <encoder
+ class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+ <Pattern>%d %p %C{1.} [%t] %m%n</Pattern>
+ </encoder>
+
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- rollover daily and when the file reaches 10 MegaBytes -->
+ <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log
+ </fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>10MB</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ </rollingPolicy>
+ </appender>
+
+ <!-- LOG everything at INFO level -->
+ <root level="info">
+ <appender-ref ref="RollingFile" />
+ <appender-ref ref="Console" />
+ </root>
+
+ <!-- LOG "com.baeldung*" at TRACE level -->
+ <logger name="org.onap.aaf.fproxy" level="info" />
+
+</configuration> \ No newline at end of file
diff --git a/charts/aai-babel/resources/fproxy/config/readme.txt b/charts/aai-babel/resources/fproxy/config/readme.txt
new file mode 100644
index 0000000..79cf29e
--- /dev/null
+++ b/charts/aai-babel/resources/fproxy/config/readme.txt
@@ -0,0 +1 @@
+Relevant configuration files need to be copied here to successfully run this service locally. \ No newline at end of file
diff --git a/charts/aai-babel/resources/rproxy/config/auth/client-cert.p12 b/charts/aai-babel/resources/rproxy/config/auth/client-cert.p12
new file mode 100644
index 0000000..dbf4fca
--- /dev/null
+++ b/charts/aai-babel/resources/rproxy/config/auth/client-cert.p12
Binary files differ
diff --git a/charts/aai-babel/resources/rproxy/config/auth/tomcat_keystore b/charts/aai-babel/resources/rproxy/config/auth/tomcat_keystore
new file mode 100644
index 0000000..99129c1
--- /dev/null
+++ b/charts/aai-babel/resources/rproxy/config/auth/tomcat_keystore
Binary files differ
diff --git a/charts/aai-babel/resources/rproxy/config/auth/uri-authorization.json b/charts/aai-babel/resources/rproxy/config/auth/uri-authorization.json
new file mode 100644
index 0000000..acc9409
--- /dev/null
+++ b/charts/aai-babel/resources/rproxy/config/auth/uri-authorization.json
@@ -0,0 +1,93 @@
+[
+ {
+ "uri": "\/not\/allowed\/at\/all$",
+ "permissions": [
+ "test.auth.access.ifYouLikedItYouShouldHavePutAPermissionOnIt"
+ ]
+ },
+ {
+ "uri": "\/one\/auth\/required$",
+ "permissions": [
+ "test.auth.access.aSimpleSingleAuth"
+ ]
+ },
+ {
+ "uri": "\/multi\/auth\/required$",
+ "permissions": [
+ "test.auth.access.aMultipleAuth1",
+ "test.auth.access.aMultipleAuth2",
+ "test.auth.access.aMultipleAuth3"
+ ]
+ },
+ {
+ "uri": "\/one\/[^\/]+\/required$",
+ "permissions": [
+ "test.auth.access.aSimpleSingleAuth"
+ ]
+ },
+ {
+ "uri": "\/services\/getAAFRequest$",
+ "permissions": [
+ "test.auth.access|services|GET,PUT"
+ ]
+ },
+ {
+ "uri": "\/admin\/getAAFRequest$",
+ "permissions": [
+ "test.auth.access|admin|GET,PUT,POST"
+ ]
+ },
+ {
+ "uri": "\/service\/aai\/webapp\/index.html$",
+ "permissions": [
+ "test.auth.access|services|GET,PUT"
+ ]
+ },
+ {
+ "uri": "\/services\/aai\/webapp\/index.html$",
+ "permissions": [
+ "test.auth.access|services|GET,PUT"
+ ]
+ },
+ {
+ "uri": "\/$",
+ "permissions": [
+ "\\|services\\|GET",
+ "test\\.auth\\.access\\|services\\|GET,PUT"
+ ]
+ },
+ {
+ "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions$",
+ "permissions": [
+ "test\\.auth\\.access\\|rest\\|read"
+ ]
+ },
+ {
+ "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+$*",
+ "permissions": [
+ "test.auth.access|clouds|read",
+ "test.auth.access|tenants|read"
+ ]
+ },
+ {
+ "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+\/tenants/tenant/[^\/]+/vservers/vserver/[^\/]+$",
+ "permissions": [
+ "test.auth.access|clouds|read",
+ "test.auth.access|tenants|read",
+ "test.auth.access|vservers|read"
+ ]
+ },
+ {
+ "uri": "\/backend$",
+ "permissions": [
+ "test\\.auth\\.access\\|services\\|GET,PUT",
+ "\\|services\\|GET"
+ ]
+ },
+ {
+ "uri": "\/services\/babel-service\/.*",
+ "permissions": [
+ "org\\.access\\|\\*\\|\\*"
+ ]
+ }
+]
diff --git a/charts/aai-babel/resources/rproxy/config/cadi.properties b/charts/aai-babel/resources/rproxy/config/cadi.properties
new file mode 100644
index 0000000..a82e38c
--- /dev/null
+++ b/charts/aai-babel/resources/rproxy/config/cadi.properties
@@ -0,0 +1,25 @@
+# This is a normal Java Properties File
+# Comments are with Pound Signs at beginning of lines,
+# and multi-line expression of properties can be obtained by backslash at end of line
+
+#hostname is used for local testing where you may have to set your hostname to **.att.com or **.sbc.com. The example given below
+#will allow for an ATT cross domain cookie to be used for GLO. If you are running on Windows corp machine, your machine name
+#may be used automatically by cadi. However, if it is not, you will need to use hostname=mywebserver.att.com and add mywebserver.att.com
+#to your hosts file on your machine.
+#hostname=test.aic.cip.att.com
+
+cadi_loglevel=DEBUG
+cadi_keyfile=/opt/app/rproxy/config/security/keyfile
+
+cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore
+cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+
+# Configure AAF
+aaf_url=https://{{.Values.global.aaf.serverHostname}}:{{.Values.global.aaf.serverPort}}
+aaf_env=DEV
+
+aaf_id=demo@people.osaaf.org
+aaf_password=enc:92w4px0y_rrm265LXLpw58QnNPgDXykyA1YTrflbAKz
+
+# This is a colon separated list of client cert issuers
+cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA
diff --git a/charts/aai-babel/resources/rproxy/config/forward-proxy.properties b/charts/aai-babel/resources/rproxy/config/forward-proxy.properties
new file mode 100644
index 0000000..1b58d42
--- /dev/null
+++ b/charts/aai-babel/resources/rproxy/config/forward-proxy.properties
@@ -0,0 +1,4 @@
+forward-proxy.protocol = https
+forward-proxy.host = localhost
+forward-proxy.port = 10680
+forward-proxy.cacheurl = /credential-cache \ No newline at end of file
diff --git a/charts/aai-babel/resources/rproxy/config/logback-spring.xml b/charts/aai-babel/resources/rproxy/config/logback-spring.xml
new file mode 100644
index 0000000..2cd95d4
--- /dev/null
+++ b/charts/aai-babel/resources/rproxy/config/logback-spring.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+
+ <property name="LOGS" value="./logs/reverse-proxy" />
+ <property name="FILEPREFIX" value="application" />
+
+ <appender name="Console"
+ class="ch.qos.logback.core.ConsoleAppender">
+ <layout class="ch.qos.logback.classic.PatternLayout">
+ <Pattern>
+ %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable
+ </Pattern>
+ </layout>
+ </appender>
+
+ <appender name="RollingFile"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${LOGS}/${FILEPREFIX}.log</file>
+ <encoder
+ class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+ <Pattern>%d %p %C{1.} [%t] %m%n</Pattern>
+ </encoder>
+
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- rollover daily and when the file reaches 10 MegaBytes -->
+ <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log
+ </fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>10MB</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ </rollingPolicy>
+ </appender>
+
+ <!-- LOG everything at INFO level -->
+ <root level="info">
+ <appender-ref ref="RollingFile" />
+ <appender-ref ref="Console" />
+ </root>
+
+ <!-- LOG "com.baeldung*" at TRACE level -->
+ <logger name="org.onap.aaf.rproxy" level="info" />
+
+</configuration>
diff --git a/charts/aai-babel/resources/rproxy/config/primary-service.properties b/charts/aai-babel/resources/rproxy/config/primary-service.properties
new file mode 100644
index 0000000..7055bf5
--- /dev/null
+++ b/charts/aai-babel/resources/rproxy/config/primary-service.properties
@@ -0,0 +1,3 @@
+primary-service.protocol = https
+primary-service.host = localhost
+primary-service.port = 9516
diff --git a/charts/aai-babel/resources/rproxy/config/readme.txt b/charts/aai-babel/resources/rproxy/config/readme.txt
new file mode 100644
index 0000000..79cf29e
--- /dev/null
+++ b/charts/aai-babel/resources/rproxy/config/readme.txt
@@ -0,0 +1 @@
+Relevant configuration files need to be copied here to successfully run this service locally. \ No newline at end of file
diff --git a/charts/aai-babel/resources/rproxy/config/reverse-proxy.properties b/charts/aai-babel/resources/rproxy/config/reverse-proxy.properties
new file mode 100644
index 0000000..8d46e1f
--- /dev/null
+++ b/charts/aai-babel/resources/rproxy/config/reverse-proxy.properties
@@ -0,0 +1 @@
+transactionid.header.name=X-TransactionId \ No newline at end of file
diff --git a/charts/aai-babel/resources/rproxy/config/security/keyfile b/charts/aai-babel/resources/rproxy/config/security/keyfile
new file mode 100644
index 0000000..6cd12fc
--- /dev/null
+++ b/charts/aai-babel/resources/rproxy/config/security/keyfile
@@ -0,0 +1,27 @@
+bZNOXiGDJ2_eiKBKWYLIFx27URvb-SWfmOl2d-QKetcVKIupOrsG-ScS_VXOtKN3Yxfb2cR6t7oM
+1RNpDnhsKAxDLM6A62IkS_h_Rp3Q9c2JeyomVmyiuHR7a2ARbelaMrX8WDrxXI_t9ce4pIHDVE29
+xiQm3Bdp7d7IiKkgg-ipvOU7Y6NEzeQbvHlHvRTJ3ZZMSwHxBOA5M8DhKN-AF1sqwozEVaNAuJxK
+BVdh72A6KTW7ieb_GvVQQp8h32BuOz8oJhZV7KaGXsWTEvXg9ImboY0h7Sl9hufgn1ZtDK1jxzGm
+6O6LBg1qezzZaFGTXRmHvaeYmEeYSu0bGsU4x-JCU0RyhNTzFhkhjNoccaqPXBdcJymLf096mD99
+QLS8nyji_KtLQJL1fqr500c8p6SOURLPgG6Gzkn4ghgFYlfgve92xs1R3ggHKhNTLV4HJ4O6iSDm
+zCoHeRbsZR1JER9yxT-v8NtcHOMAZe1oDQeY6jVyxb-bhaonN6eZPI4nyF6MHJQtWKhGARC_kOs6
+x9E0ZdAEp5TrX7F7J5PwkXzbCOuSiTVftOBum43iUB4q9He8tn2tJ0X4LtLHT3bPl16wWnZm9RPf
+8wBtTJh4QP_cTStPq1ftSaLIAuqVFpbiC2DxGemXZn3QvykuYqa-rKeYPoIJ5dtWd5rNb_hhcSIz
+FakKTELb0HWYGji98TBF6PaStea2f2m-wGX_uQGD7_Dijl6AgnV9koKVs1bN1XljLtNMPbLdD8sz
+UCvc5lwvCFyyeunljI7os1fgwBmaMyckflq5VfZv9kFxom6jFLbcozylQ_uBg4j7oCP79IXVUI-r
+banZltOSmm8zHGc2R9UlUyxJWBi01yxwi1hUtn9g1H4RtncQpu3BY0Qvu5YLAmS5imivUnGVZWbv
+6wcqnJt5HwaVatE9NHONSLNTViQPsUOutWZBZxhJtAncdZuWOYZSh4TPzUJWvt6zT0E3YMBc_UuG
+yPmdLyqo7qGHR8YWRqq_vq6ISJqENMnVD6X9-BeI6KM4GPEAlDWyhgENXxQFjG45ufg3UpP8LBTB
+xDntlfkphRumsd13-8IlvwVtlpgnbuCMbwP_-lNVeNJcdA1InPt79oY-SEVZ-RVM1881ZASCnFeB
+lh3BTc_bGQ8YoC9s6iHtcCK_1SdbwzBfQBJUqqcYsa8hJLe-j8di7KCaFzI3a-UXWKuuWljpbKbq
+ibd48UFJt_34_GxkD6bmLxycuNH-og2Sd2VcYU0o5UarcrY4-2sgFPE7Mzxovrl98uayfgNF9DqE
+fJ4MwFGqLRtEHlm4zfuMxQ5Rh_giMUHDJApc1DYRkxdGbNUd4bC4aRBln2IhN-rNKbSVtiW_uT6v
+1KTMGmElvktjPWybJd2SvhT5qOLUM81-cmZzAsNa04jxZLBlQn_1fel3IroVos4Ohbdhar2NG6T5
+liten9RZ9P4Cg9RWhgeQonAD5kqLWXAHnCfffb5CVcAU5PHqkCgCbdThvD0-zIGETLO9AE0jKISc
+0o67CUZn3MzJ9pP_3gh-ALr2w-KAwqasqCf0igf1wmEDijv9wEDcgDm39ERIElTpGKgfyuVl4F8u
+PrpK5ZfpUYySUB6CZFQVVz0MvH6E7orQk4dCKFIimV_XwEtGijBttrTvyV6xYNScAEw_olt-0mdm
+8UEKSsuqSyDMxUWLjKJT19rNedahYJNtI87WR9Fhhjsrai9Or3a-srOYa56wcvSj2ZHbkevbO9Xv
+dQ2wzWCGEAMQSpSr83n0XEpR2pZT19Z19Svbhr08mnt2JNykCk60FLCeDTUOylJtYw6YOjqBizQZ
+-85B51BCbSEaAKJkgT9-8n_-LGW5aPBrBB_9FT7UIYczNEt3B1Lqr2s4ipPI_36JecEfqaS2cNLn
+c0ObAtNGAONkhO5LYLneMR3fZPMFuOX1-rMObPgE0i9dYqWDZ_30w9rpRsmiWyxYi5lvWDxU5L1J
+uJxwREz3oa_VgpSC3Y2oxCufdQwzBk57iVLDOb1qs_Hwj1SWd1nukWyAo2-g5sR1folAEcao \ No newline at end of file
diff --git a/charts/aai-babel/templates/configmap.yaml b/charts/aai-babel/templates/configmap.yaml
new file mode 100644
index 0000000..031fc06
--- /dev/null
+++ b/charts/aai-babel/templates/configmap.yaml
@@ -0,0 +1,70 @@
+# Copyright © 2018 Amdocs, AT&T
+# Modifications Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+
+{{ if .Values.global.installSidecarSecurity }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-fproxy-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/fproxy/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-fproxy-log-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/fproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-log-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/auth/uri-authorization.json").AsConfig . | indent 2 }}
+{{ end }} \ No newline at end of file
diff --git a/charts/aai-babel/templates/deployment.yaml b/charts/aai-babel/templates/deployment.yaml
new file mode 100644
index 0000000..ea6e64a
--- /dev/null
+++ b/charts/aai-babel/templates/deployment.yaml
@@ -0,0 +1,251 @@
+# Copyright © 2018 Amdocs, AT&T
+# Modifications Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ {{ if .Values.global.installSidecarSecurity }}
+ hostAliases:
+ - ip: {{ .Values.global.aaf.serverIp }}
+ hostnames:
+ - {{ .Values.global.aaf.serverHostname }}
+
+ initContainers:
+ - name: {{ .Values.global.tproxyConfig.name }}
+ image: "{{ include "common.repository" . }}/{{ .Values.global.tproxyConfig.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ securityContext:
+ privileged: true
+ {{ end }}
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{ if .Values.liveness.enabled }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end }}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ env:
+ - name: CONFIG_HOME
+ value: /opt/app/babel/config
+ - name: KEY_STORE_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}-pass
+ key: KEY_STORE_PASSWORD
+ - name: KEY_MANAGER_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}-pass
+ key: KEY_MANAGER_PASSWORD
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /opt/app/babel/config/artifact-generator.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: artifact-generator.properties
+ - mountPath: /opt/app/babel/config/tosca-mappings.json
+ name: {{ include "common.fullname" . }}-config
+ subPath: tosca-mappings.json
+ - mountPath: /opt/app/babel/config/babel-auth.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: babel-auth.properties
+ - mountPath: /opt/app/babel/config/auth
+ name: {{ include "common.fullname" . }}-secrets
+ - mountPath: /var/log/onap
+ name: {{ include "common.fullname" . }}-logs
+ - mountPath: /opt/app/babel/config/logback.xml
+ name: {{ include "common.fullname" . }}-config
+ subPath: logback.xml
+ resources:
+{{ include "common.resources" . }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
+
+ # side car containers
+ - name: filebeat-onap
+ image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: /usr/share/filebeat/filebeat.yml
+ subPath: filebeat.yml
+ name: filebeat-conf
+ - mountPath: /var/log/onap
+ name: {{ include "common.fullname" . }}-logs
+ - mountPath: /usr/share/filebeat/data
+ name: aai-filebeat
+
+ {{ if .Values.global.installSidecarSecurity }}
+ - name: {{ .Values.global.rproxy.name }}
+ image: "{{ include "common.repository" . }}/{{ .Values.global.rproxy.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: CONFIG_HOME
+ value: "/opt/app/rproxy/config"
+ - name: KEY_STORE_PASSWORD
+ value: {{ .Values.config.keyStorePassword }}
+ - name: spring_profiles_active
+ value: {{ .Values.global.rproxy.activeSpringProfiles }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ mountPath: /opt/app/rproxy/config/forward-proxy.properties
+ subPath: forward-proxy.properties
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ mountPath: /opt/app/rproxy/config/primary-service.properties
+ subPath: primary-service.properties
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ mountPath: /opt/app/rproxy/config/reverse-proxy.properties
+ subPath: reverse-proxy.properties
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ mountPath: /opt/app/rproxy/config/cadi.properties
+ subPath: cadi.properties
+ - name: {{ include "common.fullname" . }}-rproxy-log-config
+ mountPath: /opt/app/rproxy/config/logback-spring.xml
+ subPath: logback-spring.xml
+ - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+ mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
+ subPath: uri-authorization.json
+ - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ mountPath: /opt/app/rproxy/config/auth/tomcat_keystore
+ subPath: tomcat_keystore
+ - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ mountPath: /opt/app/rproxy/config/auth/client-cert.p12
+ subPath: client-cert.p12
+ - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks
+ subPath: aaf_truststore.jks
+ - name: {{ include "common.fullname" . }}-rproxy-security-config
+ mountPath: /opt/app/rproxy/config/security/keyfile
+ subPath: keyfile
+
+ ports:
+ - containerPort: {{ .Values.global.rproxy.port }}
+
+ - name: {{ .Values.global.fproxy.name }}
+ image: "{{ include "common.repository" . }}/{{ .Values.global.fproxy.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: CONFIG_HOME
+ value: "/opt/app/fproxy/config"
+ - name: KEY_STORE_PASSWORD
+ value: {{ .Values.config.keyStorePassword }}
+ - name: spring_profiles_active
+ value: {{ .Values.global.fproxy.activeSpringProfiles }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-fproxy-config
+ mountPath: /opt/app/fproxy/config/fproxy.properties
+ subPath: fproxy.properties
+ - name: {{ include "common.fullname" . }}-fproxy-log-config
+ mountPath: /opt/app/fproxy/config/logback-spring.xml
+ subPath: logback-spring.xml
+ - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ mountPath: /opt/app/fproxy/config/auth/tomcat_keystore
+ subPath: tomcat_keystore
+ - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ mountPath: /opt/app/fproxy/config/auth/client-cert.p12
+ subPath: client-cert.p12
+ ports:
+ - containerPort: {{ .Values.global.fproxy.port }}
+ {{ end }}
+
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: {{ include "common.fullname" . }}-config
+ configMap:
+ name: {{ include "common.fullname" . }}-configmap
+ items:
+ - key: artifact-generator.properties
+ path: artifact-generator.properties
+ - key: tosca-mappings.json
+ path: tosca-mappings.json
+ - key: babel-auth.properties
+ path: babel-auth.properties
+ - key: logback.xml
+ path: logback.xml
+ - name: {{ include "common.fullname" . }}-secrets
+ secret:
+ secretName: {{ include "common.fullname" . }}-babel-secrets
+ - name: filebeat-conf
+ configMap:
+ name: aai-filebeat
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ - name: aai-filebeat
+ emptyDir: {}
+ {{ if .Values.global.installSidecarSecurity }}
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ configMap:
+ name: {{ include "common.fullname" . }}-rproxy-config
+ - name: {{ include "common.fullname" . }}-rproxy-log-config
+ configMap:
+ name: {{ include "common.fullname" . }}-rproxy-log-config
+ - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+ configMap:
+ name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ secret:
+ secretName: {{ include "common.fullname" . }}-rproxy-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-security-config
+ secret:
+ secretName: {{ include "common.fullname" . }}-rproxy-security-config
+ - name: {{ include "common.fullname" . }}-fproxy-config
+ configMap:
+ name: {{ include "common.fullname" . }}-fproxy-config
+ - name: {{ include "common.fullname" . }}-fproxy-log-config
+ configMap:
+ name: {{ include "common.fullname" . }}-fproxy-log-config
+ - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ secret:
+ secretName: {{ include "common.fullname" . }}-fproxy-auth-config
+ {{ end }}
+
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/charts/aai-babel/templates/secrets.yaml b/charts/aai-babel/templates/secrets.yaml
new file mode 100644
index 0000000..7c3b04a
--- /dev/null
+++ b/charts/aai-babel/templates/secrets.yaml
@@ -0,0 +1,88 @@
+# Copyright © 2018 Amdocs, AT&T
+# Modifications Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-babel-secrets
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-pass
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+ KEY_STORE_PASSWORD: {{ .Values.config.keyStorePassword | b64enc | quote }}
+ KEY_MANAGER_PASSWORD: {{ .Values.config.keyManagerPassword | b64enc | quote }}
+
+{{ if .Values.global.installSidecarSecurity }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-fproxy-auth-config
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/fproxy/config/auth/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-auth-config
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-security-config
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/security/*").AsSecrets . | indent 2 }}
+{{ end }} \ No newline at end of file
diff --git a/charts/aai-babel/templates/service.yaml b/charts/aai-babel/templates/service.yaml
new file mode 100644
index 0000000..9a8b8a2
--- /dev/null
+++ b/charts/aai-babel/templates/service.yaml
@@ -0,0 +1,52 @@
+# Copyright © 2018 Amdocs, AT&T
+# Modifications Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{ if .Values.global.installSidecarSecurity }}
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.global.rproxy.port }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.global.rproxy.port }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ {{ else }}
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ {{ end }}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
diff --git a/charts/aai-babel/values.yaml b/charts/aai-babel/values.yaml
new file mode 100644
index 0000000..60b7dd4
--- /dev/null
+++ b/charts/aai-babel/values.yaml
@@ -0,0 +1,81 @@
+# Copyright © 2018 Amdocs, AT&T
+# Modifications Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ readinessImage: readiness-check:2.0.2
+ loggingImage: beats/filebeat:5.5.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+
+# application image
+image: onap/babel:1.4-STAGING-latest
+
+flavor: small
+
+# application configuration
+config:
+ keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+ keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: false
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+
+service:
+ type: NodePort
+ portName: babel
+ externalPort: 9516
+ internalPort: 9516
+ nodePort: 79
+
+ingress:
+ enabled: false
+
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 4Gi
+ requests:
+ cpu: 0.5
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 8Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ unlimited: {}
diff --git a/charts/aai-champ/Chart.yaml b/charts/aai-champ/Chart.yaml
new file mode 100644
index 0000000..a41a49e
--- /dev/null
+++ b/charts/aai-champ/Chart.yaml
@@ -0,0 +1,19 @@
+# Copyright © 2018 Amdocs, AT&T
+# Modifications Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP AAI Champ microservice
+name: aai-champ
+version: 4.0.0
diff --git a/charts/aai-champ/requirements.yaml b/charts/aai-champ/requirements.yaml
new file mode 100644
index 0000000..78e822e
--- /dev/null
+++ b/charts/aai-champ/requirements.yaml
@@ -0,0 +1,22 @@
+# Copyright © 2018 Amdocs, AT&T
+# Modifications Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~4.x-0
+ # local reference to common chart, as it is
+ # a part of this chart's package and will not
+ # be published independently to a repo (at this point)
+ repository: '@local'
diff --git a/charts/aai-champ/resources/config/appconfig/auth/champ_policy.json b/charts/aai-champ/resources/config/appconfig/auth/champ_policy.json
new file mode 100644
index 0000000..a059e86
--- /dev/null
+++ b/charts/aai-champ/resources/config/appconfig/auth/champ_policy.json
@@ -0,0 +1,19 @@
+{
+ "roles": [
+ {
+ "name": "admin",
+ "functions": [
+ {
+ "name": "search", "methods": [ { "name": "GET" },{ "name": "DELETE" }, { "name": "PUT" }, { "name": "POST" } ]
+ }
+ ],
+
+ "users": [
+ {
+ "username": "CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA"
+ }
+ ]
+ }
+ ]
+}
+
diff --git a/charts/aai-champ/resources/config/appconfig/auth/tomcat_keystore b/charts/aai-champ/resources/config/appconfig/auth/tomcat_keystore
new file mode 100644
index 0000000..c4c7271
--- /dev/null
+++ b/charts/aai-champ/resources/config/appconfig/auth/tomcat_keystore
Binary files differ
diff --git a/charts/aai-champ/resources/config/appconfig/champ-api.properties b/charts/aai-champ/resources/config/appconfig/champ-api.properties
new file mode 100644
index 0000000..0aba797
--- /dev/null
+++ b/charts/aai-champ/resources/config/appconfig/champ-api.properties
@@ -0,0 +1,20 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+keyName=aai-uuid
+sourceOfTruthName=source-of-truth
+createdTsName=aai-created-ts
+lastModTsName=aai-last-mod-ts
+collectionPropertiesKey=properties
+
diff --git a/charts/aai-champ/resources/config/dynamic/conf/champ-beans.xml b/charts/aai-champ/resources/config/dynamic/conf/champ-beans.xml
new file mode 100644
index 0000000..3977a68
--- /dev/null
+++ b/charts/aai-champ/resources/config/dynamic/conf/champ-beans.xml
@@ -0,0 +1,84 @@
+<!--
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+-->
+
+<beans xmlns="http://www.springframework.org/schema/beans"
+xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+xmlns:util="http://www.springframework.org/schema/util"
+xsi:schemaLocation="
+ http://www.springframework.org/schema/beans
+ http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/util
+ http://www.springframework.org/schema/util/spring-util.xsd
+ ">
+
+ <bean id="champEventPublisher" class="org.onap.aai.event.client.DMaaPEventPublisher" >
+ <constructor-arg name="host" value="message-router.{{.Release.Namespace}}:{{.Values.event.port.dmaap}}" />
+ <constructor-arg name="topic" value="{{.Values.event.publisher.topic}}" />
+ <constructor-arg name="username" value="" />
+ <constructor-arg name="password" value="" />
+ <constructor-arg name="maxBatchSize" value="100" />
+ <constructor-arg name="maxAgeMs" value="250" />
+ <constructor-arg name="delayBetweenBatchesMs" value="50" />
+ <constructor-arg name="transportType" value="HTTPAUTH" />
+ <constructor-arg name="protocol" value="{{.Values.event.protocol}}" />
+ <constructor-arg name="contentType" value="application/json" />
+ </bean>
+
+ <!-- Graph Implementation Configuration-->
+ <util:map id="props" map-class="java.util.HashMap" key-type="java.lang.String" value-type="java.lang.Object">
+ <entry key="champcore.event.stream.buffer.capacity" value="50" value-type="java.lang.Integer"/>
+ <entry key="champcore.event.stream.publisher-pool-size" value="10" value-type="java.lang.Integer"/>
+ <entry key="champcore.event.stream.publisher" value-ref="champEventPublisher"/>
+
+ <entry key="graph.name" value="aaigraph"/>
+ <entry key="storage.backend" value="cassandra"/>
+ <entry key="storage.cassandra.read-consistency-level" value="LOCAL_QUORUM"/>
+ <entry key="storage.cassandra.write-consistency-level" value="LOCAL_QUORUM"/>
+ <entry key="storage.cassandra.replication-factor" value="{{ .Values.global.cassandra.replicas }}"/>
+ <entry key="storage.cassandra.replication-strategy-class" value="org.apache.cassandra.locator.SimpleStrategy"/>
+ <entry key="storage.hostname" value="{{ .Values.global.cassandra.serviceName }}"/>
+ </util:map>
+
+ <!-- Janus Implementation -->
+ <bean id="graphBuilder" class="org.onap.aai.champjanus.graph.impl.JanusChampGraphImpl$Builder">
+ <constructor-arg value="aaigraph"/>
+ <constructor-arg ref="props" />
+ </bean>
+
+ <bean id="graphImpl" class="org.onap.aai.champjanus.graph.impl.JanusChampGraphImpl">
+ <constructor-arg ref="graphBuilder" />
+ </bean>
+
+ <bean id="champUUIDService" class="org.onap.champ.service.ChampUUIDService" >
+ <constructor-arg name="graphImpl" ref="graphImpl" />
+ </bean>
+
+ <bean id="cache" class="org.onap.champ.service.ChampTransactionCache" >
+ <constructor-arg name="txTimeOutInSec" value="600" />
+ <constructor-arg name="graphImpl" ref="graphImpl" />
+ </bean>
+
+ <bean id="champDataService" class="org.onap.champ.service.ChampDataService" >
+ <constructor-arg name="champUUIDService" ref="champUUIDService" />
+ <constructor-arg name="graphImpl" ref="graphImpl" />
+ <constructor-arg name="cache" ref="cache" />
+ </bean>
+
+ <bean id="champRestService" class="org.onap.champ.ChampRESTAPI" >
+ <constructor-arg name="champDataService" ref="champDataService" />
+ <constructor-arg name="champAsyncRequestProcessor"><null/></constructor-arg>
+ </bean>
+</beans>
diff --git a/charts/aai-champ/resources/config/log/logback.xml b/charts/aai-champ/resources/config/log/logback.xml
new file mode 100644
index 0000000..67f6ac3
--- /dev/null
+++ b/charts/aai-champ/resources/config/log/logback.xml
@@ -0,0 +1,176 @@
+<!--
+Copyright © 2018 Amdocs, AT&T
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+
+<configuration scan="true" scanPeriod="3 seconds" debug="true">
+ <!-- Service-specific properties -->
+ <property name="componentName" value="AAI-CHAMP" />
+
+ <!-- directory path for logs -->
+ <property name="logDir" value="/var/log/onap" />
+ <property name="logDirectory" value="${logDir}/${componentName}" />
+
+ <!-- default eelf log file names -->
+ <property name="generalLogName" value="error" />
+ <property name="metricsLogName" value="metrics" />
+ <property name="auditLogName" value="audit" />
+ <property name="debugLogName" value="debug" />
+
+ <property name="errorLogPattern" value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{RequestId}|%thread|Champ|%mdc{PartnerName}|%logger||%.-5level|%msg%n" />
+ <property name="auditMetricPattern" value="%m%n" />
+
+ <!-- Example evaluator filter applied against console appender -->
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>${errorLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <!-- ============================================================================ -->
+ <!-- EELF Appenders -->
+ <!-- ============================================================================ -->
+
+ <appender name="EELF"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${generalLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip
+ </fileNamePattern>
+ <maxHistory>60</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${errorLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender">
+ <!-- deny all events with a level below INFO, that is TRACE and DEBUG -->
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>INFO</level>
+ </filter>
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELF" />
+ </appender>
+
+ <appender name="EELFAudit"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${auditLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip
+ </fileNamePattern>
+ <maxHistory>60</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${auditMetricPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFAudit" />
+ </appender>
+
+ <appender name="EELFMetrics"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${metricsLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip
+ </fileNamePattern>
+ <maxHistory>60</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${auditMetricPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFMetrics"/>
+ </appender>
+
+ <appender name="EELFDebug"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${debugLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip
+ </fileNamePattern>
+ <maxHistory>60</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${errorLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFDebug" />
+ <includeCallerData>false</includeCallerData>
+ </appender>
+
+ <!-- ============================================================================ -->
+ <!-- EELF loggers -->
+ <!-- ============================================================================ -->
+ <logger name="com.att.eelf" level="info" additivity="false">
+ <appender-ref ref="asyncEELF" />
+ <appender-ref ref="asyncEELFDebug" />
+ </logger>
+
+ <logger name="com.att.eelf.audit" level="info" additivity="false">
+ <appender-ref ref="asyncEELFAudit" />
+ </logger>
+
+ <logger name="com.att.eelf.metrics" level="info" additivity="false">
+ <appender-ref ref="asyncEELFMetrics" />
+ </logger>
+
+ <!-- Spring related loggers -->
+ <logger name="org.springframework" level="WARN" />
+ <logger name="org.springframework.beans" level="WARN" />
+ <logger name="org.springframework.web" level="WARN" />
+ <logger name="com.blog.spring.jms" level="WARN" />
+
+ <!-- General loggers -->
+ <logger name="org.onap" level="WARN" />
+
+ <!-- Other Loggers that may help troubleshoot -->
+ <logger name="net.sf" level="WARN" />
+ <logger name="org.apache" level="WARN" />
+ <logger name="org.apache.commons.httpclient" level="WARN" />
+ <logger name="org.apache.commons" level="WARN" />
+ <logger name="org.apache.coyote" level="WARN" />
+ <logger name="org.apache.jasper" level="WARN" />
+
+ <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging.
+ May aid in troubleshooting) -->
+ <logger name="org.apache.camel" level="WARN" />
+ <logger name="org.apache.cxf" level="WARN" />
+ <logger name="org.apache.camel.processor.interceptor" level="WARN" />
+ <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" />
+ <logger name="org.apache.cxf.service" level="WARN" />
+ <logger name="org.restlet" level="WARN" />
+ <logger name="org.apache.camel.component.restlet" level="WARN" />
+
+ <!-- logback internals logging -->
+ <logger name="ch.qos.logback.classic" level="WARN" />
+ <logger name="ch.qos.logback.core" level="WARN" />
+
+ <root>
+ <appender-ref ref="asyncEELF" />
+ <!-- <appender-ref ref="asyncEELFDebug" /> -->
+ </root>
+
+</configuration> \ No newline at end of file
diff --git a/charts/aai-champ/resources/fproxy/config/fproxy.properties b/charts/aai-champ/resources/fproxy/config/fproxy.properties
new file mode 100644
index 0000000..f512fb7
--- /dev/null
+++ b/charts/aai-champ/resources/fproxy/config/fproxy.properties
@@ -0,0 +1,2 @@
+credential.cache.timeout.ms=180000
+transactionid.header.name=X-TransactionId \ No newline at end of file
diff --git a/charts/aai-champ/resources/fproxy/config/logback-spring.xml b/charts/aai-champ/resources/fproxy/config/logback-spring.xml
new file mode 100644
index 0000000..0ece55c
--- /dev/null
+++ b/charts/aai-champ/resources/fproxy/config/logback-spring.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+
+ <property name="LOGS" value="./logs/AAF-FPS" />
+ <property name="FILEPREFIX" value="application" />
+
+ <appender name="Console"
+ class="ch.qos.logback.core.ConsoleAppender">
+ <layout class="ch.qos.logback.classic.PatternLayout">
+ <Pattern>
+ %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable
+ </Pattern>
+ </layout>
+ </appender>
+
+ <appender name="RollingFile"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${LOGS}/${FILEPREFIX}.log</file>
+ <encoder
+ class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+ <Pattern>%d %p %C{1.} [%t] %m%n</Pattern>
+ </encoder>
+
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- rollover daily and when the file reaches 10 MegaBytes -->
+ <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log
+ </fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>10MB</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ </rollingPolicy>
+ </appender>
+
+ <!-- LOG everything at INFO level -->
+ <root level="info">
+ <appender-ref ref="RollingFile" />
+ <appender-ref ref="Console" />
+ </root>
+
+ <!-- LOG "com.baeldung*" at TRACE level -->
+ <logger name="org.onap.aaf.fproxy" level="info" />
+
+</configuration> \ No newline at end of file
diff --git a/charts/aai-champ/resources/fproxy/config/readme.txt b/charts/aai-champ/resources/fproxy/config/readme.txt
new file mode 100644
index 0000000..79cf29e
--- /dev/null
+++ b/charts/aai-champ/resources/fproxy/config/readme.txt
@@ -0,0 +1 @@
+Relevant configuration files need to be copied here to successfully run this service locally. \ No newline at end of file
diff --git a/charts/aai-champ/resources/rproxy/config/auth/uri-authorization.json b/charts/aai-champ/resources/rproxy/config/auth/uri-authorization.json
new file mode 100644
index 0000000..ca34049
--- /dev/null
+++ b/charts/aai-champ/resources/rproxy/config/auth/uri-authorization.json
@@ -0,0 +1,99 @@
+ [
+ {
+ "uri": "\/not\/allowed\/at\/all$",
+ "permissions": [
+ "test.auth.access.ifYouLikedItYouShouldHavePutAPermissionOnIt"
+ ]
+ },
+ {
+ "uri": "\/one\/auth\/required$",
+ "permissions": [
+ "test.auth.access.aSimpleSingleAuth"
+ ]
+ },
+ {
+ "uri": "\/multi\/auth\/required$",
+ "permissions": [
+ "test.auth.access.aMultipleAuth1",
+ "test.auth.access.aMultipleAuth2",
+ "test.auth.access.aMultipleAuth3"
+ ]
+ },
+ {
+ "uri": "\/one\/[^\/]+\/required$",
+ "permissions": [
+ "test.auth.access.aSimpleSingleAuth"
+ ]
+ },
+ {
+ "uri": "\/services\/getAAFRequest$",
+ "permissions": [
+ "test.auth.access|services|GET,PUT"
+ ]
+ },
+ {
+ "uri": "\/admin\/getAAFRequest$",
+ "permissions": [
+ "test.auth.access|admin|GET,PUT,POST"
+ ]
+ },
+ {
+ "uri": "\/service\/aai\/webapp\/index.html$",
+ "permissions": [
+ "test.auth.access|services|GET,PUT"
+ ]
+ },
+ {
+ "uri": "\/services\/aai\/webapp\/index.html$",
+ "permissions": [
+ "test.auth.access|services|GET,PUT"
+ ]
+ },
+ {
+ "uri": "\/$",
+ "permissions": [
+ "\\|services\\|GET",
+ "test\\.auth\\.access\\|services\\|GET,PUT"
+ ]
+ },
+ {
+ "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions$",
+ "permissions": [
+ "test\\.auth\\.access\\|rest\\|read"
+ ]
+ },
+ {
+ "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+$*",
+ "permissions": [
+ "test.auth.access|clouds|read",
+ "test.auth.access|tenants|read"
+ ]
+ },
+ {
+ "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+\/tenants/tenant/[^\/]+/vservers/vserver/[^\/]+$",
+ "permissions": [
+ "test.auth.access|clouds|read",
+ "test.auth.access|tenants|read",
+ "test.auth.access|vservers|read"
+ ]
+ },
+ {
+ "uri": "\/backend$",
+ "permissions": [
+ "test\\.auth\\.access\\|services\\|GET,PUT",
+ "\\|services\\|GET"
+ ]
+ },
+ {
+ "uri": "\/services\/inventory\/.*",
+ "permissions": [
+ "org\\.onap\\.aai\\.resources\\|\\*\\|.*"
+ ]
+ },
+ {
+ "uri": "\/services\/champ-service\/.*",
+ "permissions": [
+ "org\\.onap\\.aai\\.resources\\|\\*\\|.*"
+ ]
+ }
+ ]
diff --git a/charts/aai-champ/resources/rproxy/config/cadi.properties b/charts/aai-champ/resources/rproxy/config/cadi.properties
new file mode 100644
index 0000000..1878a4d
--- /dev/null
+++ b/charts/aai-champ/resources/rproxy/config/cadi.properties
@@ -0,0 +1,39 @@
+# This is a normal Java Properties File
+# Comments are with Pound Signs at beginning of lines,
+# and multi-line expression of properties can be obtained by backslash at end of line
+
+#hostname is used for local testing where you may have to set your hostname to **.att.com or **.sbc.com. The example given below
+#will allow for an ATT cross domain cookie to be used for GLO. If you are running on Windows corp machine, your machine name
+#may be used automatically by cadi. However, if it is not, you will need to use hostname=mywebserver.att.com and add mywebserver.att.com
+#to your hosts file on your machine.
+#hostname=test.aic.cip.att.com
+
+cadi_loglevel=DEBUG
+
+# OAuth2
+aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token
+aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect
+
+cadi_latitude=37.78187
+cadi_longitude=-122.26147
+
+# Locate URL (which AAF Env)
+aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095
+
+# AAF URL
+aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0
+
+cadi_keyfile=/opt/app/rproxy/config/security/keyfile
+cadi_keystore=/opt/app/rproxy/config/auth/org.onap.aai.p12
+cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV
+cadi_alias=aai@aai.onap.org
+cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore
+cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+
+aaf_env=DEV
+
+aaf_id=demo@people.osaaf.org
+aaf_password=enc:92w4px0y_rrm265LXLpw58QnNPgDXykyA1YTrflbAKz
+
+# This is a colon separated list of client cert issuers
+cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA \ No newline at end of file
diff --git a/charts/aai-champ/resources/rproxy/config/forward-proxy.properties b/charts/aai-champ/resources/rproxy/config/forward-proxy.properties
new file mode 100644
index 0000000..1b58d42
--- /dev/null
+++ b/charts/aai-champ/resources/rproxy/config/forward-proxy.properties
@@ -0,0 +1,4 @@
+forward-proxy.protocol = https
+forward-proxy.host = localhost
+forward-proxy.port = 10680
+forward-proxy.cacheurl = /credential-cache \ No newline at end of file
diff --git a/charts/aai-champ/resources/rproxy/config/logback-spring.xml b/charts/aai-champ/resources/rproxy/config/logback-spring.xml
new file mode 100644
index 0000000..735edb6
--- /dev/null
+++ b/charts/aai-champ/resources/rproxy/config/logback-spring.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+
+ <property name="LOGS" value="./logs/reverse-proxy" />
+ <property name="FILEPREFIX" value="application" />
+
+ <appender name="Console"
+ class="ch.qos.logback.core.ConsoleAppender">
+ <layout class="ch.qos.logback.classic.PatternLayout">
+ <Pattern>
+ %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable
+ </Pattern>
+ </layout>
+ </appender>
+
+ <appender name="RollingFile"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${LOGS}/${FILEPREFIX}.log</file>
+ <encoder
+ class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+ <Pattern>%d %p %C{1.} [%t] %m%n</Pattern>
+ </encoder>
+
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- rollover daily and when the file reaches 10 MegaBytes -->
+ <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log
+ </fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>10MB</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ </rollingPolicy>
+ </appender>
+
+ <!-- LOG everything at INFO level -->
+ <root level="info">
+ <appender-ref ref="RollingFile" />
+ <appender-ref ref="Console" />
+ </root>
+
+ <!-- LOG "com.baeldung*" at TRACE level -->
+ <logger name="org.onap.aaf.rproxy" level="info" />
+
+</configuration> \ No newline at end of file
diff --git a/charts/aai-champ/resources/rproxy/config/primary-service.properties b/charts/aai-champ/resources/rproxy/config/primary-service.properties
new file mode 100644
index 0000000..8d64529
--- /dev/null
+++ b/charts/aai-champ/resources/rproxy/config/primary-service.properties
@@ -0,0 +1,3 @@
+primary-service.protocol = https
+primary-service.host = localhost
+primary-service.port = 9522 \ No newline at end of file
diff --git a/charts/aai-champ/resources/rproxy/config/readme.txt b/charts/aai-champ/resources/rproxy/config/readme.txt
new file mode 100644
index 0000000..79cf29e
--- /dev/null
+++ b/charts/aai-champ/resources/rproxy/config/readme.txt
@@ -0,0 +1 @@
+Relevant configuration files need to be copied here to successfully run this service locally. \ No newline at end of file
diff --git a/charts/aai-champ/resources/rproxy/config/reverse-proxy.properties b/charts/aai-champ/resources/rproxy/config/reverse-proxy.properties
new file mode 100644
index 0000000..8d46e1f
--- /dev/null
+++ b/charts/aai-champ/resources/rproxy/config/reverse-proxy.properties
@@ -0,0 +1 @@
+transactionid.header.name=X-TransactionId \ No newline at end of file
diff --git a/charts/aai-champ/templates/configmap.yaml b/charts/aai-champ/templates/configmap.yaml
new file mode 100644
index 0000000..c3966e7
--- /dev/null
+++ b/charts/aai-champ/templates/configmap.yaml
@@ -0,0 +1,95 @@
+# Copyright © 2018 Amdocs, AT&T
+# Modifications Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/appconfig/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-dynamic
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/dynamic/conf/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-log-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }}
+{{ if .Values.global.installSidecarSecurity }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-fproxy-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/fproxy/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-fproxy-log-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/fproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-log-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/auth/uri-authorization.json").AsConfig . | indent 2 }}
+{{ end }} \ No newline at end of file
diff --git a/charts/aai-champ/templates/deployment.yaml b/charts/aai-champ/templates/deployment.yaml
new file mode 100644
index 0000000..a311f68
--- /dev/null
+++ b/charts/aai-champ/templates/deployment.yaml
@@ -0,0 +1,277 @@
+# Copyright © 2018 Amdocs, AT&T
+# Modifications Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ initContainers:
+ - command:
+ - /root/ready.py
+ args:
+ - --container-name
+ {{- if .Values.global.cassandra.localCluster }}
+ - aai-cassandra
+ {{- else }}
+ - cassandra
+ {{- end }}
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-readiness
+ {{ if .Values.global.installSidecarSecurity }}
+ - name: {{ .Values.global.tproxyConfig.name }}
+ image: "{{ include "common.repository" . }}/{{ .Values.global.tproxyConfig.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ securityContext:
+ privileged: true
+ {{ end }}
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{ if .Values.liveness.enabled }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end }}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ env:
+ - name: CONFIG_HOME
+ value: "/opt/app/champ-service/appconfig"
+ - name: GRAPHIMPL
+ value: "janus-deps"
+ - name: KEY_STORE_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}-pass
+ key: KEY_STORE_PASSWORD
+ - name: KEY_MANAGER_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}-pass
+ key: KEY_MANAGER_PASSWORD
+ - name: SERVICE_BEANS
+ value: "/opt/app/champ-service/dynamic/conf"
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /opt/app/champ-service/appconfig/champ-api.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: champ-api.properties
+ - mountPath: /opt/app/champ-service/appconfig/auth
+ name: {{ include "common.fullname" . }}-secrets
+ - mountPath: /opt/app/champ-service/dynamic/conf/champ-beans.xml
+ name: {{ include "common.fullname" . }}-dynamic-config
+ subPath: champ-beans.xml
+ - mountPath: /opt/app/champ-service/bundleconfig/etc/logback.xml
+ name: {{ include "common.fullname" . }}-logback-config
+ subPath: logback.xml
+ - mountPath: /var/log/onap
+ name: {{ include "common.fullname" . }}-logs
+ resources:
+{{ include "common.resources" . }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
+
+ # side car containers
+ - name: filebeat-onap
+ image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: /usr/share/filebeat/filebeat.yml
+ subPath: filebeat.yml
+ name: filebeat-conf
+ - mountPath: /var/log/onap
+ name: {{ include "common.fullname" . }}-logs
+ - mountPath: /usr/share/filebeat/data
+ name: aai-filebeat
+ {{ if .Values.global.installSidecarSecurity }}
+ - name: {{ .Values.global.rproxy.name }}
+ image: "{{ include "common.repository" . }}/{{ .Values.global.rproxy.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: CONFIG_HOME
+ value: "/opt/app/rproxy/config"
+ - name: KEY_STORE_PASSWORD
+ value: {{ .Values.config.keyStorePassword }}
+ - name: spring_profiles_active
+ value: {{ .Values.global.rproxy.activeSpringProfiles }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ mountPath: /opt/app/rproxy/config/forward-proxy.properties
+ subPath: forward-proxy.properties
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ mountPath: /opt/app/rproxy/config/primary-service.properties
+ subPath: primary-service.properties
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ mountPath: /opt/app/rproxy/config/reverse-proxy.properties
+ subPath: reverse-proxy.properties
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ mountPath: /opt/app/rproxy/config/cadi.properties
+ subPath: cadi.properties
+ - name: {{ include "common.fullname" . }}-rproxy-log-config
+ mountPath: /opt/app/rproxy/config/logback-spring.xml
+ subPath: logback-spring.xml
+ - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+ mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
+ subPath: uri-authorization.json
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
+ mountPath: /opt/app/rproxy/config/auth/tomcat_keystore
+ subPath: tomcat_keystore
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
+ mountPath: /opt/app/rproxy/config/auth/client-cert.p12
+ subPath: client-cert.p12
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
+ mountPath: /opt/app/rproxy/config/auth/org.onap.aai.p12
+ subPath: org.onap.aai.p12
+ - name: {{ include "common.fullname" . }}-rproxy-security-config
+ mountPath: /opt/app/rproxy/config/security/keyfile
+ subPath: keyfile
+
+ ports:
+ - containerPort: {{ .Values.global.rproxy.port }}
+
+ - name: {{ .Values.global.fproxy.name }}
+ image: "{{ include "common.repository" . }}/{{ .Values.global.fproxy.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: CONFIG_HOME
+ value: "/opt/app/fproxy/config"
+ - name: KEY_STORE_PASSWORD
+ value: {{ .Values.config.keyStorePassword }}
+ - name: TRUST_STORE_PASSWORD
+ value: {{ .Values.config.trustStorePassword }}
+ - name: spring_profiles_active
+ value: {{ .Values.global.fproxy.activeSpringProfiles }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-fproxy-config
+ mountPath: /opt/app/fproxy/config/fproxy.properties
+ subPath: fproxy.properties
+ - name: {{ include "common.fullname" . }}-fproxy-log-config
+ mountPath: /opt/app/fproxy/config/logback-spring.xml
+ subPath: logback-spring.xml
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
+ mountPath: /opt/app/fproxy/config/auth/tomcat_keystore
+ subPath: tomcat_keystore
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
+ mountPath: /opt/app/fproxy/config/auth/fproxy_truststore
+ subPath: fproxy_truststore
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
+ mountPath: /opt/app/fproxy/config/auth/client-cert.p12
+ subPath: client-cert.p12
+ ports:
+ - containerPort: {{ .Values.global.fproxy.port }}
+ {{ end }}
+
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: {{ include "common.fullname" . }}-config
+ configMap:
+ name: {{ include "common.fullname" . }}
+ items:
+ - key: champ-api.properties
+ path: champ-api.properties
+ - name: {{ include "common.fullname" . }}-secrets
+ secret:
+ secretName: {{ include "common.fullname" . }}-champ
+ - name: {{ include "common.fullname" . }}-dynamic-config
+ configMap:
+ name: {{ include "common.fullname" . }}-dynamic
+ items:
+ - key: champ-beans.xml
+ path: champ-beans.xml
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-logback-config
+ configMap:
+ name: {{ include "common.fullname" . }}-log-configmap
+ items:
+ - key: logback.xml
+ path: logback.xml
+ - name: filebeat-conf
+ configMap:
+ name: aai-filebeat
+ - name: aai-filebeat
+ emptyDir: {}
+ {{ if .Values.global.installSidecarSecurity }}
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ configMap:
+ name: {{ include "common.fullname" . }}-rproxy-config
+ - name: {{ include "common.fullname" . }}-rproxy-log-config
+ configMap:
+ name: {{ include "common.fullname" . }}-rproxy-log-config
+ - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+ configMap:
+ name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ secret:
+ secretName: {{ include "common.fullname" . }}-rproxy-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
+ secret:
+ secretName: aai-rproxy-auth-certs
+ - name: {{ include "common.fullname" . }}-rproxy-security-config
+ secret:
+ secretName: aai-rproxy-security-config
+ - name: {{ include "common.fullname" . }}-fproxy-config
+ configMap:
+ name: {{ include "common.fullname" . }}-fproxy-config
+ - name: {{ include "common.fullname" . }}-fproxy-log-config
+ configMap:
+ name: {{ include "common.fullname" . }}-fproxy-log-config
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
+ secret:
+ secretName: aai-fproxy-auth-certs
+ {{ end }}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/charts/aai-champ/templates/secrets.yaml b/charts/aai-champ/templates/secrets.yaml
new file mode 100644
index 0000000..fa18956
--- /dev/null
+++ b/charts/aai-champ/templates/secrets.yaml
@@ -0,0 +1,60 @@
+# Copyright © 2018 Amdocs, AT&T
+# Modifications Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-champ
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/appconfig/auth/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-pass
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+ KEY_STORE_PASSWORD: {{ .Values.config.keyStorePassword | b64enc | quote }}
+ KEY_MANAGER_PASSWORD: {{ .Values.config.keyManagerPassword | b64enc | quote }}
+
+{{ if .Values.global.installSidecarSecurity }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-auth-config
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }}
+{{ end }} \ No newline at end of file
diff --git a/charts/aai-champ/templates/service.yaml b/charts/aai-champ/templates/service.yaml
new file mode 100644
index 0000000..e67d42a
--- /dev/null
+++ b/charts/aai-champ/templates/service.yaml
@@ -0,0 +1,53 @@
+# Copyright © 2018 Amdocs, AT&T
+# Modifications Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{ if .Values.global.installSidecarSecurity }}
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ targetPort: {{ .Values.global.rproxy.port }}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.global.rproxy.port }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ {{ else }}
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort}}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort}}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ {{ end }}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
diff --git a/charts/aai-champ/values.yaml b/charts/aai-champ/values.yaml
new file mode 100644
index 0000000..331786c
--- /dev/null
+++ b/charts/aai-champ/values.yaml
@@ -0,0 +1,90 @@
+# Copyright © 2018 Amdocs, AT&T
+# Modifications Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ readinessImage: readiness-check:2.0.2
+ loggingImage: beats/filebeat:5.5.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+
+# application image
+image: onap/champ:1.4-STAGING-latest
+
+flavor: small
+
+# application configuration
+config:
+ keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+ keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+ trustStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: false
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+
+service:
+ type: NodePort
+ portName: aai-champ
+ internalPort: 9522
+ externalPort: 9522
+ nodePort: 78
+
+ingress:
+ enabled: false
+
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 4Gi
+ requests:
+ cpu: 0.5
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 8Gi
+ requests:
+ cpu: 1
+ memory: 2Gi
+ unlimited: {}
+
+# XML beans configuration
+event:
+ port:
+ dmaap: 3905
+ protocol: https
+ publisher:
+ topic: champRawEvents
diff --git a/charts/aai-data-router/.helmignore b/charts/aai-data-router/.helmignore
new file mode 100644
index 0000000..daebc7d
--- /dev/null
+++ b/charts/aai-data-router/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/charts/aai-data-router/Chart.yaml b/charts/aai-data-router/Chart.yaml
new file mode 100644
index 0000000..47f9f31
--- /dev/null
+++ b/charts/aai-data-router/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP AAI Data-Router
+name: aai-data-router
+version: 4.0.0
diff --git a/charts/aai-data-router/resources/config/auth/client-cert-onap.p12 b/charts/aai-data-router/resources/config/auth/client-cert-onap.p12
new file mode 100644
index 0000000..dbf4fca
--- /dev/null
+++ b/charts/aai-data-router/resources/config/auth/client-cert-onap.p12
Binary files differ
diff --git a/charts/aai-data-router/resources/config/auth/data-router_policy.json b/charts/aai-data-router/resources/config/auth/data-router_policy.json
new file mode 100644
index 0000000..c03870e
--- /dev/null
+++ b/charts/aai-data-router/resources/config/auth/data-router_policy.json
@@ -0,0 +1,18 @@
+{
+ "roles": [
+ {
+ "name": "admin",
+ "functions": [
+ {
+ "name": "search", "methods": [ { "name": "GET" },{ "name": "DELETE" }, { "name": "PUT" }, { "name": "POST" } ]
+ }
+ ],
+
+ "users": [
+ {
+ "username": "CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA"
+ }
+ ]
+ }
+ ]
+}
diff --git a/charts/aai-data-router/resources/config/auth/tomcat_keystore b/charts/aai-data-router/resources/config/auth/tomcat_keystore
new file mode 100644
index 0000000..de5325b
--- /dev/null
+++ b/charts/aai-data-router/resources/config/auth/tomcat_keystore
Binary files differ
diff --git a/charts/aai-data-router/resources/config/data-router.properties b/charts/aai-data-router/resources/config/data-router.properties
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/charts/aai-data-router/resources/config/data-router.properties
diff --git a/charts/aai-data-router/resources/config/log/logback.xml b/charts/aai-data-router/resources/config/log/logback.xml
new file mode 100644
index 0000000..d7ff014
--- /dev/null
+++ b/charts/aai-data-router/resources/config/log/logback.xml
@@ -0,0 +1,193 @@
+<!--
+ ============LICENSE_START=======================================================
+ org.onap.aai
+ ================================================================================
+ Copyright © 2018 AT&T Intellectual Property. All rights reserved.
+ Copyright © 2018 Amdocs
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END=========================================================
+-->
+<configuration scan="true" scanPeriod="3 seconds" debug="false">
+ <!--<jmxConfigurator /> -->
+ <!-- directory path for all other type logs -->
+
+ <property name="logDir" value="/var/log/onap" />
+
+ <!-- specify the component name -->
+ <property name="componentName" value="AAI-DR" />
+
+ <!-- default eelf log file names -->
+ <property name="generalLogName" value="error" />
+ <property name="metricsLogName" value="metrics" />
+ <property name="auditLogName" value="audit" />
+ <property name="debugLogName" value="debug" />
+
+ <property name="errorLogPattern" value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{RequestId}|%thread|data-router|%mdc{PartnerName}|%logger||%.-5level|%msg%n" />
+ <property name="auditMetricPattern" value="%m%n" />
+
+ <property name="logDirectory" value="${logDir}/${componentName}" />
+
+ <!-- Example evaluator filter applied against console appender -->
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>${errorLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <!-- ============================================================================ -->
+ <!-- EELF Appenders -->
+ <!-- ============================================================================ -->
+
+ <!-- The EELFAppender is used to record events to the general application
+ log -->
+
+ <appender name="EELF"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${generalLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip
+ </fileNamePattern>
+ <maxHistory>60</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${errorLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender">
+ <!-- deny all events with a level below INFO, that is TRACE and DEBUG -->
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>INFO</level>
+ </filter>
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELF" />
+ </appender>
+
+ <!-- EELF Audit Appender. This appender is used to record audit engine
+ related logging events. The audit logger and appender are specializations
+ of the EELF application root logger and appender. This can be used to segregate
+ Policy engine events from other components, or it can be eliminated to record
+ these events as part of the application root log. -->
+
+ <appender name="EELFAudit"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${auditLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip
+ </fileNamePattern>
+ <maxHistory>60</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${auditMetricPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFAudit" />
+ </appender>
+
+ <appender name="EELFMetrics"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${metricsLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip
+ </fileNamePattern>
+ <maxHistory>60</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} -
+ %msg%n"</pattern> -->
+ <pattern>${auditMetricPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFMetrics"/>
+ </appender>
+
+ <appender name="EELFDebug"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${debugLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip
+ </fileNamePattern>
+ <maxHistory>60</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${errorLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFDebug" />
+ <includeCallerData>false</includeCallerData>
+ </appender>
+
+ <!-- ============================================================================ -->
+ <!-- EELF loggers -->
+ <!-- ============================================================================ -->
+ <logger name="com.att.eelf" level="info" additivity="false">
+ <appender-ref ref="asyncEELF" />
+ <appender-ref ref="asyncEELFDebug" />
+ </logger>
+
+ <logger name="com.att.eelf.audit" level="info" additivity="false">
+ <appender-ref ref="asyncEELFAudit" />
+ </logger>
+ <logger name="com.att.eelf.metrics" level="info" additivity="false">
+ <appender-ref ref="asyncEELFMetrics" />
+ </logger>
+
+ <!-- Spring related loggers -->
+ <logger name="org.springframework" level="WARN" />
+ <logger name="org.springframework.beans" level="WARN" />
+ <logger name="org.springframework.web" level="WARN" />
+ <logger name="com.blog.spring.jms" level="WARN" />
+
+ <!-- Data Router service loggers -->
+ <logger name="org.onap.aai.data-router" level="INFO" />
+
+ <!-- Other Loggers that may help troubleshoot -->
+ <logger name="net.sf" level="WARN" />
+ <logger name="org.apache" level="WARN" />
+ <logger name="org.apache.commons.httpclient" level="WARN" />
+ <logger name="org.apache.commons" level="WARN" />
+ <logger name="org.apache.coyote" level="WARN" />
+ <logger name="org.apache.jasper" level="WARN" />
+
+ <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging.
+ May aid in troubleshooting) -->
+ <logger name="org.apache.camel" level="WARN" />
+ <logger name="org.apache.cxf" level="WARN" />
+ <logger name="org.apache.camel.processor.interceptor" level="WARN" />
+ <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" />
+ <logger name="org.apache.cxf.service" level="WARN" />
+ <logger name="org.restlet" level="WARN" />
+ <logger name="org.apache.camel.component.restlet" level="WARN" />
+
+ <!-- logback internals logging -->
+ <logger name="ch.qos.logback.classic" level="WARN" />
+ <logger name="ch.qos.logback.core" level="WARN" />
+
+ <root>
+ <appender-ref ref="asyncEELF" />
+ <!-- <appender-ref ref="asyncEELFDebug" /> -->
+ </root>
+
+</configuration>
diff --git a/charts/aai-data-router/resources/config/schemaIngest.properties b/charts/aai-data-router/resources/config/schemaIngest.properties
new file mode 100644
index 0000000..8c680b5
--- /dev/null
+++ b/charts/aai-data-router/resources/config/schemaIngest.properties
@@ -0,0 +1,46 @@
+#
+# ============LICENSE_START=======================================================
+# org.onap.aai
+# ================================================================================
+# Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
+# Copyright © 2017-2018 Amdocs
+# Modifications Copyright © 2018 Bell Canada
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+#
+
+
+# Properties for the SchemaLocationsBean
+# Files named aai_oxm_v*.xml are unpacked here:
+nodeDir=/opt/app/data-router/onap/oxm
+# Dummy folder/directory:
+edgeDir=
+
+# Properties required by the aai-common - aai-schema-ingest lib as of 1.3.0
+schema.configuration.location=N/A
+schema.nodes.location=/opt/app/data-router/onap/oxm/
+schema.edges.location=
+# These versions need to exist if they are included in the list
+schema.version.list=v9,v10,v11,v12,v13,v14
+# Decalares the oxm version to load
+schema.version.api.default=v14
+
+# Don't use these properties in our application, need to be set to prevent an exception on startup (see SchemaVersions bean)
+schema.version.depth.start=v14
+schema.version.related.link.start=v14
+schema.version.app.root.start=v14
+schema.version.namespace.change.start=v14
+schema.version.edge.label.start=v14
+~
+
diff --git a/charts/aai-data-router/resources/dynamic/conf/data-router-oxm.xml b/charts/aai-data-router/resources/dynamic/conf/data-router-oxm.xml
new file mode 100644
index 0000000..c945c39
--- /dev/null
+++ b/charts/aai-data-router/resources/dynamic/conf/data-router-oxm.xml
@@ -0,0 +1,22 @@
+<beans xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns="http://www.springframework.org/schema/beans" xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:task="http://www.springframework.org/schema/task"
+ xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.2.xsd
+ http://www.springframework.org/schema/task http://www.springframework.org/schema/task/spring-task.xsd">
+
+ <context:property-placeholder
+ location="file:${CONFIG_HOME}/schemaIngest.properties"
+ ignore-unresolvable="true" />
+
+ <bean id="schemaLocationsBean" class="org.onap.aai.setup.SchemaLocationsBean">
+ <!-- When running with AJSC these properties must be injected directly.
+ The reason for this is unknown. -->
+ <property name="nodeDirectory" value="${nodeDir}" />
+ <property name="edgeDirectory" value="${edgeDir}" />
+ </bean>
+
+ <bean id="schemaVersions" class="org.onap.aai.setup.SchemaVersions"/>
+
+</beans>
+
diff --git a/charts/aai-data-router/resources/dynamic/conf/entity-event-policy.xml b/charts/aai-data-router/resources/dynamic/conf/entity-event-policy.xml
new file mode 100644
index 0000000..b5e4129
--- /dev/null
+++ b/charts/aai-data-router/resources/dynamic/conf/entity-event-policy.xml
@@ -0,0 +1,56 @@
+<!--
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+-->
+
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/beans
+ http://www.springframework.org/schema/beans/spring-beans.xsd">
+
+ <bean id="eepConfig" class="org.onap.aai.datarouter.policy.EntityEventPolicyConfig" >
+ <property name="sourceDomain" value="dev" />
+ <property name="searchBaseUrl" value="https://{{.Values.global.searchData.serviceName}}.{{.Release.Namespace}}:9509" />
+ <property name="searchEndpoint" value="services/search-data-service/v1/search/indexes/" />
+ <property name="searchEndpointDocuments" value = "documents" />
+ <property name="searchEntitySearchIndex" value="entity-search-index" />
+ <property name="searchTopographySearchIndex" value="topography-search-index" />
+ <property name="searchEntityAutoSuggestIndex" value="entityautosuggestindex" />
+ <property name="searchAggregationVnfIndex" value="aggregate_generic-vnf_index" />
+ <property name="searchCertName" value="client-cert-onap.p12" />
+ <property name="searchKeystorePwd" value="OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10" />
+ <property name="searchKeystore" value="tomcat_keystore" />
+ <property name="schemaVersions" ref="schemaVersions" />
+ <property name="schemaLocationsBean" ref="schemaLocationsBean" />
+ </bean>
+
+ <bean id="consumerBeanEntityEvent" class="org.onap.aai.event.client.DMaaPEventConsumer" >
+ <constructor-arg name="host" value="message-router.{{.Release.Namespace}}:{{.Values.event.port.dmaap}}" />
+ <constructor-arg name="topic" value="{{.Values.event.consumer.topic}}" />
+ <constructor-arg name="username" value="" />
+ <constructor-arg name="password" value="" />
+ <constructor-arg name="consumerGroup" value="datarouter" />
+ <constructor-arg name="consumerId" value="datarouter" />
+ <constructor-arg name="timeoutMs" value="1000" />
+ <constructor-arg name="messageLimit" value="100" />
+ <constructor-arg name="transportType" value="HTTPAUTH" />
+ <constructor-arg name="protocol" value="{{.Values.event.protocol}}" />
+ <constructor-arg name="filter"><null /></constructor-arg>
+ </bean>
+
+ <bean id="entityEventPolicy" class="org.onap.aai.datarouter.policy.EntityEventPolicy" init-method="startup" >
+ <constructor-arg ref="eepConfig"/>
+ </bean>
+</beans>
diff --git a/charts/aai-data-router/resources/dynamic/routes/entity-event.route b/charts/aai-data-router/resources/dynamic/routes/entity-event.route
new file mode 100644
index 0000000..14db6d6
--- /dev/null
+++ b/charts/aai-data-router/resources/dynamic/routes/entity-event.route
@@ -0,0 +1,4 @@
+<route xmlns="http://camel.apache.org/schema/spring" trace="true">
+ <from uri="event-bus:mybus/?eventTopic=AAI-EVENT&amp;consumer=#consumerBeanEntityEvent" />
+ <to uri="bean:entityEventPolicy?method=process"/>
+</route> \ No newline at end of file
diff --git a/charts/aai-data-router/templates/configmap.yaml b/charts/aai-data-router/templates/configmap.yaml
new file mode 100644
index 0000000..c8532b2
--- /dev/null
+++ b/charts/aai-data-router/templates/configmap.yaml
@@ -0,0 +1,68 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-prop
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-dynamic
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/dynamic/routes/entity-event.route").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/dynamic/conf/data-router-oxm.xml").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/dynamic/conf/entity-event-policy.xml").AsConfig . | indent 2 }}
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-log-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-filebeat-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }}
diff --git a/charts/aai-data-router/templates/deployment.yaml b/charts/aai-data-router/templates/deployment.yaml
new file mode 100644
index 0000000..5c0d9b2
--- /dev/null
+++ b/charts/aai-data-router/templates/deployment.yaml
@@ -0,0 +1,188 @@
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ name: {{ include "common.name" . }}
+ spec:
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
+ initContainers:
+ - command:
+ - /bin/sh
+ - -c
+ - |
+ mkdir -p /logroot/data-router/logs
+ chmod -R 777 /logroot/data-router/logs
+ chown -R root:root /logroot
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ securityContext:
+ privileged: true
+ image: {{ .Values.global.dockerhubRepository | default .Values.dockerhubRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: init-sysctl
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /logroot/
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: SERVICE_BEANS
+ value: /opt/app/data-router/dynamic/conf
+ - name: CONFIG_HOME
+ value: /opt/app/data-router/config/
+ - name: KEY_STORE_PASSWORD
+ value: {{ .Values.config.keyStorePassword }}
+ - name: DYNAMIC_ROUTES
+ value: /opt/app/data-router/dynamic/routes
+ - name: KEY_MANAGER_PASSWORD
+ value: {{ .Values.config.keyManagerPassword }}
+ - name: PATH
+ value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ - name: JAVA_HOME
+ value: usr/lib/jvm/java-8-openjdk-amd64
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /opt/app/data-router/config/auth
+ name: {{ include "common.fullname" . }}-auth
+ - mountPath: /opt/app/data-router/config/data-router.properties
+ subPath: data-router.properties
+ name: {{ include "common.fullname" . }}-properties
+ - mountPath: /opt/app/data-router/config/schemaIngest.properties
+ subPath: schemaIngest.properties
+ name: {{ include "common.fullname" . }}-properties
+ - mountPath: /opt/app/data-router/dynamic/routes/entity-event.route
+ subPath: entity-event.route
+ name: {{ include "common.fullname" . }}-dynamic-route
+ - mountPath: /opt/app/data-router/dynamic/conf/entity-event-policy.xml
+ subPath: entity-event-policy.xml
+ name: {{ include "common.fullname" . }}-dynamic-policy
+ - mountPath: /opt/app/data-router/dynamic/conf/data-router-oxm.xml
+ subPath: data-router-oxm.xml
+ name: {{ include "common.fullname" . }}-dynamic-oxm
+ - mountPath: /opt/app/data-router/bundleconfig/etc/logback.xml
+ name: {{ include "common.fullname" . }}-logback-config
+ subPath: logback.xml
+ - mountPath: /var/log/onap
+ name: {{ include "common.fullname" . }}-logs
+ - mountPath: /logs
+ name: {{ include "common.fullname" . }}-logs
+
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end -}}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ resources:
+{{ include "common.resources" . }}
+
+ # side car containers
+ - name: filebeat-onap
+ image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: /usr/share/filebeat/filebeat.yml
+ subPath: filebeat.yml
+ name: filebeat-conf
+ - mountPath: /var/log/onap
+ name: {{ include "common.fullname" . }}-logs
+ - mountPath: /logs
+ name: {{ include "common.fullname" . }}-logs
+ - mountPath: /usr/share/filebeat/data
+ name: aai-filebeat
+ resources:
+{{ include "common.resources" . }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: filebeat-conf
+ configMap:
+ name: aai-filebeat
+ - name: aai-filebeat
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-auth
+ secret:
+ secretName: {{ include "common.fullname" . }}
+ - name: {{ include "common.fullname" . }}-properties
+ configMap:
+ name: {{ include "common.fullname" . }}-prop
+ items:
+ - key: data-router.properties
+ path: data-router.properties
+ - key: schemaIngest.properties
+ path: schemaIngest.properties
+ - name: {{ include "common.fullname" . }}-dynamic-route
+ configMap:
+ name: {{ include "common.fullname" . }}-dynamic
+ - name: {{ include "common.fullname" . }}-dynamic-policy
+ configMap:
+ name: {{ include "common.fullname" . }}-dynamic
+ - name: {{ include "common.fullname" . }}-dynamic-oxm
+ configMap:
+ name: {{ include "common.fullname" . }}-dynamic
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-logback-config
+ configMap:
+ name: {{ include "common.fullname" . }}-log-configmap
+ items:
+ - key: logback.xml
+ path: logback.xml
+ restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/charts/aai-data-router/templates/secret.yaml b/charts/aai-data-router/templates/secret.yaml
new file mode 100644
index 0000000..6084ca3
--- /dev/null
+++ b/charts/aai-data-router/templates/secret.yaml
@@ -0,0 +1,27 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }}
diff --git a/charts/aai-data-router/values.yaml b/charts/aai-data-router/values.yaml
new file mode 100644
index 0000000..ddc7fd0
--- /dev/null
+++ b/charts/aai-data-router/values.yaml
@@ -0,0 +1,108 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Default values for data-router.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+global: # global defaults
+ nodePortPrefix: 302
+ loggingImage: beats/filebeat:5.5.0
+
+# application image
+repository: nexus3.onap.org:10001
+image: onap/data-router:1.3.1
+pullPolicy: Always
+restartPolicy: Always
+flavor: small
+dockerhubRepository: registry.hub.docker.com
+ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
+
+# application configuration
+config:
+ keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+ keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+
+service:
+ name: aai-data-router
+ internalPort: 9502
+
+ingress:
+ enabled: false
+
+persistence:
+ enabled: true
+
+ ## A manually managed Persistent Volume and Claim
+ ## Requires persistence.enabled: true
+ ## If defined, PVC must be created manually before volume will be bound
+ # existingClaim:
+ volumeReclaimPolicy: Retain
+
+ ## database data Persistent Volume Storage Class
+ ## If defined, storageClassName: <storageClass>
+ ## If set to "-", storageClassName: "", which disables dynamic provisioning
+ ## If undefined (the default) or set to null, no storageClassName spec is
+ ## set, choosing the default provisioner. (gp2 on AWS, standard on
+ ## GKE, AWS & OpenStack)
+ ##
+ ## storageClass: "-"
+ accessMode: ReadWriteMany
+ size: 2Gi
+ mountPath: /dockerdata-nfs
+ mountSubPath: aai/data-router/logs
+
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 4Gi
+ requests:
+ cpu: 0.25
+ memory: 750Mi
+ large:
+ limits:
+ cpu: 4
+ memory: 8Gi
+ requests:
+ cpu: 0.5
+ memory: 1536Mi
+ unlimited: {}
+
+# Entity Event route configuration
+event:
+ port:
+ dmaap: 3905
+ protocol: https
+ consumer:
+ topic: AAI-EVENT
diff --git a/charts/aai-elasticsearch/.helmignore b/charts/aai-elasticsearch/.helmignore
new file mode 100644
index 0000000..daebc7d
--- /dev/null
+++ b/charts/aai-elasticsearch/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/charts/aai-elasticsearch/Chart.yaml b/charts/aai-elasticsearch/Chart.yaml
new file mode 100644
index 0000000..fbc7abd
--- /dev/null
+++ b/charts/aai-elasticsearch/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP AAI elasticsearch
+name: aai-elasticsearch
+version: 4.0.0
diff --git a/charts/aai-elasticsearch/resources/bin/init_sg.sh b/charts/aai-elasticsearch/resources/bin/init_sg.sh
new file mode 100644
index 0000000..e859365
--- /dev/null
+++ b/charts/aai-elasticsearch/resources/bin/init_sg.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+
+/usr/share/elasticsearch/plugins/search-guard-6/tools/sgadmin.sh \
+ -cd /usr/share/elasticsearch/config/sg \
+ -ks /usr/share/elasticsearch/config/sg/auth/{{ .Values.config.adminKeyStore }} \
+ -ts /usr/share/elasticsearch/config/sg/auth/{{ .Values.config.trustStore }} \
+ -kspass {{ .Values.config.adminKeyStorePassword }} \
+ -tspass {{ .Values.config.trustStorePassword}} \
+ -nhnv \
+ -icl \
+ -p {{ .Values.service.internalPort2 }} \ No newline at end of file
diff --git a/charts/aai-elasticsearch/resources/bin/run.sh b/charts/aai-elasticsearch/resources/bin/run.sh
new file mode 100644
index 0000000..a612c74
--- /dev/null
+++ b/charts/aai-elasticsearch/resources/bin/run.sh
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+# Wait for ES to start then initialize SearchGuard
+/usr/local/bin/docker-entrypoint.sh eswrapper &
+/usr/share/elasticsearch/bin/wait_until_started.sh
+/usr/share/elasticsearch/bin/init_sg.sh
+
+wait \ No newline at end of file
diff --git a/charts/aai-elasticsearch/resources/bin/wait_until_started.sh b/charts/aai-elasticsearch/resources/bin/wait_until_started.sh
new file mode 100644
index 0000000..279253b
--- /dev/null
+++ b/charts/aai-elasticsearch/resources/bin/wait_until_started.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+RET=1
+
+while [[ RET -ne 0 ]]; do
+ echo "Waiting for Elasticsearch to become ready before running sgadmin..."
+ curl -XGET -k "https://localhost:{{ .Values.service.internalPort }}/" >/dev/null 2>&1
+ RET=$?
+ sleep 5
+done \ No newline at end of file
diff --git a/charts/aai-elasticsearch/resources/config/elasticsearch.yml b/charts/aai-elasticsearch/resources/config/elasticsearch.yml
new file mode 100644
index 0000000..87536e3
--- /dev/null
+++ b/charts/aai-elasticsearch/resources/config/elasticsearch.yml
@@ -0,0 +1,397 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+##################### Elasticsearch Configuration Example #####################
+
+# This file contains an overview of various configuration settings,
+# targeted at operations staff. Application developers should
+# consult the guide at <http://elasticsearch.org/guide>.
+#
+# The installation procedure is covered at
+# <http://elasticsearch.org/guide/en/elasticsearch/reference/current/setup.html>.
+#
+# Elasticsearch comes with reasonable defaults for most settings,
+# so you can try it out without bothering with configuration.
+#
+# Most of the time, these defaults are just fine for running a production
+# cluster. If you're fine-tuning your cluster, or wondering about the
+# effect of certain configuration option, please _do ask_ on the
+# mailing list or IRC channel [http://elasticsearch.org/community].
+
+# Any element in the configuration can be replaced with environment variables
+# by placing them in ${...} notation. For example:
+#
+# node.rack: ${RACK_ENV_VAR}
+
+# For information on supported formats and syntax for the config file, see
+# <http://elasticsearch.org/guide/en/elasticsearch/reference/current/setup-configuration.html>
+################################### Cluster ###################################
+
+# Cluster name identifies your cluster for auto-discovery. If you're running
+# multiple clusters on the same network, make sure you're using unique names.
+#
+# cluster.name: elasticsearch
+
+cluster.name: ES_AAI
+
+#################################### Node #####################################
+
+node.name: ES_ONAP
+node.master: true
+node.data: true
+
+
+# Use the Cluster Health API [http://localhost:9200/_cluster/health], the
+# Node Info API [http://localhost:9200/_nodes] or GUI tools
+# such as <http://www.elasticsearch.org/overview/marvel/>,
+# <http://github.com/karmi/elasticsearch-paramedic>,
+# <http://github.com/lukas-vlcek/bigdesk> and
+# <http://mobz.github.com/elasticsearch-head> to inspect the cluster state.
+
+# By default, multiple nodes are allowed to start from the same installation location
+# to disable it, set the following:
+
+node.max_local_storage_nodes: 1
+
+
+#################################### Index ####################################
+# You can set a number of options (such as shard/replica options, mapping
+# or analyzer definitions, translog settings, ...) for indices globally,
+# in this file.
+#
+# Note, that it makes more sense to configure index settings specifically for
+# a certain index, either when creating it or by using the index templates API.
+#
+# See <http://elasticsearch.org/guide/en/elasticsearch/reference/current/index-modules.html> and
+# <http://elasticsearch.org/guide/en/elasticsearch/reference/current/indices-create-index.html>
+# for more information.
+
+# Set the number of shards (splits) of an index (5 by default):
+
+#index.number_of_shards: 5
+
+# Set the number of replicas (additional copies) of an index (1 by default):
+
+#index.number_of_replicas: 1
+
+# These settings directly affect the performance of index and search operations
+# in your cluster. Assuming you have enough machines to hold shards and
+# replicas, the rule of thumb is:
+#
+# 1. Having more *shards* enhances the _indexing_ performance and allows to
+# _distribute_ a big index across machines.
+# 2. Having more *replicas* enhances the _search_ performance and improves the
+# cluster _availability_.
+#
+# The "number_of_shards" is a one-time setting for an index.
+#
+# The "number_of_replicas" can be increased or decreased anytime,
+# by using the Index Update Settings API.
+#
+# Elasticsearch takes care about load balancing, relocating, gathering the
+# results from nodes, etc. Experiment with different settings to fine-tune
+# your setup.
+
+# Use the Index Status API (<http://localhost:9200/A/_status>) to inspect
+# the index status.
+
+
+#################################### Paths ####################################
+
+# Path to directory containing configuration (this file and logging.yml):
+#path.conf: /opt/app/elasticsearch/config
+
+# Path to directory where to store index data allocated for this node.
+# Use swm auto link to redirect the data directory if necessary.
+
+path.data: /usr/share/elasticsearch/data
+
+# path.data: /path/to/data1,/path/to/data2
+
+# path.work: /path/to/work
+
+path.logs: /usr/share/elasticsearch/logs
+
+#path.plugins: /opt/app/elasticsearch/plugins
+
+
+#################################### Plugin ###################################
+
+# If a plugin listed here is not installed for current node, the node will not start.
+#
+# plugin.mandatory: mapper-attachments,lang-groovy
+
+
+################################### Memory ####################################
+
+# Elasticsearch performs poorly when JVM starts swapping: you should ensure that
+# it _never_ swaps.
+#
+# Set this property to true to lock the memory: default is true
+
+#bootstrap.memory_lock: true
+
+# Make sure that the ES_MIN_MEM and ES_MAX_MEM environment variables are set
+# to the same value, and that the machine has enough memory to allocate
+# for Elasticsearch, leaving enough memory for the operating system itself.
+#
+# You should also make sure that the Elasticsearch process is allowed to lock
+# the memory, eg. by using `ulimit -l unlimited`.
+
+### Kernel Settings
+
+# Elasticsearch installs system call filters of various flavors depending on the
+# operating system (e.g., seccomp on Linux). These system call filters are
+# installed to prevent the ability to execute system calls related to forking
+# as a defense mechanism against arbitrary code execution attacks on
+# Elasticsearch The system call filter check ensures that if system call
+# filters are enabled, then they were successfully installed. To pass the system
+# call filter check you must either fix any configuration errors on your system
+# that prevented system call filters from installing (check your logs), or at
+# your own risk disable system call filters by setting
+# bootstrap.system_call_filter to false.
+# See: https://www.elastic.co/guide/en/elasticsearch/reference/current/system-call-filter-check.html
+#
+# seccomp is found in Linux kernels: 2.6.37–2.6.39, 3.0–3.19, 4.0–4.9,
+# 4.10-rc+HEAD
+#
+# The default setting is to disable the filters assuming an older kernel
+# version where seccomp is not available.
+# See: https://discuss.elastic.co/t/elasticsearch-warn-unable-to-install-syscall-filter/42819
+
+bootstrap.system_call_filter: false
+
+############################## Network And HTTP ###############################
+# Elasticsearch, by default, binds itself to the 0.0.0.0 address, and listens
+# on port [9200-9300] for HTTP traffic and on port [9300-9400] for node-to-node
+# communication. (the range means that if the port is busy, it will automatically
+# try the next port).
+
+# Set the bind address specifically (IPv4 or IPv6):
+network.bind_host: 0.0.0.0
+
+# Set the address other nodes will use to communicate with this node. If not
+# set, it is automatically derived. It must point to an actual IP address.
+
+# network.publish_host: 0.0.0.0
+
+# Set both 'bind_host' and 'publish_host':
+# network.host: 192.168.0.1
+
+
+# Set a custom port for the node to node communication (9300 by default):
+transport.tcp.port: {{ .Values.service.internalPort2 }}
+
+# Enable compression for all communication between nodes (disabled by default):
+transport.tcp.compress: false
+
+# Set a custom port to listen for HTTP traffic:
+# http.port: 9200
+http.port: {{ .Values.service.internalPort }}
+
+# Set a custom allowed content length:
+# http.max_content_length: 100mb
+http.max_content_length: 100mb
+
+# Disable HTTP completely:
+# http.enabled: false
+http.enabled: true
+
+# This is specifically useful for permitting which front end Kibana Url's are permitted to access elastic search.
+http.cors.enabled: false
+http.cors.allow-origin: "/.*/"
+http.cors.allow-headers: X-Requested-With, Content-Type, Content-Length
+http.cors.allow-credentials: false
+################################### Gateway ###################################
+
+# The gateway allows for persisting the cluster state between full cluster
+# restarts. Every change to the state (such as adding an index) will be stored
+# in the gateway, and when the cluster starts up for the first time,
+# it will read its state from the gateway.
+# There are several types of gateway implementations. For more information, see
+# <http://elasticsearch.org/guide/en/elasticsearch/reference/current/modules-gateway.html>.
+
+# The default gateway type is the "local" gateway (recommended):
+#
+#gateway.type: local
+#gateway.type: local
+
+# Settings below control how and when to start the initial recovery process on
+# a full cluster restart (to reuse as much local data as possible when using shared
+# gateway).
+
+# Allow recovery process after N nodes in a cluster are up:
+#
+# gateway.recover_after_nodes: 1
+gateway.recover_after_nodes: 1
+
+# Set the timeout to initiate the recovery process, once the N nodes
+# from previous setting are up (accepts time value):
+#
+#gateway.recover_after_time: 5m
+gateway.recover_after_time: 5m
+
+# Set how many nodes are expected in this cluster. Once these N nodes
+# are up (and recover_after_nodes is met), begin recovery process immediately
+# (without waiting for recover_after_time to expire):
+#
+# gateway.expected_nodes: 2
+gateway.expected_nodes: 2
+
+############################# Recovery Throttling #############################
+
+# These settings allow to control the process of shards allocation between
+# nodes during initial recovery, replica allocation, rebalancing,
+# or when adding and removing nodes.
+
+# Set the number of concurrent recoveries happening on a node:
+#
+# 1. During the initial recovery
+#
+# cluster.routing.allocation.node_initial_primaries_recoveries: 4
+#
+# 2. During adding/removing nodes, rebalancing, etc
+#
+# cluster.routing.allocation.node_concurrent_recoveries: 2
+
+# Set to throttle throughput when recovering (eg. 100mb, by default 20mb):
+# indices.recovery.max_bytes_per_sec: 20mb
+indices.recovery.max_bytes_per_sec: 20mb
+
+# Set to limit the number of open concurrent streams when
+# recovering a shard from a peer:
+#
+# indices.recovery.concurrent_streams: 5
+#indices.recovery.concurrent_streams: 5
+
+################################## Discovery ##################################
+
+# Discovery infrastructure ensures nodes can be found within a cluster
+# and master node is elected. Multicast discovery is the default.
+
+# Set to ensure a node sees N other master eligible nodes to be considered
+# operational within the cluster. Its recommended to set it to a higher value
+# than 1 when running more than 2 nodes in the cluster.
+#
+discovery.zen.minimum_master_nodes: 1
+
+# Set the time to wait for ping responses from other nodes when discovering.
+# Set this option to a higher value on a slow or congested network
+# to minimize discovery failures:
+#
+# discovery.zen.ping_timeout: 3s
+discovery.zen.ping_timeout: 3s
+
+# For more information, see
+# <http://elasticsearch.org/guide/en/elasticsearch/reference/current/modules-discovery-zen.html>
+
+# Unicast discovery allows to explicitly control which nodes will be used
+# to discover the cluster. It can be used when multicast is not present,
+# or to restrict the cluster communication-wise.
+#
+# 1. Disable multicast discovery (enabled by default):
+# discovery.zen.ping.multicast.enabled: false
+#discovery.zen.ping.multicast.enabled: false
+
+
+# 2. Configure an initial list of master nodes in the cluster
+# to perform discovery when new nodes (master or data) are started:
+#
+# discovery.zen.ping.unicast.hosts: ["host1", "host2:port"]
+discovery.zen.ping.unicast.hosts: ["0.0.0.0"]
+
+# EC2 discovery allows to use AWS EC2 API in order to perform discovery.
+#
+# You have to install the cloud-aws plugin for enabling the EC2 discovery.
+#
+# For more information, see
+# <http://elasticsearch.org/guide/en/elasticsearch/reference/current/modules-discovery-ec2.html>
+#
+#
+# See <http://elasticsearch.org/tutorials/elasticsearch-on-ec2/>
+# for a step-by-step tutorial.
+
+# GCE discovery allows to use Google Compute Engine API in order to perform discovery.
+#
+# You have to install the cloud-gce plugin for enabling the GCE discovery.
+#
+# For more information, see <https://github.com/elasticsearch/elasticsearch-cloud-gce>.
+
+# Azure discovery allows to use Azure API in order to perform discovery.
+#
+# You have to install the cloud-azure plugin for enabling the Azure discovery.
+#
+# For more information, see <https://github.com/elasticsearch/elasticsearch-cloud-azure>.
+
+################################## Slow Log ##################################
+
+# Shard level query and fetch threshold logging.
+
+#index.search.slowlog.threshold.query.warn: 10s
+#index.search.slowlog.threshold.query.info: 5s
+#index.search.slowlog.threshold.query.debug: 2s
+#index.search.slowlog.threshold.query.trace: 500ms
+
+#index.search.slowlog.threshold.fetch.warn: 1s
+#index.search.slowlog.threshold.fetch.info: 800ms
+#index.search.slowlog.threshold.fetch.debug: 500ms
+#index.search.slowlog.threshold.fetch.trace: 200ms
+
+#index.indexing.slowlog.threshold.index.warn: 10s
+#index.indexing.slowlog.threshold.index.info: 5s
+#index.indexing.slowlog.threshold.index.debug: 2s
+#index.indexing.slowlog.threshold.index.trace: 500ms
+
+################################## GC Logging ################################
+
+#monitor.jvm.gc.young.warn: 1000ms
+#monitor.jvm.gc.young.info: 700ms
+#monitor.jvm.gc.young.debug: 400ms
+
+#monitor.jvm.gc.old.warn: 10s
+#monitor.jvm.gc.old.info: 5s
+#monitor.jvm.gc.old.debug: 2s
+
+#############################################################################################
+### SEARCH GUARD SSL #
+### Configuration #
+###############################################################################################
+######## Start Search Guard Demo Configuration ########
+
+searchguard.enterprise_modules_enabled: false
+
+searchguard.ssl.transport.keystore_filepath: sg/auth/{{ .Values.config.nodeKeyStore }}
+searchguard.ssl.transport.keystore_password: {{ .Values.config.nodeKeyStorePassword }}
+searchguard.ssl.transport.truststore_filepath: sg/auth/{{ .Values.config.trustStore }}
+searchguard.ssl.transport.truststore_password: {{ .Values.config.trustStorePassword }}
+searchguard.ssl.transport.enforce_hostname_verification: false
+
+searchguard.ssl.http.enabled: true
+searchguard.ssl.http.keystore_filepath: sg/auth/{{ .Values.config.nodeKeyStore }}
+searchguard.ssl.http.keystore_password: {{ .Values.config.nodeKeyStorePassword }}
+searchguard.ssl.http.truststore_filepath: sg/auth/{{ .Values.config.trustStore }}
+searchguard.ssl.http.truststore_password: {{ .Values.config.trustStorePassword }}
+
+searchguard.nodes_dn:
+ - CN=esaai
+
+searchguard.authcz.admin_dn:
+ - CN=sgadmin
+
+# x-pack security conflicts with searchguard
+xpack.security.enabled: false
+xpack.ml.enabled: false
+xpack.monitoring.enabled: false
+xpack.watcher.enabled: false
diff --git a/charts/aai-elasticsearch/resources/config/jvm.options b/charts/aai-elasticsearch/resources/config/jvm.options
new file mode 100644
index 0000000..e69d798
--- /dev/null
+++ b/charts/aai-elasticsearch/resources/config/jvm.options
@@ -0,0 +1,117 @@
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+## JVM configuration
+
+################################################################
+## IMPORTANT: JVM heap size
+################################################################
+##
+## You should always set the min and max JVM heap
+## size to the same value. For example, to set
+## the heap to 4 GB, set:
+##
+## -Xms4g
+## -Xmx4g
+##
+## See https://www.elastic.co/guide/en/elasticsearch/reference/current/heap-size.html
+## for more information
+##
+################################################################
+
+# Xms represents the initial size of total heap space
+# Xmx represents the maximum size of total heap space
+
+-Xms1g
+-Xmx1g
+
+################################################################
+## Expert settings
+################################################################
+##
+## All settings below this section are considered
+## expert settings. Don't tamper with them unless
+## you understand what you are doing
+##
+################################################################
+
+## GC configuration
+-XX:+UseConcMarkSweepGC
+-XX:CMSInitiatingOccupancyFraction=75
+-XX:+UseCMSInitiatingOccupancyOnly
+
+## optimizations
+
+# pre-touch memory pages used by the JVM during initialization
+-XX:+AlwaysPreTouch
+
+## basic
+
+# force the server VM
+-server
+
+# explicitly set the stack size
+-Xss1m
+
+# set to headless, just in case
+-Djava.awt.headless=true
+
+# ensure UTF-8 encoding by default (e.g. filenames)
+-Dfile.encoding=UTF-8
+
+# use our provided JNA always versus the system one
+-Djna.nosys=true
+
+# turn off a JDK optimization that throws away stack traces for common
+# exceptions because stack traces are important for debugging
+-XX:-OmitStackTraceInFastThrow
+
+# flags to configure Netty
+-Dio.netty.noUnsafe=true
+-Dio.netty.noKeySetOptimization=true
+-Dio.netty.recycler.maxCapacityPerThread=0
+
+# log4j 2
+-Dlog4j.shutdownHookEnabled=false
+-Dlog4j2.disable.jmx=true
+
+## heap dumps
+
+# generate a heap dump when an allocation from the Java heap fails
+# heap dumps are created in the working directory of the JVM
+-XX:+HeapDumpOnOutOfMemoryError
+
+# specify an alternative path for heap dumps
+# ensure the directory exists and has sufficient space
+#-XX:HeapDumpPath=/heap/dump/path
+
+## GC logging
+
+#-XX:+PrintGCDetails
+#-XX:+PrintGCTimeStamps
+#-XX:+PrintGCDateStamps
+#-XX:+PrintClassHistogram
+#-XX:+PrintTenuringDistribution
+#-XX:+PrintGCApplicationStoppedTime
+
+# log GC status to a file with time stamps
+# ensure the directory exists
+#-Xloggc:${loggc}
+
+# By default, the GC log file will not rotate.
+# By uncommenting the lines below, the GC log file
+# will be rotated every 128MB at most 32 times.
+#-XX:+UseGCLogFileRotation
+#-XX:NumberOfGCLogFiles=32
+#-XX:GCLogFileSize=128M
diff --git a/charts/aai-elasticsearch/resources/config/log4j2.properties b/charts/aai-elasticsearch/resources/config/log4j2.properties
new file mode 100644
index 0000000..e674865
--- /dev/null
+++ b/charts/aai-elasticsearch/resources/config/log4j2.properties
@@ -0,0 +1,88 @@
+# Copyright © 2018 Amdocs, AT&T, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+status = error
+
+# log action execution errors for easier debugging
+logger.action.name = org.elasticsearch.action
+logger.action.level = INFO
+
+appender.console.type = Console
+appender.console.name = console
+appender.console.layout.type = PatternLayout
+appender.console.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] %marker%m%n
+
+appender.rolling.type = RollingFile
+appender.rolling.name = rolling
+appender.rolling.fileName = ${sys:es.logs.base_path}.log
+appender.rolling.layout.type = PatternLayout
+appender.rolling.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] %marker%.10000m%n
+appender.rolling.filePattern = ${sys:es.logs.base_path}-%d{yyyy-MM-dd}.log
+appender.rolling.policies.type = Policies
+appender.rolling.policies.time.type = TimeBasedTriggeringPolicy
+appender.rolling.policies.time.interval = 1
+appender.rolling.policies.time.modulate = true
+
+rootLogger.level = info
+rootLogger.appenderRef.console.ref = console
+rootLogger.appenderRef.rolling.ref = rolling
+
+# appender.deprecation_rolling.type = RollingFile
+# appender.deprecation_rolling.name = deprecation_rolling
+# appender.deprecation_rolling.fileName = ${sys:es.logs.base_path}_deprecation.log
+# appender.deprecation_rolling.layout.type = PatternLayout
+# appender.deprecation_rolling.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] %marker%.10000m%n
+# appender.deprecation_rolling.filePattern = ${sys:es.logs.base_path}_deprecation-%i.log.gz
+# appender.deprecation_rolling.policies.type = Policies
+# appender.deprecation_rolling.policies.size.type = SizeBasedTriggeringPolicy
+# appender.deprecation_rolling.policies.size.size = 1GB
+# appender.deprecation_rolling.strategy.type = DefaultRolloverStrategy
+# appender.deprecation_rolling.strategy.max = 4
+
+# logger.deprecation.name = org.elasticsearch.deprecation
+# logger.deprecation.level = warn
+# logger.deprecation.appenderRef.deprecation_rolling.ref = deprecation_rolling
+# logger.deprecation.additivity = false
+
+appender.index_search_slowlog_rolling.type = RollingFile
+appender.index_search_slowlog_rolling.name = index_search_slowlog_rolling
+appender.index_search_slowlog_rolling.fileName = ${sys:es.logs.base_path}_index_search_slowlog.log
+appender.index_search_slowlog_rolling.layout.type = PatternLayout
+appender.index_search_slowlog_rolling.layout.pattern = [%d{ISO8601}][%-5p][%-25c] %marker%.10000m%n
+appender.index_search_slowlog_rolling.filePattern = ${sys:es.logs.base_path}_index_search_slowlog-%d{yyyy-MM-dd}.log
+appender.index_search_slowlog_rolling.policies.type = Policies
+appender.index_search_slowlog_rolling.policies.time.type = TimeBasedTriggeringPolicy
+appender.index_search_slowlog_rolling.policies.time.interval = 1
+appender.index_search_slowlog_rolling.policies.time.modulate = true
+
+logger.index_search_slowlog_rolling.name = index.search.slowlog
+logger.index_search_slowlog_rolling.level = trace
+logger.index_search_slowlog_rolling.appenderRef.index_search_slowlog_rolling.ref = index_search_slowlog_rolling
+logger.index_search_slowlog_rolling.additivity = false
+
+appender.index_indexing_slowlog_rolling.type = RollingFile
+appender.index_indexing_slowlog_rolling.name = index_indexing_slowlog_rolling
+appender.index_indexing_slowlog_rolling.fileName = ${sys:es.logs.base_path}_index_indexing_slowlog.log
+appender.index_indexing_slowlog_rolling.layout.type = PatternLayout
+appender.index_indexing_slowlog_rolling.layout.pattern = [%d{ISO8601}][%-5p][%-25c] %marker%.10000m%n
+appender.index_indexing_slowlog_rolling.filePattern = ${sys:es.logs.base_path}_index_indexing_slowlog-%d{yyyy-MM-dd}.log
+appender.index_indexing_slowlog_rolling.policies.type = Policies
+appender.index_indexing_slowlog_rolling.policies.time.type = TimeBasedTriggeringPolicy
+appender.index_indexing_slowlog_rolling.policies.time.interval = 1
+appender.index_indexing_slowlog_rolling.policies.time.modulate = true
+
+logger.index_indexing_slowlog.name = index.indexing.slowlog.index
+logger.index_indexing_slowlog.level = trace
+logger.index_indexing_slowlog.appenderRef.index_indexing_slowlog_rolling.ref = index_indexing_slowlog_rolling
+logger.index_indexing_slowlog.additivity = false
diff --git a/charts/aai-elasticsearch/resources/config/sg/auth/esaai-keystore.jks b/charts/aai-elasticsearch/resources/config/sg/auth/esaai-keystore.jks
new file mode 100644
index 0000000..21ec9bb
--- /dev/null
+++ b/charts/aai-elasticsearch/resources/config/sg/auth/esaai-keystore.jks
Binary files differ
diff --git a/charts/aai-elasticsearch/resources/config/sg/auth/sgadmin-keystore.p12 b/charts/aai-elasticsearch/resources/config/sg/auth/sgadmin-keystore.p12
new file mode 100644
index 0000000..db7cbf4
--- /dev/null
+++ b/charts/aai-elasticsearch/resources/config/sg/auth/sgadmin-keystore.p12
Binary files differ
diff --git a/charts/aai-elasticsearch/resources/config/sg/auth/truststore.jks b/charts/aai-elasticsearch/resources/config/sg/auth/truststore.jks
new file mode 100644
index 0000000..b3bd666
--- /dev/null
+++ b/charts/aai-elasticsearch/resources/config/sg/auth/truststore.jks
Binary files differ
diff --git a/charts/aai-elasticsearch/resources/config/sg/sg_action_groups.yml b/charts/aai-elasticsearch/resources/config/sg/sg_action_groups.yml
new file mode 100644
index 0000000..be5901a
--- /dev/null
+++ b/charts/aai-elasticsearch/resources/config/sg/sg_action_groups.yml
@@ -0,0 +1,137 @@
+UNLIMITED:
+ readonly: true
+ permissions:
+ - "*"
+
+###### INDEX LEVEL ######
+
+INDICES_ALL:
+ readonly: true
+ permissions:
+ - "indices:*"
+
+# for backward compatibility
+ALL:
+ readonly: true
+ permissions:
+ - INDICES_ALL
+
+MANAGE:
+ readonly: true
+ permissions:
+ - "indices:monitor/*"
+ - "indices:admin/*"
+
+CREATE_INDEX:
+ readonly: true
+ permissions:
+ - "indices:admin/create"
+ - "indices:admin/mapping/put"
+
+MANAGE_ALIASES:
+ readonly: true
+ permissions:
+ - "indices:admin/aliases*"
+
+# for backward compatibility
+MONITOR:
+ readonly: true
+ permissions:
+ - INDICES_MONITOR
+
+INDICES_MONITOR:
+ readonly: true
+ permissions:
+ - "indices:monitor/*"
+
+DATA_ACCESS:
+ readonly: true
+ permissions:
+ - "indices:data/*"
+ - CRUD
+
+WRITE:
+ readonly: true
+ permissions:
+ - "indices:data/write*"
+ - "indices:admin/mapping/put"
+
+READ:
+ readonly: true
+ permissions:
+ - "indices:data/read*"
+ - "indices:admin/mappings/fields/get*"
+
+DELETE:
+ readonly: true
+ permissions:
+ - "indices:data/write/delete*"
+
+CRUD:
+ readonly: true
+ permissions:
+ - READ
+ - WRITE
+
+SEARCH:
+ readonly: true
+ permissions:
+ - "indices:data/read/search*"
+ - "indices:data/read/msearch*"
+ - SUGGEST
+
+SUGGEST:
+ readonly: true
+ permissions:
+ - "indices:data/read/suggest*"
+
+INDEX:
+ readonly: true
+ permissions:
+ - "indices:data/write/index*"
+ - "indices:data/write/update*"
+ - "indices:admin/mapping/put"
+ - "indices:data/write/bulk*"
+
+GET:
+ readonly: true
+ permissions:
+ - "indices:data/read/get*"
+ - "indices:data/read/mget*"
+
+###### CLUSTER LEVEL ######
+
+CLUSTER_ALL:
+ readonly: true
+ permissions:
+ - "cluster:*"
+
+CLUSTER_MONITOR:
+ readonly: true
+ permissions:
+ - "cluster:monitor/*"
+
+CLUSTER_COMPOSITE_OPS_RO:
+ readonly: true
+ permissions:
+ - "indices:data/read/mget"
+ - "indices:data/read/msearch"
+ - "indices:data/read/mtv"
+ - "indices:data/read/coordinate-msearch*"
+ - "indices:admin/aliases/exists*"
+ - "indices:admin/aliases/get*"
+ - "indices:data/read/scroll"
+
+CLUSTER_COMPOSITE_OPS:
+ readonly: true
+ permissions:
+ - "indices:data/write/bulk"
+ - "indices:admin/aliases*"
+ - "indices:data/write/reindex"
+ - CLUSTER_COMPOSITE_OPS_RO
+
+MANAGE_SNAPSHOTS:
+ readonly: true
+ permissions:
+ - "cluster:admin/snapshot/*"
+ - "cluster:admin/repository/*" \ No newline at end of file
diff --git a/charts/aai-elasticsearch/resources/config/sg/sg_config.yml b/charts/aai-elasticsearch/resources/config/sg/sg_config.yml
new file mode 100644
index 0000000..9172b71
--- /dev/null
+++ b/charts/aai-elasticsearch/resources/config/sg/sg_config.yml
@@ -0,0 +1,221 @@
+# This is the main Search Guard configuration file where authentication
+# and authorization is defined.
+#
+# You need to configure at least one authentication domain in the authc of this file.
+# An authentication domain is responsible for extracting the user credentials from
+# the request and for validating them against an authentication backend like Active Directory for example.
+#
+# If more than one authentication domain is configured the first one which succeeds wins.
+# If all authentication domains fail then the request is unauthenticated.
+# In this case an exception is thrown and/or the HTTP status is set to 401.
+#
+# After authentication authorization (authz) will be applied. There can be zero or more authorizers which collect
+# the roles from a given backend for the authenticated user.
+#
+# Both, authc and auth can be enabled/disabled separately for REST and TRANSPORT layer. Default is true for both.
+# http_enabled: true
+# transport_enabled: true
+#
+# 5.x Migration: "enabled: true/false" will also be respected currently but only to provide backward compatibility.
+#
+# For HTTP it is possible to allow anonymous authentication. If that is the case then the HTTP authenticators try to
+# find user credentials in the HTTP request. If credentials are found then the user gets regularly authenticated.
+# If none can be found the user will be authenticated as an "anonymous" user. This user has always the username "sg_anonymous"
+# and one role named "sg_anonymous_backendrole".
+# If you enable anonymous authentication all HTTP authenticators will not challenge.
+#
+#
+# Note: If you define more than one HTTP authenticators make sure to put non-challenging authenticators like "proxy" or "clientcert"
+# first and the challenging one last.
+# Because it's not possible to challenge a client with two different authentication methods (for example
+# Kerberos and Basic) only one can have the challenge flag set to true. You can cope with this situation
+# by using pre-authentication, e.g. sending a HTTP Basic authentication header in the request.
+#
+# Default value of the challenge flag is true.
+#
+#
+# HTTP
+# basic (challenging)
+# proxy (not challenging, needs xff)
+# kerberos (challenging)
+# clientcert (not challenging, needs https)
+# jwt (not challenging)
+# host (not challenging) #DEPRECATED, will be removed in a future version.
+# host based authentication is configurable in sg_roles_mapping
+
+# Authc
+# internal
+# noop
+# ldap
+
+# Authz
+# ldap
+# noop
+
+searchguard:
+ dynamic:
+ # Set filtered_alias_mode to 'disallow' to forbid more than 2 filtered aliases per index
+ # Set filtered_alias_mode to 'warn' to allow more than 2 filtered aliases per index but warns about it (default)
+ # Set filtered_alias_mode to 'nowarn' to allow more than 2 filtered aliases per index silently
+ #filtered_alias_mode: warn
+ #kibana:
+ # Kibana multitenancy
+ # see https://github.com/floragunncom/search-guard-docs/blob/master/multitenancy.md
+ # To make this work you need to install https://github.com/floragunncom/search-guard-module-kibana-multitenancy/wiki
+ #multitenancy_enabled: true
+ #server_username: kibanaserver
+ #index: '.kibana'
+ #do_not_fail_on_forbidden: false
+ http:
+ anonymous_auth_enabled: false
+ xff:
+ enabled: false
+ internalProxies: '192\.168\.0\.10|192\.168\.0\.11' # regex pattern
+ #internalProxies: '.*' # trust all internal proxies, regex pattern
+ remoteIpHeader: 'x-forwarded-for'
+ proxiesHeader: 'x-forwarded-by'
+ #trustedProxies: '.*' # trust all external proxies, regex pattern
+ ###### see https://docs.oracle.com/javase/7/docs/api/java/util/regex/Pattern.html for regex help
+ ###### more information about XFF https://en.wikipedia.org/wiki/X-Forwarded-For
+ ###### and here https://tools.ietf.org/html/rfc7239
+ ###### and https://tomcat.apache.org/tomcat-8.0-doc/config/valve.html#Remote_IP_Valve
+ authc:
+ kerberos_auth_domain:
+ http_enabled: false
+ transport_enabled: false
+ order: 6
+ http_authenticator:
+ type: kerberos
+ challenge: true
+ config:
+ # If true a lot of kerberos/security related debugging output will be logged to standard out
+ krb_debug: false
+ # If true then the realm will be stripped from the user name
+ strip_realm_from_principal: true
+ authentication_backend:
+ type: noop
+ basic_internal_auth_domain:
+ http_enabled: true
+ transport_enabled: true
+ order: 2
+ http_authenticator:
+ type: basic
+ challenge: true
+ authentication_backend:
+ type: intern
+ proxy_auth_domain:
+ http_enabled: false
+ transport_enabled: false
+ order: 3
+ http_authenticator:
+ type: proxy
+ challenge: false
+ config:
+ user_header: "x-proxy-user"
+ roles_header: "x-proxy-roles"
+ authentication_backend:
+ type: noop
+ jwt_auth_domain:
+ http_enabled: false
+ transport_enabled: false
+ order: 0
+ http_authenticator:
+ type: jwt
+ challenge: false
+ config:
+ signing_key: "base64 encoded HMAC key or public RSA/ECDSA pem key"
+ jwt_header: "Authorization"
+ jwt_url_parameter: null
+ roles_key: null
+ subject_key: null
+ authentication_backend:
+ type: noop
+ clientcert_auth_domain:
+ http_enabled: true
+ transport_enabled: true
+ order: 1
+ http_authenticator:
+ type: clientcert
+ config:
+ username_attribute: cn #optional, if omitted DN becomes username
+ challenge: false
+ authentication_backend:
+ type: noop
+ ldap:
+ http_enabled: false
+ transport_enabled: false
+ order: 5
+ http_authenticator:
+ type: basic
+ challenge: false
+ authentication_backend:
+ # LDAP authentication backend (authenticate users against a LDAP or Active Directory)
+ type: ldap
+ config:
+ # enable ldaps
+ enable_ssl: false
+ # enable start tls, enable_ssl should be false
+ enable_start_tls: false
+ # send client certificate
+ enable_ssl_client_auth: false
+ # verify ldap hostname
+ verify_hostnames: true
+ hosts:
+ - localhost:8389
+ bind_dn: null
+ password: null
+ userbase: 'ou=people,dc=example,dc=com'
+ # Filter to search for users (currently in the whole subtree beneath userbase)
+ # {0} is substituted with the username
+ usersearch: '(sAMAccountName={0})'
+ # Use this attribute from the user as username (if not set then DN is used)
+ username_attribute: null
+ authz:
+ roles_from_myldap:
+ http_enabled: false
+ transport_enabled: false
+ authorization_backend:
+ # LDAP authorization backend (gather roles from a LDAP or Active Directory, you have to configure the above LDAP authentication backend settings too)
+ type: ldap
+ config:
+ # enable ldaps
+ enable_ssl: false
+ # enable start tls, enable_ssl should be false
+ enable_start_tls: false
+ # send client certificate
+ enable_ssl_client_auth: false
+ # verify ldap hostname
+ verify_hostnames: true
+ hosts:
+ - localhost:8389
+ bind_dn: null
+ password: null
+ rolebase: 'ou=groups,dc=example,dc=com'
+ # Filter to search for roles (currently in the whole subtree beneath rolebase)
+ # {0} is substituted with the DN of the user
+ # {1} is substituted with the username
+ # {2} is substituted with an attribute value from user's directory entry, of the authenticated user. Use userroleattribute to specify the name of the attribute
+ rolesearch: '(member={0})'
+ # Specify the name of the attribute which value should be substituted with {2} above
+ userroleattribute: null
+ # Roles as an attribute of the user entry
+ userrolename: disabled
+ #userrolename: memberOf
+ # The attribute in a role entry containing the name of that role, Default is "name".
+ # Can also be "dn" to use the full DN as rolename.
+ rolename: cn
+ # Resolve nested roles transitive (roles which are members of other roles and so on ...)
+ resolve_nested_roles: true
+ userbase: 'ou=people,dc=example,dc=com'
+ # Filter to search for users (currently in the whole subtree beneath userbase)
+ # {0} is substituted with the username
+ usersearch: '(uid={0})'
+ # Skip users matching a user name, a wildcard or a regex pattern
+ #skip_users:
+ # - 'cn=Michael Jackson,ou*people,o=TEST'
+ # - '/\S*/'
+ roles_from_another_ldap:
+ enabled: false
+ authorization_backend:
+ type: ldap
+ #config goes here ...
diff --git a/charts/aai-elasticsearch/resources/config/sg/sg_internal_users.yml b/charts/aai-elasticsearch/resources/config/sg/sg_internal_users.yml
new file mode 100644
index 0000000..942a716
--- /dev/null
+++ b/charts/aai-elasticsearch/resources/config/sg/sg_internal_users.yml
@@ -0,0 +1,45 @@
+# This is the internal user database
+# The hash value is a bcrypt hash and can be generated with plugin/tools/hash.sh
+
+#password is: admin
+admin:
+ readonly: true
+ hash: $2a$12$VcCDgh2NDk07JGN0rjGbM.Ad41qVR/YFJcgHp0UGns5JDymv..TOG
+ roles:
+ - admin
+ attributes:
+ #no dots allowed in attribute names
+ attribute1: value1
+ attribute2: value2
+ attribute3: value3
+
+#password is: logstash
+logstash:
+ hash: $2a$12$u1ShR4l4uBS3Uv59Pa2y5.1uQuZBrZtmNfqB3iM/.jL0XoV9sghS2
+ roles:
+ - logstash
+
+#password is: kibanaserver
+kibanaserver:
+ readonly: true
+ hash: $2a$12$4AcgAt3xwOWadA5s5blL6ev39OXDNhmOesEoo33eZtrq2N0YrU3H.
+
+#password is: kibanaro
+kibanaro:
+ hash: $2a$12$JJSXNfTowz7Uu5ttXfeYpeYE0arACvcwlPBStB1F.MI7f0U9Z4DGC
+ roles:
+ - kibanauser
+ - readall
+
+#password is: readall
+readall:
+ hash: $2a$12$ae4ycwzwvLtZxwZ82RmiEunBbIPiAmGZduBAjKN0TXdwQFtCwARz2
+ #password is: readall
+ roles:
+ - readall
+
+#password is: snapshotrestore
+snapshotrestore:
+ hash: $2y$12$DpwmetHKwgYnorbgdvORCenv4NAK8cPUg8AI6pxLCuWf/ALc0.v7W
+ roles:
+ - snapshotrestore \ No newline at end of file
diff --git a/charts/aai-elasticsearch/resources/config/sg/sg_roles.yml b/charts/aai-elasticsearch/resources/config/sg/sg_roles.yml
new file mode 100644
index 0000000..c918e85
--- /dev/null
+++ b/charts/aai-elasticsearch/resources/config/sg/sg_roles.yml
@@ -0,0 +1,262 @@
+# Allows everything, but no changes to searchguard configuration index
+sg_all_access:
+ readonly: true
+ cluster:
+ - UNLIMITED
+ indices:
+ '*':
+ '*':
+ - UNLIMITED
+ tenants:
+ admin_tenant: RW
+
+# Read all, but no write permissions
+sg_readall:
+ readonly: true
+ cluster:
+ - CLUSTER_COMPOSITE_OPS_RO
+ indices:
+ '*':
+ '*':
+ - READ
+
+# Read all and monitor, but no write permissions
+sg_readall_and_monitor:
+ cluster:
+ - CLUSTER_MONITOR
+ - CLUSTER_COMPOSITE_OPS_RO
+ indices:
+ '*':
+ '*':
+ - READ
+
+# For users which use kibana, access to indices must be granted separately
+sg_kibana_user:
+ readonly: true
+ cluster:
+ - INDICES_MONITOR
+ - CLUSTER_COMPOSITE_OPS
+ indices:
+ '?kibana':
+ '*':
+ - MANAGE
+ - INDEX
+ - READ
+ - DELETE
+ '?kibana-6':
+ '*':
+ - MANAGE
+ - INDEX
+ - READ
+ - DELETE
+ '?kibana_*':
+ '*':
+ - MANAGE
+ - INDEX
+ - READ
+ - DELETE
+ '?tasks':
+ '*':
+ - INDICES_ALL
+ '?management-beats':
+ '*':
+ - INDICES_ALL
+ '*':
+ '*':
+ - indices:data/read/field_caps*
+ - indices:data/read/xpack/rollup*
+ - indices:admin/mappings/get*
+ - indices:admin/get
+
+# For the kibana server
+sg_kibana_server:
+ readonly: true
+ cluster:
+ - CLUSTER_MONITOR
+ - CLUSTER_COMPOSITE_OPS
+ - cluster:admin/xpack/monitoring*
+ - indices:admin/template*
+ - indices:data/read/scroll*
+ indices:
+ '?kibana':
+ '*':
+ - INDICES_ALL
+ '?kibana-6':
+ '*':
+ - INDICES_ALL
+ '?kibana_*':
+ '*':
+ - INDICES_ALL
+ '?reporting*':
+ '*':
+ - INDICES_ALL
+ '?monitoring*':
+ '*':
+ - INDICES_ALL
+ '?tasks':
+ '*':
+ - INDICES_ALL
+ '?management-beats*':
+ '*':
+ - INDICES_ALL
+ '*':
+ '*':
+ - "indices:admin/aliases*"
+
+# For logstash and beats
+sg_logstash:
+ cluster:
+ - CLUSTER_MONITOR
+ - CLUSTER_COMPOSITE_OPS
+ - indices:admin/template/get
+ - indices:admin/template/put
+ indices:
+ 'logstash-*':
+ '*':
+ - CRUD
+ - CREATE_INDEX
+ '*beat*':
+ '*':
+ - CRUD
+ - CREATE_INDEX
+
+# Allows adding and modifying repositories and creating and restoring snapshots
+sg_manage_snapshots:
+ cluster:
+ - MANAGE_SNAPSHOTS
+ indices:
+ '*':
+ '*':
+ - "indices:data/write/index"
+ - "indices:admin/create"
+
+# Allows each user to access own named index
+sg_own_index:
+ cluster:
+ - CLUSTER_COMPOSITE_OPS
+ indices:
+ '${user_name}':
+ '*':
+ - INDICES_ALL
+
+### X-Pack COMPATIBILITY
+sg_xp_monitoring:
+ readonly: true
+ cluster:
+ - cluster:monitor/xpack/info
+ - cluster:monitor/main
+ - cluster:admin/xpack/monitoring/bulk
+ indices:
+ '?monitor*':
+ '*':
+ - INDICES_ALL
+
+sg_xp_alerting:
+ readonly: true
+ cluster:
+ - indices:data/read/scroll
+ - cluster:admin/xpack/watcher*
+ - cluster:monitor/xpack/watcher*
+ indices:
+ '?watches*':
+ '*':
+ - INDICES_ALL
+ '?watcher-history-*':
+ '*':
+ - INDICES_ALL
+ '?triggered_watches':
+ '*':
+ - INDICES_ALL
+ '*':
+ '*':
+ - READ
+ - indices:admin/aliases/get
+
+sg_xp_machine_learning:
+ readonly: true
+ cluster:
+ - cluster:admin/persistent*
+ - cluster:internal/xpack/ml*
+ - indices:data/read/scroll*
+ - cluster:admin/xpack/ml*
+ - cluster:monitor/xpack/ml*
+ indices:
+ '*':
+ '*':
+ - READ
+ - indices:admin/get*
+ '?ml-*':
+ '*':
+ - "*"
+
+### LEGACY ROLES, FOR COMPATIBILITY ONLY
+### WILL BE REMOVED IN SG7, DO NOT USE ANYMORE
+
+sg_readonly_and_monitor:
+ cluster:
+ - CLUSTER_MONITOR
+ - CLUSTER_COMPOSITE_OPS_RO
+ indices:
+ '*':
+ '*':
+ - READ
+
+# Make xpack monitoring work
+sg_monitor:
+ cluster:
+ - cluster:admin/xpack/monitoring/*
+ - cluster:admin/ingest/pipeline/put
+ - cluster:admin/ingest/pipeline/get
+ - indices:admin/template/get
+ - indices:admin/template/put
+ - CLUSTER_MONITOR
+ - CLUSTER_COMPOSITE_OPS
+ indices:
+ '?monitor*':
+ '*':
+ - INDICES_ALL
+ '?marvel*':
+ '*':
+ - INDICES_ALL
+ '?kibana*':
+ '*':
+ - READ
+ '*':
+ '*':
+ - indices:data/read/field_caps
+
+# Make xpack alerting work
+sg_alerting:
+ cluster:
+ - indices:data/read/scroll
+ - cluster:admin/xpack/watcher/watch/put
+ - cluster:admin/xpack/watcher*
+ - CLUSTER_MONITOR
+ - CLUSTER_COMPOSITE_OPS
+ indices:
+ '?kibana*':
+ '*':
+ - READ
+ '?watches*':
+ '*':
+ - INDICES_ALL
+ '?watcher-history-*':
+ '*':
+ - INDICES_ALL
+ '?triggered_watches':
+ '*':
+ - INDICES_ALL
+ '*':
+ '*':
+ - READ
+
+
+sg_role_test:
+ cluster:
+ - indices:admin/template/get
+ - indices:admin/template/put
+ - CLUSTER_COMPOSITE_OPS
+ indices:
+ '*':
+ '*':
+ - UNLIMITED
diff --git a/charts/aai-elasticsearch/resources/config/sg/sg_roles_mapping.yml b/charts/aai-elasticsearch/resources/config/sg/sg_roles_mapping.yml
new file mode 100644
index 0000000..970e027
--- /dev/null
+++ b/charts/aai-elasticsearch/resources/config/sg/sg_roles_mapping.yml
@@ -0,0 +1,38 @@
+# In this file users, backendroles and hosts can be mapped to Search Guard roles.
+# Permissions for Search Guard roles are configured in sg_roles.yml
+
+sg_all_access:
+ readonly: true
+ backendroles:
+ - admin
+
+sg_logstash:
+ backendroles:
+ - logstash
+
+sg_kibana_server:
+ readonly: true
+ users:
+ - kibanaserver
+
+sg_kibana_user:
+ backendroles:
+ - kibanauser
+
+sg_readall:
+ readonly: true
+ backendroles:
+ - readall
+
+sg_manage_snapshots:
+ readonly: true
+ backendroles:
+ - snapshotrestore
+
+sg_own_index:
+ users:
+ - '*'
+
+sg_role_test:
+ users:
+ - test
diff --git a/charts/aai-elasticsearch/templates/configmap.yaml b/charts/aai-elasticsearch/templates/configmap.yaml
new file mode 100644
index 0000000..4be124f
--- /dev/null
+++ b/charts/aai-elasticsearch/templates/configmap.yaml
@@ -0,0 +1,52 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-es-config
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-sg-scripts
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/bin/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-sg-config
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/sg/*").AsConfig . | indent 2 }}
diff --git a/charts/aai-elasticsearch/templates/deployment.yaml b/charts/aai-elasticsearch/templates/deployment.yaml
new file mode 100644
index 0000000..785693a
--- /dev/null
+++ b/charts/aai-elasticsearch/templates/deployment.yaml
@@ -0,0 +1,144 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ name: {{ include "common.name" . }}
+ spec:
+ hostname: {{ include "common.name" . }}
+ initContainers:
+ - command:
+ - /bin/sh
+ - -c
+ - |
+ sysctl -w vm.max_map_count=262144
+ mkdir -p /logroot/elasticsearch/logs
+ mkdir -p /logroot/elasticsearch/data
+ chmod -R 777 /logroot/elasticsearch
+ chown -R 1000:1000 /logroot
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ securityContext:
+ privileged: true
+ image: {{ .Values.global.dockerhubRepository | default .Values.dockerhubRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }}
+ imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
+ name: init-sysctl
+ volumeMounts:
+ - name: elasticsearch-data
+ mountPath: /logroot/
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ - containerPort: {{ .Values.service.internalPort2 }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end -}}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - name: localtime
+ mountPath: /etc/localtime
+ readOnly: true
+ - name: elasticsearch-config
+ subPath: elasticsearch.yml
+ mountPath: /usr/share/elasticsearch/config/elasticsearch.yml
+ - name: elasticsearch-config
+ subPath: jvm.options
+ mountPath: /usr/share/elasticsearch/config/jvm.options
+ - name: elasticsearch-config
+ subPath: log4j2.properties
+ mountPath: /usr/share/elasticsearch/config/log4j2.properties
+ - name: searchguard-scripts
+ subPath: run.sh
+ mountPath: /usr/share/elasticsearch/bin/run.sh
+ - name: searchguard-scripts
+ subPath: wait_until_started.sh
+ mountPath: /usr/share/elasticsearch/bin/wait_until_started.sh
+ - name: searchguard-scripts
+ subPath: init_sg.sh
+ mountPath: /usr/share/elasticsearch/bin/init_sg.sh
+ - name: searchguard-config
+ mountPath: /usr/share/elasticsearch/config/sg
+ - name: searchguard-auth-config
+ mountPath: /usr/share/elasticsearch/config/sg/auth
+ - name: elasticsearch-data
+ mountPath: /usr/share/elasticsearch/data
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
+
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: elasticsearch-config
+ configMap:
+ name: {{ include "common.fullname" . }}-es-config
+ - name: searchguard-scripts
+ configMap:
+ name: {{ include "common.fullname" . }}-sg-scripts
+ defaultMode: 0754
+ - name: searchguard-config
+ configMap:
+ name: {{ include "common.fullname" . }}-sg-config
+ - name: searchguard-auth-config
+ secret:
+ secretName: {{ include "common.fullname" . }}-sg-auth
+ - name: elasticsearch-data
+ hostPath:
+ path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
+ restartPolicy: {{ .Values.restartPolicy }}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/charts/aai-elasticsearch/templates/secrets.yaml b/charts/aai-elasticsearch/templates/secrets.yaml
new file mode 100644
index 0000000..34b272f
--- /dev/null
+++ b/charts/aai-elasticsearch/templates/secrets.yaml
@@ -0,0 +1,22 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-sg-auth
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/sg/auth/*").AsSecrets . | indent 2 }} \ No newline at end of file
diff --git a/charts/aai-elasticsearch/templates/service.yaml b/charts/aai-elasticsearch/templates/service.yaml
new file mode 100644
index 0000000..d119912
--- /dev/null
+++ b/charts/aai-elasticsearch/templates/service.yaml
@@ -0,0 +1,44 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ - port: {{ .Values.service.internalPort2 }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
+ name: {{ .Values.service.portName2 }}
+ {{- else -}}
+ - port: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ - port: {{ .Values.service.internalPort2 }}
+ name: {{ .Values.service.portName2 }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ clusterIP: None
diff --git a/charts/aai-elasticsearch/values.yaml b/charts/aai-elasticsearch/values.yaml
new file mode 100644
index 0000000..ea82c99
--- /dev/null
+++ b/charts/aai-elasticsearch/values.yaml
@@ -0,0 +1,105 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Default values for elasticsearch.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+global: # global defaults
+ nodePortPrefix: 302
+
+# application image
+image: onap/elasticsearch-sg:1.4-STAGING-latest
+pullPolicy: Always
+restartPolicy: Always
+
+flavor: small
+
+# application configuration
+config:
+ tcpPort: 8443
+ nodeKeyStore: esaai-keystore.jks
+ nodeKeyStorePassword: b87b46d3da7d3d4aadfe
+ adminKeyStore: sgadmin-keystore.p12
+ adminKeyStorePassword: 341274302a70ad691e12
+ trustStore: truststore.jks
+ trustStorePassword: b200926e9da205487f63
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+
+service:
+ type: ClusterIP
+ name: aai-elasticsearch
+ portName: aai-elasticsearch
+ internalPort: 9200
+ portName2: aai-elasticsearch-tcp
+ internalPort2: 8443
+
+ingress:
+ enabled: false
+
+persistence:
+ enabled: true
+
+ ## A manually managed Persistent Volume and Claim
+ ## Requires persistence.enabled: true
+ ## If defined, PVC must be created manually before volume will be bound
+ # existingClaim:
+ volumeReclaimPolicy: Retain
+
+ ## database data Persistent Volume Storage Class
+ ## If defined, storageClassName: <storageClass>
+ ## If set to "-", storageClassName: "", which disables dynamic provisioning
+ ## If undefined (the default) or set to null, no storageClassName spec is
+ ## set, choosing the default provisioner. (gp2 on AWS, standard on
+ ## GKE, AWS & OpenStack)
+ ##
+ ## storageClass: "-"
+ accessMode: ReadWriteMany
+ size: 2Gi
+ mountPath: /dockerdata-nfs
+ mountSubPath: aai/elasticsearch/data
+
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 4Gi
+ requests:
+ cpu: 0.5
+ memory: 2Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 8Gi
+ requests:
+ cpu: 1
+ memory: 4Gi
+ unlimited: {}
diff --git a/charts/aai-gizmo/.helmignore b/charts/aai-gizmo/.helmignore
new file mode 100644
index 0000000..daebc7d
--- /dev/null
+++ b/charts/aai-gizmo/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/charts/aai-gizmo/Chart.yaml b/charts/aai-gizmo/Chart.yaml
new file mode 100644
index 0000000..98dba95
--- /dev/null
+++ b/charts/aai-gizmo/Chart.yaml
@@ -0,0 +1,19 @@
+# Copyright © 2018 Amdocs, AT&T
+# Modifications Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: Gizmo service
+name: aai-gizmo
+version: 4.0.0
diff --git a/charts/aai-gizmo/resources/config/README.txt b/charts/aai-gizmo/resources/config/README.txt
new file mode 100644
index 0000000..3761781
--- /dev/null
+++ b/charts/aai-gizmo/resources/config/README.txt
@@ -0,0 +1,24 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+This directory contains all external configuration files that
+need to be mounted into an application container.
+
+See the configmap.yaml in the templates directory for an example
+of how to load (ie map) config files from this directory, into
+Kubernetes, for distribution within the k8s cluster.
+
+See deployment.yaml in the templates directory for an example
+of how the 'config mapped' files are then mounted into the
+containers.
diff --git a/charts/aai-gizmo/resources/config/auth/champ-cert.p12 b/charts/aai-gizmo/resources/config/auth/champ-cert.p12
new file mode 100644
index 0000000..dbf4fca
--- /dev/null
+++ b/charts/aai-gizmo/resources/config/auth/champ-cert.p12
Binary files differ
diff --git a/charts/aai-gizmo/resources/config/auth/client-cert.p12 b/charts/aai-gizmo/resources/config/auth/client-cert.p12
new file mode 100644
index 0000000..dbf4fca
--- /dev/null
+++ b/charts/aai-gizmo/resources/config/auth/client-cert.p12
Binary files differ
diff --git a/charts/aai-gizmo/resources/config/auth/crud_policy.json b/charts/aai-gizmo/resources/config/auth/crud_policy.json
new file mode 100644
index 0000000..7a5007e
--- /dev/null
+++ b/charts/aai-gizmo/resources/config/auth/crud_policy.json
@@ -0,0 +1,18 @@
+{
+ "roles": [
+ {
+ "name": "admin",
+ "functions": [
+ {
+ "name": "crud", "methods": [ { "name": "GET" },{ "name": "DELETE" }, { "name": "PUT" }, { "name": "POST" }, { "name": "PATCH"} ]
+ }
+ ],
+
+ "users": [
+ {
+ "username": "CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA"
+ }
+ ]
+ }
+ ]
+} \ No newline at end of file
diff --git a/charts/aai-gizmo/resources/config/auth/datarouter-cert.p12 b/charts/aai-gizmo/resources/config/auth/datarouter-cert.p12
new file mode 100644
index 0000000..dbf4fca
--- /dev/null
+++ b/charts/aai-gizmo/resources/config/auth/datarouter-cert.p12
Binary files differ
diff --git a/charts/aai-gizmo/resources/config/auth/tomcat_keystore b/charts/aai-gizmo/resources/config/auth/tomcat_keystore
new file mode 100644
index 0000000..9eec841
--- /dev/null
+++ b/charts/aai-gizmo/resources/config/auth/tomcat_keystore
Binary files differ
diff --git a/charts/aai-gizmo/resources/config/crud-api.properties b/charts/aai-gizmo/resources/config/crud-api.properties
new file mode 100644
index 0000000..0b7f95f
--- /dev/null
+++ b/charts/aai-gizmo/resources/config/crud-api.properties
@@ -0,0 +1,20 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+# CRUD-API configuration
+
+crud.async.request.timeout=60000
+crud.async.response.process.poll.interval=1000
+crud.collection.properties.key=properties
diff --git a/charts/aai-gizmo/resources/config/crud-beans.xml b/charts/aai-gizmo/resources/config/crud-beans.xml
new file mode 100644
index 0000000..e0ab32b
--- /dev/null
+++ b/charts/aai-gizmo/resources/config/crud-beans.xml
@@ -0,0 +1,47 @@
+<!--
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+-->
+
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:util="http://www.springframework.org/schema/util"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/beans
+ http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/util
+ http://www.springframework.org/schema/util/spring-util.xsd
+ ">
+
+ <bean id="champDao" class="org.onap.crud.dao.champ.ChampDao">
+ <constructor-arg name="champUrl" value="https://aai-champ.{{.Release.Namespace}}:9522/services/champ-service/v1/"/>
+ <constructor-arg name="certPassword" value="OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10"/>
+ </bean>
+
+ <bean id="dataRouterDAO" class="org.onap.crud.dao.DataRouterDAO">
+ <constructor-arg name="url" value="https://data-router.{{.Release.Namespace}}:9502/services/champ-service/v1/"/>
+ <constructor-arg name="certPassword" value="OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10"/>
+ </bean>
+
+ <!-- Synchronous Mode -->
+ <bean id="graphDataService" class="org.onap.crud.service.CrudGraphDataService" >
+ <constructor-arg name="dao" ref="champDao" />
+ <constructor-arg name="daoForGet" ref="champDao" /> <!-- Using champ for both types of API for now -->
+ </bean>
+
+ <bean id="crudRestService" class="org.onap.crud.service.CrudRestService" init-method="startup" >
+ <constructor-arg name="graphDataService" ref="graphDataService" />
+ </bean>
+
+</beans>
diff --git a/charts/aai-gizmo/resources/config/edgeprops-ingest.properties b/charts/aai-gizmo/resources/config/edgeprops-ingest.properties
new file mode 100644
index 0000000..fbefd30
--- /dev/null
+++ b/charts/aai-gizmo/resources/config/edgeprops-ingest.properties
@@ -0,0 +1,3 @@
+# DB Edge Property files are copied here:
+edgePropsDir=/opt/app/crud-service/config/model
+
diff --git a/charts/aai-gizmo/resources/config/log/filebeat/filebeat.yml b/charts/aai-gizmo/resources/config/log/filebeat/filebeat.yml
new file mode 100644
index 0000000..d7f0b0a
--- /dev/null
+++ b/charts/aai-gizmo/resources/config/log/filebeat/filebeat.yml
@@ -0,0 +1,55 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+filebeat.prospectors:
+#it is mandatory, in our case it's log
+- input_type: log
+ #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory.
+ paths:
+ - /var/log/onap/*/*/*/*.log
+ - /var/log/onap/*/*/*.log
+ - /var/log/onap/*/*.log
+ #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive
+ ignore_older: 48h
+ # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit
+ clean_inactive: 96h
+
+
+# Name of the registry file. If a relative path is used, it is considered relative to the
+# data path. Else full qualified file name.
+#filebeat.registry_file: ${path.data}/registry
+
+
+output.logstash:
+ #List of logstash server ip addresses with port number.
+ #But, in our case, this will be the loadbalancer IP address.
+ #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
+ hosts: ["logstash.{{ .Release.Name }}-log:5044"]
+ #If enable will do load balancing among availabe Logstash, automatically.
+ loadbalance: true
+
+ #The list of root certificates for server verifications.
+ #If certificate_authorities is empty or not set, the trusted
+ #certificate authorities of the host system are used.
+ #ssl.certificate_authorities: $ssl.certificate_authorities
+
+ #The path to the certificate for SSL client authentication. If the certificate is not specified,
+ #client authentication is not available.
+ #ssl.certificate: $ssl.certificate
+
+ #The client certificate key used for client authentication.
+ #ssl.key: $ssl.key
+
+ #The passphrase used to decrypt an encrypted key stored in the configured key file
+ #ssl.key_passphrase: $ssl.key_passphrase
diff --git a/charts/aai-gizmo/resources/config/log/logback.xml b/charts/aai-gizmo/resources/config/log/logback.xml
new file mode 100644
index 0000000..c6bcf57
--- /dev/null
+++ b/charts/aai-gizmo/resources/config/log/logback.xml
@@ -0,0 +1,196 @@
+<!--
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+-->
+
+
+<configuration scan="true" scanPeriod="3 seconds" debug="false">
+ <!--<jmxConfigurator /> -->
+ <!-- directory path for all other type logs -->
+
+ <property name="logDir" value="/var/log/onap" />
+
+
+ <!-- specify the component name
+ <ECOMP-component-name>::= "MSO" | "DCAE" | "ASDC " | "AAI" |"Policy" | "SDNC" | "AC" -->
+ <property name="componentName" value="AAI-CRUD" />
+
+ <!-- default eelf log file names -->
+ <property name="generalLogName" value="error" />
+ <property name="metricsLogName" value="metrics" />
+ <property name="auditLogName" value="audit" />
+ <property name="debugLogName" value="debug" />
+
+ <property name="errorLogPattern" value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{RequestId}|%thread|GIZMO|%mdc{PartnerName}|%logger||%.-5level|%msg%n" />
+ <property name="auditMetricPattern" value="%m%n" />
+
+ <property name="logDirectory" value="${logDir}/${componentName}" />
+
+ <!-- Example evaluator filter applied against console appender -->
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>${errorLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <!-- ============================================================================ -->
+ <!-- EELF Appenders -->
+ <!-- ============================================================================ -->
+
+ <!-- The EELFAppender is used to record events to the general application
+ log -->
+
+ <appender name="EELF"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${generalLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip
+ </fileNamePattern>
+ <maxHistory>60</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${errorLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender">
+ <!-- deny all events with a level below INFO, that is TRACE and DEBUG -->
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>INFO</level>
+ </filter>
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELF" />
+ </appender>
+
+
+ <!-- EELF Audit Appender. This appender is used to record audit engine
+ related logging events. The audit logger and appender are specializations
+ of the EELF application root logger and appender. This can be used to segregate
+ Policy engine events from other components, or it can be eliminated to record
+ these events as part of the application root log. -->
+
+ <appender name="EELFAudit"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${auditLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip
+ </fileNamePattern>
+ <maxHistory>60</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${auditMetricPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFAudit" />
+ </appender>
+
+ <appender name="EELFMetrics"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${metricsLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip
+ </fileNamePattern>
+ <maxHistory>60</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} -
+ %msg%n"</pattern> -->
+ <pattern>${auditMetricPattern}</pattern>
+ </encoder>
+ </appender>
+
+
+ <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFMetrics"/>
+ </appender>
+
+ <appender name="EELFDebug"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${debugLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip
+ </fileNamePattern>
+ <maxHistory>60</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${errorLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFDebug" />
+ <includeCallerData>false</includeCallerData>
+ </appender>
+
+
+ <!-- ============================================================================ -->
+ <!-- EELF loggers -->
+ <!-- ============================================================================ -->
+ <logger name="com.att.eelf" level="info" additivity="false">
+ <appender-ref ref="asyncEELF" />
+ <appender-ref ref="asyncEELFDebug" />
+ </logger>
+
+ <logger name="com.att.eelf.audit" level="info" additivity="false">
+ <appender-ref ref="asyncEELFAudit" />
+ </logger>
+ <logger name="com.att.eelf.metrics" level="info" additivity="false">
+ <appender-ref ref="asyncEELFMetrics" />
+ </logger>
+
+ <!-- Spring related loggers -->
+ <logger name="org.springframework" level="WARN" />
+ <logger name="org.springframework.beans" level="WARN" />
+ <logger name="org.springframework.web" level="WARN" />
+ <logger name="com.blog.spring.jms" level="WARN" />
+
+ <!-- ARMAdapter Service loggers -->
+ <logger name="com.amdocs.aai.armadapter" level="INFO" />
+
+ <!-- Other Loggers that may help troubleshoot -->
+ <logger name="net.sf" level="WARN" />
+ <logger name="org.apache" level="WARN" />
+ <logger name="org.apache.commons.httpclient" level="WARN" />
+ <logger name="org.apache.commons" level="WARN" />
+ <logger name="org.apache.coyote" level="WARN" />
+ <logger name="org.apache.jasper" level="WARN" />
+
+ <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging.
+ May aid in troubleshooting) -->
+ <logger name="org.apache.camel" level="WARN" />
+ <logger name="org.apache.cxf" level="WARN" />
+ <logger name="org.apache.camel.processor.interceptor" level="WARN" />
+ <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" />
+ <logger name="org.apache.cxf.service" level="WARN" />
+ <logger name="org.restlet" level="WARN" />
+ <logger name="org.apache.camel.component.restlet" level="WARN" />
+
+
+ <!-- logback internals logging -->
+ <logger name="ch.qos.logback.classic" level="WARN" />
+ <logger name="ch.qos.logback.core" level="WARN" />
+
+ <root>
+ <appender-ref ref="asyncEELF" />
+ <!-- <appender-ref ref="asyncEELFDebug" /> -->
+ </root>
+
+</configuration>
diff --git a/charts/aai-gizmo/resources/config/model/edge_properties_v10.json b/charts/aai-gizmo/resources/config/model/edge_properties_v10.json
new file mode 100644
index 0000000..7cbddae
--- /dev/null
+++ b/charts/aai-gizmo/resources/config/model/edge_properties_v10.json
@@ -0,0 +1,10 @@
+{
+ "isParent":"java.lang.Boolean",
+ "isParent-REV":"java.lang.Boolean",
+ "usesResource":"java.lang.Boolean",
+ "usesResource-REV":"java.lang.Boolean",
+ "SVC-INFRA":"java.lang.Boolean",
+ "SVC-INFRA-REV":"java.lang.Boolean",
+ "hasDelTarget":"java.lang.Boolean",
+ "hasDelTarget-REV":"java.lang.Boolean"
+}
diff --git a/charts/aai-gizmo/resources/config/model/edge_properties_v11.json b/charts/aai-gizmo/resources/config/model/edge_properties_v11.json
new file mode 100644
index 0000000..09e19b0
--- /dev/null
+++ b/charts/aai-gizmo/resources/config/model/edge_properties_v11.json
@@ -0,0 +1,6 @@
+{
+ "contains-other-v": "java.lang.String",
+ "delete-other-v": "java.lang.String",
+ "SVC-INFRA": "java.lang.String",
+ "prevent-delete": "java.lang.String"
+} \ No newline at end of file
diff --git a/charts/aai-gizmo/resources/config/model/edge_properties_v12.json b/charts/aai-gizmo/resources/config/model/edge_properties_v12.json
new file mode 100644
index 0000000..09e19b0
--- /dev/null
+++ b/charts/aai-gizmo/resources/config/model/edge_properties_v12.json
@@ -0,0 +1,6 @@
+{
+ "contains-other-v": "java.lang.String",
+ "delete-other-v": "java.lang.String",
+ "SVC-INFRA": "java.lang.String",
+ "prevent-delete": "java.lang.String"
+} \ No newline at end of file
diff --git a/charts/aai-gizmo/resources/config/model/edge_properties_v13.json b/charts/aai-gizmo/resources/config/model/edge_properties_v13.json
new file mode 100644
index 0000000..09e19b0
--- /dev/null
+++ b/charts/aai-gizmo/resources/config/model/edge_properties_v13.json
@@ -0,0 +1,6 @@
+{
+ "contains-other-v": "java.lang.String",
+ "delete-other-v": "java.lang.String",
+ "SVC-INFRA": "java.lang.String",
+ "prevent-delete": "java.lang.String"
+} \ No newline at end of file
diff --git a/charts/aai-gizmo/resources/config/model/edge_properties_v14.json b/charts/aai-gizmo/resources/config/model/edge_properties_v14.json
new file mode 100644
index 0000000..8d00636
--- /dev/null
+++ b/charts/aai-gizmo/resources/config/model/edge_properties_v14.json
@@ -0,0 +1,6 @@
+{
+ "contains-other-v": "java.lang.String",
+ "delete-other-v": "java.lang.String",
+ "SVC-INFRA": "java.lang.String",
+ "prevent-delete": "java.lang.String"
+} \ No newline at end of file
diff --git a/charts/aai-gizmo/resources/config/model/edge_properties_v15.json b/charts/aai-gizmo/resources/config/model/edge_properties_v15.json
new file mode 100644
index 0000000..8d00636
--- /dev/null
+++ b/charts/aai-gizmo/resources/config/model/edge_properties_v15.json
@@ -0,0 +1,6 @@
+{
+ "contains-other-v": "java.lang.String",
+ "delete-other-v": "java.lang.String",
+ "SVC-INFRA": "java.lang.String",
+ "prevent-delete": "java.lang.String"
+} \ No newline at end of file
diff --git a/charts/aai-gizmo/resources/config/model/edge_properties_v7.json b/charts/aai-gizmo/resources/config/model/edge_properties_v7.json
new file mode 100644
index 0000000..7cbddae
--- /dev/null
+++ b/charts/aai-gizmo/resources/config/model/edge_properties_v7.json
@@ -0,0 +1,10 @@
+{
+ "isParent":"java.lang.Boolean",
+ "isParent-REV":"java.lang.Boolean",
+ "usesResource":"java.lang.Boolean",
+ "usesResource-REV":"java.lang.Boolean",
+ "SVC-INFRA":"java.lang.Boolean",
+ "SVC-INFRA-REV":"java.lang.Boolean",
+ "hasDelTarget":"java.lang.Boolean",
+ "hasDelTarget-REV":"java.lang.Boolean"
+}
diff --git a/charts/aai-gizmo/resources/config/model/edge_properties_v8.json b/charts/aai-gizmo/resources/config/model/edge_properties_v8.json
new file mode 100644
index 0000000..7cbddae
--- /dev/null
+++ b/charts/aai-gizmo/resources/config/model/edge_properties_v8.json
@@ -0,0 +1,10 @@
+{
+ "isParent":"java.lang.Boolean",
+ "isParent-REV":"java.lang.Boolean",
+ "usesResource":"java.lang.Boolean",
+ "usesResource-REV":"java.lang.Boolean",
+ "SVC-INFRA":"java.lang.Boolean",
+ "SVC-INFRA-REV":"java.lang.Boolean",
+ "hasDelTarget":"java.lang.Boolean",
+ "hasDelTarget-REV":"java.lang.Boolean"
+}
diff --git a/charts/aai-gizmo/resources/config/model/edge_properties_v9.json b/charts/aai-gizmo/resources/config/model/edge_properties_v9.json
new file mode 100644
index 0000000..7cbddae
--- /dev/null
+++ b/charts/aai-gizmo/resources/config/model/edge_properties_v9.json
@@ -0,0 +1,10 @@
+{
+ "isParent":"java.lang.Boolean",
+ "isParent-REV":"java.lang.Boolean",
+ "usesResource":"java.lang.Boolean",
+ "usesResource-REV":"java.lang.Boolean",
+ "SVC-INFRA":"java.lang.Boolean",
+ "SVC-INFRA-REV":"java.lang.Boolean",
+ "hasDelTarget":"java.lang.Boolean",
+ "hasDelTarget-REV":"java.lang.Boolean"
+}
diff --git a/charts/aai-gizmo/resources/config/schema-ingest.properties b/charts/aai-gizmo/resources/config/schema-ingest.properties
new file mode 100644
index 0000000..647d4d9
--- /dev/null
+++ b/charts/aai-gizmo/resources/config/schema-ingest.properties
@@ -0,0 +1,45 @@
+###############################################################################
+# Schema Version Related Attributes
+###############################################################################
+schema.uri.base.path=/aai
+# Lists all of the versions in the schema
+schema.version.list=v10,v11,v12,v13,v14,v15
+# Specifies from which version should the depth parameter to default to zero
+schema.version.depth.start=v10
+# Specifies from which version should the related link be displayed in response payload
+schema.version.related.link.start=v10
+# Specifies from which version should the client see only the uri excluding host info
+# Before this version server base will also be included
+schema.version.app.root.start=v11
+# Specifies from which version should the namespace be changed
+schema.version.namespace.change.start=v11
+# Specifies from which version should the client start seeing the edge label in payload
+schema.version.edge.label.start=v12
+# Specifies the version that the application should default to
+schema.version.api.default=v15
+
+###############################################################################
+# Schema Location Related Attributes
+###############################################################################
+# Schema Location Related Attributes
+schema.configuration.location=NA
+schema.nodes.location=/opt/app/crud-api/bundleconfig/etc/onap/oxm
+schema.edges.location=/opt/app/crud-api/bundleconfig/etc/onap/dbedgerules
+
+###############################################################################
+# Schema Service Related Attributes
+###############################################################################
+# Specifies whether to use the schema service or local schema files
+schema.translator.list=config
+
+schema.service.base.url=https://<host>:8452/aai/schema-service/v1/
+schema.service.nodes.endpoint=nodes?version=
+schema.service.edges.endpoint=edgerules?version=
+schema.service.versions.endpoint=versions
+
+#Default rest client is the two-way-ssl
+schema.service.client=two-way-ssl
+#Replace the below with the A&AI client key store
+schema.service.ssl.key-store=${CONFIG_HOME}/auth/client-cert.p12
+#Replace the below with the A&AI tomcat trust store
+schema.service.ssl.trust-store=${CONFIG_HOME}/auth/tomcat_keystore \ No newline at end of file
diff --git a/charts/aai-gizmo/resources/fproxy/config/fproxy.properties b/charts/aai-gizmo/resources/fproxy/config/fproxy.properties
new file mode 100644
index 0000000..f512fb7
--- /dev/null
+++ b/charts/aai-gizmo/resources/fproxy/config/fproxy.properties
@@ -0,0 +1,2 @@
+credential.cache.timeout.ms=180000
+transactionid.header.name=X-TransactionId \ No newline at end of file
diff --git a/charts/aai-gizmo/resources/fproxy/config/logback-spring.xml b/charts/aai-gizmo/resources/fproxy/config/logback-spring.xml
new file mode 100644
index 0000000..2e62379
--- /dev/null
+++ b/charts/aai-gizmo/resources/fproxy/config/logback-spring.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+
+ <property name="LOGS" value="./logs/AAF-FPS" />
+ <property name="FILEPREFIX" value="application" />
+
+ <appender name="Console"
+ class="ch.qos.logback.core.ConsoleAppender">
+ <layout class="ch.qos.logback.classic.PatternLayout">
+ <Pattern>
+ %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable
+ </Pattern>
+ </layout>
+ </appender>
+
+ <appender name="RollingFile"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${LOGS}/${FILEPREFIX}.log</file>
+ <encoder
+ class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+ <Pattern>%d %p %C{1.} [%t] %m%n</Pattern>
+ </encoder>
+
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- rollover daily and when the file reaches 10 MegaBytes -->
+ <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log
+ </fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>10MB</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ </rollingPolicy>
+ </appender>
+
+ <!-- LOG everything at INFO level -->
+ <root level="info">
+ <appender-ref ref="RollingFile" />
+ <appender-ref ref="Console" />
+ </root>
+
+ <!-- LOG "org.onap.aaf.fproxy*" at INFO level -->
+ <logger name="org.onap.aaf.fproxy" level="info" />
+
+</configuration> \ No newline at end of file
diff --git a/charts/aai-gizmo/resources/fproxy/config/readme.txt b/charts/aai-gizmo/resources/fproxy/config/readme.txt
new file mode 100644
index 0000000..79cf29e
--- /dev/null
+++ b/charts/aai-gizmo/resources/fproxy/config/readme.txt
@@ -0,0 +1 @@
+Relevant configuration files need to be copied here to successfully run this service locally. \ No newline at end of file
diff --git a/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json b/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json
new file mode 100644
index 0000000..54d5de2
--- /dev/null
+++ b/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json
@@ -0,0 +1,99 @@
+[
+ {
+ "uri": "\/not\/allowed\/at\/all$",
+ "permissions": [
+ "test.auth.access.ifYouLikedItYouShouldHavePutAPermissionOnIt"
+ ]
+ },
+ {
+ "uri": "\/one\/auth\/required$",
+ "permissions": [
+ "test.auth.access.aSimpleSingleAuth"
+ ]
+ },
+ {
+ "uri": "\/multi\/auth\/required$",
+ "permissions": [
+ "test.auth.access.aMultipleAuth1",
+ "test.auth.access.aMultipleAuth2",
+ "test.auth.access.aMultipleAuth3"
+ ]
+ },
+ {
+ "uri": "\/one\/[^\/]+\/required$",
+ "permissions": [
+ "test.auth.access.aSimpleSingleAuth"
+ ]
+ },
+ {
+ "uri": "\/services\/getAAFRequest$",
+ "permissions": [
+ "test.auth.access|services|GET,PUT"
+ ]
+ },
+ {
+ "uri": "\/admin\/getAAFRequest$",
+ "permissions": [
+ "test.auth.access|admin|GET,PUT,POST"
+ ]
+ },
+ {
+ "uri": "\/service\/aai\/webapp\/index.html$",
+ "permissions": [
+ "test.auth.access|services|GET,PUT"
+ ]
+ },
+ {
+ "uri": "\/services\/aai\/webapp\/index.html$",
+ "permissions": [
+ "test.auth.access|services|GET,PUT"
+ ]
+ },
+ {
+ "uri": "\/$",
+ "permissions": [
+ "\\|services\\|GET",
+ "test\\.auth\\.access\\|services\\|GET,PUT"
+ ]
+ },
+ {
+ "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions$",
+ "permissions": [
+ "test\\.auth\\.access\\|rest\\|read"
+ ]
+ },
+ {
+ "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+$*",
+ "permissions": [
+ "test.auth.access|clouds|read",
+ "test.auth.access|tenants|read"
+ ]
+ },
+ {
+ "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+\/tenants/tenant/[^\/]+/vservers/vserver/[^\/]+$",
+ "permissions": [
+ "test.auth.access|clouds|read",
+ "test.auth.access|tenants|read",
+ "test.auth.access|vservers|read"
+ ]
+ },
+ {
+ "uri": "\/backend$",
+ "permissions": [
+ "test\\.auth\\.access\\|services\\|GET,PUT",
+ "\\|services\\|GET"
+ ]
+ },
+ {
+ "uri": "\/services\/inventory\/.*",
+ "permissions": [
+ "org\\.onap\\.aai\\.resources\\|\\*\\|.*"
+ ]
+ },
+ {
+ "uri": "\/services\/gizmo\/.*",
+ "permissions": [
+ "org\\.onap\\.aai\\.resources\\|\\*\\|.*"
+ ]
+ }
+]
diff --git a/charts/aai-gizmo/resources/rproxy/config/cadi.properties b/charts/aai-gizmo/resources/rproxy/config/cadi.properties
new file mode 100644
index 0000000..51ac56a
--- /dev/null
+++ b/charts/aai-gizmo/resources/rproxy/config/cadi.properties
@@ -0,0 +1,39 @@
+# This is a normal Java Properties File
+# Comments are with Pound Signs at beginning of lines,
+# and multi-line expression of properties can be obtained by backslash at end of line
+
+#hostname is used for local testing where you may have to set your hostname to **.att.com or **.sbc.com. The example given below
+#will allow for an ATT cross domain cookie to be used for GLO. If you are running on Windows corp machine, your machine name
+#may be used automatically by cadi. However, if it is not, you will need to use hostname=mywebserver.att.com and add mywebserver.att.com
+#to your hosts file on your machine.
+#hostname=test.aic.cip.att.com
+
+cadi_loglevel=DEBUG
+
+# OAuth2
+aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token
+aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect
+
+cadi_latitude=37.78187
+cadi_longitude=-122.26147
+
+# Locate URL (which AAF Env)
+aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095
+
+# AAF URL
+aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0
+
+cadi_keyfile=/opt/app/rproxy/config/security/keyfile
+cadi_keystore=/opt/app/rproxy/config/auth/org.onap.aai.p12
+cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV
+cadi_alias=aai@aai.onap.org
+cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore
+cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+
+aaf_env=DEV
+
+aaf_id=demo@people.osaaf.org
+aaf_password=enc:92w4px0y_rrm265LXLpw58QnNPgDXykyA1YTrflbAKz
+
+# This is a colon separated list of client cert issuers
+cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA \ No newline at end of file
diff --git a/charts/aai-gizmo/resources/rproxy/config/forward-proxy.properties b/charts/aai-gizmo/resources/rproxy/config/forward-proxy.properties
new file mode 100644
index 0000000..1b58d42
--- /dev/null
+++ b/charts/aai-gizmo/resources/rproxy/config/forward-proxy.properties
@@ -0,0 +1,4 @@
+forward-proxy.protocol = https
+forward-proxy.host = localhost
+forward-proxy.port = 10680
+forward-proxy.cacheurl = /credential-cache \ No newline at end of file
diff --git a/charts/aai-gizmo/resources/rproxy/config/logback-spring.xml b/charts/aai-gizmo/resources/rproxy/config/logback-spring.xml
new file mode 100644
index 0000000..7659e28
--- /dev/null
+++ b/charts/aai-gizmo/resources/rproxy/config/logback-spring.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+
+ <property name="LOGS" value="./logs/reverse-proxy" />
+ <property name="FILEPREFIX" value="application" />
+
+ <appender name="Console"
+ class="ch.qos.logback.core.ConsoleAppender">
+ <layout class="ch.qos.logback.classic.PatternLayout">
+ <Pattern>
+ %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable
+ </Pattern>
+ </layout>
+ </appender>
+
+ <appender name="RollingFile"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${LOGS}/${FILEPREFIX}.log</file>
+ <encoder
+ class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+ <Pattern>%d %p %C{1.} [%t] %m%n</Pattern>
+ </encoder>
+
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- rollover daily and when the file reaches 10 MegaBytes -->
+ <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log
+ </fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>10MB</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ </rollingPolicy>
+ </appender>
+
+ <!-- LOG everything at INFO level -->
+ <root level="info">
+ <appender-ref ref="RollingFile" />
+ <appender-ref ref="Console" />
+ </root>
+
+ <!-- LOG "org.onap.aaf.rproxy*" at INFO level -->
+ <logger name="org.onap.aaf.rproxy" level="info" />
+
+</configuration>
diff --git a/charts/aai-gizmo/resources/rproxy/config/primary-service.properties b/charts/aai-gizmo/resources/rproxy/config/primary-service.properties
new file mode 100644
index 0000000..8ab780e
--- /dev/null
+++ b/charts/aai-gizmo/resources/rproxy/config/primary-service.properties
@@ -0,0 +1,3 @@
+primary-service.protocol = https
+primary-service.host = localhost
+primary-service.port = 9520
diff --git a/charts/aai-gizmo/resources/rproxy/config/readme.txt b/charts/aai-gizmo/resources/rproxy/config/readme.txt
new file mode 100644
index 0000000..79cf29e
--- /dev/null
+++ b/charts/aai-gizmo/resources/rproxy/config/readme.txt
@@ -0,0 +1 @@
+Relevant configuration files need to be copied here to successfully run this service locally. \ No newline at end of file
diff --git a/charts/aai-gizmo/resources/rproxy/config/reverse-proxy.properties b/charts/aai-gizmo/resources/rproxy/config/reverse-proxy.properties
new file mode 100644
index 0000000..8d46e1f
--- /dev/null
+++ b/charts/aai-gizmo/resources/rproxy/config/reverse-proxy.properties
@@ -0,0 +1 @@
+transactionid.header.name=X-TransactionId \ No newline at end of file
diff --git a/charts/aai-gizmo/templates/NOTES.txt b/charts/aai-gizmo/templates/NOTES.txt
new file mode 100644
index 0000000..0def4ed
--- /dev/null
+++ b/charts/aai-gizmo/templates/NOTES.txt
@@ -0,0 +1,33 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+ http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+ export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }})
+ export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+ echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}'
+ export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+ echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+ export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+ echo "Visit http://127.0.0.1:8080 to use your application"
+ kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
diff --git a/charts/aai-gizmo/templates/configmap.yaml b/charts/aai-gizmo/templates/configmap.yaml
new file mode 100644
index 0000000..2a4a1b5
--- /dev/null
+++ b/charts/aai-gizmo/templates/configmap.yaml
@@ -0,0 +1,110 @@
+# Copyright © 2018 Amdocs, AT&T
+# Modifications Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-model-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/model/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-log-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-filebeat-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }}
+
+{{ if .Values.global.installSidecarSecurity }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-fproxy-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/fproxy/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-fproxy-log-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/fproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-log-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/auth/uri-authorization.json").AsConfig . | indent 2 }}
+{{ end }}
+
diff --git a/charts/aai-gizmo/templates/deployment.yaml b/charts/aai-gizmo/templates/deployment.yaml
new file mode 100644
index 0000000..0f491d8
--- /dev/null
+++ b/charts/aai-gizmo/templates/deployment.yaml
@@ -0,0 +1,271 @@
+# Copyright © 2018 Amdocs, AT&T
+# Modifications Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ {{ if .Values.global.installSidecarSecurity }}
+ initContainers:
+ - name: {{ .Values.global.tproxyConfig.name }}
+ image: "{{ include "common.repository" . }}/{{ .Values.global.tproxyConfig.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ securityContext:
+ privileged: true
+ {{ end }}
+ containers:
+ - name: {{ .Chart.Name }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{ if .Values.liveness.enabled }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end }}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ env:
+ - name: CONFIG_HOME
+ value: /opt/app/crud-service/config/
+ - name: KEY_STORE_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}-pass
+ key: KEY_STORE_PASSWORD
+ - name: KEY_MANAGER_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}-pass
+ key: KEY_MANAGER_PASSWORD
+ - name: SERVICE_BEANS
+ value: /opt/app/crud-service/dynamic/conf
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /opt/app/crud-service/config/crud-api.properties
+ subPath: crud-api.properties
+ name: {{ include "common.fullname" . }}-config
+ - mountPath: /opt/app/crud-service/config/schema-ingest.properties
+ subPath: schema-ingest.properties
+ name: {{ include "common.fullname" . }}-config
+ - mountPath: /opt/app/crud-service/config/edgeprops-ingest.properties
+ subPath: edgeprops-ingest.properties
+ name: {{ include "common.fullname" . }}-config
+ - mountPath: /opt/app/crud-service/config/model/
+ name: {{ include "common.fullname" . }}-model-config
+ - mountPath: /opt/app/crud-service/config/auth
+ name: {{ include "common.fullname" . }}-auth-secret
+ - mountPath: /opt/app/crud-service/dynamic/conf/crud-beans.xml
+ name: {{ include "common.fullname" . }}-config
+ subPath: crud-beans.xml
+ - mountPath: /var/log/onap
+ name: {{ include "common.fullname" . }}-logs
+ - mountPath: /opt/app/crud-api/bundleconfig/etc/logback.xml
+ name: {{ include "common.fullname" . }}-logback-config
+ subPath: logback.xml
+ resources:
+{{ include "common.resources" . }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
+
+ - name: filebeat-onap
+ image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: /usr/share/filebeat/filebeat.yml
+ name: filebeat-conf
+ subPath: filebeat.yml
+ - mountPath: /var/log/onap
+ name: {{ include "common.fullname" . }}-logs
+ - mountPath: /usr/share/filebeat/data
+ name: {{ include "common.fullname" . }}-data-filebeat
+
+ {{ if .Values.global.installSidecarSecurity }}
+ - name: {{ .Values.global.rproxy.name }}
+ image: "{{ include "common.repository" . }}/{{ .Values.global.rproxy.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: CONFIG_HOME
+ value: "/opt/app/rproxy/config"
+ - name: KEY_STORE_PASSWORD
+ value: {{ .Values.config.keyStorePassword }}
+ - name: spring_profiles_active
+ value: {{ .Values.global.rproxy.activeSpringProfiles }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ mountPath: /opt/app/rproxy/config/forward-proxy.properties
+ subPath: forward-proxy.properties
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ mountPath: /opt/app/rproxy/config/primary-service.properties
+ subPath: primary-service.properties
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ mountPath: /opt/app/rproxy/config/reverse-proxy.properties
+ subPath: reverse-proxy.properties
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ mountPath: /opt/app/rproxy/config/cadi.properties
+ subPath: cadi.properties
+ - name: {{ include "common.fullname" . }}-rproxy-log-config
+ mountPath: /opt/app/rproxy/config/logback-spring.xml
+ subPath: logback-spring.xml
+ - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+ mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
+ subPath: uri-authorization.json
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
+ mountPath: /opt/app/rproxy/config/auth/tomcat_keystore
+ subPath: tomcat_keystore
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
+ mountPath: /opt/app/rproxy/config/auth/client-cert.p12
+ subPath: client-cert.p12
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
+ mountPath: /opt/app/rproxy/config/auth/org.onap.aai.p12
+ subPath: org.onap.aai.p12
+ - name: {{ include "common.fullname" . }}-rproxy-security-config
+ mountPath: /opt/app/rproxy/config/security/keyfile
+ subPath: keyfile
+
+ ports:
+ - containerPort: {{ .Values.global.rproxy.port }}
+
+ - name: {{ .Values.global.fproxy.name }}
+ image: "{{ include "common.repository" . }}/{{ .Values.global.fproxy.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: CONFIG_HOME
+ value: "/opt/app/fproxy/config"
+ - name: KEY_STORE_PASSWORD
+ value: {{ .Values.config.keyStorePassword }}
+ - name: TRUST_STORE_PASSWORD
+ value: {{ .Values.config.trustStorePassword }}
+ - name: spring_profiles_active
+ value: {{ .Values.global.fproxy.activeSpringProfiles }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-fproxy-config
+ mountPath: /opt/app/fproxy/config/fproxy.properties
+ subPath: fproxy.properties
+ - name: {{ include "common.fullname" . }}-fproxy-log-config
+ mountPath: /opt/app/fproxy/config/logback-spring.xml
+ subPath: logback-spring.xml
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
+ mountPath: /opt/app/fproxy/config/auth/tomcat_keystore
+ subPath: tomcat_keystore
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
+ mountPath: /opt/app/fproxy/config/auth/fproxy_truststore
+ subPath: fproxy_truststore
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
+ mountPath: /opt/app/fproxy/config/auth/client-cert.p12
+ subPath: client-cert.p12
+ ports:
+ - containerPort: {{ .Values.global.fproxy.port }}
+ {{ end }}
+
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: {{ include "common.fullname" . }}-data-filebeat
+ emptyDir: {}
+ - name: filebeat-conf
+ configMap:
+ name: {{ include "common.fullname" . }}-filebeat-configmap
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-auth-secret
+ secret:
+ secretName: {{ include "common.fullname" . }}-auth
+ - name: {{ include "common.fullname" . }}-config
+ configMap:
+ name: {{ include "common.fullname" . }}-configmap
+ items:
+ - key: crud-api.properties
+ path: crud-api.properties
+ - key: schema-ingest.properties
+ path: schema-ingest.properties
+ - key: edgeprops-ingest.properties
+ path: edgeprops-ingest.properties
+ - key: crud-beans.xml
+ path: crud-beans.xml
+ - name: {{ include "common.fullname" . }}-logback-config
+ configMap:
+ name: {{ include "common.fullname" . }}-log-configmap
+ items:
+ - key: logback.xml
+ path: logback.xml
+ - name: {{ include "common.fullname" . }}-model-config
+ configMap:
+ name: {{ include "common.fullname" . }}-model-configmap
+ {{ if .Values.global.installSidecarSecurity }}
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ configMap:
+ name: {{ include "common.fullname" . }}-rproxy-config
+ - name: {{ include "common.fullname" . }}-rproxy-log-config
+ configMap:
+ name: {{ include "common.fullname" . }}-rproxy-log-config
+ - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+ configMap:
+ name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ secret:
+ secretName: {{ include "common.fullname" . }}-rproxy-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-auth-certs
+ secret:
+ secretName: aai-rproxy-auth-certs
+ - name: {{ include "common.fullname" . }}-rproxy-security-config
+ secret:
+ secretName: aai-rproxy-security-config
+ - name: {{ include "common.fullname" . }}-fproxy-config
+ configMap:
+ name: {{ include "common.fullname" . }}-fproxy-config
+ - name: {{ include "common.fullname" . }}-fproxy-log-config
+ configMap:
+ name: {{ include "common.fullname" . }}-fproxy-log-config
+ - name: {{ include "common.fullname" . }}-fproxy-auth-certs
+ secret:
+ secretName: aai-fproxy-auth-certs
+ {{ end }}
+
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/charts/aai-gizmo/templates/secrets.yaml b/charts/aai-gizmo/templates/secrets.yaml
new file mode 100644
index 0000000..96c3424
--- /dev/null
+++ b/charts/aai-gizmo/templates/secrets.yaml
@@ -0,0 +1,54 @@
+# Copyright © 2018 Amdocs, AT&T
+# Modifications Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-auth
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ (.Files.Glob "resources/config/auth/*").AsSecrets | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-pass
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+ KEY_STORE_PASSWORD: {{ .Values.config.keyStorePassword | b64enc | quote }}
+ KEY_MANAGER_PASSWORD: {{ .Values.config.keyManagerPassword | b64enc | quote }}
+
+{{ if .Values.global.installSidecarSecurity }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-auth-config
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }}
+{{ end }}
diff --git a/charts/aai-gizmo/templates/service.yaml b/charts/aai-gizmo/templates/service.yaml
new file mode 100644
index 0000000..a584800
--- /dev/null
+++ b/charts/aai-gizmo/templates/service.yaml
@@ -0,0 +1,54 @@
+# Copyright © 2018 Amdocs, AT&T
+# Modifications Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ annotations:
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{ if .Values.global.installSidecarSecurity }}
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ targetPort: {{ .Values.global.rproxy.port }}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.global.rproxy.port }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ {{ else }}
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ {{ end }}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
diff --git a/charts/aai-gizmo/values.yaml b/charts/aai-gizmo/values.yaml
new file mode 100644
index 0000000..9fbe852
--- /dev/null
+++ b/charts/aai-gizmo/values.yaml
@@ -0,0 +1,81 @@
+# Copyright © 2018 Amdocs, AT&T
+# Modifications Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+global:
+ nodePortPrefix: 302
+ loggingImage: beats/filebeat:5.5.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+
+# application image
+image: onap/gizmo:1.4-STAGING-latest
+flavor: small
+# application configuration
+config:
+ keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+ keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+ trustStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 60
+ timeoutSeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 60
+ timeoutSeconds: 10
+ periodSeconds: 10
+
+service:
+ type: NodePort
+ name: aai-crud-service
+ portName: aai-crud-service
+ internalPort: 9520
+ externalPort: 9520
+ nodePort: 68
+
+ingress:
+ enabled: false
+
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 4Gi
+ requests:
+ cpu: 0.5
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 8Gi
+ requests:
+ cpu: 1
+ memory: 1536Mi
+ unlimited: {}
diff --git a/charts/aai-graphadmin/.helmignore b/charts/aai-graphadmin/.helmignore
new file mode 100644
index 0000000..f0c1319
--- /dev/null
+++ b/charts/aai-graphadmin/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/charts/aai-graphadmin/Chart.yaml b/charts/aai-graphadmin/Chart.yaml
new file mode 100644
index 0000000..7772ab0
--- /dev/null
+++ b/charts/aai-graphadmin/Chart.yaml
@@ -0,0 +1,23 @@
+#
+# ============LICENSE_START=======================================================
+# org.onap.aai
+# ================================================================================
+# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+description: ONAP AAI GraphAdmin
+name: aai-graphadmin
+version: 4.0.0
diff --git a/charts/aai-graphadmin/resources/config/aaiconfig.properties b/charts/aai-graphadmin/resources/config/aaiconfig.properties
new file mode 100644
index 0000000..0aeb2d1
--- /dev/null
+++ b/charts/aai-graphadmin/resources/config/aaiconfig.properties
@@ -0,0 +1,123 @@
+#
+# ============LICENSE_START=======================================================
+# org.onap.aai
+# ================================================================================
+# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+aai.config.checktime=1000
+
+# this could come from siteconfig.pl?
+aai.config.nodename=AutomaticallyOverwritten
+
+aai.server.url.base=https://aai.{{ include "common.namespace" . }}:8443/aai/
+aai.server.url=https://aai.{{ include "common.namespace" . }}:8443/aai/{{ .Values.global.config.schema.version.api.default }}/
+aai.global.callback.url=https://aai.{{ include "common.namespace" . }}:8443/aai/
+
+{{ if .Values.global.config.basic.auth.enabled }}
+aai.tools.enableBasicAuth=true
+aai.tools.username={{ .Values.global.config.basic.auth.username }}
+aai.tools.password={{ .Values.global.config.basic.auth.passwd }}
+{{ end }}
+
+aai.truststore.filename={{ .Values.global.config.truststore.filename }}
+aai.truststore.passwd.x={{ .Values.global.config.truststore.passwd }}
+aai.keystore.filename={{ .Values.global.config.keystore.filename }}
+aai.keystore.passwd.x={{ .Values.global.config.keystore.passwd }}
+
+aai.notification.current.version={{ .Values.global.config.schema.version.api.default }}
+aai.notificationEvent.default.status=UNPROCESSED
+aai.notificationEvent.default.eventType={{ .Values.global.config.notification.eventType }}
+aai.notificationEvent.default.domain={{ .Values.global.config.notification.domain }}
+aai.notificationEvent.default.sourceName=aai
+aai.notificationEvent.default.sequenceNumber=0
+aai.notificationEvent.default.severity=NORMAL
+aai.notificationEvent.default.version={{ .Values.global.config.schema.version.api.default }}
+# This one lets us enable/disable resource-version checking on updates/deletes
+aai.resourceversion.enableflag=true
+aai.logging.maxStackTraceEntries=10
+aai.default.api.version={{ .Values.global.config.schema.version.api.default }}
+
+# Used by Data Grooming
+aai.grooming.default.max.fix={{ .Values.config.maxFix.dataGrooming | int }}
+aai.grooming.default.sleep.minutes={{ .Values.config.sleepMinutes.dataGrooming | int }}
+
+# Used by DupeTool
+aai.dupeTool.default.max.fix={{ .Values.config.maxFix.dupeTool | int }}
+aai.dupeTool.default.sleep.minutes={{ .Values.config.sleepMinutes.dupeTool | int }}
+
+
+aai.model.proc.max.levels=50
+aai.edgeTag.proc.max.levels=50
+
+# Used by the ForceDelete tool
+aai.forceDel.protected.nt.list=cloud-region
+aai.forceDel.protected.edge.count=10
+aai.forceDel.protected.descendant.count=10
+
+#used by the dataGrooming and dataSnapshot cleanup tasks
+aai.cron.enable.datagroomingcleanup={{ .Values.config.cron.dataCleanup.dataGrooming.enabled }}
+aai.cron.enable.datasnapshotcleanup={{ .Values.config.cron.dataCleanup.dataSnapshot.enabled }}
+aai.datagrooming.agezip={{ .Values.config.cron.dataCleanup.dataGrooming.ageZip | int }}
+aai.datagrooming.agedelete={{ .Values.config.cron.dataCleanup.dataGrooming.ageDelete | int }}
+
+aai.datasnapshot.agezip={{ .Values.config.cron.dataCleanup.dataSnapshot.ageZip | int }}
+aai.datasnapshot.agedelete={{ .Values.config.cron.dataCleanup.dataSnapshot.ageDelete | int }}
+
+#used by the dataSnapshot and dataGrooming tasks
+aai.cron.enable.dataSnapshot={{ .Values.config.cron.dataSnapshot.enabled }}
+
+aai.cron.enable.dataGrooming={{ .Values.config.cron.dataGrooming.enabled }}
+
+#used by the dataGrooming tasks
+aai.datagrooming.enableautofix=true
+aai.datagrooming.enabledupefixon=true
+aai.datagrooming.enabledontfixorphans=true
+aai.datagrooming.enabletimewindowminutes=true
+aai.datagrooming.enableskiphostcheck=false
+aai.datagrooming.enablesleepminutes=false
+aai.datagrooming.enableedgesonly=false
+aai.datagrooming.enableskipedgechecks=false
+aai.datagrooming.enablemaxfix=false
+aai.datagrooming.enablesinglecommits=false
+aai.datagrooming.enabledupecheckoff=false
+aai.datagrooming.enableghost2checkoff=false
+aai.datagrooming.enableghost2fixon=false
+aai.datagrooming.enablef=false
+
+# used by the dataGrooming to set values
+aai.datagrooming.timewindowminutesvalue=10500
+aai.datagrooming.sleepminutesvalue=100
+aai.datagrooming.maxfixvalue=10
+aai.datagrooming.fvalue=10
+
+#timeout for traversal enabled flag
+aai.graphadmin.timeoutenabled={{ .Values.config.timeout.enabled }}
+#default timeout limit added for graphadmin if not overridden (in ms)
+aai.graphadmin.timeoutlimit={{ .Values.config.timeout.limit }}
+
+#timeout app specific -1 to bypass for that app id, a whole number to override the timeout with that value (in ms)
+aai.graphadmin.timeout.appspecific={{ .Values.global.config.realtime.clients }}
+
+# Disable the process check which are oriented towards linux OS
+# These props should only be true for local on windows
+aai.disable.check.snapshot.running=false
+aai.disable.check.grooming.running=false
+
+# Specify the params listed right here that you would have send to the dataSnapshot shell script
+# JUST_TAKE_SNAPSHOT
+# THREADED_SNAPSHOT 2 DEBUG
+# THREADED_SNAPSHOT 2
+aai.datasnapshot.params={{ .Values.config.cron.dataSnapshot.params }}
diff --git a/charts/aai-graphadmin/resources/config/application.properties b/charts/aai-graphadmin/resources/config/application.properties
new file mode 100644
index 0000000..c23c5fa
--- /dev/null
+++ b/charts/aai-graphadmin/resources/config/application.properties
@@ -0,0 +1,99 @@
+#
+# ============LICENSE_START=======================================================
+# org.onap.aai
+# ================================================================================
+# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+# The following info parameters are being referenced by ajsc6
+info.build.artifact=aai-graphadmin
+info.build.name=resources
+info.build.description=Resources Microservice
+info.build.version=1.2.0
+
+spring.application.name=aai-graphadmin
+spring.jersey.type=filter
+
+server.contextPath=/
+spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration
+
+spring.profiles.active={{ .Values.global.config.profiles.active }}
+spring.jersey.application-path=${schema.uri.base.path}
+#The max number of active threads in this pool
+server.tomcat.max-threads=200
+#The minimum number of threads always kept alive
+server.tomcat.min-Spare-Threads=25
+#The number of milliseconds before an idle thread shutsdown, unless the number of active threads are less or equal to minSpareThreads
+server.tomcat.max-idle-time=60000
+
+# If you get an application startup failure that the port is already taken
+# If thats not it, please check if the key-store file path makes sense
+server.local.startpath=aai-graphadmin/src/main/resources/
+server.basic.auth.location=${server.local.startpath}etc/auth/realm.properties
+
+server.port=8449
+server.ssl.enabled-protocols=TLSv1.1,TLSv1.2
+server.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }}
+server.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }})
+server.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }}
+server.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }})
+server.ssl.client-auth=want
+server.ssl.key-store-type=JKS
+
+# JMS bind address host port
+jms.bind.address=tcp://localhost:61649
+dmaap.ribbon.listOfServers=message-router.{{.Release.Namespace}}:3905
+dmaap.ribbon.transportType=https
+
+# Schema related attributes for the oxm and edges
+# Any additional schema related attributes should start with prefix schema
+schema.configuration.location=N/A
+schema.source.name={{ .Values.global.config.schema.source.name }}
+schema.nodes.location=${server.local.startpath}/schema/${schema.source.name}/oxm/
+schema.edges.location=${server.local.startpath}/schema/${schema.source.name}/dbedgerules/
+
+schema.ingest.file=${server.local.startpath}/application.properties
+
+# Schema Version Related Attributes
+
+schema.uri.base.path={{ .Values.global.config.schema.uri.base.path }}
+# Lists all of the versions in the schema
+schema.version.list={{ .Values.global.config.schema.version.list }}
+# Specifies from which version should the depth parameter to default to zero
+schema.version.depth.start={{ .Values.global.config.schema.version.depth }}
+# Specifies from which version should the related link be displayed in response payload
+schema.version.related.link.start={{ .Values.global.config.schema.version.related.link }}
+
+# Specifies from which version should the client see only the uri excluding host info
+# Before this version server base will also be included
+schema.version.app.root.start={{ .Values.global.config.schema.version.app.root }}
+# Specifies from which version should the namespace be changed
+schema.version.namespace.change.start={{ .Values.global.config.schema.version.namespace.change }}
+# Specifies from which version should the client start seeing the edge label in payload
+schema.version.edge.label.start={{ .Values.global.config.schema.version.edge.label }}
+# Specifies the version that the application should default to
+schema.version.api.default={{ .Values.global.config.schema.version.api.default }}
+
+schema.translator.list={{ .Values.global.config.schema.translator.list }}
+schema.service.base.url=https://aai-schema-service.{{ include "common.namespace" . }}:8452/aai/schema-service/v1/
+schema.service.nodes.endpoint=nodes?version=
+schema.service.edges.endpoint=edgerules?version=
+schema.service.versions.endpoint=versions
+schema.service.client={{ .Values.global.config.schema.service.client }}
+
+schema.service.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }}
+schema.service.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }}
+schema.service.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }})
+schema.service.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }})
diff --git a/charts/aai-graphadmin/resources/config/janusgraph-cached.properties b/charts/aai-graphadmin/resources/config/janusgraph-cached.properties
new file mode 100644
index 0000000..82e7ea9
--- /dev/null
+++ b/charts/aai-graphadmin/resources/config/janusgraph-cached.properties
@@ -0,0 +1,96 @@
+#
+# ============LICENSE_START=======================================================
+# org.onap.aai
+# ================================================================================
+# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+query.fast-property=true
+query.smart-limit=false
+
+{{ if .Values.global.config.cluster.cassandra.dynamic }}
+
+storage.backend=cassandra
+storage.hostname={{.Values.global.cassandra.serviceName}}
+
+storage.cassandra.keyspace=aaigraph
+
+storage.cassandra.read-consistency-level=LOCAL_QUORUM
+storage.cassandra.write-consistency-level=LOCAL_QUORUM
+storage.cassandra.replication-factor={{.Values.global.cassandra.replicas}}
+storage.cassandra.replication-strategy-class=org.apache.cassandra.locator.SimpleStrategy
+
+{{ else }}
+
+{{ if .Values.global.config.storage }}
+
+storage.backend={{ .Values.global.config.storage.backend }}
+
+{{ if eq .Values.global.config.storage.backend "cassandra" }}
+
+storage.hostname={{ .Values.global.config.storage.hostname }}
+storage.cassandra.keyspace={{ .Values.global.config.storage.name }}
+
+storage.cassandra.read-consistency-level={{ .Values.global.config.storage.cassandra.readConsistency }}
+storage.cassandra.write-consistency-level={{ .Values.global.config.storage.cassandra.writeConsistency }}
+storage.cassandra.replication-factor={{ .Values.global.config.storage.cassandra.replicationFactor | int }}
+storage.cassandra.astyanax.cluster-name= {{ .Values.global.config.storage.clusterName }}
+storage.cassandra.astyanax.local-datacenter= {{ .Values.global.config.storage.localDataCenter }}
+
+storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }}
+cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
+log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
+
+{{ else if eq .Values.global.config.storage.backend "cql" }}
+
+storage.hostname={{ .Values.global.config.storage.hostname }}
+storage.cql.keyspace={{ .Values.global.config.storage.name }}
+
+storage.cql.read-consistency-level={{ .Values.global.config.storage.cql.readConsistency }}
+storage.cql.write-consistency-level={{ .Values.global.config.storage.cql.readConsistency }}
+storage.cql.replication-factor={{ .Values.global.config.storage.cql.replicationFactor | int }}
+
+storage.cql.only-use-local-consistency-for-system-operations={{ .Values.global.config.storage.cql.localConsistencyForSysOps }}
+storage.cql.cluster-name={{ .Values.global.config.storage.clusterName }}
+storage.cql.local-datacenter={{ .Values.global.config.storage.localDataCenter }}
+
+storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }}
+cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
+log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
+
+{{ else if eq .Values.global.config.storage.backend "hbase" }}
+
+storage.hostname={{ .Values.global.config.storage.hostname }}
+storage.hbase.table={{ .Values.global.config.storage.name }}
+
+storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }}
+cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
+log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
+
+{{ end }}
+
+{{ end }}
+
+{{ end }}
+
+storage.lock.wait-time=300
+#caching on
+cache.db-cache = true
+cache.db-cache-clean-wait = 20
+cache.db-cache-time = 180000
+cache.db-cache-size = 0.3
+
+#load graphson file on startup
+load.snapshot.file=false
diff --git a/charts/aai-graphadmin/resources/config/janusgraph-realtime.properties b/charts/aai-graphadmin/resources/config/janusgraph-realtime.properties
new file mode 100644
index 0000000..e9e9a9e
--- /dev/null
+++ b/charts/aai-graphadmin/resources/config/janusgraph-realtime.properties
@@ -0,0 +1,89 @@
+#
+# ============LICENSE_START=======================================================
+# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+query.fast-property=true
+query.smart-limit=false
+
+{{ if .Values.global.config.cluster.cassandra.dynamic }}
+
+storage.backend=cassandra
+storage.hostname={{.Values.global.cassandra.serviceName}}
+storage.cassandra.keyspace=aaigraph
+
+storage.cassandra.read-consistency-level=LOCAL_QUORUM
+storage.cassandra.write-consistency-level=LOCAL_QUORUM
+storage.cassandra.replication-factor={{.Values.global.cassandra.replicas}}
+storage.cassandra.replication-strategy-class=org.apache.cassandra.locator.SimpleStrategy
+
+{{ else }}
+
+{{ if .Values.global.config.storage }}
+
+storage.backend={{ .Values.global.config.storage.backend }}
+
+{{ if eq .Values.global.config.storage.backend "cassandra" }}
+
+storage.hostname={{ .Values.global.config.storage.hostname }}
+storage.cassandra.keyspace={{ .Values.global.config.storage.name }}
+
+storage.cassandra.read-consistency-level={{ .Values.global.config.storage.cassandra.readConsistency }}
+storage.cassandra.write-consistency-level={{ .Values.global.config.storage.cassandra.writeConsistency }}
+storage.cassandra.replication-factor={{ .Values.global.config.storage.cassandra.replicationFactor | int }}
+storage.cassandra.astyanax.cluster-name= {{ .Values.global.config.storage.clusterName }}
+storage.cassandra.astyanax.local-datacenter= {{ .Values.global.config.storage.localDataCenter }}
+
+storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }}
+cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
+log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
+
+{{ else if eq .Values.global.config.storage.backend "cql" }}
+
+storage.hostname={{ .Values.global.config.storage.hostname }}
+storage.cql.keyspace={{ .Values.global.config.storage.name }}
+
+storage.cql.read-consistency-level={{ .Values.global.config.storage.cql.readConsistency }}
+storage.cql.write-consistency-level={{ .Values.global.config.storage.cql.readConsistency }}
+storage.cql.replication-factor={{ .Values.global.config.storage.cql.replicationFactor | int }}
+
+storage.cql.only-use-local-consistency-for-system-operations={{ .Values.global.config.storage.cql.localConsistencyForSysOps }}
+storage.cql.cluster-name={{ .Values.global.config.storage.clusterName }}
+storage.cql.local-datacenter={{ .Values.global.config.storage.localDataCenter }}
+
+storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }}
+cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
+log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
+
+{{ else if eq .Values.global.config.storage.backend "hbase" }}
+
+storage.hostname={{ .Values.global.config.storage.hostname }}
+storage.hbase.table={{ .Values.global.config.storage.name }}
+
+storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }}
+cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
+log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
+
+{{ end }}
+
+{{ end }}
+
+{{ end }}
+
+storage.lock.wait-time=300
+# Setting db-cache to false ensure the fastest propagation of changes across servers
+cache.db-cache = false
+#load graphson file on startup
+load.snapshot.file=false
diff --git a/charts/aai-graphadmin/resources/config/localhost-access-logback.xml b/charts/aai-graphadmin/resources/config/localhost-access-logback.xml
new file mode 100644
index 0000000..95d4123
--- /dev/null
+++ b/charts/aai-graphadmin/resources/config/localhost-access-logback.xml
@@ -0,0 +1,60 @@
+<!--
+
+ ============LICENSE_START=======================================================
+ org.onap.aai
+ ================================================================================
+ Copyright © 2018 AT&T Intellectual Property. All rights reserved.
