aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/aaf
diff options
context:
space:
mode:
authorSylvain Desbureaux <sylvain.desbureaux@orange.com>2020-12-15 12:00:26 +0100
committerSylvain Desbureaux <sylvain.desbureaux@orange.com>2021-02-22 15:52:53 +0100
commitb4e038d2e2e7f39fc69a234bb132f43ff6a69712 (patch)
tree02c1f1f8f18bcf86754a02864256308064709121 /kubernetes/aaf
parent740de6d5e3e0744966114440583df27d141dfd03 (diff)
[AAI][RESOURCES] Remove Hardcoded certificates
Use Certinitializer in order to retrieve needed certificates. Issue-ID: OOM-2655 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ie05936be0f513c76ea4dce31b8a460056b79a4b0
Diffstat (limited to 'kubernetes/aaf')
-rw-r--r--kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/artifact.dat1
-rw-r--r--kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/cred.dat1
-rw-r--r--kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/ns.dat1
-rw-r--r--kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/perm.dat3
-rw-r--r--kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/role.dat5
-rw-r--r--kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/user_role.dat5
-rw-r--r--kubernetes/aaf/resources/data/identities.dat1
7 files changed, 16 insertions, 1 deletions
diff --git a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/artifact.dat b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/artifact.dat
index 09327711c2..5a0fcd47ac 100644
--- a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/artifact.dat
+++ b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/artifact.dat
@@ -6,6 +6,7 @@ aai@aai.onap.org|aai2|aaf|/Users/jf2512||mailto:|org.onap.aai|jf2512|60|{'aai.ap
aai@aai.onap.org|aai|local|/opt/app/osaaf/local||mailto:|org.onap.aai|root|60|{'aai-search-data.onap', 'aai-sparky-be.onap', 'aai.api.simpledemo.onap.org', 'aai.elasticsearch.simpledemo.onap.org', 'aai.gremlinserver.simpledemo.onap.org', 'aai.hbase.simpledemo.onap.org', 'aai.onap', 'aai.searchservice.simpledemo.onap.org', 'aai.simpledemo.onap.org', 'aai.ui.simpledemo.onap.org'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12'}
aai@aai.onap.org|aai.onap|local|/opt/app/osaaf/local||mailto:|org.onap.aai|root|30|{'aai-sparky-be.onap', 'aai.api.simpledemo.onap.org', 'aai.elasticsearch.simpledemo.onap.org', 'aai.gremlinserver.simpledemo.onap.org', 'aai.hbase.simpledemo.onap.org', 'aai.onap', 'aai.searchservice.simpledemo.onap.org', 'aai.simpledemo.onap.org', 'aai.ui.simpledemo.onap.org'}|aaf_admin@osaaf.org|{'file', 'jks', 'pkcs12'}
aai@aai.onap.org|mithrilcsp.sbc.com|local|/tmp/onap||mailto:|org.onap.aai|jg1555|30|{'aai-sparky-be.onap', 'aai.api.simpledemo.onap.org', 'aai.elasticsearch.simpledemo.onap.org', 'aai.gremlinserver.simpledemo.onap.org', 'aai.hbase.simpledemo.onap.org', 'aai.onap', 'aai.searchservice.simpledemo.onap.org', 'aai.simpledemo.onap.org', 'aai.ui.simpledemo.onap.org'}|aaf_admin@osaaf.org|{'file', 'pkcs12', 'script'}
+aai-resources@aai-resources.onap.org|aai-resources|local|/opt/app/osaaf/local||mailto:|org.onap.aai-resources|root|30|{'aai-resources', 'aai-resources.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12'}
appc@appc.onap.org|appc|local|/opt/app/osaaf/local||mailto:|org.onap.appc|root|60|{'appc.api.simpledemo.onap.org', 'appc.onap', 'appc.simpledemo.onap.org'}|mmanager@osaaf.org|{'pkcs12'}
appc-cdt@appc-cdt.onap.org|appc-cdt|local|/opt/app/osaaf/local||mailto:|org.onap.appc-cdt|root|30|{'appc-cdt', 'appc-cdt.api.simpledemo.onap.org', 'appc-cdt.onap'}|mmanager@osaaf.org|{'file', 'pkcs12', 'script'}
clamp@clamp.onap.org|clamp|local|/opt/app/osaaf/local||mailto:|org.onap.clamp|root|30|{'clamp', 'clamp-onap', 'clamp.api.simpledemo.onap.org', 'clamp.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
diff --git a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/cred.dat b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/cred.dat
index 04281dc5a6..3098e2b47c 100644
--- a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/cred.dat
+++ b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/cred.dat
@@ -4,6 +4,7 @@ aaf@aaf.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de3163
