From 54668628a12b389d40853c58330977a70bd4795d Mon Sep 17 00:00:00 2001
From: Jimmy Forsyth <jf2512@att.com>
Date: Mon, 5 Aug 2019 12:01:16 -0400
Subject: Disable non-workflow mS in helm charts

Issue-ID: AAI-2558
Signed-off-by: Jimmy Forsyth <jf2512@att.com>
Change-Id: I06b4049b2e5c0bae734b4619abd6298a99ae2a11
---
 components/aai-champ/Chart.yaml                    |  19 ++
 components/aai-champ/requirements.yaml             |  22 ++
 .../config/appconfig/auth/champ_policy.json        |  19 ++
 .../config/appconfig/auth/tomcat_keystore          | Bin 0 -> 3429 bytes
 .../config/appconfig/champ-api.properties          |  20 ++
 .../resources/config/dynamic/conf/champ-beans.xml  |  86 +++++++
 .../aai-champ/resources/config/log/logback.xml     | 176 +++++++++++++
 .../resources/fproxy/config/fproxy.properties      |   2 +
 .../resources/fproxy/config/logback-spring.xml     |  45 ++++
 .../aai-champ/resources/fproxy/config/readme.txt   |   1 +
 .../rproxy/config/auth/uri-authorization.json      |  99 ++++++++
 .../resources/rproxy/config/cadi.properties        |  39 +++
 .../rproxy/config/forward-proxy.properties         |   4 +
 .../resources/rproxy/config/logback-spring.xml     |  45 ++++
 .../rproxy/config/primary-service.properties       |   3 +
 .../aai-champ/resources/rproxy/config/readme.txt   |   1 +
 .../rproxy/config/reverse-proxy.properties         |   1 +
 components/aai-champ/templates/configmap.yaml      |  95 +++++++
 components/aai-champ/templates/deployment.yaml     | 277 +++++++++++++++++++++
 components/aai-champ/templates/secrets.yaml        |  60 +++++
 components/aai-champ/templates/service.yaml        |  53 ++++
 components/aai-champ/values.yaml                   |  90 +++++++
 22 files changed, 1157 insertions(+)
 create mode 100644 components/aai-champ/Chart.yaml
 create mode 100644 components/aai-champ/requirements.yaml
 create mode 100644 components/aai-champ/resources/config/appconfig/auth/champ_policy.json
 create mode 100644 components/aai-champ/resources/config/appconfig/auth/tomcat_keystore
 create mode 100644 components/aai-champ/resources/config/appconfig/champ-api.properties
 create mode 100644 components/aai-champ/resources/config/dynamic/conf/champ-beans.xml
 create mode 100644 components/aai-champ/resources/config/log/logback.xml
 create mode 100644 components/aai-champ/resources/fproxy/config/fproxy.properties
 create mode 100644 components/aai-champ/resources/fproxy/config/logback-spring.xml
 create mode 100644 components/aai-champ/resources/fproxy/config/readme.txt
 create mode 100644 components/aai-champ/resources/rproxy/config/auth/uri-authorization.json
 create mode 100644 components/aai-champ/resources/rproxy/config/cadi.properties
 create mode 100644 components/aai-champ/resources/rproxy/config/forward-proxy.properties
 create mode 100644 components/aai-champ/resources/rproxy/config/logback-spring.xml
 create mode 100644 components/aai-champ/resources/rproxy/config/primary-service.properties
 create mode 100644 components/aai-champ/resources/rproxy/config/readme.txt
 create mode 100644 components/aai-champ/resources/rproxy/config/reverse-proxy.properties
 create mode 100644 components/aai-champ/templates/configmap.yaml
 create mode 100644 components/aai-champ/templates/deployment.yaml
 create mode 100644 components/aai-champ/templates/secrets.yaml
 create mode 100644 components/aai-champ/templates/service.yaml
 create mode 100644 components/aai-champ/values.yaml

(limited to 'components/aai-champ')

diff --git a/components/aai-champ/Chart.yaml b/components/aai-champ/Chart.yaml
new file mode 100644
index 0000000..9d0a967
--- /dev/null
+++ b/components/aai-champ/Chart.yaml
@@ -0,0 +1,19 @@
+# Copyright © 2018 Amdocs, AT&T
+# Modifications Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP AAI Champ microservice
+name: aai-champ
+version: 5.0.0
diff --git a/components/aai-champ/requirements.yaml b/components/aai-champ/requirements.yaml
new file mode 100644
index 0000000..d920c92
--- /dev/null
+++ b/components/aai-champ/requirements.yaml
@@ -0,0 +1,22 @@
+# Copyright © 2018 Amdocs, AT&T
+# Modifications Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+  - name: common
+    version: ~5.x-0
+    # local reference to common chart, as it is
+    # a part of this chart's package and will not
+    # be published independently to a repo (at this point)
+    repository: '@local'
diff --git a/components/aai-champ/resources/config/appconfig/auth/champ_policy.json b/components/aai-champ/resources/config/appconfig/auth/champ_policy.json
new file mode 100644
index 0000000..a059e86
--- /dev/null
+++ b/components/aai-champ/resources/config/appconfig/auth/champ_policy.json
@@ -0,0 +1,19 @@
+{
+	"roles": [
+		{
+			"name": "admin",
+			"functions": [
+				{
+					"name": "search", "methods": [ { "name": "GET" },{ "name": "DELETE" }, { "name": "PUT" }, { "name": "POST" } ]
+				}
+			],
+
+			"users": [
+				{
+					"username": "CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA"
+				}
+			]
+		}
+	]
+}
+
diff --git a/components/aai-champ/resources/config/appconfig/auth/tomcat_keystore b/components/aai-champ/resources/config/appconfig/auth/tomcat_keystore
new file mode 100644
index 0000000..c4c7271