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END=========================================================
+
+-->
+<configuration>
+ <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
+ <appender name="ACCESS"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
+ <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D</Pattern>
+ </encoder>
+ </appender>
+ <appender-ref ref="ACCESS" />
+</configuration>
+
+<!--
+%a - Remote IP address
+%A - Local IP address
+%b - Bytes sent, excluding HTTP headers, or '-' if no bytes were sent
+%B - Bytes sent, excluding HTTP headers
+%h - Remote host name
+%H - Request protocol
+%l - Remote logical username from identd (always returns '-')
+%m - Request method
+%p - Local port
+%q - Query string (prepended with a '?' if it exists, otherwise an empty string
+%r - First line of the request
+%s - HTTP status code of the response
+%S - User session ID
+%t - Date and time, in Common Log Format format
+%u - Remote user that was authenticated
+%U - Requested URL path
+%v - Local server name
+%I - current request thread name (can compare later with stacktraces)
+
+%z - Custom pattern that parses the cert for the subject
+%y - Custom pattern determines rest or dme2
+ --> \ No newline at end of file
diff --git a/charts/aai-graphadmin/resources/config/logback.xml b/charts/aai-graphadmin/resources/config/logback.xml
new file mode 100644
index 0000000..e5e6ab5
--- /dev/null
+++ b/charts/aai-graphadmin/resources/config/logback.xml
@@ -0,0 +1,614 @@
+<!--
+
+ ============LICENSE_START=======================================================
+ org.onap.aai
+ ================================================================================
+ Copyright 2019 AT&T Intellectual Property. All rights reserved.
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END=========================================================
+
+-->
+<configuration scan="true" scanPeriod="60 seconds" debug="false">
+ <statusListener class="ch.qos.logback.core.status.NopStatusListener" />
+
+ <property resource="application.properties" />
+
+ <property name="namespace" value="graph-admin"/>
+
+ <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
+
+ <property name="logDirectory" value="${AJSC_HOME}/logs" />
+ <property name="eelfLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <property name="eelfAuditLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <property name="eelfMetricLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{targetVirtualEntity}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <!-- <property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/> -->
+ <property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%ecompResponseCode|%ecompResponseDescription|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <property name="eelfTransLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{partnerName}:%m%n"/>
+
+ <conversionRule conversionWord="clr" converterClass="org.springframework.boot.logging.logback.ColorConverter" />
+ <conversionRule conversionWord="wex" converterClass="org.springframework.boot.logging.logback.WhitespaceThrowableProxyConverter" />
+ <conversionRule conversionWord="wEx" converterClass="org.springframework.boot.logging.logback.ExtendedWhitespaceThrowableProxyConverter" />
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>
+ %clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx}
+ </pattern>
+ </encoder>
+ </appender>
+
+ <appender name="SANE" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/rest/sane.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/sane.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder>
+ <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n
+ </pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncSANE" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="SANE" />
+ </appender>
+
+ <appender name="METRIC"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <file>${logDirectory}/rest/metrics.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfMetricLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncMETRIC" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="METRIC" />
+ </appender>
+
+ <appender name="DEBUG"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <file>${logDirectory}/rest/debug.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/debug.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncDEBUG" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="DEBUG" />
+ </appender>
+
+ <appender name="ERROR"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <file>${logDirectory}/rest/error.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/error.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${"eelfErrorLogPattern"}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncERROR" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="ERROR" />
+ </appender>
+
+ <appender name="AUDIT"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/rest/audit.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/audit.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfAuditLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncAUDIT" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="AUDIT" />
+ </appender>
+
+ <appender name="translog"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <file>${logDirectory}/rest/translog.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/translog.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfTransLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asynctranslog" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="translog" />
+ </appender>
+
+ <appender name="dmaapAAIEventConsumer"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <File>${logDirectory}/dmaapAAIEventConsumer/error.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${"eelfErrorLogPattern"}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="dmaapAAIEventConsumerDebug"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dmaapAAIEventConsumer/debug.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="dmaapAAIEventConsumerMetric"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dmaapAAIEventConsumer/metrics.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfMetricLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="external"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <file>${logDirectory}/external/external.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/external/external.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <!-- DataGrooming logs started -->
+ <appender name="dataGrooming" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <File>${logDirectory}/dataGrooming/error.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dataGrooming/error.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfErrorLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="dataGroomingdebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dataGrooming/debug.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dataGrooming/debug.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="dataGroomingmetric" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dataGrooming/metrics.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dataGrooming/metrics.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfMetricLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <!-- DataGrooming logs ended -->
+
+ <!-- DataSnapshot logs started -->
+ <appender name="dataSnapshot" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <File>${logDirectory}/dataSnapshot/error.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dataSnapshot/error.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfErrorLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="dataSnapshotdebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dataSnapshot/debug.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dataSnapshot/debug.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="dataSnapshotmetric" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dataSnapshot/metrics.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dataSnapshot/metrics.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfMetricLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <!-- DataSnapshot logs ended -->
+
+ <!-- CreateDBSchema logs started -->
+ <appender name="createDBSchema" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <File>${logDirectory}/createDBSchema/error.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/createDBSchema/error.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${"eelfErrorLogPattern"}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="createDBSchemadebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/createDBSchema/debug.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/createDBSchema/debug.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="createDBSchemametric" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/createDBSchema/metrics.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/createDBSchema/metrics.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfMetricLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <!-- CreateDBSchema logs ended -->
+
+ <!-- DataCleanupTasks logs started -->
+ <appender name="dataCleanuperror" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <File>${logDirectory}/misc/error.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/misc/error.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${"eelfErrorLogPattern"}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="dataCleanupdebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/misc/debug.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/misc/debug.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="dataCleanupmetric" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/misc/metrics.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/misc/metrics.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfMetricLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <!-- DataCleanupTasks logs ended -->
+
+ <!-- pullInvData logs started -->
+ <appender name="pullInvData" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <File>${logDirectory}/pullInvData/error.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/pullInvData/error.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${"eelfErrorLogPattern"}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="pullInvDatadebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/pullInvData/debug.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/pullInvData/debug.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="pullInvDatametric" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/pullInvData/metrics.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/pullInvData/metrics.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfMetricLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <!-- pullInvData logs ended -->
+ <!-- DataGrooming logs started -->
+ <appender name="dataExportError" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <File>${logDirectory}/dataExport/error.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dataExport/error.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfErrorLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="dataExportDebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dataExport/debug.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dataExport/debug.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="dataExportMetric" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dataExport/metrics.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dataExport/metrics.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfMetricLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <logger name="org.onap.aai" level="DEBUG" additivity="false">
+ <appender-ref ref="asyncDEBUG" />
+ <appender-ref ref="asyncERROR" />
+ <appender-ref ref="asyncMETRIC" />
+ <appender-ref ref="asyncSANE" />
+ <appender-ref ref="STDOUT"/>
+ </logger>
+
+ <!-- Spring related loggers -->
+ <logger name="org.springframework" level="WARN" />
+ <logger name="org.springframework.beans" level="WARN" />
+ <logger name="org.springframework.web" level="WARN" />
+ <logger name="com.blog.spring.jms" level="WARN" />
+ <logger name="com.jayway.jsonpath" level="WARN" />
+
+
+ <!-- logback internals logging -->
+ <logger name="ch.qos.logback.classic" level="WARN" />
+ <logger name="ch.qos.logback.core" level="WARN" />
+
+ <logger name="org.eclipse.jetty" level="WARN" />
+
+ <logger name="org.onap.aai.interceptors.post" level="DEBUG"
+ additivity="false">
+ <appender-ref ref="asynctranslog" />
+ </logger>
+
+ <logger name="org.onap.aai.interceptors.pre.SetLoggingContext" level="DEBUG">
+ <appender-ref ref="asyncAUDIT"/>
+ </logger>
+
+ <logger name="org.onap.aai.interceptors.post.ResetLoggingContext" level="DEBUG">
+ <appender-ref ref="asyncAUDIT"/>
+ </logger>
+
+ <logger name="org.onap.aai.dmaap" level="DEBUG" additivity="false">
+ <appender-ref ref="dmaapAAIEventConsumer" />
+ <appender-ref ref="dmaapAAIEventConsumerDebug" />
+ <appender-ref ref="dmaapAAIEventConsumerMetric" />
+ </logger>
+
+ <logger name="org.onap.aai.datasnapshot" level="DEBUG" additivity="false">
+ <appender-ref ref="dataSnapshot"/>
+ <appender-ref ref="dataSnapshotdebug"/>
+ <appender-ref ref="dataSnapshotmetric"/>
+ <appender-ref ref="STDOUT"/>
+ </logger>
+
+ <logger name="org.onap.aai.datagrooming" level="DEBUG" additivity="false">
+ <appender-ref ref="dataGrooming"/>
+ <appender-ref ref="dataGroomingdebug"/>
+ <appender-ref ref="dataGroomingmetric"/>
+ <appender-ref ref="STDOUT"/>
+ </logger>
+
+ <logger name="org.onap.aai.schema" level="DEBUG" additivity="false">
+ <appender-ref ref="createDBSchema"/>
+ <appender-ref ref="createDBSchemadebug"/>
+ <appender-ref ref="createDBSchemametric"/>
+ <appender-ref ref="STDOUT" />
+ </logger>
+
+ <logger name="org.onap.aai.dbgen" level="DEBUG" additivity="false">
+ <appender-ref ref="createDBSchema"/>
+ <appender-ref ref="createDBSchemadebug"/>
+ <appender-ref ref="createDBSchemametric"/>
+ <appender-ref ref="STDOUT" />
+ </logger>
+
+ <logger name="org.onap.aai.dbgen.PullInvData" level="DEBUG" additivity="false">
+ <appender-ref ref="pullInvData"/>
+ <appender-ref ref="pullInvDatadebug"/>
+ <appender-ref ref="pullInvDatametric"/>
+ </logger>
+
+ <logger name="org.onap.aai.datacleanup" level="INFO" additivity="false">
+ <appender-ref ref="dataCleanuperror" />
+ <appender-ref ref="dataCleanupdebug" />
+ <appender-ref ref="dataCleanupmetric" />
+ <appender-ref ref="STDOUT"/>
+ </logger>
+ <logger name="org.onap.aai.dataexport" level="DEBUG" additivity="false">
+ <appender-ref ref="dataExportError"/>
+ <appender-ref ref="dataExportDebug"/>
+ <appender-ref ref="dataExportMetric"/>
+ <appender-ref ref="STDOUT"/>
+ </logger>
+ <logger name="org.apache" level="WARN" />
+ <logger name="org.zookeeper" level="WARN" />
+ <logger name="com.netflix" level="WARN" />
+ <logger name="org.janusgraph" level="WARN" />
+ <logger name="com.att.aft.dme2" level="WARN" />
+
+ <!-- ============================================================================ -->
+ <!-- General EELF logger -->
+ <!-- ============================================================================ -->
+ <logger name="com.att.eelf" level="WARN" additivity="false">
+ <appender-ref ref="asyncDEBUG" />
+ <appender-ref ref="asyncERROR" />
+ <appender-ref ref="asyncMETRIC" />
+ </logger>
+
+ <root level="DEBUG">
+ <appender-ref ref="external" />
+ {{ if .Values.global.config.logback.console.enabled }}
+ <appender-ref ref="STDOUT" />
+ {{ end }}
+ </root>
+</configuration>
diff --git a/charts/aai-graphadmin/resources/config/migration/janusgraph-migration-cached.properties b/charts/aai-graphadmin/resources/config/migration/janusgraph-migration-cached.properties
new file mode 100644
index 0000000..28e3089
--- /dev/null
+++ b/charts/aai-graphadmin/resources/config/migration/janusgraph-migration-cached.properties
@@ -0,0 +1,70 @@
+#
+# ============LICENSE_START=======================================================
+# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+query.fast-property=true
+query.smart-limit=false
+
+{{- if eq .Values.global.jobs.migration.remoteCassandra.enabled false }}
+
+storage.backend=cassandra
+
+#In case of upgrades from Casablanca provide the override aai.global.cassandra.existingInstServiceName=aai-cassandra
+storage.hostname={{ .Values.global.cassandra.existingInstServiceName | default .Values.global.cassandra.serviceName }}
+
+storage.cassandra.keyspace=aaigraph
+storage.cassandra.read-consistency-level=LOCAL_QUORUM
+storage.cassandra.write-consistency-level=LOCAL_QUORUM
+storage.cassandra.replication-factor=3
+storage.cassandra.replication-strategy-class=org.apache.cassandra.locator.SimpleStrategy
+{{- else }}
+{{- if .Values.global.jobs.migration.remoteCassandra.storage }}
+storage.backend={{ .Values.global.jobs.migration.remoteCassandra.storage.backend }}
+storage.hostname={{ .Values.global.jobs.migration.remoteCassandra.storage.hostname }}
+{{- if eq .Values.global.jobs.migration.remoteCassandra.storage.backend "cassandra" }}
+storage.cassandra.keyspace={{ .Values.global.jobs.migration.remoteCassandra.storage.name }}
+storage.cassandra.read-consistency-level={{ .Values.global.jobs.migration.remoteCassandra.storage.cassandra.readConsistency }}
+storage.cassandra.write-consistency-level={{ .Values.global.jobs.migration.remoteCassandra.storage.cassandra.writeConsistency }}
+storage.cassandra.replication-factor={{ .Values.global.jobs.migration.remoteCassandra.storage.cassandra.replicationFactor | int }}
+storage.cassandra.replication-strategy-class=org.apache.cassandra.locator.SimpleStrategy
+
+{{- else if eq .Values.global.jobs.migration.remoteCassandra.storage.backend "cql" }}
+storage.cql.keyspace={{ .Values.global.jobs.migration.remoteCassandra.storage.name }}
+storage.cql.read-consistency-level={{ .Values.global.jobs.migration.remoteCassandra.storage.cql.readConsistency }}
+storage.cql.write-consistency-level={{ .Values.global.jobs.migration.remoteCassandra.storage.cql.readConsistency }}
+storage.cql.replication-factor={{ .Values.global.jobs.migration.remoteCassandra.storage.cql.replicationFactor | int }}
+storage.cql.only-use-local-consistency-for-system-operations={{ .Values.global.jobs.migration.remoteCassandra.storage.cql.localConsistencyForSysOps }}
+storage.cql.cluster-name={{ .Values.global.jobs.migration.remoteCassandra.storage.cql.clusterName }}
+storage.cql.local-datacenter={{ .Values.global.jobs.migration.remoteCassandra.storage.cql.localDataCenter }}
+
+{{- else if eq .Values.global.jobs.migration.remoteCassandra.storage.backend "hbase" }}
+storage.hbase.table={{ .Values.global.jobs.migration.remoteCassandra.storage.name }}
+{{- end }}
+storage.connection-timeout={{ .Values.global.jobs.migration.remoteCassandra.storage.connectionTimeout | int }}
+cache.tx-cache-size={{ .Values.global.jobs.migration.remoteCassandra.storage.cacheSize | int }}
+log.tx.key-consistent={{ .Values.global.jobs.migration.remoteCassandra.storage.keyConsistent }}
+{{- end }}
+{{- end }}
+storage.lock.wait-time=300
+
+#caching on
+cache.db-cache = true
+cache.db-cache-clean-wait = 20
+cache.db-cache-time = 180000
+cache.db-cache-size = 0.3
+
+#load graphson file on startup
+load.snapshot.file=false
diff --git a/charts/aai-graphadmin/resources/config/migration/janusgraph-migration-real.properties b/charts/aai-graphadmin/resources/config/migration/janusgraph-migration-real.properties
new file mode 100644
index 0000000..4c28b20
--- /dev/null
+++ b/charts/aai-graphadmin/resources/config/migration/janusgraph-migration-real.properties
@@ -0,0 +1,65 @@
+#
+# ============LICENSE_START=======================================================
+# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+query.fast-property=true
+query.smart-limit=false
+
+{{- if eq .Values.global.jobs.migration.remoteCassandra.enabled false }}
+
+storage.backend=cassandra
+
+#In case of upgrades from Casablanca provide the override aai.global.cassandra.existingInstServiceName=aai-cassandra
+storage.hostname={{ .Values.global.cassandra.existingInstServiceName | default .Values.global.cassandra.serviceName }}
+
+storage.cassandra.keyspace=aaigraph
+storage.cassandra.read-consistency-level=LOCAL_QUORUM
+storage.cassandra.write-consistency-level=LOCAL_QUORUM
+storage.cassandra.replication-factor=3
+storage.cassandra.replication-strategy-class=org.apache.cassandra.locator.SimpleStrategy
+{{- else }}
+{{- if .Values.global.jobs.migration.remoteCassandra.storage }}
+storage.backend={{ .Values.global.jobs.migration.remoteCassandra.storage.backend }}
+storage.hostname={{ .Values.global.jobs.migration.remoteCassandra.storage.hostname }}
+{{- if eq .Values.global.jobs.migration.remoteCassandra.storage.backend "cassandra" }}
+storage.cassandra.keyspace={{ .Values.global.jobs.migration.remoteCassandra.storage.name }}
+storage.cassandra.read-consistency-level={{ .Values.global.jobs.migration.remoteCassandra.storage.cassandra.readConsistency }}
+storage.cassandra.write-consistency-level={{ .Values.global.jobs.migration.remoteCassandra.storage.cassandra.writeConsistency }}
+storage.cassandra.replication-factor={{ .Values.global.jobs.migration.remoteCassandra.storage.cassandra.replicationFactor | int }}
+storage.cassandra.replication-strategy-class=org.apache.cassandra.locator.SimpleStrategy
+
+{{- else if eq .Values.global.jobs.migration.remoteCassandra.storage.backend "cql" }}
+storage.cql.keyspace={{ .Values.global.jobs.migration.remoteCassandra.storage.name }}
+storage.cql.read-consistency-level={{ .Values.global.jobs.migration.remoteCassandra.storage.cql.readConsistency }}
+storage.cql.write-consistency-level={{ .Values.global.jobs.migration.remoteCassandra.storage.cql.readConsistency }}
+storage.cql.replication-factor={{ .Values.global.jobs.migration.remoteCassandra.storage.cql.replicationFactor | int }}
+storage.cql.only-use-local-consistency-for-system-operations={{ .Values.global.jobs.migration.remoteCassandra.storage.cql.localConsistencyForSysOps }}
+storage.cql.cluster-name={{ .Values.global.jobs.migration.remoteCassandra.storage.cql.clusterName }}
+storage.cql.local-datacenter={{ .Values.global.jobs.migration.remoteCassandra.storage.cql.localDataCenter }}
+
+{{- else if eq .Values.global.jobs.migration.remoteCassandra.storage.backend "hbase" }}
+storage.hbase.table={{ .Values.global.jobs.migration.remoteCassandra.storage.name }}
+{{- end }}
+storage.connection-timeout={{ .Values.global.jobs.migration.remoteCassandra.storage.connectionTimeout | int }}
+cache.tx-cache-size={{ .Values.global.jobs.migration.remoteCassandra.storage.cacheSize | int }}
+log.tx.key-consistent={{ .Values.global.jobs.migration.remoteCassandra.storage.keyConsistent }}
+{{- end }}
+{{- end }}
+storage.lock.wait-time=300
+# Setting db-cache to false ensure the fastest propagation of changes across servers
+cache.db-cache = false
+#load graphson file on startup
+load.snapshot.file=false
diff --git a/charts/aai-graphadmin/resources/config/realm.properties b/charts/aai-graphadmin/resources/config/realm.properties
new file mode 100644
index 0000000..97627ea
--- /dev/null
+++ b/charts/aai-graphadmin/resources/config/realm.properties
@@ -0,0 +1,42 @@
+#
+# ============LICENSE_START=======================================================
+# org.onap.aai
+# ================================================================================
+# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+# format : username: password[,rolename ...]
+# default username/password: AAI/AAI, MSO/MSO, ModelLoader/ModelLoader...
+AAI:OBF:1gfr1ev31gg7,admin
+MSO:OBF:1jzx1lz31k01,admin
+SDNC:OBF:1itr1i0l1i151isv,admin
+DCAE:OBF:1g8u1f9d1f991g8w,admin
+POLICY:OBF:1mk61i171ima1im41i0j1mko,admin
+ASDC:OBF:1f991j0u1j001f9d,admin
+VID:OBF:1jm91i0v1jl9,admin
+APPC:OBF:1f991ksf1ksf1f9d,admin
+ModelLoader:OBF:1qvu1v2h1sov1sar1wfw1j7j1wg21saj1sov1v1x1qxw,admin
+AaiUI:OBF:1gfr1p571unz1p4j1gg7,admin
+OOF:OBF:1img1ke71ily,admin
+aai@aai.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+so@so.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+sdnc@sdnc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+dcae@dcae.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+policy@policy.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+sdc@sdc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+vid@vid.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+appc@appc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+oof@oof.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+pomba@pomba.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+vfc@vfc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
diff --git a/charts/aai-graphadmin/templates/configmap.yaml b/charts/aai-graphadmin/templates/configmap.yaml
new file mode 100644
index 0000000..bd229d3
--- /dev/null
+++ b/charts/aai-graphadmin/templates/configmap.yaml
@@ -0,0 +1,63 @@
+#
+# ============LICENSE_START=======================================================
+# org.onap.aai
+# ================================================================================
+# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ {{- if .Values.global.jobs.migration.enabled }}
+ annotations:
+ "helm.sh/hook": pre-upgrade,pre-install
+ "helm.sh/hook-weight": "0"
+ "helm.sh/hook-delete-policy": before-hook-creation
+ {{- end }}
+data:
+{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/localhost-access-logback.xml").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/janusgraph-realtime.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/janusgraph-cached.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/aaiconfig.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/realm.properties").AsConfig . | indent 2 }}
+
+{{- if .Values.global.jobs.migration.enabled }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-migration-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ annotations:
+ "helm.sh/hook": pre-upgrade,pre-install
+ "helm.sh/hook-weight": "0"
+ "helm.sh/hook-delete-policy": before-hook-creation
+data:
+{{ tpl (.Files.Glob "resources/config/migration/*").AsConfig . | indent 2 }}
+{{- end }}
diff --git a/charts/aai-graphadmin/templates/deployment.yaml b/charts/aai-graphadmin/templates/deployment.yaml
new file mode 100644
index 0000000..f768603
--- /dev/null
+++ b/charts/aai-graphadmin/templates/deployment.yaml
@@ -0,0 +1,186 @@
+#
+# ============LICENSE_START=======================================================
+# org.onap.aai
+# ================================================================================
+# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ name: {{ include "common.name" . }}
+ annotations:
+ checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
+ spec:
+ hostname: aai-graphadmin
+ {{ if .Values.global.initContainers.enabled }}
+ initContainers:
+ - command:
+ {{ if .Values.global.jobs.migration.enabled }}
+ - /root/job_complete.py
+ args:
+ - --job-name
+ - {{ .Release.Name }}-aai-graphadmin-migration
+ {{ else if .Values.global.jobs.createSchema.enabled }}
+ - /root/job_complete.py
+ args:
+ - --job-name
+ - {{ .Release.Name }}-aai-graphadmin-create-db-schema
+ {{ else }}
+ - /root/ready.py
+ args:
+ - --container-name
+ {{- if .Values.global.cassandra.localCluster }}
+ - aai-cassandra
+ {{- else }}
+ - cassandra
+ {{- end }}
+ - --container-name
+ - aai-schema-service
+ {{ end }}
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-readiness
+ {{ end }}
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: LOCAL_USER_ID
+ value: {{ .Values.global.config.userId | quote }}
+ - name: LOCAL_GROUP_ID
+ value: {{ .Values.global.config.groupId | quote }}
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-realtime.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: janusgraph-realtime.properties
+ - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-cached.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: janusgraph-cached.properties
+ - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/aaiconfig.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: aaiconfig.properties
+ - mountPath: /opt/aai/logroot/AAI-RES
+ name: {{ include "common.fullname" . }}-logs
+ - mountPath: /opt/app/aai-graphadmin/resources/logback.xml
+ name: {{ include "common.fullname" . }}-config
+ subPath: logback.xml
+ - mountPath: /opt/app/aai-graphadmin/resources/localhost-access-logback.xml
+ name: {{ include "common.fullname" . }}-config
+ subPath: localhost-access-logback.xml
+ - mountPath: /opt/app/aai-graphadmin/resources/etc/auth/realm.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: realm.properties
+ - mountPath: /opt/app/aai-graphadmin/resources/application.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: application.properties
+ {{ $global := . }}
+ {{ range $job := .Values.global.config.auth.files }}
+ - mountPath: /opt/app/aai-graphadmin/resources/etc/auth/{{ . }}
+ name: {{ include "common.fullname" $global }}-auth-truststore-sec
+ subPath: {{ . }}
+ {{ end }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ - containerPort: {{ .Values.service.internalPort2 }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{ if .Values.liveness.enabled }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end }}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ resources:
+{{ include "common.resources" . }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
+
+ # side car containers
+ - name: filebeat-onap
+ image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: /usr/share/filebeat/filebeat.yml
+ subPath: filebeat.yml
+ name: filebeat-conf
+ - mountPath: /var/log/onap
+ name: {{ include "common.fullname" . }}-logs
+ - mountPath: /usr/share/filebeat/data
+ name: {{ include "common.fullname" . }}-filebeat
+
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: filebeat-conf
+ configMap:
+ name: aai-filebeat
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-filebeat
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-config
+ configMap:
+ name: {{ include "common.fullname" . }}-configmap
+ - name: {{ include "common.fullname" . }}-auth-truststore-sec
+ secret:
+ secretName: aai-common-truststore
+ items:
+ {{ range $job := .Values.global.config.auth.files }}
+ - key: {{ . }}
+ path: {{ . }}
+ {{ end }}
+ restartPolicy: {{ .Values.restartPolicy }}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/charts/aai-graphadmin/templates/job.yaml b/charts/aai-graphadmin/templates/job.yaml
new file mode 100644
index 0000000..e5b673b
--- /dev/null
+++ b/charts/aai-graphadmin/templates/job.yaml
@@ -0,0 +1,428 @@
+#
+# ============LICENSE_START=======================================================
+# org.onap.aai
+# ================================================================================
+# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+# In ONAP, the following job will always be run on each installation
+# The following job will go through the latest oxm and
+# create properties based on the data type defined in the oxm
+# and create the required indexes for the appropriate properties
+# This can be run multiple times as the code if the index or property already exists
+# then the index or property won't be created again
+# NOTE - During the execution of the createSchema job, there should
+# be no other janusgraph connection to the graph as its the reason
+# that resources traversal and graphadmin wait until this job is done
+# If you are using an existing cassandra cluster not coming from oom
+# then it is your job to ensure that there are no connections to the database
+
+{{- if and ( not .Values.global.jobs.migration.enabled ) ( .Values.global.jobs.createSchema.enabled ) }}
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}-create-db-schema
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}-job
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ backoffLimit: 20
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}-job
+ release: {{ .Release.Name }}
+ name: {{ include "common.name" . }}
+ spec:
+ initContainers:
+ - command:
+ - /root/ready.py
+ args:
+ - --container-name
+ {{- if .Values.global.cassandra.localCluster }}
+ - aai-cassandra
+ {{- else }}
+ - cassandra
+ {{- end }}
+ - --container-name
+ - aai-schema-service
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-readiness
+ containers:
+ - name: {{ include "common.name" . }}-job
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /bin/bash
+ - docker-entrypoint.sh
+ - createDBSchema.sh
+ env:
+ - name: LOCAL_USER_ID
+ value: {{ .Values.global.config.userId | quote }}
+ - name: LOCAL_GROUP_ID
+ value: {{ .Values.global.config.groupId | quote }}
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-realtime.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: janusgraph-realtime.properties
+ - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-cached.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: janusgraph-cached.properties
+ - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/aaiconfig.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: aaiconfig.properties
+ - mountPath: /opt/aai/logroot/AAI-GA
+ name: {{ include "common.fullname" . }}-logs
+ - mountPath: /opt/app/aai-graphadmin/resources/logback.xml
+ name: {{ include "common.fullname" . }}-config
+ subPath: logback.xml
+ - mountPath: /opt/app/aai-graphadmin/resources/localhost-access-logback.xml
+ name: {{ include "common.fullname" . }}-config
+ subPath: localhost-access-logback.xml
+ - mountPath: /opt/app/aai-graphadmin/resources/application.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: application.properties
+ {{ $global := . }}
+ {{ range $job := .Values.global.config.auth.files }}
+ - mountPath: /opt/app/aai-graphadmin/resources/etc/auth/{{ . }}
+ name: {{ include "common.fullname" $global }}-auth-truststore-sec
+ subPath: {{ . }}
+ {{ end }}
+ resources:
+{{ include "common.resources" . }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: filebeat-conf
+ configMap:
+ name: aai-filebeat
+ - name: {{ include "common.fullname" . }}-logs
+ hostPath:
+ path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}-create-db-schema
+ - name: {{ include "common.fullname" . }}-config
+ configMap:
+ name: {{ include "common.fullname" . }}-configmap
+ - name: {{ include "common.fullname" . }}-auth-truststore-sec
+ secret:
+ secretName: aai-common-truststore
+ items:
+ {{ range $job := .Values.global.config.auth.files }}
+ - key: {{ . }}
+ path: {{ . }}
+ {{ end }}
+ restartPolicy: Never
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
+{{ end }}
+{{- if .Values.global.jobs.migration.enabled }}
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}-migration
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}-job
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ annotations:
+ "helm.sh/hook": post-upgrade,post-rollback,post-install
+ "helm.sh/hook-weight": "1"
+ "helm.sh/hook-delete-policy": before-hook-creation
+spec:
+ backoffLimit: 20
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}-job
+ release: {{ .Release.Name }}
+ name: {{ include "common.name" . }}
+ spec:
+ initContainers:
+ - command:
+ - /root/ready.py
+ args:
+ - --container-name
+ {{- if .Values.global.cassandra.localCluster }}
+ - aai-cassandra
+ {{- else }}
+ - cassandra
+ {{- end }}
+ - --container-name
+ - aai-schema-service
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-readiness
+ - command:
+ - /bin/bash
+ - -c
+ - bash docker-entrypoint.sh dataRestoreFromSnapshot.sh `ls -t /opt/app/aai-graphadmin/logs/data/dataSnapshots|head -1|awk -F".P" '{ print $1 }'`
+ env:
+ - name: LOCAL_USER_ID
+ value: {{ .Values.global.config.userId | quote }}
+ - name: LOCAL_GROUP_ID
+ value: {{ .Values.global.config.groupId | quote }}
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-realtime.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: janusgraph-realtime.properties
+ - mountPath: /opt/app/aai-graphadmin/logs/data/dataSnapshots
+ name: {{ include "common.fullname" . }}-snapshots
+ - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-cached.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: janusgraph-cached.properties
+ - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/aaiconfig.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: aaiconfig.properties
+ - mountPath: /opt/aai/logroot/AAI-GA
+ name: {{ include "common.fullname" . }}-logs
+ - mountPath: /opt/app/aai-graphadmin/resources/logback.xml
+ name: {{ include "common.fullname" . }}-config
+ subPath: logback.xml
+ - mountPath: /opt/app/aai-graphadmin/resources/localhost-access-logback.xml
+ name: {{ include "common.fullname" . }}-config
+ subPath: localhost-access-logback.xml
+ - mountPath: /opt/app/aai-graphadmin/resources/application.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: application.properties
+ {{ $global := . }}
+ {{ range $job := .Values.global.config.auth.files }}
+ - mountPath: /opt/app/aai-graphadmin/resources/etc/auth/{{ . }}
+ name: {{ include "common.fullname" $global }}-auth-truststore-sec
+ subPath: {{ . }}
+ {{ end }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-restore-backup
+ containers:
+ - image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-perform-migration
+ command:
+ - /bin/bash
+ - -c
+ - bash docker-entrypoint.sh run_Migrations.sh -e UpdateAaiUriIndexMigration --commit --skipPreMigrationSnapShot --runDisabled RebuildAllEdges
+ env:
+ - name: LOCAL_USER_ID
+ value: {{ .Values.global.config.userId | quote }}
+ - name: LOCAL_GROUP_ID
+ value: {{ .Values.global.config.groupId | quote }}
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-realtime.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: janusgraph-realtime.properties
+ - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-cached.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: janusgraph-cached.properties
+ - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/aaiconfig.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: aaiconfig.properties
+ - mountPath: /opt/aai/logroot/AAI-GA
+ name: {{ include "common.fullname" . }}-logs
+ - mountPath: /opt/app/aai-graphadmin/resources/logback.xml
+ name: {{ include "common.fullname" . }}-config
+ subPath: logback.xml
+ - mountPath: /opt/app/aai-graphadmin/resources/localhost-access-logback.xml
+ name: {{ include "common.fullname" . }}-config
+ subPath: localhost-access-logback.xml
+ - mountPath: /opt/app/aai-graphadmin/resources/application.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: application.properties
+ {{ $global := . }}
+ {{ range $job := .Values.global.config.auth.files }}
+ - mountPath: /opt/app/aai-graphadmin/resources/etc/auth/{{ . }}
+ name: {{ include "common.fullname" $global }}-auth-truststore-sec
+ subPath: {{ . }}
+ {{ end }}
+ resources:
+{{ include "common.resources" . }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: filebeat-conf
+ configMap:
+ name: aai-filebeat
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-config
+ configMap:
+ name: {{ include "common.fullname" . }}-configmap
+ - name: {{ include "common.fullname" . }}-snapshots
+ persistentVolumeClaim:
+ claimName: {{ include "common.fullname" . }}-migration
+ - name: {{ include "common.fullname" . }}-auth-truststore-sec
+ secret:
+ secretName: aai-common-truststore
+ items:
+ {{ range $job := .Values.global.config.auth.files }}
+ - key: {{ . }}
+ path: {{ . }}
+ {{ end }}
+ restartPolicy: Never
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}-db-backup-job
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}-db-backup-job
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ annotations:
+ "helm.sh/hook": pre-upgrade,pre-install
+ "helm.sh/hook-weight": "2"
+ "helm.sh/hook-delete-policy": before-hook-creation
+spec:
+ backoffLimit: 20
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}-db-backup-job
+ release: {{ .Release.Name }}
+ name: {{ include "common.name" . }}
+ spec:
+ {{ if eq .Values.global.jobs.migration.remoteCassandra.enabled false }}
+ initContainers:
+ - command:
+ - /bin/bash
+ - -c
+ - /root/ready.py --container-name aai-cassandra --timeout 1 || /root/ready.py --container-name cassandra
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-db-backup-readiness
+ {{- end }}
+ containers:
+ - name: {{ include "common.name" . }}-db-backup-job
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /bin/bash
+ - docker-entrypoint.sh
+ - dataSnapshot.sh
+ env:
+ - name: LOCAL_USER_ID
+ value: {{ .Values.global.config.userId | quote }}
+ - name: LOCAL_GROUP_ID
+ value: {{ .Values.global.config.groupId | quote }}
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /opt/app/aai-graphadmin/logs/data/dataSnapshots
+ name: {{ include "common.fullname" . }}-snapshots
+ - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-realtime.properties
+ name: {{ include "common.fullname" . }}-migration
+ subPath: janusgraph-migration-real.properties
+ - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-cached.properties
+ name: {{ include "common.fullname" . }}-migration
+ subPath: janusgraph-migration-cached.properties
+ - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/aaiconfig.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: aaiconfig.properties
+ - mountPath: /opt/aai/logroot/AAI-RES/
+ name: {{ include "common.fullname" . }}-logs
+ - mountPath: /opt/app/aai-graphadmin/resources/logback.xml
+ name: {{ include "common.fullname" . }}-config
+ subPath: logback.xml
+ - mountPath: /opt/app/aai-graphadmin/resources/localhost-access-logback.xml
+ name: {{ include "common.fullname" . }}-config
+ subPath: localhost-access-logback.xml
+ - mountPath: /opt/app/aai-graphadmin/resources/application.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: application.properties
+ resources:
+{{ include "common.resources" . | indent 10 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-config
+ configMap:
+ name: {{ include "common.fullname" . }}-configmap
+ - name: {{ include "common.fullname" . }}-migration
+ configMap:
+ name: {{ include "common.fullname" . }}-migration-configmap
+ - name: {{ include "common.fullname" . }}-snapshots
+ persistentVolumeClaim:
+ claimName: {{ include "common.fullname" . }}-migration
+ restartPolicy: Never
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
+{{ end }}
+
diff --git a/charts/aai-graphadmin/templates/pv.yaml b/charts/aai-graphadmin/templates/pv.yaml
new file mode 100644
index 0000000..f678331
--- /dev/null
+++ b/charts/aai-graphadmin/templates/pv.yaml
@@ -0,0 +1,42 @@
+{{/*
+# Copyright â–’ 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if .Values.global.jobs.migration.enabled -}}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}
+ annotations:
+ "helm.sh/hook": pre-upgrade,pre-install
+ "helm.sh/hook-weight": "0"
+ "helm.sh/hook-delete-policy": before-hook-creation
+spec:
+ capacity:
+ storage: {{ .Values.persistence.size}}
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ hostPath:
+ path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath1 }}
+{{- end -}}
+
diff --git a/charts/aai-graphadmin/templates/pvc.yaml b/charts/aai-graphadmin/templates/pvc.yaml
new file mode 100644
index 0000000..582afe9
--- /dev/null
+++ b/charts/aai-graphadmin/templates/pvc.yaml
@@ -0,0 +1,51 @@
+{{/*
+# Copyright â–’ 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if .Values.global.jobs.migration.enabled -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}-migration
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ annotations:
+ "helm.sh/hook": pre-upgrade,pre-install
+ "helm.sh/hook-weight": "-1"
+ "helm.sh/hook-delete-policy": before-hook-creation
+{{- if .Values.persistence.annotations }}
+{{ toYaml .Values.persistence.annotations | indent 4 }}
+{{- end }}
+spec:
+ selector:
+ matchLabels:
+ name: {{ include "common.fullname" . }}
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size }}
+{{- if .Values.persistence.storageClass }}
+{{- if (eq "-" .Values.persistence.storageClass) }}
+ storageClassName: ""
+{{- else }}
+ storageClassName: "{{ .Values.persistence.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
diff --git a/charts/aai-graphadmin/templates/service.yaml b/charts/aai-graphadmin/templates/service.yaml
new file mode 100644
index 0000000..f4d9ba5
--- /dev/null
+++ b/charts/aai-graphadmin/templates/service.yaml
@@ -0,0 +1,49 @@
+#
+# ============LICENSE_START=======================================================
+# org.onap.aai
+# ================================================================================
+# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ - port: {{ .Values.service.internalPort2 }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
+ name: {{ .Values.service.portName2 }}
+ {{- else -}}
+ - port: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ - port: {{ .Values.service.internalPort2 }}
+ name: {{ .Values.service.portName2 }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ clusterIP: None
diff --git a/charts/aai-graphadmin/values.yaml b/charts/aai-graphadmin/values.yaml
new file mode 100644
index 0000000..498c3c1
--- /dev/null
+++ b/charts/aai-graphadmin/values.yaml
@@ -0,0 +1,147 @@
+#
+# ============LICENSE_START=======================================================
+# org.onap.aai
+# ================================================================================
+# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+# Default values for resources.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+global: # global defaults
+ nodePortPrefix: 302
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+
+
+# application image
+repository: nexus3.onap.org:10001
+image: onap/aai-graphadmin:1.1-STAGING-latest
+pullPolicy: Always
+restartPolicy: Always
+flavor: small
+# default number of instances
+replicaCount: 1
+
+# Configuration for the graphadmin deployment
+config:
+
+ # Specifies the timeout limit for the REST API requests
+ timeout:
+ enabled: true
+ limit: 180000
+
+ # Default maximum records to fix for the data grooming and dupeTool
+ maxFix:
+ dataGrooming: 150
+ dupeTool: 25
+
+ # Default number of sleep minutes for dataGrooming and dupeTool
+ sleepMinutes:
+ dataGrooming: 7
+ dupeTool: 7
+
+ # Cron specific attributes to be triggered for the graphadmin spring cron tasks
+ cron:
+ # Specifies that the data grooming tool which runs duplicates should be enabled
+ dataGrooming:
+ enabled: true
+ # Specifies that the data snapshot which takes a graphson snapshot should be enabled
+ dataSnapshot:
+ enabled: true
+ params: JUST_TAKE_SNAPSHOT
+
+ # Data cleanup which zips snapshots older than x days and deletes older than y days
+ dataCleanup:
+
+ dataGrooming:
+ enabled: true
+ # Zips up the dataGrooming files older than 5 days
+ ageZip: 5
+ # Deletes the dataGrooming files older than 30 days
+ ageDelete: 30
+
+ dataSnapshot:
+ enabled: true
+ # Zips up the dataSnapshot graphson files older than 5 days
+ ageZip: 5
+ # Deletes the dataSnapshot graphson files older than 30 days
+ ageDelete: 30
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 60
+ periodSeconds: 60
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: false
+
+readiness:
+ initialDelaySeconds: 60
+ periodSeconds: 10
+
+service:
+ type: ClusterIP
+ # REST API port for the graphadmin microservice
+ portName: aai-graphadmin-8449
+ internalPort: 8449
+ portName2: aai-graphadmin-5005
+ internalPort2: 5005
+
+ingress:
+ enabled: false
+
+persistence:
+ enabled: true
+ ## A manually managed Persistent Volume and Claim
+ ## Requires persistence.enabled: true
+ ## If defined, PVC must be created manually before volume will be bound
+ # existingClaim:
+ volumeReclaimPolicy: Retain
+ ## database data Persistent Volume Storage Class
+ ## If defined, storageClassName: <storageClass>
+ ## If set to "-", storageClassName: "", which disables dynamic provisioning
+ ## If undefined (the default) or set to null, no storageClassName spec is
+ ## set, choosing the default provisioner. (gp2 on AWS, standard on
+ ## GKE, AWS & OpenStack)
+ ##
+ # storageClass: "-"
+ accessMode: ReadWriteMany
+ size: 2Gi
+
+ mountPath: /dockerdata-nfs
+ mountSubPath: aai/aai-graphadmin
+ mountSubPath1: aai/migration
+
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 4Gi
+ requests:
+ cpu: 0.5
+ memory: 1536Mi
+ large:
+ limits:
+ cpu: 4
+ memory: 8Gi
+ requests:
+ cpu: 1
+ memory: 2Gi
+ unlimited: {}
diff --git a/charts/aai-modelloader/.helmignore b/charts/aai-modelloader/.helmignore
new file mode 100644
index 0000000..daebc7d
--- /dev/null
+++ b/charts/aai-modelloader/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/charts/aai-modelloader/Chart.yaml b/charts/aai-modelloader/Chart.yaml
new file mode 100644
index 0000000..908e11b
--- /dev/null
+++ b/charts/aai-modelloader/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP AAI modelloader
+name: aai-modelloader
+version: 4.0.0
diff --git a/charts/aai-modelloader/resources/config/auth/aai-os-cert.p12 b/charts/aai-modelloader/resources/config/auth/aai-os-cert.p12
new file mode 100644
index 0000000..ee57120
--- /dev/null
+++ b/charts/aai-modelloader/resources/config/auth/aai-os-cert.p12
Binary files differ
diff --git a/charts/aai-modelloader/resources/config/auth/babel-client-cert.p12 b/charts/aai-modelloader/resources/config/auth/babel-client-cert.p12
new file mode 100644
index 0000000..dbf4fca
--- /dev/null
+++ b/charts/aai-modelloader/resources/config/auth/babel-client-cert.p12
Binary files differ
diff --git a/charts/aai-modelloader/resources/config/auth/tomcat_keystore b/charts/aai-modelloader/resources/config/auth/tomcat_keystore
new file mode 100644
index 0000000..9eec841
--- /dev/null
+++ b/charts/aai-modelloader/resources/config/auth/tomcat_keystore
Binary files differ
diff --git a/charts/aai-modelloader/resources/config/log/logback.xml b/charts/aai-modelloader/resources/config/log/logback.xml
new file mode 100644
index 0000000..72b5dab
--- /dev/null
+++ b/charts/aai-modelloader/resources/config/log/logback.xml
@@ -0,0 +1,168 @@
+<!--
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+-->
+
+<configuration scan="true" scanPeriod="3 seconds" debug="false">
+ <include resource="org/springframework/boot/logging/logback/base.xml" />
+ <property name="logDir" value="/var/log/onap" />
+ <property name="componentName" value="AAI-ML"></property>
+
+ <!-- default eelf log file names -->
+ <property name="generalLogName" value="error" />
+ <property name="metricsLogName" value="metrics" />
+ <property name="auditLogName" value="audit" />
+ <property name="debugLogName" value="debug" />
+
+ <property name="errorLogPattern"
+ value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{RequestId}|%thread|ModelLoader|%mdc{PartnerName}|%logger||%.-5level|%msg%n" />
+ <property name="auditMetricPattern" value="%m%n" />
+
+ <property name="logDirectory" value="${logDir}/${componentName}" />
+
+ <!-- Example evaluator filter applied against console appender -->
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>${defaultPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <!-- ============================================================================ -->
+ <!-- EELF Appenders -->
+ <!-- ============================================================================ -->
+
+ <!-- The EELFAppender is used to record events to the general application
+ log -->
+
+ <appender name="EELF"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${generalLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip</fileNamePattern>
+ <maxHistory>60</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${errorLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender">
+ <!-- deny all events with a level below INFO, that is TRACE and DEBUG -->
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>INFO</level>
+ </filter>
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELF" />
+ </appender>
+
+ <appender name="EELFAudit"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${auditLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip</fileNamePattern>
+ <maxHistory>60</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${auditMetricPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFAudit" />
+ </appender>
+
+ <appender name="EELFMetrics"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${metricsLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip</fileNamePattern>
+ <maxHistory>60</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${auditMetricPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFMetrics" />
+ </appender>
+
+ <appender name="EELFDebug"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${debugLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip</fileNamePattern>
+ <maxHistory>60</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${errorLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFDebug" />
+ <includeCallerData>true</includeCallerData>
+ </appender>
+
+ <!-- ============================================================================ -->
+ <!-- EELF loggers -->
+ <!-- ============================================================================ -->
+ <logger name="com.att.eelf" level="info" additivity="false">
+ <appender-ref ref="asyncEELF" />
+ <appender-ref ref="asyncEELFDebug" />
+ </logger>
+ <logger name="com.att.eelf.audit" level="info" additivity="false">
+ <appender-ref ref="asyncEELFAudit" />
+ </logger>
+ <logger name="com.att.eelf.metrics" level="info" additivity="false">
+ <appender-ref ref="asyncEELFMetrics" />
+ </logger>
+
+ <!-- Spring related loggers -->
+ <logger name="org.springframework" level="WARN" />
+ <logger name="org.springframework.beans" level="WARN" />
+ <logger name="org.springframework.web" level="WARN" />
+ <logger name="com.blog.spring.jms" level="WARN" />
+
+ <logger name="com.att" level="INFO" />
+
+ <!-- Model Loader loggers -->
+ <logger name="org.openecomp.modelloader" level="INFO" />
+
+ <!-- Other Loggers that may help troubleshoot -->
+ <logger name="net.sf" level="WARN" />
+ <logger name="org.apache.commons.httpclient" level="WARN" />
+ <logger name="org.apache.commons" level="WARN" />
+ <logger name="org.apache.coyote" level="WARN" />
+ <logger name="org.apache.jasper" level="WARN" />
+
+ <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging.
+ May aid in troubleshooting) -->
+ <logger name="org.apache.camel" level="WARN" />
+ <logger name="org.apache.cxf" level="WARN" />
+ <logger name="org.apache.camel.processor.interceptor" level="WARN" />
+ <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" />
+ <logger name="org.apache.cxf.service" level="WARN" />
+ <logger name="org.restlet" level="WARN" />
+ <logger name="org.apache.camel.component.restlet" level="WARN" />
+
+ <!-- logback internals logging -->
+ <logger name="ch.qos.logback.classic" level="WARN" />
+ <logger name="ch.qos.logback.core" level="WARN" />
+
+ <root>
+ <appender-ref ref="asyncEELF" />
+ <!-- <appender-ref ref="asyncEELFDebug" /> -->
+</root>
+
+</configuration>
diff --git a/charts/aai-modelloader/resources/config/model-loader.properties b/charts/aai-modelloader/resources/config/model-loader.properties
new file mode 100644
index 0000000..246e528
--- /dev/null
+++ b/charts/aai-modelloader/resources/config/model-loader.properties
@@ -0,0 +1,46 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Model Loader Distribution Client Configuration
+ml.distribution.ACTIVE_SERVER_TLS_AUTH=false
+ml.distribution.ASDC_ADDRESS=sdc-be.{{.Release.Namespace}}:8443
+ml.distribution.CONSUMER_GROUP=aai-ml-group
+ml.distribution.CONSUMER_ID=aai-ml
+ml.distribution.ENVIRONMENT_NAME=AUTO
+ml.distribution.KEYSTORE_PASSWORD=
+ml.distribution.KEYSTORE_FILE=asdc-client.jks
+ml.distribution.PASSWORD=OBF:1ks51l8d1o3i1pcc1r2r1e211r391kls1pyj1z7u1njf1lx51go21hnj1y0k1mli1sop1k8o1j651vu91mxw1vun1mze1vv11j8x1k5i1sp11mjc1y161hlr1gm41m111nkj1z781pw31kku1r4p1e391r571pbm1o741l4x1ksp
+ml.distribution.POLLING_INTERVAL=30
+ml.distribution.POLLING_TIMEOUT=20
+ml.distribution.USER=aai
+ml.distribution.ARTIFACT_TYPES=MODEL_QUERY_SPEC,TOSCA_CSAR
+ml.distribution.MSG_BUS_ADDRESSES=message-router.{{.Release.Namespace}}
+
+# Model Loader AAI REST Client Configuration
+ml.aai.BASE_URL=https://aai.{{.Release.Namespace}}:8443
+ml.aai.MODEL_URL=/aai/v*/service-design-and-creation/models/model/
+ml.aai.NAMED_QUERY_URL=/aai/v*/service-design-and-creation/named-queries/named-query/
+ml.aai.VNF_IMAGE_URL=/aai/v*/service-design-and-creation/vnf-images
+ml.aai.KEYSTORE_FILE=aai-os-cert.p12
+ml.aai.KEYSTORE_PASSWORD=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o
+ml.aai.AUTH_USER=ModelLoader
+ml.aai.AUTH_PASSWORD=OBF:1qvu1v2h1sov1sar1wfw1j7j1wg21saj1sov1v1x1qxw
+
+# Model Loader Babel REST Client Configuration\r
+ml.babel.BASE_URL=https://aai-babel.{{.Release.Namespace}}:9516
+ml.babel.GENERATE_ARTIFACTS_URL=/services/babel-service/v1/app/generateArtifacts
+ml.babel.KEYSTORE_FILE=babel-client-cert.p12
+ml.babel.KEYSTORE_PASSWORD=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+ml.babel.TRUSTSTORE_FILE=tomcat_keystore
+ml.babel.TRUSTSTORE_PASSWORD=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
diff --git a/charts/aai-modelloader/templates/configmap.yaml b/charts/aai-modelloader/templates/configmap.yaml
new file mode 100644
index 0000000..cdb01fb
--- /dev/null
+++ b/charts/aai-modelloader/templates/configmap.yaml
@@ -0,0 +1,39 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-prop
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/model-loader.properties").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-log
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/log/logback.xml").AsConfig . | indent 2 }}
diff --git a/charts/aai-modelloader/templates/deployment.yaml b/charts/aai-modelloader/templates/deployment.yaml
new file mode 100644
index 0000000..f34693f
--- /dev/null
+++ b/charts/aai-modelloader/templates/deployment.yaml
@@ -0,0 +1,109 @@
+# Copyright © 2018 Amdocs, AT&T
+# Modifications Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ name: {{ include "common.name" . }}
+ spec:
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: CONFIG_HOME
+ value: /opt/app/model-loader/config/
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /opt/app/model-loader/config/model-loader.properties
+ subPath: model-loader.properties
+ name: {{ include "common.fullname" . }}-prop-config
+ - mountPath: /opt/app/model-loader/config/auth/
+ name: {{ include "common.fullname" . }}-auth-config
+ - mountPath: /var/log/onap
+ name: {{ include "common.fullname" . }}-logs
+ - mountPath: /opt/app/model-loader/logback.xml
+ name: {{ include "common.fullname" . }}-log-conf
+ subPath: logback.xml
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ - containerPort: {{ .Values.service.internalPort2 }}
+ resources:
+{{ include "common.resources" . }}
+
+ # side car containers
+ - name: filebeat-onap
+ image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: /usr/share/filebeat/filebeat.yml
+ subPath: filebeat.yml
+ name: filebeat-conf
+ - mountPath: /var/log/onap
+ name: {{ include "common.fullname" . }}-logs
+ - mountPath: /usr/share/filebeat/data
+ name: aai-filebeat
+ resources:
+{{ include "common.resources" . }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: {{ include "common.fullname" . }}-prop-config
+ configMap:
+ name: {{ include "common.fullname" . }}-prop
+ - name: {{ include "common.fullname" . }}-auth-config
+ secret:
+ secretName: {{ include "common.fullname" . }}
+ - name: filebeat-conf
+ configMap:
+ name: aai-filebeat
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ - name: aai-filebeat
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-log-conf
+ configMap:
+ name: {{ include "common.fullname" . }}-log
+ restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/charts/aai-modelloader/templates/secret.yaml b/charts/aai-modelloader/templates/secret.yaml
new file mode 100644
index 0000000..6084ca3
--- /dev/null
+++ b/charts/aai-modelloader/templates/secret.yaml
@@ -0,0 +1,27 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }}
diff --git a/charts/aai-modelloader/templates/service.yaml b/charts/aai-modelloader/templates/service.yaml
new file mode 100644
index 0000000..567d42d
--- /dev/null
+++ b/charts/aai-modelloader/templates/service.yaml
@@ -0,0 +1,43 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ - port: {{ .Values.service.internalPort2 }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
+ name: {{ .Values.service.portName2 }}
+ {{- else -}}
+ - port: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ - port: {{ .Values.service.internalPort2 }}
+ name: {{ .Values.service.portName2 }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
diff --git a/charts/aai-modelloader/values.yaml b/charts/aai-modelloader/values.yaml
new file mode 100644
index 0000000..563ea6b
--- /dev/null
+++ b/charts/aai-modelloader/values.yaml
@@ -0,0 +1,80 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Default values for modelloader.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+global: # global defaults
+ nodePortPrefix: 302
+
+
+# application image
+repository: nexus3.onap.org:10001
+image: onap/model-loader:1.3.1
+pullPolicy: Always
+restartPolicy: Always
+flavor: small
+# application configuration
+config: {}
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+
+service:
+ type: NodePort
+ portName: aai-modelloader
+ externalPort: 8080
+ internalPort: 8080
+ nodePort: 10
+ portName2: aai-modelloader-ssl
+ externalPort2: 8443
+ internalPort2: 8443
+ nodePort2: 29
+
+ingress:
+ enabled: false
+
+
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 4Gi
+ requests:
+ cpu: 0.5
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 8Gi
+ requests:
+ cpu: 1
+ memory: 1536Mi
+ unlimited: {}
diff --git a/charts/aai-resources/.helmignore b/charts/aai-resources/.helmignore
new file mode 100644
index 0000000..daebc7d
--- /dev/null
+++ b/charts/aai-resources/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/charts/aai-resources/Chart.yaml b/charts/aai-resources/Chart.yaml
new file mode 100644
index 0000000..12464b5
--- /dev/null
+++ b/charts/aai-resources/Chart.yaml
@@ -0,0 +1,19 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+apiVersion: v1
+description: ONAP AAI resources
+name: aai-resources
+version: 4.0.0
diff --git a/charts/aai-resources/resources/config/aaf/bath_config.csv b/charts/aai-resources/resources/config/aaf/bath_config.csv
new file mode 100644
index 0000000..60a8fb5
--- /dev/null
+++ b/charts/aai-resources/resources/config/aaf/bath_config.csv
@@ -0,0 +1,33 @@
+# AAI -> aai@aai.onap.org
+Basic QUFJOkFBSQ==,Basic YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03
+
+# ModelLoader -> aai@aai.onap.org
+Basic TW9kZWxMb2FkZXI6TW9kZWxMb2FkZXI=,Basic YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03
+
+# AaiUI -> aai@aai.onap.org,
+Basic QWFpVUk6QWFpVUk=,Basic YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03
+
+# MSO -> so@so.onap.org
+Basic TVNPOk1TTw==,Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1NiE=,2050-03-03
+
+# SDNC -> sdnc@sdnc.onap.org
+Basic U0ROQzpTRE5D,Basic c2RuY0BzZG5jLm9uYXAub3JnOmRlbW8xMjM0NTYh,2050-03-03
+
+# DCAE -> dcae@dcae.onap.org
+Basic RENBRTpEQ0FF,Basic ZGNhZUBkY2FlLm9uYXAub3JnOmRlbW8xMjM0NTYh,2050-03-03
+
+# POLICY -> policy@policy.onap.org
+Basic UE9MSUNZOlBPTElDWQ==,Basic cG9saWN5QHBvbGljeS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03
+
+# ASDC -> sdc@sdc.onap.org
+Basic QVNEQzpBU0RD,Basic c2RjQHNkYy5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03
+
+# VID -> vid@vid.onap.org
+Basic VklEOlZJRA==,Basic dmlkQHZpZC5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03
+
+# APPC -> appc@appc.onap.org
+Basic QVBQQzpBUFBD,Basic YXBwY0BhcHBjLm9uYXAub3JnOmRlbW8xMjM0NTYh,2050-03-03
+
+# OOF -> oof@oof.onap.org
+Basic T09GOk9PRg==,Basic b29mQG9vZi5vbmFwLm9yZzpkZW1vMTIzNDQ2IQ==,2050-03-03
+
diff --git a/charts/aai-resources/resources/config/aaf/cadi.properties b/charts/aai-resources/resources/config/aaf/cadi.properties
new file mode 100644
index 0000000..c8d0b04
--- /dev/null
+++ b/charts/aai-resources/resources/config/aaf/cadi.properties
@@ -0,0 +1,8 @@
+
+cadi_loglevel=INFO
+cadi_prop_files=/opt/app/aai-resources/resources/aaf/org.osaaf.location.props:/opt/app/aai-resources/resources/aaf/org.onap.aai.props
+
+# OAuth2
+aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token
+aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect
+
diff --git a/charts/aai-resources/resources/config/aaf/org.onap.aai.keyfile b/charts/aai-resources/resources/config/aaf/org.onap.aai.keyfile
new file mode 100644
index 0000000..8721938
--- /dev/null
+++ b/charts/aai-resources/resources/config/aaf/org.onap.aai.keyfile
@@ -0,0 +1,27 @@
+yf1wUdfxbhVQQq5UF8hzWB_01VVrRIkC8BaLT7NMTrmv30RsMj3lvlaX3_CnVC1emYgmiUfWnT7k
+brk0m-URJAKM8Pm6PrnOyKlx3U7NS8HVcFdKpVm_bx0CFsA3eY2NGe-D0gd35V1MohCbABZ8G2a6
+AgE7QmToHCwclXW_goK5P7lmJX1HaMVAIydMreP1m9sSR4UboRlvkH6VsMM1H1Y9ZhhXF--RkWAM
+EcIspNTQE4ef3ZvYtSzuWssGZP8Hjo4XJlXz1uCSkyczw0IR19n-lspF9S0cIMro6QqvJsyjyjRo
+UdYgxdwmQ_st4P43TZ8YEBQyE8r7VUoh_EqUx9ldilxGA0kBOQcTdtd805Kf98grXiQXeT-8UD1L
+02aLzbz8Md7f8foGS1oGLfoImdjYCzOOZs3qHmKSb6YoHY8VcBCxIEfCznYl8wLYLRsSZ0tV4SAM
+qCM_KHOM0HOZrNfSSAW5ZVZb67U9NI9SLFRV8gkmqxMspfjSLJCyHhq0D6RMECSpeAeVgoh6SWDw
+mBSXunY5ZWVzdUyEezjCcl3NqTahrlfMSV5xkfUmSNFe_WW9rIXF0vD6MHAEW62yA1OA8WoMUqp2
+VKkUzWGVGAdMvbU52D6hqmGXER44kxAHVgEwPdhQhqgk4BpjR2v9ozQ6E_xNGkSRnriNB-H6BSN0
+vZa0pNJfvmBCjwGeoyRbCJrN1grLoDHQ3_6g-IwsD3NugKp6SHxUgfiPAUMGz-J2ZdbAlU0SNQgM
+8gn6_cOaXvhqHBwh9SfT4jXyuCJru0zw3pyOjuw6fLMezvJDPvFfIgWllzc2IQ7_bufMZgCr2yAe
+O-nBzsXK8aqItzCti53sZLSM1YC6OuRaiIt2i0yTVa7koFYSFhyELqEco5cFKMs0c6SrgIxnRrBT
+x0RPXIyLdiRr76uP2wxL8KDfJ1vbCKi1xkZRchvQfm3ssgpzXVz8lnZ-HxacEhhAfGdDV56ZgRhu
+5UVQd2RdP9JVpnXRJPhVwlQeQlrIXWHp01efBPRMTZQd2lpaNqn5v5chzpi9bbM3P3-BLxnN2NID
+dv1E9Ox7MH-m3IQT9yFUi-UrDxAId4dnpgeCvyxhfnc1HJ9B71x9wmryC9PJWiKs3K-T_eC9pR4o
+eN5PUZZ7arwdMUmzqKPNAtyMqaJCWfD3GZ1KsC8OV5Ze0DRQZPeT3IHg2BUC1NGj2SdjcwaGP_zl
+uytFZWN7kQjnI4brorkO_jzjf7SEPCO7Vy2Z2vikIv7O8bSWZWDGYCcxUoYigFYcjZFirRYr3Yvl
+YZU-F_qh6ZvrVxStSpz6iYDAzPW9v4ZyLSHyWe5H2AN89uRdnvag1769KpjsmGVYbn5jabgCJFs8
+EL7rxymrXri5cKsGH8XC1E0a-kP6vvhdHJhx5eFsFmKJaWh3RCJ8_I5CSzSRsK8JvE1Z6nGFn_SI
+dpeNjf66lbm4y68loUh5Q4BDce3YaCT1gHmluBzXnv1vFzuvJ2jcVyq-nUDjdTqvM9okW8Prmt7l
+ttQ3MVZI4rd-tXJfV4lxaI6wF4LIwiMJmY2tiCHoJ5nbLfHvMG7G5K1NAbizPltQxURPiMPZeCDZ
+15SXI9vdCR-FyQikzp1hUUMMqz231-6BDDTKMOXpicQRQ0CHpEfxY4Rq3mu0QmRi-EIs6JAzfuLi
+ba7fbfHnkhl3GWkj0CVZD8uDbzJceSTHICqVt-3qECUSG3ZfsuebWAEWED_xQoXyAL7kK8fMOPwl
+m6qEk4z7boiJSrcQ2ZIdyPs2bZNvlv4wYg0F3BhFf2HeCYwR3BKXQGlDXGOAD5GuRpHHBch9JfVa
+iUbvCEF23mee633C_K4zCaaVR9UqXMefzqFxSsobMp3heo3eIcQzLhe2SL2xpI9TbsvN2N4c9UMk
+_TnQBHiYBgPxtB_j8bnVu7C__lTTpPKYLpUPxgWEIzljZzbkF37QQ1XtAc2EzcOi2FT4qsjlNgPw
+PbL6ZihWEYZrZUilTSLzzjcQDLzoaF6BL2LOOS-Uju-B7COhcSMc0JLYOob6RDBE9T6HUMuZ
diff --git a/charts/aai-resources/resources/config/aaf/org.onap.aai.p12 b/charts/aai-resources/resources/config/aaf/org.onap.aai.p12
new file mode 100644
index 0000000..5737e48
--- /dev/null
+++ b/charts/aai-resources/resources/config/aaf/org.onap.aai.p12
Binary files differ
diff --git a/charts/aai-resources/resources/config/aaf/org.onap.aai.props b/charts/aai-resources/resources/config/aaf/org.onap.aai.props
new file mode 100644
index 0000000..59593a5
--- /dev/null
+++ b/charts/aai-resources/resources/config/aaf/org.onap.aai.props
@@ -0,0 +1,14 @@
+############################################################
+# Properties Generated by AT&T Certificate Manager
+# @copyright 2016, AT&T
+############################################################
+cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
+cadi_keyfile=/opt/app/aai-resources/resources/aaf/org.onap.aai.keyfile
+cadi_keystore=/opt/app/aai-resources/resources/aaf/org.onap.aai.p12
+cadi_keystore_password=enc:nF3D1h00vVoLZkCnFtTCJAiH6maEiA3933rI3ctap9Ggjlm2SMg_dxk6ui9iiDwr
+#cadi_key_password=enc:9xs_lJ9QQRDoMcHqLbGg40-gefGrw-sLMjWL40ejbyqdC7Jt_pQfY6ajBLGcbLuL
+cadi_alias=aai@aai.onap.org
+cadi_truststore=/opt/app/aai-resources/resources/aaf/truststoreONAPall.jks
+cadi_truststore_password=enc:8BxmWFFRI9wcf2jVixnfdK2GPI4veaXofZ65fcYThHv
+cadi_loglevel=INFO
+cadi_bath_convert=/opt/app/aai-resources/resources/aaf/bath_config.csv
diff --git a/charts/aai-resources/resources/config/aaf/org.osaaf.location.props b/charts/aai-resources/resources/config/aaf/org.osaaf.location.props
new file mode 100644
index 0000000..77c3d53
--- /dev/null
+++ b/charts/aai-resources/resources/config/aaf/org.osaaf.location.props
@@ -0,0 +1,24 @@
+##
+## org.osaaf.location.props
+##
+## Localized Machine Information
+##
+# Almeda California ?
+cadi_latitude=37.78187
+cadi_longitude=-122.26147
+
+# Locate URL (which AAF Env)
+aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095
+
+
+# AAF URL
+aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0
+
+# AAF Environment Designation
+aaf_env=DEV
+
+# OAuth2 Endpoints
+aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token
+aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect
+
+
diff --git a/charts/aai-resources/resources/config/aaf/permissions.properties b/charts/aai-resources/resources/config/aaf/permissions.properties
new file mode 100644
index 0000000..4234121
--- /dev/null
+++ b/charts/aai-resources/resources/config/aaf/permissions.properties
@@ -0,0 +1,2 @@
+permission.type=org.onap.aai.resources
+permission.instance=* \ No newline at end of file
diff --git a/charts/aai-resources/resources/config/aaiconfig.properties b/charts/aai-resources/resources/config/aaiconfig.properties
new file mode 100644
index 0000000..f2e7caa
--- /dev/null
+++ b/charts/aai-resources/resources/config/aaiconfig.properties
@@ -0,0 +1,88 @@
+#
+# ============LICENSE_START=======================================================
+# org.onap.aai
+# ================================================================================
+# Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+#
+# ECOMP is a trademark and service mark of AT&T Intellectual Property.
+#
+
+####################################################################
+# REMEMBER TO THINK ABOUT ENVIRONMENTAL DIFFERENCES AND CHANGE THE
+# TEMPLATE AND *ALL* DATAFILES
+####################################################################
+
+####################################################################
+# REMEMBER TO THINK ABOUT ENVIRONMENTAL DIFFERENCES AND CHANGE THE
+# TEMPLATE AND *ALL* DATAFILES
+####################################################################
+
+aai.config.checktime=1000
+
+# this could come from siteconfig.pl?
+aai.config.nodename=AutomaticallyOverwritten
+
+aai.server.url.base=https://aai.{{ include "common.namespace" . }}:8443/aai/
+aai.server.url=https://aai.{{ include "common.namespace" . }}:8443/aai/{{ .Values.global.config.schema.version.api.default }}/
+aai.global.callback.url=https://aai.{{ include "common.namespace" . }}:8443/aai/
+
+{{ if .Values.global.config.basic.auth.enabled }}
+aai.tools.enableBasicAuth=true
+aai.tools.username={{ .Values.global.config.basic.auth.username }}
+aai.tools.password={{ .Values.global.config.basic.auth.passwd }}
+{{ end }}
+
+aai.truststore.filename={{ .Values.global.config.truststore.filename }}
+aai.truststore.passwd.x={{ .Values.global.config.truststore.passwd }}
+aai.keystore.filename={{ .Values.global.config.keystore.filename }}
+aai.keystore.passwd.x={{ .Values.global.config.keystore.passwd }}
+
+aai.notification.current.version={{ .Values.global.config.schema.version.api.default }}
+aai.notificationEvent.default.status=UNPROCESSED
+aai.notificationEvent.default.eventType={{ .Values.global.config.notification.eventType }}
+aai.notificationEvent.default.domain={{ .Values.global.config.notification.domain }}
+aai.notificationEvent.default.sourceName=aai
+aai.notificationEvent.default.sequenceNumber=0
+aai.notificationEvent.default.severity=NORMAL
+aai.notificationEvent.default.version={{ .Values.global.config.schema.version.api.default }}
+# This one lets us enable/disable resource-version checking on updates/deletes
+aai.resourceversion.enableflag=true
+aai.logging.maxStackTraceEntries=10
+aai.default.api.version={{ .Values.global.config.schema.version.api.default }}
+
+aai.logging.trace.enabled=true
+aai.logging.trace.logrequest=false
+aai.logging.trace.logresponse=false
+
+aai.transaction.logging=true
+aai.transaction.logging.get=false
+aai.transaction.logging.post=true
+
+aai.realtime.clients={{ .Values.global.config.realtime.clients }}
+
+# Timeout for crud enabled flag
+aai.crud.timeoutenabled={{ .Values.config.crud.timeout.enabled }}
+
+# Timeout app specific -1 to bypass for that app id, a whole number to override the timeout with that value (in ms)
+aai.crud.timeout.appspecific={{ .Values.config.crud.timeout.appspecific }}
+
+#default timeout limit added for crud if not overridden (in ms)
+aai.crud.timeoutlimit={{ .Values.config.crud.timeout.limit }}
+#limit set for bulk consumer APIS
+aai.bulkconsumer.payloadlimit={{ .Values.config.bulk.limit }}
+
+#uncomment and use header X-OverrideLimit with the value to override the bulk api limit
+aai.bulkconsumer.payloadoverride={{ .Values.config.bulk.override }}
diff --git a/charts/aai-resources/resources/config/application.properties b/charts/aai-resources/resources/config/application.properties
new file mode 100644
index 0000000..7237c56
--- /dev/null
+++ b/charts/aai-resources/resources/config/application.properties
@@ -0,0 +1,94 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# The following info parameters are being referenced by ajsc6
+info.build.artifact=aai-resources
+info.build.name=resources
+info.build.description=Resources Microservice
+info.build.version=1.3.0
+
+spring.application.name=aai-resources
+spring.jersey.type=filter
+
+server.contextPath=/
+spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration
+
+spring.profiles.active={{ .Values.global.config.profiles.active }}
+spring.jersey.application-path=${schema.uri.base.path}
+#The max number of active threads in this pool
+server.tomcat.max-threads=200
+#The minimum number of threads always kept alive
+server.tomcat.min-Spare-Threads=25
+#The number of milliseconds before an idle thread shutsdown, unless the number of active threads are less or equal to minSpareThreads
+server.tomcat.max-idle-time=60000
+
+# If you get an application startup failure that the port is already taken
+# If thats not it, please check if the key-store file path makes sense
+server.local.startpath=aai-resources/src/main/resources/
+server.basic.auth.location=${server.local.startpath}etc/auth/realm.properties
+
+server.port=8447
+server.ssl.enabled-protocols=TLSv1.1,TLSv1.2
+server.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }}
+server.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }})
+server.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }}
+server.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }})
+server.ssl.client-auth=want
+server.ssl.key-store-type=JKS
+
+# JMS bind address host port
+jms.bind.address=tcp://localhost:61647
+dmaap.ribbon.listOfServers=message-router.{{.Release.Namespace}}:3905
+dmaap.ribbon.transportType=https
+
+# Schema related attributes for the oxm and edges
+# Any additional schema related attributes should start with prefix schema
+schema.configuration.location=N/A
+schema.source.name={{ .Values.global.config.schema.source.name }}
+schema.nodes.location=${server.local.startpath}/schema/${schema.source.name}/oxm/
+schema.edges.location=${server.local.startpath}/schema/${schema.source.name}/dbedgerules/
+
+schema.ingest.file=${server.local.startpath}/application.properties
+
+# Schema Version Related Attributes
+
+schema.uri.base.path={{ .Values.global.config.schema.uri.base.path }}
+# Lists all of the versions in the schema
+schema.version.list={{ .Values.global.config.schema.version.list }}
+# Specifies from which version should the depth parameter to default to zero
+schema.version.depth.start={{ .Values.global.config.schema.version.depth }}
+# Specifies from which version should the related link be displayed in response payload
+schema.version.related.link.start={{ .Values.global.config.schema.version.related.link }}
+
+# Specifies from which version should the client see only the uri excluding host info
+# Before this version server base will also be included
+schema.version.app.root.start={{ .Values.global.config.schema.version.app.root }}
+# Specifies from which version should the namespace be changed
+schema.version.namespace.change.start={{ .Values.global.config.schema.version.namespace.change }}
+# Specifies from which version should the client start seeing the edge label in payload
+schema.version.edge.label.start={{ .Values.global.config.schema.version.edge.label }}
+# Specifies the version that the application should default to
+schema.version.api.default={{ .Values.global.config.schema.version.api.default }}
+
+schema.translator.list={{ .Values.global.config.schema.translator.list }}
+schema.service.base.url=https://aai-schema-service.{{ include "common.namespace" . }}:8452/aai/schema-service/v1/
+schema.service.nodes.endpoint=nodes?version=
+schema.service.edges.endpoint=edgerules?version=
+schema.service.versions.endpoint=versions
+schema.service.client={{ .Values.global.config.schema.service.client }}
+
+schema.service.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }}
+schema.service.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }}
+schema.service.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }})
+schema.service.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }})
diff --git a/charts/aai-resources/resources/config/auth/aai_policy.json b/charts/aai-resources/resources/config/auth/aai_policy.json
new file mode 100644
index 0000000..65f13ef
--- /dev/null
+++ b/charts/aai-resources/resources/config/auth/aai_policy.json
@@ -0,0 +1,298 @@
+{
+ "roles": [
+ {
+ "name": "admin",
+ "functions": [
+ {
+ "name": "actions",
+ "methods": [
+ {
+ "name": "GET"
+ },
+ {
+ "name": "DELETE"
+ },
+ {
+ "name": "PUT"
+ }
+ ]
+ },
+ {
+ "name": "servers",
+ "methods": [
+ {
+ "name": "GET"
+ },
+ {
+ "name": "DELETE"
+ },
+ {
+ "name": "PUT"
+ }
+ ]
+ },
+ {
+ "name": "cloudinfra",
+ "methods": [
+ {
+ "name": "GET"
+ },
+ {
+ "name": "DELETE"
+ },
+ {
+ "name": "PUT"
+ }
+ ]
+ },
+ {
+ "name": "cloud-infrastructure",
+ "methods": [
+ {
+ "name": "GET"
+ },
+ {
+ "name": "DELETE"
+ },
+ {
+ "name": "PUT"
+ }
+ ]
+ },
+ {
+ "name": "sdandc",
+ "methods": [
+ {
+ "name": "GET"
+ },
+ {
+ "name": "DELETE"
+ },
+ {
+ "name": "PUT"
+ }
+ ]
+ },
+ {
+ "name": "service-design-and-creation",
+ "methods": [
+ {
+ "name": "GET"
+ },
+ {
+ "name": "DELETE"
+ },
+ {
+ "name": "PUT"
+ }
+ ]
+ },
+ {
+ "name": "business",
+ "methods": [
+ {
+ "name": "GET"
+ },
+ {
+ "name": "DELETE"
+ },
+ {
+ "name": "PUT"
+ }
+ ]
+ },
+ {
+ "name": "network",
+ "methods": [
+ {
+ "name": "GET"
+ },
+ {
+ "name": "DELETE"
+ },
+ {
+ "name": "PUT"
+ }
+ ]
+ },
+ {
+ "name": "search",
+ "methods": [
+ {
+ "name": "GET"
+ },
+ {
+ "name": "POST"
+ }
+ ]
+ },
+ {
+ "name": "util",
+ "methods": [
+ {
+ "name": "GET"
+ }
+ ]
+ },
+ {
+ "name": "license-management",
+ "methods": [
+ {
+ "name": "GET"
+ },
+ {
+ "name": "DELETE"
+ },
+ {
+ "name": "PUT"
+ }
+ ]
+ },
+ {
+ "name": "examples",
+ "methods": [
+ {
+ "name": "GET"
+ }
+ ]
+ },
+ {
+ "name": "resources",
+ "methods": [
+ {
+ "name": "GET"
+ }
+ ]
+ },
+ {
+ "name": "generateurl",
+ "methods": [
+ {
+ "name": "GET"
+ }
+ ]
+ },
+ {
+ "name": "bulkadd",
+ "methods": [
+ {
+ "name": "PUT"
+ }
+ ]
+ },
+ {
+ "name": "nodes",
+ "methods": [
+ {
+ "name": "GET"
+ }
+ ]
+ },
+ {
+ "name": "query",
+ "methods": [
+ {
+ "name": "PUT"
+ }
+ ]
+ },
+ {
+ "name": "dbquery",
+ "methods": [
+ {
+ "name": "PUT"
+ }
+ ]
+ },
+ {
+ "name": "bulk",
+ "methods": [
+ {
+ "name": "POST"
+ }
+ ]
+ },
+ {
+ "name": "bulkprocess",
+ "methods": [
+ {
+ "name": "PUT"
+ }
+ ]
+ },
+ {
+ "name": "recents",
+ "methods": [
+ {
+ "name": "GET"
+ }
+ ]
+ },
+ {
+ "name": "dsl",
+ "methods": [
+ {
+ "name": "PUT"
+ }
+ ]
+ },
+ {
+ "name": "common",
+ "methods": [
+ {
+ "name": "GET"
+ },
+ {
+ "name": "DELETE"
+ },
+ {
+ "name": "PUT"
+ }
+ ]
+ }
+ ],
+ "users": [
+ {
+ "username": "CN=aai, OU=OSAAF, OU=aai@aai.onap.org, O=ONAP, C=US"
+ }
+ ]
+ },
+ {
+ "name": "basicauth",
+ "functions": [
+ {
+ "name": "util",
+ "methods": [
+ {
+ "name": "GET"
+ }
+ ]
+ }
+ ],
+ "users": [
+ {
+ "user": "aai",
+ "pass": "OBF:1u2a1t2v1vgb1s3g1s3m1vgj1t3b1u30"
+ }
+ ]
+ },
+ {
+ "name": "HAProxy",
+ "functions": [
+ {
+ "name": "util",
+ "methods": [
+ {
+ "name": "GET"
+ }
+ ]
+ }
+ ],
+ "users": [
+ {
+ "username": "CN=haproxyuser, OU=OSAAF, OU=aai@aai.onap.org, O=ONAP, C=US"
+ }
+ ]
+ }
+ ]
+}
diff --git a/charts/aai-resources/resources/config/janusgraph-cached.properties b/charts/aai-resources/resources/config/janusgraph-cached.properties
new file mode 100644
index 0000000..9dc6636
--- /dev/null
+++ b/charts/aai-resources/resources/config/janusgraph-cached.properties
@@ -0,0 +1,98 @@
+#
+# ============LICENSE_START=======================================================
+# org.onap.aai
+# ================================================================================
+# Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+#
+# ECOMP is a trademark and service mark of AT&T Intellectual Property.
+#
+
+query.fast-property=true
+query.smart-limit=false
+
+{{ if .Values.global.config.cluster.cassandra.dynamic }}
+
+storage.backend=cassandra
+storage.hostname={{.Values.global.cassandra.serviceName}}
+storage.cassandra.keyspace=aaigraph
+
+storage.cassandra.read-consistency-level=LOCAL_QUORUM
+storage.cassandra.write-consistency-level=LOCAL_QUORUM
+storage.cassandra.replication-factor={{.Values.global.cassandra.replicas}}
+storage.cassandra.replication-strategy-class=org.apache.cassandra.locator.SimpleStrategy
+
+{{ else }}
+
+{{ if .Values.global.config.storage }}
+
+storage.backend={{ .Values.global.config.storage.backend }}
+
+{{ if eq .Values.global.config.storage.backend "cassandra" }}
+
+storage.hostname={{ .Values.global.config.storage.hostname }}
+storage.cassandra.keyspace={{ .Values.global.config.storage.name }}
+
+storage.cassandra.read-consistency-level={{ .Values.global.config.storage.cassandra.readConsistency }}
+storage.cassandra.write-consistency-level={{ .Values.global.config.storage.cassandra.writeConsistency }}
+storage.cassandra.replication-factor={{ .Values.global.config.storage.cassandra.replicationFactor | int }}
+storage.cassandra.astyanax.cluster-name= {{ .Values.global.config.storage.clusterName }}
+storage.cassandra.astyanax.local-datacenter= {{ .Values.global.config.storage.localDataCenter }}
+
+storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }}
+cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
+log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
+
+{{ else if eq .Values.global.config.storage.backend "cql" }}
+
+storage.hostname={{ .Values.global.config.storage.hostname }}
+storage.cql.keyspace={{ .Values.global.config.storage.name }}
+
+storage.cql.read-consistency-level={{ .Values.global.config.storage.cql.readConsistency }}
+storage.cql.write-consistency-level={{ .Values.global.config.storage.cql.readConsistency }}
+storage.cql.replication-factor={{ .Values.global.config.storage.cql.replicationFactor | int }}
+
+storage.cql.only-use-local-consistency-for-system-operations={{ .Values.global.config.storage.cql.localConsistencyForSysOps }}
+storage.cql.cluster-name={{ .Values.global.config.storage.clusterName }}
+storage.cql.local-datacenter={{ .Values.global.config.storage.localDataCenter }}
+
+storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }}
+cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
+log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
+
+{{ else if eq .Values.global.config.storage.backend "hbase" }}
+
+storage.hostname={{ .Values.global.config.storage.hostname }}
+storage.hbase.table={{ .Values.global.config.storage.name }}
+
+storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }}
+cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
+log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
+
+{{ end }}
+
+{{ end }}
+
+{{ end }}
+
+storage.lock.wait-time=300
+#caching on
+cache.db-cache = true
+cache.db-cache-clean-wait = 20
+cache.db-cache-time = 180000
+cache.db-cache-size = 0.3
+
+#load graphson file on startup
+load.snapshot.file=false
diff --git a/charts/aai-resources/resources/config/janusgraph-realtime.properties b/charts/aai-resources/resources/config/janusgraph-realtime.properties
new file mode 100644
index 0000000..8791a0b
--- /dev/null
+++ b/charts/aai-resources/resources/config/janusgraph-realtime.properties
@@ -0,0 +1,92 @@
+#
+# ============LICENSE_START=======================================================
+# Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+#
+# ECOMP is a trademark and service mark of AT&T Intellectual Property.
+#
+
+query.fast-property=true
+query.smart-limit=false
+
+{{ if .Values.global.config.cluster.cassandra.dynamic }}
+
+storage.backend=cassandra
+storage.hostname={{.Values.global.cassandra.serviceName}}
+storage.cassandra.keyspace=aaigraph
+
+storage.cassandra.read-consistency-level=LOCAL_QUORUM
+storage.cassandra.write-consistency-level=LOCAL_QUORUM
+storage.cassandra.replication-factor={{.Values.global.cassandra.replicas}}
+storage.cassandra.replication-strategy-class=org.apache.cassandra.locator.SimpleStrategy
+
+{{ else }}
+
+{{ if .Values.global.config.storage }}
+
+storage.backend={{ .Values.global.config.storage.backend }}
+
+{{ if eq .Values.global.config.storage.backend "cassandra" }}
+
+storage.hostname={{ .Values.global.config.storage.hostname }}
+storage.cassandra.keyspace={{ .Values.global.config.storage.name }}
+
+storage.cassandra.read-consistency-level={{ .Values.global.config.storage.cassandra.readConsistency }}
+storage.cassandra.write-consistency-level={{ .Values.global.config.storage.cassandra.writeConsistency }}
+storage.cassandra.replication-factor={{ .Values.global.config.storage.cassandra.replicationFactor | int }}
+storage.cassandra.astyanax.cluster-name= {{ .Values.global.config.storage.clusterName }}
+storage.cassandra.astyanax.local-datacenter= {{ .Values.global.config.storage.localDataCenter }}
+
+storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }}
+cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
+log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
+
+{{ else if eq .Values.global.config.storage.backend "cql" }}
+
+storage.hostname={{ .Values.global.config.storage.hostname }}
+storage.cql.keyspace={{ .Values.global.config.storage.name }}
+
+storage.cql.read-consistency-level={{ .Values.global.config.storage.cql.readConsistency }}
+storage.cql.write-consistency-level={{ .Values.global.config.storage.cql.readConsistency }}
+storage.cql.replication-factor={{ .Values.global.config.storage.cql.replicationFactor | int }}
+
+storage.cql.only-use-local-consistency-for-system-operations={{ .Values.global.config.storage.cql.localConsistencyForSysOps }}
+storage.cql.cluster-name={{ .Values.global.config.storage.clusterName }}
+storage.cql.local-datacenter={{ .Values.global.config.storage.localDataCenter }}
+
+storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }}
+cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
+log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
+
+{{ else if eq .Values.global.config.storage.backend "hbase" }}
+
+storage.hostname={{ .Values.global.config.storage.hostname }}
+storage.hbase.table={{ .Values.global.config.storage.name }}
+
+storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }}
+cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
+log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
+
+{{ end }}
+
+{{ end }}
+
+{{ end }}
+
+storage.lock.wait-time=300
+# Setting db-cache to false ensure the fastest propagation of changes across servers
+cache.db-cache = false
+#load graphson file on startup
+load.snapshot.file=false
diff --git a/charts/aai-resources/resources/config/localhost-access-logback.xml b/charts/aai-resources/resources/config/localhost-access-logback.xml
new file mode 100644
index 0000000..4cf6c74
--- /dev/null
+++ b/charts/aai-resources/resources/config/localhost-access-logback.xml
@@ -0,0 +1,63 @@
+<!--
+
+ ============LICENSE_START=======================================================
+ org.onap.aai
+ ================================================================================
+ Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ Modifications Copyright © 2018 Amdocs, Bell Canada
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END=========================================================
+
+ ECOMP is a trademark and service mark of AT&T Intellectual Property.
+
+-->
+<configuration>
+ <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
+ <appender name="ACCESS"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
+ <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D</Pattern>
+ </encoder>
+ </appender>
+ <appender-ref ref="ACCESS" />
+</configuration>
+
+<!--
+%a - Remote IP address
+%A - Local IP address
+%b - Bytes sent, excluding HTTP headers, or '-' if no bytes were sent
+%B - Bytes sent, excluding HTTP headers
+%h - Remote host name
+%H - Request protocol
+%l - Remote logical username from identd (always returns '-')
+%m - Request method
+%p - Local port
+%q - Query string (prepended with a '?' if it exists, otherwise an empty string
+%r - First line of the request
+%s - HTTP status code of the response
+%S - User session ID
+%t - Date and time, in Common Log Format format
+%u - Remote user that was authenticated
+%U - Requested URL path
+%v - Local server name
+%I - current request thread name (can compare later with stacktraces)
+
+%z - Custom pattern that parses the cert for the subject
+%y - Custom pattern determines rest or dme2
+ -->
diff --git a/charts/aai-resources/resources/config/logback.xml b/charts/aai-resources/resources/config/logback.xml
new file mode 100644
index 0000000..0afc6f9
--- /dev/null
+++ b/charts/aai-resources/resources/config/logback.xml
@@ -0,0 +1,267 @@
+<!--
+ ============LICENSE_START=======================================================
+ org.onap.aai
+ ================================================================================
+ Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ Modifications Copyright © 2018 Amdocs, Bell Canada
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END=========================================================
+ ECOMP is a trademark and service mark of AT&T Intellectual Property.
+-->
+<configuration scan="true" scanPeriod="60 seconds" debug="false">
+ <statusListener class="ch.qos.logback.core.status.NopStatusListener" />
+ <property resource="application.properties" />
+ <property name="namespace" value="aai-resources"/>
+ <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
+ <jmxConfigurator />
+ <property name="logDirectory" value="${AJSC_HOME}/logs" />
+ <property name="eelfLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <property name="eelfAuditLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <property name="eelfMetricLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{targetVirtualEntity}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <!-- <property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/> -->
+ <property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%ecompResponseCode|%ecompResponseDescription|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <property name="eelfTransLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{partnerName}:%m%n"/>
+ <conversionRule conversionWord="clr" converterClass="org.springframework.boot.logging.logback.ColorConverter" />
+ <conversionRule conversionWord="wex" converterClass="org.springframework.boot.logging.logback.WhitespaceThrowableProxyConverter" />
+ <conversionRule conversionWord="wEx" converterClass="org.springframework.boot.logging.logback.ExtendedWhitespaceThrowableProxyConverter" />
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>
+ %clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx}
+ </pattern>
+ </encoder>
+ </appender>
+ <appender name="SANE" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/rest/sane.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/sane.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder>
+ <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n
+ </pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncSANE" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="SANE" />
+ </appender>
+ <appender name="METRIC"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <file>${logDirectory}/rest/metrics.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfMetricLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncMETRIC" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="METRIC" />
+ </appender>
+ <appender name="DEBUG"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <file>${logDirectory}/rest/debug.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/debug.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncDEBUG" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="DEBUG" />
+ </appender>
+ <appender name="ERROR"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <file>${logDirectory}/rest/error.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/error.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfErrorLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncERROR" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="ERROR" />
+ </appender>
+ <appender name="AUDIT"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/rest/audit.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/audit.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfAuditLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncAUDIT" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="AUDIT" />
+ </appender>
+ <appender name="translog"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <file>${logDirectory}/rest/translog.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/translog.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfTransLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asynctranslog" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="translog" />
+ </appender>
+ <appender name="dmaapAAIEventConsumer"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <File>${logDirectory}/dmaapAAIEventConsumer/error.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="dmaapAAIEventConsumerDebug"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dmaapAAIEventConsumer/debug.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="dmaapAAIEventConsumerMetric"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dmaapAAIEventConsumer/metrics.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfMetricLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="external"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <file>${logDirectory}/external/external.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/external/external.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <logger name="org.onap.aai" level="DEBUG" additivity="false">
+ <appender-ref ref="asyncDEBUG" />
+ <appender-ref ref="asyncERROR" />
+ <appender-ref ref="asyncMETRIC" />
+ <appender-ref ref="asyncSANE" />
+ <appender-ref ref="STDOUT" />
+ </logger>
+ <!-- Spring related loggers -->
+ <logger name="org.springframework" level="WARN" />
+ <logger name="org.springframework.beans" level="WARN" />
+ <logger name="org.springframework.web" level="WARN" />
+ <logger name="com.blog.spring.jms" level="WARN" />
+ <logger name="com.jayway.jsonpath" level="WARN" />
+
+ <logger name="ch.qos.logback.classic" level="WARN" />
+ <logger name="ch.qos.logback.core" level="WARN" />
+ <logger name="org.eclipse.jetty" level="WARN" />
+
+ <logger name="org.onap.aai.interceptors.post" level="DEBUG"
+ additivity="false">
+ <appender-ref ref="asynctranslog" />
+ </logger>
+ <logger name="org.onap.aai.interceptors.pre.SetLoggingContext" level="DEBUG">
+ <appender-ref ref="asyncAUDIT"/>
+ </logger>
+ <logger name="org.onap.aai.interceptors.post.ResetLoggingContext" level="DEBUG">
+ <appender-ref ref="asyncAUDIT"/>
+ </logger>
+ <logger name="org.onap.aai.dmaap" level="DEBUG" additivity="false">
+ <appender-ref ref="dmaapAAIEventConsumer" />
+ <appender-ref ref="dmaapAAIEventConsumerDebug" />
+ <appender-ref ref="dmaapAAIEventConsumerMetric" />
+ </logger>
+ <logger name="org.apache" level="OFF" />
+ <logger name="org.zookeeper" level="OFF" />
+ <logger name="com.thinkaurelius" level="WARN" />
+ <logger name="com.att.aft.dme2" level="WARN" />
+ <!-- ============================================================================ -->
+ <!-- General EELF logger -->
+ <!-- ============================================================================ -->
+ <logger name="com.att.eelf" level="WARN" additivity="false">
+ <appender-ref ref="asyncDEBUG" />
+ <appender-ref ref="asyncERROR" />
+ <appender-ref ref="asyncMETRIC" />
+ </logger>
+ <root level="DEBUG">
+ <appender-ref ref="external" />
+ {{ if .Values.global.config.logback.console.enabled }}
+ <appender-ref ref="STDOUT" />
+ {{ end }}
+ </root>
+</configuration>
diff --git a/charts/aai-resources/resources/config/realm.properties b/charts/aai-resources/resources/config/realm.properties
new file mode 100644
index 0000000..0499b34
--- /dev/null
+++ b/charts/aai-resources/resources/config/realm.properties
@@ -0,0 +1,37 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# format : username: password[,rolename ...]
+# default username/password: AAI/AAI, MSO/MSO, ModelLoader/ModelLoader...
+AAI:OBF:1gfr1ev31gg7,admin
+MSO:OBF:1jzx1lz31k01,admin
+SDNC:OBF:1itr1i0l1i151isv,admin
+DCAE:OBF:1g8u1f9d1f991g8w,admin
+POLICY:OBF:1mk61i171ima1im41i0j1mko,admin
+ASDC:OBF:1f991j0u1j001f9d,admin
+VID:OBF:1jm91i0v1jl9,admin
+APPC:OBF:1f991ksf1ksf1f9d,admin
+ModelLoader:OBF:1qvu1v2h1sov1sar1wfw1j7j1wg21saj1sov1v1x1qxw,admin
+AaiUI:OBF:1gfr1p571unz1p4j1gg7,admin
+OOF:OBF:1img1ke71ily,admin
+aai@aai.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+so@so.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+sdnc@sdnc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+dcae@dcae.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+policy@policy.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+sdc@sdc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+vid@vid.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+appc@appc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+oof@oof.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+pomba@pomba.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+vfc@vfc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
diff --git a/charts/aai-resources/resources/fproxy/config/auth/client-cert.p12 b/charts/aai-resources/resources/fproxy/config/auth/client-cert.p12
new file mode 100644
index 0000000..d9fe86e
--- /dev/null
+++ b/charts/aai-resources/resources/fproxy/config/auth/client-cert.p12
Binary files differ
diff --git a/charts/aai-resources/resources/fproxy/config/auth/fproxy_truststore b/charts/aai-resources/resources/fproxy/config/auth/fproxy_truststore
new file mode 100644
index 0000000..f6ebc75
--- /dev/null
+++ b/charts/aai-resources/resources/fproxy/config/auth/fproxy_truststore
Binary files differ
diff --git a/charts/aai-resources/resources/fproxy/config/auth/tomcat_keystore b/charts/aai-resources/resources/fproxy/config/auth/tomcat_keystore
new file mode 100644
index 0000000..9eec841
--- /dev/null
+++ b/charts/aai-resources/resources/fproxy/config/auth/tomcat_keystore
Binary files differ
diff --git a/charts/aai-resources/resources/fproxy/config/fproxy.properties b/charts/aai-resources/resources/fproxy/config/fproxy.properties
new file mode 100644
index 0000000..f512fb7
--- /dev/null
+++ b/charts/aai-resources/resources/fproxy/config/fproxy.properties
@@ -0,0 +1,2 @@
+credential.cache.timeout.ms=180000
+transactionid.header.name=X-TransactionId \ No newline at end of file
diff --git a/charts/aai-resources/resources/fproxy/config/logback-spring.xml b/charts/aai-resources/resources/fproxy/config/logback-spring.xml
new file mode 100644
index 0000000..9a08348
--- /dev/null
+++ b/charts/aai-resources/resources/fproxy/config/logback-spring.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+
+ <property name="LOGS" value="./logs/AAF-FPS" />
+ <property name="FILEPREFIX" value="application" />
+
+ <appender name="Console"
+ class="ch.qos.logback.core.ConsoleAppender">
+ <layout class="ch.qos.logback.classic.PatternLayout">
+ <Pattern>
+ %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable
+ </Pattern>
+ </layout>
+ </appender>
+
+ <appender name="RollingFile"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${LOGS}/${FILEPREFIX}.log</file>
+ <encoder
+ class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+ <Pattern>%d %p %C{1.} [%t] %m%n</Pattern>
+ </encoder>
+
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- rollover daily and when the file reaches 10 MegaBytes -->
+ <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log
+ </fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>10MB</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ </rollingPolicy>
+ </appender>
+
+ <!-- LOG everything at INFO level -->
+ <root level="info">
+ <appender-ref ref="RollingFile" />
+ <appender-ref ref="Console" />
+ </root>
+
+ <!-- LOG "com.baeldung*" at TRACE level -->
+ <logger name="org.onap.aaf.fproxy" level="info" />
+
+</configuration> \ No newline at end of file
diff --git a/charts/aai-resources/resources/fproxy/config/readme.txt b/charts/aai-resources/resources/fproxy/config/readme.txt
new file mode 100644
index 0000000..79cf29e
--- /dev/null
+++ b/charts/aai-resources/resources/fproxy/config/readme.txt
@@ -0,0 +1 @@
+Relevant configuration files need to be copied here to successfully run this service locally. \ No newline at end of file
diff --git a/charts/aai-resources/resources/rproxy/config/auth/client-cert.p12 b/charts/aai-resources/resources/rproxy/config/auth/client-cert.p12
new file mode 100644
index 0000000..071d407
--- /dev/null
+++ b/charts/aai-resources/resources/rproxy/config/auth/client-cert.p12
Binary files differ
diff --git a/charts/aai-resources/resources/rproxy/config/auth/org.onap.aai.p12 b/charts/aai-resources/resources/rproxy/config/auth/org.onap.aai.p12
new file mode 100644
index 0000000..023e2ea
--- /dev/null
+++ b/charts/aai-resources/resources/rproxy/config/auth/org.onap.aai.p12
Binary files differ
diff --git a/charts/aai-resources/resources/rproxy/config/auth/tomcat_keystore b/charts/aai-resources/resources/rproxy/config/auth/tomcat_keystore
new file mode 100644
index 0000000..6ad5f51
--- /dev/null
+++ b/charts/aai-resources/resources/rproxy/config/auth/tomcat_keystore
Binary files differ
diff --git a/charts/aai-resources/resources/rproxy/config/auth/uri-authorization.json b/charts/aai-resources/resources/rproxy/config/auth/uri-authorization.json
new file mode 100644
index 0000000..e23c03d
--- /dev/null
+++ b/charts/aai-resources/resources/rproxy/config/auth/uri-authorization.json
@@ -0,0 +1,99 @@
+[
+ {
+ "uri": "\/not\/allowed\/at\/all$",
+ "permissions": [
+ "test.auth.access.ifYouLikedItYouShouldHavePutAPermissionOnIt"
+ ]
+ },
+ {
+ "uri": "\/one\/auth\/required$",
+ "permissions": [
+ "test.auth.access.aSimpleSingleAuth"
+ ]
+ },
+ {
+ "uri": "\/multi\/auth\/required$",
+ "permissions": [
+ "test.auth.access.aMultipleAuth1",
+ "test.auth.access.aMultipleAuth2",
+ "test.auth.access.aMultipleAuth3"
+ ]
+ },
+ {
+ "uri": "\/one\/[^\/]+\/required$",
+ "permissions": [
+ "test.auth.access.aSimpleSingleAuth"
+ ]
+ },
+ {
+ "uri": "\/services\/getAAFRequest$",
+ "permissions": [
+ "test.auth.access|services|GET,PUT"
+ ]
+ },
+ {
+ "uri": "\/admin\/getAAFRequest$",
+ "permissions": [
+ "test.auth.access|admin|GET,PUT,POST"
+ ]
+ },
+ {
+ "uri": "\/service\/aai\/webapp\/index.html$",
+ "permissions": [
+ "test.auth.access|services|GET,PUT"
+ ]
+ },
+ {
+ "uri": "\/services\/aai\/webapp\/index.html$",
+ "permissions": [
+ "test.auth.access|services|GET,PUT"
+ ]
+ },
+ {
+ "uri": "\/$",
+ "permissions": [
+ "\\|services\\|GET",
+ "test\\.auth\\.access\\|services\\|GET,PUT"
+ ]
+ },
+ {
+ "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions$",
+ "permissions": [
+ "test\\.auth\\.access\\|rest\\|read"
+ ]
+ },
+ {
+ "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+$*",
+ "permissions": [
+ "test.auth.access|clouds|read",
+ "test.auth.access|tenants|read"
+ ]
+ },
+ {
+ "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+\/tenants/tenant/[^\/]+/vservers/vserver/[^\/]+$",
+ "permissions": [
+ "test.auth.access|clouds|read",
+ "test.auth.access|tenants|read",
+ "test.auth.access|vservers|read"
+ ]
+ },
+ {
+ "uri": "\/backend$",
+ "permissions": [
+ "test\\.auth\\.access\\|services\\|GET,PUT",
+ "\\|services\\|GET"
+ ]
+ },
+ {
+ "uri": "\/aai\/.*",
+ "permissions": [
+ "org\\.onap\\.aai\\.resources\\|\\*\\|.*"
+ ]
+ },
+ {
+ "uri": "\/aai\/util\/echo",
+ "permissions": [
+ "org\\.onap\\.aai\\.resources\\|\\*\\|.*"
+ ]
+ }
+]
diff --git a/charts/aai-resources/resources/rproxy/config/cadi.properties b/charts/aai-resources/resources/rproxy/config/cadi.properties
new file mode 100644
index 0000000..c2b628d
--- /dev/null
+++ b/charts/aai-resources/resources/rproxy/config/cadi.properties
@@ -0,0 +1,39 @@
+# This is a normal Java Properties File
+# Comments are with Pound Signs at beginning of lines,
+# and multi-line expression of properties can be obtained by backslash at end of line
+
+#hostname is used for local testing where you may have to set your hostname to **.att.com or **.sbc.com. The example given below
+#will allow for an ATT cross domain cookie to be used for GLO. If you are running on Windows corp machine, your machine name
+#may be used automatically by cadi. However, if it is not, you will need to use hostname=mywebserver.att.com and add mywebserver.att.com
+#to your hosts file on your machine.
+#hostname=test.aic.cip.att.com
+
+cadi_loglevel=DEBUG
+
+# OAuth2
+aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token
+aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect
+
+cadi_latitude=37.78187
+cadi_longitude=-122.26147
+
+# Locate URL (which AAF Env)
+aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095
+
+# AAF URL
+aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0
+
+cadi_keyfile=/opt/app/rproxy/config/security/keyfile
+cadi_keystore=/opt/app/rproxy/config/auth/org.onap.aai.p12
+cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV
+cadi_alias=aai@aai.onap.org
+cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore
+cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+
+aaf_env=DEV
+
+aaf_id=demo@people.osaaf.org
+aaf_password=enc:92w4px0y_rrm265LXLpw58QnNPgDXykyA1YTrflbAKz
+
+# This is a colon separated list of client cert issuers
+cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA
diff --git a/charts/aai-resources/resources/rproxy/config/forward-proxy.properties b/charts/aai-resources/resources/rproxy/config/forward-proxy.properties
new file mode 100644
index 0000000..1b58d42
--- /dev/null
+++ b/charts/aai-resources/resources/rproxy/config/forward-proxy.properties
@@ -0,0 +1,4 @@
+forward-proxy.protocol = https
+forward-proxy.host = localhost
+forward-proxy.port = 10680
+forward-proxy.cacheurl = /credential-cache \ No newline at end of file
diff --git a/charts/aai-resources/resources/rproxy/config/logback-spring.xml b/charts/aai-resources/resources/rproxy/config/logback-spring.xml
new file mode 100644
index 0000000..799fd86
--- /dev/null
+++ b/charts/aai-resources/resources/rproxy/config/logback-spring.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+
+ <property name="LOGS" value="./logs/reverse-proxy" />
+ <property name="FILEPREFIX" value="application" />
+
+ <appender name="Console"
+ class="ch.qos.logback.core.ConsoleAppender">
+ <layout class="ch.qos.logback.classic.PatternLayout">
+ <Pattern>
+ %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable
+ </Pattern>
+ </layout>
+ </appender>
+
+ <appender name="RollingFile"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${LOGS}/${FILEPREFIX}.log</file>
+ <encoder
+ class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+ <Pattern>%d %p %C{1.} [%t] %m%n</Pattern>
+ </encoder>
+
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- rollover daily and when the file reaches 10 MegaBytes -->
+ <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log
+ </fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>10MB</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ </rollingPolicy>
+ </appender>
+
+ <!-- LOG everything at INFO level -->
+ <root level="info">
+ <appender-ref ref="RollingFile" />
+ <appender-ref ref="Console" />
+ </root>
+
+ <!-- LOG "com.baeldung*" at TRACE level -->
+ <logger name="org.onap.aaf.rproxy" level="info" />
+
+</configuration>
diff --git a/charts/aai-resources/resources/rproxy/config/primary-service.properties b/charts/aai-resources/resources/rproxy/config/primary-service.properties
new file mode 100644
index 0000000..2c89d28
--- /dev/null
+++ b/charts/aai-resources/resources/rproxy/config/primary-service.properties
@@ -0,0 +1,3 @@
+primary-service.protocol = https
+primary-service.host = localhost
+primary-service.port = 8447
diff --git a/charts/aai-resources/resources/rproxy/config/readme.txt b/charts/aai-resources/resources/rproxy/config/readme.txt
new file mode 100644
index 0000000..79cf29e
--- /dev/null
+++ b/charts/aai-resources/resources/rproxy/config/readme.txt
@@ -0,0 +1 @@
+Relevant configuration files need to be copied here to successfully run this service locally. \ No newline at end of file
diff --git a/charts/aai-resources/resources/rproxy/config/reverse-proxy.properties b/charts/aai-resources/resources/rproxy/config/reverse-proxy.properties
new file mode 100644
index 0000000..8d46e1f
--- /dev/null
+++ b/charts/aai-resources/resources/rproxy/config/reverse-proxy.properties
@@ -0,0 +1 @@
+transactionid.header.name=X-TransactionId \ No newline at end of file
diff --git a/charts/aai-resources/resources/rproxy/config/security/keyfile b/charts/aai-resources/resources/rproxy/config/security/keyfile
new file mode 100644
index 0000000..3416d4a
--- /dev/null
+++ b/charts/aai-resources/resources/rproxy/config/security/keyfile
@@ -0,0 +1,27 @@
+2otP92kNFHdexroZxvgYY7ffslFiwCD3CiVYMIfUF2edqZK7972NwkvE_mbaBo6jh8lByLIqrWAf
+jyzoiVsvQ_kCa0cS1xaRLpcxv3bx1b7o3hGPBqpd6vmSG4y2JLzNlCBZWuTJz827wr8p_fWrYuUm
+4L1WoaEe8W5PRnXjl4hDqbJBAlEoRIBXugUDt_7O5wgx2Rl3HVoOczZtf0RzONZ1F0BmKf3QlAUe
+moSbARitYRgIPt5sLbT7qPyoEpGDhQ1XBowR744-wsjBc-14yO62Ajp5xWKTp15uWn3_HHuw1SAf
+GWSBRGlSlEVkXQqi9Hw5jDttKVzHX1ckwR0SQOirbtHPHplxPX3WKjKhSdSeMzw6LOAHIQYRMKBT
+74oGnULAfPtV7TaGwOKriT3P49CoPdt9On89-LGyCZSxDWKH0K-rgB6I2_hPT2Uzr3jmXiMa-sfh
+iMvyQ7ABBVx0OFsUuNb5mcU2O6dWiQreL5RerrloV_X3ZtnNjxENXKjQ5KBR1A5ISPjFFK-kf4Rb
+p6FSII8LcsiqgdWuZ4GX_C6x8HX4A-vD0x3Uc9CfoXY-k23cNIy-R-W-oB-P2OgdWDNgZ7VaOLNt
+3L-NwWpNblfYvs93cNmkbVAwCZ3r0OP7RFeuON84TRaynK_Fh2S3rypRyJcUmM1pvpZqJ5_-umSW
+hUs1OqkdLv3xjlVzzK-3nMr0q3Zcyp4XdyLYtcX5I3Xqk9ZcsyAT7ghmHhV8KjUjue7OcfAWg0m7
+RJLGq6VC8HeK4HEMa4lF677Qh7DRufghIDEmQSIDfGA790WGSA8HqcOvAL4hURCHyCWiPa5i8ksX
+xX4HyqF8PCVCLJ_ZhzcuIlc0jStAexWbJU_vcyX7XgUaHCkF-M-zv1FP6Z3DHBMD2QqSWjmyNCCk
+8sIuwzs62P_j2o9jG33kssedCrUWOwZancU107-5H0Zw-UWvtCqUfmRZ7TsEbWY7lk_SKfLfAN5q
+ncOQgU_VxDXUFDST4LN_WVECRafK3UtwWomxWSji25Lbf6NVni3ok-yLMDZR-wrE-54jLPES9j0i
+5N0xrk9CfsvGUpUZ1_XQcgaxI6m27DtCCJXb5ywenPBiUIJCMCTq88CqNZxGpju2i4BJcUH2hUHe
+GKhO8pgslwhtEVot9EDwdzSrJkWFCfb6ud4zMxrqdi7-mLWMOydg6lhpEFEX5wu2BLIujGsZlEGE
+_K9jGfBypjXuJCKDZIuPfEnf_7idjKis_JcFB7x4Hx2HHDcBjlWWFZN_VIEnPkQSyZEC26RTFP3k
+zkY3GwUfA36a4XW2pu3gE9wz-W6fkONfzOZ6YiyCm_dRFUVuGSdJG02Hh5iXYlMOGJltPzWH2jVf
+S-QTOmXQTKSOheXoJO6O-9uQbsRf-kq-6w1pvIOp4ms35w4_0Xj0Xr2a9y-L9PdBZvrUsa-jxsZU
+LyA-YY4Ej6QwDBDTD2MGjF1E5_ekYgjoNlltM9rJjofruM4ym0n7LPHC7YXXQSEFOZYeTKi6wUDw
+hQ1DoWHgu4PQ2lexada8sxQdConbPe2iW16h-PrO5D12E4XbT00fqaMlBmjQwzdNRdCC2NRPIQ5W
+nwaO8dZ9yjxsjT7ZVHb9-DRblb3XDocponzxVXqUGtJAie4WXQnerX0ApTWGaHEr5y56JJVS_3LP
+bKrbXBXcs4jTUX4ECXRrOs8JQDQNysXhvTPCu0XUxNZpjx6KLxDs93k2OcESHjl5J6n6OKKJqqoN
+JEyFO5LGXpnmUJbn0-CaHHPRI1mHwEu4brY8wDZd9A0PD1KGXDoCHMfEk1lGblQdyOcVrXZ6uSBk
+Z6zHDnwSCHO1mPYqtelJQehZoFuPSv9PIgKLxs_qJOtZFnXII5YO1mGXgiIBWBjUFDR5HG4ENS6y
+J4MCF-JLMp-PVMAkOaCIQRRDpRnMm_fT1sc_P562Diu_pcdt-r55pMFQYGoGfjRmxQBKk0-SsdnP
+mlZIiis9DfQEN0q3QQdNRYBJD7tmhUwhAPZdLgXqJA8sZf8UyFQhhpsky79NT343YL9smUlF \ No newline at end of file
diff --git a/charts/aai-resources/templates/configmap.yaml b/charts/aai-resources/templates/configmap.yaml
new file mode 100644
index 0000000..a4c2e31
--- /dev/null
+++ b/charts/aai-resources/templates/configmap.yaml
@@ -0,0 +1,158 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/localhost-access-logback.xml").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/janusgraph-realtime.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/janusgraph-cached.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/aaiconfig.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/realm.properties").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-aaf-props
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/aaf/org.osaaf.location.props").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/aaf/permissions.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.props").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/aaf/cadi.properties").AsConfig . | indent 2 }}
+
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-aaf-keys
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.keyfile").AsSecrets . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.p12").AsSecrets . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/aaf/bath_config.csv").AsSecrets . | indent 2 }}
+
+{{ if .Values.global.installSidecarSecurity }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-aai-policy-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/auth/aai_policy.json").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-fproxy-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/fproxy/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-fproxy-log-config
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/fproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-fproxy-auth-config
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/fproxy/config/auth/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-log-config
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/auth/uri-authorization.json").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-auth-config
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-security-config
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/security/*").AsSecrets . | indent 2 }}
+{{ end }}
diff --git a/charts/aai-resources/templates/deployment.yaml b/charts/aai-resources/templates/deployment.yaml
new file mode 100644
index 0000000..d530c3d
--- /dev/null
+++ b/charts/aai-resources/templates/deployment.yaml
@@ -0,0 +1,1102 @@
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ name: {{ include "common.name" . }}
+ annotations:
+ checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
+ msb.onap.org/service-info: '[
+ {
+ "serviceName": "_aai-cloudInfrastructure",
+ "version": "v11",
+ "url": "/aai/v11/cloud-infrastructure",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v11/cloud-infrastructure"
+ },
+ {
+ "serviceName": "_aai-cloudInfrastructure",
+ "version": "v12",
+ "url": "/aai/v12/cloud-infrastructure",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v12/cloud-infrastructure"
+ },
+ {
+ "serviceName": "_aai-cloudInfrastructure",
+ "version": "v13",
+ "url": "/aai/v13/cloud-infrastructure",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v13/cloud-infrastructure"
+ },
+ {
+ "serviceName": "_aai-cloudInfrastructure",
+ "version": "v14",
+ "url": "/aai/v14/cloud-infrastructure",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v14/cloud-infrastructure"
+ },
+ {
+ "serviceName": "_aai-cloudInfrastructure",
+ "version": "v15",
+ "url": "/aai/v15/cloud-infrastructure",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v15/cloud-infrastructure"
+ },
+ {
+ "serviceName": "_aai-cloudInfrastructure",
+ "version": "v16",
+ "url": "/aai/v16/cloud-infrastructure",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v16/cloud-infrastructure"
+ },
+ {
+ "serviceName": "_aai-business",
+ "version": "v11",
+ "url": "/aai/v11/business",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v11/business"
+ },
+ {
+ "serviceName": "_aai-business",
+ "version": "v12",
+ "url": "/aai/v12/business",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v12/business"
+ },
+ {
+ "serviceName": "_aai-business",
+ "version": "v13",
+ "url": "/aai/v13/business",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v13/business"
+ },
+ {
+ "serviceName": "_aai-business",
+ "version": "v14",
+ "url": "/aai/v14/business",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v14/business"
+ },
+ {
+ "serviceName": "_aai-business",
+ "version": "v15",
+ "url": "/aai/v15/business",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v15/business"
+ },
+ {
+ "serviceName": "_aai-business",
+ "version": "v16",
+ "url": "/aai/v16/business",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v16/business"
+ },
+ {
+ "serviceName": "_aai-actions",
+ "version": "v11",
+ "url": "/aai/v11/actions",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v11/actions"
+ },
+ {
+ "serviceName": "_aai-actions",
+ "version": "v12",
+ "url": "/aai/v12/actions",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v12/actions"
+ },
+ {
+ "serviceName": "_aai-actions",
+ "version": "v13",
+ "url": "/aai/v13/actions",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v13/actions"
+ },
+ {
+ "serviceName": "_aai-actions",
+ "version": "v14",
+ "url": "/aai/v14/actions",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v14/actions"
+ },
+ {
+ "serviceName": "_aai-actions",
+ "version": "v15",
+ "url": "/aai/v15/actions",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v15/actions"
+ },
+ {
+ "serviceName": "_aai-actions",
+ "version": "v16",
+ "url": "/aai/v16/actions",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v16/actions"
+ },
+ {
+ "serviceName": "_aai-service-design-and-creation",
+ "version": "v11",
+ "url": "/aai/v11/service-design-and-creation",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v11/service-design-and-creation"
+ },
+ {
+ "serviceName": "_aai-service-design-and-creation",
+ "version": "v12",
+ "url": "/aai/v12/service-design-and-creation",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v12/service-design-and-creation"
+ },
+ {
+ "serviceName": "_aai-service-design-and-creation",
+ "version": "v13",
+ "url": "/aai/v13/service-design-and-creation",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v13/service-design-and-creation"
+ },
+ {
+ "serviceName": "_aai-service-design-and-creation",
+ "version": "v14",
+ "url": "/aai/v14/service-design-and-creation",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v14/service-design-and-creation"
+ },
+ {
+ "serviceName": "_aai-service-design-and-creation",
+ "version": "v15",
+ "url": "/aai/v15/service-design-and-creation",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v15/service-design-and-creation"
+ },
+ {
+ "serviceName": "_aai-service-design-and-creation",
+ "version": "v16",
+ "url": "/aai/v16/service-design-and-creation",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v16/service-design-and-creation"
+ },
+ {
+ "serviceName": "_aai-network",
+ "version": "v11",
+ "url": "/aai/v11/network",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v11/network"
+ },
+ {
+ "serviceName": "_aai-network",
+ "version": "v12",
+ "url": "/aai/v12/network",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v12/network"
+ },
+ {
+ "serviceName": "_aai-network",
+ "version": "v13",
+ "url": "/aai/v13/network",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v13/network"
+ },
+ {
+ "serviceName": "_aai-network",
+ "version": "v14",
+ "url": "/aai/v14/network",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v14/network"
+ },
+ {
+ "serviceName": "_aai-network",
+ "version": "v15",
+ "url": "/aai/v15/network",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v15/network"
+ },
+ {
+ "serviceName": "_aai-network",
+ "version": "v16",
+ "url": "/aai/v16/network",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v16/network"
+ },
+ {
+ "serviceName": "_aai-externalSystem",
+ "version": "v11",
+ "url": "/aai/v11/external-system",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v11/external-system"
+ },
+ {
+ "serviceName": "_aai-externalSystem",
+ "version": "v12",
+ "url": "/aai/v12/external-system",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v12/external-system"
+ },
+ {
+ "serviceName": "_aai-externalSystem",
+ "version": "v13",
+ "url": "/aai/v13/external-system",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v13/external-system"
+ },
+ {
+ "serviceName": "_aai-externalSystem",
+ "version": "v14",
+ "url": "/aai/v14/external-system",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v14/external-system"
+ },
+ {
+ "serviceName": "_aai-externalSystem",
+ "version": "v15",
+ "url": "/aai/v15/external-system",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v15/external-system"
+ },
+ {
+ "serviceName": "_aai-externalSystem",
+ "version": "v16",
+ "url": "/aai/v16/external-system",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v16/external-system"
+ },
+ {
+ "serviceName": "aai-cloudInfrastructure",
+ "version": "v11",
+ "url": "/aai/v11/cloud-infrastructure",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-cloudInfrastructure",
+ "version": "v12",
+ "url": "/aai/v12/cloud-infrastructure",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-cloudInfrastructure",
+ "version": "v13",
+ "url": "/aai/v13/cloud-infrastructure",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-cloudInfrastructure",
+ "version": "v14",
+ "url": "/aai/v14/cloud-infrastructure",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-cloudInfrastructure",
+ "version": "v15",
+ "url": "/aai/v15/cloud-infrastructure",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-cloudInfrastructure",
+ "version": "v16",
+ "url": "/aai/v16/cloud-infrastructure",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-business",
+ "version": "v11",
+ "url": "/aai/v11/business",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-business",
+ "version": "v12",
+ "url": "/aai/v12/business",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-business",
+ "version": "v13",
+ "url": "/aai/v13/business",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-business",
+ "version": "v14",
+ "url": "/aai/v14/business",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-business",
+ "version": "v15",
+ "url": "/aai/v15/business",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-business",
+ "version": "v16",
+ "url": "/aai/v16/business",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-actions",
+ "version": "v11",
+ "url": "/aai/v11/actions",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-actions",
+ "version": "v12",
+ "url": "/aai/v12/actions",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-actions",
+ "version": "v13",
+ "url": "/aai/v13/actions",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-actions",
+ "version": "v14",
+ "url": "/aai/v14/actions",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-actions",
+ "version": "v15",
+ "url": "/aai/v15/actions",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-actions",
+ "version": "v16",
+ "url": "/aai/v16/actions",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-service-design-and-creation",
+ "version": "v11",
+ "url": "/aai/v11/service-design-and-creation",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-service-design-and-creation",
+ "version": "v12",
+ "url": "/aai/v12/service-design-and-creation",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-service-design-and-creation",
+ "version": "v13",
+ "url": "/aai/v13/service-design-and-creation",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-service-design-and-creation",
+ "version": "v14",
+ "url": "/aai/v14/service-design-and-creation",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-service-design-and-creation",
+ "version": "v15",
+ "url": "/aai/v15/service-design-and-creation",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-service-design-and-creation",
+ "version": "v16",
+ "url": "/aai/v16/service-design-and-creation",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-network",
+ "version": "v11",
+ "url": "/aai/v11/network",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-network",
+ "version": "v12",
+ "url": "/aai/v12/network",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-network",
+ "version": "v13",
+ "url": "/aai/v13/network",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-network",
+ "version": "v14",
+ "url": "/aai/v14/network",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-network",
+ "version": "v15",
+ "url": "/aai/v15/network",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-network",
+ "version": "v16",
+ "url": "/aai/v16/network",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-externalSystem",
+ "version": "v11",
+ "url": "/aai/v11/external-system",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-externalSystem",
+ "version": "v12",
+ "url": "/aai/v12/external-system",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-externalSystem",
+ "version": "v13",
+ "url": "/aai/v13/external-system",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-externalSystem",
+ "version": "v14",
+ "url": "/aai/v14/external-system",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-externalSystem",
+ "version": "v15",
+ "url": "/aai/v15/external-system",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-externalSystem",
+ "version": "v16",
+ "url": "/aai/v16/external-system",
+ "protocol": "REST",
+ "port": "8447",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ }
+ ]'
+ spec:
+ hostname: aai-resources
+ {{ if .Values.global.initContainers.enabled }}
+ {{ if .Values.global.installSidecarSecurity }}
+ hostAliases:
+ - ip: {{ .Values.global.aaf.serverIp }}
+ hostnames:
+ - {{ .Values.global.aaf.serverHostname }}
+ {{ end }}
+ initContainers:
+ - command:
+ {{ if .Values.global.jobs.migration.enabled }}
+ - /root/job_complete.py
+ args:
+ - --job-name
+ - {{ .Release.Name }}-aai-graphadmin-migration
+ {{ else if .Values.global.jobs.createSchema.enabled }}
+ - /root/job_complete.py
+ args:
+ - --job-name
+ - {{ .Release.Name }}-aai-graphadmin-create-db-schema
+ {{ else }}
+ - /root/ready.py
+ args:
+ - --container-name
+ {{- if .Values.global.cassandra.localCluster }}
+ - aai-cassandra
+ {{- else }}
+ - cassandra
+ {{- end }}
+ - --container-name
+ - aai-schema-service
+ {{ end }}
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-readiness
+ {{ if .Values.global.installSidecarSecurity }}
+ - name: {{ .Values.global.tproxyConfig.name }}
+ image: "{{ include "common.repository" . }}/{{ .Values.global.tproxyConfig.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ securityContext:
+ privileged: true
+ {{ end }}
+ {{ end }}
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: LOCAL_USER_ID
+ value: {{ .Values.global.config.userId | quote }}
+ - name: LOCAL_GROUP_ID
+ value: {{ .Values.global.config.groupId | quote }}
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /opt/app/aai-resources/resources/etc/appprops/janusgraph-realtime.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: janusgraph-realtime.properties
+ - mountPath: /opt/app/aai-resources/resources/etc/appprops/janusgraph-cached.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: janusgraph-cached.properties
+ - mountPath: /opt/app/aai-resources/resources/etc/appprops/aaiconfig.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: aaiconfig.properties
+ - mountPath: /opt/aai/logroot/AAI-RES
+ name: {{ include "common.fullname" . }}-logs
+ - mountPath: /opt/app/aai-resources/resources/logback.xml
+ name: {{ include "common.fullname" . }}-config
+ subPath: logback.xml
+ - mountPath: /opt/app/aai-resources/resources/localhost-access-logback.xml
+ name: {{ include "common.fullname" . }}-config
+ subPath: localhost-access-logback.xml
+ - mountPath: /opt/app/aai-resources/resources/etc/auth/realm.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: realm.properties
+ {{ if .Values.global.installSidecarSecurity }}
+ - mountPath: /opt/app/aai-resources/resources/etc/auth/aai_policy.json
+ name: {{ include "common.fullname" . }}-aai-policy
+ subPath: aai_policy.json
+ {{ end }}
+ - mountPath: /opt/app/aai-resources/resources/aaf/org.onap.aai.keyfile
+ name: {{ include "common.fullname" . }}-aaf-certs
+ subPath: org.onap.aai.keyfile
+ - mountPath: /opt/app/aai-resources/resources/aaf/bath_config.csv
+ name: {{ include "common.fullname" . }}-aaf-certs
+ subPath: bath_config.csv
+ - mountPath: /opt/app/aai-resources/resources/aaf/org.onap.aai.props
+ name: {{ include "common.fullname" . }}-aaf-properties
+ subPath: org.onap.aai.props
+ - mountPath: /opt/app/aai-resources/resources/aaf/org.osaaf.location.props
+ name: {{ include "common.fullname" . }}-aaf-properties
+ subPath: org.osaaf.location.props
+ - mountPath: /opt/app/aai-resources/resources/aaf/permissions.properties
+ name: {{ include "common.fullname" . }}-aaf-properties
+ subPath: permissions.properties
+ - mountPath: /opt/app/aai-resources/resources/cadi.properties
+ name: {{ include "common.fullname" . }}-aaf-properties
+ subPath: cadi.properties
+ - mountPath: /opt/app/aai-resources/resources/aaf/org.onap.aai.p12
+ name: {{ include "common.fullname" . }}-aaf-certs
+ subPath: org.onap.aai.p12
+ - mountPath: /opt/app/aai-resources/resources/aaf/truststoreONAPall.jks
+ name: aai-common-aai-auth-mount
+ subPath: truststoreONAPall.jks
+ - mountPath: /opt/app/aai-resources/resources/application.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: application.properties
+ {{ $global := . }}
+ {{ range $job := .Values.global.config.auth.files }}
+ - mountPath: /opt/app/aai-resources/resources/etc/auth/{{ . }}
+ name: {{ include "common.fullname" $global }}-auth-truststore-sec
+ subPath: {{ . }}
+ {{ end }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ - containerPort: {{ .Values.service.internalPort2 }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{ if .Values.liveness.enabled }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end }}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ resources:
+{{ include "common.resources" . }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
+
+ # side car containers
+ - name: filebeat-onap
+ image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: /usr/share/filebeat/filebeat.yml
+ subPath: filebeat.yml
+ name: filebeat-conf
+ - mountPath: /var/log/onap
+ name: {{ include "common.fullname" . }}-logs
+ - mountPath: /usr/share/filebeat/data
+ name: {{ include "common.fullname" . }}-filebeat
+ resources:
+{{ include "common.resources" . }}
+ {{ if .Values.global.installSidecarSecurity }}
+ - name: {{ .Values.global.rproxy.name }}
+ image: "{{ include "common.repository" . }}/{{ .Values.global.rproxy.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: CONFIG_HOME
+ value: "/opt/app/rproxy/config"
+ - name: KEY_STORE_PASSWORD
+ value: {{ .Values.sidecar.keyStorePassword }}
+ - name: spring_profiles_active
+ value: {{ .Values.global.rproxy.activeSpringProfiles }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ mountPath: /opt/app/rproxy/config/forward-proxy.properties
+ subPath: forward-proxy.properties
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ mountPath: /opt/app/rproxy/config/primary-service.properties
+ subPath: primary-service.properties
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ mountPath: /opt/app/rproxy/config/reverse-proxy.properties
+ subPath: reverse-proxy.properties
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ mountPath: /opt/app/rproxy/config/cadi.properties
+ subPath: cadi.properties
+ - name: {{ include "common.fullname" . }}-rproxy-log-config
+ mountPath: /opt/app/rproxy/config/logback-spring.xml
+ subPath: logback-spring.xml
+ - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+ mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
+ subPath: uri-authorization.json
+ - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ mountPath: /opt/app/rproxy/config/auth/tomcat_keystore
+ subPath: tomcat_keystore
+ - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ mountPath: /opt/app/rproxy/config/auth/client-cert.p12
+ subPath: client-cert.p12
+ - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks
+ subPath: aaf_truststore.jks
+ - name: {{ include "common.fullname" . }}-rproxy-security-config
+ mountPath: /opt/app/rproxy/config/security/keyfile
+ subPath: keyfile
+ - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ mountPath: /opt/app/rproxy/config/auth/org.onap.aai.p12
+ subPath: org.onap.aai.p12
+ ports:
+ - containerPort: {{ .Values.global.rproxy.port }}
+
+ - name: {{ .Values.global.fproxy.name }}
+ image: "{{ include "common.repository" . }}/{{ .Values.global.fproxy.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: CONFIG_HOME
+ value: "/opt/app/fproxy/config"
+ - name: KEY_STORE_PASSWORD
+ value: {{ .Values.sidecar.keyStorePassword }}
+ - name: TRUST_STORE_PASSWORD
+ value: {{ .Values.sidecar.trustStorePassword }}
+ - name: spring_profiles_active
+ value: {{ .Values.global.fproxy.activeSpringProfiles }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-fproxy-config
+ mountPath: /opt/app/fproxy/config/fproxy.properties
+ subPath: fproxy.properties
+ - name: {{ include "common.fullname" . }}-fproxy-log-config
+ mountPath: /opt/app/fproxy/config/logback-spring.xml
+ subPath: logback-spring.xml
+ - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ mountPath: /opt/app/fproxy/config/auth/fproxy_truststore
+ subPath: fproxy_truststore
+ - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ mountPath: /opt/app/fproxy/config/auth/tomcat_keystore
+ subPath: tomcat_keystore
+ - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ mountPath: /opt/app/fproxy/config/auth/client-cert.p12
+ subPath: client-cert.p12
+ ports:
+ - containerPort: {{ .Values.global.fproxy.port }}
+ {{ end }}
+
+ volumes:
+ - name: aai-common-aai-auth-mount
+ secret:
+ secretName: aai-common-aai-auth
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: filebeat-conf
+ configMap:
+ name: aai-filebeat
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-filebeat
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-config
+ configMap:
+ name: {{ include "common.fullname" . }}-configmap
+ - name: {{ include "common.fullname" . }}-aaf-properties
+ configMap:
+ name: {{ include "common.fullname" . }}-aaf-props
+ - name: {{ include "common.fullname" . }}-aaf-certs
+ secret:
+ secretName: {{ include "common.fullname" . }}-aaf-keys
+ - name: {{ include "common.fullname" . }}-auth-truststore-sec
+ secret:
+ secretName: aai-common-truststore
+ items:
+ {{ range $job := .Values.global.config.auth.files }}
+ - key: {{ . }}
+ path: {{ . }}
+ {{ end }}
+ {{ if .Values.global.installSidecarSecurity }}
+ - name: {{ include "common.fullname" . }}-aai-policy
+ configMap:
+ name: {{ include "common.fullname" . }}-aai-policy-configmap
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ configMap:
+ name: {{ include "common.fullname" . }}-rproxy-config
+ - name: {{ include "common.fullname" . }}-rproxy-log-config
+ configMap:
+ name: {{ include "common.fullname" . }}-rproxy-log-config
+ - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+ configMap:
+ name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ secret:
+ secretName: {{ include "common.fullname" . }}-rproxy-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-security-config
+ secret:
+ secretName: {{ include "common.fullname" . }}-rproxy-security-config
+ - name: {{ include "common.fullname" . }}-fproxy-config
+ configMap:
+ name: {{ include "common.fullname" . }}-fproxy-config
+ - name: {{ include "common.fullname" . }}-fproxy-log-config
+ configMap:
+ name: {{ include "common.fullname" . }}-fproxy-log-config
+ - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ secret:
+ secretName: {{ include "common.fullname" . }}-fproxy-auth-config
+ {{ end }}
+ restartPolicy: {{ .Values.restartPolicy }}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/charts/aai-resources/templates/service.yaml b/charts/aai-resources/templates/service.yaml
new file mode 100644
index 0000000..d119912
--- /dev/null
+++ b/charts/aai-resources/templates/service.yaml
@@ -0,0 +1,44 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ - port: {{ .Values.service.internalPort2 }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
+ name: {{ .Values.service.portName2 }}
+ {{- else -}}
+ - port: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ - port: {{ .Values.service.internalPort2 }}
+ name: {{ .Values.service.portName2 }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ clusterIP: None
diff --git a/charts/aai-resources/values.yaml b/charts/aai-resources/values.yaml
new file mode 100644
index 0000000..66a57d6
--- /dev/null
+++ b/charts/aai-resources/values.yaml
@@ -0,0 +1,119 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Default values for resources.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+global: # global defaults
+ nodePortPrefix: 302
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+
+# application image
+repository: nexus3.onap.org:10001
+image: onap/aai-resources:1.4-STAGING-latest
+pullPolicy: Always
+restartPolicy: Always
+flavor: small
+# default number of instances
+replicaCount: 1
+
+# Configuration for the resources deployment
+config:
+
+ # Specifies crud related operation timeouts and overrides
+ crud:
+ timeout:
+ # Specifies if the timeout for REST GET calls should be enabled
+ enabled: true
+ # Specifies the timeout values for application specific
+ # Its a pipe seperated list where each element before comma represents
+ # the X-FromAppId and the comma after specifies the timeout limit in ms
+ # If the timeout limit is -1 then it means for these apps no timeout
+ appspecific: JUNITTESTAPP1,1|JUNITTESTAPP2,-1|DCAE-CCS,-1|DCAES,-1|AAIRctFeed,-1|NewvceCreator,-1|IANewvceCreator,-1|AAI-CSIOVALS,-1
+ # Specifies what is the maximum timeout limit in milliseconds
+ limit: 100000
+
+ # Specifies configuration for bulk apis
+ bulk:
+ # Specifies for a bulk payload how many transactions in total allowed
+ limit: 30
+ # Specifies if the bulk can be override and if it can the value
+ override: false
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 60
+ periodSeconds: 60
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: false
+
+readiness:
+ initialDelaySeconds: 60
+ periodSeconds: 10
+
+# application configuration
+sidecar:
+ keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+ keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+ trustStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+
+service:
+ type: ClusterIP
+ portName: aai-resources-8447
+ internalPort: 8447
+ portName2: aai-resources-5005
+ internalPort2: 5005
+
+ingress:
+ enabled: false
+
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ #
+ # Example:
+ # Configure resource requests and limits
+ # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+ # Minimum memory for development is 2 CPU cores and 4GB memory
+ # Minimum memory for production is 4 CPU cores and 8GB memory
+#resources:
+# limits:
+# cpu: 2
+# memory: 4Gi
+# requests:
+# cpu: 2
+# memory: 4Gi
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 4Gi
+ requests:
+ cpu: 1
+ memory: 3Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 8Gi
+ requests:
+ cpu: 2
+ memory: 4Gi
+ unlimited: {}
diff --git a/charts/aai-schema-service/.helmignore b/charts/aai-schema-service/.helmignore
new file mode 100644
index 0000000..daebc7d
--- /dev/null
+++ b/charts/aai-schema-service/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/charts/aai-schema-service/Chart.yaml b/charts/aai-schema-service/Chart.yaml
new file mode 100644
index 0000000..af462f0
--- /dev/null
+++ b/charts/aai-schema-service/Chart.yaml
@@ -0,0 +1,19 @@
+# Copyright © 2019 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+apiVersion: v1
+description: ONAP AAI Schema Service
+name: aai-schema-service
+version: 4.0.0
diff --git a/charts/aai-schema-service/config/aaiconfig.properties b/charts/aai-schema-service/config/aaiconfig.properties
new file mode 100644
index 0000000..2172d71
--- /dev/null
+++ b/charts/aai-schema-service/config/aaiconfig.properties
@@ -0,0 +1,43 @@
+#
+# ============LICENSE_START=======================================================
+# org.onap.aai
+# ================================================================================
+# Copyright © 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+aai.server.url.base=https://aai.{{ include "common.namespace" . }}:8443/aai/
+aai.server.url=https://aai.{{ include "common.namespace" . }}:8443/aai/{{ .Values.global.config.schema.version.api.default }}/
+aai.global.callback.url=https://aai.{{ include "common.namespace" . }}:8443/aai/
+
+{{ if .Values.global.config.basic.auth.enabled }}
+aai.tools.enableBasicAuth=true
+aai.tools.username={{ .Values.global.config.basic.auth.username }}
+aai.tools.password={{ .Values.global.config.basic.auth.passwd }}
+{{ end }}
+
+aai.truststore.filename={{ .Values.global.config.truststore.filename }}
+aai.truststore.passwd.x={{ .Values.global.config.truststore.passwd }}
+aai.keystore.filename={{ .Values.global.config.keystore.filename }}
+aai.keystore.passwd.x={{ .Values.global.config.keystore.passwd }}
+
+aai.default.api.version={{ .Values.global.config.schema.version.api.default }}
+
+aai.logging.trace.enabled=true
+aai.logging.trace.logrequest=false
+aai.logging.trace.logresponse=false
+
+aai.transaction.logging=true
+aai.transaction.logging.get=false
+aai.transaction.logging.post=false
diff --git a/charts/aai-schema-service/config/application.properties b/charts/aai-schema-service/config/application.properties
new file mode 100644
index 0000000..7b9312f
--- /dev/null
+++ b/charts/aai-schema-service/config/application.properties
@@ -0,0 +1,70 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# The following info parameters are being referenced by ajsc6
+info.build.artifact=aai-schema-service
+info.build.name=schema-service
+info.build.description=Schema Service Microservice
+info.build.version=1.1.0
+
+spring.application.name=aai-schema-service
+spring.jersey.type=filter
+
+server.contextPath=/
+spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration
+
+spring.profiles.active={{ .Values.global.config.profiles.active }}
+spring.jersey.application-path=${schema.uri.base.path}
+server.tomcat.max-threads=200
+server.tomcat.min-Spare-Threads=25
+server.tomcat.max-idle-time=60000
+
+server.local.startpath=aai-schema-service/src/main/resources/
+server.basic.auth.location=${server.local.startpath}/etc/auth/realm.properties
+
+server.port=8452
+server.ssl.enabled-protocols=TLSv1.1,TLSv1.2
+server.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }}
+server.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }})
+server.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }}
+server.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }})
+server.ssl.client-auth=want
+server.ssl.key-store-type=JKS
+
+schema.configuration.location=N/A
+schema.source.name={{ .Values.global.config.schema.source.name }}
+schema.nodes.location=${server.local.startpath}/schema/${schema.source.name}/oxm/
+schema.edges.location=${server.local.startpath}/schema/${schema.source.name}/dbedgerules/
+schema.query.location=${server.local.startpath}/schema/${schema.source.name}/query/
+
+schema.ingest.file=${server.local.startpath}/application.properties
+
+# Schema Version Related Attributes
+schema.uri.base.path={{ .Values.global.config.schema.uri.base.path }}/schema-service
+# Lists all of the versions in the schema
+schema.version.list={{ .Values.global.config.schema.version.list }}
+# Specifies from which version should the depth parameter to default to zero
+schema.version.depth.start={{ .Values.global.config.schema.version.depth }}
+# Specifies from which version should the related link be displayed in response payload
+schema.version.related.link.start={{ .Values.global.config.schema.version.related.link }}
+
+# Specifies from which version should the client see only the uri excluding host info
+# Before this version server base will also be included
+schema.version.app.root.start={{ .Values.global.config.schema.version.app.root }}
+# Specifies from which version should the namespace be changed
+schema.version.namespace.change.start={{ .Values.global.config.schema.version.namespace.change }}
+# Specifies from which version should the client start seeing the edge label in payload
+schema.version.edge.label.start={{ .Values.global.config.schema.version.edge.label }}
+# Specifies the version that the application should default to
+schema.version.api.default={{ .Values.global.config.schema.version.api.default }}
diff --git a/charts/aai-schema-service/config/localhost-access-logback.xml b/charts/aai-schema-service/config/localhost-access-logback.xml
new file mode 100644
index 0000000..447f239
--- /dev/null
+++ b/charts/aai-schema-service/config/localhost-access-logback.xml
@@ -0,0 +1,58 @@
+<!--
+ ============LICENSE_START=======================================================
+ org.onap.aai
+ ================================================================================
+ Copyright © 2019 AT&T Intellectual Property. All rights reserved.
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END=========================================================
+-->
+<configuration>
+ <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
+ <appender name="ACCESS"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
+ <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D</Pattern>
+ </encoder>
+ </appender>
+ <appender-ref ref="ACCESS" />
+</configuration>
+
+<!--
+%a - Remote IP address
+%A - Local IP address
+%b - Bytes sent, excluding HTTP headers, or '-' if no bytes were sent
+%B - Bytes sent, excluding HTTP headers
+%h - Remote host name
+%H - Request protocol
+%l - Remote logical username from identd (always returns '-')
+%m - Request method
+%p - Local port
+%q - Query string (prepended with a '?' if it exists, otherwise an empty string
+%r - First line of the request
+%s - HTTP status code of the response
+%S - User session ID
+%t - Date and time, in Common Log Format format
+%u - Remote user that was authenticated
+%U - Requested URL path
+%v - Local server name
+%I - current request thread name (can compare later with stacktraces)
+
+%z - Custom pattern that parses the cert for the subject
+%y - Custom pattern determines rest or dme2
+ -->
diff --git a/charts/aai-schema-service/config/logback.xml b/charts/aai-schema-service/config/logback.xml
new file mode 100644
index 0000000..f10546a
--- /dev/null
+++ b/charts/aai-schema-service/config/logback.xml
@@ -0,0 +1,237 @@
+<configuration scan="true" scanPeriod="60 seconds" debug="false">
+ <statusListener class="ch.qos.logback.core.status.NopStatusListener" />
+ <property resource="application.properties" />
+ <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
+ <jmxConfigurator />
+ <property name="logDirectory" value="${AJSC_HOME}/logs" />
+ <property name="eelfLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <property name="eelfAuditLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <property name="eelfMetricLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{targetVirtualEntity}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <!-- <property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/> -->
+ <property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%ecompResponseCode|%ecompResponseDescription|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <property name="eelfTransLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{partnerName}:%m%n"/>
+ <conversionRule conversionWord="clr" converterClass="org.springframework.boot.logging.logback.ColorConverter" />
+ <conversionRule conversionWord="wex" converterClass="org.springframework.boot.logging.logback.WhitespaceThrowableProxyConverter" />
+ <conversionRule conversionWord="wEx" converterClass="org.springframework.boot.logging.logback.ExtendedWhitespaceThrowableProxyConverter" />
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>
+ %clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx}
+ </pattern>
+ </encoder>
+ </appender>
+ <appender name="SANE" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/rest/sane.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/sane.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder>
+ <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n
+ </pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncSANE" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="SANE" />
+ </appender>
+ <appender name="METRIC"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <file>${logDirectory}/rest/metrics.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfMetricLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncMETRIC" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="METRIC" />
+ </appender>
+ <appender name="DEBUG"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <file>${logDirectory}/rest/debug.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/debug.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncDEBUG" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="DEBUG" />
+ </appender>
+ <appender name="ERROR"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <file>${logDirectory}/rest/error.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/error.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfErrorLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncERROR" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="ERROR" />
+ </appender>
+ <appender name="AUDIT"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/rest/audit.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/audit.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfAuditLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncAUDIT" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="AUDIT" />
+ </appender>
+ <appender name="translog"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <file>${logDirectory}/rest/translog.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/translog.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfTransLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asynctranslog" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="translog" />
+ </appender>
+ <appender name="dmaapAAIEventConsumer"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <File>${logDirectory}/dmaapAAIEventConsumer/error.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="dmaapAAIEventConsumerDebug"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dmaapAAIEventConsumer/debug.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="dmaapAAIEventConsumerMetric"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dmaapAAIEventConsumer/metrics.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfMetricLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="external"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <file>${logDirectory}/external/external.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/external/external.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <logger name="org.onap.aai.schemaservice" level="DEBUG" additivity="false">
+ <appender-ref ref="asyncDEBUG" />
+ <appender-ref ref="asyncERROR" />
+ <appender-ref ref="asyncMETRIC" />
+ <appender-ref ref="asyncSANE" />
+ <appender-ref ref="STDOUT" />
+ </logger>
+ <!-- Spring related loggers -->
+ <logger name="org.springframework" level="WARN" />
+ <logger name="org.springframework.beans" level="WARN" />
+ <logger name="org.springframework.web" level="WARN" />
+ <logger name="com.blog.spring.jms" level="WARN" />
+ <!-- logback internals logging -->
+ <logger name="ch.qos.logback.classic" level="WARN" />
+ <logger name="ch.qos.logback.core" level="WARN" />
+ <logger name="org.eclipse.jetty" level="WARN" />
+
+ <logger name="org.onap.aai.schemaservice.interceptors.post" level="DEBUG"
+ additivity="false">
+ <appender-ref ref="asynctranslog" />
+ </logger>
+ <logger name="org.onap.aai.schemaservice.interceptors.pre.SetLoggingContext" level="DEBUG">
+ <appender-ref ref="asyncAUDIT"/>
+ </logger>
+ <logger name="org.onap.aai.schemaservice.interceptors.post.ResetLoggingContext" level="DEBUG">
+ <appender-ref ref="asyncAUDIT"/>
+ </logger>
+ <!-- ============================================================================ -->
+ <!-- General EELF logger -->
+ <!-- ============================================================================ -->
+ <logger name="com.att.eelf" level="WARN" additivity="false">
+ <appender-ref ref="asyncDEBUG" />
+ <appender-ref ref="asyncERROR" />
+ <appender-ref ref="asyncMETRIC" />
+ </logger>
+ <root level="DEBUG">
+ <appender-ref ref="external" />
+ {{ if .Values.global.config.logback.console.enabled }}
+ <appender-ref ref="STDOUT" />
+ {{ end }}
+ </root>
+</configuration>
diff --git a/charts/aai-schema-service/config/realm.properties b/charts/aai-schema-service/config/realm.properties
new file mode 100644
index 0000000..988bb24
--- /dev/null
+++ b/charts/aai-schema-service/config/realm.properties
@@ -0,0 +1,22 @@
+AAI:OBF:1gfr1ev31gg7,admin
+MSO:OBF:1jzx1lz31k01,admin
+SDNC:OBF:1itr1i0l1i151isv,admin
+DCAE:OBF:1g8u1f9d1f991g8w,admin
+POLICY:OBF:1mk61i171ima1im41i0j1mko,admin
+ASDC:OBF:1f991j0u1j001f9d,admin
+VID:OBF:1jm91i0v1jl9,admin
+APPC:OBF:1f991ksf1ksf1f9d,admin
+ModelLoader:OBF:1qvu1v2h1sov1sar1wfw1j7j1wg21saj1sov1v1x1qxw,admin
+AaiUI:OBF:1gfr1p571unz1p4j1gg7,admin
+OOF:OBF:1img1ke71ily,admin
+aai@aai.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+so@so.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+sdnc@sdnc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+dcae@dcae.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+policy@policy.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+sdc@sdc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+vid@vid.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+appc@appc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+oof@oof.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+pomba@pomba.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+vfc@vfc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
diff --git a/charts/aai-schema-service/templates/configmap.yaml b/charts/aai-schema-service/templates/configmap.yaml
new file mode 100644
index 0000000..91a831a
--- /dev/null
+++ b/charts/aai-schema-service/templates/configmap.yaml
@@ -0,0 +1,78 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-log
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "config/logback.xml").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-localhost-access-log-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "config/localhost-access-logback.xml").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-aaiconfig-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "config/aaiconfig.properties").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-springapp-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "config/application.properties").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-realm-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "config/realm.properties").AsConfig . | indent 2 }}
diff --git a/charts/aai-schema-service/templates/deployment.yaml b/charts/aai-schema-service/templates/deployment.yaml
new file mode 100644
index 0000000..38a19d3
--- /dev/null
+++ b/charts/aai-schema-service/templates/deployment.yaml
@@ -0,0 +1,155 @@
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ name: {{ include "common.name" . }}
+ annotations:
+ checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
+ spec:
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: LOCAL_USER_ID
+ value: {{ .Values.global.config.userId | quote }}
+ - name: LOCAL_GROUP_ID
+ value: {{ .Values.global.config.groupId | quote }}
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /opt/app/aai-schema-service/resources/etc/appprops/aaiconfig.properties
+ name: aaiconfig-conf
+ subPath: aaiconfig.properties
+ - mountPath: /opt/aai/logroot/AAI-SS
+ name: {{ include "common.fullname" . }}-logs
+ - mountPath: /opt/app/aai-schema-service/resources/logback.xml
+ name: {{ include "common.fullname" . }}-log-conf
+ subPath: logback.xml
+ - mountPath: /opt/app/aai-schema-service/resources/localhost-access-logback.xml
+ name: localhost-access-log-conf
+ subPath: localhost-access-logback.xml
+ - mountPath: /opt/app/aai-schema-service/resources/etc/auth/realm.properties
+ name: realm-conf
+ subPath: realm.properties
+ - mountPath: /opt/app/aai-schema-service/resources/application.properties
+ name: springapp-conf
+ subPath: application.properties
+ {{ $global := . }}
+ {{ range $job := .Values.global.config.auth.files }}
+ - mountPath: /opt/app/aai-schema-service/resources/etc/auth/{{ . }}
+ name: auth-truststore-sec
+ subPath: {{ . }}
+ {{ end }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ - containerPort: {{ .Values.service.internalPort2 }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{ if .Values.liveness.enabled }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end }}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
+
+ # side car containers
+ - name: filebeat-onap
+ image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: /usr/share/filebeat/filebeat.yml
+ subPath: filebeat.yml
+ name: filebeat-conf
+ - mountPath: /var/log/onap
+ name: {{ include "common.fullname" . }}-logs
+ - mountPath: /usr/share/filebeat/data
+ name: {{ include "common.fullname" . }}-filebeat
+ volumes:
+ - name: aai-common-aai-auth-mount
+ secret:
+ secretName: aai-common-aai-auth
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: filebeat-conf
+ configMap:
+ name: aai-filebeat
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-filebeat
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-log-conf
+ configMap:
+ name: {{ include "common.fullname" . }}-log
+ - name: localhost-access-log-conf
+ configMap:
+ name: {{ include "common.fullname" . }}-localhost-access-log-configmap
+ - name: springapp-conf
+ configMap:
+ name: {{ include "common.fullname" . }}-springapp-configmap
+ - name: aaiconfig-conf
+ configMap:
+ name: {{ include "common.fullname" . }}-aaiconfig-configmap
+ - name: realm-conf
+ configMap:
+ name: {{ include "common.fullname" . }}-realm-configmap
+ - name: auth-truststore-sec
+ secret:
+ secretName: aai-common-truststore
+ items:
+ {{ range $job := .Values.global.config.auth.files }}
+ - key: {{ . }}
+ path: {{ . }}
+ {{ end }}
+ restartPolicy: {{ .Values.restartPolicy }}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/charts/aai-schema-service/templates/service.yaml b/charts/aai-schema-service/templates/service.yaml
new file mode 100644
index 0000000..d119912
--- /dev/null
+++ b/charts/aai-schema-service/templates/service.yaml
@@ -0,0 +1,44 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ - port: {{ .Values.service.internalPort2 }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
+ name: {{ .Values.service.portName2 }}
+ {{- else -}}
+ - port: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ - port: {{ .Values.service.internalPort2 }}
+ name: {{ .Values.service.portName2 }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ clusterIP: None
diff --git a/charts/aai-schema-service/values.yaml b/charts/aai-schema-service/values.yaml
new file mode 100644
index 0000000..cb8ac55
--- /dev/null
+++ b/charts/aai-schema-service/values.yaml
@@ -0,0 +1,90 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Default values for resources.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+global: # global defaults
+ nodePortPrefix: 302
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+
+# application image
+repository: nexus3.onap.org:10001
+image: onap/aai-schema-service:1.0-STAGING-latest
+pullPolicy: Always
+restartPolicy: Always
+flavor: small
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 60
+ periodSeconds: 60
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: false
+
+readiness:
+ initialDelaySeconds: 60
+ periodSeconds: 10
+
+service:
+ type: ClusterIP
+ portName: aai-schema-service-8452
+ internalPort: 8452
+ portName2: aai-schema-service-5005
+ internalPort2: 5005
+
+ingress:
+ enabled: false
+
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ #
+ # Example:
+ # Configure resource requests and limits
+ # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+ # Minimum memory for development is 2 CPU cores and 4GB memory
+ # Minimum memory for production is 4 CPU cores and 8GB memory
+#resources:
+# limits:
+# cpu: 2
+# memory: 4Gi
+# requests:
+# cpu: 2
+# memory: 4Gi
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 4Gi
+ requests:
+ cpu: 1
+ memory: 3Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 8Gi
+ requests:
+ cpu: 2
+ memory: 4Gi
+ unlimited: {}
diff --git a/charts/aai-search-data/.helmignore b/charts/aai-search-data/.helmignore
new file mode 100644
index 0000000..daebc7d
--- /dev/null
+++ b/charts/aai-search-data/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/charts/aai-search-data/Chart.yaml b/charts/aai-search-data/Chart.yaml
new file mode 100644
index 0000000..9cf3523
--- /dev/null
+++ b/charts/aai-search-data/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP AAI search-data
+name: aai-search-data
+version: 4.0.0
diff --git a/charts/aai-search-data/resources/config/analysis-config.json b/charts/aai-search-data/resources/config/analysis-config.json
new file mode 100644
index 0000000..5fc135d
--- /dev/null
+++ b/charts/aai-search-data/resources/config/analysis-config.json
@@ -0,0 +1,32 @@
+[
+ {
+ "name": "whitespace_analyzer",
+ "description": "A standard whitespace analyzer.",
+ "behaviours": [
+ "Tokenize the text using white space characters as delimeters.",
+ "Convert all characters to lower case.",
+ "Convert all alphanumeric and symbolic Unicode characters above the first 127 ASCII characters into their ASCII equivalents."
+ ],
+ "tokenizer": "whitespace",
+ "filters": [
+ "lowercase",
+ "asciifolding"
+ ]
+ },
+ {
+ "name": "ngram_analyzer",
+ "description": "An analyzer which performs ngram filtering on the data stream.",
+ "behaviours": [
+ "Tokenize the text using white space characters as delimeters.",
+ "Convert all characters to lower case.",
+ "Convert all alphanumeric and symbolic Unicode characters above the first 127 ASCII characters into their ASCII equivalents.",
+ "Apply ngram filtering using the following values for minimum and maximum size in codepoints of a single n-gram: minimum = 1, maximum = 2."
+ ],
+ "tokenizer": "whitespace",
+ "filters": [
+ "lowercase",
+ "asciifolding",
+ "ngram_filter"
+ ]
+ }
+] \ No newline at end of file
diff --git a/charts/aai-search-data/resources/config/auth/search_policy.json b/charts/aai-search-data/resources/config/auth/search_policy.json
new file mode 100644
index 0000000..bbbe52f
--- /dev/null
+++ b/charts/aai-search-data/resources/config/auth/search_policy.json
@@ -0,0 +1,18 @@
+{
+ "roles": [
+ {
+ "name": "admin",
+ "functions": [
+ {
+ "name": "search", "methods": [ { "name": "GET" },{ "name": "DELETE" }, { "name": "PUT" }, { "name": "POST" } ]
+ }
+ ],
+
+ "users": [
+ {
+ "username": "CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA"
+ }
+ ]
+ }
+ ]
+}
diff --git a/charts/aai-search-data/resources/config/auth/tomcat_keystore b/charts/aai-search-data/resources/config/auth/tomcat_keystore
new file mode 100644
index 0000000..842afeb
--- /dev/null
+++ b/charts/aai-search-data/resources/config/auth/tomcat_keystore
Binary files differ
diff --git a/charts/aai-search-data/resources/config/dynamic-custom-template.json b/charts/aai-search-data/resources/config/dynamic-custom-template.json
new file mode 100644
index 0000000..2dac8f7
--- /dev/null
+++ b/charts/aai-search-data/resources/config/dynamic-custom-template.json
@@ -0,0 +1,12 @@
+"dynamic_templates":[
+ {
+ "strings":{
+ "match_mapping_type":"string",
+ "match": "*",
+ "mapping":{
+ "type":"text",
+ "fielddata":true
+ }
+ }
+ }
+],
diff --git a/charts/aai-search-data/resources/config/elastic-search.properties b/charts/aai-search-data/resources/config/elastic-search.properties
new file mode 100644
index 0000000..6232c14
--- /dev/null
+++ b/charts/aai-search-data/resources/config/elastic-search.properties
@@ -0,0 +1,25 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# ElasticSearch Configuration
+
+es.cluster-name=ES_AAI
+es.ip-address=aai-elasticsearch.{{.Release.Namespace}}
+es.http-port={{ .Values.config.elasticsearchHttpPort }}
+es.uri-scheme=https
+es.auth-user=admin
+es.auth-password=OBF:1u2a1toa1w8v1tok1u30
+es.trust-store=auth/tomcat_keystore
+es.trust-store-password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+
diff --git a/charts/aai-search-data/resources/config/es-payload-translation.json b/charts/aai-search-data/resources/config/es-payload-translation.json
new file mode 100644
index 0000000..8a29863
--- /dev/null
+++ b/charts/aai-search-data/resources/config/es-payload-translation.json
@@ -0,0 +1,17 @@
+{
+ "attr-translations": [
+ {
+ "query": "$..[?(@.type=='string' && @.index=='analyzed')]",
+ "update": {"type": "text", "index": true, "fielddata": true}
+ },
+ {
+ "query": "$..[?(@.type=='string' && @.index=='not_analyzed')]",
+ "update": {"type": "keyword", "index": true}
+ },
+ {
+ "query": "$..[?(@.type=='string' && !@.index)]",
+ "update": {"type": "text", "fielddata": true}
+ }
+ ]
+}
+
diff --git a/charts/aai-search-data/resources/config/filter-config.json b/charts/aai-search-data/resources/config/filter-config.json
new file mode 100644
index 0000000..a27f75b
--- /dev/null
+++ b/charts/aai-search-data/resources/config/filter-config.json
@@ -0,0 +1,7 @@
+[
+ {
+ "name": "ngram_filter",
+ "description": "Custom NGram Filter.",
+ "configuration": " \"type\": \"nGram\", \"min_gram\": 1, \"max_gram\": 50, \"token_chars\": [ \"letter\", \"digit\", \"punctuation\", \"symbol\" ]"
+ }
+] \ No newline at end of file
diff --git a/charts/aai-search-data/resources/config/log/logback.xml b/charts/aai-search-data/resources/config/log/logback.xml
new file mode 100644
index 0000000..adfed4a
--- /dev/null
+++ b/charts/aai-search-data/resources/config/log/logback.xml
@@ -0,0 +1,193 @@
+<!--
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+-->
+
+<configuration scan="true" scanPeriod="3 seconds" debug="false">
+ <!--<jmxConfigurator /> -->
+ <!-- directory path for all other type logs -->
+
+ <property name="logDir" value="/var/log/onap" />
+
+
+ <!-- specify the component name
+ <ECOMP-component-name>::= "MSO" | "DCAE" | "ASDC " | "AAI" |"Policy" | "SDNC" | "AC" -->
+ <property name="componentName" value="AAI-SDB"></property>
+
+ <!-- default eelf log file names -->
+ <property name="generalLogName" value="error" />
+ <property name="metricsLogName" value="metrics" />
+ <property name="auditLogName" value="audit" />
+ <property name="debugLogName" value="debug" />
+
+ <property name="errorLogPattern" value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{RequestId}|%thread|SearchDataService|%mdc{PartnerName}|%logger||%.-5level|%msg%n" />
+ <property name="auditMetricPattern" value="%m%n" />
+
+ <property name="logDirectory" value="${logDir}/${componentName}" />
+
+ <!-- Example evaluator filter applied against console appender -->
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>${errorLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <!-- ============================================================================ -->
+ <!-- EELF Appenders -->
+ <!-- ============================================================================ -->
+
+ <!-- The EELFAppender is used to record events to the general application
+ log -->
+
+ <appender name="EELF"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${generalLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip
+ </fileNamePattern>
+ <maxHistory>60</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${errorLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender">
+ <!-- deny all events with a level below INFO, that is TRACE and DEBUG -->
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>INFO</level>
+ </filter>
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELF" />
+ </appender>
+
+
+ <!-- EELF Audit Appender. This appender is used to record audit engine
+ related logging events. The audit logger and appender are specializations
+ of the EELF application root logger and appender. This can be used to segregate
+ Policy engine events from other components, or it can be eliminated to record
+ these events as part of the application root log. -->
+
+ <appender name="EELFAudit"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${auditLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip
+ </fileNamePattern>
+ <maxHistory>60</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${auditMetricPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFAudit" />
+ </appender>
+
+ <appender name="EELFMetrics"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${metricsLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip
+ </fileNamePattern>
+ <maxHistory>60</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} -
+ %msg%n"</pattern> -->
+ <pattern>${auditMetricPattern}</pattern>
+ </encoder>
+ </appender>
+
+
+ <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFMetrics"/>
+ </appender>
+
+ <appender name="EELFDebug"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${debugLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip
+ </fileNamePattern>
+ <maxHistory>60</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${errorLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFDebug" />
+ <includeCallerData>false</includeCallerData>
+ </appender>
+
+
+ <!-- ============================================================================ -->
+ <!-- EELF loggers -->
+ <!-- ============================================================================ -->
+ <logger name="com.att.eelf" level="info" additivity="false">
+ <appender-ref ref="asyncEELF" />
+ <appender-ref ref="asyncEELFDebug" />
+ </logger>
+
+ <logger name="com.att.eelf.audit" level="info" additivity="false">
+ <appender-ref ref="asyncEELFAudit" />
+ </logger>
+ <logger name="com.att.eelf.metrics" level="info" additivity="false">
+ <appender-ref ref="asyncEELFMetrics" />
+ </logger>
+
+ <!-- Spring related loggers -->
+ <logger name="org.springframework" level="WARN" />
+ <logger name="org.springframework.beans" level="WARN" />
+ <logger name="org.springframework.web" level="WARN" />
+ <logger name="com.blog.spring.jms" level="WARN" />
+
+ <!-- SearchDB loggers -->
+ <logger name="org.openecomp.sa" level="INFO" />
+
+ <!-- Other Loggers that may help troubleshoot -->
+ <logger name="net.sf" level="WARN" />
+ <logger name="org.apache.commons.httpclient" level="WARN" />
+ <logger name="org.apache.commons" level="WARN" />
+ <logger name="org.apache.coyote" level="WARN" />
+ <logger name="org.apache.jasper" level="WARN" />
+
+ <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging.
+ May aid in troubleshooting) -->
+ <logger name="org.apache.camel" level="WARN" />
+ <logger name="org.apache.cxf" level="WARN" />
+ <logger name="org.apache.camel.processor.interceptor" level="WARN" />
+ <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" />
+ <logger name="org.apache.cxf.service" level="WARN" />
+ <logger name="org.restlet" level="WARN" />
+ <logger name="org.apache.camel.component.restlet" level="WARN" />
+
+ <!-- logback internals logging -->
+ <logger name="ch.qos.logback.classic" level="WARN" />
+ <logger name="ch.qos.logback.core" level="WARN" />
+
+ <root>
+ <appender-ref ref="asyncEELF" />
+ <!-- <appender-ref ref="asyncEELFDebug" /> -->
+ </root>
+
+</configuration>
diff --git a/charts/aai-search-data/templates/configmap.yaml b/charts/aai-search-data/templates/configmap.yaml
new file mode 100644
index 0000000..b1547f4
--- /dev/null
+++ b/charts/aai-search-data/templates/configmap.yaml
@@ -0,0 +1,39 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-service-log
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/log/logback.xml").AsConfig . | indent 2 }}
diff --git a/charts/aai-search-data/templates/deployment.yaml b/charts/aai-search-data/templates/deployment.yaml
new file mode 100644
index 0000000..1d39d4e
--- /dev/null
+++ b/charts/aai-search-data/templates/deployment.yaml
@@ -0,0 +1,144 @@
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ name: {{ include "common.name" . }}
+ spec:
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: CONFIG_HOME
+ value: /opt/app/search-data-service/config/
+ - name: KEY_STORE_PASSWORD
+ value: {{ .Values.config.keyStorePassword }}
+ - name: KEY_MANAGER_PASSWORD
+ value: {{ .Values.config.keyManagerPassword }}
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /opt/app/search-data-service/config/filter-config.json
+ subPath: filter-config.json
+ name: {{ include "common.fullname" . }}-service-config
+ - mountPath: /opt/app/search-data-service/config/elastic-search.properties
+ subPath: elastic-search.properties
+ name: {{ include "common.fullname" . }}-service-config
+ - mountPath: /opt/app/search-data-service/config/analysis-config.json
+ subPath: analysis-config.json
+ name: {{ include "common.fullname" . }}-service-config
+ - mountPath: /opt/app/search-data-service/config/es-payload-translation.json
+ subPath: es-payload-translation.json
+ name: {{ include "common.fullname" . }}-service-config
+ - mountPath: /opt/app/search-data-service/config/dynamic-custom-template.json
+ subPath: dynamic-custom-template.json
+ name: {{ include "common.fullname" . }}-service-config
+ - mountPath: /opt/app/search-data-service/config/auth/tomcat_keystore
+ subPath: tomcat_keystore
+ name: {{ include "common.fullname" . }}-service-auth-config
+ - mountPath: /opt/app/search-data-service/config/auth/search_policy.json
+ subPath: search_policy.json
+ name: {{ include "common.fullname" . }}-search-policy-config
+ - mountPath: /var/log/onap
+ name: {{ include "common.fullname" . }}-service-logs
+ - mountPath: /opt/app/search-data-service/bundleconfig/etc/logback.xml
+ name: {{ include "common.fullname" . }}-service-log-conf
+ subPath: logback.xml
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end -}}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ resources:
+{{ include "common.resources" . }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
+
+ # side car containers
+ - name: filebeat-onap
+ image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: /usr/share/filebeat/filebeat.yml
+ subPath: filebeat.yml
+ name: filebeat-conf
+ - mountPath: /var/log/onap
+ name: {{ include "common.fullname" . }}-service-logs
+ - mountPath: /usr/share/filebeat/data
+ name: {{ include "common.fullname" . }}-service-filebeat
+
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: {{ include "common.fullname" . }}-service-config
+ configMap:
+ name: {{ include "common.fullname" . }}
+ - name: {{ include "common.fullname" . }}-service-auth-config
+ secret:
+ secretName: {{ include "common.fullname" . }}-keystone
+ - name: {{ include "common.fullname" . }}-search-policy-config
+ secret:
+ secretName: {{ include "common.fullname" . }}-policy
+ - name: filebeat-conf
+ configMap:
+ name: aai-filebeat
+ - name: {{ include "common.fullname" . }}-service-logs
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-service-filebeat
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-service-log-conf
+ configMap:
+ name: {{ include "common.fullname" . }}-service-log
+ restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/charts/aai-search-data/templates/secret.yaml b/charts/aai-search-data/templates/secret.yaml
new file mode 100644
index 0000000..ee32e19
--- /dev/null
+++ b/charts/aai-search-data/templates/secret.yaml
@@ -0,0 +1,40 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-keystone
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/auth/tomcat_keystore").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-policy
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/auth/search_policy.json").AsSecrets . | indent 2 }}
diff --git a/charts/aai-search-data/templates/service.yaml b/charts/aai-search-data/templates/service.yaml
new file mode 100644
index 0000000..a49553e
--- /dev/null
+++ b/charts/aai-search-data/templates/service.yaml
@@ -0,0 +1,39 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ clusterIP: None
diff --git a/charts/aai-search-data/values.yaml b/charts/aai-search-data/values.yaml
new file mode 100644
index 0000000..2a999b8
--- /dev/null
+++ b/charts/aai-search-data/values.yaml
@@ -0,0 +1,79 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Default values for search-data.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+global: # global defaults
+ nodePortPrefix: 302
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+
+
+# application image
+repository: nexus3.onap.org:10001
+image: onap/search-data-service:1.3.1
+pullPolicy: Always
+restartPolicy: Always
+flavor: small
+# application configuration
+config:
+ elasticsearchHttpPort: 9200
+ keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+ keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+
+service:
+ type: ClusterIP
+ portName: aai-search-data
+ internalPort: 9509
+
+ingress:
+ enabled: false
+
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 4Gi
+ requests:
+ cpu: 0.25
+ memory: 750Mi
+ large:
+ limits:
+ cpu: 4
+ memory: 8Gi
+ requests:
+ cpu: 0.5
+ memory: 1Gi
+ unlimited: {}
diff --git a/charts/aai-sparky-be/.helmignore b/charts/aai-sparky-be/.helmignore
new file mode 100644
index 0000000..daebc7d
--- /dev/null
+++ b/charts/aai-sparky-be/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/charts/aai-sparky-be/Chart.yaml b/charts/aai-sparky-be/Chart.yaml
new file mode 100644
index 0000000..e10a0b9
--- /dev/null
+++ b/charts/aai-sparky-be/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP AAI sparky-be
+name: aai-sparky-be
+version: 4.0.0
diff --git a/charts/aai-sparky-be/resources/config/application-oxm-default.properties b/charts/aai-sparky-be/resources/config/application-oxm-default.properties
new file mode 100644
index 0000000..67a22f7
--- /dev/null
+++ b/charts/aai-sparky-be/resources/config/application-oxm-default.properties
@@ -0,0 +1,16 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+oxm.apiVersion=v14
+oxm.apiVersionList=v8,v9,v10,v11,v12,v13,v14 \ No newline at end of file
diff --git a/charts/aai-sparky-be/resources/config/application-oxm-override.properties b/charts/aai-sparky-be/resources/config/application-oxm-override.properties
new file mode 100644
index 0000000..5c733e8
--- /dev/null
+++ b/charts/aai-sparky-be/resources/config/application-oxm-override.properties
@@ -0,0 +1,16 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+oxm.apiVersionOverride=v14
+oxm.apiVersionList=v8,v9,v10,v11,v12,v13,v14 \ No newline at end of file
diff --git a/charts/aai-sparky-be/resources/config/application-oxm-schema-prod.properties b/charts/aai-sparky-be/resources/config/application-oxm-schema-prod.properties
new file mode 100644
index 0000000..c7f6bbc
--- /dev/null
+++ b/charts/aai-sparky-be/resources/config/application-oxm-schema-prod.properties
@@ -0,0 +1,28 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+oxm.schemaNodeDir=/opt/app/sparky/onap/oxm
+#schemaServiceTranslator is used to define whether to retreive the oxm from schema service microservice or read from the disk, possible values are schema-service/config
+oxm.schemaServiceTranslatorList=config
+# The end point for onap is https://<hostname>:<port>/onap/schema-service/v1/
+oxm.schemaServiceBaseUrl=https://<schema-service/config>/aai/schema-service/v1/
+oxm.schemaServiceKeystore=file:${CONFIG_HOME}/auth/aai-client-cert.p12
+oxm.schemaServiceTruststore=file:${CONFIG_HOME}/auth/tomcat_keystore
+oxm.schemaServiceKeystorePassword=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o
+oxm.schemaServiceTruststorePassword=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o
+
+
+
+# Schema Service need this variable for the time being
+spring.applicationName=sparky
diff --git a/charts/aai-sparky-be/resources/config/application-resources.properties b/charts/aai-sparky-be/resources/config/application-resources.properties
new file mode 100644
index 0000000..cdd3d48
--- /dev/null
+++ b/charts/aai-sparky-be/resources/config/application-resources.properties
@@ -0,0 +1,20 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+resources.hostname=aai
+resources.port=8443
+resources.authType=SSL_BASIC
+resources.basicAuthUserName=aai@aai.onap.org
+resources.basicAuthPassword=1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek
+resources.trust-store=tomcat_keystore
diff --git a/charts/aai-sparky-be/resources/config/application-ssl.properties b/charts/aai-sparky-be/resources/config/application-ssl.properties
new file mode 100644
index 0000000..2ea1bf1
--- /dev/null
+++ b/charts/aai-sparky-be/resources/config/application-ssl.properties
@@ -0,0 +1,20 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+server.port=8000
+server.ssl.key-store=file:${CONFIG_HOME}/auth/org.onap.aai.p12
+server.ssl.key-store-password=OBF:1x0v1g131lps1cix1rjb1n5p22691qab1hm51hfc1i2t1lmr1liz1hyx1hfq1hn51qcr22651n5t1rh31cgl1lu61g2f1x1r
+server.ssl.enabled-protocols=TLSv1.1,TLSv1.2
+server.ssl.trust-store=file:${CONFIG_HOME}/auth/truststoreONAPall.jks
+server.ssl.trust-store-password=OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0
diff --git a/charts/aai-sparky-be/resources/config/application-sync.properties b/charts/aai-sparky-be/resources/config/application-sync.properties
new file mode 100644
index 0000000..4fb10a2
--- /dev/null
+++ b/charts/aai-sparky-be/resources/config/application-sync.properties
@@ -0,0 +1,6 @@
+aggregationSyncEnabled=true
+historicalEntitySyncEnabled=true
+autoSuggestSyncEnabled=true
+vnfAliasSyncEnabled=true
+geoSyncEnabled=true
+viewInspectSyncEnabled=true \ No newline at end of file
diff --git a/charts/aai-sparky-be/resources/config/application.properties b/charts/aai-sparky-be/resources/config/application.properties
new file mode 100644
index 0000000..108f9ef
--- /dev/null
+++ b/charts/aai-sparky-be/resources/config/application.properties
@@ -0,0 +1,35 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#
+# disable the default thyme leaf icon on web-pages
+#
+spring.mvc.favicon.enabled=false
+
+#
+# to switch to http, remove ssl and put http
+# and in the values.yaml change the internalPort to 9517
+#
+
+spring.profiles.active=camel,ssl,fe-prod,oxm-schema-prod,oxm-default,resources,sync,portal
+
+portal.cadiFileLocation={{.Values.config.cadiFileLocation}}
+portal.cadiFileLocation={{.Values.config.cadiFileLocation}}
+searchservice.hostname={{.Values.global.searchData.serviceName}}
+searchservice.port=9509
+searchservice.client-cert=client-cert-onap.p12
+searchservice.client-cert-password=1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+searchservice.truststore=tomcat_keystore
+
+schema.ingest.file=${CONFIG_HOME}/schemaIngest.properties
diff --git a/charts/aai-sparky-be/resources/config/auth/client-cert-onap.p12 b/charts/aai-sparky-be/resources/config/auth/client-cert-onap.p12
new file mode 100644
index 0000000..dbf4fca
--- /dev/null
+++ b/charts/aai-sparky-be/resources/config/auth/client-cert-onap.p12
Binary files differ
diff --git a/charts/aai-sparky-be/resources/config/auth/csp-cookie-filter.properties b/charts/aai-sparky-be/resources/config/auth/csp-cookie-filter.properties
new file mode 100644
index 0000000..6edc3d9
--- /dev/null
+++ b/charts/aai-sparky-be/resources/config/auth/csp-cookie-filter.properties
@@ -0,0 +1,26 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+global.login.url=aaiportal.onap.org
+
+# MOTS ID of the application
+application.id=12345
+
+# valid domains for open redirect
+redirect-domain=domain.com
+
+# Required by esGateKeeper. Valid values are:
+# DEVL - used during development
+# PROD - used in production
+gatekeeper.environment=TEST
diff --git a/charts/aai-sparky-be/resources/config/auth/org.onap.aai.p12 b/charts/aai-sparky-be/resources/config/auth/org.onap.aai.p12
new file mode 100644
index 0000000..71cea3e
--- /dev/null
+++ b/charts/aai-sparky-be/resources/config/auth/org.onap.aai.p12
Binary files differ
diff --git a/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/key.properties b/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/key.properties
new file mode 100644
index 0000000..67268e3
--- /dev/null
+++ b/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/key.properties
@@ -0,0 +1 @@
+cipher.enc.key=AGLDdG4D04BKm2IxIWEr8o==!
diff --git a/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties b/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties
new file mode 100644
index 0000000..546955f
--- /dev/null
+++ b/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties
@@ -0,0 +1,47 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+################################################################################
+############################## Portal properties ###############################
+################################################################################
+
+# Java class that implements the ECOMP role and user mgt API
+portal.api.impl.class = org.onap.aai.sparky.security.portal.PortalRestAPICentralServiceImpl
+
+# Instance of ECOMP Portal where the app has been on-boarded
+# use insecure http for dev purposes to avoid self-signed certificate
+ecomp_rest_url = http://portal-app.{{.Release.Namespace}}:8989/ONAPPORTAL/auxapi
+
+# Standard global logon page
+ecomp_redirect_url = http://portal-app.{{.Release.Namespace}}:8989/ONAPPORTAL/login.htm
+
+# Name of cookie to extract on login request
+csp_cookie_name = EPService
+# Alternate values: DEVL, V_DEVL, V_PROD
+csp_gate_keeper_prod_key = PROD
+
+# Toggles use of UEB
+ueb_listeners_enable = false
+# IDs application withing UEB flow
+ueb_app_key = ueb_key_7
+# Use this tag if the app is centralized
+role_access_centralized=remote
+
+# Connection and Read timeout values
+ext_req_connection_timeout=15000
+ext_req_read_timeout=20000
+
+#Add AAF namespace if the app is centralized
+auth_namespace={{.Values.config.aafNamespace}}
diff --git a/charts/aai-sparky-be/resources/config/portal/cadi.properties b/charts/aai-sparky-be/resources/config/portal/cadi.properties
new file mode 100644
index 0000000..41a49a0
--- /dev/null
+++ b/charts/aai-sparky-be/resources/config/portal/cadi.properties
@@ -0,0 +1,45 @@
+# Configure AAF
+aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095
+aaf_url=<%=https://AAF_LOCATE_URL/AAF_NS.service:2.0
+
+#aaf_url=https://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=2.0/envContext=TEST/routeOffer=BAU_SE
+# AAF Environment Designation
+
+#if you are running aaf service from a docker image you have to use aaf service IP and port number
+aaf_id={{.Values.config.aafUsername}}
+#Encrypt the password using AAF Jar
+aaf_password={{.Values.config.aafPassword}}
+# Sample CADI Properties, from CADI 1.4.2
+#hostname=org.onap.aai.orr
+csp_domain=PROD
+# Add Absolute path to Keyfile
+cadi_keyfile={{.Values.config.cadiKeyFile}}
+
+# This is required to accept Certificate Authentication from Certman certificates.
+# can be TEST, IST or PROD
+aaf_env=DEV
+
+# DEBUG prints off all the properties. Use to get started.
+cadi_loglevel=DEBUG
+
+# Add Absolute path to truststore2018.jks
+cadi_truststore={{.Values.config.cadiTrustStore}}
+# Note: This is the ONLY password that doesn't have to be encrypted. All Java's TrustStores are this passcode by default, because they are public certs
+cadi_truststore_password={{.Values.config.cadiTrustStorePassword}}
+
+# how to turn on SSL Logging
+#javax.net.debug=ssl
+
+# Use "maps.bing.com" to get Lat and Long for an Address
+AFT_LATITUDE=32.780140
+AFT_LONGITUDE=-96.800451
+AFT_ENVIRONMENT=AFTUAT
+AFT_DME2_CLIENT_IGNORE_SSL_CONFIG=true
+DME2.DEBUG=true
+AFT_DME2_HTTP_EXCHANGE_TRACE_ON=true
+
+cadi_latitude=32.780140
+cadi_longitude=-96.800451
+
+aaf_root_ns=com.att.aaf
+aaf_api_version=2.0
diff --git a/charts/aai-sparky-be/resources/config/portal/keyFile b/charts/aai-sparky-be/resources/config/portal/keyFile
new file mode 100644
index 0000000..921ce67
--- /dev/null
+++ b/charts/aai-sparky-be/resources/config/portal/keyFile
@@ -0,0 +1,27 @@
+77E_fh-8gTjeg8egAo-JgNkXYm1FGEBPMo44vKPgKyGCJj9Dn0xJqIBct2Ko35X4_HSU3wPq3I2q
+YHIvJCjmzXTVu2zvu4rIGTlwycTtLGDkgPyhOYFytv4GgazbpSs9331MPUeVVrdpkDCQmjtHSB4m
+DThhfEe2lkbZ35ljX3sVSf3JDy4ngRot0ktQwnnY4vxFdgVUl7LzVinXWgFLoqMyXmKh_bGw9aUH
+VMgqFsF_YmqLZY5ZARAraeywktvrU5kXYh5SnfXoJy7XIk0TBjHKqO-1mW-TcIgS3_v6GIGkZnpq
+e1FyE8cS21gTPFlc1KDoWUZE2yoEsQKJc4RFWfjid_mE6nckxym1TOsEn3G2_TlkZvliN_QMDB_c
+RuFLDB9HCChm4YYHpSn-RBqtJFz29bMTHQX8VNVfZ_Zhh-4dWOlEfpSzJvAqm_boo-8y8YDGIusx
+mvKyPXEKVCuBOljHaKhYg0d43nAXIFsssKpjmtQizA2L_TP1Mo_lDFIlCsPcRlHKTvzkTstEAhRj
+JnepzA--olBMwBkPxjm1Y5XQBGZH72i_o4Hr7_NqHb9sP486I2Nd1-owjHkhacGrLO1oORnuBUxp
+_SnaXYywe9tTz3BcfFupXSoDv4Sj7g9B53yPIWmjGggigidql3SNJsui6qOtwDHOejzEDFm23Lj7
+fXD6sb52U_ul9ahi4CoLTzpvMsPRYOqyRCk8K8FVBauZbG5D42oaFPn0S0rCSHOCU1TXbRdTF-Cs
+I2R0pEHNgb33yx6vtInaTSYIQ5cxa3XDA_50AQearV5SuYSlp8dK0BkpVCKgvSQdTn-2WiaV_hvO
+KzG7D2adT1kYY6TjYMXIaUiJ33y1XSNDG0s6r4NG5dNE6Jj7thdpnV-AAZoi0uZh1_bsHKLVmHRr
+NCXAc6DZm1D4N9y5lOJwUprUlJisZXLFTQThGMRY5dtiY_eK9Xjj4FQygXXhuhFXHz2-e4YApORv
+lXDcT29IZuuI1j26bxdNdhNr1wZsqqievBN6l6OQMiP21eIrxAUu1BEmiVOrfOzaEjxldDN2gFum
+4-zf9gsQT9UT8KEuOje64wVeHr09JpWuddV9HOAMvqc6mKTWmvUv_QiLgtK_b39QccMrOfOA1usM
+biRJ9wuTYIr584Q9CjHEcm5e2YufcbF-IDZ4IDui8gNXyYJuusTYdspeKzrtiLKfgI56ZWA3it9G
+SOkN18YyUmhk7HFkx9qEifb4UEbUQPb0dyXBRotf-91c5CPkct-36uV4sZBA_AR1tX3-aRKKB_SQ
+B0zaG-eaEdEqKv-ZYHqk23ZxiEsCX3ZdY7VSMWztE3_D5n8UgEl4et5LVfnjvU-arVVO93WUbXk0
+zi2QrOwytOZ0StAvFdF1nVwWllPg4EYcn8qLJIaaBRvLMlpHixtwRhltwJeMmJl3ExImOxNhVbhF
+6LxVXW6JK8JfMIwb_TE4EShDBjemq76BojQOwrO4OAyPG7B5iUtefdY-Zu1EtjXPhrUgljI_A1tg
+5_2WNjNTCT7Bvig3saFsIRi3cvgIcMAF2H7kJYw3UDvCFnx4LIom2u6vSeyatPxEOhRfpP0KvgEU
+koM9DFJW7VWQ11mB_DcU2NoYHdFKFy_cM62kIvoRwZTADGryEtkLSWEDT8MLpVrGXP2RjSZ3HHqC
+vVpVqQHC2VIqNKi2uHtYCiTEfj81Z0rCrnH3hYIRoOSe5W6m17xyb0RloG0G44uK0oNCfDYLwK0L
+TJaBdWSIBYI__ISsKx8o8r-3XLtbwQPPhv4-LpGwJYd7sIcqnpTYAyNGSrbEM4ECzHCH9Hwf9Duy
+cAQGWqXIbTV9i8ryw8OhcCZPTf3noPZyhzzdegiv6KNT-BBbxsgtDehtP-jvpd9eAhjlfUV_hoFJ
+rBUVMFrIOEDnnItVqBDmnavRdhn6N9ObVjVMv_4inhkvtpBCEVxtVQT2kFuBmZvPu_uHHbXi7_g8
+SVs3AjJ2ya3pZraK6gH3IOYoGtTAH3rKl7XdTMjqWnUCbhepuJqeEOF-DhpsEW7Oo0Lqzbjg \ No newline at end of file
diff --git a/charts/aai-sparky-be/resources/config/portal/portal-authentication.properties b/charts/aai-sparky-be/resources/config/portal/portal-authentication.properties
new file mode 100644
index 0000000..97b5399
--- /dev/null
+++ b/charts/aai-sparky-be/resources/config/portal/portal-authentication.properties
@@ -0,0 +1,31 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#####################################################################################
+############################## Portal Auth Properties ##############################
+#####################################################################################
+
+############################## Auth ##############################
+username={{.Values.config.portalUsername}}
+password={{.Values.config.portalPassword}}
+
+############################## ##############################
+#
+# ONAP Cookie Processing - During initial development, this flag, if true, will
+# prevent the portal interface's login processing from searching for a user
+# specific cookie, and will instead allow passage if a valid session cookie is discovered.
+onap_enabled={{.Values.config.portalOnapEnabled}}
+onap.user_id_cookie_name={{.Values.config.portalCookieName}}
+cookie_decryptor_classname={{.Values.config.cookieDecryptorClass}}
+app_roles={{.Values.config.portalAppRoles}}
diff --git a/charts/aai-sparky-be/resources/config/roles.config b/charts/aai-sparky-be/resources/config/roles.config
new file mode 100644
index 0000000..ee131d8
--- /dev/null
+++ b/charts/aai-sparky-be/resources/config/roles.config
@@ -0,0 +1,20 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+[
+ {
+ "id":1,
+ "name":"View"
+ }
+]
diff --git a/charts/aai-sparky-be/resources/config/users.config b/charts/aai-sparky-be/resources/config/users.config
new file mode 100644
index 0000000..ce69e88
--- /dev/null
+++ b/charts/aai-sparky-be/resources/config/users.config
@@ -0,0 +1,20 @@
+[{
+ "orgId": null,
+ "managerId": null,
+ "firstName": "Demo",
+ "middleInitial": null,
+ "lastName": "User",
+ "phone": null,
+ "email": "demo@email.com",
+ "hrid": null,
+ "orgUserId": "demo",
+ "orgCode": null,
+ "orgManagerUserId": null,
+ "jobTitle": null,
+ "loginId": "demo",
+ "active": false,
+ "roles": [{
+ "id": 1,
+ "name": "View"
+ }]
+}] \ No newline at end of file
diff --git a/charts/aai-sparky-be/templates/configmap.yaml b/charts/aai-sparky-be/templates/configmap.yaml
new file mode 100644
index 0000000..50238aa
--- /dev/null
+++ b/charts/aai-sparky-be/templates/configmap.yaml
@@ -0,0 +1,72 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-prop
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/application-resources.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/application-ssl.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/application-oxm-default.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/application-oxm-override.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/application-oxm-schema-prod.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/roles.config").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/users.config").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-portal
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/portal/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-portal-props
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/portal/BOOT-INF/classes/*").AsConfig . | indent 2 }}
diff --git a/charts/aai-sparky-be/templates/deployment.yaml b/charts/aai-sparky-be/templates/deployment.yaml
new file mode 100644
index 0000000..ee18d9b
--- /dev/null
+++ b/charts/aai-sparky-be/templates/deployment.yaml
@@ -0,0 +1,205 @@
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ name: {{ include "common.name" . }}
+ spec:
+ initContainers:
+ - command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - aai-elasticsearch
+ - --container-name
+ - aai-search-data
+ - --container-name
+ - aai
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-readiness
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /opt/app/sparky/config/auth/client-cert-onap.p12
+ name: {{ include "common.fullname" . }}-auth-config
+ subPath: client-cert-onap.p12
+
+ - mountPath: /opt/app/sparky/config/auth/csp-cookie-filter.properties
+ name: {{ include "common.fullname" . }}-auth-config
+ subPath: csp-cookie-filter.properties
+
+ - mountPath: /opt/app/sparky/config/auth/org.onap.aai.p12
+ name: {{ include "common.fullname" . }}-auth-config
+ subPath: org.onap.aai.p12
+
+ - mountPath: /opt/app/sparky/config/auth/truststoreONAPall.jks
+ name: aai-common-aai-auth-mount
+ subPath: truststoreONAPall.jks
+
+ - mountPath: /opt/app/sparky/config/portal/
+ name: {{ include "common.fullname" . }}-portal-config
+
+ - mountPath: /opt/app/sparky/config/portal/BOOT-INF/classes/
+ name: {{ include "common.fullname" . }}-portal-config-props
+
+ - mountPath: /var/log/onap
+ name: {{ include "common.fullname" . }}-logs
+
+ - mountPath: /opt/app/sparky/config/application.properties
+ name: {{ include "common.fullname" . }}-properties
+ subPath: application.properties
+
+ - mountPath: /opt/app/sparky/config/application-resources.properties
+ name: {{ include "common.fullname" . }}-properties
+ subPath: application-resources.properties
+
+ - mountPath: /opt/app/sparky/config/application-ssl.properties
+ name: {{ include "common.fullname" . }}-properties
+ subPath: application-ssl.properties
+
+ - mountPath: /opt/app/sparky/config/application-oxm-default.properties
+ name: {{ include "common.fullname" . }}-properties
+ subPath: application-oxm-default.properties
+
+ - mountPath: /opt/app/sparky/config/application-oxm-override.properties
+ name: {{ include "common.fullname" . }}-properties
+ subPath: application-oxm-override.properties
+
+ - mountPath: /opt/app/sparky/config/application-oxm-schema-prod.properties
+ name: {{ include "common.fullname" . }}-properties
+ subPath: application-oxm-schema-prod.properties
+
+ - mountPath: /opt/app/sparky/config/roles.config
+ name: {{ include "common.fullname" . }}-properties
+ subPath: roles.config
+
+ - mountPath: /opt/app/sparky/config/users.config
+ name: {{ include "common.fullname" . }}-properties
+ subPath: users.config
+
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end -}}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ resources:
+{{ include "common.resources" . }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
+
+ # side car containers
+ - name: filebeat-onap
+ image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: /usr/share/filebeat/filebeat.yml
+ subPath: filebeat.yml
+ name: filebeat-conf
+ - mountPath: /var/log/onap
+ name: {{ include "common.fullname" . }}-logs
+ - mountPath: /usr/share/filebeat/data
+ name: aai-sparky-filebeat
+ resources:
+{{ include "common.resources" . }}
+
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+
+ - name: {{ include "common.fullname" . }}-properties
+ configMap:
+ name: {{ include "common.fullname" . }}-prop
+
+ - name: {{ include "common.fullname" . }}-config
+ configMap:
+ name: {{ include "common.fullname" . }}
+
+ - name: {{ include "common.fullname" . }}-portal-config
+ configMap:
+ name: {{ include "common.fullname" . }}-portal
+
+ - name: {{ include "common.fullname" . }}-portal-config-props
+ configMap:
+ name: {{ include "common.fullname" . }}-portal-props
+
+ - name: {{ include "common.fullname" . }}-auth-config
+ secret:
+ secretName: {{ include "common.fullname" . }}
+
+ - name: aai-common-aai-auth-mount
+ secret:
+ secretName: aai-common-aai-auth
+
+ - name: filebeat-conf
+ configMap:
+ name: aai-filebeat
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ - name: aai-sparky-filebeat
+ emptyDir: {}
+ - name: modeldir
+ emptyDir: {}
+ restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/charts/aai-sparky-be/templates/secret.yaml b/charts/aai-sparky-be/templates/secret.yaml
new file mode 100644
index 0000000..6084ca3
--- /dev/null
+++ b/charts/aai-sparky-be/templates/secret.yaml
@@ -0,0 +1,27 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }}
diff --git a/charts/aai-sparky-be/templates/service.yaml b/charts/aai-sparky-be/templates/service.yaml
new file mode 100644
index 0000000..24ee69d
--- /dev/null
+++ b/charts/aai-sparky-be/templates/service.yaml
@@ -0,0 +1,38 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
diff --git a/charts/aai-sparky-be/values.yaml b/charts/aai-sparky-be/values.yaml
new file mode 100644
index 0000000..9755c8b
--- /dev/null
+++ b/charts/aai-sparky-be/values.yaml
@@ -0,0 +1,111 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Default values for sparky-be.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+global: # global defaults
+ nodePortPrefix: 302
+ aai:
+ serviceName: aai
+ aaiElasticsearch:
+ serviceName: aai-elasticsearch
+ gizmo:
+ serviceName: aai-gizmo
+ searchData:
+ serviceName: aai-search-data
+
+# application image
+repository: nexus3.onap.org:10001
+image: onap/sparky-be:1.4-STAGING-latest
+pullPolicy: Always
+restartPolicy: Always
+flavor: small
+dockerhubRepository: registry.hub.docker.com
+ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
+# application configuration
+config:
+ elasticsearchHttpPort: 9200
+ gerritBranch: 3.0.0-ONAP
+ gerritProject: http://gerrit.onap.org/r/aai/test-config
+ portalUsername: aaiui
+ portalPassword: OBF:1t2v1vfv1unz1vgz1t3b
+ portalCookieName: UserId
+ portalAppRoles: ui_view
+ aafUsername: aai@aai.onap.org
+ aafNamespace: org.onap.aai.aaiui
+ aafPassword: enc:xxYw1FqXU5UpianbPeH5Rezg0YfjzuwQrSiLcCmJGfz
+ cadiKeyFile: /opt/app/sparky/config/portal/keyFile
+ cadiTrustStore: /opt/app/sparky/config/auth/truststoreONAPall.jks
+ cadiFileLocation: /opt/app/sparky/config/portal/cadi.properties
+ cadiTrustStorePassword: changeit
+ cookieDecryptorClass: org.onap.aai.sparky.security.BaseCookieDecryptor
+
+# ONAP Cookie Processing - During initial development, the following flag, if true, will
+# prevent the portal interface's login processing from searching for a user
+# specific cookie, and will instead allow passage if a valid session cookie is discovered.
+ portalOnapEnabled: true
+#
+
+# override chart name (sparky-be) to share a common namespace
+# suffix with parent chart (aai)
+nsSuffix: aai
+
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+
+service:
+ type: NodePort
+ portName: aai-sparky-be
+ internalPort: 8000
+ nodePort: 20
+
+ingress:
+ enabled: false
+
+# Configure resource requests and limits
+# ref: http://kubernetes.io/docs/user-guide/compute-resources/
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 4Gi
+ requests:
+ cpu: 0.25
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 8Gi
+ requests:
+ cpu: 0.5
+ memory: 2Gi
+ unlimited: {}
diff --git a/charts/aai-spike/Chart.yaml b/charts/aai-spike/Chart.yaml
new file mode 100644
index 0000000..587b84c
--- /dev/null
+++ b/charts/aai-spike/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2018 Amdocs, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP AAI Spike microservice
+name: aai-spike
+version: 4.0.0 \ No newline at end of file
diff --git a/charts/aai-spike/requirements.yaml b/charts/aai-spike/requirements.yaml
new file mode 100644
index 0000000..8915b75
--- /dev/null
+++ b/charts/aai-spike/requirements.yaml
@@ -0,0 +1,21 @@
+# Copyright © 2018 Amdocs, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~4.x-0
+ # local reference to common chart, as it is
+ # a part of this chart's package and will not
+ # be published independently to a repo (at this point)
+ repository: '@local'
diff --git a/charts/aai-spike/resources/config/auth/client-cert.p12 b/charts/aai-spike/resources/config/auth/client-cert.p12
new file mode 100644
index 0000000..d9fe86e
--- /dev/null
+++ b/charts/aai-spike/resources/config/auth/client-cert.p12
Binary files differ
diff --git a/charts/aai-spike/resources/config/auth/tomcat_keystore b/charts/aai-spike/resources/config/auth/tomcat_keystore
new file mode 100644
index 0000000..025f3c4
--- /dev/null
+++ b/charts/aai-spike/resources/config/auth/tomcat_keystore
Binary files differ
diff --git a/charts/aai-spike/resources/config/edgeprops-ingest.properties b/charts/aai-spike/resources/config/edgeprops-ingest.properties
new file mode 100644
index 0000000..b0a3150
--- /dev/null
+++ b/charts/aai-spike/resources/config/edgeprops-ingest.properties
@@ -0,0 +1,23 @@
+#
+# ============LICENSE_START=======================================================
+# org.onap.aai
+# ================================================================================
+# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
+# Copyright © 2018 Amdocs
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+#
+
+# DB Edge Property files are copied here:
+edgePropsDir=/opt/app/spike/config/model/edge_props
diff --git a/charts/aai-spike/resources/config/logback.xml b/charts/aai-spike/resources/config/logback.xml
new file mode 100644
index 0000000..e40ba13
--- /dev/null
+++ b/charts/aai-spike/resources/config/logback.xml
@@ -0,0 +1,194 @@
+<!--
+ ============LICENSE_START=======================================================
+ org.onap.aai
+ ================================================================================
+ Copyright © 2018 AT&T Intellectual Property. All rights reserved.
+ Copyright © 2018 Amdocs
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END=========================================================
+-->
+<configuration scan="true" scanPeriod="3 seconds" debug="false">
+ <!--<jmxConfigurator /> -->
+ <!-- directory path for all other type logs -->
+
+ <property name="logDir" value="/var/log/onap" />
+
+ <!-- specify the component name
+ <ECOMP-component-name>::= "MSO" | "DCAE" | "ASDC " | "AAI" |"Policy" | "SDNC" | "AC" -->
+ <property name="componentName" value="AAI-SPK" />
+
+ <!-- default eelf log file names -->
+ <property name="generalLogName" value="error" />
+ <property name="metricsLogName" value="metrics" />
+ <property name="auditLogName" value="audit" />
+ <property name="debugLogName" value="debug" />
+
+ <property name="errorLogPattern" value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{RequestId}|%thread|Spike|%mdc{PartnerName}|%logger||%.-5level|%msg%n" />
+ <property name="auditMetricPattern" value="%m%n" />
+
+ <property name="logDirectory" value="${logDir}/${componentName}" />
+
+ <!-- Example evaluator filter applied against console appender -->
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>${errorLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <!-- ============================================================================ -->
+ <!-- EELF Appenders -->
+ <!-- ============================================================================ -->
+
+ <!-- The EELFAppender is used to record events to the general application
+ log -->
+
+ <appender name="EELF"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${generalLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip
+ </fileNamePattern>
+ <maxHistory>60</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${errorLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender">
+ <!-- deny all events with a level below INFO, that is TRACE and DEBUG -->
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>INFO</level>
+ </filter>
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELF" />
+ </appender>
+
+ <!-- EELF Audit Appender. This appender is used to record audit engine
+ related logging events. The audit logger and appender are specializations
+ of the EELF application root logger and appender. This can be used to segregate
+ Policy engine events from other components, or it can be eliminated to record
+ these events as part of the application root log. -->
+
+ <appender name="EELFAudit"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${auditLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip
+ </fileNamePattern>
+ <maxHistory>60</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${auditMetricPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFAudit" />
+ </appender>
+
+ <appender name="EELFMetrics"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${metricsLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip
+ </fileNamePattern>
+ <maxHistory>60</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} -
+ %msg%n"</pattern> -->
+ <pattern>${auditMetricPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFMetrics"/>
+ </appender>
+
+ <appender name="EELFDebug"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${debugLogName}.log</file>
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip
+ </fileNamePattern>
+ <maxHistory>60</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${errorLogPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFDebug" />
+ <includeCallerData>false</includeCallerData>
+ </appender>
+
+ <!-- ============================================================================ -->
+ <!-- EELF loggers -->
+ <!-- ============================================================================ -->
+ <logger name="com.att.eelf" level="info" additivity="false">
+ <appender-ref ref="asyncEELF" />
+ <appender-ref ref="asyncEELFDebug" />
+ </logger>
+
+ <logger name="com.att.eelf.audit" level="info" additivity="false">
+ <appender-ref ref="asyncEELFAudit" />
+ </logger>
+ <logger name="com.att.eelf.metrics" level="info" additivity="false">
+ <appender-ref ref="asyncEELFMetrics" />
+ </logger>
+
+ <!-- Spring related loggers -->
+ <logger name="org.springframework" level="WARN" />
+ <logger name="org.springframework.beans" level="WARN" />
+ <logger name="org.springframework.web" level="WARN" />
+ <logger name="com.blog.spring.jms" level="WARN" />
+
+ <!-- Spike service loggers -->
+ <logger name="org.onap.aai.spike" level="INFO" />
+
+ <!-- Other Loggers that may help troubleshoot -->
+ <logger name="net.sf" level="WARN" />
+ <logger name="org.apache" level="WARN" />
+ <logger name="org.apache.commons.httpclient" level="WARN" />
+ <logger name="org.apache.commons" level="WARN" />
+ <logger name="org.apache.coyote" level="WARN" />
+ <logger name="org.apache.jasper" level="WARN" />
+
+ <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging.
+ May aid in troubleshooting) -->
+ <logger name="org.apache.camel" level="WARN" />
+ <logger name="org.apache.cxf" level="WARN" />
+ <logger name="org.apache.camel.processor.interceptor" level="WARN" />
+ <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" />
+ <logger name="org.apache.cxf.service" level="WARN" />
+ <logger name="org.restlet" level="WARN" />
+ <logger name="org.apache.camel.component.restlet" level="WARN" />
+
+ <!-- logback internals logging -->
+ <logger name="ch.qos.logback.classic" level="WARN" />
+ <logger name="ch.qos.logback.core" level="WARN" />
+
+ <root>
+ <appender-ref ref="asyncEELF" />
+ <!-- <appender-ref ref="asyncEELFDebug" /> -->
+ </root>
+
+</configuration>
diff --git a/charts/aai-spike/resources/config/model/edge_props/edge_properties_v10.json b/charts/aai-spike/resources/config/model/edge_props/edge_properties_v10.json
new file mode 100644
index 0000000..7cbddae
--- /dev/null
+++ b/charts/aai-spike/resources/config/model/edge_props/edge_properties_v10.json
@@ -0,0 +1,10 @@
+{
+ "isParent":"java.lang.Boolean",
+ "isParent-REV":"java.lang.Boolean",
+ "usesResource":"java.lang.Boolean",
+ "usesResource-REV":"java.lang.Boolean",
+ "SVC-INFRA":"java.lang.Boolean",
+ "SVC-INFRA-REV":"java.lang.Boolean",
+ "hasDelTarget":"java.lang.Boolean",
+ "hasDelTarget-REV":"java.lang.Boolean"
+}
diff --git a/charts/aai-spike/resources/config/model/edge_props/edge_properties_v11.json b/charts/aai-spike/resources/config/model/edge_props/edge_properties_v11.json
new file mode 100644
index 0000000..8d00636
--- /dev/null
+++ b/charts/aai-spike/resources/config/model/edge_props/edge_properties_v11.json
@@ -0,0 +1,6 @@
+{
+ "contains-other-v": "java.lang.String",
+ "delete-other-v": "java.lang.String",
+ "SVC-INFRA": "java.lang.String",
+ "prevent-delete": "java.lang.String"
+} \ No newline at end of file
diff --git a/charts/aai-spike/resources/config/model/edge_props/edge_properties_v12.json b/charts/aai-spike/resources/config/model/edge_props/edge_properties_v12.json
new file mode 100644
index 0000000..8d00636
--- /dev/null
+++ b/charts/aai-spike/resources/config/model/edge_props/edge_properties_v12.json
@@ -0,0 +1,6 @@
+{
+ "contains-other-v": "java.lang.String",
+ "delete-other-v": "java.lang.String",
+ "SVC-INFRA": "java.lang.String",
+ "prevent-delete": "java.lang.String"
+} \ No newline at end of file
diff --git a/charts/aai-spike/resources/config/model/edge_props/edge_properties_v13.json b/charts/aai-spike/resources/config/model/edge_props/edge_properties_v13.json
new file mode 100644
index 0000000..8d00636
--- /dev/null
+++ b/charts/aai-spike/resources/config/model/edge_props/edge_properties_v13.json
@@ -0,0 +1,6 @@
+{
+ "contains-other-v": "java.lang.String",
+ "delete-other-v": "java.lang.String",
+ "SVC-INFRA": "java.lang.String",
+ "prevent-delete": "java.lang.String"
+} \ No newline at end of file
diff --git a/charts/aai-spike/resources/config/model/edge_props/edge_properties_v14.json b/charts/aai-spike/resources/config/model/edge_props/edge_properties_v14.json
new file mode 100644
index 0000000..8d00636
--- /dev/null
+++ b/charts/aai-spike/resources/config/model/edge_props/edge_properties_v14.json
@@ -0,0 +1,6 @@
+{
+ "contains-other-v": "java.lang.String",
+ "delete-other-v": "java.lang.String",
+ "SVC-INFRA": "java.lang.String",
+ "prevent-delete": "java.lang.String"
+} \ No newline at end of file
diff --git a/charts/aai-spike/resources/config/model/edge_props/edge_properties_v15.json b/charts/aai-spike/resources/config/model/edge_props/edge_properties_v15.json
new file mode 100644
index 0000000..8d00636
--- /dev/null
+++ b/charts/aai-spike/resources/config/model/edge_props/edge_properties_v15.json
@@ -0,0 +1,6 @@
+{
+ "contains-other-v": "java.lang.String",
+ "delete-other-v": "java.lang.String",
+ "SVC-INFRA": "java.lang.String",
+ "prevent-delete": "java.lang.String"
+} \ No newline at end of file
diff --git a/charts/aai-spike/resources/config/model/edge_props/edge_properties_v7.json b/charts/aai-spike/resources/config/model/edge_props/edge_properties_v7.json
new file mode 100644
index 0000000..7cbddae
--- /dev/null
+++ b/charts/aai-spike/resources/config/model/edge_props/edge_properties_v7.json
@@ -0,0 +1,10 @@
+{
+ "isParent":"java.lang.Boolean",
+ "isParent-REV":"java.lang.Boolean",
+ "usesResource":"java.lang.Boolean",
+ "usesResource-REV":"java.lang.Boolean",
+ "SVC-INFRA":"java.lang.Boolean",
+ "SVC-INFRA-REV":"java.lang.Boolean",
+ "hasDelTarget":"java.lang.Boolean",
+ "hasDelTarget-REV":"java.lang.Boolean"
+}
diff --git a/charts/aai-spike/resources/config/model/edge_props/edge_properties_v8.json b/charts/aai-spike/resources/config/model/edge_props/edge_properties_v8.json
new file mode 100644
index 0000000..7cbddae
--- /dev/null
+++ b/charts/aai-spike/resources/config/model/edge_props/edge_properties_v8.json
@@ -0,0 +1,10 @@
+{
+ "isParent":"java.lang.Boolean",
+ "isParent-REV":"java.lang.Boolean",
+ "usesResource":"java.lang.Boolean",
+ "usesResource-REV":"java.lang.Boolean",
+ "SVC-INFRA":"java.lang.Boolean",
+ "SVC-INFRA-REV":"java.lang.Boolean",
+ "hasDelTarget":"java.lang.Boolean",
+ "hasDelTarget-REV":"java.lang.Boolean"
+}
diff --git a/charts/aai-spike/resources/config/model/edge_props/edge_properties_v9.json b/charts/aai-spike/resources/config/model/edge_props/edge_properties_v9.json
new file mode 100644
index 0000000..7cbddae
--- /dev/null
+++ b/charts/aai-spike/resources/config/model/edge_props/edge_properties_v9.json
@@ -0,0 +1,10 @@
+{
+ "isParent":"java.lang.Boolean",
+ "isParent-REV":"java.lang.Boolean",
+ "usesResource":"java.lang.Boolean",
+ "usesResource-REV":"java.lang.Boolean",
+ "SVC-INFRA":"java.lang.Boolean",
+ "SVC-INFRA-REV":"java.lang.Boolean",
+ "hasDelTarget":"java.lang.Boolean",
+ "hasDelTarget-REV":"java.lang.Boolean"
+}
diff --git a/charts/aai-spike/resources/config/schema-ingest.properties b/charts/aai-spike/resources/config/schema-ingest.properties
new file mode 100644
index 0000000..1569761
--- /dev/null
+++ b/charts/aai-spike/resources/config/schema-ingest.properties
@@ -0,0 +1,65 @@
+#
+# ============LICENSE_START=======================================================
+# org.onap.aai
+# ================================================================================
+# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
+# Copyright © 2018 Amdocs
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+#
+
+#######################################
+# Schema Version Related Attributes
+#######################################
+schema.uri.base.path=/aai
+# Lists all of the versions in the schema
+schema.version.list=v10,v11,v12,v13,v14,v15
+# Specifies from which version should the depth parameter to default to zero
+schema.version.depth.start=v10
+# Specifies from which version should the related link be displayed in response payload
+schema.version.related.link.start=v10
+# Specifies from which version should the client see only the uri excluding host info
+# Before this version server base will also be included
+schema.version.app.root.start=v11
+# Specifies from which version should the namespace be changed
+schema.version.namespace.change.start=v11
+# Specifies from which version should the client start seeing the edge label in payload
+schema.version.edge.label.start=v12
+# Specifies the version that the application should default to
+schema.version.api.default=v15
+
+#######################################
+# Schema Location Related Attributes
+#######################################
+schema.configuration.location=NA
+schema.nodes.location=/opt/app/spike/bundleconfig/etc/onap/oxm
+schema.edges.location=/opt/app/spike/bundleconfig/etc/onap/dbedgerules
+
+###############################################################################
+# Schema Service Related Attributes
+###############################################################################
+# Specifies whether to use the schema service (schema-service) or local schema files (config)
+schema.translator.list=config
+
+schema.service.base.url=https://<host>:8452/aai/schema-service/v1/
+schema.service.nodes.endpoint=nodes?version=
+schema.service.edges.endpoint=edgerules?version=
+schema.service.versions.endpoint=versions
+
+#Default rest client is the two-way-ssl
+schema.service.client=two-way-ssl
+#Replace the below with the A&AI client key store
+schema.service.ssl.key-store=${CONFIG_HOME}/auth/client-cert.p12
+#Replace the below with the A&AI tomcat trust store
+schema.service.ssl.trust-store=${CONFIG_HOME}/auth/tomcat_keystore
diff --git a/charts/aai-spike/resources/config/spike-beans.xml b/charts/aai-spike/resources/config/spike-beans.xml
new file mode 100644
index 0000000..50be8cb
--- /dev/null
+++ b/charts/aai-spike/resources/config/spike-beans.xml
@@ -0,0 +1,62 @@
+<!--
+ ============LICENSE_START=======================================================
+ org.onap.aai
+ ================================================================================
+ Copyright © 2018 AT&T Intellectual Property. All rights reserved.
+ Copyright © 2018 Amdocs
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END=========================================================
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:util="http://www.springframework.org/schema/util"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/beans
+ http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/util
+ http://www.springframework.org/schema/util/spring-util.xsd">
+
+ <bean id="eventConsumer" class="org.onap.aai.event.client.DMaaPEventConsumer">
+ <constructor-arg name="host" value="message-router.{{.Release.Namespace}}:{{.Values.event.port.dmaap}}" />
+ <constructor-arg name="topic" value="{{.Values.event.consumer.topic}}" />
+ <constructor-arg name="username" value="" />
+ <constructor-arg name="password" value="" />
+ <constructor-arg name="consumerGroup" value="spike" />
+ <constructor-arg name="consumerId" value="spike" />
+ <constructor-arg name="timeoutMs" value="1000" />
+ <constructor-arg name="messageLimit" value="100" />
+ <constructor-arg name="transportType" value="HTTPAUTH" />
+ <constructor-arg name="protocol" value="{{.Values.event.protocol}}" />
+ <constructor-arg name="filter"><null /></constructor-arg>
+ </bean>
+
+ <bean id="eventPublisher" class="org.onap.aai.event.client.DMaaPEventPublisher" >
+ <constructor-arg name="host" value="message-router.{{.Release.Namespace}}:{{.Values.event.port.dmaap}}" />
+ <constructor-arg name="topic" value="{{.Values.event.publisher.topic}}" />
+ <constructor-arg name="username" value="" />
+ <constructor-arg name="password" value="" />
+ <constructor-arg name="maxBatchSize" value="100" />
+ <constructor-arg name="maxAgeMs" value="250" />
+ <constructor-arg name="delayBetweenBatchesMs" value="50" />
+ <constructor-arg name="transportType" value="HTTPAUTH" />
+ <constructor-arg name="protocol" value="{{.Values.event.protocol}}" />
+ <constructor-arg name="contentType" value="application/json" />
+ </bean>
+
+ <bean id="spikeService" class="org.onap.aai.spike.service.SpikeService" init-method="startup">
+ <constructor-arg ref="eventConsumer" />
+ <constructor-arg ref="eventPublisher" />
+ </bean>
+
+</beans>
diff --git a/charts/aai-spike/resources/config/spike.properties b/charts/aai-spike/resources/config/spike.properties
new file mode 100644
index 0000000..c3ba4a3
--- /dev/null
+++ b/charts/aai-spike/resources/config/spike.properties
@@ -0,0 +1,28 @@
+#
+# ============LICENSE_START=======================================================
+# org.onap.aai
+# ================================================================================
+# Copyright © 2018 AT&T Intellectual Property. All rights reserved.
+# Copyright © 2018 Amdocs
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+#
+
+# Spike configuration
+
+spike.event.poll.interval=30000
+spike.event.offset.period= 10000
+spike.event.queue.capacity=10000
+spike.event.queue.delay=10000
+spike.props.reserved=source-of-truth,last-mod-source-of-truth,aai-created-ts,aai-last-mod-ts
diff --git a/charts/aai-spike/templates/configmap.yaml b/charts/aai-spike/templates/configmap.yaml
new file mode 100644
index 0000000..ebd4fb0
--- /dev/null
+++ b/charts/aai-spike/templates/configmap.yaml
@@ -0,0 +1,39 @@
+# Copyright © 2018 Amdocs, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-edge-props-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/model/edge_props/*").AsConfig . | indent 2 }}
diff --git a/charts/aai-spike/templates/deployment.yaml b/charts/aai-spike/templates/deployment.yaml
new file mode 100644
index 0000000..c962f1d
--- /dev/null
+++ b/charts/aai-spike/templates/deployment.yaml
@@ -0,0 +1,166 @@
+# Copyright © 2018 Amdocs, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ initContainers:
+ - command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - message-router-kafka
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-readiness
+ containers:
+ - name: {{ .Chart.Name }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{ if .Values.liveness.enabled }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end }}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ env:
+ - name: CONFIG_HOME
+ value: /opt/app/spike/config
+ - name: KEY_STORE_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}-pass
+ key: KEY_STORE_PASSWORD
+ - name: KEY_MANAGER_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "common.fullname" . }}-pass
+ key: KEY_MANAGER_PASSWORD
+ - name: SERVICE_BEANS
+ value: /opt/app/spike/dynamic/conf
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /opt/app/spike/config/auth
+ name: {{ include "common.fullname" . }}-secrets
+ - mountPath: /opt/app/spike/dynamic/conf/spike-beans.xml
+ name: {{ include "common.fullname" . }}-config
+ subPath: spike-beans.xml
+ - mountPath: /opt/app/spike/config/spike.properties
+ subPath: spike.properties
+ name: {{ include "common.fullname" . }}-config
+ - mountPath: /opt/app/spike/config/schema-ingest.properties
+ subPath: schema-ingest.properties
+ name: {{ include "common.fullname" . }}-config
+ - mountPath: /opt/app/spike/config/edgeprops-ingest.properties
+ subPath: edgeprops-ingest.properties
+ name: {{ include "common.fullname" . }}-config
+ - mountPath: /opt/app/spike/config/model/edge_props
+ name: {{ include "common.fullname" . }}-edge-props-config
+ - mountPath: /opt/app/spike/bundleconfig/etc/logback.xml
+ name: {{ include "common.fullname" . }}-config
+ subPath: logback.xml
+ - mountPath: /var/log/onap
+ name: {{ include "common.fullname" . }}-logs
+ resources:
+{{ include "common.resources" . }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
+
+ # side car containers
+ - name: filebeat-onap
+ image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: /usr/share/filebeat/filebeat.yml
+ subPath: filebeat.yml
+ name: filebeat-conf
+ - mountPath: /var/log/onap
+ name: {{ include "common.fullname" . }}-logs
+ - mountPath: /usr/share/filebeat/data
+ name: aai-filebeat
+ resources:
+{{ include "common.resources" . }}
+
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: {{ include "common.fullname" . }}-secrets
+ secret:
+ secretName: {{ include "common.fullname" . }}-spike-secrets
+ - name: {{ include "common.fullname" . }}-config
+ configMap:
+ name: {{ include "common.fullname" . }}-configmap
+ items:
+ - key: spike.properties
+ path: spike.properties
+ - key: spike-beans.xml
+ path: spike-beans.xml
+ - key: schema-ingest.properties
+ path: schema-ingest.properties
+ - key: edgeprops-ingest.properties
+ path: edgeprops-ingest.properties
+ - key: logback.xml
+ path: logback.xml
+ - name: {{ include "common.fullname" . }}-edge-props-config
+ configMap:
+ name: {{ include "common.fullname" . }}-edge-props-configmap
+ - name: filebeat-conf
+ configMap:
+ name: aai-filebeat
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ - name: aai-filebeat
+ emptyDir: {}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/charts/aai-spike/templates/secrets.yaml b/charts/aai-spike/templates/secrets.yaml
new file mode 100644
index 0000000..510805d
--- /dev/null
+++ b/charts/aai-spike/templates/secrets.yaml
@@ -0,0 +1,42 @@
+# Copyright © 2018 Amdocs, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-spike-secrets
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-pass
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+ KEY_STORE_PASSWORD: {{ .Values.config.keyStorePassword | b64enc | quote }}
+ KEY_MANAGER_PASSWORD: {{ .Values.config.keyManagerPassword | b64enc | quote }}
diff --git a/charts/aai-spike/templates/service.yaml b/charts/aai-spike/templates/service.yaml
new file mode 100644
index 0000000..745c73b
--- /dev/null
+++ b/charts/aai-spike/templates/service.yaml
@@ -0,0 +1,39 @@
+# Copyright © 2018 Amdocs, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort}}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort}}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
diff --git a/charts/aai-spike/values.yaml b/charts/aai-spike/values.yaml
new file mode 100644
index 0000000..fbe09f7
--- /dev/null
+++ b/charts/aai-spike/values.yaml
@@ -0,0 +1,88 @@
+# Copyright © 2018 Amdocs, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ readinessImage: readiness-check:2.0.2
+ loggingImage: beats/filebeat:5.5.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+
+# application image
+image: onap/spike:1.4-STAGING-latest
+flavor: small
+# application configuration
+config:
+ keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+ keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: false
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+
+service:
+ type: NodePort
+ portName: spike
+ externalPort: 9518
+ internalPort: 9518
+ nodePort: 39
+
+ingress:
+ enabled: false
+
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 4Gi
+ requests:
+ cpu: 0.5
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 8Gi
+ requests:
+ cpu: 1
+ memory: 1536Mi
+ unlimited: {}
+
+# XML bean configuration
+event:
+ port:
+ dmaap: 3905
+ protocol: https
+ consumer:
+ topic: champRawEvents
+ publisher:
+ topic: spikeEvents
diff --git a/charts/aai-traversal/.helmignore b/charts/aai-traversal/.helmignore
new file mode 100644
index 0000000..daebc7d
--- /dev/null
+++ b/charts/aai-traversal/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/charts/aai-traversal/Chart.yaml b/charts/aai-traversal/Chart.yaml
new file mode 100644
index 0000000..0470d0a
--- /dev/null
+++ b/charts/aai-traversal/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP AAI traversal
+name: aai-traversal
+version: 4.0.0
diff --git a/charts/aai-traversal/resources/config/aaf/bath_config.csv b/charts/aai-traversal/resources/config/aaf/bath_config.csv
new file mode 100644
index 0000000..60a8fb5
--- /dev/null
+++ b/charts/aai-traversal/resources/config/aaf/bath_config.csv
@@ -0,0 +1,33 @@
+# AAI -> aai@aai.onap.org
+Basic QUFJOkFBSQ==,Basic YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03
+
+# ModelLoader -> aai@aai.onap.org
+Basic TW9kZWxMb2FkZXI6TW9kZWxMb2FkZXI=,Basic YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03
+
+# AaiUI -> aai@aai.onap.org,
+Basic QWFpVUk6QWFpVUk=,Basic YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03
+
+# MSO -> so@so.onap.org
+Basic TVNPOk1TTw==,Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1NiE=,2050-03-03
+
+# SDNC -> sdnc@sdnc.onap.org
+Basic U0ROQzpTRE5D,Basic c2RuY0BzZG5jLm9uYXAub3JnOmRlbW8xMjM0NTYh,2050-03-03
+
+# DCAE -> dcae@dcae.onap.org
+Basic RENBRTpEQ0FF,Basic ZGNhZUBkY2FlLm9uYXAub3JnOmRlbW8xMjM0NTYh,2050-03-03
+
+# POLICY -> policy@policy.onap.org
+Basic UE9MSUNZOlBPTElDWQ==,Basic cG9saWN5QHBvbGljeS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03
+
+# ASDC -> sdc@sdc.onap.org
+Basic QVNEQzpBU0RD,Basic c2RjQHNkYy5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03
+
+# VID -> vid@vid.onap.org
+Basic VklEOlZJRA==,Basic dmlkQHZpZC5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03
+
+# APPC -> appc@appc.onap.org
+Basic QVBQQzpBUFBD,Basic YXBwY0BhcHBjLm9uYXAub3JnOmRlbW8xMjM0NTYh,2050-03-03
+
+# OOF -> oof@oof.onap.org
+Basic T09GOk9PRg==,Basic b29mQG9vZi5vbmFwLm9yZzpkZW1vMTIzNDQ2IQ==,2050-03-03
+
diff --git a/charts/aai-traversal/resources/config/aaf/cadi.properties b/charts/aai-traversal/resources/config/aaf/cadi.properties
new file mode 100644
index 0000000..9523367
--- /dev/null
+++ b/charts/aai-traversal/resources/config/aaf/cadi.properties
@@ -0,0 +1,8 @@
+
+cadi_loglevel=INFO
+cadi_prop_files=/opt/app/aai-traversal/resources/aaf/org.osaaf.location.props:/opt/app/aai-traversal/resources/aaf/org.onap.aai.props
+
+# OAuth2
+aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token
+aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect
+
diff --git a/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile b/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile
new file mode 100644
index 0000000..8721938
--- /dev/null
+++ b/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile
@@ -0,0 +1,27 @@
+yf1wUdfxbhVQQq5UF8hzWB_01VVrRIkC8BaLT7NMTrmv30RsMj3lvlaX3_CnVC1emYgmiUfWnT7k
+brk0m-URJAKM8Pm6PrnOyKlx3U7NS8HVcFdKpVm_bx0CFsA3eY2NGe-D0gd35V1MohCbABZ8G2a6
+AgE7QmToHCwclXW_goK5P7lmJX1HaMVAIydMreP1m9sSR4UboRlvkH6VsMM1H1Y9ZhhXF--RkWAM
+EcIspNTQE4ef3ZvYtSzuWssGZP8Hjo4XJlXz1uCSkyczw0IR19n-lspF9S0cIMro6QqvJsyjyjRo
+UdYgxdwmQ_st4P43TZ8YEBQyE8r7VUoh_EqUx9ldilxGA0kBOQcTdtd805Kf98grXiQXeT-8UD1L
+02aLzbz8Md7f8foGS1oGLfoImdjYCzOOZs3qHmKSb6YoHY8VcBCxIEfCznYl8wLYLRsSZ0tV4SAM
+qCM_KHOM0HOZrNfSSAW5ZVZb67U9NI9SLFRV8gkmqxMspfjSLJCyHhq0D6RMECSpeAeVgoh6SWDw
+mBSXunY5ZWVzdUyEezjCcl3NqTahrlfMSV5xkfUmSNFe_WW9rIXF0vD6MHAEW62yA1OA8WoMUqp2
+VKkUzWGVGAdMvbU52D6hqmGXER44kxAHVgEwPdhQhqgk4BpjR2v9ozQ6E_xNGkSRnriNB-H6BSN0
+vZa0pNJfvmBCjwGeoyRbCJrN1grLoDHQ3_6g-IwsD3NugKp6SHxUgfiPAUMGz-J2ZdbAlU0SNQgM
+8gn6_cOaXvhqHBwh9SfT4jXyuCJru0zw3pyOjuw6fLMezvJDPvFfIgWllzc2IQ7_bufMZgCr2yAe
+O-nBzsXK8aqItzCti53sZLSM1YC6OuRaiIt2i0yTVa7koFYSFhyELqEco5cFKMs0c6SrgIxnRrBT
+x0RPXIyLdiRr76uP2wxL8KDfJ1vbCKi1xkZRchvQfm3ssgpzXVz8lnZ-HxacEhhAfGdDV56ZgRhu
+5UVQd2RdP9JVpnXRJPhVwlQeQlrIXWHp01efBPRMTZQd2lpaNqn5v5chzpi9bbM3P3-BLxnN2NID
+dv1E9Ox7MH-m3IQT9yFUi-UrDxAId4dnpgeCvyxhfnc1HJ9B71x9wmryC9PJWiKs3K-T_eC9pR4o
+eN5PUZZ7arwdMUmzqKPNAtyMqaJCWfD3GZ1KsC8OV5Ze0DRQZPeT3IHg2BUC1NGj2SdjcwaGP_zl
+uytFZWN7kQjnI4brorkO_jzjf7SEPCO7Vy2Z2vikIv7O8bSWZWDGYCcxUoYigFYcjZFirRYr3Yvl
+YZU-F_qh6ZvrVxStSpz6iYDAzPW9v4ZyLSHyWe5H2AN89uRdnvag1769KpjsmGVYbn5jabgCJFs8
+EL7rxymrXri5cKsGH8XC1E0a-kP6vvhdHJhx5eFsFmKJaWh3RCJ8_I5CSzSRsK8JvE1Z6nGFn_SI
+dpeNjf66lbm4y68loUh5Q4BDce3YaCT1gHmluBzXnv1vFzuvJ2jcVyq-nUDjdTqvM9okW8Prmt7l
+ttQ3MVZI4rd-tXJfV4lxaI6wF4LIwiMJmY2tiCHoJ5nbLfHvMG7G5K1NAbizPltQxURPiMPZeCDZ
+15SXI9vdCR-FyQikzp1hUUMMqz231-6BDDTKMOXpicQRQ0CHpEfxY4Rq3mu0QmRi-EIs6JAzfuLi
+ba7fbfHnkhl3GWkj0CVZD8uDbzJceSTHICqVt-3qECUSG3ZfsuebWAEWED_xQoXyAL7kK8fMOPwl
+m6qEk4z7boiJSrcQ2ZIdyPs2bZNvlv4wYg0F3BhFf2HeCYwR3BKXQGlDXGOAD5GuRpHHBch9JfVa
+iUbvCEF23mee633C_K4zCaaVR9UqXMefzqFxSsobMp3heo3eIcQzLhe2SL2xpI9TbsvN2N4c9UMk
+_TnQBHiYBgPxtB_j8bnVu7C__lTTpPKYLpUPxgWEIzljZzbkF37QQ1XtAc2EzcOi2FT4qsjlNgPw
+PbL6ZihWEYZrZUilTSLzzjcQDLzoaF6BL2LOOS-Uju-B7COhcSMc0JLYOob6RDBE9T6HUMuZ
diff --git a/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12 b/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12
new file mode 100644
index 0000000..5737e48
--- /dev/null
+++ b/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12
Binary files differ
diff --git a/charts/aai-traversal/resources/config/aaf/org.onap.aai.props b/charts/aai-traversal/resources/config/aaf/org.onap.aai.props
new file mode 100644
index 0000000..0f27dbd
--- /dev/null
+++ b/charts/aai-traversal/resources/config/aaf/org.onap.aai.props
@@ -0,0 +1,14 @@
+############################################################
+# Properties Generated by AT&T Certificate Manager
+# @copyright 2016, AT&T
+############################################################
+cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
+cadi_keyfile=/opt/app/aai-traversal/resources/aaf/org.onap.aai.keyfile
+cadi_keystore=/opt/app/aai-traversal/resources/aaf/org.onap.aai.p12
+cadi_keystore_password=enc:nF3D1h00vVoLZkCnFtTCJAiH6maEiA3933rI3ctap9Ggjlm2SMg_dxk6ui9iiDwr
+#cadi_key_password=enc:9xs_lJ9QQRDoMcHqLbGg40-gefGrw-sLMjWL40ejbyqdC7Jt_pQfY6ajBLGcbLuL
+cadi_alias=aai@aai.onap.org
+cadi_truststore=/opt/app/aai-traversal/resources/aaf/truststoreONAPall.jks
+cadi_truststore_password=enc:8BxmWFFRI9wcf2jVixnfdK2GPI4veaXofZ65fcYThHv
+cadi_loglevel=INFO
+cadi_bath_convert=/opt/app/aai-traversal/resources/aaf/bath_config.csv
diff --git a/charts/aai-traversal/resources/config/aaf/org.osaaf.location.props b/charts/aai-traversal/resources/config/aaf/org.osaaf.location.props
new file mode 100644
index 0000000..132fb24
--- /dev/null
+++ b/charts/aai-traversal/resources/config/aaf/org.osaaf.location.props
@@ -0,0 +1,23 @@
+##
+## org.osaaf.location.props
+##
+## Localized Machine Information
+##
+# Almeda California ?
+cadi_latitude=37.78187
+cadi_longitude=-122.26147
+
+# Locate URL (which AAF Env)
+aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095
+
+# AAF URL
+aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0
+
+# AAF Environment Designation
+aaf_env=DEV
+
+# OAuth2 Endpoints
+aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token
+aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect
+
+
diff --git a/charts/aai-traversal/resources/config/aaf/permissions.properties b/charts/aai-traversal/resources/config/aaf/permissions.properties
new file mode 100644
index 0000000..d4956f5
--- /dev/null
+++ b/charts/aai-traversal/resources/config/aaf/permissions.properties
@@ -0,0 +1,2 @@
+permission.type=org.onap.aai.traversal
+permission.instance=* \ No newline at end of file
diff --git a/charts/aai-traversal/resources/config/aaiconfig.properties b/charts/aai-traversal/resources/config/aaiconfig.properties
new file mode 100644
index 0000000..3859590
--- /dev/null
+++ b/charts/aai-traversal/resources/config/aaiconfig.properties
@@ -0,0 +1,81 @@
+#
+# ============LICENSE_START=======================================================
+# org.onap.aai
+# ================================================================================
+# Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+#
+# ECOMP is a trademark and service mark of AT&T Intellectual Property.
+#
+
+aai.config.checktime=1000
+
+# this could come from siteconfig.pl?
+aai.config.nodename=AutomaticallyOverwritten
+
+aai.server.url.base=https://aai.{{ include "common.namespace" . }}:8443/aai/
+aai.server.url=https://aai.{{ include "common.namespace" . }}:8443/aai/{{ .Values.global.config.schema.version.api.default }}/
+aai.global.callback.url=https://aai.{{ include "common.namespace" . }}:8443/aai/
+
+{{ if .Values.global.config.basic.auth.enabled }}
+aai.tools.enableBasicAuth=true
+aai.tools.username={{ .Values.global.config.basic.auth.username }}
+aai.tools.password={{ .Values.global.config.basic.auth.passwd }}
+{{ end }}
+
+aai.truststore.filename={{ .Values.global.config.truststore.filename }}
+aai.truststore.passwd.x={{ .Values.global.config.truststore.passwd }}
+aai.keystore.filename={{ .Values.global.config.keystore.filename }}
+aai.keystore.passwd.x={{ .Values.global.config.keystore.passwd }}
+
+aai.notification.current.version={{ .Values.global.config.schema.version.api.default }}
+aai.notificationEvent.default.status=UNPROCESSED
+aai.notificationEvent.default.eventType={{ .Values.global.config.notification.eventType }}
+aai.notificationEvent.default.domain={{ .Values.global.config.notification.domain }}
+aai.notificationEvent.default.sourceName=aai
+aai.notificationEvent.default.sequenceNumber=0
+aai.notificationEvent.default.severity=NORMAL
+aai.notificationEvent.default.version={{ .Values.global.config.schema.version.api.default }}
+# This one lets us enable/disable resource-version checking on updates/deletes
+aai.resourceversion.enableflag=true
+aai.logging.maxStackTraceEntries=10
+aai.default.api.version={{ .Values.global.config.schema.version.api.default }}
+
+# Used by Model-processing code
+aai.model.delete.sleep.per.vtx.msec=500
+aai.model.query.resultset.maxcount=50
+aai.model.query.timeout.sec=90
+
+aai.model.proc.max.levels=50
+aai.edgeTag.proc.max.levels=50
+
+aai.logging.trace.enabled=true
+aai.logging.trace.logrequest=false
+aai.logging.trace.logresponse=false
+
+aai.transaction.logging=true
+aai.transaction.logging.get=false
+aai.transaction.logging.post=false
+
+aai.realtime.clients={{ .Values.global.config.realtime.clients }}
+
+#timeout for traversal enabled flag
+aai.traversal.timeoutenabled={{ .Values.config.timeout.enabled }}
+
+#timeout app specific
+aai.traversal.timeout.appspecific={{ .Values.config.timeout.appspecific }}
+
+#default timeout limit added for traversal if not overridden (in ms)
+aai.traversal.timeoutlimit={{ .Values.config.timeout.limit | int }}
diff --git a/charts/aai-traversal/resources/config/application.properties b/charts/aai-traversal/resources/config/application.properties
new file mode 100644
index 0000000..a7c86b6
--- /dev/null
+++ b/charts/aai-traversal/resources/config/application.properties
@@ -0,0 +1,97 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# The following info parameters are being referenced by ajsc6
+info.build.artifact=aai-traversal
+info.build.name=traversal
+info.build.description=Traversal Microservice
+info.build.version=1.3.0
+
+spring.application.name=aai-traversal
+spring.jersey.type=filter
+
+server.contextPath=/
+spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration
+
+spring.profiles.active={{ .Values.global.config.profiles.active }}
+spring.jersey.application-path=${schema.uri.base.path}
+#The max number of active threads in this pool
+server.tomcat.max-threads=200
+#The minimum number of threads always kept alive
+server.tomcat.min-Spare-Threads=25
+#The number of milliseconds before an idle thread shutsdown, unless the number of active threads are less or equal to minSpareThreads
+server.tomcat.max-idle-time=60000
+
+# If you get an application startup failure that the port is already taken
+# If thats not it, please check if the key-store file path makes sense
+server.local.startpath=aai-traversal/src/main/resources/
+server.basic.auth.location=${server.local.startpath}etc/auth/realm.properties
+
+server.port=8446
+server.ssl.enabled-protocols=TLSv1.1,TLSv1.2
+server.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }}
+server.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }})
+server.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }}
+server.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }})
+server.ssl.client-auth=want
+server.ssl.key-store-type=JKS
+
+# JMS bind address host port
+jms.bind.address=tcp://localhost:61647
+dmaap.ribbon.listOfServers=message-router.{{ include "common.namespace" . }}:3905
+dmaap.ribbon.transportType=https
+
+# Schema related attributes for the oxm and edges
+# Any additional schema related attributes should start with prefix schema
+schema.configuration.location=N/A
+schema.source.name={{ .Values.global.config.schema.source.name }}
+schema.nodes.location=${server.local.startpath}/schema/${schema.source.name}/oxm/
+schema.edges.location=${server.local.startpath}/schema/${schema.source.name}/dbedgerules/
+# Location of where the stored queries are
+schema.queries.location=${server.local.startpath}/schema/${schema.source.name}/query/
+
+schema.ingest.file=${server.local.startpath}/application.properties
+
+# Schema Version Related Attributes
+
+schema.uri.base.path={{ .Values.global.config.schema.uri.base.path }}
+# Lists all of the versions in the schema
+schema.version.list={{ .Values.global.config.schema.version.list }}
+# Specifies from which version should the depth parameter to default to zero
+schema.version.depth.start={{ .Values.global.config.schema.version.depth }}
+# Specifies from which version should the related link be displayed in response payload
+schema.version.related.link.start={{ .Values.global.config.schema.version.related.link }}
+
+# Specifies from which version should the client see only the uri excluding host info
+# Before this version server base will also be included
+schema.version.app.root.start={{ .Values.global.config.schema.version.app.root }}
+# Specifies from which version should the namespace be changed
+schema.version.namespace.change.start={{ .Values.global.config.schema.version.namespace.change }}
+# Specifies from which version should the client start seeing the edge label in payload
+schema.version.edge.label.start={{ .Values.global.config.schema.version.edge.label }}
+# Specifies the version that the application should default to
+schema.version.api.default={{ .Values.global.config.schema.version.api.default }}
+
+schema.translator.list={{ .Values.global.config.schema.translator.list }}
+schema.service.base.url=https://aai-schema-service.{{ include "common.namespace" . }}:8452/aai/schema-service/v1/
+schema.service.nodes.endpoint=nodes?version=
+schema.service.edges.endpoint=edgerules?version=
+schema.service.versions.endpoint=versions
+schema.service.custom.queries.endpoint=stored-queries
+schema.service.client={{ .Values.global.config.schema.service.client }}
+
+schema.service.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }}
+schema.service.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }}
+schema.service.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }})
+schema.service.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }})
diff --git a/charts/aai-traversal/resources/config/janusgraph-cached.properties b/charts/aai-traversal/resources/config/janusgraph-cached.properties
new file mode 100644
index 0000000..9dc6636
--- /dev/null
+++ b/charts/aai-traversal/resources/config/janusgraph-cached.properties
@@ -0,0 +1,98 @@
+#
+# ============LICENSE_START=======================================================
+# org.onap.aai
+# ================================================================================
+# Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+#
+# ECOMP is a trademark and service mark of AT&T Intellectual Property.
+#
+
+query.fast-property=true
+query.smart-limit=false
+
+{{ if .Values.global.config.cluster.cassandra.dynamic }}
+
+storage.backend=cassandra
+storage.hostname={{.Values.global.cassandra.serviceName}}
+storage.cassandra.keyspace=aaigraph
+
+storage.cassandra.read-consistency-level=LOCAL_QUORUM
+storage.cassandra.write-consistency-level=LOCAL_QUORUM
+storage.cassandra.replication-factor={{.Values.global.cassandra.replicas}}
+storage.cassandra.replication-strategy-class=org.apache.cassandra.locator.SimpleStrategy
+
+{{ else }}
+
+{{ if .Values.global.config.storage }}
+
+storage.backend={{ .Values.global.config.storage.backend }}
+
+{{ if eq .Values.global.config.storage.backend "cassandra" }}
+
+storage.hostname={{ .Values.global.config.storage.hostname }}
+storage.cassandra.keyspace={{ .Values.global.config.storage.name }}
+
+storage.cassandra.read-consistency-level={{ .Values.global.config.storage.cassandra.readConsistency }}
+storage.cassandra.write-consistency-level={{ .Values.global.config.storage.cassandra.writeConsistency }}
+storage.cassandra.replication-factor={{ .Values.global.config.storage.cassandra.replicationFactor | int }}
+storage.cassandra.astyanax.cluster-name= {{ .Values.global.config.storage.clusterName }}
+storage.cassandra.astyanax.local-datacenter= {{ .Values.global.config.storage.localDataCenter }}
+
+storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }}
+cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
+log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
+
+{{ else if eq .Values.global.config.storage.backend "cql" }}
+
+storage.hostname={{ .Values.global.config.storage.hostname }}
+storage.cql.keyspace={{ .Values.global.config.storage.name }}
+
+storage.cql.read-consistency-level={{ .Values.global.config.storage.cql.readConsistency }}
+storage.cql.write-consistency-level={{ .Values.global.config.storage.cql.readConsistency }}
+storage.cql.replication-factor={{ .Values.global.config.storage.cql.replicationFactor | int }}
+
+storage.cql.only-use-local-consistency-for-system-operations={{ .Values.global.config.storage.cql.localConsistencyForSysOps }}
+storage.cql.cluster-name={{ .Values.global.config.storage.clusterName }}
+storage.cql.local-datacenter={{ .Values.global.config.storage.localDataCenter }}
+
+storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }}
+cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
+log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
+
+{{ else if eq .Values.global.config.storage.backend "hbase" }}
+
+storage.hostname={{ .Values.global.config.storage.hostname }}
+storage.hbase.table={{ .Values.global.config.storage.name }}
+
+storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }}
+cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
+log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
+
+{{ end }}
+
+{{ end }}
+
+{{ end }}
+
+storage.lock.wait-time=300
+#caching on
+cache.db-cache = true
+cache.db-cache-clean-wait = 20
+cache.db-cache-time = 180000
+cache.db-cache-size = 0.3
+
+#load graphson file on startup
+load.snapshot.file=false
diff --git a/charts/aai-traversal/resources/config/janusgraph-realtime.properties b/charts/aai-traversal/resources/config/janusgraph-realtime.properties
new file mode 100644
index 0000000..8791a0b
--- /dev/null
+++ b/charts/aai-traversal/resources/config/janusgraph-realtime.properties
@@ -0,0 +1,92 @@
+#
+# ============LICENSE_START=======================================================
+# Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+#
+# ECOMP is a trademark and service mark of AT&T Intellectual Property.
+#
+
+query.fast-property=true
+query.smart-limit=false
+
+{{ if .Values.global.config.cluster.cassandra.dynamic }}
+
+storage.backend=cassandra
+storage.hostname={{.Values.global.cassandra.serviceName}}
+storage.cassandra.keyspace=aaigraph
+
+storage.cassandra.read-consistency-level=LOCAL_QUORUM
+storage.cassandra.write-consistency-level=LOCAL_QUORUM
+storage.cassandra.replication-factor={{.Values.global.cassandra.replicas}}
+storage.cassandra.replication-strategy-class=org.apache.cassandra.locator.SimpleStrategy
+
+{{ else }}
+
+{{ if .Values.global.config.storage }}
+
+storage.backend={{ .Values.global.config.storage.backend }}
+
+{{ if eq .Values.global.config.storage.backend "cassandra" }}
+
+storage.hostname={{ .Values.global.config.storage.hostname }}
+storage.cassandra.keyspace={{ .Values.global.config.storage.name }}
+
+storage.cassandra.read-consistency-level={{ .Values.global.config.storage.cassandra.readConsistency }}
+storage.cassandra.write-consistency-level={{ .Values.global.config.storage.cassandra.writeConsistency }}
+storage.cassandra.replication-factor={{ .Values.global.config.storage.cassandra.replicationFactor | int }}
+storage.cassandra.astyanax.cluster-name= {{ .Values.global.config.storage.clusterName }}
+storage.cassandra.astyanax.local-datacenter= {{ .Values.global.config.storage.localDataCenter }}
+
+storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }}
+cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
+log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
+
+{{ else if eq .Values.global.config.storage.backend "cql" }}
+
+storage.hostname={{ .Values.global.config.storage.hostname }}
+storage.cql.keyspace={{ .Values.global.config.storage.name }}
+
+storage.cql.read-consistency-level={{ .Values.global.config.storage.cql.readConsistency }}
+storage.cql.write-consistency-level={{ .Values.global.config.storage.cql.readConsistency }}
+storage.cql.replication-factor={{ .Values.global.config.storage.cql.replicationFactor | int }}
+
+storage.cql.only-use-local-consistency-for-system-operations={{ .Values.global.config.storage.cql.localConsistencyForSysOps }}
+storage.cql.cluster-name={{ .Values.global.config.storage.clusterName }}
+storage.cql.local-datacenter={{ .Values.global.config.storage.localDataCenter }}
+
+storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }}
+cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
+log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
+
+{{ else if eq .Values.global.config.storage.backend "hbase" }}
+
+storage.hostname={{ .Values.global.config.storage.hostname }}
+storage.hbase.table={{ .Values.global.config.storage.name }}
+
+storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }}
+cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }}
+log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
+
+{{ end }}
+
+{{ end }}
+
+{{ end }}
+
+storage.lock.wait-time=300
+# Setting db-cache to false ensure the fastest propagation of changes across servers
+cache.db-cache = false
+#load graphson file on startup
+load.snapshot.file=false
diff --git a/charts/aai-traversal/resources/config/localhost-access-logback.xml b/charts/aai-traversal/resources/config/localhost-access-logback.xml
new file mode 100644
index 0000000..4cf6c74
--- /dev/null
+++ b/charts/aai-traversal/resources/config/localhost-access-logback.xml
@@ -0,0 +1,63 @@
+<!--
+
+ ============LICENSE_START=======================================================
+ org.onap.aai
+ ================================================================================
+ Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ Modifications Copyright © 2018 Amdocs, Bell Canada
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END=========================================================
+
+ ECOMP is a trademark and service mark of AT&T Intellectual Property.
+
+-->
+<configuration>
+ <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
+ <appender name="ACCESS"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
+ <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D</Pattern>
+ </encoder>
+ </appender>
+ <appender-ref ref="ACCESS" />
+</configuration>
+
+<!--
+%a - Remote IP address
+%A - Local IP address
+%b - Bytes sent, excluding HTTP headers, or '-' if no bytes were sent
+%B - Bytes sent, excluding HTTP headers
+%h - Remote host name
+%H - Request protocol
+%l - Remote logical username from identd (always returns '-')
+%m - Request method
+%p - Local port
+%q - Query string (prepended with a '?' if it exists, otherwise an empty string
+%r - First line of the request
+%s - HTTP status code of the response
+%S - User session ID
+%t - Date and time, in Common Log Format format
+%u - Remote user that was authenticated
+%U - Requested URL path
+%v - Local server name
+%I - current request thread name (can compare later with stacktraces)
+
+%z - Custom pattern that parses the cert for the subject
+%y - Custom pattern determines rest or dme2
+ -->
diff --git a/charts/aai-traversal/resources/config/logback.xml b/charts/aai-traversal/resources/config/logback.xml
new file mode 100644
index 0000000..d466ccf
--- /dev/null
+++ b/charts/aai-traversal/resources/config/logback.xml
@@ -0,0 +1,268 @@
+<!--
+ ============LICENSE_START=======================================================
+ org.onap.aai
+ ================================================================================
+ Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ Modifications Copyright © 2018 Amdocs, Bell Canada
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END=========================================================
+ ECOMP is a trademark and service mark of AT&T Intellectual Property.
+-->
+<configuration scan="true" scanPeriod="60 seconds" debug="false">
+ <statusListener class="ch.qos.logback.core.status.NopStatusListener" />
+ <property resource="application.properties" />
+ <property name="namespace" value="aai-traversal"/>
+ <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
+ <jmxConfigurator />
+ <property name="logDirectory" value="${AJSC_HOME}/logs" />
+ <property name="eelfLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <property name="eelfAuditLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <property name="eelfMetricLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{targetVirtualEntity}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <!-- <property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/> -->
+ <property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%ecompResponseCode|%ecompResponseDescription|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
+ <property name="eelfTransLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{statusCode}|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{partnerName}:%m%n"/>
+ <conversionRule conversionWord="clr" converterClass="org.springframework.boot.logging.logback.ColorConverter" />
+ <conversionRule conversionWord="wex" converterClass="org.springframework.boot.logging.logback.WhitespaceThrowableProxyConverter" />
+ <conversionRule conversionWord="wEx" converterClass="org.springframework.boot.logging.logback.ExtendedWhitespaceThrowableProxyConverter" />
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>
+ %clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx}
+ </pattern>
+ </encoder>
+ </appender>
+ <appender name="SANE" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/rest/sane.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/sane.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder>
+ <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n
+ </pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncSANE" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="SANE" />
+ </appender>
+ <appender name="METRIC"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <file>${logDirectory}/rest/metrics.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfMetricLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncMETRIC" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="METRIC" />
+ </appender>
+ <appender name="DEBUG"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <file>${logDirectory}/rest/debug.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/debug.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncDEBUG" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="DEBUG" />
+ </appender>
+ <appender name="ERROR"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <file>${logDirectory}/rest/error.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/error.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfErrorLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncERROR" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="ERROR" />
+ </appender>
+ <appender name="AUDIT"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/rest/audit.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/audit.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfAuditLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncAUDIT" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="AUDIT" />
+ </appender>
+ <appender name="translog"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <file>${logDirectory}/rest/translog.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/translog.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfTransLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asynctranslog" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="translog" />
+ </appender>
+ <appender name="dmaapAAIEventConsumer"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <File>${logDirectory}/dmaapAAIEventConsumer/error.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="dmaapAAIEventConsumerDebug"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dmaapAAIEventConsumer/debug.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="dmaapAAIEventConsumerMetric"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dmaapAAIEventConsumer/metrics.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfMetricLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="external"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <file>${logDirectory}/external/external.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/external/external.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.EcompEncoder">
+ <pattern>${eelfLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <logger name="org.onap.aai" level="DEBUG" additivity="false">
+ <appender-ref ref="asyncDEBUG" />
+ <appender-ref ref="asyncERROR" />
+ <appender-ref ref="asyncMETRIC" />
+ <appender-ref ref="asyncSANE" />
+ <appender-ref ref="STDOUT" />
+ </logger>
+
+ <!-- Spring related loggers -->
+ <logger name="org.springframework" level="WARN" />
+ <logger name="org.springframework.beans" level="WARN" />
+ <logger name="org.springframework.web" level="WARN" />
+ <logger name="com.blog.spring.jms" level="WARN" />
+ <logger name="com.jayway.jsonpath" level="WARN" />
+
+ <logger name="ch.qos.logback.classic" level="WARN" />
+ <logger name="ch.qos.logback.core" level="WARN" />
+ <logger name="org.eclipse.jetty" level="WARN" />
+
+ <logger name="org.onap.aai.interceptors.post" level="DEBUG"
+ additivity="false">
+ <appender-ref ref="asynctranslog" />
+ </logger>
+ <logger name="org.onap.aai.interceptors.pre.SetLoggingContext" level="DEBUG">
+ <appender-ref ref="asyncAUDIT"/>
+ </logger>
+ <logger name="org.onap.aai.interceptors.post.ResetLoggingContext" level="DEBUG">
+ <appender-ref ref="asyncAUDIT"/>
+ </logger>
+ <logger name="org.onap.aai.dmaap" level="DEBUG" additivity="false">
+ <appender-ref ref="dmaapAAIEventConsumer" />
+ <appender-ref ref="dmaapAAIEventConsumerDebug" />
+ <appender-ref ref="dmaapAAIEventConsumerMetric" />
+ </logger>
+ <logger name="org.apache" level="OFF" />
+ <logger name="org.zookeeper" level="OFF" />
+ <logger name="com.thinkaurelius" level="WARN" />
+ <logger name="com.att.aft.dme2" level="WARN" />
+ <!-- ============================================================================ -->
+ <!-- General EELF logger -->
+ <!-- ============================================================================ -->
+ <logger name="com.att.eelf" level="WARN" additivity="false">
+ <appender-ref ref="asyncDEBUG" />
+ <appender-ref ref="asyncERROR" />
+ <appender-ref ref="asyncMETRIC" />
+ </logger>
+ <root level="DEBUG">
+ <appender-ref ref="external" />
+ {{if .Values.global.config.logback.console.enabled}}
+ <appender-ref ref="STDOUT" />
+ {{ end }}
+ </root>
+</configuration>
diff --git a/charts/aai-traversal/resources/config/realm.properties b/charts/aai-traversal/resources/config/realm.properties
new file mode 100644
index 0000000..0499b34
--- /dev/null
+++ b/charts/aai-traversal/resources/config/realm.properties
@@ -0,0 +1,37 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# format : username: password[,rolename ...]
+# default username/password: AAI/AAI, MSO/MSO, ModelLoader/ModelLoader...
+AAI:OBF:1gfr1ev31gg7,admin
+MSO:OBF:1jzx1lz31k01,admin
+SDNC:OBF:1itr1i0l1i151isv,admin
+DCAE:OBF:1g8u1f9d1f991g8w,admin
+POLICY:OBF:1mk61i171ima1im41i0j1mko,admin
+ASDC:OBF:1f991j0u1j001f9d,admin
+VID:OBF:1jm91i0v1jl9,admin
+APPC:OBF:1f991ksf1ksf1f9d,admin
+ModelLoader:OBF:1qvu1v2h1sov1sar1wfw1j7j1wg21saj1sov1v1x1qxw,admin
+AaiUI:OBF:1gfr1p571unz1p4j1gg7,admin
+OOF:OBF:1img1ke71ily,admin
+aai@aai.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+so@so.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+sdnc@sdnc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+dcae@dcae.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+policy@policy.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+sdc@sdc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+vid@vid.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+appc@appc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+oof@oof.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+pomba@pomba.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+vfc@vfc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
diff --git a/charts/aai-traversal/templates/configmap.yaml b/charts/aai-traversal/templates/configmap.yaml
new file mode 100644
index 0000000..1a92199
--- /dev/null
+++ b/charts/aai-traversal/templates/configmap.yaml
@@ -0,0 +1,64 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/localhost-access-logback.xml").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/janusgraph-realtime.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/janusgraph-cached.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/aaiconfig.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/realm.properties").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-aaf-props
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/aaf/org.osaaf.location.props").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/aaf/permissions.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.props").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/aaf/cadi.properties").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-aaf-keys
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.keyfile").AsSecrets . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.p12").AsSecrets . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/aaf/bath_config.csv").AsSecrets . | indent 2 }}
diff --git a/charts/aai-traversal/templates/deployment.yaml b/charts/aai-traversal/templates/deployment.yaml
new file mode 100644
index 0000000..b94389f
--- /dev/null
+++ b/charts/aai-traversal/templates/deployment.yaml
@@ -0,0 +1,618 @@
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ name: {{ include "common.name" . }}
+ annotations:
+ checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
+ msb.onap.org/service-info: '[
+ {
+ "serviceName": "_aai-generic-query",
+ "version": "v11",
+ "url": "/aai/v11/search/generic-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v11/search/generic-query"
+ },
+ {
+ "serviceName": "_aai-generic-query",
+ "version": "v12",
+ "url": "/aai/v12/search/generic-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v12/search/generic-query"
+ },
+ {
+ "serviceName": "_aai-generic-query",
+ "version": "v13",
+ "url": "/aai/v13/search/generic-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v13/search/generic-query"
+ },
+ {
+ "serviceName": "_aai-generic-query",
+ "version": "v14",
+ "url": "/aai/v14/search/generic-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v14/search/generic-query"
+ },
+ {
+ "serviceName": "_aai-generic-query",
+ "version": "v15",
+ "url": "/aai/v15/search/generic-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v15/search/generic-query"
+ },
+ {
+ "serviceName": "_aai-generic-query",
+ "version": "v16",
+ "url": "/aai/v16/search/generic-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v16/search/generic-query"
+ },
+ {
+ "serviceName": "_aai-nodes-query",
+ "version": "v11",
+ "url": "/aai/v11/search/nodes-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v11/search/nodes-query"
+ },
+ {
+ "serviceName": "_aai-nodes-query",
+ "version": "v12",
+ "url": "/aai/v12/search/nodes-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v12/search/nodes-query"
+ },
+ {
+ "serviceName": "_aai-nodes-query",
+ "version": "v13",
+ "url": "/aai/v13/search/nodes-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v13/search/nodes-query"
+ },
+ {
+ "serviceName": "_aai-nodes-query",
+ "version": "v14",
+ "url": "/aai/v14/search/nodes-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v14/search/nodes-query"
+ },
+ {
+ "serviceName": "_aai-nodes-query",
+ "version": "v15",
+ "url": "/aai/v15/search/nodes-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v15/search/nodes-query"
+ },
+ {
+ "serviceName": "_aai-nodes-query",
+ "version": "v16",
+ "url": "/aai/v16/search/nodes-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v16/search/nodes-query"
+ },
+ {
+ "serviceName": "_aai-query",
+ "version": "v11",
+ "url": "/aai/v11/query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v11/query"
+ },
+ {
+ "serviceName": "_aai-query",
+ "version": "v12",
+ "url": "/aai/v12/query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v12/query"
+ },
+ {
+ "serviceName": "_aai-query",
+ "version": "v13",
+ "url": "/aai/v13/query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v13/query"
+ },
+ {
+ "serviceName": "_aai-query",
+ "version": "v14",
+ "url": "/aai/v14/query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v14/query"
+ },
+ {
+ "serviceName": "_aai-query",
+ "version": "v15",
+ "url": "/aai/v15/query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v15/query"
+ },
+ {
+ "serviceName": "_aai-query",
+ "version": "v16",
+ "url": "/aai/v16/query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/v16/query"
+ },
+ {
+ "serviceName": "_aai-named-query",
+ "url": "/aai/search",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1",
+ "path": "/aai/search"
+ },
+ {
+ "serviceName": "aai-generic-query",
+ "version": "v11",
+ "url": "/aai/v11/search/generic-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-generic-query",
+ "version": "v12",
+ "url": "/aai/v12/search/generic-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-generic-query",
+ "version": "v13",
+ "url": "/aai/v13/search/generic-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-generic-query",
+ "version": "v14",
+ "url": "/aai/v14/search/generic-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-generic-query",
+ "version": "v15",
+ "url": "/aai/v15/search/generic-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-generic-query",
+ "version": "v16",
+ "url": "/aai/v16/search/generic-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-nodes-query",
+ "version": "v11",
+ "url": "/aai/v11/search/nodes-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-nodes-query",
+ "version": "v12",
+ "url": "/aai/v12/search/nodes-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-nodes-query",
+ "version": "v13",
+ "url": "/aai/v13/search/nodes-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-nodes-query",
+ "version": "v14",
+ "url": "/aai/v14/search/nodes-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-nodes-query",
+ "version": "v15",
+ "url": "/aai/v15/search/nodes-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-nodes-query",
+ "version": "v16",
+ "url": "/aai/v16/search/nodes-query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-query",
+ "version": "v11",
+ "url": "/aai/v11/query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-query",
+ "version": "v12",
+ "url": "/aai/v12/query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-query",
+ "version": "v13",
+ "url": "/aai/v13/query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-query",
+ "version": "v14",
+ "url": "/aai/v14/query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-query",
+ "version": "v15",
+ "url": "/aai/v15/query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-query",
+ "version": "v16",
+ "url": "/aai/v16/query",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ },
+ {
+ "serviceName": "aai-named-query",
+ "url": "/aai/search",
+ "protocol": "REST",
+ "port": "8446",
+ "enable_ssl": true,
+ "lb_policy":"ip_hash",
+ "visualRange": "1"
+ }
+ ]'
+ spec:
+ hostname: aai-traversal
+ {{ if .Values.global.initContainers.enabled }}
+ initContainers:
+ - command:
+ {{ if .Values.global.jobs.migration.enabled }}
+ - /root/job_complete.py
+ args:
+ - --job-name
+ - {{ .Release.Name }}-aai-graphadmin-migration
+ {{ else if .Values.global.jobs.createSchema.enabled }}
+ - /root/job_complete.py
+ args:
+ - --job-name
+ - {{ .Release.Name }}-aai-graphadmin-create-db-schema
+ {{ else }}
+ - /root/ready.py
+ args:
+ - --container-name
+ {{- if .Values.global.cassandra.localCluster }}
+ - aai-cassandra
+ {{- else }}
+ - cassandra
+ {{- end }}
+ - --container-name
+ - aai-schema-service
+ {{ end }}
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-readiness
+ {{ end }}
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: DISABLE_UPDATE_QUERY
+ value: {{ .Values.config.disableUpdateQuery | quote }}
+ - name: LOCAL_USER_ID
+ value: {{ .Values.global.config.userId | quote }}
+ - name: LOCAL_GROUP_ID
+ value: {{ .Values.global.config.groupId | quote }}
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /opt/app/aai-traversal/resources/etc/appprops/janusgraph-realtime.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: janusgraph-realtime.properties
+ - mountPath: /opt/app/aai-traversal/resources/etc/appprops/janusgraph-cached.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: janusgraph-cached.properties
+ - mountPath: /opt/app/aai-traversal/resources/etc/appprops/aaiconfig.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: aaiconfig.properties
+ - mountPath: /opt/aai/logroot/AAI-GQ
+ name: {{ include "common.fullname" . }}-logs
+ - mountPath: /opt/app/aai-traversal/resources/logback.xml
+ name: {{ include "common.fullname" . }}-config
+ subPath: logback.xml
+ - mountPath: /opt/app/aai-traversal/resources/localhost-access-logback.xml
+ name: {{ include "common.fullname" . }}-config
+ subPath: localhost-access-logback.xml
+ - mountPath: /opt/app/aai-traversal/resources/etc/auth/realm.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: realm.properties
+ - mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.keyfile
+ name: {{ include "common.fullname" . }}-aaf-certs
+ subPath: org.onap.aai.keyfile
+ - mountPath: /opt/app/aai-traversal/resources/aaf/bath_config.csv
+ name: {{ include "common.fullname" . }}-aaf-certs
+ subPath: bath_config.csv
+ - mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.props
+ name: {{ include "common.fullname" . }}-aaf-properties
+ subPath: org.onap.aai.props
+ - mountPath: /opt/app/aai-traversal/resources/aaf/org.osaaf.location.props
+ name: {{ include "common.fullname" . }}-aaf-properties
+ subPath: org.osaaf.location.props
+ - mountPath: /opt/app/aai-traversal/resources/aaf/permissions.properties
+ name: {{ include "common.fullname" . }}-aaf-properties
+ subPath: permissions.properties
+ - mountPath: /opt/app/aai-traversal/resources/cadi.properties
+ name: {{ include "common.fullname" . }}-aaf-properties
+ subPath: cadi.properties
+ - mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.p12
+ name: {{ include "common.fullname" . }}-aaf-certs
+ subPath: org.onap.aai.p12
+ - mountPath: /opt/app/aai-traversal/resources/aaf/truststoreONAPall.jks
+ name: aai-common-aai-auth-mount
+ subPath: truststoreONAPall.jks
+ - mountPath: /opt/app/aai-traversal/resources/application.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: application.properties
+ {{ $global := . }}
+ {{ range $job := .Values.global.config.auth.files }}
+ - mountPath: /opt/app/aai-traversal/resources/etc/auth/{{ . }}
+ name: {{ include "common.fullname" $global }}-auth-truststore-sec
+ subPath: {{ . }}
+ {{ end }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ - containerPort: {{ .Values.service.internalPort2 }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{ if .Values.liveness.enabled }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end }}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ resources:
+{{ include "common.resources" . }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
+
+ # side car containers
+ - name: filebeat-onap
+ image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: /usr/share/filebeat/filebeat.yml
+ subPath: filebeat.yml
+ name: filebeat-conf
+ - mountPath: /var/log/onap
+ name: {{ include "common.fullname" . }}-logs
+ - mountPath: /usr/share/filebeat/data
+ name: {{ include "common.fullname" . }}-filebeat
+ resources:
+{{ include "common.resources" . }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: filebeat-conf
+ configMap:
+ name: aai-filebeat
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-filebeat
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-config
+ configMap:
+ name: {{ include "common.fullname" . }}-configmap
+ - name: {{ include "common.fullname" . }}-aaf-properties
+ configMap:
+ name: {{ include "common.fullname" . }}-aaf-props
+ - name: {{ include "common.fullname" . }}-aaf-certs
+ secret:
+ secretName: {{ include "common.fullname" . }}-aaf-keys
+ - name: aai-common-aai-auth-mount
+ secret:
+ secretName: aai-common-aai-auth
+ - name: {{ include "common.fullname" . }}-auth-truststore-sec
+ secret:
+ secretName: aai-common-truststore
+ items:
+ {{ range $job := .Values.global.config.auth.files }}
+ - key: {{ . }}
+ path: {{ . }}
+ {{ end }}
+ restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/charts/aai-traversal/templates/job.yaml b/charts/aai-traversal/templates/job.yaml
new file mode 100644
index 0000000..31db068
--- /dev/null
+++ b/charts/aai-traversal/templates/job.yaml
@@ -0,0 +1,136 @@
+# Copyright © 2017-2018 AT&T
+# Modifications Copyright © 2018 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{ if .Values.global.jobs.updateQueryData.enabled }}
+
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}-update-query-data
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+{{ if .Values.global.jobs.migration.enabled }}
+ annotations:
+ "helm.sh/hook": post-upgrade,post-rollback,post-install
+ "helm.sh/hook-weight": "2"
+ "helm.sh/hook-delete-policy": before-hook-creation
+{{ end }}
+spec:
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}-job
+ release: {{ .Release.Name }}
+ name: {{ include "common.name" . }}
+ spec:
+ initContainers:
+ - command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - aai
+ {{ if eq .Values.global.aafEnabled true }}
+ - --container-name
+ - aaf-locate
+ {{ end }}
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-readiness
+ containers:
+ - name: {{ include "common.name" . }}-job
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - bash
+ - "-c"
+ - |
+ set -x
+ mkdir -p /opt/aai/logroot/AAI-GQ/misc
+ until nc -w10 -z -v aai.{{.Release.Namespace}} 8443; do echo "Retrying to reach aai on port 8443"; done;
+ bash -x /opt/app/aai-traversal/docker-entrypoint.sh install/updateQueryData.sh
+ env:
+ - name: LOCAL_USER_ID
+ value: {{ .Values.global.config.userId | quote }}
+ - name: LOCAL_GROUP_ID
+ value: {{ .Values.global.config.groupId | quote }}
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /opt/app/aai-traversal/resources/etc/appprops/janusgraph-realtime.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: janusgraph-realtime.properties
+ - mountPath: /opt/app/aai-traversal/resources/etc/appprops/janusgraph-cached.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: janusgraph-cached.properties
+ - mountPath: /opt/app/aai-traversal/resources/etc/appprops/aaiconfig.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: aaiconfig.properties
+ - mountPath: /opt/aai/logroot/AAI-GQ/
+ name: {{ include "common.fullname" . }}-logs
+ - mountPath: /opt/app/aai-traversal/resources/logback.xml
+ name: {{ include "common.fullname" . }}-config
+ subPath: logback.xml
+ - mountPath: /opt/app/aai-traversal/resources/localhost-access-logback.xml
+ name: {{ include "common.fullname" . }}-config
+ subPath: localhost-access-logback.xml
+ - mountPath: /opt/app/aai-traversal/resources/application.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: application.properties
+ {{ $global := . }}
+ {{ range $job := .Values.global.config.auth.files }}
+ - mountPath: /opt/app/aai-traversal/resources/etc/auth/{{ . }}
+ name: {{ include "common.fullname" $global }}-auth-truststore-sec
+ subPath: {{ . }}
+ {{ end }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: filebeat-conf
+ configMap:
+ name: aai-filebeat
+ - name: {{ include "common.fullname" . }}-logs
+ hostPath:
+ path: {{ .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}-update-query
+ - name: {{ include "common.fullname" . }}-filebeat
+ emptyDir: {}
+ - name: {{ include "common.fullname" . }}-config
+ configMap:
+ name: {{ include "common.fullname" . }}-configmap
+ - name: {{ include "common.fullname" . }}-auth-truststore-sec
+ secret:
+ secretName: aai-common-truststore
+ items:
+ {{ range $job := .Values.global.config.auth.files }}
+ - key: {{ . }}
+ path: {{ . }}
+ {{ end }}
+ restartPolicy: OnFailure
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
+{{ end }}
diff --git a/charts/aai-traversal/templates/service.yaml b/charts/aai-traversal/templates/service.yaml
new file mode 100644
index 0000000..d119912
--- /dev/null
+++ b/charts/aai-traversal/templates/service.yaml
@@ -0,0 +1,44 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ - port: {{ .Values.service.internalPort2 }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
+ name: {{ .Values.service.portName2 }}
+ {{- else -}}
+ - port: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ - port: {{ .Values.service.internalPort2 }}
+ name: {{ .Values.service.portName2 }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ clusterIP: None
diff --git a/charts/aai-traversal/values.yaml b/charts/aai-traversal/values.yaml
new file mode 100644
index 0000000..63e1444
--- /dev/null
+++ b/charts/aai-traversal/values.yaml
@@ -0,0 +1,95 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Default values for traversal.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+global: # global defaults
+ nodePortPrefix: 302
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+
+
+# application image
+repository: nexus3.onap.org:10001
+image: onap/aai-traversal:1.4-STAGING-latest
+pullPolicy: Always
+restartPolicy: Always
+flavor: small
+# application configuration
+config:
+
+ # Specifies timeout information such as application specific and limits
+ timeout:
+ # If set to true application will timeout for queries taking longer than limit
+ enabled: true
+ # Specifies which apps (X-FromAppId) header should get overridden and (-1) no timeout
+ appspecific: JUNITTESTAPP1,1|JUNITTESTAPP2,-1|DCAE-CCS,-1|DCAES,-1|AAI-FILEGEN-GFPIP,-1
+ # Specifies how long should it wait before timing out the REST request
+ limit: 180000
+
+ # Disables the updateQueryData script to run as part of traversal
+ disableUpdateQuery: true
+
+persistence:
+ mountPath: /dockerdata-nfs
+ mountSubPath: aai/aai-traversal
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 60
+ periodSeconds: 60
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: false
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+
+service:
+ type: ClusterIP
+ portName: aai-traversal-8446
+ internalPort: 8446
+ portName2: aai-traversal-5005
+ internalPort2: 5005
+
+ingress:
+ enabled: false
+
+# Configure resource requests and limits
+# ref: http://kubernetes.io/docs/user-guide/compute-resources/
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 4Gi
+ requests:
+ cpu: 1
+ memory: 3Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 8Gi
+ requests:
+ cpu: 2
+ memory: 4Gi
+ unlimited: {}
diff --git a/requirements.yaml b/requirements.yaml
new file mode 100644
index 0000000..24f69b2
--- /dev/null
+++ b/requirements.yaml
@@ -0,0 +1,28 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~4.x-0
+ # local reference to common chart, as it is
+ # a part of this chart's package and will not
+ # be published independently to a repo (at this point)
+ repository: '@local'
+ - name: cassandra
+ version: ~4.x-0
+ # local reference to common chart, as it is
+ # a part of this chart's package and will not
+ # be published independently to a repo (at this point)
+ repository: '@local'
+ condition: global.cassandra.localCluster
diff --git a/resources/config/aai/aai_keystore b/resources/config/aai/aai_keystore
new file mode 100644
index 0000000..d50b33e
--- /dev/null
+++ b/resources/config/aai/aai_keystore
Binary files differ
diff --git a/resources/config/auth/truststoreONAPall.jks b/resources/config/auth/truststoreONAPall.jks
new file mode 100644
index 0000000..ff844b1
--- /dev/null
+++ b/resources/config/auth/truststoreONAPall.jks
Binary files differ
diff --git a/resources/config/fproxy/auth/client-cert.p12 b/resources/config/fproxy/auth/client-cert.p12
new file mode 100644
index 0000000..7a4979a
--- /dev/null
+++ b/resources/config/fproxy/auth/client-cert.p12
Binary files differ
diff --git a/resources/config/fproxy/auth/fproxy_truststore b/resources/config/fproxy/auth/fproxy_truststore
new file mode 100644
index 0000000..f6ebc75
--- /dev/null
+++ b/resources/config/fproxy/auth/fproxy_truststore
Binary files differ
diff --git a/resources/config/fproxy/auth/tomcat_keystore b/resources/config/fproxy/auth/tomcat_keystore
new file mode 100644
index 0000000..d68bf73
--- /dev/null
+++ b/resources/config/fproxy/auth/tomcat_keystore
Binary files differ
diff --git a/resources/config/haproxy/aai.pem b/resources/config/haproxy/aai.pem
new file mode 100644
index 0000000..e6dfd6a
--- /dev/null
+++ b/resources/config/haproxy/aai.pem
@@ -0,0 +1,82 @@
+-----BEGIN CERTIFICATE-----
+MIIFATCCA+mgAwIBAgIIWY+5kgf/UH8wDQYJKoZIhvcNAQELBQAwRzELMAkGA1UE
+BhMCVVMxDTALBgNVBAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMRkwFwYDVQQDDBBp
+bnRlcm1lZGlhdGVDQV85MB4XDTE5MDMyNjAzMjc1MloXDTIwMDMyNjAzMjc1Mlow
+azERMA8GA1UEAwwIYWFpLm9uYXAxDzANBgkqhkiG9w0BCQEWADEZMBcGA1UECwwQ
+YWFpQGFhaS5vbmFwLm9yZzEOMAwGA1UECwwFT1NBQUYxDTALBgNVBAoMBE9OQVAx
+CzAJBgNVBAYTAlVTMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyZj
+PvQrgB2bhyE3kpSH6OjXigs/+MfmV4eOrEwmMzQ1lWjItu2z5WY9xNGCky85G3Pr
+qmCfT/qNPXd0W5kEujYlL0QnvrCa77WP3kSSu0kMKdUJV3S90Rp1SOhGFU/WroAQ
+XvlzyBCunqQ9/F/L6mS8dLotUbkGIQlojAYOukWOT/+ogMMxzpxtb91QR+Wl4YeY
+yzX//0rls/6nEKzCh2STHJuTkXqL0kod+KY08unpvMX2J/SEeHdWLS8Gsuus6oqM
+r4bFyquua/U1ApxEMn0/agY58V75dF5CRPJRYrqqf9I6DBr0SntHv6pzMhokjewl
+ukkrEsvIOkqEvIcE+QIDAQABo4IByzCCAccwCQYDVR0TBAIwADAOBgNVHQ8BAf8E
+BAMCBeAwIAYDVR0lAQH/BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFQGA1UdIwRN
+MEuAFIH3mVsQuciM3vNSXupOaaBDPqzdoTCkLjAsMQ4wDAYDVQQLDAVPU0FBRjEN
+MAsGA1UECgwET05BUDELMAkGA1UEBhMCVVOCAQcwHQYDVR0OBBYEFFziBN1nFOnS
+Sp7XkxOuzVNR1GFLMIIBEQYDVR0RBIIBCDCCAQSCCGFhaS5vbmFwghJhYWktc3Bh
+cmt5LWJlLm9uYXCCG2FhaS5hcGkuc2ltcGxlZGVtby5vbmFwLm9yZ4IlYWFpLmVs
+YXN0aWNzZWFyY2guc2ltcGxlZGVtby5vbmFwLm9yZ4IlYWFpLmdyZW1saW5zZXJ2
+ZXIuc2ltcGxlZGVtby5vbmFwLm9yZ4IdYWFpLmhiYXNlLnNpbXBsZWRlbW8ub25h
+cC5vcmeCJWFhaS5zZWFyY2hzZXJ2aWNlLnNpbXBsZWRlbW8ub25hcC5vcmeCF2Fh
+aS5zaW1wbGVkZW1vLm9uYXAub3JnghphYWkudWkuc2ltcGxlZGVtby5vbmFwLm9y
+ZzANBgkqhkiG9w0BAQsFAAOCAQEAlqwzbZv/0uxVPmFJMB2t5B2nw3GNojLwxnHh
+UVKzrLbDDpM36CkY8uX9kYAaf/Eg8eA5Jp0T9lGCheg0TNHM9OBqyyvDPjewZ5jO
+N0xooRs7gh4bYtQaWIjCOg6bXg+mHkW4VVbpewMJYivGpJZQ76LauuHtg1OA688s
+fy4SGrbC902OoPZ8zJlINOyljqSa+uNwvv6bg9Iqnuq/jUaFpKOYVUkMzw/ImVzy
+3kXH/hY+nz4FNvMPlULgwxskOBRp90a5VWBC48cNzg4aNtanVz6lPAr/AVD1R6jt
+ZDEd3Ww8nTlRKjUryxgoorqo8ThctZscWBpHMRW4B/LgGEYtRA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEdTCCAl2gAwIBAgIBBzANBgkqhkiG9w0BAQsFADAsMQ4wDAYDVQQLDAVPU0FB
+RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMwHhcNMTgwODE3MTg1MTM3WhcN
+MjMwODE3MTg1MTM3WjBHMQswCQYDVQQGEwJVUzENMAsGA1UECgwET05BUDEOMAwG
+A1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVkaWF0ZUNBXzkwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv0HHUkba3uNtNI3jPKimUcd6RNwmhSCJL
+neMWpnjqp5/A+HCKyNsEaT4y177hNLmCm/aMm1u2JIfikc+8wEqLCSBBPz+P0h+d
+o+sZ7U+4oeQizdYYpEdzHJ2SieHHa8vtu80rU3nO2NEIkuYC20HcKSEtl8fFKsk3
+nqlhY+tGfYJPTXcDOQAO40BTcgat3C3uIJHkWJJ4RivunE4LEuRv9QyKgAw7rkJV
+v+f7guqpZlXy6dzAkuU7XULWcgo55MkZlssoiErMvEZJad5aWKvRY3g7qUjaQ6wO
+15wOAUoRBW96eeZZbytgn8kybcBy++Ue49gPtgm1MF/KlAsp0MD5AgMBAAGjgYYw
+gYMwHQYDVR0OBBYEFIH3mVsQuciM3vNSXupOaaBDPqzdMB8GA1UdIwQYMBaAFFNV
+M/JL69BRscF4msEoMXvv6u1JMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/
+BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B
+AQsFAAOCAgEADxNymiCNr2e37iLReoaxKmZvwox0cTiNAaj7iafRzmwIoY3VXO8Q
+ix5IYcp4FaQ7fV1jyp/AmaSnyHf6Osl0sx8PxsQkO7ALttxKUrjfbvNSVUA2C/vl
+u5m7UVJLIUtFDZBWanzUSmkTsYLHpiANFQKd2c/cU1qXcyzgJVFEFVyyHNkF7Is+
++pjG9M1hwQHOoTnEuU013P7X1mHek+RXEfhJWwe7UsZnBKZaZKbQZu7hEtqKWYp/
+QsHgnjoLYXsh0WD5rz/mBxdTdDLGpFqWDzDqb8rsYnqBzoowvsasV8X8OSkov0Ht
+8Yka0ckFH9yf8j1Cwmbl6ttuonOhky3N/gwLEozuhy7TPcZGVyzevF70kXy7g1CX
+kpFGJyEHXoprlNi8FR4I+NFzbDe6a2cFow1JN19AJ9Z5Rk5m7M0mQPaQ4RcikjB3
+aoLsASCJTm1OpOFHfxEKiBW4Lsp3Uc5/Rb9ZNbfLrwqWZRM7buW1e3ekLqntgbky
+uKKISHqVJuw/vXHl1jNibEo9+JuQ88VNuAcm7WpGUogeCa2iAlPTckPZei+MwZ8w
+tpvxTyYlZEC8DWzY1VC29+W2N5cvh01e2E3Ql08W1zL63dqrgdEZ3VWjzooYi4ep
+BmMXTvouW+Flyvcw/0oTcfN0biDIt0mCkZ5CQVjfGL9DTOYteR5hw+k=
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIIEogIBAAKCAQEAuyZjPvQrgB2bhyE3kpSH6OjXigs/+MfmV4eOrEwmMzQ1lWjI
+tu2z5WY9xNGCky85G3PrqmCfT/qNPXd0W5kEujYlL0QnvrCa77WP3kSSu0kMKdUJ
+V3S90Rp1SOhGFU/WroAQXvlzyBCunqQ9/F/L6mS8dLotUbkGIQlojAYOukWOT/+o
+gMMxzpxtb91QR+Wl4YeYyzX//0rls/6nEKzCh2STHJuTkXqL0kod+KY08unpvMX2
+J/SEeHdWLS8Gsuus6oqMr4bFyquua/U1ApxEMn0/agY58V75dF5CRPJRYrqqf9I6
+DBr0SntHv6pzMhokjewlukkrEsvIOkqEvIcE+QIDAQABAoIBAEe1OrvJZM2PCqOp
+N5jjbnvwk32iN93EAl8xYppkBxMBgzJ/VsC4rYBNP4elWym4I2KAdSDwKrrDXtDZ
+b20VYXlT+8VzkOMA2izU3Y4lqi82mwGATjcDVSPExoGr9gZ+c9yi1yL8478ZnT7N
+4a5Mql5iQM9c8rZodY+9AiD8xTHbgXbaGmBsDhTxT/HPDsoacR/SHMh3XowbhAcs
+eXAe+NdDtLcG6WOEqi/EhkagkWvsecIBoy888Ffbxa5h/DLEaCCoC3Dw1tWFX8KM
+86sC9sQKDVRVKpKs2/9MGl9LoPi9jNDrOP6/Zx3T4k479ozGp/0G70LzmUcih72j
+MUbr4f0CgYEA/AV0yOLZh0i2K53jpv3e8RDJkOBFuLb0ZZVdGkVYHncw9/WY070E
+TJi0B51RAJtdSksAWa6o+1+VaJKQHtMZpABwMWDMRQUqdC+o+knONRpdCHwxXnSl
+gvujFyYJhURKDr42z0xjbQrHaEZRuVJ6tzJQhFtE66G01ngREhDPbUsCgYEAvhrB
+A/IOQpPaHcfU2ik80VE0KU9N4Ez50ZlheEbBDVTrMWzuFy8p9niNSfDKC7s5aqlP
+DgDvTD80D8Zw6+yT/aDU5iEf5vMdKc1pnlr8jJoCNSvuyJZ40kDSehsBOKC+YN3g
+b6xaYWIcH3mwwoLZO9XFsN5KAg/dSMJED8AGAEsCgYAduMMCIgbHdqLNWAyOGCif
+w3wSEvEGDMWb6VaWj5EJ3sKuq48/gW4tXmD0+O+ho7EH3vqGmRuisa4cLBTFHd5L
+QiX5HNJaXXaZRzmlcujXyGkqZAMqgZU3clfUlg7PYbNeM76hCgA7zuaffJOMyJZi
+XpOyWFUzeNmr5XMV71eXKwKBgEtgzFvGJMVdXsUkMU/3vfe5XRdsLJLdssjbKnzI
+gU/J9h/480caGmdyUYOaCGMyb4fNbl09HaV8AianJqtFeUC9/uzpAX9PsqaanmB9
+71nIz0tKCjpa/7lOnqZwAsHzasl58L4W9xdaEZChbecSfxRspSCGY44BwFpTPS2J
+lFeVAoGAFOetqKStyEy+qruEOMk+lWwaKLGZ4hLk7qmFochxwrXgx7hcZ4Zrqkv9
+7qyQtbAalFiCHGmLBdSb+GLfD/1pPUA3wJoLo/I3f4g9c7cw7m7r8MdWPDXSL2Vk
+vM97Syv92KQUBl8te7S3+bDBNklgb+KwRqSk3QRAl8ARWEjg8Kk=
+-----END RSA PRIVATE KEY-----
diff --git a/resources/config/haproxy/haproxy-pluggable-security.cfg b/resources/config/haproxy/haproxy-pluggable-security.cfg
new file mode 100644
index 0000000..1c82050
--- /dev/null
+++ b/resources/config/haproxy/haproxy-pluggable-security.cfg
@@ -0,0 +1,138 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+global
+ log /dev/log local0
+ stats socket /usr/local/etc/haproxy/haproxy.socket mode 660 level admin
+ stats timeout 30s
+ user root
+ group root
+ daemon
+ #################################
+ # Default SSL material locations#
+ #################################
+ ca-base /etc/ssl/certs
+ crt-base /etc/ssl/private
+
+ # Default ciphers to use on SSL-enabled listening sockets.
+ # For more information, see ciphers(1SSL). This list is from:
+ # https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
+ # An alternative list with additional directives can be obtained from
+ # https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=haproxy
+ tune.ssl.default-dh-param 2048
+
+defaults
+ log global
+ mode http
+ option httplog
+ option ssl-hello-chk
+ option httpchk GET /aai/util/echo HTTP/1.1\r\nHost:\ aai\r\nX-TransactionId:\ haproxy-0111\r\nX-FromAppId:\ haproxy\r\nAccept:\ application/json\r\nAuthorization:\ Basic\ YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==
+ default-server init-addr none
+# option dontlognull
+# errorfile 400 /etc/haproxy/errors/400.http
+# errorfile 403 /etc/haproxy/errors/403.http
+# errorfile 408 /etc/haproxy/errors/408.http
+# errorfile 500 /etc/haproxy/errors/500.http
+# errorfile 502 /etc/haproxy/errors/502.http
+# errorfile 503 /etc/haproxy/errors/503.http
+# errorfile 504 /etc/haproxy/errors/504.http
+
+ option http-server-close
+ option forwardfor except 127.0.0.1
+ retries 6
+ option redispatch
+ maxconn 50000
+ timeout connect 50000
+ timeout client 480000
+ timeout server 480000
+ timeout http-keep-alive 30000
+
+
+frontend IST_8443
+ mode http
+ bind 0.0.0.0:8443 name https ssl crt /etc/ssl/private/aai.pem
+# log-format %ci:%cp\ [%t]\ %ft\ %b/%s\ %Tq/%Tw/%Tc/%Tr/%Tt\ %ST\ %B\ %CC\ %CS\ %tsc\ %ac/%fc/%bc/%sc/%rc\ %sq/%bq\ %hr\ %hs\ {%[ssl_c_verify],%{+Q}[ssl_c_s_dn],%{+Q}[ssl_c_i_dn]}\ %{+Q}r
+ log-format "%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC \ %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r"
+ option httplog
+ log global
+ option logasap
+ option forwardfor
+ capture request header Host len 100
+ capture response header Host len 100
+ option log-separate-errors
+ option forwardfor
+ http-request set-header X-Forwarded-Proto https if { ssl_fc }
+ http-request set-header X-AAI-Client-SSL TRUE if { ssl_c_used }
+ http-request set-header X-AAI-SSL %[ssl_fc]
+ http-request set-header X-AAI-SSL-Client-Verify %[ssl_c_verify]
+ http-request set-header X-AAI-SSL-Client-DN %{+Q}[ssl_c_s_dn]
+ http-request set-header X-AAI-SSL-Client-CN %{+Q}[ssl_c_s_dn(cn)]
+ http-request set-header X-AAI-SSL-Issuer %{+Q}[ssl_c_i_dn]
+ http-request set-header X-AAI-SSL-Client-NotBefore %{+Q}[ssl_c_notbefore]
+ http-request set-header X-AAI-SSL-Client-NotAfter %{+Q}[ssl_c_notafter]
+ http-request set-header X-AAI-SSL-ClientCert-Base64 %{+Q}[ssl_c_der,base64]
+ http-request set-header X-AAI-SSL-Client-OU %{+Q}[ssl_c_s_dn(OU)]
+ http-request set-header X-AAI-SSL-Client-L %{+Q}[ssl_c_s_dn(L)]
+ http-request set-header X-AAI-SSL-Client-ST %{+Q}[ssl_c_s_dn(ST)]
+ http-request set-header X-AAI-SSL-Client-C %{+Q}[ssl_c_s_dn(C)]
+ http-request set-header X-AAI-SSL-Client-O %{+Q}[ssl_c_s_dn(O)]
+ reqadd X-Forwarded-Proto:\ https
+ reqadd X-Forwarded-Port:\ 8443
+
+#######################
+#ACLS FOR PORT 8446####
+#######################
+
+ acl is_Port_8446_generic path_reg -i ^/aai/v[0-9]+/search/generic-query$
+ acl is_Port_8446_nodes path_reg -i ^/aai/v[0-9]+/search/nodes-query$
+ acl is_Port_8446_version path_reg -i ^/aai/v[0-9]+/query$
+ acl is_named-query path_beg -i /aai/search/named-query
+ acl is_search-model path_beg -i /aai/search/model
+ use_backend IST_AAI_8446 if is_Port_8446_generic or is_Port_8446_nodes or is_Port_8446_version or is_named-query or is_search-model
+
+ default_backend IST_Default_8447
+
+
+#######################
+#DEFAULT BACKEND 847###
+#######################
+
+backend IST_Default_8447
+ balance roundrobin
+ http-request set-header X-Forwarded-Port %[src_port]
+ http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload;
+ server aai-resources.{{.Release.Namespace}} aai-resources.{{.Release.Namespace}}.svc.cluster.local:8447 resolvers kubernetes check check-ssl port 8447 ssl verify none
+
+
+#######################
+# BACKEND 8446#########
+#######################
+
+backend IST_AAI_8446
+ balance roundrobin
+ http-request set-header X-Forwarded-Port %[src_port]
+ http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload;
+ server aai-traversal.{{.Release.Namespace}} aai-traversal.{{.Release.Namespace}}.svc.cluster.local:8446 resolvers kubernetes check check-ssl port 8446 ssl verify none
+
+listen IST_AAI_STATS
+ mode http
+ bind *:8080
+ stats uri /stats
+ stats enable
+ stats refresh 30s
+ stats hide-version
+ stats auth admin:admin
+ stats show-legends
+ stats show-desc IST AAI APPLICATION NODES
+ stats admin if TRUE
diff --git a/resources/config/haproxy/haproxy.cfg b/resources/config/haproxy/haproxy.cfg
new file mode 100644
index 0000000..8beae0e
--- /dev/null
+++ b/resources/config/haproxy/haproxy.cfg
@@ -0,0 +1,138 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+global
+ log /dev/log local0
+ stats socket /usr/local/etc/haproxy/haproxy.socket mode 660 level admin
+ stats timeout 30s
+ user root
+ group root
+ daemon
+ #################################
+ # Default SSL material locations#
+ #################################
+ ca-base /etc/ssl/certs
+ crt-base /etc/ssl/private
+
+ # Default ciphers to use on SSL-enabled listening sockets.
+ # For more information, see ciphers(1SSL). This list is from:
+ # https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
+ # An alternative list with additional directives can be obtained from
+ # https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=haproxy
+ tune.ssl.default-dh-param 2048
+
+defaults
+ log global
+ mode http
+ option httplog
+ option ssl-hello-chk
+ option httpchk GET /aai/util/echo HTTP/1.1\r\nHost:\ aai\r\nX-TransactionId:\ haproxy-0111\r\nX-FromAppId:\ haproxy\r\nAccept:\ application/json\r\nAuthorization:\ Basic\ QUFJOkFBSQ==
+ default-server init-addr none
+# option dontlognull
+# errorfile 400 /etc/haproxy/errors/400.http
+# errorfile 403 /etc/haproxy/errors/403.http
+# errorfile 408 /etc/haproxy/errors/408.http
+# errorfile 500 /etc/haproxy/errors/500.http
+# errorfile 502 /etc/haproxy/errors/502.http
+# errorfile 503 /etc/haproxy/errors/503.http
+# errorfile 504 /etc/haproxy/errors/504.http
+
+ option http-server-close
+ option forwardfor except 127.0.0.1
+ retries 6
+ option redispatch
+ maxconn 50000
+ timeout connect 50000
+ timeout client 480000
+ timeout server 480000
+ timeout http-keep-alive 30000
+
+
+frontend IST_8443
+ mode http
+ bind 0.0.0.0:8443 name https ssl crt /etc/ssl/private/aai.pem
+# log-format %ci:%cp\ [%t]\ %ft\ %b/%s\ %Tq/%Tw/%Tc/%Tr/%Tt\ %ST\ %B\ %CC\ %CS\ %tsc\ %ac/%fc/%bc/%sc/%rc\ %sq/%bq\ %hr\ %hs\ {%[ssl_c_verify],%{+Q}[ssl_c_s_dn],%{+Q}[ssl_c_i_dn]}\ %{+Q}r
+ log-format "%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC \ %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r"
+ option httplog
+ log global
+ option logasap
+ option forwardfor
+ capture request header Host len 100
+ capture response header Host len 100
+ option log-separate-errors
+ option forwardfor
+ http-request set-header X-Forwarded-Proto https if { ssl_fc }
+ http-request set-header X-AAI-Client-SSL TRUE if { ssl_c_used }
+ http-request set-header X-AAI-SSL %[ssl_fc]
+ http-request set-header X-AAI-SSL-Client-Verify %[ssl_c_verify]
+ http-request set-header X-AAI-SSL-Client-DN %{+Q}[ssl_c_s_dn]
+ http-request set-header X-AAI-SSL-Client-CN %{+Q}[ssl_c_s_dn(cn)]
+ http-request set-header X-AAI-SSL-Issuer %{+Q}[ssl_c_i_dn]
+ http-request set-header X-AAI-SSL-Client-NotBefore %{+Q}[ssl_c_notbefore]
+ http-request set-header X-AAI-SSL-Client-NotAfter %{+Q}[ssl_c_notafter]
+ http-request set-header X-AAI-SSL-ClientCert-Base64 %{+Q}[ssl_c_der,base64]
+ http-request set-header X-AAI-SSL-Client-OU %{+Q}[ssl_c_s_dn(OU)]
+ http-request set-header X-AAI-SSL-Client-L %{+Q}[ssl_c_s_dn(L)]
+ http-request set-header X-AAI-SSL-Client-ST %{+Q}[ssl_c_s_dn(ST)]
+ http-request set-header X-AAI-SSL-Client-C %{+Q}[ssl_c_s_dn(C)]
+ http-request set-header X-AAI-SSL-Client-O %{+Q}[ssl_c_s_dn(O)]
+ reqadd X-Forwarded-Proto:\ https
+ reqadd X-Forwarded-Port:\ 8443
+
+#######################
+#ACLS FOR PORT 8446####
+#######################
+
+ acl is_Port_8446_generic path_reg -i ^/aai/v[0-9]+/search/generic-query$
+ acl is_Port_8446_nodes path_reg -i ^/aai/v[0-9]+/search/nodes-query$
+ acl is_Port_8446_version path_reg -i ^/aai/v[0-9]+/query$
+ acl is_named-query path_beg -i /aai/search/named-query
+ acl is_search-model path_beg -i /aai/search/model
+ use_backend IST_AAI_8446 if is_Port_8446_generic or is_Port_8446_nodes or is_Port_8446_version or is_named-query or is_search-model
+
+ default_backend IST_Default_8447
+
+
+#######################
+#DEFAULT BACKEND 847###
+#######################
+
+backend IST_Default_8447
+ balance roundrobin
+ http-request set-header X-Forwarded-Port %[src_port]
+ http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload;
+ server aai-resources.{{.Release.Namespace}} aai-resources.{{.Release.Namespace}}.svc.cluster.local:8447 resolvers kubernetes check check-ssl port 8447 ssl verify none
+
+
+#######################
+# BACKEND 8446#########
+#######################
+
+backend IST_AAI_8446
+ balance roundrobin
+ http-request set-header X-Forwarded-Port %[src_port]
+ http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload;
+ server aai-traversal.{{.Release.Namespace}} aai-traversal.{{.Release.Namespace}}.svc.cluster.local:8446 resolvers kubernetes check check-ssl port 8446 ssl verify none
+
+listen IST_AAI_STATS
+ mode http
+ bind *:8080
+ stats uri /stats
+ stats enable
+ stats refresh 30s
+ stats hide-version
+ stats auth admin:admin
+ stats show-legends
+ stats show-desc IST AAI APPLICATION NODES
+ stats admin if TRUE
diff --git a/resources/config/log/filebeat/filebeat.yml b/resources/config/log/filebeat/filebeat.yml
new file mode 100644
index 0000000..39cc6db
--- /dev/null
+++ b/resources/config/log/filebeat/filebeat.yml
@@ -0,0 +1,55 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+filebeat.prospectors:
+#it is mandatory, in our case it's log
+- input_type: log
+ #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory.
+ paths:
+ - /var/log/onap/*/*/*/*.log
+ - /var/log/onap/*/*/*.log
+ - /var/log/onap/*/*.log
+ #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive
+ ignore_older: 48h
+ # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit
+ clean_inactive: 96h
+
+
+# Name of the registry file. If a relative path is used, it is considered relative to the
+# data path. Else full qualified file name.
+#filebeat.registry_file: ${path.data}/registry
+
+
+output.logstash:
+ #List of logstash server ip addresses with port number.
+ #But, in our case, this will be the loadbalancer IP address.
+ #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
+ hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"]
+ #If enable will do load balancing among availabe Logstash, automatically.
+ loadbalance: true
+
+ #The list of root certificates for server verifications.
+ #If certificate_authorities is empty or not set, the trusted
+ #certificate authorities of the host system are used.
+ #ssl.certificate_authorities: $ssl.certificate_authorities
+
+ #The path to the certificate for SSL client authentication. If the certificate is not specified,
+ #client authentication is not available.
+ #ssl.certificate: $ssl.certificate
+
+ #The client certificate key used for client authentication.
+ #ssl.key: $ssl.key
+
+ #The passphrase used to decrypt an encrypted key stored in the configured key file
+ #ssl.key_passphrase: $ssl.key_passphrase
diff --git a/resources/config/rproxy/auth/client-cert.p12 b/resources/config/rproxy/auth/client-cert.p12
new file mode 100644
index 0000000..dbf4fca
--- /dev/null
+++ b/resources/config/rproxy/auth/client-cert.p12
Binary files differ
diff --git a/resources/config/rproxy/auth/org.onap.aai.p12 b/resources/config/rproxy/auth/org.onap.aai.p12
new file mode 100644
index 0000000..023e2ea
--- /dev/null
+++ b/resources/config/rproxy/auth/org.onap.aai.p12
Binary files differ
diff --git a/resources/config/rproxy/auth/tomcat_keystore b/resources/config/rproxy/auth/tomcat_keystore
new file mode 100644
index 0000000..99129c1
--- /dev/null
+++ b/resources/config/rproxy/auth/tomcat_keystore
Binary files differ
diff --git a/resources/config/rproxy/security/keyfile b/resources/config/rproxy/security/keyfile
new file mode 100644
index 0000000..3416d4a
--- /dev/null
+++ b/resources/config/rproxy/security/keyfile
@@ -0,0 +1,27 @@
+2otP92kNFHdexroZxvgYY7ffslFiwCD3CiVYMIfUF2edqZK7972NwkvE_mbaBo6jh8lByLIqrWAf
+jyzoiVsvQ_kCa0cS1xaRLpcxv3bx1b7o3hGPBqpd6vmSG4y2JLzNlCBZWuTJz827wr8p_fWrYuUm
+4L1WoaEe8W5PRnXjl4hDqbJBAlEoRIBXugUDt_7O5wgx2Rl3HVoOczZtf0RzONZ1F0BmKf3QlAUe
+moSbARitYRgIPt5sLbT7qPyoEpGDhQ1XBowR744-wsjBc-14yO62Ajp5xWKTp15uWn3_HHuw1SAf
+GWSBRGlSlEVkXQqi9Hw5jDttKVzHX1ckwR0SQOirbtHPHplxPX3WKjKhSdSeMzw6LOAHIQYRMKBT
+74oGnULAfPtV7TaGwOKriT3P49CoPdt9On89-LGyCZSxDWKH0K-rgB6I2_hPT2Uzr3jmXiMa-sfh
+iMvyQ7ABBVx0OFsUuNb5mcU2O6dWiQreL5RerrloV_X3ZtnNjxENXKjQ5KBR1A5ISPjFFK-kf4Rb
+p6FSII8LcsiqgdWuZ4GX_C6x8HX4A-vD0x3Uc9CfoXY-k23cNIy-R-W-oB-P2OgdWDNgZ7VaOLNt
+3L-NwWpNblfYvs93cNmkbVAwCZ3r0OP7RFeuON84TRaynK_Fh2S3rypRyJcUmM1pvpZqJ5_-umSW
+hUs1OqkdLv3xjlVzzK-3nMr0q3Zcyp4XdyLYtcX5I3Xqk9ZcsyAT7ghmHhV8KjUjue7OcfAWg0m7
+RJLGq6VC8HeK4HEMa4lF677Qh7DRufghIDEmQSIDfGA790WGSA8HqcOvAL4hURCHyCWiPa5i8ksX
+xX4HyqF8PCVCLJ_ZhzcuIlc0jStAexWbJU_vcyX7XgUaHCkF-M-zv1FP6Z3DHBMD2QqSWjmyNCCk
+8sIuwzs62P_j2o9jG33kssedCrUWOwZancU107-5H0Zw-UWvtCqUfmRZ7TsEbWY7lk_SKfLfAN5q
+ncOQgU_VxDXUFDST4LN_WVECRafK3UtwWomxWSji25Lbf6NVni3ok-yLMDZR-wrE-54jLPES9j0i
+5N0xrk9CfsvGUpUZ1_XQcgaxI6m27DtCCJXb5ywenPBiUIJCMCTq88CqNZxGpju2i4BJcUH2hUHe
+GKhO8pgslwhtEVot9EDwdzSrJkWFCfb6ud4zMxrqdi7-mLWMOydg6lhpEFEX5wu2BLIujGsZlEGE
+_K9jGfBypjXuJCKDZIuPfEnf_7idjKis_JcFB7x4Hx2HHDcBjlWWFZN_VIEnPkQSyZEC26RTFP3k
+zkY3GwUfA36a4XW2pu3gE9wz-W6fkONfzOZ6YiyCm_dRFUVuGSdJG02Hh5iXYlMOGJltPzWH2jVf
+S-QTOmXQTKSOheXoJO6O-9uQbsRf-kq-6w1pvIOp4ms35w4_0Xj0Xr2a9y-L9PdBZvrUsa-jxsZU
+LyA-YY4Ej6QwDBDTD2MGjF1E5_ekYgjoNlltM9rJjofruM4ym0n7LPHC7YXXQSEFOZYeTKi6wUDw
+hQ1DoWHgu4PQ2lexada8sxQdConbPe2iW16h-PrO5D12E4XbT00fqaMlBmjQwzdNRdCC2NRPIQ5W
+nwaO8dZ9yjxsjT7ZVHb9-DRblb3XDocponzxVXqUGtJAie4WXQnerX0ApTWGaHEr5y56JJVS_3LP
+bKrbXBXcs4jTUX4ECXRrOs8JQDQNysXhvTPCu0XUxNZpjx6KLxDs93k2OcESHjl5J6n6OKKJqqoN
+JEyFO5LGXpnmUJbn0-CaHHPRI1mHwEu4brY8wDZd9A0PD1KGXDoCHMfEk1lGblQdyOcVrXZ6uSBk
+Z6zHDnwSCHO1mPYqtelJQehZoFuPSv9PIgKLxs_qJOtZFnXII5YO1mGXgiIBWBjUFDR5HG4ENS6y
+J4MCF-JLMp-PVMAkOaCIQRRDpRnMm_fT1sc_P562Diu_pcdt-r55pMFQYGoGfjRmxQBKk0-SsdnP
+mlZIiis9DfQEN0q3QQdNRYBJD7tmhUwhAPZdLgXqJA8sZf8UyFQhhpsky79NT343YL9smUlF \ No newline at end of file
diff --git a/templates/configmap.yaml b/templates/configmap.yaml
new file mode 100644
index 0000000..651bf8d
--- /dev/null
+++ b/templates/configmap.yaml
@@ -0,0 +1,103 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# this is a shared resource for subcharts
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: aai-filebeat
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: aai-deployment-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ if .Values.global.installSidecarSecurity }}
+{{ tpl (.Files.Glob "resources/config/haproxy/haproxy-pluggable-security.cfg").AsConfig . | indent 2 }}
+{{ else }}
+{{ tpl (.Files.Glob "resources/config/haproxy/haproxy.cfg").AsConfig . | indent 2 }}
+{{ end }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: aai-haproxy-secret
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/haproxy/aai.pem").AsSecrets . | indent 2 }}
+# This is a shared key for both resources and traversal
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: aai-auth-truststore-secret
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/aai/*").AsSecrets . | indent 2 }}
+
+{{ if .Values.global.installSidecarSecurity }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: aai-fproxy-auth-certs
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/fproxy/auth/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: aai-rproxy-auth-certs
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/rproxy/auth/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: aai-rproxy-security-config
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/rproxy/security/*").AsSecrets . | indent 2 }}
+{{ end }} \ No newline at end of file
diff --git a/templates/deployment.yaml b/templates/deployment.yaml
new file mode 100644
index 0000000..8c10730
--- /dev/null
+++ b/templates/deployment.yaml
@@ -0,0 +1,131 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ name: {{ .Release.Name }}
+ annotations:
+ checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
+ spec:
+ initContainers:
+ - command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - aai-resources
+ - --container-name
+ - aai-traversal
+ - --container-name
+ - aai-graphadmin
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-readiness
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ .Values.global.dockerhubRepository | default .Values.dockerhubRepository }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /dev/log
+ name: aai-service-log
+ - mountPath: /usr/local/etc/haproxy/haproxy.cfg
+ {{ if .Values.global.installSidecarSecurity }}
+ subPath: haproxy-pluggable-security.cfg
+ {{ else }}
+ subPath: haproxy.cfg
+ {{ end }}
+ name: haproxy-cfg
+ - mountPath: /etc/ssl/private/aai.pem
+ name: aai-pem
+ subPath: aai.pem
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ - containerPort: {{ .Values.service.internalPort2 }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort2 }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end -}}
+ readinessProbe:
+ httpGet:
+ path: /aai/util/echo
+ port: {{ .Values.service.internalPort2 }}
+ scheme: HTTPS
+ httpHeaders:
+ - name: X-FromAppId
+ value: OOM_ReadinessCheck
+ {{ if .Values.global.installSidecarSecurity }}
+ - name: Authorization
+ value: Basic YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==
+ {{ end }}
+ - name: X-TransactionId
+ value: {{ uuidv4 }}
+ - name: Accept
+ value: application/json
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ resources:
+{{ include "common.resources" . }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
+
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: aai-service-log
+ hostPath:
+ path: "/dev/log"
+ - name: haproxy-cfg
+ configMap:
+ name: aai-deployment-configmap
+ - name: aai-pem
+ secret:
+ secretName: aai-haproxy-secret
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/templates/secret.yaml b/templates/secret.yaml
new file mode 100644
index 0000000..f01f11d
--- /dev/null
+++ b/templates/secret.yaml
@@ -0,0 +1,36 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Secret
+metadata:
+ name: aai-common-aai-auth
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: aai-common-truststore
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/aai/*").AsSecrets . | indent 2 }}
diff --git a/templates/service.yaml b/templates/service.yaml
new file mode 100644
index 0000000..91bdb2e
--- /dev/null
+++ b/templates/service.yaml
@@ -0,0 +1,47 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - name: {{ .Values.service.portName }}
+ port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ - name: {{ .Values.service.portName2 }}
+ port: {{ .Values.service.externalPort2 }}
+ targetPort: {{ .Values.service.internalPort2 }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ - port: {{ .Values.service.externalPort2 }}
+ targetPort: {{ .Values.service.internalPort2 }}
+ name: {{ .Values.service.portName2 }}
+ {{- end}}
+ type: {{ .Values.service.type }}
+ selector:
+ app: {{ include "common.name" . }}
+ clusterIP: {{ .Values.service.aaiServiceClusterIp }}
diff --git a/values.yaml b/values.yaml
new file mode 100644
index 0000000..b2e17af
--- /dev/null
+++ b/values.yaml
@@ -0,0 +1,376 @@
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Default values for aai.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+global: # global defaults
+ nodePortPrefix: 302
+ repository: nexus3.onap.org:10001
+ dockerhubRepository: docker.io
+ busyboxImage: busybox
+
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+
+ restartPolicy: Always
+
+ installSidecarSecurity: false
+ aafEnabled: true
+
+ fproxy:
+ name: forward-proxy
+ activeSpringProfiles: noHostVerification,cadi
+ image: onap/fproxy:2.1-STAGING-latest
+ port: 10680
+
+ rproxy:
+ name: reverse-proxy
+ activeSpringProfiles: noHostVerification,cadi
+ image: onap/rproxy:2.1-STAGING-latest
+ port: 10692
+
+ tproxyConfig:
+ name: init-tproxy-config
+ image: onap/tproxy-config:2.1-STAGING-latest
+
+ # AAF server details. Only needed if the AAF DNS does not resolve from the pod
+ aaf:
+ serverIp: 10.12.6.214
+ serverHostname: aaf.osaaf.org
+ serverPort: 30247
+
+ cassandra:
+ #This will instantiate AAI cassandra cluster, default:shared cassandra.
+ localCluster: false
+
+ #Service Name of the cassandra cluster to connect to.
+ #Override it to aai-cassandra if localCluster is enabled.
+ serviceName: cassandra
+
+ #This should be same as shared cassandra instance or if localCluster is enabled
+ #then it should be same as aai-cassandra replicaCount
+ replicas: 3
+
+ aai:
+ serviceName: aai
+ babel:
+ serviceName: aai-babel
+ champ:
+ serviceName: aai-champ
+ aaiElasticsearch:
+ serviceName: aai-elasticsearch
+ resources:
+ serviceName: aai-resources
+ sparkyBe:
+ serviceName: aai-sparky-be
+ dataRouter:
+ serviceName: aai-data-router
+ gizmo:
+ serviceName: aai-gizmo
+ modelloader:
+ serviceName: aai-modelloader
+ searchData:
+ serviceName: aai-search-data
+ traversal:
+ serviceName: aai-traversal
+ graphadmin:
+ serviceName: aai-graphadmin
+ spike:
+ serviceName: aai-spike
+
+ initContainers:
+ enabled: true
+ # Specifies a list of jobs to be run
+ jobs:
+ # When enabled, it will create the schema based on oxm and edge rules
+ createSchema:
+ enabled: true
+ # When enabled, it will create the widget models via REST API to haproxy
+ updateQueryData:
+ enabled: true
+ #migration using helm hooks
+ migration:
+ enabled: false
+ remoteCassandra:
+ enabled: false
+ storage:
+ backend: cassandra
+ hostname: 10.10.10.10
+ connectionTimeout: 100000
+ cacheSize: 1000000
+ keyConsistent: true
+
+ #If backend is cql or cassandra it should be keyspace name
+ #else backend is hbase it should be hbase table name
+ name: aaigraph
+
+ ## CQL driver specific properties for janusgraph
+ # cql:
+ # #Name of the Cassandra Cluster
+ # cluster: someclustername
+ # readConsistency: QUORUM
+ # writeConsistency: QUORUM
+ # replicationFactor: 3
+ # localConsistencyForSysOps: true
+
+ ## Cassandra driver specific properties for janusgraph
+ cassandra:
+ #Name of the Cassandra Cluster
+ clusterName: aai-cluster
+ localDataCenter: Pod lab
+ readConsistency: LOCAL_QUORUM
+ writeConsistency: LOCAL_QUORUM
+ replicationFactor: 3
+
+ #storage:
+ # backend: cassandra
+ # hostname: somehost1,somehost2,somehost3
+ # connectionTimeout: 100000
+ # cacheSize: 1000000
+ # clusterName: someClusterName
+ # localDataCenter: someDataCenter
+ # keyConsistent: true
+ # #If backend is cql or cassandra it should be keyspace name
+ # #else backend is hbase it should be hbase table name
+ # name: your_hbase_table_or_keyspace_name
+
+ ## CQL driver specific properties for janusgraph
+ # cql:
+ # #Name of the Cassandra Cluster
+ # cluster: someclustername
+ # readConsistency: QUORUM
+ # writeConsistency: QUORUM
+ # replicationFactor: 3
+ # localConsistencyForSysOps: true
+
+ ## Cassandra driver specific properties for janusgraph
+ # cassandra:
+ # #Name of the Cassandra Cluster
+ # cluster: someclustername
+ # readConsistency: LOCAL_QUORUM
+ # writeConsistency: LOCAL_QUORUM
+ # replicationFactor: 3
+
+
+ # Common configuration for resources traversal and graphadmin
+ config:
+ # User information for the admin user in container
+ userId: 1000
+ groupId: 1000
+
+ # Specifies that the cluster connected to a dynamic
+ # cluster being spinned up by kubernetes deployment
+ cluster:
+ cassandra:
+ dynamic: true
+
+ # If cluster.cassandra.dynamic is set to false
+ # Then the following configuration should be uncommented
+ # This is if you are planning to connect to a existing
+ # Cassandra cluster instead of doing the deployment
+ #storage:
+ # backend: cassandra
+ # hostname: somehost1,somehost2,somehost3
+ # connectionTimeout: 100000
+ # cacheSize: 1000000
+ # clusterName: someClusterName
+ # localDataCenter: someDataCenter
+ # keyConsistent: true
+ # # If backend is cql or cassandra it should be keyspace name
+ # # else backend is hbase it should be hbase table name
+ # name: your_hbase_table_or_keyspace_name
+
+ # # CQL driver specific properties for janusgraph
+ # cql:
+ # # Name of the Cassandra Cluster
+ # cluster: someclustername
+ # readConsistency: QUORUM
+ # writeConsistency: QUORUM
+ # replicationFactor: 3
+ # localConsistencyForSysOps: true
+
+ # # Cassandra driver specific properties for janusgraph
+ # cassandra:
+ # # Name of the Cassandra Cluster
+ # cluster: someclustername
+ # readConsistency: LOCAL_QUORUM
+ # writeConsistency: LOCAL_QUORUM
+ # replicationFactor: 3
+
+ # Specifies if the basic authorization is enabled
+ basic:
+ auth:
+ enabled: true
+ username: AAI
+ passwd: AAI
+
+ # Active spring profiles for the resources microservice
+ profiles:
+ active: production,dmaap,aaf-auth
+
+ # Notification event specific properties
+ notification:
+ eventType: AAI-EVENT
+ domain: dev
+
+ # Schema specific properties that include supported versions of api
+ schema:
+ # Specifies if the connection should be one way ssl, two way ssl or no auth
+ service:
+ client: one-way-ssl
+ # Specifies which translator to use if it has schema-service, then it will make a rest request to schema service
+ translator:
+ list: schema-service
+ source:
+ # Specifies which folder to take a look at
+ name: onap
+ uri:
+ # Base URI Path of the application
+ base:
+ path: /aai
+ version:
+ # Current version of the REST API
+ api:
+ default: v16
+ # Specifies which version the depth parameter is configurable
+ depth: v11
+ # List of all the supported versions of the API
+ list: v11,v12,v13,v14,v15,v16
+ # Specifies from which version related link should appear
+ related:
+ link: v11
+ # Specifies from which version the app root change happened
+ app:
+ root: v11
+ # Specifies from which version the xml namespace changed
+ namespace:
+ change: v12
+ # Specifies from which version the edge label appeared in API
+ edge:
+ label: v12
+
+ # Keystore configuration password and filename
+ keystore:
+ filename: aai_keystore
+ passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0
+
+ # Truststore configuration password and filename
+ truststore:
+ filename: aai_keystore
+ passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0
+
+ # Specifies a list of files to be included in auth volume
+ auth:
+ files:
+ - aai_keystore
+
+ # Specifies which clients should always default to realtime graph connection
+ realtime:
+ clients: SDNC,MSO,SO,robot-ete
+
+ # Logback debug enabled
+ logback:
+ console:
+ # If enabled, container will print all logback to standard output
+ # This will make debugging much easier but it should only be done
+ # when debugging the issue and changed back as it can affect performance
+ # since when this is enabled, it prints a lot of information to console
+ enabled: false
+
+# application image
+dockerhubRepository: registry.hub.docker.com
+image: aaionap/haproxy:1.4.0
+pullPolicy: Always
+
+flavor: small
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# application configuration
+config:
+ logstashServiceName: log-ls
+ logstashPort: 5044
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+#This section is used when localCluster is enabled. AAI will create its own cassandra cluster for its specific use.
+#Below command will instantiate the aai cassandra instances:
+#helm deploy demo local/onap --version=4.0.0 --namespace onap --set aai.enabled=true \
+# --set aai.global.cassandra.localCluster=true \
+# --set aai.global.cassandra.serviceName=aai-cassandra
+cassandra:
+ nameOverride: aai-cassandra
+ replicaCount: 3
+ service:
+ name: aai-cassandra
+ persistence:
+ mountSubPath: aai/cassandra
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+
+service:
+ type: NodePort
+ portName: aai
+ externalPort: 8080
+ internalPort: 8080
+ nodePort: 32
+ portName2: aai-ssl
+ externalPort2: 8443
+ internalPort2: 8443
+ nodePort2: 33
+ # POLICY hotfix - Note this must be temporary
+ # See https://jira.onap.org/browse/POLICY-510
+ aaiServiceClusterIp:
+
+ingress:
+ enabled: false
+
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 4Gi
+ requests:
+ cpu: 1
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 8Gi
+ requests:
+ cpu: 2
+ memory: 2Gi
+ unlimited: {}