aaf-sms@aaf-sms.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.aaf-sms|53344||
clamp@clamp.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.clamp|53344||
aai@aai.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.aai|53344||
+aai-resources@aai-resources.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.aai-resources|53344||
appc@appc.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.appc|53344||
appc-cdt@appc-cdt.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.appc-cdt|53344||
cli@cli.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.cli|53344||
diff --git a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/ns.dat b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/ns.dat
index 0f7bad8b8e..7d34894411 100644
--- a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/ns.dat
+++ b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/ns.dat
@@ -1,5 +1,6 @@
org.onap.aaf-sms||org.onap||3
org.onap.aai||org.onap||3
+org.onap.aai-resources||org.onap||3
org.onap.appc||org.onap||3
org.onap.appc-cdt||org.onap||3
org.onap.cds||org.onap||3
diff --git a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/perm.dat b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/perm.dat
index a5bc368566..72358ee53f 100644
--- a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/perm.dat
+++ b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/perm.dat
@@ -14,6 +14,9 @@ org.onap.aai|resources|*|post||"{'org.onap.aai|resources_all'}"
org.onap.aai|resources|*|put||"{'org.onap.aai|resources_all'}"
org.onap.aai|traversal|*|advanced||"{'org.onap.aai|traversal_advanced'}"
org.onap.aai|traversal|*|basic||"{'org.onap.aai|traversal_basic'}"
+org.onap.aai-resources|access|*|*|AAF Namespace Write Access|"{'org.onap.aai-resources|admin', 'org.onap.aai-resources|service'}"
+org.onap.aai-resources|access|*|read|AAF Namespace Read Access|"{'org.onap.aai-resources|owner'}"
+org.onap.aai-resources|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
org.onap|access|*|*|Onap Write Access|{'org.onap.admin'}
org.onap|access|*|read|Onap Read Access|{'org.onap.owner'}
org.onap.appc|access|*|*|AAF Namespace Write Access|"{'org.onap.appc|admin', 'org.onap.appc|service'}"
diff --git a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/role.dat b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/role.dat
index 5ee3d55811..417181c14d 100644
--- a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/role.dat
+++ b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/role.dat
@@ -10,6 +10,9 @@ org.onap.aai|resources_all|resources_all|"{'org.onap.aai|resources|*|delete', 'o
org.onap.aai|resources_readonly|resources_readonly|"{'org.onap.aai|resources|*|get'}"
org.onap.aai|traversal_advanced|traversal_advanced|"{'org.onap.aai|traversal|*|advanced'}"
org.onap.aai|traversal_basic|traversal_basic|"{'org.onap.aai|traversal|*|basic'}"
+org.onap.aai-resources|admin|AAF Namespace Administrators|"{'org.onap.aai-resources|access|*|*'}"
+org.onap.aai-resources|owner|AAF Namespace Owners|"{'org.onap.aai-resources|access|*|read'}"
+org.onap.aai-resources|service||"{'org.onapaai-resources|access|*|*'}"
org.onap|admin|Onap Admins|"{'org.onap.access|*|*'}"
org.onap.appc|admin|AAF Namespace Administrators|"{'org.onap.appc|access|*|*'}"
org.onap.appc|apidoc||"{'org.onap.appc|apidoc|/apidoc/.*|ALL'}"
@@ -314,7 +317,7 @@ org.openecomp.dmaapBC|admin|AAF Admins|"{'org.openecomp.dmaapBC.access|*|*', 'or
org.openecomp.dmaapBC|owner|AAF Owners|"{'org.openecomp.dmaapBC.access|*|read'}"
org.openecomp|owner|OpenEcomp Owners|"{'org.openecomp.access|*|read'}"
org.osaaf.aaf|admin|AAF Admins|"{'org.osaaf.aaf.access|*|*', 'org.osaaf.aaf|cache|all|clear', 'org.osaaf.aaf|cache|role|clear', 'org.osaaf.aaf|password|*|create,reset'}"
