summaryrefslogtreecommitdiffstats
path: root/kubernetes
diff options
context:
space:
mode:
authorSylvain Desbureaux <sylvain.desbureaux@orange.com>2020-05-04 15:30:15 +0000
committerGerrit Code Review <gerrit@onap.org>2020-05-04 15:30:15 +0000
commitb9891e84143f46a786115fd0ca182e57691f1884 (patch)
treecd0f9d2c765c9ac03fa4ef17fbdf00f5750f92ea /kubernetes
parent006318ac37142eb823db4a2074ce6c8ad1629166 (diff)
parent53929946b4f676604396f64e3f2fb793cdbc450e (diff)
Merge "Portal AAF REST API perm fixes for Roles"
Diffstat (limited to 'kubernetes')
-rwxr-xr-xkubernetes/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties17
-rw-r--r--kubernetes/portal/charts/portal-app/templates/deployment.yaml2
-rw-r--r--kubernetes/portal/charts/portal-app/values.yaml2
-rwxr-xr-xkubernetes/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties17
-rw-r--r--kubernetes/portal/charts/portal-sdk/templates/deployment.yaml2
-rw-r--r--kubernetes/portal/charts/portal-sdk/values.yaml2
6 files changed, 20 insertions, 22 deletions
diff --git a/kubernetes/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties b/kubernetes/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties
index 63348f02d6..aeef85e54c 100755
--- a/kubernetes/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties
+++ b/kubernetes/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties
@@ -115,13 +115,12 @@ external_system_notification_url= https://jira.onap.org/browse/
#cookie domain
cookie_domain = onap.org
-{{- if .Values.global.aafEnabled }}
-# External Access System Basic Auth Credentials & Rest endpoint(These credentials doesn't work as these are place holders for now)
-ext_central_access_user_name = aaf_admin@people.osaaf.org
-ext_central_access_password = thiswillbereplacedatruntime
-ext_central_access_url = {{ .Values.aafURL }}/authz/
-ext_central_access_user_domain = @people.osaaf.org
-
# External Central Auth system access
-remote_centralized_system_access = true
-{{- end }}
+remote_centralized_system_access = {{.Values.global.aafEnabled}}
+
+# External Access System Basic Auth Credentials & Rest endpoint
+# The credentials are placeholders as these are replaced by AAF X509 identity at runtime
+ext_central_access_user_name = portal@portal.onap.org
+ext_central_access_password = thisfakepasswordwillbereplacedbythex509cert
+ext_central_access_url = {{.Values.aafURL}}
+ext_central_access_user_domain = @people.osaaf.org \ No newline at end of file
diff --git a/kubernetes/portal/charts/portal-app/templates/deployment.yaml b/kubernetes/portal/charts/portal-app/templates/deployment.yaml
index 14bbd3c7f6..af00b5ff89 100644
--- a/kubernetes/portal/charts/portal-app/templates/deployment.yaml
+++ b/kubernetes/portal/charts/portal-app/templates/deployment.yaml
@@ -60,7 +60,7 @@ spec:
-Djavax.net.ssl.keyStorePassword=$cadi_keystore_password_p12\";\
/start-apache-tomcat.sh -i \"\" -n \"\" -b {{ .Values.global.env.tomcatDir }}"]
env:
- - name: _CATALINA_OPTS
+ - name: CATALINA_OPTS
value: >
-Djavax.net.ssl.keyStore="{{ .Values.aafConfig.credsPath }}/{{ .Values.aafConfig.keystoreFile }}"
-Djavax.net.ssl.trustStore="{{ .Values.aafConfig.credsPath }}/{{ .Values.aafConfig.truststoreFile }}"
diff --git a/kubernetes/portal/charts/portal-app/values.yaml b/kubernetes/portal/charts/portal-app/values.yaml
index 24388277f4..a33bff1d29 100644
--- a/kubernetes/portal/charts/portal-app/values.yaml
+++ b/kubernetes/portal/charts/portal-app/values.yaml
@@ -37,7 +37,7 @@ pullPolicy: Always
#AAF local config
-aafURL: https://aaf-service:8100/
+aafURL: https://aaf-service:8100/authz/
aafConfig:
aafDeployFqi: deployer@people.osaaf.org
aafDeployPass: demo123456!
diff --git a/kubernetes/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties b/kubernetes/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties
index 063ba3d122..45ea9b70ca 100755
--- a/kubernetes/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties
+++ b/kubernetes/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties
@@ -82,13 +82,12 @@ authenticate_user_server=http://{{.Values.global.portalHostName}}:8383/openid-co
#cookie domain
cookie_domain = onap.org
-{{- if .Values.global.aafEnabled }}
-# External Access System Basic Auth Credentials & Rest endpoint(These credentials doesn't work as these are place holders for now)
-ext_central_access_user_name = aaf_admin@people.osaaf.org
-ext_central_access_password = thiswillbereplacedatruntime
-ext_central_access_url = {{ .Values.aafURL }}/authz/
-ext_central_access_user_domain = @people.osaaf.org
-
# External Central Auth system access
-remote_centralized_system_access = true
-{{- end }} \ No newline at end of file
+remote_centralized_system_access = {{.Values.global.aafEnabled}}
+
+# External Access System Basic Auth Credentials & Rest endpoint
+# The credentials are placeholders as these are replaced by AAF X509 identity at runtime
+ext_central_access_user_name = portal@portal.onap.org
+ext_central_access_password = thisfakepasswordwillbereplacedbythex509cert
+ext_central_access_url = {{.Values.aafURL}}
+ext_central_access_user_domain = @people.osaaf.org \ No newline at end of file
diff --git a/kubernetes/portal/charts/portal-sdk/templates/deployment.yaml b/kubernetes/portal/charts/portal-sdk/templates/deployment.yaml
index 2de9a1bd24..b78ef34fa1 100644
--- a/kubernetes/portal/charts/portal-sdk/templates/deployment.yaml
+++ b/kubernetes/portal/charts/portal-sdk/templates/deployment.yaml
@@ -60,7 +60,7 @@ spec:
-Djavax.net.ssl.keyStorePassword=$cadi_keystore_password_p12\";\
/start-apache-tomcat.sh -b {{ .Values.global.env.tomcatDir }}"]
env:
- - name: _CATALINA_OPTS
+ - name: CATALINA_OPTS
value: >
-Djavax.net.ssl.keyStore="{{ .Values.aafConfig.credsPath }}/{{ .Values.aafConfig.keystoreFile }}"
-Djavax.net.ssl.trustStore="{{ .Values.aafConfig.credsPath }}/{{ .Values.aafConfig.truststoreFile }}"
diff --git a/kubernetes/portal/charts/portal-sdk/values.yaml b/kubernetes/portal/charts/portal-sdk/values.yaml
index 45af55fe1d..96ae9099b0 100644
--- a/kubernetes/portal/charts/portal-sdk/values.yaml
+++ b/kubernetes/portal/charts/portal-sdk/values.yaml
@@ -37,7 +37,7 @@ image: onap/portal-sdk:3.2.0
pullPolicy: Always
#AAF local config
-aafURL: https://aaf-service:8100/
+aafURL: https://aaf-service:8100/authz/
aafConfig:
aafDeployFqi: deployer@people.osaaf.org
aafDeployPass: demo123456!