Binary files /dev/null and b/components/aai-champ/resources/config/appconfig/auth/tomcat_keystore differ
diff --git a/components/aai-champ/resources/config/appconfig/champ-api.properties b/components/aai-champ/resources/config/appconfig/champ-api.properties
new file mode 100644
index 0000000..0aba797
--- /dev/null
+++ b/components/aai-champ/resources/config/appconfig/champ-api.properties
@@ -0,0 +1,20 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+keyName=aai-uuid
+sourceOfTruthName=source-of-truth
+createdTsName=aai-created-ts
+lastModTsName=aai-last-mod-ts
+collectionPropertiesKey=properties
+
diff --git a/components/aai-champ/resources/config/dynamic/conf/champ-beans.xml b/components/aai-champ/resources/config/dynamic/conf/champ-beans.xml
new file mode 100644
index 0000000..08390b6
--- /dev/null
+++ b/components/aai-champ/resources/config/dynamic/conf/champ-beans.xml
@@ -0,0 +1,86 @@
+<!--
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+-->
+
+<beans xmlns="http://www.springframework.org/schema/beans"
+xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+xmlns:util="http://www.springframework.org/schema/util"
+xsi:schemaLocation="
+       http://www.springframework.org/schema/beans
+       http://www.springframework.org/schema/beans/spring-beans.xsd
+       http://www.springframework.org/schema/util
+       http://www.springframework.org/schema/util/spring-util.xsd
+       ">
+
+    <bean id="champEventPublisher" class="org.onap.aai.event.client.DMaaPEventPublisher" >
+        <constructor-arg name="host" value="message-router.{{.Release.Namespace}}:{{.Values.event.port.dmaap}}" />
+        <constructor-arg name="topic" value="{{.Values.event.publisher.topic}}" />
+        <constructor-arg name="username" value="" />
+        <constructor-arg name="password" value="" />
+        <constructor-arg name="maxBatchSize" value="100" />
+        <constructor-arg name="maxAgeMs" value="250" />
+        <constructor-arg name="delayBetweenBatchesMs" value="50" />
+        <constructor-arg name="transportType" value="HTTPAUTH" />
+        <constructor-arg name="protocol" value="{{.Values.event.protocol}}" />
+        <constructor-arg name="contentType" value="application/json" />
+    </bean>
+
+    <!-- Graph Implementation Configuration-->
+    <util:map id="props" map-class="java.util.HashMap" key-type="java.lang.String" value-type="java.lang.Object">
+        <entry key="champcore.event.stream.buffer.capacity" value="50" value-type="java.lang.Integer"/>
+        <entry key="champcore.event.stream.publisher-pool-size" value="10" value-type="java.lang.Integer"/>
+        <entry key="champcore.event.stream.publisher" value-ref="champEventPublisher"/>
+
+        <entry key="graph.name" value="aaigraph"/>
+        <entry key="storage.backend" value="cassandra"/>
+        <entry key="storage.cassandra.read-consistency-level" value="LOCAL_QUORUM"/>
+        <entry key="storage.cassandra.write-consistency-level" value="LOCAL_QUORUM"/>
+        <entry key="storage.cassandra.replication-factor" value="{{ .Values.global.cassandra.replicas }}"/>
+        <entry key="storage.cassandra.replication-strategy-class" value="org.apache.cassandra.locator.SimpleStrategy"/>
+        <entry key="storage.hostname" value="{{ .Values.global.cassandra.serviceName }}"/>
+        <entry key="storage.username" value="{{ .Values.global.cassandra.username }}"/>
+        <entry key="storage.password" value="{{ .Values.global.cassandra.password }}"/>
+    </util:map>
+
+    <!-- Janus Implementation -->
+    <bean id="graphBuilder" class="org.onap.aai.champjanus.graph.impl.JanusChampGraphImpl$Builder">
+        <constructor-arg value="aaigraph"/>
+        <constructor-arg ref="props" />
+    </bean>
+
+    <bean id="graphImpl" class="org.onap.aai.champjanus.graph.impl.JanusChampGraphImpl">
+        <constructor-arg ref="graphBuilder" />
+    </bean>
+
+    <bean id="champUUIDService" class="org.onap.champ.service.ChampUUIDService" >
+        <constructor-arg name="graphImpl" ref="graphImpl" />
+    </bean>
+
+    <bean id="cache" class="org.onap.champ.service.ChampTransactionCache" >
+        <constructor-arg name="txTimeOutInSec" value="600" />
+        <constructor-arg name="graphImpl" ref="graphImpl" />
+    </bean>
+
+    <bean id="champDataService" class="org.onap.champ.service.ChampDataService" >
+        <constructor-arg name="champUUIDService" ref="champUUIDService" />
+        <constructor-arg name="graphImpl" ref="graphImpl" />
+        <constructor-arg name="cache" ref="cache" />
+    </bean>
+
+    <bean id="champRestService" class="org.onap.champ.ChampRESTAPI" >
+        <constructor-arg name="champDataService" ref="champDataService" />
+        <constructor-arg name="champAsyncRequestProcessor"><null/></constructor-arg>
+    </bean>
+</beans>
diff --git a/components/aai-champ/resources/config/log/logback.xml b/components/aai-champ/resources/config/log/logback.xml
new file mode 100644
index 0000000..67f6ac3
--- /dev/null
+++ b/components/aai-champ/resources/config/log/logback.xml
@@ -0,0 +1,176 @@
+<!--
+Copyright © 2018 Amdocs, AT&T
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+
+<configuration scan="true" scanPeriod="3 seconds" debug="true">
+  <!-- Service-specific properties -->
