aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/sdnc/resources
diff options
context:
space:
mode:
authorKrzysztof Opasiak <k.opasiak@samsung.com>2020-02-25 23:31:20 +0100
committerKrzysztof Opasiak <k.opasiak@samsung.com>2020-03-04 21:00:24 +0100
commitcc97c73108f8b3e2f1f58ab0463fce2fb99d79c2 (patch)
tree068d832fdc751fe0260e380c66372f29d0e86990 /kubernetes/sdnc/resources
parent0320331c03eb50e1e8fb4e14a409b968a761e5d2 (diff)
[SDNC] Use common secret template in sdnc
Some passwords are still hardcoded but with this commit all components should be using passwords provided via secrets not directly as strings. A follow-up patch will remove hardcoded passwords where feasible. Issue-ID: OOM-2309 Change-Id: I047974506430cbb277200d0103bcc57a6fd8a83b Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Diffstat (limited to 'kubernetes/sdnc/resources')
-rwxr-xr-x[-rw-r--r--]kubernetes/sdnc/resources/config/bin/installSdncDb.sh12
-rwxr-xr-xkubernetes/sdnc/resources/config/bin/startODL.sh7
-rwxr-xr-xkubernetes/sdnc/resources/config/conf/aaiclient.properties7
-rw-r--r--kubernetes/sdnc/resources/config/conf/blueprints-processor-adaptor.properties8
-rw-r--r--kubernetes/sdnc/resources/config/conf/dblib.properties11
-rw-r--r--kubernetes/sdnc/resources/config/conf/lcm-dg.properties12
-rwxr-xr-xkubernetes/sdnc/resources/config/conf/netbox.properties2
-rw-r--r--kubernetes/sdnc/resources/config/conf/svclogic.properties12
8 files changed, 33 insertions, 38 deletions
diff --git a/kubernetes/sdnc/resources/config/bin/installSdncDb.sh b/kubernetes/sdnc/resources/config/bin/installSdncDb.sh
index 455cb834f9..754ff2c5cc 100644..100755
--- a/kubernetes/sdnc/resources/config/bin/installSdncDb.sh
+++ b/kubernetes/sdnc/resources/config/bin/installSdncDb.sh
@@ -25,11 +25,11 @@ SDNC_HOME=${SDNC_HOME:-/opt/onap/sdnc}
ETC_DIR=${ETC_DIR:-${SDNC_HOME}/data}
BIN_DIR=${BIN_DIR-${SDNC_HOME}/bin}
MYSQL_HOST=${MYSQL_HOST:-dbhost}
-MYSQL_PASSWORD=${MYSQL_PASSWORD:-openECOMP1.0}
+MYSQL_PASSWORD=${MYSQL_ROOT_PASSWORD}
-SDNC_DB_USER=${SDNC_DB_USER:-sdnctl}
-SDNC_DB_PASSWORD=${SDNC_DB_PASSWORD:-gamma}
-SDNC_DB_DATABASE=${SDN_DB_DATABASE:-sdnctl}
+SDNC_DB_USER=${SDNC_DB_USER}
+SDNC_DB_PASSWORD=${SDNC_DB_PASSWORD}
+SDNC_DB_DATABASE=${SDNC_DB_DATABASE}
# Create tablespace and user account
@@ -46,12 +46,12 @@ END
# load schema
if [ -f ${ETC_DIR}/sdnctl.dump ]
then
- mysql -h ${MYSQL_HOST} -u root -p${MYSQL_PASSWORD} sdnctl < ${ETC_DIR}/sdnctl.dump
