From 80861c6aafd5bfc4bc9eba6aa31bea50516fc2c8 Mon Sep 17 00:00:00 2001 From: Itohan Date: Mon, 14 Oct 2019 18:04:20 +0000 Subject: Update git submodules * Update docs/submodules/integration.git from branch 'elalto' to 49fac3d42c2b9ed90b97fbe536a80a0d7871ecee - Fixed Bugs in HPA automtion script Signed-off-by: Itohan Ukponmwan Issue-ID: INT-1137 Change-Id: Ib681f797bb9ed631cfe36507425bcbd1fc2b5561 (cherry picked from commit 76ea974699c8de79070ededf2de74132f760b957) - [INT] Adding deployments scripts for ONAP on AKS Patch 2 - updating readme and removing dash character from BUILD parameter Patch 3 - updating image url to amd instead of arm, fixing NFS os disk parameter Issue-ID: INT-1270 Signed-off-by: stark, steven Change-Id: I1d8824b3c098855c9094e27fad8c820e4df42677 - Automate curl installation in sdnc container (vCPE) Curl package will be automatically installed be the healthcheck-k8s.py script. Change-Id: I7fc5579524c7519f6153b02d0de0000dc0138992 Signed-off-by: Bartek Grzybowski Issue-ID: INT-1313 - Fix SSL cert verify for SDNC Issue-ID: INT-1265 Change-Id: I7c36dc479b73a8b663cae4472ed29182d0f6672b Signed-off-by: Brian Freeman - k8s: Validate controller manager flags requiring specific values This patch verifies if CIS Kubernetes Benchmark v1.3.0 sections regarding master node configuration are satisfied (1.3.2 - 1.3.3 and 1.3.6). Issue-ID: SECCOM-235 Change-Id: I9c2921faf40ad9445e983f2b9bd0610e556cfe15 Signed-off-by: Pawel Wieczorek - (WIP)Fix automation issues due to cli change Fix several changes due to cli change Issue-ID: INT-1289 Signed-off-by: Ruoyu Ying Change-Id: Ib07d9be8ace77270046c8aa02f162a9ad7994370 - Refactor setup script for preparing vCPE tools runtime env Script is now more generic and allows proper setup of vcpe scripts runtime environment on Ubuntu 16.04/18.04 and on Centos/Rhel 7.6. Change-Id: I7b7d944f5a6a7a9dc45921082f908a1f8aa185a1 Signed-off-by: Bartek Grzybowski Issue-ID: TEST-203 - Loosen sdc liveness readiness probe Issue-ID: INT-1290 Change-Id: Iac5a16dae644a61de04bca00f49f14ae98dac995 Signed-off-by: Brian Freeman - k8s: Resolve Docker response formatting issue Checker collects information on cluster by Docker queries: $ docker ps ARGS... # Casablanca $ docker inspect ARGS... # Dublin Arrays of values are then filtered from those. They include: * opening bracket ('['), * closing bracket (']'), * new line. Additional characters affect check results if last flag (including "]\n") requires specific value. Issue-ID: SECCOM-235 Change-Id: I6838342b7e2ecdc44a47ffe02286266003e0b4d3 Signed-off-by: Pawel Wieczorek - k8s: Resolve address conflicts in virtual environments Running Casablanca and Dublin virtual environments at the same time led to networking issues - the same IP had been assigned to cluster nodes. Issue-ID: SECCOM-235 Change-Id: I2a59d023115326f5b132782a32190fd8f7dc1f48 Signed-off-by: Pawel Wieczorek - k8s: Validate controller manager address flag This patch verifies if CIS Kubernetes Benchmark v1.3.0 section regarding master node configuration is satisfied (1.3.7). Issue-ID: SECCOM-235 Change-Id: Id3f4bcb9a506dae3c7c0a884ad6c704dfae2a6d8 Signed-off-by: Pawel Wieczorek - k8s: Add controller manager information collection Issue-ID: SECCOM-235 Change-Id: Ieceb6337f935e6a5a6b94248ccf072229116510a Signed-off-by: Pawel Wieczorek - k8s: Validate scheduler flags Issue-ID: SECCOM-235 Change-Id: I61df142e99a7f1da335471acab88e5a47d72df15 Signed-off-by: Pawel Wieczorek - k8s: Add scheduler information collection Issue-ID: SECCOM-235 Change-Id: I7da645737440172d3cf11f33069daa2697f83056 Signed-off-by: Pawel Wieczorek - k8s: Extract common validators for DRY code Issue-ID: SECCOM-235 Change-Id: Ic5997b67d0512bea51c3b4a4c71805987fa6f011 Signed-off-by: Pawel Wieczorek - k8s: Extract common interface to simplify development Common command and service name extraction is intended to limit execution to small set of allowed processes. This patch also drops unnecessary use of "Kubernetes" name because this whole subproject concerns its clusters. Issue-ID: SECCOM-235 Change-Id: I8babfeb4f24cf3baa4d236ca622c21170ab6205e Signed-off-by: Pawel Wieczorek - k8s: Change default cluster access method choice logic Previous way of choosing it led to impractical calls, e.g. $ ./check -rke # (works fine) $ ./check -ranchercli # "Not supported." $ ./check -ranchercli -rke=false # (works fine) Disabling default cluster access method is no longer necessary. Issue-ID: SECCOM-235 Change-Id: I2b4d5bff10c5470e567351abeac0431bed3b7938 Signed-off-by: Pawel Wieczorek - k8s: Declutter checker by dividing it into smaller packages Issue-ID: SECCOM-235 Change-Id: I7d4efd08b8c0258f2f9c33772bf1b1b02cedebfa