summaryrefslogtreecommitdiffstats
path: root/kubernetes/policy/components/policy-clamp-ac-pf-ppnt
diff options
context:
space:
mode:
authorAndreas Geissler <andreas-geissler@telekom.de>2023-03-21 18:09:46 +0100
committerAndreas Geissler <andreas-geissler@telekom.de>2023-03-23 18:33:22 +0100
commitf10c5555b94780a402c5d62dce1e60dfe12390ec (patch)
tree0a9f54172cc89f68e4a04c43b23503b15eedef6f /kubernetes/policy/components/policy-clamp-ac-pf-ppnt
parentae76d2e31d845728ad34ea599a2254b77fd87132 (diff)
[POLICY] Cleanup of Helmcharts from AAF/TLS options
Remove AAF options and Certificate settings Disable Istio Sidecar injection for DB jobs due to problems during DB Migration Extended the timeouts for clamp-runtime-acm Issue-ID: OOM-3120 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: I802fa2038535524f4696513acd5aa7772e0a3f35
Diffstat (limited to 'kubernetes/policy/components/policy-clamp-ac-pf-ppnt')
-rw-r--r--kubernetes/policy/components/policy-clamp-ac-pf-ppnt/Chart.yaml3
-rw-r--r--kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml6
-rw-r--r--kubernetes/policy/components/policy-clamp-ac-pf-ppnt/templates/deployment.yaml14
-rw-r--r--kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml37
4 files changed, 4 insertions, 56 deletions
diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/Chart.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/Chart.yaml
index a7b7ba8cd8..3d56b169d4 100644
--- a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/Chart.yaml
+++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/Chart.yaml
@@ -25,9 +25,6 @@ dependencies:
- name: common
version: ~12.x-0
repository: '@local'
- - name: certInitializer
- version: ~12.x-0
- repository: '@local'
- name: repositoryGenerator
version: ~12.x-0
repository: '@local'
diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml
index 9bfeefaf76..f4c26e430a 100644
--- a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml
+++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/resources/config/PolicyParticipantParameters.yaml
@@ -39,7 +39,7 @@ participant:
port: 6969
userName: ${API_USER}
password: ${API_PASSWORD}
- useHttps: {{ (eq "true" (include "common.needTLS" .)) | ternary "true" "false" }}
+ useHttps: "false"
allowSelfSignedCerts: true
policyPapParameters:
clientName: pap
@@ -47,7 +47,7 @@ participant:
port: 6969
userName: ${PAP_USER}
password: ${PAP_PASSWORD}
- useHttps: {{ (eq "true" (include "common.needTLS" .)) | ternary "true" "false" }}
+ useHttps: "false"
allowSelfSignedCerts: true
intermediaryParameters:
reportingTimeIntervalMs: 120000
@@ -109,5 +109,5 @@ server:
servlet:
context-path: /onap/policyparticipant
ssl:
- enabled: {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
+ enabled: false
diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/templates/deployment.yaml
index 726daf1180..a13b9f712f 100644
--- a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/templates/deployment.yaml
+++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/templates/deployment.yaml
@@ -64,24 +64,12 @@ spec:
image: {{ include "repositoryGenerator.image.envsubst" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-update-config
-{{ include "common.certInitializer.initContainer" . | indent 6 }}
containers:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-{{- if .Values.global.aafEnabled }}
- command: ["sh","-c"]
- args: ["source {{ .Values.certInitializer.credsPath }}/.ci;\
- /opt/app/policy/clamp/bin/policy-participant.sh /opt/app/policy/clamp/etc/mounted/PolicyParticipantParameters.yaml"]
-{{- else }}
command: ["/opt/app/policy/clamp/bin/policy-participant.sh"]
args: ["/opt/app/policy/clamp/etc/mounted/PolicyParticipantParameters.yaml"]
- env:
- - name: KEYSTORE_PASSWD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 12 }}
- - name: TRUSTSTORE_PASSWD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 12 }}
-{{- end }}
ports: {{ include "common.containerPorts" . | nindent 12 }}
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
@@ -98,7 +86,6 @@ spec:
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
-{{ include "common.certInitializer.volumeMount" . | indent 10 }}
- mountPath: /etc/localtime
name: localtime
readOnly: true
@@ -115,7 +102,6 @@ spec:
{{- end }}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
-{{ include "common.certInitializer.volumes" . | indent 8 }}
- name: localtime
hostPath:
path: /etc/localtime
diff --git a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml
index 206d6e37fa..83839f80bf 100644
--- a/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml
+++ b/kubernetes/policy/components/policy-clamp-ac-pf-ppnt/values.yaml
@@ -21,7 +21,6 @@
#################################################################
global:
persistence: {}
- aafEnabled: false
#Strimzi Kafka properties
useStrimziKafka: set-via-parent-chart-global-value
kafkaTopics:
@@ -50,39 +49,6 @@ secrets:
login: '{{ .Values.restServer.pap.user }}'
password: '{{ .Values.restServer.pap.password }}'
passwordPolicy: required
- - uid: keystore-password
- type: password
- externalSecret: '{{ tpl (default "" .Values.certStores.keyStorePasswordExternalSecret) . }}'
- password: '{{ .Values.certStores.keyStorePassword }}'
- passwordPolicy: required
- - uid: truststore-password
- type: password
- externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}'
- password: '{{ .Values.certStores.trustStorePassword }}'
- passwordPolicy: required
-
-certStores:
- keyStorePassword: Pol1cy_0nap
- trustStorePassword: Pol1cy_0nap
-
-certInitializer:
- nameOverride: policy-clamp-ac-pf-ppnt-cert-initializer
- aafDeployFqi: deployer@people.osaaf.org
- aafDeployPass: demo123456!
- fqdn: policy
- fqi: policy@policy.onap.org
- public_fqdn: policy.onap.org
- cadi_latitude: "0.0"
- cadi_longitude: "0.0"
- credsPath: /opt/app/osaaf/local
- app_ns: org.osaaf.aaf
- uid: 100
- gid: 101
- aaf_add_config: >
- echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" > {{ .Values.credsPath }}/.ci;
- echo "export KEYSTORE_PASSWD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci;
- chown -R {{ .Values.uid }}:{{ .Values.gid }} $(dirname {{ .Values.credsPath }});
-
#################################################################
# Application configuration defaults.
@@ -135,11 +101,10 @@ readiness:
service:
type: ClusterIP
name: *componentName
- useNodePortExt: true
+ internalPort: 8085
ports:
- name: http-api
port: 8085
- nodePort: 42
flavor: small
resources: