diff options
15 files changed, 44 insertions, 21 deletions
diff --git a/kubernetes/common/postgres/templates/_deployment.tpl b/kubernetes/common/postgres/templates/_deployment.tpl index 38a7ce1f63..7d04501f24 100644 --- a/kubernetes/common/postgres/templates/_deployment.tpl +++ b/kubernetes/common/postgres/templates/_deployment.tpl @@ -58,6 +58,8 @@ spec: env: - name: PG_PRIMARY_USER value: primaryuser + - name: MODE + value: postgres - name: PG_PRIMARY_PASSWORD_INPUT {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" (include "common.postgres.secret.primaryPasswordUID" .) "key" "password") | indent 10 }} - name: PG_USER @@ -117,6 +119,8 @@ spec: value: /tmp - name: PG_PRIMARY_USER value: primaryuser + - name: MODE + value: postgres - name: PG_MODE value: {{ $pgMode }} - name: PG_PRIMARY_HOST diff --git a/kubernetes/common/repositoryGenerator/values.yaml b/kubernetes/common/repositoryGenerator/values.yaml index 559675689f..386ba9b490 100644 --- a/kubernetes/common/repositoryGenerator/values.yaml +++ b/kubernetes/common/repositoryGenerator/values.yaml @@ -32,7 +32,7 @@ global: loggingImage: beats/filebeat:5.5.0 mariadbImage: bitnami/mariadb:10.5.8 nginxImage: bitnami/nginx:1.18-debian-10 - postgresImage: crunchydata/crunchy-postgres:centos7-10.11-4.2.1 + postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1 readinessImage: onap/oom/readiness:3.0.1 # Default credentials diff --git a/kubernetes/cps/templates/deployment.yaml b/kubernetes/cps/templates/deployment.yaml index 4f87d206a7..59062cc0f8 100755 --- a/kubernetes/cps/templates/deployment.yaml +++ b/kubernetes/cps/templates/deployment.yaml @@ -1,6 +1,6 @@ {{/* # Copyright (C) 2021 Pantheon.tech, Orange -# Modifications Copyright (C) 2020 Bell Canada. All rights reserved. +# Modifications Copyright (C) 2021 Bell Canada. # Modifications Copyright (C) 2021 Nordix Foundation. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -70,6 +70,11 @@ spec: path: {{ .Values.readiness.path }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: CPS_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "login") | indent 12 }} + - name: CPS_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "password") | indent 12 }} resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | nindent 12 }} diff --git a/kubernetes/cps/values.yaml b/kubernetes/cps/values.yaml index 2c28231490..77ebb09dd9 100755 --- a/kubernetes/cps/values.yaml +++ b/kubernetes/cps/values.yaml @@ -1,4 +1,4 @@ -# Copyright (C) 2021 Pantheon.tech, Orange +# Copyright (C) 2021 Pantheon.tech, Orange, Bell Canada. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -29,6 +29,12 @@ secrets: login: '{{ .Values.postgres.config.pgUserName }}' password: '{{ .Values.postgres.config.pgUserPassword }}' passwordPolicy: generate + - uid: app-user-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.appUserExternalSecret) . }}' + login: '{{ .Values.config.appUserName }}' + password: '{{ .Values.config.appUserPassword }}' + passwordPolicy: generate ################################################################# # Global configuration defaults. @@ -44,10 +50,6 @@ global: image: onap/cps-and-nf-proxy:1.0.0 containerPort: &svc_port 8080 -config: - # Set it for pre loading xnfdata, else set to null - liquibaseLabels: xnf-data-preload - service: type: ClusterIP name: cps @@ -117,9 +119,20 @@ securityContext: ################################################################# # Application configuration defaults. ################################################################# + +config: + + # Set it for pre loading xnfdata, else set to null + liquibaseLabels: xnf-data-preload + + # REST API basic authentication credentials (passsword is generated if not provided) + appUserName: cpsuser + #appUserPassword: + logging: level: INFO path: /tmp + ################################################################# # Postgres overriding defaults in the postgres ################################################################# diff --git a/kubernetes/dcaegen2/components/dcae-policy-handler/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/templates/deployment.yaml index a4becb5e4f..916c5f673f 100644 --- a/kubernetes/dcaegen2/components/dcae-policy-handler/templates/deployment.yaml +++ b/kubernetes/dcaegen2/components/dcae-policy-handler/templates/deployment.yaml @@ -109,9 +109,9 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} volumeMounts: - - mountPath: /opt/app/policy_handler/logs + - mountPath: /app/logs name: component-log - - mountPath: /opt/app/policy_handler/etc/tls/certs/ + - mountPath: /app/etc/tls/certs/ name: tls-info env: - name: CONSUL_HOST diff --git a/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml index 50c59c8ae8..ba10394e11 100644 --- a/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml @@ -44,7 +44,7 @@ config: # Application configuration defaults. ################################################################# # application image -image: onap/org.onap.dcaegen2.platform.policy-handler:5.1.1 +image: onap/org.onap.dcaegen2.platform.policy-handler:5.1.2 pullPolicy: Always # probe configuration parameters diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index 30155dc3c5..6ff7d13c6c 100755 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -103,7 +103,7 @@ global: nginxImage: bitnami/nginx:1.18-debian-10 # postgreSQL client and server image - postgresImage: crunchydata/crunchy-postgres:centos7-10.11-4.2.1 + postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1 # readiness check image readinessImage: onap/oom/readiness:3.0.1 diff --git a/kubernetes/policy/components/policy-apex-pdp/values.yaml b/kubernetes/policy/components/policy-apex-pdp/values.yaml index fb4742e9e4..22edcff601 100755 --- a/kubernetes/policy/components/policy-apex-pdp/values.yaml +++ b/kubernetes/policy/components/policy-apex-pdp/values.yaml @@ -49,7 +49,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/policy-apex-pdp:2.5.0 +image: onap/policy-apex-pdp:2.5.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-api/values.yaml b/kubernetes/policy/components/policy-api/values.yaml index 9d3ea8c4b5..0b2ea9f20c 100755 --- a/kubernetes/policy/components/policy-api/values.yaml +++ b/kubernetes/policy/components/policy-api/values.yaml @@ -81,7 +81,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-api:2.4.0 +image: onap/policy-api:2.4.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-clamp-be/values.yaml b/kubernetes/policy/components/policy-clamp-be/values.yaml index cd78850150..50ec8fafea 100644 --- a/kubernetes/policy/components/policy-clamp-be/values.yaml +++ b/kubernetes/policy/components/policy-clamp-be/values.yaml @@ -63,7 +63,7 @@ secrets: flavor: small # application image -image: onap/policy-clamp-backend:6.0.1 +image: onap/policy-clamp-backend:6.0.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-clamp-fe/values.yaml b/kubernetes/policy/components/policy-clamp-fe/values.yaml index 15b69ef93d..c2f4d157c8 100644 --- a/kubernetes/policy/components/policy-clamp-fe/values.yaml +++ b/kubernetes/policy/components/policy-clamp-fe/values.yaml @@ -62,7 +62,7 @@ subChartsOnly: flavor: small # application image -image: onap/policy-clamp-frontend:6.0.1 +image: onap/policy-clamp-frontend:6.0.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-distribution/values.yaml b/kubernetes/policy/components/policy-distribution/values.yaml index 752b83cf00..09805bd496 100755 --- a/kubernetes/policy/components/policy-distribution/values.yaml +++ b/kubernetes/policy/components/policy-distribution/values.yaml @@ -67,7 +67,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/policy-distribution:2.5.0 +image: onap/policy-distribution:2.5.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-drools-pdp/values.yaml b/kubernetes/policy/components/policy-drools-pdp/values.yaml index 459767e13f..658fa65a31 100755 --- a/kubernetes/policy/components/policy-drools-pdp/values.yaml +++ b/kubernetes/policy/components/policy-drools-pdp/values.yaml @@ -34,7 +34,7 @@ secrets: # Application configuration defaults. ################################################################# # application image -image: onap/policy-pdpd-cl:1.8.0 +image: onap/policy-pdpd-cl:1.8.2 pullPolicy: Always # flag to enable debugging - application support required @@ -86,14 +86,15 @@ certInitializer: cadi_longitude: "0.0" credsPath: /opt/app/osaaf/local app_ns: org.osaaf.aaf - uid: 1000 - gid: 1000 + uid: 100 + gid: 101 aaf_add_config: > /opt/app/aaf_config/bin/agent.sh; export $(/opt/app/aaf_config/bin/agent.sh local showpass {{ .Values.fqi }} {{ .Values.fqdn }} | grep "^cadi_keystore_password_p12"); echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" >> {{ .Values.credsPath }}/.ci; echo "export KEYSTORE_PASSWD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci; + echo "export CADI_KEYFILE='{{ .Values.credsPath }}/org.onap.policy.keyfile'" >> {{ .Values.credsPath }}/.ci; chown -R {{ .Values.uid }}:{{ .Values.gid }} $(dirname {{ .Values.credsPath }}); server: diff --git a/kubernetes/policy/components/policy-pap/values.yaml b/kubernetes/policy/components/policy-pap/values.yaml index 42f0e13b71..ec177d82c1 100755 --- a/kubernetes/policy/components/policy-pap/values.yaml +++ b/kubernetes/policy/components/policy-pap/values.yaml @@ -95,7 +95,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-pap:2.4.0 +image: onap/policy-pap:2.4.2 pullPolicy: Always # flag to enable debugging - application support required diff --git a/kubernetes/policy/components/policy-xacml-pdp/values.yaml b/kubernetes/policy/components/policy-xacml-pdp/values.yaml index 41bec0ba74..76b0f3a42a 100755 --- a/kubernetes/policy/components/policy-xacml-pdp/values.yaml +++ b/kubernetes/policy/components/policy-xacml-pdp/values.yaml @@ -86,7 +86,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/policy-xacml-pdp:2.4.0 +image: onap/policy-xacml-pdp:2.4.2 pullPolicy: Always # flag to enable debugging - application support required |