+ mysql -h ${MYSQL_HOST} -u root -p${MYSQL_PASSWORD} ${SDNC_DB_DATABASE} < ${ETC_DIR}/sdnctl.dump
fi
for datafile in ${ETC_DIR}/*.data.dump
do
- mysql -h ${MYSQL_HOST} -u root -p${MYSQL_PASSWORD} sdnctl < $datafile
+ mysql -h ${MYSQL_HOST} -u root -p${MYSQL_PASSWORD} ${SDNC_DB_DATABASE} < $datafile
done
# Create VNIs 100-199
diff --git a/kubernetes/sdnc/resources/config/bin/startODL.sh b/kubernetes/sdnc/resources/config/bin/startODL.sh
index 5f5f811fd0..af5c36207c 100755
--- a/kubernetes/sdnc/resources/config/bin/startODL.sh
+++ b/kubernetes/sdnc/resources/config/bin/startODL.sh
@@ -65,7 +65,7 @@ function enable_odl_cluster(){
addToFeatureBoot odl-jolokia
#${ODL_HOME}/bin/client feature:install odl-mdsal-clustering
#${ODL_HOME}/bin/client feature:install odl-jolokia
-
+
echo "Update cluster information statically"
hm=$(hostname)
@@ -113,8 +113,8 @@ function enable_odl_cluster(){
# Install SDN-C platform components if not already installed and start container
ODL_HOME=${ODL_HOME:-/opt/opendaylight/current}
-ODL_ADMIN_USERNAME=${ODL_ADMIN_USERNAME:-admin}
-ODL_ADMIN_PASSWORD=${ODL_ADMIN_PASSWORD:-Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U}
+ODL_ADMIN_USERNAME=${ODL_ADMIN_USERNAME}
+ODL_ADMIN_PASSWORD=${ODL_ADMIN_PASSWORD}
SDNC_HOME=${SDNC_HOME:-/opt/onap/sdnc}
SDNC_BIN=${SDNC_BIN:-/opt/onap/sdnc/bin}
CCSDK_HOME=${CCSDK_HOME:-/opt/onap/ccsdk}
@@ -166,4 +166,3 @@ nohup python ${SDNC_BIN}/installCerts.py &
exec ${ODL_HOME}/bin/karaf server
-
diff --git a/kubernetes/sdnc/resources/config/conf/aaiclient.properties b/kubernetes/sdnc/resources/config/conf/aaiclient.properties
index 035942b304..5d4473c978 100755
--- a/kubernetes/sdnc/resources/config/conf/aaiclient.properties
+++ b/kubernetes/sdnc/resources/config/conf/aaiclient.properties
@@ -2,8 +2,7 @@
# ============LICENSE_START=======================================================
# openECOMP : SDN-C
# ================================================================================
-# Copyright (C) 2018 ONAP Intellectual Property. All rights
-# reserved.
+# Copyright (C) 2018 ONAP Intellectual Property. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -30,8 +29,8 @@ org.onap.ccsdk.sli.adaptors.aai.ssl.trust=/opt/onap/sdnc/data/stores/truststoreO
org.onap.ccsdk.sli.adaptors.aai.ssl.trust.psswd=changeit
org.onap.ccsdk.sli.adaptors.aai.host.certificate.ignore=true
-org.onap.ccsdk.sli.adaptors.aai.client.name=sdnc@sdnc.onap.org
-org.onap.ccsdk.sli.adaptors.aai.client.psswd=demo123456!
+org.onap.ccsdk.sli.adaptors.aai.client.name=${AAI_CLIENT_NAME}
+org.onap.ccsdk.sli.adaptors.aai.client.psswd=${AAI_CLIENT_PASSWORD}
org.onap.ccsdk.sli.adaptors.aai.application=openECOMP
#
diff --git a/kubernetes/sdnc/resources/config/conf/blueprints-processor-adaptor.properties b/kubernetes/sdnc/resources/config/conf/blueprints-processor-adaptor.properties
index 3a6b5a08f0..224e84b3a7 100644
--- a/kubernetes/sdnc/resources/config/conf/blueprints-processor-adaptor.properties
+++ b/kubernetes/sdnc/resources/config/conf/blueprints-processor-adaptor.properties
@@ -24,12 +24,12 @@ org.onap.ccsdk.features.blueprints.adaptors.envtype=solo
org.onap.ccsdk.features.blueprints.adaptors.modelservice.type=generic
org.onap.ccsdk.features.blueprints.adaptors.modelservice.enable=true
org.onap.ccsdk.features.blueprints.adaptors.modelservice.url=http://controller-blueprints:8080/api/v1/
-org.onap.ccsdk.features.blueprints.adaptors.modelservice.user=ccsdkapps
-org.onap.ccsdk.features.blueprints.adaptors.modelservice.passwd=ccsdkapps
+org.onap.ccsdk.features.blueprints.adaptors.modelservice.user=${MODELSERVICE_USER}
+org.onap.ccsdk.features.blueprints.adaptors.modelservice.passwd=${MODELSERVICE_PASSWORD}
# Generic RESTCONF Adaptor
org.onap.ccsdk.features.blueprints.adaptors.restconf.type=generic
org.onap.ccsdk.features.blueprints.adaptors.restconf.enable=true
-org.onap.ccsdk.features.blueprints.adaptors.restconf.user=admin
-org.onap.ccsdk.features.blueprints.adaptors.restconf.passwd={{ .Values.config.odlPassword}}
+org.onap.ccsdk.features.blueprints.adaptors.restconf.user=${RESTCONF_USER}
+org.onap.ccsdk.features.blueprints.adaptors.restconf.passwd=${RESTCONF_PASSWORD}
org.onap.ccsdk.features.blueprints.adaptors.restconf.url=http://sdnc:8282/restconf/
diff --git a/kubernetes/sdnc/resources/config/conf/dblib.properties b/kubernetes/sdnc/resources/config/conf/dblib.properties
index 1849053411..1fb6fb8732 100644
--- a/kubernetes/sdnc/resources/config/conf/dblib.properties
+++ b/kubernetes/sdnc/resources/config/conf/dblib.properties
@@ -1,7 +1,6 @@
###
# ============LICENSE_START=======================================================
-# Copyright (C) 2018 AT&T Intellectual Property. All rights
-# reserved.
+# Copyright (C) 2018 AT&T Intellectual Property. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -18,11 +17,11 @@
###
org.onap.ccsdk.sli.dbtype=jdbc
org.onap.ccsdk.sli.jdbc.hosts=sdnctldb01
-org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.config.mariadbGalera.serviceName}}.{{.Release.Namespace}}:{{.Values.config.mariadbGalera.internalPort}}/sdnctl
+org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{include "common.mariadbService" $}}:{{include "common.mariadbPort" $}}/{{$.Values.config.dbSdnctlDatabase}}
org.onap.ccsdk.sli.jdbc.driver=org.mariadb.jdbc.Driver
-org.onap.ccsdk.sli.jdbc.database=sdnctl
-org.onap.ccsdk.sli.jdbc.user=sdnctl
-org.onap.ccsdk.sli.jdbc.password={{.Values.config.dbSdnctlPassword}}
+org.onap.ccsdk.sli.jdbc.database={{$.Values.config.dbSdnctlDatabase}}
+org.onap.ccsdk.sli.jdbc.user=${SDNC_DB_USER}
+org.onap.ccsdk.sli.jdbc.password=${SDNC_DB_PASSWORD}
org.onap.ccsdk.sli.jdbc.connection.name=sdnctldb01
org.onap.ccsdk.sli.jdbc.connection.timeout=50
org.onap.ccsdk.sli.jdbc.request.timeout=100
diff --git a/kubernetes/sdnc/resources/config/conf/lcm-dg.properties b/kubernetes/sdnc/resources/config/conf/lcm-dg.properties
index f91c62c98b..44ee0b998f 100644
--- a/kubernetes/sdnc/resources/config/conf/lcm-dg.properties
+++ b/kubernetes/sdnc/resources/config/conf/lcm-dg.properties
@@ -1,7 +1,7 @@
#ANSIBLE
ansible.agenturl=http://{{.Values.config.ansibleServiceName}}:{{.Values.config.ansiblePort}}/Dispatch
-ansible.user=sdnc
-ansible.password=sdnc
+ansible.user=${ANSIBLE_USER}
+ansible.password=${ANSIBLE_PASSWORD}
ansible.lcm.localparameters=
ansible.nodelist=
ansible.timeout=60
@@ -23,10 +23,10 @@ restapi.templateDir=/opt/onap/sdnc/restapi/templates
lcm.restconf.configscaleout.templatefile=lcm-restconf-configscaleout.json
lcm.restconf.configscaleout.urlpath=/restconf/config/vlb-business-vnf-onap-plugin:vlb-business-vnf-onap-plugin/vdns-instances/vdns-instance/
lcm.restconf.configscaleout.geturlpath=/restconf/operational/health-vnf-onap-plugin:health-vnf-onap-plugin-state/health-check
-lcm.restconf.configscaleout.user=admin
-lcm.restconf.configscaleout.password=admin
-lcm.restconf.user=admin
-lcm.restconf.password=admin
+lcm.restconf.configscaleout.user=${SCALEOUT_USER}
+lcm.restconf.configscaleout.password=${SCALEOUT_PASSWORD}
+lcm.restconf.user=${RESTCONF_USER}
+lcm.restconf.password=${RESTCONF_PASSWORD}
lcm.restconf.port=8183
#DMAAP
diff --git a/kubernetes/sdnc/resources/config/conf/netbox.properties b/kubernetes/sdnc/resources/config/conf/netbox.properties
index 9cd3880614..a768041945 100755
--- a/kubernetes/sdnc/resources/config/conf/netbox.properties
+++ b/kubernetes/sdnc/resources/config/conf/netbox.properties
@@ -16,4 +16,4 @@
# Configuration file for Netbox client
org.onap.ccsdk.sli.adaptors.netbox.url=http://netbox-app.{{.Release.Namespace}}:8001
-org.onap.ccsdk.sli.adaptors.netbox.apikey=onceuponatimeiplayedwithnetbox20180814 \ No newline at end of file
+org.onap.ccsdk.sli.adaptors.netbox.apikey=${NETBOX_API_KEY} \ No newline at end of file
diff --git a/kubernetes/sdnc/resources/config/conf/svclogic.properties b/kubernetes/sdnc/resources/config/conf/svclogic.properties
index 55ef8e7e85..adbba660c5 100644
--- a/kubernetes/sdnc/resources/config/conf/svclogic.properties
+++ b/kubernetes/sdnc/resources/config/conf/svclogic.properties
@@ -2,8 +2,7 @@
# ============LICENSE_START=======================================================
# openECOMP : SDN-C
# ================================================================================
-# Copyright (C) 2017 AT&T Intellectual Property. All rights
-# reserved.
+# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -20,8 +19,7 @@
###
org.onap.ccsdk.sli.dbtype = jdbc
-org.onap.ccsdk.sli.jdbc.url = jdbc:mysql://{{.Values.config.mariadbGalera.serviceName}}.{{.Release.Namespace}}:{{.Values.config.mariadbGalera.internalPort}}/sdnctl
-org.onap.ccsdk.sli.jdbc.database = sdnctl
-org.onap.ccsdk.sli.jdbc.user = sdnctl
-org.onap.ccsdk.sli.jdbc.password = {{.Values.config.dbSdnctlPassword}}
-
+org.onap.ccsdk.sli.jdbc.url = jdbc:mysql://{{include "common.mariadbService" $}}:{{include "common.mariadbPort" $}}/{{$.Values.config.dbSdnctlDatabase}}
+org.onap.ccsdk.sli.jdbc.database = {{$.Values.config.dbSdnctlDatabase}}
+org.onap.ccsdk.sli.jdbc.user = ${SDNC_DB_USER}
+org.onap.ccsdk.sli.jdbc.password = ${SDNC_DB_PASSWORD}