aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorChrisC <christophe.closset@intl.att.com>2020-09-11 18:39:23 +0200
committerChrisC <christophe.closset@intl.att.com>2020-09-17 15:15:13 +0200
commit2325efd0b6f8b094f6a801bf55d6ff6f53e9cbfa (patch)
treeca6323d4e590c648b333cfc87122018d3e273323
parent98efeea41f5617760fcc5fdb6718409b69684db9 (diff)
[CLAMP] AAF certificate using certinializer
use of auto-generated certificates via AAF side-car at OOM deployment time for CLAMP. Issue-ID: CLAMP-884 Change-Id: I24f5a119714a5e46c4d0c152c03b6bc545135b8e Signed-off-by: osgn422w <gervais-martial.ngueko@intl.att.com> Signed-off-by: ChrisC <christophe.closset@intl.att.com>
-rw-r--r--kubernetes/clamp/Makefile50
-rw-r--r--kubernetes/clamp/components/Makefile50
-rw-r--r--kubernetes/clamp/components/clamp-backend/Chart.yaml (renamed from kubernetes/clamp/charts/clamp-backend/Chart.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-backend/requirements.yaml (renamed from kubernetes/clamp/charts/clamp-backend/requirements.yaml)7
-rw-r--r--kubernetes/clamp/components/clamp-backend/resources/config/application.properties69
-rw-r--r--kubernetes/clamp/components/clamp-backend/resources/config/log/filebeat/filebeat.yml (renamed from kubernetes/clamp/charts/clamp-backend/resources/config/log/filebeat/filebeat.yml)0
-rw-r--r--kubernetes/clamp/components/clamp-backend/resources/config/sdc-controllers-config.json (renamed from kubernetes/clamp/charts/clamp-backend/resources/config/sdc-controllers-config.json)0
-rw-r--r--kubernetes/clamp/components/clamp-backend/templates/NOTES.txt (renamed from kubernetes/clamp/charts/clamp-backend/templates/NOTES.txt)0
-rw-r--r--kubernetes/clamp/components/clamp-backend/templates/configmap.yaml (renamed from kubernetes/clamp/charts/clamp-backend/templates/configmap.yaml)1
-rw-r--r--kubernetes/clamp/components/clamp-backend/templates/deployment.yaml (renamed from kubernetes/clamp/charts/clamp-backend/templates/deployment.yaml)30
-rw-r--r--kubernetes/clamp/components/clamp-backend/templates/secrets.yaml (renamed from kubernetes/clamp/charts/clamp-backend/templates/secrets.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-backend/templates/service.yaml (renamed from kubernetes/clamp/charts/clamp-backend/templates/service.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-backend/values.yaml (renamed from kubernetes/clamp/charts/clamp-backend/values.yaml)61
-rw-r--r--kubernetes/clamp/components/clamp-dash-es/Chart.yaml (renamed from kubernetes/clamp/charts/clamp-dash-es/Chart.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-dash-es/requirements.yaml (renamed from kubernetes/clamp/charts/clamp-dash-es/requirements.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-dash-es/resources/config/elasticsearch.yml (renamed from kubernetes/clamp/charts/clamp-dash-es/resources/config/elasticsearch.yml)0
-rw-r--r--kubernetes/clamp/components/clamp-dash-es/templates/configmap.yaml (renamed from kubernetes/clamp/charts/clamp-dash-es/templates/configmap.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-dash-es/templates/deployment.yaml (renamed from kubernetes/clamp/charts/clamp-dash-es/templates/deployment.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-dash-es/templates/pv.yaml (renamed from kubernetes/clamp/charts/clamp-dash-es/templates/pv.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-dash-es/templates/pvc.yaml (renamed from kubernetes/clamp/charts/clamp-dash-es/templates/pvc.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-dash-es/templates/service.yaml (renamed from kubernetes/clamp/charts/clamp-dash-es/templates/service.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-dash-es/values.yaml (renamed from kubernetes/clamp/charts/clamp-dash-es/values.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-dash-kibana/Chart.yaml (renamed from kubernetes/clamp/charts/clamp-dash-kibana/Chart.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-dash-kibana/requirements.yaml (renamed from kubernetes/clamp/charts/clamp-dash-kibana/requirements.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-dash-kibana/resources/config/kibana.yml (renamed from kubernetes/clamp/charts/clamp-dash-kibana/resources/config/kibana.yml)0
-rw-r--r--kubernetes/clamp/components/clamp-dash-kibana/templates/configmap.yaml (renamed from kubernetes/clamp/charts/clamp-dash-kibana/templates/configmap.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-dash-kibana/templates/deployment.yaml (renamed from kubernetes/clamp/charts/clamp-dash-kibana/templates/deployment.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-dash-kibana/templates/ingress.yaml (renamed from kubernetes/clamp/charts/clamp-dash-kibana/templates/ingress.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-dash-kibana/templates/service.yaml (renamed from kubernetes/clamp/charts/clamp-dash-kibana/templates/service.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-dash-kibana/values.yaml (renamed from kubernetes/clamp/charts/clamp-dash-kibana/values.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-dash-logstash/Chart.yaml (renamed from kubernetes/clamp/charts/clamp-dash-logstash/Chart.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-dash-logstash/requirements.yaml (renamed from kubernetes/clamp/charts/clamp-dash-logstash/requirements.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-dash-logstash/resources/config/logstash.yml (renamed from kubernetes/clamp/charts/clamp-dash-logstash/resources/config/logstash.yml)0
-rw-r--r--kubernetes/clamp/components/clamp-dash-logstash/resources/config/pipeline.conf (renamed from kubernetes/clamp/charts/clamp-dash-logstash/resources/config/pipeline.conf)0
-rw-r--r--kubernetes/clamp/components/clamp-dash-logstash/templates/configmap.yaml (renamed from kubernetes/clamp/charts/clamp-dash-logstash/templates/configmap.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-dash-logstash/templates/deployment.yaml (renamed from kubernetes/clamp/charts/clamp-dash-logstash/templates/deployment.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-dash-logstash/templates/service.yaml (renamed from kubernetes/clamp/charts/clamp-dash-logstash/templates/service.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-dash-logstash/values.yaml (renamed from kubernetes/clamp/charts/clamp-dash-logstash/values.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-mariadb/Chart.yaml (renamed from kubernetes/clamp/charts/mariadb/Chart.yaml)2
-rw-r--r--kubernetes/clamp/components/clamp-mariadb/NOTES.txt (renamed from kubernetes/clamp/charts/mariadb/NOTES.txt)0
-rw-r--r--kubernetes/clamp/components/clamp-mariadb/requirements.yaml18
-rwxr-xr-xkubernetes/clamp/components/clamp-mariadb/resources/config/init/docker-entrypoint.sh (renamed from kubernetes/clamp/charts/mariadb/resources/config/init/docker-entrypoint.sh)0
-rw-r--r--kubernetes/clamp/components/clamp-mariadb/resources/config/mariadb/conf.d/conf1/my.cnf (renamed from kubernetes/clamp/charts/mariadb/resources/config/mariadb/conf.d/conf1/my.cnf)0
-rw-r--r--kubernetes/clamp/components/clamp-mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/create-tables.sql (renamed from kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/create-tables.sql)0
-rw-r--r--kubernetes/clamp/components/clamp-mariadb/templates/NOTES.txt (renamed from kubernetes/clamp/charts/mariadb/templates/NOTES.txt)0
-rw-r--r--kubernetes/clamp/components/clamp-mariadb/templates/configmap.yaml (renamed from kubernetes/clamp/charts/mariadb/templates/configmap.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-mariadb/templates/deployment.yaml (renamed from kubernetes/clamp/charts/mariadb/templates/deployment.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-mariadb/templates/pv.yaml (renamed from kubernetes/clamp/charts/mariadb/templates/pv.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-mariadb/templates/pvc.yaml (renamed from kubernetes/clamp/charts/mariadb/templates/pvc.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-mariadb/templates/secrets.yaml (renamed from kubernetes/clamp/charts/mariadb/templates/secrets.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-mariadb/templates/service.yaml (renamed from kubernetes/clamp/charts/mariadb/templates/service.yaml)0
-rw-r--r--kubernetes/clamp/components/clamp-mariadb/values.yaml (renamed from kubernetes/clamp/charts/mariadb/values.yaml)6
-rw-r--r--kubernetes/clamp/requirements.yaml20
-rw-r--r--kubernetes/clamp/resources/config/default.conf6
-rw-r--r--kubernetes/clamp/templates/deployment.yaml5
-rw-r--r--kubernetes/clamp/values.yaml42
56 files changed, 319 insertions, 48 deletions
diff --git a/kubernetes/clamp/Makefile b/kubernetes/clamp/Makefile
new file mode 100644
index 0000000000..8af301d7ae
--- /dev/null
+++ b/kubernetes/clamp/Makefile
@@ -0,0 +1,50 @@
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+OUTPUT_DIR := $(ROOT_DIR)/../dist
+PACKAGE_DIR := $(OUTPUT_DIR)/packages
+SECRET_DIR := $(OUTPUT_DIR)/secrets
+
+EXCLUDES := dist resources templates charts docker
+HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+
+.PHONY: $(EXCLUDES) $(HELM_CHARTS)
+
+all: $(HELM_CHARTS)
+
+$(HELM_CHARTS):
+ @echo "\n[$@]"
+ @make package-$@
+
+make-%:
+ @if [ -f $*/Makefile ]; then make -C $*; fi
+
+dep-%: make-%
+ @if [ -f $*/requirements.yaml ]; then helm dep up $*; fi
+
+lint-%: dep-%
+ @if [ -f $*/Chart.yaml ]; then helm lint $*; fi
+
+package-%: lint-%
+ @mkdir -p $(PACKAGE_DIR)
+ @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+ @helm repo index $(PACKAGE_DIR)
+
+clean:
+ @rm -f */requirements.lock
+ @rm -f *tgz */charts/*tgz
+ @rm -rf $(PACKAGE_DIR)
+%:
+ @:
diff --git a/kubernetes/clamp/components/Makefile b/kubernetes/clamp/components/Makefile
new file mode 100644
index 0000000000..acaf7fb683
--- /dev/null
+++ b/kubernetes/clamp/components/Makefile
@@ -0,0 +1,50 @@
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+OUTPUT_DIR := $(ROOT_DIR)/../../dist
+PACKAGE_DIR := $(OUTPUT_DIR)/packages
+SECRET_DIR := $(OUTPUT_DIR)/secrets
+
+EXCLUDES :=
+HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+
+.PHONY: $(EXCLUDES) $(HELM_CHARTS)
+
+all: $(HELM_CHARTS)
+
+$(HELM_CHARTS):
+ @echo "\n[$@]"
+ @make package-$@
+
+make-%:
+ @if [ -f $*/Makefile ]; then make -C $*; fi
+
+dep-%: make-%
+ @if [ -f $*/requirements.yaml ]; then helm dep up $*; fi
+
+lint-%: dep-%
+ @if [ -f $*/Chart.yaml ]; then helm lint $*; fi
+
+package-%: lint-%
+ @mkdir -p $(PACKAGE_DIR)
+ @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+ @helm repo index $(PACKAGE_DIR)
+
+clean:
+ @rm -f */requirements.lock
+ @rm -f *tgz */charts/*tgz
+ @rm -rf $(PACKAGE_DIR)
+%:
+ @: \ No newline at end of file
diff --git a/kubernetes/clamp/charts/clamp-backend/Chart.yaml b/kubernetes/clamp/components/clamp-backend/Chart.yaml
index 89117ce205..89117ce205 100644
--- a/kubernetes/clamp/charts/clamp-backend/Chart.yaml
+++ b/kubernetes/clamp/components/clamp-backend/Chart.yaml
diff --git a/kubernetes/clamp/charts/clamp-backend/requirements.yaml b/kubernetes/clamp/components/clamp-backend/requirements.yaml
index d3c442d32e..08708fba14 100644
--- a/kubernetes/clamp/charts/clamp-backend/requirements.yaml
+++ b/kubernetes/clamp/components/clamp-backend/requirements.yaml
@@ -14,9 +14,6 @@
# limitations under the License.
dependencies:
- - name: common
+ - name: certInitializer
version: ~6.x-0
- # local reference to common chart, as it is
- # a part of this chart's package and will not
- # be published independently to a repo (at this point)
- repository: '@local'
+ repository: '@local' \ No newline at end of file
diff --git a/kubernetes/clamp/components/clamp-backend/resources/config/application.properties b/kubernetes/clamp/components/clamp-backend/resources/config/application.properties
new file mode 100644
index 0000000000..b2cee395b9
--- /dev/null
+++ b/kubernetes/clamp/components/clamp-backend/resources/config/application.properties
@@ -0,0 +1,69 @@
+###
+# ============LICENSE_START=======================================================
+# ONAP CLAMP
+# ================================================================================
+# Copyright (C) 2017-2019 AT&T Intellectual Property. All rights
+# reserved.
+# ================================================================================
+# Modifications copyright (c) 2019 Nokia
+# ================================================================================\
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END============================================
+# ===================================================================
+#
+###
+{{- if .Values.global.aafEnabled }}
+server.ssl.key-store=file:{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }}
+server.ssl.key-store-password=${cadi_keystore_password_p12}
+server.ssl.key-password=${cadi_key_password}
+server.ssl.key-store-type=PKCS12
+server.ssl.key-alias={{ .Values.certInitializer.fqi }}
+
+# The key file used to decode the key store and trust store password
+# If not defined, the key store and trust store password will not be decrypted
+clamp.config.keyFile=file:{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keyFile }}
+
+## Config part for Client certificates
+server.ssl.client-auth=want
+server.ssl.trust-store=file:{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }}
+server.ssl.trust-store-password=${cadi_truststore_password}
+{{- end }}
+
+#clds datasource connection details
+spring.datasource.username=${MYSQL_USER}
+spring.datasource.password=${MYSQL_PASSWORD}
+spring.datasource.url=jdbc:mariadb:sequential://clampdb.{{ include "common.namespace" . }}:3306/${MYSQL_DATABASE}?autoReconnect=true&connectTimeout=10000&socketTimeout=10000&retriesAllDown=3
+spring.profiles.active=clamp-default,clamp-aaf-authentication,clamp-sdc-controller,clamp-ssl-config,clamp-policy-controller,legacy-operational-policy,default-dictionary-elements
+
+#The log folder that will be used in logback.xml file
+clamp.config.files.sdcController=file:/opt/clamp/sdc-controllers-config.json
+
+#
+# Configuration Settings for Policy Engine Components
+clamp.config.policy.api.url=https4://policy-api.{{ include "common.namespace" . }}:6969
+clamp.config.policy.api.userName=healthcheck
+clamp.config.policy.api.password=zb!XztG34
+clamp.config.policy.pap.url=https4://policy-pap.{{ include "common.namespace" . }}:6969
+clamp.config.policy.pap.userName=healthcheck
+clamp.config.policy.pap.password=zb!XztG34
+
+#DCAE Inventory Url Properties
+clamp.config.dcae.inventory.url=https4://inventory.{{ include "common.namespace" . }}:8080
+clamp.config.dcae.dispatcher.url=https4://deployment-handler.{{ include "common.namespace" . }}:8443
+#DCAE Deployment Url Properties
+clamp.config.dcae.deployment.url=https4://deployment-handler.{{ include "common.namespace" . }}:8443
+clamp.config.dcae.deployment.userName=none
+clamp.config.dcae.deployment.password=none
+
+#AAF related parameters
+clamp.config.cadi.aafLocateUrl=https://aaf-locate.{{ include "common.namespace" . }}:8095 \ No newline at end of file
diff --git a/kubernetes/clamp/charts/clamp-backend/resources/config/log/filebeat/filebeat.yml b/kubernetes/clamp/components/clamp-backend/resources/config/log/filebeat/filebeat.yml
index dab2e44f5e..dab2e44f5e 100644
--- a/kubernetes/clamp/charts/clamp-backend/resources/config/log/filebeat/filebeat.yml
+++ b/kubernetes/clamp/components/clamp-backend/resources/config/log/filebeat/filebeat.yml
diff --git a/kubernetes/clamp/charts/clamp-backend/resources/config/sdc-controllers-config.json b/kubernetes/clamp/components/clamp-backend/resources/config/sdc-controllers-config.json
index 3adda95c11..3adda95c11 100644
--- a/kubernetes/clamp/charts/clamp-backend/resources/config/sdc-controllers-config.json
+++ b/kubernetes/clamp/components/clamp-backend/resources/config/sdc-controllers-config.json
diff --git a/kubernetes/clamp/charts/clamp-backend/templates/NOTES.txt b/kubernetes/clamp/components/clamp-backend/templates/NOTES.txt
index e36d6a5bfb..e36d6a5bfb 100644
--- a/kubernetes/clamp/charts/clamp-backend/templates/NOTES.txt
+++ b/kubernetes/clamp/components/clamp-backend/templates/NOTES.txt
diff --git a/kubernetes/clamp/charts/clamp-backend/templates/configmap.yaml b/kubernetes/clamp/components/clamp-backend/templates/configmap.yaml
index f66312c741..3fce850140 100644
--- a/kubernetes/clamp/charts/clamp-backend/templates/configmap.yaml
+++ b/kubernetes/clamp/components/clamp-backend/templates/configmap.yaml
@@ -25,6 +25,5 @@ metadata:
heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
- spring_application_json: {{ tpl .Values.config.springApplicationJson . | quote }}
