diff options
author | Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2020-05-04 15:30:15 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2020-05-04 15:30:15 +0000 |
commit | b9891e84143f46a786115fd0ca182e57691f1884 (patch) | |
tree | cd0f9d2c765c9ac03fa4ef17fbdf00f5750f92ea /kubernetes | |
parent | 006318ac37142eb823db4a2074ce6c8ad1629166 (diff) | |
parent | 53929946b4f676604396f64e3f2fb793cdbc450e (diff) |
Merge "Portal AAF REST API perm fixes for Roles"
Diffstat (limited to 'kubernetes')
6 files changed, 20 insertions, 22 deletions
diff --git a/kubernetes/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties b/kubernetes/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties index 63348f02d6..aeef85e54c 100755 --- a/kubernetes/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties +++ b/kubernetes/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties @@ -115,13 +115,12 @@ external_system_notification_url= https://jira.onap.org/browse/ #cookie domain cookie_domain = onap.org -{{- if .Values.global.aafEnabled }} -# External Access System Basic Auth Credentials & Rest endpoint(These credentials doesn't work as these are place holders for now) -ext_central_access_user_name = aaf_admin@people.osaaf.org -ext_central_access_password = thiswillbereplacedatruntime -ext_central_access_url = {{ .Values.aafURL }}/authz/ -ext_central_access_user_domain = @people.osaaf.org - # External Central Auth system access -remote_centralized_system_access = true -{{- end }} +remote_centralized_system_access = {{.Values.global.aafEnabled}} + +# External Access System Basic Auth Credentials & Rest endpoint +# The credentials are placeholders as these are replaced by AAF X509 identity at runtime +ext_central_access_user_name = portal@portal.onap.org +ext_central_access_password = thisfakepasswordwillbereplacedbythex509cert +ext_central_access_url = {{.Values.aafURL}} +ext_central_access_user_domain = @people.osaaf.org
\ No newline at end of file diff --git a/kubernetes/portal/charts/portal-app/templates/deployment.yaml b/kubernetes/portal/charts/portal-app/templates/deployment.yaml index 14bbd3c7f6..af00b5ff89 100644 --- a/kubernetes/portal/charts/portal-app/templates/deployment.yaml +++ b/kubernetes/portal/charts/portal-app/templates/deployment.yaml @@ -60,7 +60,7 @@ spec: -Djavax.net.ssl.keyStorePassword=$cadi_keystore_password_p12\";\ /start-apache-tomcat.sh -i \"\" -n \"\" -b {{ .Values.global.env.tomcatDir }}"] env: - - name: _CATALINA_OPTS + - name: CATALINA_OPTS value: > -Djavax.net.ssl.keyStore="{{ .Values.aafConfig.credsPath }}/{{ .Values.aafConfig.keystoreFile }}" -Djavax.net.ssl.trustStore="{{ .Values.aafConfig.credsPath }}/{{ .Values.aafConfig.truststoreFile }}" diff --git a/kubernetes/portal/charts/portal-app/values.yaml b/kubernetes/portal/charts/portal-app/values.yaml index 24388277f4..a33bff1d29 100644 --- a/kubernetes/portal/charts/portal-app/values.yaml +++ b/kubernetes/portal/charts/portal-app/values.yaml @@ -37,7 +37,7 @@ pullPolicy: Always #AAF local config -aafURL: https://aaf-service:8100/ +aafURL: https://aaf-service:8100/authz/ aafConfig: aafDeployFqi: deployer@people.osaaf.org aafDeployPass: demo123456! diff --git a/kubernetes/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties b/kubernetes/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties index 063ba3d122..45ea9b70ca 100755 --- a/kubernetes/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties +++ b/kubernetes/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties @@ -82,13 +82,12 @@ authenticate_user_server=http://{{.Values.global.portalHostName}}:8383/openid-co #cookie domain cookie_domain = onap.org -{{- if .Values.global.aafEnabled }} -# External Access System Basic Auth Credentials & Rest endpoint(These credentials doesn't work as these are place holders for now) -ext_central_access_user_name = aaf_admin@people.osaaf.org -ext_central_access_password = thiswillbereplacedatruntime -ext_central_access_url = {{ .Values.aafURL }}/authz/ -ext_central_access_user_domain = @people.osaaf.org - # External Central Auth system access -remote_centralized_system_access = true -{{- end }}
\ No newline at end of file +remote_centralized_system_access = {{.Values.global.aafEnabled}} + +# External Access System Basic Auth Credentials & Rest endpoint +# The credentials are placeholders as these are replaced by AAF X509 identity at runtime +ext_central_access_user_name = portal@portal.onap.org +ext_central_access_password = thisfakepasswordwillbereplacedbythex509cert +ext_central_access_url = {{.Values.aafURL}} +ext_central_access_user_domain = @people.osaaf.org
\ No newline at end of file diff --git a/kubernetes/portal/charts/portal-sdk/templates/deployment.yaml b/kubernetes/portal/charts/portal-sdk/templates/deployment.yaml index 2de9a1bd24..b78ef34fa1 100644 --- a/kubernetes/portal/charts/portal-sdk/templates/deployment.yaml +++ b/kubernetes/portal/charts/portal-sdk/templates/deployment.yaml @@ -60,7 +60,7 @@ spec: -Djavax.net.ssl.keyStorePassword=$cadi_keystore_password_p12\";\ /start-apache-tomcat.sh -b {{ .Values.global.env.tomcatDir }}"] env: - - name: _CATALINA_OPTS + - name: CATALINA_OPTS value: > -Djavax.net.ssl.keyStore="{{ .Values.aafConfig.credsPath }}/{{ .Values.aafConfig.keystoreFile }}" -Djavax.net.ssl.trustStore="{{ .Values.aafConfig.credsPath }}/{{ .Values.aafConfig.truststoreFile }}" diff --git a/kubernetes/portal/charts/portal-sdk/values.yaml b/kubernetes/portal/charts/portal-sdk/values.yaml index 45af55fe1d..96ae9099b0 100644 --- a/kubernetes/portal/charts/portal-sdk/values.yaml +++ b/kubernetes/portal/charts/portal-sdk/values.yaml @@ -37,7 +37,7 @@ image: onap/portal-sdk:3.2.0 pullPolicy: Always #AAF local config -aafURL: https://aaf-service:8100/ +aafURL: https://aaf-service:8100/authz/ aafConfig: aafDeployFqi: deployer@people.osaaf.org aafDeployPass: demo123456! |