+  <property name="componentName" value="AAI-CHAMP" />
+
+  <!-- directory path for logs -->
+  <property name="logDir" value="/var/log/onap" />
+  <property name="logDirectory" value="${logDir}/${componentName}" />
+
+  <!--  default eelf log file names -->
+  <property name="generalLogName" value="error" />
+  <property name="metricsLogName" value="metrics" />
+  <property name="auditLogName" value="audit" />
+  <property name="debugLogName" value="debug" />
+
+  <property name="errorLogPattern" value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{RequestId}|%thread|Champ|%mdc{PartnerName}|%logger||%.-5level|%msg%n" />
+  <property name="auditMetricPattern" value="%m%n" />
+
+  <!-- Example evaluator filter applied against console appender -->
+  <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+    <encoder>
+      <pattern>${errorLogPattern}</pattern>
+    </encoder>
+  </appender>
+
+  <!-- ============================================================================ -->
+  <!-- EELF Appenders -->
+  <!-- ============================================================================ -->
+
+  <appender name="EELF"
+            class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <file>${logDirectory}/${generalLogName}.log</file>
+    <rollingPolicy
+      class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+      <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip
+      </fileNamePattern>
+      <maxHistory>60</maxHistory>
+    </rollingPolicy>
+    <encoder>
+      <pattern>${errorLogPattern}</pattern>
+    </encoder>
+  </appender>
+  <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender">
+    <!-- deny all events with a level below INFO, that is TRACE and DEBUG -->
+    <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+      <level>INFO</level>
+    </filter>
+    <queueSize>256</queueSize>
+    <appender-ref ref="EELF" />
+  </appender>
+
+  <appender name="EELFAudit"
+            class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <file>${logDirectory}/${auditLogName}.log</file>
+    <rollingPolicy
+      class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+      <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip
+      </fileNamePattern>
+      <maxHistory>60</maxHistory>
+    </rollingPolicy>
+    <encoder>
+      <pattern>${auditMetricPattern}</pattern>
+    </encoder>
+  </appender>
+  <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
+    <queueSize>256</queueSize>
+    <appender-ref ref="EELFAudit" />
+  </appender>
+
+  <appender name="EELFMetrics"
+            class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <file>${logDirectory}/${metricsLogName}.log</file>
+    <rollingPolicy
+      class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+      <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip
+      </fileNamePattern>
+      <maxHistory>60</maxHistory>
+    </rollingPolicy>
+    <encoder>
+      <pattern>${auditMetricPattern}</pattern>
+    </encoder>
+  </appender>
+
+  <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
+    <queueSize>256</queueSize>
+    <appender-ref ref="EELFMetrics"/>
+  </appender>
+
+  <appender name="EELFDebug"
+            class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <file>${logDirectory}/${debugLogName}.log</file>
+    <rollingPolicy
+      class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+      <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip
+      </fileNamePattern>
+      <maxHistory>60</maxHistory>
+    </rollingPolicy>
+    <encoder>
+      <pattern>${errorLogPattern}</pattern>
+    </encoder>
+  </appender>
+
+  <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender">
+    <queueSize>256</queueSize>
+    <appender-ref ref="EELFDebug" />
+    <includeCallerData>false</includeCallerData>
+  </appender>
+
+  <!-- ============================================================================ -->
+  <!--  EELF loggers -->
+  <!-- ============================================================================ -->
+  <logger name="com.att.eelf" level="info" additivity="false">
+    <appender-ref ref="asyncEELF" />
+    <appender-ref ref="asyncEELFDebug" />
+  </logger>
+
+  <logger name="com.att.eelf.audit" level="info" additivity="false">
+    <appender-ref ref="asyncEELFAudit" />
+  </logger>
+
+  <logger name="com.att.eelf.metrics" level="info" additivity="false">
+    <appender-ref ref="asyncEELFMetrics" />
+  </logger>
+
+  <!-- Spring related loggers -->
+  <logger name="org.springframework" level="WARN" />
+  <logger name="org.springframework.beans" level="WARN" />
+  <logger name="org.springframework.web" level="WARN" />
+  <logger name="com.blog.spring.jms" level="WARN" />
+
+  <!-- General loggers -->
+  <logger name="org.onap" level="WARN" />
+
+  <!-- Other Loggers that may help troubleshoot -->
+  <logger name="net.sf" level="WARN" />
+  <logger name="org.apache" level="WARN" />
+  <logger name="org.apache.commons.httpclient" level="WARN" />
+  <logger name="org.apache.commons" level="WARN" />
+  <logger name="org.apache.coyote" level="WARN" />
+  <logger name="org.apache.jasper" level="WARN" />
+
+  <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging.
+       May aid in troubleshooting) -->
+  <logger name="org.apache.camel" level="WARN" />
+  <logger name="org.apache.cxf" level="WARN" />
+  <logger name="org.apache.camel.processor.interceptor" level="WARN" />
+  <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" />
+  <logger name="org.apache.cxf.service" level="WARN" />
+  <logger name="org.restlet" level="WARN" />
+  <logger name="org.apache.camel.component.restlet" level="WARN" />
+
+  <!-- logback internals logging -->
+  <logger name="ch.qos.logback.classic" level="WARN" />
+  <logger name="ch.qos.logback.core" level="WARN" />
+
+  <root>
+    <appender-ref ref="asyncEELF" />
+    <!-- <appender-ref ref="asyncEELFDebug" /> -->
+  </root>
+
+</configuration>
\ No newline at end of file
diff --git a/components/aai-champ/resources/fproxy/config/fproxy.properties b/components/aai-champ/resources/fproxy/config/fproxy.properties
new file mode 100644
index 0000000..f512fb7
--- /dev/null
+++ b/components/aai-champ/resources/fproxy/config/fproxy.properties
@@ -0,0 +1,2 @@
+credential.cache.timeout.ms=180000
+transactionid.header.name=X-TransactionId
\ No newline at end of file
diff --git a/components/aai-champ/resources/fproxy/config/logback-spring.xml b/components/aai-champ/resources/fproxy/config/logback-spring.xml
new file mode 100644
index 0000000..0ece55c
--- /dev/null
+++ b/components/aai-champ/resources/fproxy/config/logback-spring.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+ 
+    <property name="LOGS" value="./logs/AAF-FPS" />
+    <property name="FILEPREFIX" value="application" />
+ 
+    <appender name="Console"
+        class="ch.qos.logback.core.ConsoleAppender">
+        <layout class="ch.qos.logback.classic.PatternLayout">
+            <Pattern>
+                %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable
+            </Pattern>
+        </layout>
+    </appender>
+ 
+    <appender name="RollingFile"
+        class="ch.qos.logback.core.rolling.RollingFileAppender">
+        <file>${LOGS}/${FILEPREFIX}.log</file>
+        <encoder
+            class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+            <Pattern>%d %p %C{1.} [%t] %m%n</Pattern>
+        </encoder>
+ 
+        <rollingPolicy
+            class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+            <!-- rollover daily and when the file reaches 10 MegaBytes -->
+            <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log
+            </fileNamePattern>
+            <timeBasedFileNamingAndTriggeringPolicy
+                class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+                <maxFileSize>10MB</maxFileSize>
+            </timeBasedFileNamingAndTriggeringPolicy>
+        </rollingPolicy>
+    </appender>
+     
+    <!-- LOG everything at INFO level -->
+    <root level="info">
+        <appender-ref ref="RollingFile" />
+        <appender-ref ref="Console" />
+    </root>
+ 
+    <!-- LOG "com.baeldung*" at TRACE level -->
+    <logger name="org.onap.aaf.fproxy" level="info" />
+	
+</configuration>
\ No newline at end of file
diff --git a/components/aai-champ/resources/fproxy/config/readme.txt b/components/aai-champ/resources/fproxy/config/readme.txt
new file mode 100644
index 0000000..79cf29e
--- /dev/null
+++ b/components/aai-champ/resources/fproxy/config/readme.txt
@@ -0,0 +1 @@
+Relevant configuration files need to be copied here to successfully run this service locally.
\ No newline at end of file
diff --git a/components/aai-champ/resources/rproxy/config/auth/uri-authorization.json b/components/aai-champ/resources/rproxy/config/auth/uri-authorization.json
new file mode 100644
index 0000000..ca34049
--- /dev/null
+++ b/components/aai-champ/resources/rproxy/config/auth/uri-authorization.json
@@ -0,0 +1,99 @@
+ [
+    {
+      "uri": "\/not\/allowed\/at\/all$",
+      "permissions": [
+        "test.auth.access.ifYouLikedItYouShouldHavePutAPermissionOnIt"
+       ]
+    },
+    {
+      "uri": "\/one\/auth\/required$",
+      "permissions": [
+        "test.auth.access.aSimpleSingleAuth"
+       ]
+    },
+    {
+      "uri": "\/multi\/auth\/required$",
+      "permissions": [
+        "test.auth.access.aMultipleAuth1",
+        "test.auth.access.aMultipleAuth2",
+        "test.auth.access.aMultipleAuth3"
+       ]
+    },
+    {
+      "uri": "\/one\/[^\/]+\/required$",
+      "permissions": [
+        "test.auth.access.aSimpleSingleAuth"
+       ]
+    },
+    {
+      "uri": "\/services\/getAAFRequest$",
+      "permissions": [
+        "test.auth.access|services|GET,PUT"
+       ]
+    },
+    {
+      "uri": "\/admin\/getAAFRequest$",
+      "permissions": [
+        "test.auth.access|admin|GET,PUT,POST"
+       ]
+    },
+    {
+      "uri": "\/service\/aai\/webapp\/index.html$",
+      "permissions": [
+        "test.auth.access|services|GET,PUT"
+       ]
+    },
+    {
+      "uri": "\/services\/aai\/webapp\/index.html$",
+      "permissions": [
+        "test.auth.access|services|GET,PUT"
+       ]
+    },
+    {
+      "uri": "\/$",
+      "permissions": [
+      	"\\|services\\|GET",
+        "test\\.auth\\.access\\|services\\|GET,PUT"
+       ]
+    },
+    {
+      "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions$",
+      "permissions": [
+        "test\\.auth\\.access\\|rest\\|read"
+       ]
+    },
+    {
+      "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+$*",
+      "permissions": [
+        "test.auth.access|clouds|read",
+        "test.auth.access|tenants|read"
+      ]
+    },
+    {
+      "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+\/tenants/tenant/[^\/]+/vservers/vserver/[^\/]+$",
+      "permissions": [
+        "test.auth.access|clouds|read",
+        "test.auth.access|tenants|read",
+        "test.auth.access|vservers|read"
+      ]
+    },
+    {
+      "uri": "\/backend$",
+      "permissions": [
+        "test\\.auth\\.access\\|services\\|GET,PUT",
+        "\\|services\\|GET"
+      ]
+    },
+    {
+      "uri": "\/services\/inventory\/.*",
+      "permissions": [
+        "org\\.onap\\.aai\\.resources\\|\\*\\|.*"
+      ]
+    },
+    {
+      "uri": "\/services\/champ-service\/.*",
+      "permissions": [
+        "org\\.onap\\.aai\\.resources\\|\\*\\|.*"
+      ]
+    }
+ ]
diff --git a/components/aai-champ/resources/rproxy/config/cadi.properties b/components/aai-champ/resources/rproxy/config/cadi.properties
new file mode 100644
index 0000000..1878a4d
--- /dev/null
+++ b/components/aai-champ/resources/rproxy/config/cadi.properties
@@ -0,0 +1,39 @@
+# This is a normal Java Properties File
+# Comments are with Pound Signs at beginning of lines,
+# and multi-line expression of properties can be obtained by backslash at end of line
+
+#hostname is used for local testing where you may have to set your hostname to **.att.com or **.sbc.com. The example given below
+#will allow for an ATT cross domain cookie to be used for GLO. If you are running on Windows corp machine, your machine name 
+#may be used automatically by cadi. However, if it is not, you will need to use hostname=mywebserver.att.com and add mywebserver.att.com
+#to your hosts file on your machine. 
+#hostname=test.aic.cip.att.com
+
+cadi_loglevel=DEBUG
+
+# OAuth2
+aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token
+aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect
+
+cadi_latitude=37.78187
+cadi_longitude=-122.26147
+
+# Locate URL (which AAF Env)
+aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095
+
+# AAF URL
+aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0
+
+cadi_keyfile=/opt/app/rproxy/config/security/keyfile
+cadi_keystore=/opt/app/rproxy/config/auth/org.onap.aai.p12
+cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV
+cadi_alias=aai@aai.onap.org
+cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore
+cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+
+aaf_env=DEV
+
+aaf_id=demo@people.osaaf.org
+aaf_password=enc:92w4px0y_rrm265LXLpw58QnNPgDXykyA1YTrflbAKz
+
+# This is a colon separated list of client cert issuers
+cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA
\ No newline at end of file
diff --git a/components/aai-champ/resources/rproxy/config/forward-proxy.properties b/components/aai-champ/resources/rproxy/config/forward-proxy.properties
new file mode 100644
index 0000000..1b58d42
--- /dev/null
+++ b/components/aai-champ/resources/rproxy/config/forward-proxy.properties
@@ -0,0 +1,4 @@
+forward-proxy.protocol = https
+forward-proxy.host = localhost
+forward-proxy.port = 10680
+forward-proxy.cacheurl = /credential-cache
\ No newline at end of file
diff --git a/components/aai-champ/resources/rproxy/config/logback-spring.xml b/components/aai-champ/resources/rproxy/config/logback-spring.xml
new file mode 100644
index 0000000..735edb6
--- /dev/null
+++ b/components/aai-champ/resources/rproxy/config/logback-spring.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+ 
+    <property name="LOGS" value="./logs/reverse-proxy" />
+    <property name="FILEPREFIX" value="application" />
+ 
+    <appender name="Console"
+        class="ch.qos.logback.core.ConsoleAppender">
+        <layout class="ch.qos.logback.classic.PatternLayout">
+            <Pattern>
+                %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable
+            </Pattern>
+        </layout>
+    </appender>
+ 
+    <appender name="RollingFile"
+        class="ch.qos.logback.core.rolling.RollingFileAppender">
+        <file>${LOGS}/${FILEPREFIX}.log</file>
+        <encoder
+            class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+            <Pattern>%d %p %C{1.} [%t] %m%n</Pattern>
+        </encoder>
+ 
+        <rollingPolicy
+            class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+            <!-- rollover daily and when the file reaches 10 MegaBytes -->
+            <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log
+            </fileNamePattern>
+            <timeBasedFileNamingAndTriggeringPolicy
+                class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+                <maxFileSize>10MB</maxFileSize>
+            </timeBasedFileNamingAndTriggeringPolicy>
+        </rollingPolicy>
+    </appender>
+     
+    <!-- LOG everything at INFO level -->
+    <root level="info">
+        <appender-ref ref="RollingFile" />
+        <appender-ref ref="Console" />
+    </root>
+ 
+    <!-- LOG "com.baeldung*" at TRACE level  -->
+    <logger name="org.onap.aaf.rproxy" level="info" />
+ 
+</configuration>
\ No newline at end of file
diff --git a/components/aai-champ/resources/rproxy/config/primary-service.properties b/components/aai-champ/resources/rproxy/config/primary-service.properties
new file mode 100644
index 0000000..8d64529
--- /dev/null
+++ b/components/aai-champ/resources/rproxy/config/primary-service.properties
@@ -0,0 +1,3 @@
+primary-service.protocol = https
+primary-service.host = localhost
+primary-service.port = 9522
\ No newline at end of file
diff --git a/components/aai-champ/resources/rproxy/config/readme.txt b/components/aai-champ/resources/rproxy/config/readme.txt
new file mode 100644
index 0000000..79cf29e
--- /dev/null
+++ b/components/aai-champ/resources/rproxy/config/readme.txt
@@ -0,0 +1 @@
+Relevant configuration files need to be copied here to successfully run this service locally.
\ No newline at end of file
diff --git a/components/aai-champ/resources/rproxy/config/reverse-proxy.properties b/components/aai-champ/resources/rproxy/config/reverse-proxy.properties
new file mode 100644
index 0000000..8d46e1f
--- /dev/null
+++ b/components/aai-champ/resources/rproxy/config/reverse-proxy.properties
@@ -0,0 +1 @@
+transactionid.header.name=X-TransactionId
\ No newline at end of file
diff --git a/components/aai-champ/templates/configmap.yaml b/components/aai-champ/templates/configmap.yaml
new file mode 100644
index 0000000..c3966e7
--- /dev/null
+++ b/components/aai-champ/templates/configmap.yaml
@@ -0,0 +1,95 @@
+# Copyright © 2018 Amdocs, AT&T
+# Modifications Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/appconfig/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-dynamic
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/dynamic/conf/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-log-configmap
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/log/*").AsConfig . | indent 2 }}
+{{ if .Values.global.installSidecarSecurity }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-fproxy-config
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/fproxy/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-fproxy-log-config
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/fproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-rproxy-config
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-rproxy-log-config
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/auth/uri-authorization.json").AsConfig . | indent 2 }}
+{{ end }}
\ No newline at end of file
diff --git a/components/aai-champ/templates/deployment.yaml b/components/aai-champ/templates/deployment.yaml
new file mode 100644
index 0000000..a311f68
--- /dev/null
+++ b/components/aai-champ/templates/deployment.yaml
@@ -0,0 +1,277 @@
+# Copyright © 2018 Amdocs, AT&T
+# Modifications Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  template:
+    metadata:
+      labels:
+        app: {{ include "common.name" . }}
+        release: {{ .Release.Name }}
+    spec:
+      initContainers:
+        - command:
+          - /root/ready.py
+          args:
+          - --container-name
+          {{- if .Values.global.cassandra.localCluster }}
+          - aai-cassandra
+          {{- else }}
+          - cassandra
+          {{- end }}
+          env:
+          - name: NAMESPACE
+            valueFrom:
+              fieldRef:
+                apiVersion: v1
+                fieldPath: metadata.namespace
+          image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          name: {{ include "common.name" . }}-readiness
+    {{ if .Values.global.installSidecarSecurity }}
+        - name: {{ .Values.global.tproxyConfig.name }}
+          image: "{{ include "common.repository" . }}/{{ .Values.global.tproxyConfig.image }}"
+          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          securityContext:
+            privileged: true
+    {{ end }}
+      containers:
+        - name: {{ include "common.name" . }}
+          image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          ports:
+          - containerPort: {{ .Values.service.internalPort }}
+          # disable liveness probe when breakpoints set in debugger
+          # so K8s doesn't restart unresponsive container
+          {{ if .Values.liveness.enabled }}
+          livenessProbe:
+            tcpSocket:
+              port: {{ .Values.service.internalPort }}
+            initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+            periodSeconds: {{ .Values.liveness.periodSeconds }}
+          {{ end }}
+          readinessProbe:
+            tcpSocket:
+              port: {{ .Values.service.internalPort }}
+            initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+            periodSeconds: {{ .Values.readiness.periodSeconds }}
+          env:
+            - name: CONFIG_HOME
+              value: "/opt/app/champ-service/appconfig"
+            - name: GRAPHIMPL
+              value: "janus-deps"
+            - name: KEY_STORE_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ template "common.fullname" . }}-pass
+                  key: KEY_STORE_PASSWORD
+            - name: KEY_MANAGER_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ template "common.fullname" . }}-pass
+                  key: KEY_MANAGER_PASSWORD
+            - name: SERVICE_BEANS
+              value: "/opt/app/champ-service/dynamic/conf"
+          volumeMounts:
+          - mountPath: /etc/localtime
+            name: localtime
+            readOnly: true
+          - mountPath: /opt/app/champ-service/appconfig/champ-api.properties
+            name: {{ include "common.fullname" . }}-config
+            subPath: champ-api.properties
+          - mountPath: /opt/app/champ-service/appconfig/auth
+            name: {{ include "common.fullname" . }}-secrets
+          - mountPath: /opt/app/champ-service/dynamic/conf/champ-beans.xml
+            name: {{ include "common.fullname" . }}-dynamic-config
+            subPath: champ-beans.xml
+          - mountPath: /opt/app/champ-service/bundleconfig/etc/logback.xml
+            name: {{ include "common.fullname" . }}-logback-config
+            subPath: logback.xml
+          - mountPath: /var/log/onap
+            name: {{ include "common.fullname" . }}-logs
+          resources:
+{{ include "common.resources" . }}
+      {{- if .Values.nodeSelector }}
+      nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+      {{- end -}}
