diff options
author | Vijay Venkatesh Kumar <vv770d@att.com> | 2021-07-26 16:53:11 -0400 |
---|---|---|
committer | Vijay Venkatesh Kumar <vv770d@att.com> | 2021-08-25 14:16:02 +0000 |
commit | 6259f50ad9a1f628a3e43225fca8e5580e87ed91 (patch) | |
tree | 5e356ebe152c8477da076b2ca1dd63c7fe191b24 /kubernetes/dcaegen2-services | |
parent | 529604f9b5eccb8bb0953b8ee1c96634156a57d4 (diff) |
[DCAE] Svc template support for policy release override
As ONAP (and policy framework) can be deployed with any release name,
the policy sidecar must support releasename as configuration.
The releasename is important to identify the K8S secret
created by Policy Framework (for retreiving the username/password
config required by Policy-Sidecar container).
Change-Id: I9145da841c68b585f2ad5f54c7df155470763f4f
Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com>
Issue-ID: DCAEGEN2-2870
Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com>
Diffstat (limited to 'kubernetes/dcaegen2-services')
-rw-r--r-- | kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl | 21 | ||||
-rw-r--r-- | kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml | 3 |
2 files changed, 19 insertions, 5 deletions
diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl index 2d68b38771..8738b1099e 100644 --- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl +++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl @@ -207,14 +207,27 @@ The sidecar is included if .Values.policies is set. The Policy-sync sidecar polls PolicyEngine (PDP) periodically based on .Values.policies.duration and configuration retrieved is shared with DCAE Microservice container by common volume. Policy can be retrieved based on -list of policyID or filter +list of policyID or filter. An optional policyRelease parameter can be specified +to override the default policy helm release (used for retreiving the secret containing +pdp username and password) + +Following is example policy config override + +dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1 +policies: + duration: 300 + policyRelease: "onap" + policyID: | + '["onap.vfirewall.tca","onap.vdns.tca"]' */}} {{- define "dcaegen2-services-common.microserviceDeployment" -}} {{- $logDir := default "" .Values.logDirectory -}} {{- $certDir := default "" .Values.certDirectory . -}} {{- $tlsServer := default "" .Values.tlsServer -}} -{{- $policy := default "" .Values.policies -}} +{{- $commonRelease := print (include "common.release" .) -}} +{{- $policy := default dict .Values.policies -}} +{{- $policyRls := default $commonRelease $policy.policyRelease -}} {{- $drFeedConfig := default "" .Values.drFeedConfig -}} apiVersion: apps/v1 @@ -384,12 +397,12 @@ spec: - name: POLICY_SYNC_PDP_USER valueFrom: secretKeyRef: - name: onap-policy-xacml-pdp-api-creds + name: {{ $policyRls }}-policy-xacml-pdp-api-creds key: login - name: POLICY_SYNC_PDP_PASS valueFrom: secretKeyRef: - name: onap-policy-xacml-pdp-api-creds + name: {{ $policyRls }}-policy-xacml-pdp-api-creds key: password - name: POLICY_SYNC_PDP_URL value : http{{ if (include "common.needTLS" .) }}s{{ end }}://policy-xacml-pdp:6969 diff --git a/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml b/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml index a26c66366b..09529c8bb8 100644 --- a/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-tcagen2/values.yaml @@ -91,8 +91,9 @@ service: #dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1 #policies: # duration: 300 +# policyRelease: "onap" # policyID: | -# '["onap.vfirewall.tca","abc"]' +# '["onap.vfirewall.tca","onap.vdns.tca"]' # filter: | # '["DCAE.Config_vfirewall_.*"]' |