-org.osaaf.aaf|deploy|ONAP Deployment Role|"{'org.onap.aaf-sms|certman|local|request,ignoreIPs,showpass', 'org.onap.aai|certman|local|request,ignoreIPs,showpass', 'org.onap.appc|certman|local|request,ignoreIPs,showpass', 'org.onap.appc-cdt|certman|local|request,ignoreIPs,showpass', 'org.onap.clamp|certman|local|request,ignoreIPs,showpass', 'org.onap.cli|certman|local|request,ignoreIPs,showpass', 'org.onap.dcae|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-bc-mm-prov|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-bc-topic-mgr|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-bc|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-dr|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-mr|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap.mr|certman|local|request,ignoreIPs,showpass', 'org.onap.msb-eag|certman|local|request,ignoreIPs,showpass', 'org.onap.msb-iag|certman|local|request,ignoreIPs,showpass', 'org.onap.music|certman|local|request,ignoreIPs,showpass', 'org.onap.nbi|certman|local|request,ignoreIPs,showpass', 'org.onap.oof|certman|local|request,ignoreIPs,showpass', 'org.onap.policy|certman|local|request,ignoreIPs,showpass', 'org.onap.pomba|certman|local|request,ignoreIPs,showpass', 'org.onap.portal|certman|local|request,ignoreIPs,showpass', 'org.onap.sdc|certman|local|request,ignoreIPs,showpass', 'org.onap.sdnc-cds|certman|local|request,ignoreIPs,showpass', 'org.onap.sdnc|certman|local|request,ignoreIPs,showpass', 'org.onap.so|certman|local|request,ignoreIPs,showpass', 'org.onap.vfc|certman|local|request,ignoreIPs,showpass', 'org.onap.vid1|certman|local|request,ignoreIPs,showpass', 'org.onap.vid2|certman|local|request,ignoreIPs,showpass', 'org.onap.vid|certman|local|request,ignoreIPs,showpass', 'org.osaaf.aaf|certman|local|request,ignoreIPs,showpass'}"
+org.osaaf.aaf|deploy|ONAP Deployment Role|"{'org.onap.aaf-sms|certman|local|request,ignoreIPs,showpass', 'org.onap.aai|certman|local|request,ignoreIPs,showpass', 'org.onap.aai-resources|certman|local|request,ignoreIPs,showpass', 'org.onap.appc|certman|local|request,ignoreIPs,showpass', 'org.onap.appc-cdt|certman|local|request,ignoreIPs,showpass', 'org.onap.clamp|certman|local|request,ignoreIPs,showpass', 'org.onap.cli|certman|local|request,ignoreIPs,showpass', 'org.onap.dcae|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-bc-mm-prov|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-bc-topic-mgr|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-bc|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-dr|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-mr|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap.mr|certman|local|request,ignoreIPs,showpass', 'org.onap.msb-eag|certman|local|request,ignoreIPs,showpass', 'org.onap.msb-iag|certman|local|request,ignoreIPs,showpass', 'org.onap.music|certman|local|request,ignoreIPs,showpass', 'org.onap.nbi|certman|local|request,ignoreIPs,showpass', 'org.onap.oof|certman|local|request,ignoreIPs,showpass', 'org.onap.policy|certman|local|request,ignoreIPs,showpass', 'org.onap.pomba|certman|local|request,ignoreIPs,showpass', 'org.onap.portal|certman|local|request,ignoreIPs,showpass', 'org.onap.sdc|certman|local|request,ignoreIPs,showpass', 'org.onap.sdnc-cds|certman|local|request,ignoreIPs,showpass', 'org.onap.sdnc|certman|local|request,ignoreIPs,showpass', 'org.onap.so|certman|local|request,ignoreIPs,showpass', 'org.onap.vfc|certman|local|request,ignoreIPs,showpass', 'org.onap.vid1|certman|local|request,ignoreIPs,showpass', 'org.onap.vid2|certman|local|request,ignoreIPs,showpass', 'org.onap.vid|certman|local|request,ignoreIPs,showpass', 'org.osaaf.aaf|certman|local|request,ignoreIPs,showpass'}"
org.osaaf.aaf|owner|AAF Owners|"{'org.osaaf.aaf.access|*|read,approve'}"
org.osaaf.aaf|service||"{'org.osaaf.aaf|cache|*|clear'}"
org.osaaf|admin|OSAAF Admins|"{'org.osaaf.access|*|*'}"
diff --git a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/user_role.dat b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/user_role.dat
index 05da180977..fe786016f5 100644
--- a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/user_role.dat
+++ b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/user_role.dat
@@ -2,6 +2,8 @@ mmanager@people.osaaf.org|org.onap.aaf-sms.admin|2020-11-26 12:31:54.000+0000|or
mmanager@people.osaaf.org|org.onap.aaf-sms.owner|2020-11-26 12:31:54.000+0000|org.onap.aaf-sms|owner
mmanager@people.osaaf.org|org.onap.aai.admin|2020-11-26 12:31:54.000+0000|org.onap.aai|admin
mmanager@people.osaaf.org|org.onap.aai.owner|2020-11-26 12:31:54.000+0000|org.onap.aai|owner
+mmanager@people.osaaf.org|org.onap.aai-resources.admin|2020-11-26 12:31:54.000+0000|org.onap.aai-resources|admin
+mmanager@people.osaaf.org|org.onap.aai-resources.owner|2020-11-26 12:31:54.000+0000|org.onap.aai-resources|owner
mmanager@people.osaaf.org|org.onap.admin|2020-11-26 12:31:54.000+0000|org.onap|admin
mmanager@people.osaaf.org|org.onap.appc.admin|2020-11-26 12:31:54.000+0000|org.onap.appc|admin
mmanager@people.osaaf.org|org.onap.appc.owner|2020-11-26 12:31:54.000+0000|org.onap.appc|owner
@@ -88,6 +90,7 @@ mmanager@people.osaaf.org|org.onap.vid.owner|2020-11-26 12:31:54.000+0000|org.on
mmanager@people.osaaf.org|org.osaaf.people.owner|2020-11-26 12:31:54.000+0000|org.osaaf.people|owner
portal@portal.onap.org|org.onap.aaf-sms.admin|2020-11-26 12:31:54.000+0000|org.onap.aaf-sms|admin
portal@portal.onap.org|org.onap.aai.admin|2020-11-26 12:31:54.000+0000|org.onap.aai|admin
+portal@portal.onap.org|org.onap.aai-resources.admin|2020-11-26 12:31:54.000+0000|org.onap.aai-resources|admin
portal@portal.onap.org|org.onap.appc.admin|2020-11-26 12:31:54.000+0000|org.onap.appc|admin
portal@portal.onap.org|org.onap.appc.apidoc|2020-11-26 12:31:54.000+0000|org.onap.appc|apidoc
portal@portal.onap.org|org.onap.appc.restconf|2020-11-26 12:31:54.000+0000|org.onap.appc|restconf
@@ -189,6 +192,7 @@ pm0001@people.osaaf.org|org.onap.sdc.TESTOR|2020-11-26 12:31:54.000+0000|org.ona
ps0001@people.osaaf.org|org.onap.sdc.TESTOR|2020-11-26 12:31:54.000+0000|org.onap.sdc|TESTOR
aaf_admin@people.osaaf.org|org.onap.aaf-sms.admin|2020-11-26 12:31:54.000+0000|org.onap.aaf-sms|admin
aaf_admin@people.osaaf.org|org.onap.aai.admin|2020-11-26 12:31:54.000+0000|org.onap.aai|admin
+aaf_admin@people.osaaf.org|org.onap.aai-resources.admin|2020-11-26 12:31:54.000+0000|org.onap.aai-resources|admin
aaf_admin@people.osaaf.org|org.onap.appc.admin|2020-11-26 12:31:54.000+0000|org.onap.appc|admin
aaf_admin@people.osaaf.org|org.onap.appc.apidoc|2020-11-26 12:31:54.000+0000|org.onap.appc|apidoc
aaf_admin@people.osaaf.org|org.onap.appc.restconf|2020-11-26 12:31:54.000+0000|org.onap.appc|restconf
@@ -252,6 +256,7 @@ aaf-sms@aaf-sms.onap.org|org.onap.aaf-sms.service|2020-11-26 12:31:54.000+0000|o
aai@aai.onap.org|org.onap.aai.admin|2020-11-26 12:31:54.000+0000|org.onap.aai|admin
aai@aai.onap.org|org.onap.aai.resources_all|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_all
aai@aai.onap.org|org.onap.aai.traversal_advanced|2020-11-26 12:31:54.000+0000|org.onap.aai|traversal_advanced
+aai-resources@aai-resources.onap.org|org.onap.aai-resources.service|2020-11-26 12:31:54.000+0000|org.onap.aai-resources|service
appc@appc.onap.org|org.onap.aai.resources_all|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_all
appc@appc.onap.org|org.onap.aai.traversal_advanced|2020-11-26 12:31:54.000+0000|org.onap.aai|traversal_advanced
appc@appc.onap.org|org.onap.appc.admin|2020-11-26 12:31:54.000+0000|org.onap.appc|admin
diff --git a/kubernetes/aaf/resources/data/identities.dat b/kubernetes/aaf/resources/data/identities.dat
index 1615fdfe4d..63815ad26c 100644
--- a/kubernetes/aaf/resources/data/identities.dat
+++ b/kubernetes/aaf/resources/data/identities.dat
@@ -52,6 +52,7 @@ aaf|AAF Application|AAF|Application|314-123-1234|no_reply@people.osaaf.com|a|aaf
aaf-sms|AAF SMS Application|AAF SMS|Application|314-123-1234|no_reply@people.osaaf.com|a|aaf_admin
clamp|ONAP CLAMP Application|CLAMP|Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
aai|ONAP AAI Application|AAI|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+aai-resources|ONAP AAI Resources Application|AAI Resources|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
appc|ONAP APPC Application|APPC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
appc-cdt|ONAP APPC CDT Application|APPC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
cli|ONAP CLI Application|SDNC-CDS|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager