diff options
author | Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2020-05-29 11:58:46 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2020-05-29 11:58:46 +0000 |
commit | 6c988d8ecf867cf1788f984120a380d386e95a9e (patch) | |
tree | 167954f19d4f6dc5be924168584381e3795f379c /kubernetes/portal/components/portal-sdk | |
parent | e14332541c971f4f158f22a93cbcd6dc2e74c6b9 (diff) | |
parent | 305b209ee53c6b581ae0f0348d948366ecbf02b5 (diff) |
Merge changes I9b3c7aab,Ia75ba66d,I66886290,I630154c4,I42bb5a88, ... into frankfurt
* changes:
[COMMON] Use common aaf template in elasticsearch
[PORTAL] Move portal subcharts to components
[SDNC] Use common aaf template in sdnc
[COMMON] Fix certInitializer to use proper global values
[DMAAP] Use common aaf template in dmaap-bc
[COMMON] Fix certInitializer
[COMMON] Override truststore in aaf_agent image
Diffstat (limited to 'kubernetes/portal/components/portal-sdk')
16 files changed, 1103 insertions, 0 deletions
diff --git a/kubernetes/portal/components/portal-sdk/.helmignore b/kubernetes/portal/components/portal-sdk/.helmignore new file mode 100644 index 0000000000..daebc7da77 --- /dev/null +++ b/kubernetes/portal/components/portal-sdk/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/kubernetes/portal/components/portal-sdk/Chart.yaml b/kubernetes/portal/components/portal-sdk/Chart.yaml new file mode 100644 index 0000000000..766cc10f1b --- /dev/null +++ b/kubernetes/portal/components/portal-sdk/Chart.yaml @@ -0,0 +1,19 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Portal software development kit +name: portal-sdk +version: 6.0.0 diff --git a/kubernetes/portal/components/portal-sdk/requirements.yaml b/kubernetes/portal/components/portal-sdk/requirements.yaml new file mode 100644 index 0000000000..c5d7864b9d --- /dev/null +++ b/kubernetes/portal/components/portal-sdk/requirements.yaml @@ -0,0 +1,18 @@ +# Copyright © 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~6.x-0 + repository: '@local' diff --git a/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/fusion.properties b/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/fusion.properties new file mode 100644 index 0000000000..5c24429cdb --- /dev/null +++ b/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/fusion.properties @@ -0,0 +1,49 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# login settings +login_method_backdoor = backdoor +login_method_attribute_name = login_method + +# These properties will be removed after SingleSignOnController is cleaned +authentication_mechanism = BOTH +login_method_csp = csp +login_method_web_junction = web_junction + +#login message +login.error.hrid.empty = Login failed, please contact system administrator. +login.error.hrid.not-found = User not found, please contact system administrator. +login.error.user.inactive = Account is disabled, please contact system administrator. + +# User Session settings +user_attribute_name = user +roles_attribute_name = roles +role_function_list = role_function_list +role_functions_attribute_name = role_functions + +# Import-user LDAP settings +post_initial_context_factory = com.sun.jndi.ldap.LdapCtxFactory +post_provider_url = ldap://ldap.mycompany.com:389 +post_security_principal = ou=people,o=mycompany,c=us +post_max_result_size = 499 + +# menu settings +menu_query_name = menuData +application_menu_set_name = APP +application_menu_attribute_name = applicationMenuData +business_direct_menu_set_name = BD +business_direct_menu_attribute_name = businessDirectMenuData + +# Role settings +sys_admin_role_id = 1 diff --git a/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/logback.xml b/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/logback.xml new file mode 100644 index 0000000000..85e1eed648 --- /dev/null +++ b/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/logback.xml @@ -0,0 +1,222 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ============LICENSE_START==========================================
+ ONAP Portal SDK
+ ===================================================================
+ Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ Modifications Copyright © 2018 Amdocs, Bell Canada
+
+ ===================================================================
+
+ Unless otherwise specified, all software contained herein is licensed
+ under the Apache License, Version 2.0 (the “License”);
+ you may not use this software except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+ Unless otherwise specified, all documentation contained herein is licensed
+ under the Creative Commons License, Attribution 4.0 Intl. (the “License”);
+ you may not use this documentation except in compliance with the License.
+ You may obtain a copy of the License at
+
+ https://creativecommons.org/licenses/by/4.0/
+
+ Unless required by applicable law or agreed to in writing, documentation
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+ ============LICENSE_END============================================
+
+ -->
+<configuration scan="true" scanPeriod="3 seconds" debug="true">
+ <!--<jmxConfigurator /> -->
+ <!-- specify the component name -->
+ <property name="componentName" value="onapsdk"></property>
+ <!-- specify the base path of the log directory -->
+ <property name="logDirPrefix" value="/var/log/onap"></property>
+ <!-- The directories where logs are written -->
+ <property name="logDirectory" value="${logDirPrefix}/${componentName}" />
+ <!-- Can easily relocate debug logs by modifying this path. -->
+ <property name="debugLogDirectory" value="${logDirPrefix}/${componentName}" />
+ <!-- log file names -->
+ <property name="generalLogName" value="application" />
+ <property name="errorLogName" value="error" />
+ <property name="metricsLogName" value="metrics" />
+ <property name="auditLogName" value="audit" />
+ <property name="debugLogName" value="debug" />
+ <!--
+ These loggers are not used in code (yet).
+ <property name="securityLogName" value="security" /><property name="policyLogName" value="policy" /><property name="performanceLogName" value="performance" /><property name="serverLogName" value="server" />
+ -->
+ <!-- 1610 Logging Fields Format Revisions -->
+ <property name="auditLoggerPattern" value="%X{AuditLogBeginTimestamp}|%X{AuditLogEndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{Timer}|%X{ServerFQDN}|%X{ClientIPAddress}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| %msg%n" />
+ <property name="metricsLoggerPattern" value="%X{MetricsLogBeginTimestamp}|%X{MetricsLogEndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{Timer}|%X{ServerFQDN}|%X{ClientIPAddress}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVisualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| %msg%n" />
+ <property name="errorLoggerPattern" value="%date{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestId}|%thread|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{ClassName}|%X{AlertSeverity}|%X{ErrorCode}|%X{ErrorDescription}| %msg%n" />
+ <property name="defaultLoggerPattern" value="%date{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestId}|%thread|%X{ClassName}| %msg%n" />
+ <!-- use %class so library logging calls yield their class name -->
+ <property name="applicationLoggerPattern" value="%date{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestId}|%thread|%class{36}| %msg%n" />
+ <!-- Example evaluator filter applied against console appender -->
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>${defaultLoggerPattern}</pattern>
+ </encoder>
+ </appender>
+ <!-- ============================================================================ -->
+ <!-- EELF Appenders -->
+ <!-- ============================================================================ -->
+ <!-- The EELFAppender is used to record events to the general application
+ log -->
+ <appender name="EELF" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${generalLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- daily rollover -->
+ <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip</fileNamePattern>
+ <!-- keep 30 days' worth of history capped at 3GB total size -->
+ <maxHistory>30</maxHistory>
+ <totalSizeCap>3GB</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${applicationLoggerPattern}</pattern>
+ </encoder>
+ <filter class="org.onap.portalapp.util.CustomLoggingFilter" />
+ </appender>
+ <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <!-- Class name is part of caller data -->
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="EELF" />
+ </appender>
+ <!-- EELF Security Appender. This appender is used to record security events
+ to the security log file. Security events are separate from other loggers
+ in EELF so that security log records can be captured and managed in a secure
+ way separate from the other logs. This appender is set to never discard any
+ events. -->
+ <!--
+ <appender name="EELFSecurity" class="ch.qos.logback.core.rolling.RollingFileAppender"><file>${logDirectory}/${securityLogName}.log</file><rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"><fileNamePattern>${logDirectory}/${securityLogName}.%i.log.zip
