diff options
25 files changed, 226 insertions, 376 deletions
diff --git a/kubernetes/aai/components/aai-sparky-be/requirements.yaml b/kubernetes/aai/components/aai-sparky-be/requirements.yaml index 498f1b837d..42641a2e5c 100644 --- a/kubernetes/aai/components/aai-sparky-be/requirements.yaml +++ b/kubernetes/aai/components/aai-sparky-be/requirements.yaml @@ -21,9 +21,6 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - - name: certInitializer - version: ~7.x-0 - repository: '@local' - name: repositoryGenerator version: ~7.x-0 repository: '@local'
\ No newline at end of file diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-default.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application-oxm-default.properties index 084f6e46bc..084f6e46bc 100644 --- a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-default.properties +++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application-oxm-default.properties diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-override.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application-oxm-override.properties index 4465fb3e11..4465fb3e11 100644 --- a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-override.properties +++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application-oxm-override.properties diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-schema-prod.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application-oxm-schema-prod.properties index b6c5f68368..094c815744 100644 --- a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-schema-prod.properties +++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application-oxm-schema-prod.properties @@ -15,14 +15,14 @@ */}} oxm.schemaNodeDir=/opt/app/sparky/onap/oxm -#schemaServiceTranslator is used to define whether to retreive the oxm from schema service microservice or read from the disk, possible values are schema-service/config +#schemaServiceTranslator is used to define whether to retreive the oxm from schema service microservice or read from the disk, possible values are schema-service/config oxm.schemaServiceTranslatorList=config # The end point for onap is https://<hostname>:<port>/onap/schema-service/v1/ oxm.schemaServiceBaseUrl=https://<schema-service/config>/aai/schema-service/v1/ -oxm.schemaServiceKeystore=file:{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12 -oxm.schemaServiceTruststore=file:{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks -oxm.schemaServiceKeystorePassword=${KEYSTORE_PASSWORD} -oxm.schemaServiceTruststorePassword=${KEYSTORE_PASSWORD} +oxm.schemaServiceKeystore=file:${CONFIG_HOME}/auth/aai-client-cert.p12 +oxm.schemaServiceTruststore=file:${CONFIG_HOME}/auth/tomcat_keystore +oxm.schemaServiceKeystorePassword=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o +oxm.schemaServiceTruststorePassword=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-resources.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application-resources.properties index 2143bf8902..59c0349b06 100644 --- a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-resources.properties +++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application-resources.properties @@ -19,7 +19,4 @@ resources.port=8443 resources.authType=SSL_BASIC resources.basicAuthUserName=aai@aai.onap.org resources.basicAuthPassword=1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek -resources.trust-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks -resources.trust-store-password=${TRUSTSTORE_PASSWORD} -resources.client-cert={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12 -resources.client-cert-password=${KEYSTORE_PASSWORD}
\ No newline at end of file +resources.trust-store=tomcat_keystore diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-ssl.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application-ssl.properties index 073e9d318a..26565bb1a0 100644 --- a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-ssl.properties +++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application-ssl.properties @@ -15,8 +15,8 @@ */}} server.port=8000 -server.ssl.key-store=file:{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12 -server.ssl.key-store-password=${KEYSTORE_PASSWORD} +server.ssl.key-store=file:${CONFIG_HOME}/auth/org.onap.aai.p12 +server.ssl.key-store-password=OBF:1cqc1l4h1qhu1j751p3j1kmy1ncw1o6g1hf418571g7i1d9r1dan1ga8185f1hfy1o461ncu1kjo1p671j7x1qjg1l8t1cne server.ssl.enabled-protocols=TLSv1.1,TLSv1.2 -server.ssl.trust-store=file:{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks -server.ssl.trust-store-password=${KEYSTORE_PASSWORD} +server.ssl.trust-store=file:${CONFIG_HOME}/auth/truststoreONAPall.jks +server.ssl.trust-store-password=OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-sync.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application-sync.properties index 4fb10a21f7..4fb10a21f7 100644 --- a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-sync.properties +++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application-sync.properties diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application.properties index a9e5908ec7..1ae00d95c4 100644 --- a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application.properties +++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application.properties @@ -27,11 +27,11 @@ spring.mvc.favicon.enabled=false spring.profiles.active=camel,ssl,fe-prod,oxm-schema-prod,oxm-default,resources,portal,aai-proxy portal.cadiFileLocation={{.Values.config.cadiFileLocation}} +portal.cadiFileLocation={{.Values.config.cadiFileLocation}} searchservice.hostname={{.Values.global.searchData.serviceName}} searchservice.port=9509 -searchservice.client-cert={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12 -searchservice.client-cert-password=${KEYSTORE_PASSWORD} -searchservice.truststore={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks -searchservice.truststore-password=${TRUSTSTORE_PASSWORD} +searchservice.client-cert=client-cert-onap.p12 +searchservice.client-cert-password=1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 +searchservice.truststore=tomcat_keystore schema.ingest.file=${CONFIG_HOME}/schemaIngest.properties diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/logback.xml b/kubernetes/aai/components/aai-sparky-be/resources/config/application/logback.xml deleted file mode 100644 index cd5338f5b3..0000000000 --- a/kubernetes/aai/components/aai-sparky-be/resources/config/application/logback.xml +++ /dev/null @@ -1,187 +0,0 @@ -<configuration scan="true" scanPeriod="3 seconds" debug="false"> - <!--{{/* - # Copyright © 2018 AT&T - # Copyright © 2021 Orange - # - # Licensed under the Apache License, Version 2.0 (the "License"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an "AS IS" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - */}}--> - <!--<jmxConfigurator /> --> - <!-- directory path for all other type logs --> - - <property name="logDir" value="/var/log/onap" /> - - <!-- <ECOMP-component-name>::= "MSO" | "DCAE" | "ASDC " | "AAI" |"Policy" - | "SDNC" | "AC" --> - <property name="componentName" value="AAI-UI"></property> - - <!-- default eelf log file names --> - <property name="generalLogName" value="error" /> - <property name="metricsLogName" value="metrics" /> - <property name="auditLogName" value="audit" /> - <property name="debugLogName" value="debug" /> - - <property name="errorLogPattern" value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{RequestId}|%thread|AAIUI|%mdc{PartnerName}|%logger|%.-5level|%msg%n" /> - <property name="auditMetricPattern" value="%m%n" /> - - <property name="logDirectory" value="${logDir}/${componentName}" /> - - - <!-- Example evaluator filter applied against console appender --> - <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> - <encoder> - <pattern>${errorLogPattern}</pattern> - </encoder> - </appender> - - <!-- ============================================================================ --> - <!-- EELF Appenders --> - <!-- ============================================================================ --> - - <!-- The EELFAppender is used to record events to the general application - log --> - - <appender name="EELF" class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/${generalLogName}.log</file> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip -</fileNamePattern> - <maxHistory>60</maxHistory> - </rollingPolicy> - <encoder> - <pattern>${errorLogPattern}</pattern> - </encoder> - </appender> - <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender"> - <!-- deny all events with a level below INFO, that is TRACE and DEBUG --> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - <level>INFO</level> - </filter> - <queueSize>256</queueSize> - <appender-ref ref="EELF" /> - </appender> - - - <!-- EELF Audit Appender. This appender is used to record audit engine related - logging events. The audit logger and appender are specializations of the - EELF application root logger and appender. This can be used to segregate - Policy engine events from other components, or it can be eliminated to record - these events as part of the application root log. --> - - <appender name="EELFAudit" class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/${auditLogName}.log</file> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip -</fileNamePattern> - <maxHistory>60</maxHistory> - </rollingPolicy> - <encoder> - <pattern>${auditMetricPattern}</pattern> - </encoder> - </appender> - <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>256</queueSize> - <appender-ref ref="EELFAudit" /> - </appender> - - <appender name="EELFMetrics" class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/${metricsLogName}.log</file> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip -</fileNamePattern> - <maxHistory>60</maxHistory> - </rollingPolicy> - <encoder> - <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n"</pattern> --> - <pattern>${auditMetricPattern}</pattern> - </encoder> - </appender> - - - <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>256</queueSize> - <appender-ref ref="EELFMetrics" /> - </appender> - - <appender name="EELFDebug" class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/${debugLogName}.log</file> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip -</fileNamePattern> - <maxHistory>60</maxHistory> - </rollingPolicy> - <encoder> - <pattern>${errorLogPattern}</pattern> - </encoder> - </appender> - - <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>256</queueSize> - <appender-ref ref="EELFDebug" /> - <includeCallerData>false</includeCallerData> - </appender> - - <!-- ============================================================================ --> - <!-- EELF loggers --> - <!-- ============================================================================ --> - <logger name="com.att.eelf" level="info" additivity="false"> - <appender-ref ref="asyncEELF" /> - <appender-ref ref="asyncEELFDebug" /> - <appender-ref ref="STDOUT" /> - </logger> - - <logger name="com.att.eelf.audit" level="info" additivity="false"> - <appender-ref ref="asyncEELFAudit" /> - </logger> - <logger name="com.att.eelf.metrics" level="info" additivity="false"> - <appender-ref ref="asyncEELFMetrics" /> - </logger> - - <!-- Spring related loggers --> - <logger name="org.springframework" level="WARN" /> - <logger name="org.springframework.beans" level="WARN" /> - <logger name="org.springframework.web" level="WARN" /> - <logger name="com.blog.spring.jms" level="WARN" /> - - <!-- Sparky loggers --> - <logger name="org.onap" level="INFO"> - <appender-ref ref="STDOUT" /> - </logger> - - <!-- Other Loggers that may help troubleshoot --> - <logger name="net.sf" level="WARN" /> - <logger name="org.apache.commons.httpclient" level="WARN" /> - <logger name="org.apache.commons" level="WARN" /> - <logger name="org.apache.coyote" level="WARN" /> - <logger name="org.apache.jasper" level="WARN" /> - - <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging. - May aid in troubleshooting) --> - <logger name="org.apache.camel" level="WARN" /> - <logger name="org.apache.cxf" level="WARN" /> - <logger name="org.apache.camel.processor.interceptor" level="WARN" /> - <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" /> - <logger name="org.apache.cxf.service" level="WARN" /> - <logger name="org.restlet" level="WARN" /> - <logger name="org.apache.camel.component.restlet" level="WARN" /> - - <!-- logback internals logging --> - <logger name="ch.qos.logback.classic" level="WARN" /> - <logger name="ch.qos.logback.core" level="WARN" /> - - <root> - <appender-ref ref="asyncEELF" /> - <appender-ref ref="STDOUT" /> - <!-- <appender-ref ref="asyncEELFDebug" /> --> - </root> - -</configuration>
\ No newline at end of file diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/auth/client-cert-onap.p12 b/kubernetes/aai/components/aai-sparky-be/resources/config/auth/client-cert-onap.p12 Binary files differnew file mode 100644 index 0000000000..aa4ae74272 --- /dev/null +++ b/kubernetes/aai/components/aai-sparky-be/resources/config/auth/client-cert-onap.p12 diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/auth/org.onap.aai.p12 b/kubernetes/aai/components/aai-sparky-be/resources/config/auth/org.onap.aai.p12 Binary files differnew file mode 100644 index 0000000000..b2449c6a54 --- /dev/null +++ b/kubernetes/aai/components/aai-sparky-be/resources/config/auth/org.onap.aai.p12 diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties index 7a0fb8250b..2592e5ca7c 100644 --- a/kubernetes/aai/components/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties +++ b/kubernetes/aai/components/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties @@ -46,4 +46,4 @@ ext_req_connection_timeout=15000 ext_req_read_timeout=20000 #Add AAF namespace if the app is centralized -auth_namespace={{ .Values.certInitializer.fqi_namespace }} +auth_namespace={{.Values.config.aafNamespace}} diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/portal/cadi.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/portal/cadi.properties index baefd9806b..1f154b6101 100644 --- a/kubernetes/aai/components/aai-sparky-be/resources/config/portal/cadi.properties +++ b/kubernetes/aai/components/aai-sparky-be/resources/config/portal/cadi.properties @@ -6,18 +6,14 @@ aaf_url=<%=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.service:2.1 # AAF Environment Designation #if you are running aaf service from a docker image you have to use aaf service IP and port number -aaf_id={{ .Values.certInitializer.fqi }} +aaf_id={{.Values.config.aafUsername}} #Encrypt the password using AAF Jar -aaf_password={{ .Values.certInitializer.aafDeployPass }} +aaf_password={{.Values.config.aafPassword}} # Sample CADI Properties, from CADI 1.4.2 #hostname=org.onap.aai.orr csp_domain=PROD # Add Absolute path to Keyfile -cadi_keyfile={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.keyfile -cadi_keystore={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12 -cadi_keystore_password=${KEYSTORE_PASSWORD} - -cadi_alias={{ .Values.certInitializer.fqi }} +cadi_keyfile={{.Values.config.cadiKeyFile}} # This is required to accept Certificate Authentication from Certman certificates. # can be TEST, IST or PROD @@ -27,9 +23,9 @@ aaf_env=DEV cadi_loglevel=DEBUG # Add Absolute path to truststore2018.jks -cadi_truststore={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks +cadi_truststore={{.Values.config.cadiTrustStore}} # Note: This is the ONLY password that doesn't have to be encrypted. All Java's TrustStores are this passcode by default, because they are public certs -cadi_truststore_password=${TRUSTSTORE_PASSWORD} +cadi_truststore_password={{.Values.config.cadiTrustStorePassword}} # how to turn on SSL Logging #javax.net.debug=ssl diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/roles.config b/kubernetes/aai/components/aai-sparky-be/resources/config/roles.config index df41395058..df41395058 100644 --- a/kubernetes/aai/components/aai-sparky-be/resources/config/application/roles.config +++ b/kubernetes/aai/components/aai-sparky-be/resources/config/roles.config diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/users.config b/kubernetes/aai/components/aai-sparky-be/resources/config/users.config index ce69e88918..ce69e88918 100644 --- a/kubernetes/aai/components/aai-sparky-be/resources/config/application/users.config +++ b/kubernetes/aai/components/aai-sparky-be/resources/config/users.config diff --git a/kubernetes/aai/components/aai-sparky-be/templates/configmap.yaml b/kubernetes/aai/components/aai-sparky-be/templates/configmap.yaml index fee07d8acf..162e96b0dc 100644 --- a/kubernetes/aai/components/aai-sparky-be/templates/configmap.yaml +++ b/kubernetes/aai/components/aai-sparky-be/templates/configmap.yaml @@ -14,6 +14,25 @@ # limitations under the License. */}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-prop + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ include "common.release" . }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/application-resources.properties").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/application-ssl.properties").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/application-oxm-default.properties").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/application-oxm-override.properties").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/application-oxm-schema-prod.properties").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/roles.config").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/users.config").AsConfig . | indent 2 }} --- apiVersion: v1 kind: ConfigMap @@ -26,7 +45,7 @@ metadata: release: {{ include "common.release" . }} heritage: {{ .Release.Service }} data: -{{ tpl (.Files.Glob "resources/config/application/*").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} --- apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml b/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml index 51d577ba91..6e74526ddc 100644 --- a/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml @@ -38,29 +38,7 @@ spec: release: {{ include "common.release" . }} name: {{ include "common.name" . }} spec: - initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }} - - command: - - sh - args: - - -c - - | - echo "*** retrieve Truststore and Keystore password" - export $(cat {{ .Values.certInitializer.credsPath }}/mycreds.prop \ - | xargs -0) - echo "*** write them in portal part" - cd /config-input - for PFILE in `ls -1 .` - do - envsubst <${PFILE} >/config/${PFILE} - done - volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }} - - mountPath: /config-input - name: portal-config-input - - mountPath: /config - name: portal-config - image: {{ include "repositoryGenerator.image.envsubst" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-update-config + initContainers: - command: - /app/ready.py args: @@ -79,56 +57,68 @@ spec: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - sh - args: - - -c - - | - echo "*** retrieve Truststore and Keystore password" - export $(cat {{ .Values.certInitializer.credsPath }}/mycreds.prop \ - | xargs -0) - echo "*** actual launch of AAI Sparky BE" - /opt/app/sparky/bin/start.sh - volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }} + + volumeMounts: - mountPath: /etc/localtime name: localtime readOnly: true + - mountPath: /opt/app/sparky/config/auth/client-cert-onap.p12 + name: {{ include "common.fullname" . }}-auth-config + subPath: client-cert-onap.p12 + - mountPath: /opt/app/sparky/config/auth/csp-cookie-filter.properties - name: auth-config + name: {{ include "common.fullname" . }}-auth-config subPath: csp-cookie-filter.properties + + - mountPath: /opt/app/sparky/config/auth/org.onap.aai.p12 + name: {{ include "common.fullname" . }}-auth-config + subPath: org.onap.aai.p12 + + - mountPath: /opt/app/sparky/config/auth/truststoreONAPall.jks + name: aai-common-aai-auth-mount + subPath: truststoreONAPall.jks + - mountPath: /opt/app/sparky/config/portal/ - name: portal-config + name: {{ include "common.fullname" . }}-portal-config + - mountPath: /opt/app/sparky/config/portal/BOOT-INF/classes/ - name: portal-config-props + name: {{ include "common.fullname" . }}-portal-config-props + - mountPath: /var/log/onap - name: logs + name: {{ include "common.fullname" . }}-logs + - mountPath: /opt/app/sparky/config/application.properties - name: config + name: {{ include "common.fullname" . }}-properties subPath: application.properties + - mountPath: /opt/app/sparky/config/application-resources.properties - name: config + name: {{ include "common.fullname" . }}-properties subPath: application-resources.properties + - mountPath: /opt/app/sparky/config/application-ssl.properties - name: config + name: {{ include "common.fullname" . }}-properties subPath: application-ssl.properties + - mountPath: /opt/app/sparky/config/application-oxm-default.properties - name: config + name: {{ include "common.fullname" . }}-properties subPath: application-oxm-default.properties + - mountPath: /opt/app/sparky/config/application-oxm-override.properties - name: config + name: {{ include "common.fullname" . }}-properties subPath: application-oxm-override.properties + - mountPath: /opt/app/sparky/config/application-oxm-schema-prod.properties - name: config + name: {{ include "common.fullname" . }}-properties subPath: application-oxm-schema-prod.properties + - mountPath: /opt/app/sparky/config/roles.config - name: config + name: {{ include "common.fullname" . }}-properties subPath: roles.config + - mountPath: /opt/app/sparky/config/users.config - name: config + name: {{ include "common.fullname" . }}-properties subPath: users.config - - mountPath: /opt/app/sparky/config/logging/logback.xml - name: config - subPath: logback.xml + ports: - containerPort: {{ .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger @@ -165,35 +155,45 @@ spec: subPath: filebeat.yml name: filebeat-conf - mountPath: /var/log/onap - name: logs + name: {{ include "common.fullname" . }}-logs - mountPath: /usr/share/filebeat/data name: aai-sparky-filebeat resources: {{ include "common.resources" . }} - volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }} + volumes: - name: localtime hostPath: path: /etc/localtime - - name: config + + - name: {{ include "common.fullname" . }}-properties + configMap: + name: {{ include "common.fullname" . }}-prop + + - name: {{ include "common.fullname" . }}-config configMap: name: {{ include "common.fullname" . }} - - name: portal-config - emptyDir: - medium: Memory - - name: portal-config-input + + - name: {{ include "common.fullname" . }}-portal-config configMap: name: {{ include "common.fullname" . }}-portal - - name: portal-config-props + + - name: {{ include "common.fullname" . }}-portal-config-props configMap: name: {{ include "common.fullname" . }}-portal-props - - name: auth-config + + - name: {{ include "common.fullname" . }}-auth-config secret: secretName: {{ include "common.fullname" . }} + + - name: aai-common-aai-auth-mount + secret: + secretName: aai-common-aai-auth + - name: filebeat-conf configMap: name: aai-filebeat - - name: logs + - name: {{ include "common.fullname" . }}-logs emptyDir: {} - name: aai-sparky-filebeat emptyDir: {} diff --git a/kubernetes/aai/components/aai-sparky-be/values.yaml b/kubernetes/aai/components/aai-sparky-be/values.yaml index 147feb13c8..ed21030dc8 100644 --- a/kubernetes/aai/components/aai-sparky-be/values.yaml +++ b/kubernetes/aai/components/aai-sparky-be/values.yaml @@ -27,45 +27,6 @@ global: # global defaults searchData: serviceName: aai-search-data - -################################################################# -# Certificate configuration -################################################################# -certInitializer: - nameOverride: aai-sparky-cert-initializer - aafDeployFqi: deployer@people.osaaf.org - aafDeployPass: demo123456! - # aafDeployCredsExternalSecret: some secret - fqdn: "aai" - app_ns: "org.osaaf.aaf" - fqi_namespace: "org.onap.aai" - fqi: "aai@aai.onap.org" - public_fqdn: "aaf.osaaf.org" - cadi_longitude: "0.0" - cadi_latitude: "0.0" - credsPath: /opt/app/osaaf/local - aaf_add_config: | - echo "*** changing passwords into shell safe ones" - export KEYSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) - export TRUSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) - cd {{ .Values.credsPath }} - keytool -storepasswd -new "${KEYSTORE_PASSWD}" \ - -storepass "${cadi_keystore_password_jks}" \ - -keystore {{ .Values.fqi_namespace }}.jks - keytool -storepasswd -new "${TRUSTORE_PASSWD}" \ - -storepass "${cadi_truststore_password}" \ - -keystore {{ .Values.fqi_namespace }}.trust.jks - echo "*** set key password as same password as keystore password" - keytool -keypasswd -new "${KEYSTORE_PASSWD}" \ - -keystore {{ .Values.fqi_namespace }}.jks \ - -keypass "${cadi_keystore_password_jks}" \ - -storepass "${KEYSTORE_PASSWD}" -alias {{ .Values.fqi }} - echo "*** save the generated passwords" - echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWD}" > mycreds.prop - echo "TRUSTSTORE_PASSWORD=${TRUSTORE_PASSWD}" >> mycreds.prop - echo "*** change ownership of certificates to targeted user" - chown -R 1000 {{ .Values.credsPath }} - # application image image: onap/sparky-be:2.0.2 pullPolicy: Always @@ -83,7 +44,13 @@ config: portalPassword: OBF:1t2v1vfv1unz1vgz1t3b portalCookieName: UserId portalAppRoles: ui_view + aafUsername: aai@aai.onap.org + aafNamespace: org.onap.aai + aafPassword: enc:xxYw1FqXU5UpianbPeH5Rezg0YfjzuwQrSiLcCmJGfz + cadiKeyFile: /opt/app/sparky/config/portal/keyFile + cadiTrustStore: /opt/app/sparky/config/auth/truststoreONAPall.jks cadiFileLocation: /opt/app/sparky/config/portal/cadi.properties + cadiTrustStorePassword: changeit cookieDecryptorClass: org.onap.aai.sparky.security.BaseCookieDecryptor # ONAP Cookie Processing - During initial development, the following flag, if true, will diff --git a/kubernetes/common/certInitializer/templates/_certInitializer.yaml b/kubernetes/common/certInitializer/templates/_certInitializer.yaml index a46400b911..414192e2bc 100644 --- a/kubernetes/common/certInitializer/templates/_certInitializer.yaml +++ b/kubernetes/common/certInitializer/templates/_certInitializer.yaml @@ -67,9 +67,8 @@ - sh - -c - | - #!/usr/bin/env bash /opt/app/aaf_config/bin/agent.sh - source /opt/app/aaf_config/bin/retrieval_check.sh + . /opt/app/aaf_config/bin/retrieval_check.sh {{- if $initRoot.aaf_add_config }} /opt/app/aaf_config/bin/aaf-add-config.sh {{- end }} diff --git a/kubernetes/common/etcd/templates/statefulset.yaml b/kubernetes/common/etcd/templates/statefulset.yaml index e39b8c4ca2..a343d4fce5 100644 --- a/kubernetes/common/etcd/templates/statefulset.yaml +++ b/kubernetes/common/etcd/templates/statefulset.yaml @@ -184,7 +184,7 @@ spec: fi cat /var/run/etcd/new_member_envs - source /var/run/etcd/new_member_envs + . /var/run/etcd/new_member_envs collect_member & diff --git a/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml b/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml index 10c2a054e7..586f468334 100755 --- a/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml +++ b/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml @@ -71,7 +71,7 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["sh","-c"] args: ["if [ -f {{ .Values.certInitializer.credsPath }}/.ci ]; then \ - source {{ .Values.certInitializer.credsPath }}/.ci; fi;\ + . {{ .Values.certInitializer.credsPath }}/.ci; fi;\ /opt/app/policy/apex-pdp/bin/apexOnapPf.sh -c /home/apexuser/config/OnapPfConfig.json"] ports: - containerPort: {{ .Values.service.externalPort }} diff --git a/kubernetes/so/components/so-mariadb/resources/config/docker-entrypoint-initdb.d/01-create-camundabpmn.sh b/kubernetes/so/components/so-mariadb/resources/config/docker-entrypoint-initdb.d/01-create-camundabpmn.sh index 72963d9efc..fc5f905df7 100755 --- a/kubernetes/so/components/so-mariadb/resources/config/docker-entrypoint-initdb.d/01-create-camundabpmn.sh +++ b/kubernetes/so/components/so-mariadb/resources/config/docker-entrypoint-initdb.d/01-create-camundabpmn.sh @@ -36,7 +36,7 @@ EOF cd /docker-entrypoint-initdb.d/db-sql-scripts -mysql -uroot -p$MYSQL_ROOT_PASSWORD -f < mariadb_engine_7.10.0.sql || exit 1 -mysql -uroot -p$MYSQL_ROOT_PASSWORD -f < mariadb_identity_7.10.0.sql || exit 1 +mysql -uroot -p$MYSQL_ROOT_PASSWORD -f < mariadb_engine_7.14.0.sql || exit 1 +mysql -uroot -p$MYSQL_ROOT_PASSWORD -f < mariadb_identity_7.14.0.sql || exit 1 echo "Created camundabpmn database . . ." 1>>/tmp/mariadb-camundabpmn.log 2>&1 diff --git a/kubernetes/so/components/so-mariadb/resources/config/docker-entrypoint-initdb.d/db-sql-scripts/mariadb_engine_7.10.0.sql b/kubernetes/so/components/so-mariadb/resources/config/docker-entrypoint-initdb.d/db-sql-scripts/mariadb_engine_7.14.0.sql index 41377fb9eb..e0ae386119 100644 --- a/kubernetes/so/components/so-mariadb/resources/config/docker-entrypoint-initdb.d/db-sql-scripts/mariadb_engine_7.10.0.sql +++ b/kubernetes/so/components/so-mariadb/resources/config/docker-entrypoint-initdb.d/db-sql-scripts/mariadb_engine_7.14.0.sql @@ -1,8 +1,9 @@ -- --- Copyright © 2012 - 2018 camunda services GmbH and various authors (info@camunda.com) --- --- Licensed under the Apache License, Version 2.0 (the "License"); --- you may not use this file except in compliance with the License. +-- Copyright Camunda Services GmbH and/or licensed to Camunda Services GmbH +-- under one or more contributor license agreements. See the NOTICE file +-- distributed with this work for additional information regarding copyright +-- ownership. Camunda licenses this file to you under the Apache License, +-- Version 2.0; you may not use this file except in compliance with the License. -- You may obtain a copy of the License at -- -- http://www.apache.org/licenses/LICENSE-2.0 @@ -41,6 +42,12 @@ values ('history.cleanup.job.lock', '0', 1); insert into ACT_GE_PROPERTY values ('startup.lock', '0', 1); +insert into ACT_GE_PROPERTY +values ('telemetry.lock', '0', 1); + +insert into ACT_GE_PROPERTY +values ('installationId.lock', '0', 1); + create table ACT_GE_BYTEARRAY ( ID_ varchar(64), REV_ integer, @@ -56,10 +63,20 @@ create table ACT_GE_BYTEARRAY ( primary key (ID_) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; +create table ACT_GE_SCHEMA_LOG ( + ID_ varchar(64), + TIMESTAMP_ datetime(3), + VERSION_ varchar(255), + primary key (ID_) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; + +insert into ACT_GE_SCHEMA_LOG +values ('0', CURRENT_TIMESTAMP, '7.14.0'); + create table ACT_RE_DEPLOYMENT ( ID_ varchar(64), NAME_ varchar(255), - DEPLOY_TIME_ timestamp(3), + DEPLOY_TIME_ datetime(3), SOURCE_ varchar(255), TENANT_ID_ varchar(64), primary key (ID_) @@ -93,7 +110,7 @@ create table ACT_RU_JOB ( ID_ varchar(64) NOT NULL, REV_ integer, TYPE_ varchar(255) NOT NULL, - LOCK_EXP_TIME_ timestamp(3) NULL, + LOCK_EXP_TIME_ datetime(3) NULL, LOCK_OWNER_ varchar(255), EXCLUSIVE_ boolean, EXECUTION_ID_ varchar(64), @@ -103,8 +120,10 @@ create table ACT_RU_JOB ( RETRIES_ integer, EXCEPTION_STACK_ID_ varchar(64), EXCEPTION_MSG_ varchar(4000), - DUEDATE_ timestamp(3) NULL, + FAILED_ACT_ID_ varchar(255), + DUEDATE_ datetime(3) NULL, REPEAT_ varchar(255), + REPEAT_OFFSET_ bigint DEFAULT 0, HANDLER_TYPE_ varchar(255), HANDLER_CFG_ varchar(4000), DEPLOYMENT_ID_ varchar(64), @@ -128,6 +147,7 @@ create table ACT_RU_JOBDEF ( SUSPENSION_STATE_ integer, JOB_PRIORITY_ bigint, TENANT_ID_ varchar(64), + DEPLOYMENT_ID_ varchar(64), primary key (ID_) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; @@ -167,7 +187,7 @@ create table ACT_RU_TASK ( ASSIGNEE_ varchar(255), DELEGATION_ varchar(64), PRIORITY_ integer, - CREATE_TIME_ timestamp(3), + CREATE_TIME_ datetime(3), DUE_DATE_ datetime(3), FOLLOW_UP_DATE_ datetime(3), SUSPENSION_STATE_ integer, @@ -194,14 +214,16 @@ create table ACT_RU_VARIABLE ( NAME_ varchar(255) not null, EXECUTION_ID_ varchar(64), PROC_INST_ID_ varchar(64), + PROC_DEF_ID_ varchar(64), CASE_EXECUTION_ID_ varchar(64), CASE_INST_ID_ varchar(64), TASK_ID_ varchar(64), + BATCH_ID_ varchar(64), BYTEARRAY_ID_ varchar(64), DOUBLE_ double, LONG_ bigint, - TEXT_ LONGBLOB, - TEXT2_ LONGBLOB, + TEXT_ varchar(4000), + TEXT2_ varchar(4000), VAR_SCOPE_ varchar(64) not null, SEQUENCE_COUNTER_ bigint, IS_CONCURRENT_LOCAL_ TINYINT, @@ -218,7 +240,7 @@ create table ACT_RU_EVENT_SUBSCR ( PROC_INST_ID_ varchar(64), ACTIVITY_ID_ varchar(255), CONFIGURATION_ varchar(255), - CREATED_ timestamp(3) not null, + CREATED_ datetime(3) not null, TENANT_ID_ varchar(64), primary key (ID_) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; @@ -226,11 +248,12 @@ create table ACT_RU_EVENT_SUBSCR ( create table ACT_RU_INCIDENT ( ID_ varchar(64) not null, REV_ integer not null, - INCIDENT_TIMESTAMP_ timestamp(3) not null, + INCIDENT_TIMESTAMP_ datetime(3) not null, INCIDENT_MSG_ varchar(4000), INCIDENT_TYPE_ varchar(255) not null, EXECUTION_ID_ varchar(64), ACTIVITY_ID_ varchar(255), + FAILED_ACTIVITY_ID_ varchar(255), PROC_INST_ID_ varchar(64), PROC_DEF_ID_ varchar(64), CAUSE_INCIDENT_ID_ varchar(64), @@ -250,6 +273,8 @@ create table ACT_RU_AUTHORIZATION ( RESOURCE_TYPE_ integer not null, RESOURCE_ID_ varchar(255), PERMS_ integer, + REMOVAL_TIME_ datetime(3), + ROOT_PROC_INST_ID_ varchar(64), primary key (ID_) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; @@ -269,7 +294,7 @@ create table ACT_RU_METER_LOG ( NAME_ varchar(64) not null, REPORTER_ varchar(255), VALUE_ bigint, - TIMESTAMP_ timestamp(3), + TIMESTAMP_ datetime(3), MILLISECONDS_ bigint DEFAULT 0, primary key (ID_) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; @@ -282,7 +307,7 @@ create table ACT_RU_EXT_TASK ( RETRIES_ integer, ERROR_MSG_ varchar(4000), ERROR_DETAILS_ID_ varchar(64), - LOCK_EXP_TIME_ timestamp(3) NULL, + LOCK_EXP_TIME_ datetime(3) NULL, SUSPENSION_STATE_ integer, EXECUTION_ID_ varchar(64), PROC_INST_ID_ varchar(64), @@ -318,13 +343,17 @@ create index ACT_IDX_EXEC_BUSKEY on ACT_RU_EXECUTION(BUSINESS_KEY_); create index ACT_IDX_EXEC_TENANT_ID on ACT_RU_EXECUTION(TENANT_ID_); create index ACT_IDX_TASK_CREATE on ACT_RU_TASK(CREATE_TIME_); create index ACT_IDX_TASK_ASSIGNEE on ACT_RU_TASK(ASSIGNEE_); +create index ACT_IDX_TASK_OWNER on ACT_RU_TASK(OWNER_); create index ACT_IDX_TASK_TENANT_ID on ACT_RU_TASK(TENANT_ID_); create index ACT_IDX_IDENT_LNK_USER on ACT_RU_IDENTITYLINK(USER_ID_); create index ACT_IDX_IDENT_LNK_GROUP on ACT_RU_IDENTITYLINK(GROUP_ID_); create index ACT_IDX_EVENT_SUBSCR_CONFIG_ on ACT_RU_EVENT_SUBSCR(CONFIGURATION_); create index ACT_IDX_EVENT_SUBSCR_TENANT_ID on ACT_RU_EVENT_SUBSCR(TENANT_ID_); + create index ACT_IDX_VARIABLE_TASK_ID on ACT_RU_VARIABLE(TASK_ID_); create index ACT_IDX_VARIABLE_TENANT_ID on ACT_RU_VARIABLE(TENANT_ID_); +create index ACT_IDX_VARIABLE_TASK_NAME_TYPE on ACT_RU_VARIABLE(TASK_ID_, NAME_, TYPE_); + create index ACT_IDX_ATHRZ_PROCEDEF on ACT_RU_IDENTITYLINK(PROC_DEF_ID_); create index ACT_IDX_INC_CONFIGURATION on ACT_RU_INCIDENT(CONFIGURATION_); create index ACT_IDX_INC_TENANT_ID on ACT_RU_INCIDENT(TENANT_ID_); @@ -498,6 +527,12 @@ alter table ACT_RU_BATCH foreign key (BATCH_JOB_DEF_ID_) references ACT_RU_JOBDEF (ID_); +create index ACT_IDX_BATCH_ID ON ACT_RU_VARIABLE(BATCH_ID_); +alter table ACT_RU_VARIABLE + add constraint ACT_FK_VAR_BATCH + foreign key (BATCH_ID_) + references ACT_RU_BATCH (ID_); + -- indexes for deadlock problems - https://app.camunda.com/jira/browse/CAM-2567 -- create index ACT_IDX_INC_CAUSEINCID on ACT_RU_INCIDENT(CAUSE_INCIDENT_ID_); create index ACT_IDX_INC_EXID on ACT_RU_INCIDENT(EXECUTION_ID_); @@ -521,11 +556,16 @@ create index ACT_IDX_EVENT_SUBSCR_EVT_NAME ON ACT_RU_EVENT_SUBSCR(EVENT_NAME_); create index ACT_IDX_PROCDEF_DEPLOYMENT_ID ON ACT_RE_PROCDEF(DEPLOYMENT_ID_); create index ACT_IDX_PROCDEF_TENANT_ID ON ACT_RE_PROCDEF(TENANT_ID_); create index ACT_IDX_PROCDEF_VER_TAG ON ACT_RE_PROCDEF(VERSION_TAG_); + +-- indices for history cleanup: https://jira.camunda.com/browse/CAM-11616 +create index ACT_IDX_AUTH_ROOT_PI on ACT_RU_AUTHORIZATION(ROOT_PROC_INST_ID_); +create index ACT_IDX_AUTH_RM_TIME on ACT_RU_AUTHORIZATION(REMOVAL_TIME_); -- --- Copyright © 2012 - 2018 camunda services GmbH and various authors (info@camunda.com) --- --- Licensed under the Apache License, Version 2.0 (the "License"); --- you may not use this file except in compliance with the License. +-- Copyright Camunda Services GmbH and/or licensed to Camunda Services GmbH +-- under one or more contributor license agreements. See the NOTICE file +-- distributed with this work for additional information regarding copyright +-- ownership. Camunda licenses this file to you under the Apache License, +-- Version 2.0; you may not use this file except in compliance with the License. -- You may obtain a copy of the License at -- -- http://www.apache.org/licenses/LICENSE-2.0 @@ -648,10 +688,11 @@ alter table ACT_RU_CASE_SENTRY_PART create index ACT_IDX_CASE_DEF_TENANT_ID on ACT_RE_CASE_DEF(TENANT_ID_); create index ACT_IDX_CASE_EXEC_TENANT_ID on ACT_RU_CASE_EXECUTION(TENANT_ID_); -- --- Copyright © 2012 - 2018 camunda services GmbH and various authors (info@camunda.com) --- --- Licensed under the Apache License, Version 2.0 (the "License"); --- you may not use this file except in compliance with the License. +-- Copyright Camunda Services GmbH and/or licensed to Camunda Services GmbH +-- under one or more contributor license agreements. See the NOTICE file +-- distributed with this work for additional information regarding copyright +-- ownership. Camunda licenses this file to you under the Apache License, +-- Version 2.0; you may not use this file except in compliance with the License. -- You may obtain a copy of the License at -- -- http://www.apache.org/licenses/LICENSE-2.0 @@ -706,10 +747,11 @@ create index ACT_IDX_DEC_DEF_TENANT_ID on ACT_RE_DECISION_DEF(TENANT_ID_); create index ACT_IDX_DEC_DEF_REQ_ID on ACT_RE_DECISION_DEF(DEC_REQ_ID_); create index ACT_IDX_DEC_REQ_DEF_TENANT_ID on ACT_RE_DECISION_REQ_DEF(TENANT_ID_); -- --- Copyright © 2012 - 2018 camunda services GmbH and various authors (info@camunda.com) --- --- Licensed under the Apache License, Version 2.0 (the "License"); --- you may not use this file except in compliance with the License. +-- Copyright Camunda Services GmbH and/or licensed to Camunda Services GmbH +-- under one or more contributor license agreements. See the NOTICE file +-- distributed with this work for additional information regarding copyright +-- ownership. Camunda licenses this file to you under the Apache License, +-- Version 2.0; you may not use this file except in compliance with the License. -- You may obtain a copy of the License at -- -- http://www.apache.org/licenses/LICENSE-2.0 @@ -759,7 +801,7 @@ create table ACT_HI_ACTINST ( CALL_CASE_INST_ID_ varchar(64), ACT_NAME_ varchar(255), ACT_TYPE_ varchar(255) not null, - ASSIGNEE_ varchar(64), + ASSIGNEE_ varchar(255), START_TIME_ datetime(3) not null, END_TIME_ datetime(3), DURATION_ bigint, @@ -820,8 +862,8 @@ create table ACT_HI_VARINST ( BYTEARRAY_ID_ varchar(64), DOUBLE_ double, LONG_ bigint, - TEXT_ LONGBLOB, - TEXT2_ LONGBLOB, + TEXT_ varchar(4000), + TEXT2_ varchar(4000), TENANT_ID_ varchar(64), STATE_ varchar(20), REMOVAL_TIME_ datetime(3), @@ -850,12 +892,13 @@ create table ACT_HI_DETAIL ( BYTEARRAY_ID_ varchar(64), DOUBLE_ double, LONG_ bigint, - TEXT_ LONGBLOB, - TEXT2_ LONGBLOB, + TEXT_ varchar(4000), + TEXT2_ varchar(4000), SEQUENCE_COUNTER_ bigint, TENANT_ID_ varchar(64), OPERATION_ID_ varchar(64), REMOVAL_TIME_ datetime(3), + INITIAL_ boolean, primary key (ID_) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; @@ -935,6 +978,9 @@ create table ACT_HI_OP_LOG ( NEW_VALUE_ varchar(4000), TENANT_ID_ varchar(64), REMOVAL_TIME_ datetime(3), + CATEGORY_ varchar(64), + EXTERNAL_TASK_ID_ varchar(64), + ANNOTATION_ varchar(4000), primary key (ID_) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; @@ -950,9 +996,11 @@ create table ACT_HI_INCIDENT ( INCIDENT_MSG_ varchar(4000), INCIDENT_TYPE_ varchar(255) not null, ACTIVITY_ID_ varchar(255), + FAILED_ACTIVITY_ID_ varchar(255), CAUSE_INCIDENT_ID_ varchar(64), ROOT_CAUSE_INCIDENT_ID_ varchar(64), CONFIGURATION_ varchar(255), + HISTORY_CONFIGURATION_ varchar(255), INCIDENT_STATE_ integer, TENANT_ID_ varchar(64), JOB_DEF_ID_ varchar(64), @@ -962,9 +1010,9 @@ create table ACT_HI_INCIDENT ( create table ACT_HI_JOB_LOG ( ID_ varchar(64) not null, - TIMESTAMP_ timestamp(3) not null, + TIMESTAMP_ datetime(3) not null, JOB_ID_ varchar(64) not null, - JOB_DUEDATE_ timestamp(3) NULL, + JOB_DUEDATE_ datetime(3) NULL, JOB_RETRIES_ integer, JOB_PRIORITY_ bigint NOT NULL DEFAULT 0, JOB_EXCEPTION_MSG_ varchar(4000), @@ -974,6 +1022,7 @@ create table ACT_HI_JOB_LOG ( JOB_DEF_TYPE_ varchar(255), JOB_DEF_CONFIGURATION_ varchar(255), ACT_ID_ varchar(255), + FAILED_ACT_ID_ varchar(255), ROOT_PROC_INST_ID_ varchar(64), EXECUTION_ID_ varchar(64), PROCESS_INSTANCE_ID_ varchar(64), @@ -982,6 +1031,7 @@ create table ACT_HI_JOB_LOG ( DEPLOYMENT_ID_ varchar(64), SEQUENCE_COUNTER_ bigint, TENANT_ID_ varchar(64), + HOSTNAME_ varchar(255), REMOVAL_TIME_ datetime(3), primary key (ID_) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin; @@ -1036,7 +1086,7 @@ create index ACT_IDX_HI_PRO_INST_ROOT_PI on ACT_HI_PROCINST(ROOT_PROC_INST_ID_); create index ACT_IDX_HI_PRO_INST_RM_TIME on ACT_HI_PROCINST(REMOVAL_TIME_); create index ACT_IDX_HI_ACTINST_ROOT_PI on ACT_HI_ACTINST(ROOT_PROC_INST_ID_); -create index ACT_IDX_HI_ACT_INST_START on ACT_HI_ACTINST(START_TIME_); +create index ACT_IDX_HI_ACT_INST_START_END on ACT_HI_ACTINST(START_TIME_, END_TIME_); create index ACT_IDX_HI_ACT_INST_END on ACT_HI_ACTINST(END_TIME_); create index ACT_IDX_HI_ACT_INST_PROCINST on ACT_HI_ACTINST(PROC_INST_ID_, ACT_ID_); create index ACT_IDX_HI_ACT_INST_COMP on ACT_HI_ACTINST(EXECUTION_ID_, ACT_ID_, END_TIME_, ID_); @@ -1068,6 +1118,7 @@ create index ACT_IDX_HI_DETAIL_PROC_DEF_KEY on ACT_HI_DETAIL(PROC_DEF_KEY_); create index ACT_IDX_HI_DETAIL_BYTEAR on ACT_HI_DETAIL(BYTEARRAY_ID_); create index ACT_IDX_HI_DETAIL_RM_TIME on ACT_HI_DETAIL(REMOVAL_TIME_); create index ACT_IDX_HI_DETAIL_TASK_BYTEAR on ACT_HI_DETAIL(BYTEARRAY_ID_, TASK_ID_); +create index ACT_IDX_HI_DETAIL_VAR_INST_ID on ACT_HI_DETAIL(VAR_INST_ID_); create index ACT_IDX_HI_IDENT_LNK_ROOT_PI on ACT_HI_IDENTITYLINK(ROOT_PROC_INST_ID_); create index ACT_IDX_HI_IDENT_LNK_USER on ACT_HI_IDENTITYLINK(USER_ID_); @@ -1076,6 +1127,7 @@ create index ACT_IDX_HI_IDENT_LNK_TENANT_ID on ACT_HI_IDENTITYLINK(TENANT_ID_); create index ACT_IDX_HI_IDENT_LNK_PROC_DEF_KEY on ACT_HI_IDENTITYLINK(PROC_DEF_KEY_); create index ACT_IDX_HI_IDENT_LINK_TASK on ACT_HI_IDENTITYLINK(TASK_ID_); create index ACT_IDX_HI_IDENT_LINK_RM_TIME on ACT_HI_IDENTITYLINK(REMOVAL_TIME_); +create index ACT_IDX_HI_IDENT_LNK_TIMESTAMP on ACT_HI_IDENTITYLINK(TIMESTAMP_); create index ACT_IDX_HI_VARINST_ROOT_PI on ACT_HI_VARINST(ROOT_PROC_INST_ID_); create index ACT_IDX_HI_PROCVAR_PROC_INST on ACT_HI_VARINST(PROC_INST_ID_); @@ -1085,12 +1137,15 @@ create index ACT_IDX_HI_VAR_INST_TENANT_ID on ACT_HI_VARINST(TENANT_ID_); create index ACT_IDX_HI_VAR_INST_PROC_DEF_KEY on ACT_HI_VARINST(PROC_DEF_KEY_); create index ACT_IDX_HI_VARINST_BYTEAR on ACT_HI_VARINST(BYTEARRAY_ID_); create index ACT_IDX_HI_VARINST_RM_TIME on ACT_HI_VARINST(REMOVAL_TIME_); +create index ACT_IDX_HI_VAR_PI_NAME_TYPE on ACT_HI_VARINST(PROC_INST_ID_, NAME_, VAR_TYPE_); create index ACT_IDX_HI_INCIDENT_TENANT_ID on ACT_HI_INCIDENT(TENANT_ID_); create index ACT_IDX_HI_INCIDENT_PROC_DEF_KEY on ACT_HI_INCIDENT(PROC_DEF_KEY_); create index ACT_IDX_HI_INCIDENT_ROOT_PI on ACT_HI_INCIDENT(ROOT_PROC_INST_ID_); create index ACT_IDX_HI_INCIDENT_PROCINST on ACT_HI_INCIDENT(PROC_INST_ID_); create index ACT_IDX_HI_INCIDENT_RM_TIME on ACT_HI_INCIDENT(REMOVAL_TIME_); +create index ACT_IDX_HI_INCIDENT_CREATE_TIME on ACT_HI_INCIDENT(CREATE_TIME_); +create index ACT_IDX_HI_INCIDENT_END_TIME on ACT_HI_INCIDENT(END_TIME_); create index ACT_IDX_HI_JOB_LOG_ROOT_PI on ACT_HI_JOB_LOG(ROOT_PROC_INST_ID_); create index ACT_IDX_HI_JOB_LOG_PROCINST on ACT_HI_JOB_LOG(PROCESS_INSTANCE_ID_); @@ -1100,6 +1155,7 @@ create index ACT_IDX_HI_JOB_LOG_JOB_DEF_ID on ACT_HI_JOB_LOG(JOB_DEF_ID_); create index ACT_IDX_HI_JOB_LOG_PROC_DEF_KEY on ACT_HI_JOB_LOG(PROCESS_DEF_KEY_); create index ACT_IDX_HI_JOB_LOG_EX_STACK on ACT_HI_JOB_LOG(JOB_EXCEPTION_STACK_ID_); create index ACT_IDX_HI_JOB_LOG_RM_TIME on ACT_HI_JOB_LOG(REMOVAL_TIME_); +create index ACT_IDX_HI_JOB_LOG_JOB_CONF on ACT_HI_JOB_LOG(JOB_DEF_CONFIGURATION_); create index ACT_HI_BAT_RM_TIME on ACT_HI_BATCH(REMOVAL_TIME_); @@ -1117,6 +1173,9 @@ create index ACT_IDX_HI_OP_LOG_PROCDEF on ACT_HI_OP_LOG(PROC_DEF_ID_); create index ACT_IDX_HI_OP_LOG_TASK on ACT_HI_OP_LOG(TASK_ID_); create index ACT_IDX_HI_OP_LOG_RM_TIME on ACT_HI_OP_LOG(REMOVAL_TIME_); create index ACT_IDX_HI_OP_LOG_TIMESTAMP on ACT_HI_OP_LOG(TIMESTAMP_); +create index ACT_IDX_HI_OP_LOG_USER_ID on ACT_HI_OP_LOG(USER_ID_); +create index ACT_IDX_HI_OP_LOG_OP_TYPE on ACT_HI_OP_LOG(OPERATION_TYPE_); +create index ACT_IDX_HI_OP_LOG_ENTITY_TYPE on ACT_HI_OP_LOG(ENTITY_TYPE_); create index ACT_IDX_HI_COMMENT_TASK on ACT_HI_COMMENT(TASK_ID_); create index ACT_IDX_HI_COMMENT_ROOT_PI on ACT_HI_COMMENT(ROOT_PROC_INST_ID_); @@ -1129,10 +1188,11 @@ create index ACT_IDX_HI_ATTACHMENT_PROCINST on ACT_HI_ATTACHMENT(PROC_INST_ID_); create index ACT_IDX_HI_ATTACHMENT_TASK on ACT_HI_ATTACHMENT(TASK_ID_); create index ACT_IDX_HI_ATTACHMENT_RM_TIME on ACT_HI_ATTACHMENT(REMOVAL_TIME_); -- --- Copyright © 2012 - 2018 camunda services GmbH and various authors (info@camunda.com) --- --- Licensed under the Apache License, Version 2.0 (the "License"); --- you may not use this file except in compliance with the License. +-- Copyright Camunda Services GmbH and/or licensed to Camunda Services GmbH +-- under one or more contributor license agreements. See the NOTICE file +-- distributed with this work for additional information regarding copyright +-- ownership. Camunda licenses this file to you under the Apache License, +-- Version 2.0; you may not use this file except in compliance with the License. -- You may obtain a copy of the License at -- -- http://www.apache.org/licenses/LICENSE-2.0 @@ -1190,10 +1250,11 @@ create index ACT_IDX_HI_CAS_A_I_COMP on ACT_HI_CASEACTINST(CASE_ACT_ID_, END_TIM create index ACT_IDX_HI_CAS_A_I_CASEINST on ACT_HI_CASEACTINST(CASE_INST_ID_, CASE_ACT_ID_); create index ACT_IDX_HI_CAS_A_I_TENANT_ID on ACT_HI_CASEACTINST(TENANT_ID_); -- --- Copyright © 2012 - 2018 camunda services GmbH and various authors (info@camunda.com) --- --- Licensed under the Apache License, Version 2.0 (the "License"); --- you may not use this file except in compliance with the License. +-- Copyright Camunda Services GmbH and/or licensed to Camunda Services GmbH +-- under one or more contributor license agreements. See the NOTICE file +-- distributed with this work for additional information regarding copyright +-- ownership. Camunda licenses this file to you under the Apache License, +-- Version 2.0; you may not use this file except in compliance with the License. -- You may obtain a copy of the License at -- -- http://www.apache.org/licenses/LICENSE-2.0 @@ -1241,8 +1302,8 @@ create table ACT_HI_DEC_IN ( BYTEARRAY_ID_ varchar(64), DOUBLE_ double, LONG_ bigint, - TEXT_ LONGBLOB, - TEXT2_ LONGBLOB, + TEXT_ varchar(4000), + TEXT2_ varchar(4000), TENANT_ID_ varchar(64), CREATE_TIME_ datetime(3), ROOT_PROC_INST_ID_ varchar(64), @@ -1263,8 +1324,8 @@ create table ACT_HI_DEC_OUT ( BYTEARRAY_ID_ varchar(64), DOUBLE_ double, LONG_ bigint, - TEXT_ LONGBLOB, - TEXT2_ LONGBLOB, + TEXT_ varchar(4000), + TEXT2_ varchar(4000), TENANT_ID_ varchar(64), CREATE_TIME_ datetime(3), ROOT_PROC_INST_ID_ varchar(64), diff --git a/kubernetes/so/components/so-mariadb/resources/config/docker-entrypoint-initdb.d/db-sql-scripts/mariadb_identity_7.10.0.sql b/kubernetes/so/components/so-mariadb/resources/config/docker-entrypoint-initdb.d/db-sql-scripts/mariadb_identity_7.14.0.sql index 35cb979781..44bea24e2a 100644 --- a/kubernetes/so/components/so-mariadb/resources/config/docker-entrypoint-initdb.d/db-sql-scripts/mariadb_identity_7.10.0.sql +++ b/kubernetes/so/components/so-mariadb/resources/config/docker-entrypoint-initdb.d/db-sql-scripts/mariadb_identity_7.14.0.sql @@ -1,8 +1,9 @@ -- --- Copyright © 2012 - 2018 camunda services GmbH and various authors (info@camunda.com) --- --- Licensed under the Apache License, Version 2.0 (the "License"); --- you may not use this file except in compliance with the License. +-- Copyright Camunda Services GmbH and/or licensed to Camunda Services GmbH +-- under one or more contributor license agreements. See the NOTICE file +-- distributed with this work for additional information regarding copyright +-- ownership. Camunda licenses this file to you under the Apache License, +-- Version 2.0; you may not use this file except in compliance with the License. -- You may obtain a copy of the License at -- -- http://www.apache.org/licenses/LICENSE-2.0 @@ -38,7 +39,7 @@ create table ACT_ID_USER ( EMAIL_ varchar(255), PWD_ varchar(255), SALT_ varchar(255), - LOCK_EXP_TIME_ timestamp(3) NULL, + LOCK_EXP_TIME_ datetime(3) NULL, ATTEMPTS_ integer, PICTURE_ID_ varchar(64), primary key (ID_) diff --git a/kubernetes/vnfsdk/values.yaml b/kubernetes/vnfsdk/values.yaml index 55eea0fa60..28a2ac419e 100644 --- a/kubernetes/vnfsdk/values.yaml +++ b/kubernetes/vnfsdk/values.yaml @@ -37,7 +37,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/vnfsdk/refrepo:1.6.2 +image: onap/vnfsdk/refrepo:1.6.3 pullPolicy: Always # application configuration override for postgres @@ -96,8 +96,8 @@ liveness: enabled: true readiness: - initialDelaySeconds: 10 - periodSeconds: 10 + initialDelaySeconds: 60 + periodSeconds: 30 service: type: NodePort |