Signed-off-by: Pawel Wieczorek - k8s: Call correct methods for API server auditing flags validation Issue-ID: SECCOM-235 Change-Id: Ia5d75628b1c5211f378c239f84e9689d45697a04 Signed-off-by: Pawel Wieczorek - k8s: Validate API server request timeout This patch verifies if CIS Kubernetes Benchmark v1.3.0 section regarding master node configuration is satisfied (1.1.38). Issue-ID: SECCOM-235 Change-Id: Ic1f175d577c79013ddb49e02b8de69137535c964 Signed-off-by: Pawel Wieczorek - k8s: Validate API server included authorization mode This patch verifies if CIS Kubernetes Benchmark v1.3.0 section regarding master node configuration is satisfied (1.1.32). It also fixes wrong documentation comment for similar validator (1.1.19). Issue-ID: SECCOM-235 Change-Id: I00cb8a458871b091b16fe60fc0087b7972aa3b6b Signed-off-by: Pawel Wieczorek - k8s: Validate API server crypto ciphers in use This patch verifies if CIS Kubernetes Benchmark v1.3.0 section regarding master node configuration is satisfied (1.1.30). It also covers its duplicate (1.1.39). Issue-ID: SECCOM-235 Change-Id: I0f3031c080cf225e7c2c03e65dd0bfc780326307 Signed-off-by: Pawel Wieczorek - Fix hashbang in vCPE Python scripts Change-Id: Id2b7ec151e1a006a5a85b8544e478fd9cf282715 Signed-off-by: Bartek Grzybowski Issue-ID: TEST-220 - Automate vCPE closed loop policy pushing Added a library routine to set up CL policy in an idempotent fashion. Description of CL pushing related manual step was removed from documentation. Change-Id: I1fad5d71481252ce803dd58c6ccbbcfa0a4d246f Signed-off-by: Bartek Grzybowski Issue-ID: INT-1267 - add terminate and del function to hpy_automation scripts Change-Id: Ie669261bde3723d892706d3d767c08b325afc3e0 Issue-ID: INT-1239 Signed-off-by: yangyan - fix the typo error of hpy_automation scripts Change-Id: I27b43d63042bdb46f1ff362335a26bf6726674a0 Issue-ID: INT-1239 Signed-off-by: yangyan - SDNC SSL port, BRG category, DEBUG Issue-ID: INT-1265 Change-Id: I4ea7bf282b7d8aad58645784317dea9edf373cff Signed-off-by: Brian Freeman - Update INFO.yaml Signed-off-by: Yang Xu Issue-ID: INT-1269 Change-Id: I9f76cdd3b53f9519017da851a59b8c7000334797 - k8s: Validate API server certificates and keys This patch verifies if CIS Kubernetes Benchmark v1.3.0 sections regarding master node configuration are satisfied (1.1.22, 1.1.25 - 1.1.26 and 1.1.28). Issue-ID: SECCOM-235 Change-Id: Ic61a796653dc868d20fe69c3ed508e7fa8ba52db Signed-off-by: Pawel Wieczorek - k8s: Validate API server Certificate Authorities This patch verifies if CIS Kubernetes Benchmark v1.3.0 sections regarding master node configuration are satisfied (1.1.21, 1.1.29 and 1.1.31). Issue-ID: SECCOM-235 Change-Id: Ia2f55f6962885a7aa878c970a406189902cfab10 Signed-off-by: Pawel Wieczorek - k8s: Validate API server auditing flags This patch verifies if CIS Kubernetes Benchmark v1.3.0 sections regarding master node configuration are satisfied (1.1.16 - 1.1.18). Issue-ID: SECCOM-235 Change-Id: I27b63e37fc3203cf3574b9e1cdc43333041f2a36 Signed-off-by: Pawel Wieczorek - k8s: Validate API server auditing is enabled This patch verifies if CIS Kubernetes Benchmark v1.3.0 section regarding master node configuration is satisfied (1.1.15). Issue-ID: SECCOM-235 Change-Id: Ia1d27ed7a9e439bb0abf4bd8941bdd4573a50bd5 Signed-off-by: Pawel Wieczorek - k8s: Group tests by flag type Issue-ID: SECCOM-235 Change-Id: I25ebd2930afec6eb259f0a678fffbf7727eb315b Signed-off-by: Pawel Wieczorek - k8s: Validate API server not excluded authorization mode This patch verifies if CIS Kubernetes Benchmark v1.3.0 section regarding master node configuration is satisfied (1.1.19). Issue-ID: SECCOM-235 Change-Id: I00c9600fd0d351afb7141a5fa16f348eab67b12d Signed-off-by: Pawel Wieczorek - k8s: Validate API server not excluded admission plugins This patch verifies if CIS Kubernetes Benchmark v1.3.0 section regarding master node configuration is satisfied (1.1.14). Issue-ID: SECCOM-235 Change-Id: I63c2f8a5b94bfd6c9963805aae85595e6b6ad6d7 Signed-off-by: Pawel Wieczorek - Fix rev level in license Issue-ID: INT-1266 Change-Id: I822becff87484b79d3e7c744038b55943c1dddcb Signed-off-by: Brian Freeman - Updates for ssl sdc Issue-ID: INT-1265 Change-Id: I64971740c8ae9aee60a06ca1d0e5ff02ccbc9a88 Signed-off-by: Brian Freeman --- docs/submodules/integration.git | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/submodules/integration.git b/docs/submodules/integration.git index 7d2784fb0..49fac3d42 160000 --- a/docs/submodules/integration.git +++ b/docs/submodules/integration.git @@ -1 +1 @@ -Subproject commit 7d2784fb08be919121a0d394a7bc61f84de7e44b +Subproject commit 49fac3d42c2b9ed90b97fbe536a80a0d7871ecee -- cgit 1.2.3-korg