+ </fileNamePattern><minIndex>1</minIndex><maxIndex>9</maxIndex></rollingPolicy><triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"><maxFileSize>5MB</maxFileSize></triggeringPolicy><encoder><pattern>${defaultPattern}</pattern></encoder></appender><appender name="asyncEELFSecurity" class="ch.qos.logback.classic.AsyncAppender"><queueSize>256</queueSize><discardingThreshold>0</discardingThreshold><appender-ref ref="EELFSecurity" /></appender>
+ -->
+ <!-- EELF Performance Appender. This appender is used to record performance
+ records. -->
+ <!--
+ <appender name="EELFPerformance" class="ch.qos.logback.core.rolling.RollingFileAppender"><file>${logDirectory}/${performanceLogName}.log</file><rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"><fileNamePattern>${logDirectory}/${performanceLogName}.%i.log.zip
+ </fileNamePattern><minIndex>1</minIndex><maxIndex>9</maxIndex></rollingPolicy><triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"><maxFileSize>5MB</maxFileSize></triggeringPolicy><encoder><outputPatternAsHeader>true</outputPatternAsHeader><pattern>${defaultPattern}</pattern></encoder></appender><appender name="asyncEELFPerformance" class="ch.qos.logback.classic.AsyncAppender"><queueSize>256</queueSize><appender-ref ref="EELFPerformance" /></appender>
+ -->
+ <!-- EELF Server Appender. This appender is used to record Server related
+ logging events. The Server logger and appender are specializations of the
+ EELF application root logger and appender. This can be used to segregate Server
+ events from other components, or it can be eliminated to record these events
+ as part of the application root log. -->
+ <!--
+ <appender name="EELFServer" class="ch.qos.logback.core.rolling.RollingFileAppender"><file>${logDirectory}/${serverLogName}.log</file><rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"><fileNamePattern>${logDirectory}/${serverLogName}.%i.log.zip
+ </fileNamePattern><minIndex>1</minIndex><maxIndex>9</maxIndex></rollingPolicy><triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"><maxFileSize>5MB</maxFileSize></triggeringPolicy><encoder><pattern>${defaultPattern}</pattern></encoder></appender><appender name="asyncEELFServer" class="ch.qos.logback.classic.AsyncAppender"><queueSize>256</queueSize><appender-ref ref="EELFServer" /></appender>
+ -->
+ <!-- EELF Policy Appender. This appender is used to record Policy engine
+ related logging events. The Policy logger and appender are specializations
+ of the EELF application root logger and appender. This can be used to segregate
+ Policy engine events from other components, or it can be eliminated to record
+ these events as part of the application root log. -->
+ <!--
+ <appender name="EELFPolicy" class="ch.qos.logback.core.rolling.RollingFileAppender"><file>${logDirectory}/${policyLogName}.log</file><rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"><fileNamePattern>${logDirectory}/${policyLogName}.%i.log.zip
+ </fileNamePattern><minIndex>1</minIndex><maxIndex>9</maxIndex></rollingPolicy><triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"><maxFileSize>5MB</maxFileSize></triggeringPolicy><encoder><pattern>${defaultPattern}</pattern></encoder></appender><appender name="asyncEELFPolicy" class="ch.qos.logback.classic.AsyncAppender"><queueSize>256</queueSize><appender-ref ref="EELFPolicy" /></appender>
+ -->
+ <!-- EELF Audit Appender. This appender is used to record audit engine
+ related logging events. The audit logger and appender are specializations
+ of the EELF application root logger and appender. This can be used to segregate
+ Policy engine events from other components, or it can be eliminated to record
+ these events as part of the application root log. -->
+ <appender name="EELFAudit" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${auditLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- daily rollover -->
+ <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip</fileNamePattern>
+ <!-- keep 30 days' worth of history capped at 3GB total size -->
+ <maxHistory>30</maxHistory>
+ <totalSizeCap>3GB</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${auditLoggerPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFAudit" />
+ </appender>
+ <appender name="EELFMetrics" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${metricsLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- daily rollover -->
+ <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip</fileNamePattern>
+ <!-- keep 30 days' worth of history capped at 3GB total size -->
+ <maxHistory>30</maxHistory>
+ <totalSizeCap>3GB</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${metricsLoggerPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFMetrics"/>
+ </appender>
+ <appender name="EELFError" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${errorLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- daily rollover -->
+ <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.log.zip</fileNamePattern>
+ <!-- keep 30 days' worth of history capped at 3GB total size -->
+ <maxHistory>30</maxHistory>
+ <totalSizeCap>3GB</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${errorLoggerPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFError"/>
+ </appender>
+ <appender name="EELFDebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${debugLogDirectory}/${debugLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- daily rollover -->
+ <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip</fileNamePattern>
+ <!-- keep 30 days' worth of history capped at 3GB total size -->
+ <maxHistory>30</maxHistory>
+ <totalSizeCap>3GB</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${defaultLoggerPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFDebug" />
+ </appender>
+ <logger name="org.onap.eelf" level="info" additivity="false">
+ <appender-ref ref="asyncEELF" />
+ </logger>
+ <logger name="org.onap.eelf.audit" level="info" additivity="false">
+ <appender-ref ref="asyncEELFAudit" />
+ </logger>
+ <logger name="org.onap.eelf.debug" level="debug" additivity="false">
+ <appender-ref ref="asyncEELFDebug" />
+ </logger>
+ <logger name="org.onap.eelf.error" level="info" additivity="false">
+ <appender-ref ref="asyncEELFError" />
+ </logger>
+ <logger name="org.onap.eelf.metrics" level="info" additivity="false">
+ <appender-ref ref="asyncEELFMetrics" />
+ </logger>
+ <root level="DEBUG">
+ <appender-ref ref="asyncEELF" />
+ </root>
+</configuration>
diff --git a/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/music.properties b/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/music.properties new file mode 100644 index 0000000000..8881cc2f2d --- /dev/null +++ b/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/music.properties @@ -0,0 +1,35 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +music.version = v2 +music.keyspace = keyspaces +music.session.keyspace = portalsdk +music.tables = tables +music.session.attr.tables = spring_session_attributes +music.session.meta.tables = spring_session +music.consistency.info = type +music.consistency.info.value = eventual +music.cache = false +music.session.max.inactive.interval.seconds = 1800 +music.serialize.compress = true + +#By default it's eventual +music.atomic.get = false +music.atomic.put = true + +cassandra.host={{.Values.cassandra.service.name}} +zookeeper.host={{.Values.zookeeper.service.name}} +cassandra.user={{.Values.cassandra.config.cassandraUsername}} +cassandra.password={{.Values.cassandra.config.cassandraPassword}} diff --git a/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/portal.properties b/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/portal.properties new file mode 100755 index 0000000000..2ccace545a --- /dev/null +++ b/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/portal.properties @@ -0,0 +1,60 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# Properties read by ECOMP Framework library, ecompFW.jar + +########################################################################## +# The following properties should NOT be changed by partner applications. +########################################################################## + +portal.api.prefix = /api +max.idle.time = 5 +user.attribute.name = user_attribute + +#Use REST API instead of UEB to fetch the functional menu data +use_rest_for_functional_menu=true + +########################################################################## +# The following properties MUST be changed by partner applications. +########################################################################## + +# Name of java class that implements the OnBoardingApiService interface. +# epsdk 1.3 uses org.onap prefix +portal.api.impl.class = org.onap.portalapp.service.OnBoardingApiServiceImpl + +# CSP Global Log On for single sign on +ecomp_redirect_url = http://{{.Values.global.portalHostName}}:{{.Values.global.portalFEPort}}/ONAPPORTAL/login.htm + +# URL of the ECOMP Portal REST API + +ecomp_rest_url = http://{{.Values.global.portalHostName}}:{{.Values.global.portalPort}}/ONAPPORTAL/auxapi + +# Applications do not need to run a UEB listener in 1610. +ueb_listeners_enable = false + +# UEB Configuration +ueb_url_list = message-router +# ECOMP Portal listens on this UEB topic +ecomp_portal_inbox_name = ECOMP-PORTAL-INBOX +# Replace these 3 default values with the ones for your specific App, +# as shown on the on-boarding page on the ECOMP Portal web application. +ueb_app_key = jQd4a9zVNi4ePyBp +ueb_app_secret = P0HpqEBhKJvxjRYdw2sCTUll +ueb_app_mailbox_name = ECOMP-PORTAL-OUTBOX-APP1 +# Consumer group name for UEB topic. +# Use the special tag '{UUID}' to generate a unique one for each sdk-app server. +ueb_app_consumer_group_name = {UUID} + +decryption_key = AGLDdG4D04BKm2IxIWEr8o== diff --git a/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties b/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties new file mode 100755 index 0000000000..2a2ec59d5c --- /dev/null +++ b/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties @@ -0,0 +1,93 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# Properties read by ECOMP Core library, ecompSDK-core.jar + +########################################################################## +# The following properties should NOT be changed by partner applications. +########################################################################## + +application_user_id = 30000 +post_default_role_id = 16 +clustered = true + +#Enable Fusion Mobile capabilities for the application +mobile_enable = false + +# Cache config file is needed on the classpath +cache_config_file_path = /WEB-INF/classes/cache.ccf +cache_switch = 199 +cache_load_on_startup = false + +user_name = fullName +decryption_key = AGLDdG4D04BKm2IxIWEr8o== + +########################################################################## +# The following properties MAY require changes by partner applications. +########################################################################## + +db.driver = org.mariadb.jdbc.Driver +db.connectionURL = jdbc:mariadb://portal-db:3306/ecomp_sdk +db.userName = root +db.password = Aa123456 +db.min_pool_size = 5 +db.max_pool_size = 10 +hb.dialect = org.hibernate.dialect.MySQLDialect +# SQL statements are logged to stdout +hb.show_sql = true +hb.idle_connection_test_period = 3600 + +app_display_name = Demo App +files_path = /tmp + +#element map files +element_map_file_path = /tmp +element_map_icon_path = app/fusionapp/icons/ + +#Cron Schedules +log_cron = 0 0/1 * * * ?; +mylogins_feed_cron = 0 0/60 * * * ?; +#sessiontimeout_feed_cron = 0 * * * * ? * +my_login_feed_output_dir = /tmp/MyLogins + +# Link shown in Help menu +contact_us_link = https://todo_contact_us_link.com + +# An Unique 128-bit value defined to identify a specific version +# of an application deployed on a specific virtual machine. +# This value must be generated and updated by the application +# which is using the ECOMP SDK at the time of its deployment. +# Online Unique UUID generator - https://www.uuidgenerator.net/ +instance_uuid=8da691c9-987d-43ed-a358-00ac2f35685d + +# R Cloud feature - configure this property to enable notebook feature - for more details on RCloud please visit https://rcloud.social/index.html +guard_notebook_url= + +#authenticate user server +#TODO: what is this URL supposed to be pointing to? Nothing in portal opens 8383 +authenticate_user_server=http://{{.Values.global.portalHostName}}:8383/openid-connect-server-webapp/allUsers + +#cookie domain +cookie_domain = onap.org + +# External Central Auth system access +remote_centralized_system_access = {{.Values.global.aafEnabled}} + +# External Access System Basic Auth Credentials & Rest endpoint +# External Access System Basic Auth Credentials & Rest endpoint +ext_central_access_user_name = aaf_admin@people.osaaf.org +ext_central_access_password = demo123456! +ext_central_access_url = {{.Values.aafURL}} +ext_central_access_user_domain = @people.osaaf.org
\ No newline at end of file diff --git a/kubernetes/portal/components/portal-sdk/resources/server/server.xml b/kubernetes/portal/components/portal-sdk/resources/server/server.xml new file mode 100644 index 0000000000..dffcfbe419 --- /dev/null +++ b/kubernetes/portal/components/portal-sdk/resources/server/server.xml @@ -0,0 +1,155 @@ +<?xml version='1.0' encoding='utf-8'?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + + Modifications to this file for use in ONAP are also subject to the Apache-2.0 license. +--> +<!-- Note: A "Server" is not itself a "Container", so you may not + define subcomponents such as "Valves" at this level. + Documentation at /docs/config/server.html + --> +<Server port="8005" shutdown="SHUTDOWN"> + <Listener className="org.apache.catalina.startup.VersionLoggerListener" logArgs="false"/> + <!-- Security listener. Documentation at /docs/config/listeners.html + <Listener className="org.apache.catalina.security.SecurityListener" /> + --> + <!--APR library loader. Documentation at /docs/apr.html --> + <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" /> + <!-- Prevent memory leaks due to use of particular java/javax APIs--> + <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" /> + <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" /> + <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" /> + + <!-- Global JNDI resources + Documentation at /docs/jndi-resources-howto.html + --> + <GlobalNamingResources> + <!-- Editable user database that can also be used by + UserDatabaseRealm to authenticate users + --> + <Resource name="UserDatabase" auth="Container" + type="org.apache.catalina.UserDatabase" + description="User database that can be updated and saved" + factory="org.apache.catalina.users.MemoryUserDatabaseFactory" + pathname="conf/tomcat-users.xml" /> + </GlobalNamingResources> + + <!-- A "Service" is a collection of one or more "Connectors" that share + a single "Container" Note: A "Service" is not itself a "Container", + so you may not define subcomponents such as "Valves" at this level. + Documentation at /docs/config/service.html + --> + <Service name="Catalina"> + + <!--The connectors can use a shared executor, you can define one or more named thread pools--> + <!-- + <Executor name="tomcatThreadPool" namePrefix="catalina-exec-" + maxThreads="150" minSpareThreads="4"/> + --> + + + <!-- A "Connector" represents an endpoint by which requests are received + and responses are returned. Documentation at : + Java HTTP Connector: /docs/config/http.html (blocking & non-blocking) + Java AJP Connector: /docs/config/ajp.html + APR (HTTP/AJP) Connector: /docs/apr.html + Define a non-SSL/TLS HTTP/1.1 Connector on port 8080 + --> + <Connector port="8080" protocol="HTTP/1.1" + connectionTimeout="20000" + {{ if .Values.global.aafEnabled }} + redirectPort="8443" + {{ end }} + /> + <!-- A "Connector" using the shared thread pool--> + <!-- + <Connector executor="tomcatThreadPool" + port="8080" protocol="HTTP/1.1" + connectionTimeout="20000" + redirectPort="8443" /> + --> + <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443 + This connector uses the NIO implementation that requires the JSSE + style configuration. When using the APR/native implementation, the + OpenSSL style configuration is required as described in the APR/native + documentation --> + <!-- + <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" + maxThreads="150" SSLEnabled="true" scheme="https" secure="true" + clientAuth="false" sslProtocol="TLS" /> + --> + {{ if .Values.global.aafEnabled }} + <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" + maxThreads="150" SSLEnabled="true" scheme="https" secure="true" + keystoreFile="{{.Values.aafConfig.credsPath}}/{{.Values.aafConfig.keystoreFile}}" + keystorePass="${javax.net.ssl.keyStorePassword}" + clientAuth="false" sslProtocol="TLS" /> + {{ end }} + <!-- Define an AJP 1.3 Connector on port 8009 --> + <Connector port="8009" protocol="AJP/1.3" + {{ if .Values.global.aafEnabled }} + redirectPort="8443" + {{ end }} + /> + + + <!-- An Engine represents the entry point (within Catalina) that processes + every request. The Engine implementation for Tomcat stand alone + analyzes the HTTP headers included with the request, and passes them + on to the appropriate Host (virtual host). + Documentation at /docs/config/engine.html --> + + <!-- You should set jvmRoute to support load-balancing via AJP ie : + <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1"> + --> + <Engine name="Catalina" defaultHost="localhost"> + + <!--For clustering, please take a look at documentation at: + /docs/cluster-howto.html (simple how to) + /docs/config/cluster.html (reference documentation) --> + <!-- + <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/> + --> + + <!-- Use the LockOutRealm to prevent attempts to guess user passwords + via a brute-force attack --> + <Realm className="org.apache.catalina.realm.LockOutRealm"> + <!-- This Realm uses the UserDatabase configured in the global JNDI + resources under the key "UserDatabase". Any edits + that are performed against this UserDatabase are immediately + available for use by the Realm. --> + <Realm className="org.apache.catalina.realm.UserDatabaseRealm" + resourceName="UserDatabase"/> + </Realm> + + <Host name="localhost" appBase="webapps" + unpackWARs="true" autoDeploy="true"> + + <!-- SingleSignOn valve, share authentication between web applications + Documentation at: /docs/config/valve.html --> + <!-- + <Valve className="org.apache.catalina.authenticator.SingleSignOn" /> + --> + <!-- Access log processes all example. + Documentation at: /docs/config/valve.html + Note: The pattern used is equivalent to using pattern="common" --> + <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" + prefix="localhost_access_log" suffix=".txt" + pattern="%h %l %u %t "%r" %s %b" /> + </Host> + </Engine> + </Service> +</Server>
\ No newline at end of file diff --git a/kubernetes/portal/components/portal-sdk/templates/NOTES.txt b/kubernetes/portal/components/portal-sdk/templates/NOTES.txt new file mode 100644 index 0000000000..496dd8d1a5 --- /dev/null +++ b/kubernetes/portal/components/portal-sdk/templates/NOTES.txt @@ -0,0 +1,33 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/portal/components/portal-sdk/templates/configmap.yaml b/kubernetes/portal/components/portal-sdk/templates/configmap.yaml new file mode 100644 index 0000000000..1dbdeedd5a --- /dev/null +++ b/kubernetes/portal/components/portal-sdk/templates/configmap.yaml @@ -0,0 +1,42 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018, 2020 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-onapportalsdk + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/deliveries/properties/ONAPPORTALSDK/*").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/server/*").AsConfig . | indent 2 }} + +{{ if .Values.global.aafEnabled }} +{{- if .Values.aafConfig.addconfig -}} +--- +apiVersion: v1 +kind: ConfigMap +{{- $suffix := "aaf-add-config" }} +metadata: {{- include "common.resourceMetadata" (dict "suffix" $suffix "dot" . )| nindent 2 }} +data: + aaf-add-config.sh: |- + /opt/app/aaf_config/bin/agent.sh;/opt/app/aaf_config/bin/agent.sh local showpass \ + {{.Values.aafConfig.fqi}} {{ .Values.aafConfig.fqdn }} > {{ .Values.aafConfig.credsPath }}/mycreds.prop +{{- end -}} +{{- end -}}
\ No newline at end of file diff --git a/kubernetes/portal/components/portal-sdk/templates/deployment.yaml b/kubernetes/portal/components/portal-sdk/templates/deployment.yaml new file mode 100644 index 0000000000..b78ef34fa1 --- /dev/null +++ b/kubernetes/portal/components/portal-sdk/templates/deployment.yaml @@ -0,0 +1,155 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018,2020 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} + spec: + initContainers: + - name: {{ include "common.name" . }}-readiness + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - "portal-db" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + {{- if .Values.global.aafEnabled }} +{{ include "common.aaf-config" . | indent 6 }} + {{- end }} + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["bash","-c"] + {{- if .Values.global.aafEnabled }} + args: ["export $(grep '^c' {{ .Values.aafConfig.credsPath }}/mycreds.prop | xargs -0);\ + export _JAVA_OPTIONS=\"-Djavax.net.ssl.trustStorePassword=$cadi_truststore_password \ + -Djavax.net.ssl.keyStorePassword=$cadi_keystore_password_p12\";\ + /start-apache-tomcat.sh -b {{ .Values.global.env.tomcatDir }}"] + env: + - name: CATALINA_OPTS + value: > + -Djavax.net.ssl.keyStore="{{ .Values.aafConfig.credsPath }}/{{ .Values.aafConfig.keystoreFile }}" + -Djavax.net.ssl.trustStore="{{ .Values.aafConfig.credsPath }}/{{ .Values.aafConfig.truststoreFile }}" + {{- else }} + args: ["/start-apache-tomcat.sh -b {{ .Values.global.env.tomcatDir }}"] + {{- end }} + ports: + - containerPort: {{ .Values.service.internalPort }} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + {{- if .Values.global.aafEnabled }} +{{ include "common.aaf-config-volume-mountpath" . | indent 8 }} + {{- end }} + - name: properties-onapportalsdk + mountPath: "{{ .Values.global.env.tomcatDir }}/conf/server.xml" + subPath: server.xml + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: properties-onapportalsdk + mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTALSDK/WEB-INF/fusion/conf/fusion.properties" + subPath: fusion.properties + - name: properties-onapportalsdk + mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTALSDK/WEB-INF/conf/system.properties" + subPath: system.properties + - name: properties-onapportalsdk + mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTALSDK/WEB-INF/classes/portal.properties" + subPath: portal.properties + - name: properties-onapportalsdk + mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTALSDK/WEB-INF/classes/music.properties" + subPath: music.properties + - name: properties-onapportalsdk + mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTALSDK/WEB-INF/classes/logback.xml" + subPath: logback.xml + - name: portal-tomcat-logs + mountPath: "{{ .Values.global.env.tomcatDir }}/logs" + - name: var-log-onap + mountPath: /var/log/onap + resources: +{{ include "common.resources" . }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + - name: filebeat-onap + image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: /usr/share/filebeat/filebeat.yml + name: filebeat-conf + subPath: filebeat.yml + - name: portal-data-filebeat + mountPath: /usr/share/filebeat/data + - name: var-log-onap + mountPath: /var/log/onap + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: properties-onapportalsdk + configMap: + name: {{ include "common.fullname" . }}-onapportalsdk + defaultMode: 0755 + - name: filebeat-conf + configMap: + name: portal-filebeat + - name: var-log-onap + emptyDir: {} + - name: portal-data-filebeat + emptyDir: {} + - name: portal-tomcat-logs + emptyDir: {} + {{- if .Values.global.aafEnabled }} +{{ include "common.aaf-config-volumes" . | indent 8 }} + {{- end }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/portal/components/portal-sdk/templates/ingress.yaml b/kubernetes/portal/components/portal-sdk/templates/ingress.yaml new file mode 100644 index 0000000000..8f87c68f1e --- /dev/null +++ b/kubernetes/portal/components/portal-sdk/templates/ingress.yaml @@ -0,0 +1 @@ +{{ include "common.ingress" . }} diff --git a/kubernetes/portal/components/portal-sdk/templates/secrets.yaml b/kubernetes/portal/components/portal-sdk/templates/secrets.yaml new file mode 100644 index 0000000000..61fc2f8037 --- /dev/null +++ b/kubernetes/portal/components/portal-sdk/templates/secrets.yaml @@ -0,0 +1,15 @@ +# Copyright (c) 2020 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{ include "common.secretFast" . }} diff --git a/kubernetes/portal/components/portal-sdk/templates/service.yaml b/kubernetes/portal/components/portal-sdk/templates/service.yaml new file mode 100644 index 0000000000..36d00ccfe2 --- /dev/null +++ b/kubernetes/portal/components/portal-sdk/templates/service.yaml @@ -0,0 +1,41 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ include "common.release" . }} diff --git a/kubernetes/portal/components/portal-sdk/values.yaml b/kubernetes/portal/components/portal-sdk/values.yaml new file mode 100644 index 0000000000..2363ec5691 --- /dev/null +++ b/kubernetes/portal/components/portal-sdk/values.yaml @@ -0,0 +1,144 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018, 2020 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + env: + tomcatDir: "/usr/local/tomcat" + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + persistence: {} + #AAF service + aafEnabled: true + aafAgentImage: onap/aaf/aaf_agent:2.1.20 + +################################################################# +# Application configuration defaults. +################################################################# + +# application image +repository: nexus3.onap.org:10001 +image: onap/portal-sdk:3.2.0 +pullPolicy: Always + +#AAF local config +aafURL: https://aaf-service:8100/authz/ +aafConfig: + aafDeployFqi: deployer@people.osaaf.org + aafDeployPass: demo123456! + fqdn: portal + fqi: portal@portal.onap.org + publicFqdn: portal.onap.org + cadi_latitude: "38.0" + cadi_longitude: "-72.0" + credsPath: /opt/app/osaaf/local + app_ns: org.osaaf.aaf + permission_user: 1000 + permission_group: 999 + addconfig: true + secret_uid: &aaf_secret_uid portal-sdk-aaf-deploy-creds + keystoreFile: "org.onap.portal.p12" + truststoreFile: "org.onap.portal.trust.jks" + +secrets: + - uid: *aaf_secret_uid + type: basicAuth + externalSecret: '{{ ternary (tpl (default "" .Values.aafConfig.aafDeployCredsExternalSecret) .) "aafIsDiabled" .Values.global.aafEnabled }}' + login: '{{ .Values.aafConfig.aafDeployFqi }}' + password: '{{ .Values.aafConfig.aafDeployPass }}' + passwordPolicy: required + +# flag to enable debugging - application support required +debugEnabled: false + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: NodePort + name: portal-sdk + portName: portal-sdk + internalPort: 8443 + externalPort: 8443 + nodePort: 12 + +mariadb: + service: + name: portal-db +widget: + service: + name: portal-widget +cassandra: + service: + name: portal-cassandra + config: + cassandraUsername: root + cassandraPassword: Aa123456 +zookeeper: + service: + name: portal-zookeeper +messageRouter: + service: + name: message-router + +ingress: + enabled: false + service: + - baseaddr: portal-sdk + name: "portal-sdk" + port: 8443 + config: + ssl: "redirect" + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 600m + memory: 1.6Gi + requests: + cpu: 10m + memory: 1.3Gi + large: + limits: + cpu: 8 + memory: 20Gi + requests: + cpu: 4 + memory: 10Gi + unlimited: {} |