[POLICY] Service Mesh Compliance for Policy

Updating the basic requirements for Service Mesh Compliance within Policy. Changing the DB jobs and updating the configuration files to use HTTP Issue-ID: OOM-2253 Change-Id: If1aed68f0ed2f00d6a5cf06e5f95837f9405f65b Signed-off-by: amatthews <adrian.matthews@est.tech> Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
author: amatthews <adrian.matthews@est.tech> 2021-12-14 16:04:15 +0000
committer: jhh <jorge.hernandez-herrero@att.com> 2022-10-12 18:20:13 -0500
commit: 736bf37d0369fd88154f228efa4d94dd37156486 (patch)
tree: 3f5ff0031b8c2a1264a0543e0e9b556491c7486d /kubernetes/policy/components/policy-api
parent: 1712ea65fb6d28e88bcf579dad6b980ea002432e (diff)
4 files changed, 8 insertions, 7 deletions
diff --git a/kubernetes/policy/components/policy-api/resources/config/apiParameters.yaml b/kubernetes/policy/components/policy-api/resources/config/apiParameters.yaml
index 92f580942e..bcee4d35d1 100644
--- a/kubernetes/policy/components/policy-api/resources/config/apiParameters.yaml
+++ b/kubernetes/policy/components/policy-api/resources/config/apiParameters.yaml
@@ -19,6 +19,8 @@
 
 server:
   port: {{ .Values.service.internalPort }}
+  ssl:
+    enabled: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
 
 spring:
   security.user:
@@ -26,7 +28,7 @@ spring:
     password: "${RESTSERVER_PASSWORD}"
   mvc.converters.preferred-json-mapper: gson
   datasource:
-    url: jdbc:mariadb://{{ .Values.db.service.name }}:{{ .Values.db.service.internalPort}}/policyadmin
+    url: jdbc:mariadb://{{ .Values.db.service.name }}/policyadmin
     driverClassName: org.mariadb.jdbc.Driver
     username: "${SQL_USER}"
     password: "${SQL_PASSWORD}"
@@ -50,7 +52,7 @@ database:
   name: PolicyProviderParameterGroup
   implementation: org.onap.policy.models.provider.impl.DatabasePolicyModelsProviderImpl
   driver: org.mariadb.jdbc.Driver
-  url: jdbc:mariadb://{{ .Values.db.service.name }}:{{ .Values.db.service.internalPort}}/policyadmin
+  url: jdbc:mariadb://{{ .Values.db.service.name }}/policyadmin
   user: "${SQL_USER}"
   password: "${SQL_PASSWORD}"
   persistenceUnit: PolicyDb
diff --git a/kubernetes/policy/components/policy-api/templates/deployment.yaml b/kubernetes/policy/components/policy-api/templates/deployment.yaml
index f19233e3b4..c4946a8263 100755
--- a/kubernetes/policy/components/policy-api/templates/deployment.yaml
+++ b/kubernetes/policy/components/policy-api/templates/deployment.yaml
@@ -92,7 +92,7 @@ spec:
               httpHeaders:
                 - name: Authorization
                   value: Basic {{ printf "%s:%s" .Values.restServer.user .Values.restServer.password | b64enc }}
-              scheme: {{ .Values.readiness.scheme }}
+              scheme: {{ if (include "common.needTLS" .) }}HTTPS{{ else }}HTTP{{ end }}
             successThreshold: {{ .Values.readiness.successThreshold }}
             failureThreshold: {{ .Values.readiness.failureThreshold }}
             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
diff --git a/kubernetes/policy/components/policy-api/templates/service.yaml b/kubernetes/policy/components/policy-api/templates/service.yaml
index a1b5585db6..b5dee39e60 100755
--- a/kubernetes/policy/components/policy-api/templates/service.yaml
+++ b/kubernetes/policy/components/policy-api/templates/service.yaml
@@ -34,11 +34,11 @@ spec:
     {{if eq .Values.service.type "NodePort" -}}
     - port: {{ .Values.service.internalPort }}
       nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}
     {{- else -}}
     - port: {{ .Values.service.externalPort }}
       targetPort: {{ .Values.service.internalPort }}
-      name: {{ .Values.service.portName }}
+      name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}
     {{- end}}
   selector:
     app: {{ include "common.name" . }}
diff --git a/kubernetes/policy/components/policy-api/values.yaml b/kubernetes/policy/components/policy-api/values.yaml
index 45e54ed3aa..d77929dc42 100755
--- a/kubernetes/policy/components/policy-api/values.yaml
+++ b/kubernetes/policy/components/policy-api/values.yaml
@@ -116,7 +116,6 @@ readiness:
   initialDelaySeconds: 10
   periodSeconds: 120
   api: /policy/api/v1/healthcheck
-  scheme: HTTPS
   successThreshold: 1
   failureThreshold: 3
   timeout: 60
@@ -124,7 +123,7 @@ readiness:
 service:
   type: ClusterIP
   name: policy-api
-  portName: policy-api
+  portName: http
   externalPort: 6969
   internalPort: 6969
   nodePort: 40
author	amatthews <adrian.matthews@est.tech>	2021-12-14 16:04:15 +0000
committer	jhh <jorge.hernandez-herrero@att.com>	2022-10-12 18:20:13 -0500
commit	736bf37d0369fd88154f228efa4d94dd37156486 (patch)
tree	3f5ff0031b8c2a1264a0543e0e9b556491c7486d /kubernetes/policy/components/policy-api
parent	1712ea65fb6d28e88bcf579dad6b980ea002432e (diff)