+      {{- if .Values.affinity }}
+      affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+      {{- end }}
+
+        # side car containers
+        - name: filebeat-onap
+          image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          volumeMounts:
+          - mountPath: /usr/share/filebeat/filebeat.yml
+            subPath: filebeat.yml
+            name: filebeat-conf
+          - mountPath: /var/log/onap
+            name: {{ include "common.fullname" . }}-logs
+          - mountPath: /usr/share/filebeat/data
+            name: aai-filebeat
+    {{ if .Values.global.installSidecarSecurity }}
+        - name: {{ .Values.global.rproxy.name }}
+          image: "{{ include "common.repository" . }}/{{ .Values.global.rproxy.image }}"
+          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          env:
+          - name: CONFIG_HOME
+            value: "/opt/app/rproxy/config"
+          - name: KEY_STORE_PASSWORD
+            value: {{ .Values.config.keyStorePassword }} 
+          - name: spring_profiles_active
+            value: {{ .Values.global.rproxy.activeSpringProfiles }}
+          volumeMounts:
+          - name: {{ include "common.fullname" . }}-rproxy-config
+            mountPath: /opt/app/rproxy/config/forward-proxy.properties
+            subPath: forward-proxy.properties
+          - name: {{ include "common.fullname" . }}-rproxy-config
+            mountPath: /opt/app/rproxy/config/primary-service.properties
+            subPath: primary-service.properties
+          - name: {{ include "common.fullname" . }}-rproxy-config
+            mountPath: /opt/app/rproxy/config/reverse-proxy.properties
+            subPath: reverse-proxy.properties
+          - name: {{ include "common.fullname" . }}-rproxy-config
+            mountPath: /opt/app/rproxy/config/cadi.properties
+            subPath: cadi.properties
+          - name: {{ include "common.fullname" . }}-rproxy-log-config
+            mountPath: /opt/app/rproxy/config/logback-spring.xml
+            subPath: logback-spring.xml
+          - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+            mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
+            subPath: uri-authorization.json
+          - name: {{ include "common.fullname" . }}-rproxy-auth-certs
+            mountPath: /opt/app/rproxy/config/auth/tomcat_keystore
+            subPath: tomcat_keystore
+          - name: {{ include "common.fullname" . }}-rproxy-auth-certs
+            mountPath: /opt/app/rproxy/config/auth/client-cert.p12
+            subPath: client-cert.p12
+          - name: {{ include "common.fullname" . }}-rproxy-auth-certs
+            mountPath: /opt/app/rproxy/config/auth/org.onap.aai.p12
+            subPath: org.onap.aai.p12
+          - name: {{ include "common.fullname" . }}-rproxy-security-config
+            mountPath: /opt/app/rproxy/config/security/keyfile
+            subPath: keyfile
+
+          ports:
+          - containerPort: {{ .Values.global.rproxy.port }}
+
+        - name: {{ .Values.global.fproxy.name }}
+          image: "{{ include "common.repository" . }}/{{ .Values.global.fproxy.image }}"
+          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          env:
+          - name: CONFIG_HOME
+            value: "/opt/app/fproxy/config"
+          - name: KEY_STORE_PASSWORD
+            value: {{ .Values.config.keyStorePassword }}
+          - name: TRUST_STORE_PASSWORD
+            value: {{ .Values.config.trustStorePassword }}
+          - name: spring_profiles_active
+            value: {{ .Values.global.fproxy.activeSpringProfiles }}
+          volumeMounts:
+          - name: {{ include "common.fullname" . }}-fproxy-config
+            mountPath: /opt/app/fproxy/config/fproxy.properties
+            subPath: fproxy.properties
+          - name: {{ include "common.fullname" . }}-fproxy-log-config
+            mountPath: /opt/app/fproxy/config/logback-spring.xml
+            subPath: logback-spring.xml
+          - name: {{ include "common.fullname" . }}-fproxy-auth-certs
+            mountPath: /opt/app/fproxy/config/auth/tomcat_keystore
+            subPath: tomcat_keystore
+          - name: {{ include "common.fullname" . }}-fproxy-auth-certs
+            mountPath: /opt/app/fproxy/config/auth/fproxy_truststore
+            subPath: fproxy_truststore
+          - name: {{ include "common.fullname" . }}-fproxy-auth-certs
+            mountPath: /opt/app/fproxy/config/auth/client-cert.p12
+            subPath: client-cert.p12
+          ports:
+          - containerPort: {{ .Values.global.fproxy.port }}
+    {{ end }}      
+
+      volumes:
+        - name: localtime
+          hostPath:
+            path: /etc/localtime
+        - name: {{ include "common.fullname" . }}-config
+          configMap:
+            name: {{ include "common.fullname" . }}
+            items:
+            - key: champ-api.properties
+              path: champ-api.properties
+        - name: {{ include "common.fullname" . }}-secrets
+          secret:
+            secretName: {{ include "common.fullname" . }}-champ
+        - name: {{ include "common.fullname" . }}-dynamic-config
+          configMap:
+            name: {{ include "common.fullname" . }}-dynamic
+            items:
+            - key: champ-beans.xml
+              path: champ-beans.xml
+        - name: {{ include "common.fullname" . }}-logs
+          emptyDir: {}
+        - name: {{ include "common.fullname" . }}-logback-config
+          configMap:
+            name: {{ include "common.fullname" . }}-log-configmap
+            items:
+            - key: logback.xml
+              path: logback.xml
+        - name: filebeat-conf
+          configMap:
+            name: aai-filebeat
+        - name: aai-filebeat
+          emptyDir: {}
+    {{ if .Values.global.installSidecarSecurity }}
+        - name: {{ include "common.fullname" . }}-rproxy-config
+          configMap:
+            name: {{ include "common.fullname" . }}-rproxy-config
+        - name: {{ include "common.fullname" . }}-rproxy-log-config
+          configMap:
+            name: {{ include "common.fullname" . }}-rproxy-log-config
+        - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+          configMap:
+            name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
+        - name: {{ include "common.fullname" . }}-rproxy-auth-config
+          secret:
+            secretName: {{ include "common.fullname" . }}-rproxy-auth-config
+        - name: {{ include "common.fullname" . }}-rproxy-auth-certs
+          secret:
+            secretName: aai-rproxy-auth-certs
+        - name: {{ include "common.fullname" . }}-rproxy-security-config
+          secret:
+            secretName: aai-rproxy-security-config
+        - name: {{ include "common.fullname" . }}-fproxy-config
+          configMap:
+            name: {{ include "common.fullname" . }}-fproxy-config
+        - name: {{ include "common.fullname" . }}-fproxy-log-config
+          configMap:
+            name: {{ include "common.fullname" . }}-fproxy-log-config
+        - name: {{ include "common.fullname" . }}-fproxy-auth-certs
+          secret:
+            secretName: aai-fproxy-auth-certs
+    {{ end }}
+      imagePullSecrets:
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/components/aai-champ/templates/secrets.yaml b/components/aai-champ/templates/secrets.yaml
new file mode 100644
index 0000000..fa18956
--- /dev/null
+++ b/components/aai-champ/templates/secrets.yaml
@@ -0,0 +1,60 @@
+# Copyright © 2018 Amdocs, AT&T
+# Modifications Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "common.fullname" . }}-champ
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/appconfig/auth/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "common.fullname" . }}-pass
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+type: Opaque
+data:
+  KEY_STORE_PASSWORD: {{ .Values.config.keyStorePassword | b64enc | quote }}
+  KEY_MANAGER_PASSWORD: {{ .Values.config.keyManagerPassword | b64enc | quote }}
+
+{{ if .Values.global.installSidecarSecurity }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "common.fullname" . }}-rproxy-auth-config
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }}
+{{ end }}
\ No newline at end of file
diff --git a/components/aai-champ/templates/service.yaml b/components/aai-champ/templates/service.yaml
new file mode 100644
index 0000000..e67d42a
--- /dev/null
+++ b/components/aai-champ/templates/service.yaml
@@ -0,0 +1,53 @@
+# Copyright © 2018 Amdocs, AT&T
+# Modifications Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "common.servicename" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+  {{ if .Values.global.installSidecarSecurity }}
+      {{if eq .Values.service.type "NodePort" -}}
+      - port: {{ .Values.service.internalPort }}
+        nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+        targetPort: {{ .Values.global.rproxy.port }}
+        name: {{ .Values.service.portName }}
+      {{- else -}}
+      - port: {{ .Values.service.externalPort }}
+        targetPort: {{ .Values.global.rproxy.port }}
+        name: {{ .Values.service.portName }}
+      {{- end}}
+  {{ else }}
+    {{if eq .Values.service.type "NodePort" -}}
+    - port: {{ .Values.service.internalPort}}
+      nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort}}
+      name: {{ .Values.service.portName }}
+    {{- else -}}
+    - port: {{ .Values.service.externalPort }}
+      targetPort: {{ .Values.service.internalPort }}
+      name: {{ .Values.service.portName }}
+    {{- end}}
+  {{ end }}
+  selector:
+    app: {{ include "common.name" . }}
+    release: {{ .Release.Name }}
diff --git a/components/aai-champ/values.yaml b/components/aai-champ/values.yaml
new file mode 100644
index 0000000..c03516a
--- /dev/null
+++ b/components/aai-champ/values.yaml
@@ -0,0 +1,90 @@
+# Copyright © 2018 Amdocs, AT&T
+# Modifications Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+  readinessImage: readiness-check:2.0.2
+  loggingImage: beats/filebeat:5.5.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+
+# application image
+image: onap/champ:1.4.0
+
+flavor: small
+
+# application configuration
+config:
+  keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+  keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+  trustStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+  # necessary to disable liveness probe when setting breakpoints
+  # in debugger so K8s doesn't restart unresponsive container
+  enabled: false
+
+readiness:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+
+service:
+  type: NodePort
+  portName: aai-champ
+  internalPort: 9522
+  externalPort: 9522
+  nodePort: 78
+
+ingress:
+  enabled: false
+
+resources:
+  small:
+    limits:
+      cpu: 2
+      memory: 4Gi
+    requests:
+      cpu: 0.5
+      memory: 1Gi
+  large:
+    limits:
+      cpu: 4
+      memory: 8Gi
+    requests:
+      cpu: 1
+      memory: 2Gi
+  unlimited: {}
+
+# XML beans configuration
+event:
+  port:
+    dmaap: 3905
+  protocol: https
+  publisher:
+    topic: champRawEvents
-- 
cgit 1.2.3-korg