{{ include "common.log.configMap" . }}
diff --git a/kubernetes/clamp/charts/clamp-backend/templates/deployment.yaml b/kubernetes/clamp/components/clamp-backend/templates/deployment.yaml
index f08fd67fc4..f86c636a43 100644
--- a/kubernetes/clamp/charts/clamp-backend/templates/deployment.yaml
+++ b/kubernetes/clamp/components/clamp-backend/templates/deployment.yaml
@@ -39,7 +39,7 @@ spec:
- /app/ready.py
args:
- --container-name
- - mariadb
+ - clamp-mariadb
env:
- name: NAMESPACE
valueFrom:
@@ -49,6 +49,7 @@ spec:
image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-readiness
+{{ include "common.certInitializer.initContainer" . | indent 6 }}
containers:
# side car containers
{{ if .Values.global.centralizedLoggingEnabled }}{{ include "common.log.sidecar" . | nindent 8 }}{{ end }}
@@ -56,8 +57,19 @@ spec:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- if .Values.global.aafEnabled }}
+ command:
+ - sh
+ workingDir: "/opt/clamp/"
args:
- - ""
+ - -c
+ - |
+ export $(grep '^cadi_' {{ .Values.certInitializer.credsPath }}/org.onap.clamp.cred.props | xargs -0)
+ java -Djava.security.egd=file:/dev/./urandom -Xms256m -Xmx1g -jar ./app.jar
+ {{- else }}
+ args:
+ - ""
+ {{- end }}
ports:
- containerPort: {{ .Values.service.internalPort }}
# disable liveness probe when breakpoints set in debugger
@@ -74,12 +86,15 @@ spec:
port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
- volumeMounts:
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- name: logs
mountPath: {{ .Values.log.path }}
- mountPath: /opt/clamp/sdc-controllers-config.json
name: {{ include "common.fullname" . }}-config
subPath: sdc-controllers-config.json
+ - mountPath: /opt/clamp/application.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: application.properties
env:
- name: MYSQL_USER
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }}
@@ -87,11 +102,6 @@ spec:
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }}
- name: MYSQL_DATABASE
value: {{ tpl .Values.db.databaseName .}}
- - name: SPRING_APPLICATION_JSON
- valueFrom:
- configMapKeyRef:
- name: {{ template "common.fullname" . }}
- key: spring_application_json
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -102,13 +112,15 @@ spec:
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
- volumes:
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: {{ include "common.fullname" . }}-config
configMap:
name: {{ include "common.fullname" . }}
items:
- key: sdc-controllers-config.json
path: sdc-controllers-config.json
+ - key: application.properties
+ path: application.properties
- name: logs
emptyDir: {}
{{ if .Values.global.centralizedLoggingEnabled }}{{ include "common.log.volumes" . | nindent 8 }}{{ end }}
diff --git a/kubernetes/clamp/charts/clamp-backend/templates/secrets.yaml b/kubernetes/clamp/components/clamp-backend/templates/secrets.yaml
index 57f88ce32d..57f88ce32d 100644
--- a/kubernetes/clamp/charts/clamp-backend/templates/secrets.yaml
+++ b/kubernetes/clamp/components/clamp-backend/templates/secrets.yaml
diff --git a/kubernetes/clamp/charts/clamp-backend/templates/service.yaml b/kubernetes/clamp/components/clamp-backend/templates/service.yaml
index b1a5465116..b1a5465116 100644
--- a/kubernetes/clamp/charts/clamp-backend/templates/service.yaml
+++ b/kubernetes/clamp/components/clamp-backend/templates/service.yaml
diff --git a/kubernetes/clamp/charts/clamp-backend/values.yaml b/kubernetes/clamp/components/clamp-backend/values.yaml
index 7d8e077f59..a6d5ca0b4c 100644
--- a/kubernetes/clamp/charts/clamp-backend/values.yaml
+++ b/kubernetes/clamp/components/clamp-backend/values.yaml
@@ -21,6 +21,38 @@ global: # global defaults
repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ==
readinessImage: onap/oom/readiness:3.0.1
persistence: {}
+ centralizedLoggingEnabled: true
+ #AAF service
+ aafEnabled: true
+
+#################################################################
+# AAF part
+#################################################################
+certInitializer:
+ permission_user: 1000
+ permission_group: 999
+ keystoreFile: "org.onap.clamp.p12"
+ truststoreFile: "org.onap.clamp.trust.jks"
+ keyFile: "org.onap.clamp.keyfile"
+ truststoreFileONAP: "truststoreONAPall.jks"
+ nameOverride: clamp-backend-cert-initializer
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ fqdn: clamp
+ fqi: clamp@clamp.onap.org
+ public_fqdn: clamp.onap.org
+ cadi_longitude: "-72.0"
+ cadi_latitude: "38.0"
+ app_ns: org.osaaf.aaf
+ credsPath: /opt/app/osaaf/local
+ aaf_add_config: >
+ /opt/app/aaf_config/bin/agent.sh local showpass {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop;
+ grep '^cadi' {{ .Values.credsPath }}/mycreds.prop | awk -v FS="cadi_truststore_password=" 'NF>1{print $2}' > {{ .Values.credsPath }}/cadi_truststore_password.pwd;
+ grep '^cadi' {{ .Values.credsPath }}/mycreds.prop | awk -v FS="cadi_key_password=" 'NF>1{print $2}' > {{ .Values.credsPath }}/cadi_key_password.pwd;
+ grep '^cadi' {{ .Values.credsPath }}/mycreds.prop | awk -v FS="cadi_keystore_password=" 'NF>1{print $2}' > {{ .Values.credsPath }}/cadi_keystore_password.pwd;
+ grep '^cadi' {{ .Values.credsPath }}/mycreds.prop | awk -v FS="cadi_keystore_password_p12=" 'NF>1{print $2}' > {{ .Values.credsPath }}/cadi_keystore_password_p12.pwd;
+ cd {{ .Values.credsPath }};
+ chmod a+rx *;
secrets:
- uid: db-secret
@@ -34,7 +66,7 @@ flavor: small
# application image
repository: nexus3.onap.org:10001
-image: onap/clamp-backend:5.0.7
+image: onap/clamp-backend:5.1.0
pullPolicy: Always
# flag to enable debugging - application support required
@@ -48,7 +80,12 @@ log:
# Application configuration defaults.
#################################################################
-db: {}
+#####dummy values for db user and password to pass lint!!!#######
+
+db:
+ user: dummyclds
+ password: dummysidnnd83K
+ databaseName: dummycldsdb4
config:
log:
@@ -56,26 +93,6 @@ config:
logstashPort: 5044
mysqlPassword: strong_pitchou
dataRootDir: /dockerdata-nfs
- springApplicationJson: >
- {
- "spring.datasource.username": "${MYSQL_USER}",
- "spring.datasource.password": "${MYSQL_PASSWORD}",
- "spring.datasource.url": "jdbc:mariadb:sequential://clampdb.{{ include "common.namespace" . }}:3306/${MYSQL_DATABASE}?autoReconnect=true&connectTimeout=10000&socketTimeout=10000&retriesAllDown=3",
- "spring.profiles.active": "clamp-default,clamp-aaf-authentication,clamp-sdc-controller,clamp-ssl-config,clamp-policy-controller,legacy-operational-policy,default-dictionary-elements",
- "clamp.config.files.sdcController": "file:/opt/clamp/sdc-controllers-config.json",
- "clamp.config.dcae.inventory.url": "https4://inventory.{{ include "common.namespace" . }}:8080",
- "clamp.config.dcae.dispatcher.url": "https4://deployment-handler.{{ include "common.namespace" . }}:8443",
- "clamp.config.dcae.deployment.url": "https4://deployment-handler.{{ include "common.namespace" . }}:8443",
- "clamp.config.dcae.deployment.userName": "none",
- "clamp.config.dcae.deployment.password": "none",
- "clamp.config.policy.api.url": "https4://policy-api.{{ include "common.namespace" . }}:6969",
- "clamp.config.policy.api.userName": "healthcheck",
- "clamp.config.policy.api.password": "zb!XztG34",
- "clamp.config.policy.pap.url": "https4://policy-pap.{{ include "common.namespace" . }}:6969",
- "clamp.config.policy.pap.userName": "healthcheck",
- "clamp.config.policy.pap.password": "zb!XztG34",
- "clamp.config.cadi.aafLocateUrl": "https://aaf-locate.{{ include "common.namespace" . }}:8095"
- }
# default number of instances
replicaCount: 1
diff --git a/kubernetes/clamp/charts/clamp-dash-es/Chart.yaml b/kubernetes/clamp/components/clamp-dash-es/Chart.yaml
index b2f8624a4b..b2f8624a4b 100644
--- a/kubernetes/clamp/charts/clamp-dash-es/Chart.yaml
+++ b/kubernetes/clamp/components/clamp-dash-es/Chart.yaml
diff --git a/kubernetes/clamp/charts/clamp-dash-es/requirements.yaml b/kubernetes/clamp/components/clamp-dash-es/requirements.yaml
index caff1e5dc4..caff1e5dc4 100644
--- a/kubernetes/clamp/charts/clamp-dash-es/requirements.yaml
+++ b/kubernetes/clamp/components/clamp-dash-es/requirements.yaml
diff --git a/kubernetes/clamp/charts/clamp-dash-es/resources/config/elasticsearch.yml b/kubernetes/clamp/components/clamp-dash-es/resources/config/elasticsearch.yml
index 1eb20fce89..1eb20fce89 100644
--- a/kubernetes/clamp/charts/clamp-dash-es/resources/config/elasticsearch.yml
+++ b/kubernetes/clamp/components/clamp-dash-es/resources/config/elasticsearch.yml
diff --git a/kubernetes/clamp/charts/clamp-dash-es/templates/configmap.yaml b/kubernetes/clamp/components/clamp-dash-es/templates/configmap.yaml
index 20ff6f27c2..20ff6f27c2 100644
--- a/kubernetes/clamp/charts/clamp-dash-es/templates/configmap.yaml
+++ b/kubernetes/clamp/components/clamp-dash-es/templates/configmap.yaml
diff --git a/kubernetes/clamp/charts/clamp-dash-es/templates/deployment.yaml b/kubernetes/clamp/components/clamp-dash-es/templates/deployment.yaml
index 0ec38b08e3..0ec38b08e3 100644
--- a/kubernetes/clamp/charts/clamp-dash-es/templates/deployment.yaml
+++ b/kubernetes/clamp/components/clamp-dash-es/templates/deployment.yaml
diff --git a/kubernetes/clamp/charts/clamp-dash-es/templates/pv.yaml b/kubernetes/clamp/components/clamp-dash-es/templates/pv.yaml
index 3669621b24..3669621b24 100644
--- a/kubernetes/clamp/charts/clamp-dash-es/templates/pv.yaml
+++ b/kubernetes/clamp/components/clamp-dash-es/templates/pv.yaml
diff --git a/kubernetes/clamp/charts/clamp-dash-es/templates/pvc.yaml b/kubernetes/clamp/components/clamp-dash-es/templates/pvc.yaml
index 6ae4eea0d3..6ae4eea0d3 100644
--- a/kubernetes/clamp/charts/clamp-dash-es/templates/pvc.yaml
+++ b/kubernetes/clamp/components/clamp-dash-es/templates/pvc.yaml
diff --git a/kubernetes/clamp/charts/clamp-dash-es/templates/service.yaml b/kubernetes/clamp/components/clamp-dash-es/templates/service.yaml
index 292fc31dc3..292fc31dc3 100644
--- a/kubernetes/clamp/charts/clamp-dash-es/templates/service.yaml
+++ b/kubernetes/clamp/components/clamp-dash-es/templates/service.yaml
diff --git a/kubernetes/clamp/charts/clamp-dash-es/values.yaml b/kubernetes/clamp/components/clamp-dash-es/values.yaml
index 27158a6668..27158a6668 100644
--- a/kubernetes/clamp/charts/clamp-dash-es/values.yaml
+++ b/kubernetes/clamp/components/clamp-dash-es/values.yaml
diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/Chart.yaml b/kubernetes/clamp/components/clamp-dash-kibana/Chart.yaml
index 5d897d96eb..5d897d96eb 100644
--- a/kubernetes/clamp/charts/clamp-dash-kibana/Chart.yaml
+++ b/kubernetes/clamp/components/clamp-dash-kibana/Chart.yaml
diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/requirements.yaml b/kubernetes/clamp/components/clamp-dash-kibana/requirements.yaml
index caff1e5dc4..caff1e5dc4 100644
--- a/kubernetes/clamp/charts/clamp-dash-kibana/requirements.yaml
+++ b/kubernetes/clamp/components/clamp-dash-kibana/requirements.yaml
diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/resources/config/kibana.yml b/kubernetes/clamp/components/clamp-dash-kibana/resources/config/kibana.yml
index db81e3da00..db81e3da00 100644
--- a/kubernetes/clamp/charts/clamp-dash-kibana/resources/config/kibana.yml
+++ b/kubernetes/clamp/components/clamp-dash-kibana/resources/config/kibana.yml
diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/templates/configmap.yaml b/kubernetes/clamp/components/clamp-dash-kibana/templates/configmap.yaml
index 5d1b32258c..5d1b32258c 100644
--- a/kubernetes/clamp/charts/clamp-dash-kibana/templates/configmap.yaml
+++ b/kubernetes/clamp/components/clamp-dash-kibana/templates/configmap.yaml
diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/templates/deployment.yaml b/kubernetes/clamp/components/clamp-dash-kibana/templates/deployment.yaml
index 0e5f65cabb..0e5f65cabb 100644
--- a/kubernetes/clamp/charts/clamp-dash-kibana/templates/deployment.yaml
+++ b/kubernetes/clamp/components/clamp-dash-kibana/templates/deployment.yaml
diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/templates/ingress.yaml b/kubernetes/clamp/components/clamp-dash-kibana/templates/ingress.yaml
index 0cd8cfbd36..0cd8cfbd36 100644
--- a/kubernetes/clamp/charts/clamp-dash-kibana/templates/ingress.yaml
+++ b/kubernetes/clamp/components/clamp-dash-kibana/templates/ingress.yaml
diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/templates/service.yaml b/kubernetes/clamp/components/clamp-dash-kibana/templates/service.yaml
index 07d4a8f8ea..07d4a8f8ea 100644
--- a/kubernetes/clamp/charts/clamp-dash-kibana/templates/service.yaml
+++ b/kubernetes/clamp/components/clamp-dash-kibana/templates/service.yaml
diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml b/kubernetes/clamp/components/clamp-dash-kibana/values.yaml
index 11f29570bd..11f29570bd 100644
--- a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml
+++ b/kubernetes/clamp/components/clamp-dash-kibana/values.yaml
diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/Chart.yaml b/kubernetes/clamp/components/clamp-dash-logstash/Chart.yaml
index 9fc0317fd3..9fc0317fd3 100644
--- a/kubernetes/clamp/charts/clamp-dash-logstash/Chart.yaml
+++ b/kubernetes/clamp/components/clamp-dash-logstash/Chart.yaml
diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/requirements.yaml b/kubernetes/clamp/components/clamp-dash-logstash/requirements.yaml
index caff1e5dc4..caff1e5dc4 100644
--- a/kubernetes/clamp/charts/clamp-dash-logstash/requirements.yaml
+++ b/kubernetes/clamp/components/clamp-dash-logstash/requirements.yaml
diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/logstash.yml b/kubernetes/clamp/components/clamp-dash-logstash/resources/config/logstash.yml
index cecd5b18c8..cecd5b18c8 100644
--- a/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/logstash.yml
+++ b/kubernetes/clamp/components/clamp-dash-logstash/resources/config/logstash.yml
diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/pipeline.conf b/kubernetes/clamp/components/clamp-dash-logstash/resources/config/pipeline.conf
index c005fcca3e..c005fcca3e 100644
--- a/kubernetes/clamp/charts/clamp-dash-logstash/resources/config/pipeline.conf
+++ b/kubernetes/clamp/components/clamp-dash-logstash/resources/config/pipeline.conf
diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/templates/configmap.yaml b/kubernetes/clamp/components/clamp-dash-logstash/templates/configmap.yaml
index 4278a6e6d3..4278a6e6d3 100644
--- a/kubernetes/clamp/charts/clamp-dash-logstash/templates/configmap.yaml
+++ b/kubernetes/clamp/components/clamp-dash-logstash/templates/configmap.yaml
diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/templates/deployment.yaml b/kubernetes/clamp/components/clamp-dash-logstash/templates/deployment.yaml
index acd108d2cf..acd108d2cf 100644
--- a/kubernetes/clamp/charts/clamp-dash-logstash/templates/deployment.yaml
+++ b/kubernetes/clamp/components/clamp-dash-logstash/templates/deployment.yaml
diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/templates/service.yaml b/kubernetes/clamp/components/clamp-dash-logstash/templates/service.yaml
index 07d4a8f8ea..07d4a8f8ea 100644
--- a/kubernetes/clamp/charts/clamp-dash-logstash/templates/service.yaml
+++ b/kubernetes/clamp/components/clamp-dash-logstash/templates/service.yaml
diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml b/kubernetes/clamp/components/clamp-dash-logstash/values.yaml
index c2a522b1c8..c2a522b1c8 100644
--- a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml
+++ b/kubernetes/clamp/components/clamp-dash-logstash/values.yaml
diff --git a/kubernetes/clamp/charts/mariadb/Chart.yaml b/kubernetes/clamp/components/clamp-mariadb/Chart.yaml
index eaad8b8440..91984c1014 100644
--- a/kubernetes/clamp/charts/mariadb/Chart.yaml
+++ b/kubernetes/clamp/components/clamp-mariadb/Chart.yaml
@@ -15,5 +15,5 @@
apiVersion: v1
description: MariaDB Service
-name: mariadb
+name: clamp-mariadb
version: 6.0.0
diff --git a/kubernetes/clamp/charts/mariadb/NOTES.txt b/kubernetes/clamp/components/clamp-mariadb/NOTES.txt
index 1103affff1..1103affff1 100644
--- a/kubernetes/clamp/charts/mariadb/NOTES.txt
+++ b/kubernetes/clamp/components/clamp-mariadb/NOTES.txt
diff --git a/kubernetes/clamp/components/clamp-mariadb/requirements.yaml b/kubernetes/clamp/components/clamp-mariadb/requirements.yaml
new file mode 100644
index 0000000000..9b96d0cfc4
--- /dev/null
+++ b/kubernetes/clamp/components/clamp-mariadb/requirements.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local' \ No newline at end of file
diff --git a/kubernetes/clamp/charts/mariadb/resources/config/init/docker-entrypoint.sh b/kubernetes/clamp/components/clamp-mariadb/resources/config/init/docker-entrypoint.sh
index 71f32e2eff..71f32e2eff 100755
--- a/kubernetes/clamp/charts/mariadb/resources/config/init/docker-entrypoint.sh
+++ b/kubernetes/clamp/components/clamp-mariadb/resources/config/init/docker-entrypoint.sh
diff --git a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/conf.d/conf1/my.cnf b/kubernetes/clamp/components/clamp-mariadb/resources/config/mariadb/conf.d/conf1/my.cnf
index 612590cc6b..612590cc6b 100644
--- a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/conf.d/conf1/my.cnf
+++ b/kubernetes/clamp/components/clamp-mariadb/resources/config/mariadb/conf.d/conf1/my.cnf
diff --git a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/create-tables.sql b/kubernetes/clamp/components/clamp-mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/create-tables.sql
index 1f153bce04..1f153bce04 100644
--- a/kubernetes/clamp/charts/mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/create-tables.sql
+++ b/kubernetes/clamp/components/clamp-mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/create-tables.sql
diff --git a/kubernetes/clamp/charts/mariadb/templates/NOTES.txt b/kubernetes/clamp/components/clamp-mariadb/templates/NOTES.txt
index 1103affff1..1103affff1 100644
--- a/kubernetes/clamp/charts/mariadb/templates/NOTES.txt
+++ b/kubernetes/clamp/components/clamp-mariadb/templates/NOTES.txt
diff --git a/kubernetes/clamp/charts/mariadb/templates/configmap.yaml b/kubernetes/clamp/components/clamp-mariadb/templates/configmap.yaml
index 01420aa97b..01420aa97b 100644
--- a/kubernetes/clamp/charts/mariadb/templates/configmap.yaml
+++ b/kubernetes/clamp/components/clamp-mariadb/templates/configmap.yaml
diff --git a/kubernetes/clamp/charts/mariadb/templates/deployment.yaml b/kubernetes/clamp/components/clamp-mariadb/templates/deployment.yaml
index 7d6e162813..7d6e162813 100644
--- a/kubernetes/clamp/charts/mariadb/templates/deployment.yaml
+++ b/kubernetes/clamp/components/clamp-mariadb/templates/deployment.yaml
diff --git a/kubernetes/clamp/charts/mariadb/templates/pv.yaml b/kubernetes/clamp/components/clamp-mariadb/templates/pv.yaml
index 424987936d..424987936d 100644
--- a/kubernetes/clamp/charts/mariadb/templates/pv.yaml
+++ b/kubernetes/clamp/components/clamp-mariadb/templates/pv.yaml
diff --git a/kubernetes/clamp/charts/mariadb/templates/pvc.yaml b/kubernetes/clamp/components/clamp-mariadb/templates/pvc.yaml
index 6856c80540..6856c80540 100644
--- a/kubernetes/clamp/charts/mariadb/templates/pvc.yaml
+++ b/kubernetes/clamp/components/clamp-mariadb/templates/pvc.yaml
diff --git a/kubernetes/clamp/charts/mariadb/templates/secrets.yaml b/kubernetes/clamp/components/clamp-mariadb/templates/secrets.yaml
index 57f88ce32d..57f88ce32d 100644
--- a/kubernetes/clamp/charts/mariadb/templates/secrets.yaml
+++ b/kubernetes/clamp/components/clamp-mariadb/templates/secrets.yaml
diff --git a/kubernetes/clamp/charts/mariadb/templates/service.yaml b/kubernetes/clamp/components/clamp-mariadb/templates/service.yaml
index 2533c26161..2533c26161 100644
--- a/kubernetes/clamp/charts/mariadb/templates/service.yaml
+++ b/kubernetes/clamp/components/clamp-mariadb/templates/service.yaml
diff --git a/kubernetes/clamp/charts/mariadb/values.yaml b/kubernetes/clamp/components/clamp-mariadb/values.yaml
index 8cf489b377..492145ae07 100644
--- a/kubernetes/clamp/charts/mariadb/values.yaml
+++ b/kubernetes/clamp/components/clamp-mariadb/values.yaml
@@ -40,7 +40,11 @@ secrets:
password: '{{ .Values.db.password }}'
# Application configuration
-db: {}
+# dummy value db user pasword to pass lint!!!
+db:
+ user: dummy-clds
+ password: dummy-sidnnd83K
+ databaseName: dummy-cldsdb4
# default number of instances
replicaCount: 1
diff --git a/kubernetes/clamp/requirements.yaml b/kubernetes/clamp/requirements.yaml
index d3c442d32e..dd93eaca2d 100644
--- a/kubernetes/clamp/requirements.yaml
+++ b/kubernetes/clamp/requirements.yaml
@@ -14,9 +14,21 @@
# limitations under the License.
dependencies:
- - name: common
+ - name: certInitializer
version: ~6.x-0
- # local reference to common chart, as it is
- # a part of this chart's package and will not
- # be published independently to a repo (at this point)
repository: '@local'
+ - name: clamp-mariadb
+ version: ~6.x-0
+ repository: 'file://components/clamp-mariadb'
+ - name: clamp-backend
+ version: ~6.x-0
+ repository: 'file://components/clamp-backend'
+ - name: clamp-dash-es
+ version: ~6.x-0
+ repository: 'file://components/clamp-dash-es'
+ - name: clamp-dash-logstash
+ version: ~6.x-0
+ repository: 'file://components/clamp-dash-logstash'
+ - name: clamp-dash-kibana
+ version: ~6.x-0
+ repository: 'file://components/clamp-dash-kibana' \ No newline at end of file
diff --git a/kubernetes/clamp/resources/config/default.conf b/kubernetes/clamp/resources/config/default.conf
index 84beff8d5a..3e6fde9d0d 100644
--- a/kubernetes/clamp/resources/config/default.conf
+++ b/kubernetes/clamp/resources/config/default.conf
@@ -2,8 +2,14 @@ server {
listen 2443 default ssl;
ssl_protocols TLSv1.2;
+ {{ if .Values.global.aafEnabled }}
+ ssl_certificate {{.Values.certInitializer.credsPath}}/{{.Values.certInitializer.clamp_pem}};
+ ssl_certificate_key {{.Values.certInitializer.credsPath}}/{{.Values.certInitializer.clamp_key}};
+ {{ else }}
ssl_certificate /etc/ssl/clamp.pem;
ssl_certificate_key /etc/ssl/clamp.key;
+ {{ end }}
+
ssl_verify_client optional_no_ca;
location /restservices/clds/ {
proxy_pass https://clamp-backend:443;
diff --git a/kubernetes/clamp/templates/deployment.yaml b/kubernetes/clamp/templates/deployment.yaml
index d64a218985..b10d9d7926 100644
--- a/kubernetes/clamp/templates/deployment.yaml
+++ b/kubernetes/clamp/templates/deployment.yaml
@@ -49,6 +49,7 @@ spec:
image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-readiness
+{{ include "common.certInitializer.initContainer" . | nindent 6 }}
containers:
# side car containers
{{ if .Values.global.centralizedLoggingEnabled }}{{ include "common.log.sidecar" . | nindent 8 }}{{ end }}
@@ -72,7 +73,7 @@ spec:
port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
- volumeMounts:
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- name: logs
mountPath: {{ .Values.log.path }}
- mountPath: /etc/nginx/conf.d/default.conf
@@ -88,7 +89,7 @@ spec:
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
- volumes:
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: {{ include "common.fullname" . }}-config
configMap:
name: {{ include "common.fullname" . }}
diff --git a/kubernetes/clamp/values.yaml b/kubernetes/clamp/values.yaml
index 49fd98d27b..d180fbf729 100644
--- a/kubernetes/clamp/values.yaml
+++ b/kubernetes/clamp/values.yaml
@@ -21,7 +21,43 @@ global: # global defaults
readinessImage: onap/oom/readiness:3.0.1
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
- centralizedLoggingEnabled: false
+ centralizedLoggingEnabled: true
+ #AAF service
+ aafEnabled: true
+
+#################################################################
+# AAF part
+#################################################################
+certInitializer:
+ permission_user: 1000
+ permission_group: 999
+ addconfig: true
+ keystoreFile: "org.onap.clamp.p12"
+ truststoreFile: "org.onap.clamp.trust.jks"
+ keyFile: "org.onap.clamp.keyfile"
+ truststoreFileONAP: "truststoreONAPall.jks"
+ clamp_key: "clamp.key"
+ clamp_pem: "clamp.pem"
+ clamp_ca_certs_pem: "clamp-ca-certs.pem"
+ nameOverride: clamp-cert-initializer
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ # aafDeployCredsExternalSecret: some secret
+ fqdn: clamp
+ fqi: clamp@clamp.onap.org
+ public_fqdn: clamp.onap.org
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ app_ns: org.osaaf.aaf
+ credsPath: /opt/app/osaaf/local
+ aaf_add_config: >
+ /opt/app/aaf_config/bin/agent.sh local showpass {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop;
+ export $(/opt/app/aaf_config/bin/agent.sh local showpass | grep '^c' | xargs -0);
+ cd {{ .Values.credsPath }};
+ openssl pkcs12 -in {{ .Values.keystoreFile }} -nocerts -nodes -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_key }};
+ openssl pkcs12 -in {{ .Values.keystoreFile }} -clcerts -nokeys -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_pem }};
+ openssl pkcs12 -in {{ .Values.keystoreFile }} -cacerts -nokeys -chain -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_ca_certs_pem }};
+ chmod a+rx *;
secrets:
- uid: db-root-pass
@@ -44,7 +80,7 @@ clamp-backend:
db:
userCredsExternalSecret: *dbUserPass
databaseName: *dbName
-mariadb:
+clamp-mariadb:
db:
rootCredsExternalSecret: *dbRootPass
userCredsExternalSecret: *dbUserPass
@@ -57,7 +93,7 @@ flavor: small
# application image
repository: nexus3.onap.org:10001
-image: onap/clamp-frontend:5.0.7
+image: onap/clamp-frontend:5.1.0
pullPolicy: Always
# flag to enable debugging - application support required