summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-x.ci/check-bashisms.sh27
-rw-r--r--.pre-commit-config.yaml2
-rw-r--r--kubernetes/common/mongo/templates/statefulset.yaml19
-rw-r--r--kubernetes/common/mongo/values.yaml2
-rw-r--r--kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl6
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/templates/deployment.yaml2
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/values.yaml7
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml26
-rw-r--r--kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml2
-rw-r--r--kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml2
-rw-r--r--kubernetes/holmes/components/holmes-engine-mgmt/resources/config/onap-holmes_engine-createobj.sql9
-rw-r--r--kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh10
-rw-r--r--tox.ini26
13 files changed, 107 insertions, 33 deletions
diff --git a/.ci/check-bashisms.sh b/.ci/check-bashisms.sh
new file mode 100755
index 0000000000..0dae2255b7
--- /dev/null
+++ b/.ci/check-bashisms.sh
@@ -0,0 +1,27 @@
+#!/bin/sh
+
+# Copyright © 2021 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+if ! which checkbashisms >/dev/null && ! sudo yum install devscripts-minimal && ! sudo apt-get install devscripts
+then
+ printf "checkbashisms command not found - please install it \n\
+ (e.g. sudo apt-get install devscripts | yum install devscripts-minimal )\n" >&2
+ exit 2
+fi
+find . -not -path '*/.*' -name '*.sh' -exec checkbashisms {} + || exit 3
+find . -not -path '*/.*' -name '*.failover' -exec checkbashisms -f \{\} + || exit 4
+! find . -not -path '*/.*' -name '*.sh' -exec grep 'local .*=' {} + || exit 5
+! find . -not -path '*/.*' -name '*.failover' -exec grep 'local .*=' {} + || exit 6
+exit 0
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 6bfce7af6c..980093a7a5 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -6,7 +6,7 @@ repos:
- id: trailing-whitespace
#exclude: '^ordmodels/'
- repo: https://github.com/jorisroovers/gitlint
- rev: v0.15.1
+ rev: v0.17.0
hooks:
- id: gitlint
stages: [commit-msg]
diff --git a/kubernetes/common/mongo/templates/statefulset.yaml b/kubernetes/common/mongo/templates/statefulset.yaml
index 11602054e8..e156db27db 100644
--- a/kubernetes/common/mongo/templates/statefulset.yaml
+++ b/kubernetes/common/mongo/templates/statefulset.yaml
@@ -39,6 +39,23 @@ spec:
{{ include "common.podSecurityContext" . | indent 6 }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
+ initContainers:
+ # we shouldn't need this but for unknown reason, it's fsGroup is not
+ # applied
+ - name: fix-permission
+ command:
+ - /bin/sh
+ args:
+ - -c
+ - |
+ chown -R {{ .Values.securityContext.user_id }}:{{ .Values.securityContext.group_id }} /data
+ image: {{ include "repositoryGenerator.image.busybox" . }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ securityContext:
+ runAsUser: 0
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-data
+ mountPath: /data
containers:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }}
@@ -72,7 +89,7 @@ spec:
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
- name: {{ include "common.fullname" . }}-data
- mountPath: /var/lib/mongo
+ mountPath: /data/db
resources: {{ include "common.resources" . | nindent 12 }}
{{ include "common.containerSecurityContext" . | indent 10 }}
{{- if .Values.nodeSelector }}
diff --git a/kubernetes/common/mongo/values.yaml b/kubernetes/common/mongo/values.yaml
index ee1d8c72fa..caab71890d 100644
--- a/kubernetes/common/mongo/values.yaml
+++ b/kubernetes/common/mongo/values.yaml
@@ -24,7 +24,7 @@ global:
# Application configuration defaults.
#################################################################
-image: library/mongo:4.0.8
+image: library/mongo:4.4.10
pullPolicy: Always
# application configuration
diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
index aac0f4b3a9..5ba7d2977a 100644
--- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
+++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
@@ -229,10 +229,12 @@ policies:
{{- $policy := default dict .Values.policies -}}
{{- $policyRls := default $commonRelease $policy.policyRelease -}}
{{- $drFeedConfig := default "" .Values.drFeedConfig -}}
-
+{{- $dcaeName := print (include "common.fullname" .) }}
+{{- $dcaeLabel := (dict "dcaeMicroserviceName" $dcaeName) -}}
+{{- $dot := . -}}
apiVersion: apps/v1
kind: Deployment
-metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+metadata: {{- include "common.resourceMetadata" (dict "dot" $dot "labels" $dcaeLabel) | nindent 2 }}
spec:
replicas: 1
selector: {{- include "common.selectors" . | nindent 4 }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/templates/deployment.yaml
index 2b3ab328b5..4a51c7f9d8 100644
--- a/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/templates/deployment.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/templates/deployment.yaml
@@ -59,6 +59,8 @@ spec:
value: {{ include "common.namespace" . }}
- name: HELM_RELEASE
value: {{ include "common.release" . }}
+ - name: DEPLOY_LABEL
+ value: {{ .Values.deployLabel }}
volumes:
- name: {{ include "common.fullname" . }}-expected-components
configMap:
diff --git a/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/values.yaml
index 58ae706e0a..3b47e7f70e 100644
--- a/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/values.yaml
@@ -31,6 +31,11 @@ service:
- port: 8080
name: http
+# Label on DCAE microservice deployments
+# (Used by healthcheck code to find deployments
+# created after initial DCAE installation)
+deployLabel: dcaeMicroserviceName
+
# probe configuration parameters
liveness:
initialDelaySeconds: 10
@@ -43,7 +48,7 @@ readiness:
initialDelaySeconds: 10
periodSeconds: 10
# application image
-image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.3.0
+image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.4.0
# Resource Limit flavor -By Default using small
flavor: small
diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml
index 1e60d24d7a..54dcda831e 100644
--- a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml
@@ -38,6 +38,11 @@ secrets:
login: '{{ .Values.aafCreds.identity }}'
password: '{{ .Values.aafCreds.password }}'
passwordPolicy: required
+ - uid: &cpsCredsUID cpscreds
+ type: basicAuth
+ login: '{{ .Values.cpsCreds.identity }}'
+ password: '{{ .Values.cpsCreds.password }}'
+ passwordPolicy: required
- uid: &pgUserCredsSecretUid pg-user-creds
name: &pgUserCredsSecretName '{{ include "common.release" . }}-sonhms-pg-user-creds'
type: basicAuth
@@ -70,7 +75,7 @@ certDirectory: /opt/app/sonhms/etc/certs
# TLS role -- set to true if microservice acts as server
# If true, an init container will retrieve a server cert
# and key from AAF and mount them in certDirectory.
-tlsServer: true
+tlsServer: false
# Policy configuraiton properties
# if present, policy-sync side car will be deployed
@@ -92,7 +97,7 @@ readiness:
periodSeconds: 15
timeoutSeconds: 1
path: /healthcheck
- scheme: HTTPS
+ scheme: HTTP
port: 8080
# Service Configuration
@@ -108,6 +113,9 @@ service:
aafCreds:
identity: dcae@dcae.onap.org
password: demo123456!
+cpsCreds:
+ identity: cps
+ password: cpsr0cks!
credentials:
- name: AAF_IDENTITY
@@ -116,6 +124,12 @@ credentials:
- name: AAF_PASSWORD
uid: *aafCredsUID
key: password
+- name: CPS_IDENTITY
+ uid: *cpsCredsUID
+ key: login
+- name: CPS_PASSWORD
+ uid: *cpsCredsUID
+ key: password
- name: PG_USERNAME
uid: *pgUserCredsSecretUid
key: login
@@ -130,6 +144,8 @@ applicationConfig:
postgres.port: 5432
postgres.username: ${PG_USERNAME}
postgres.password: ${PG_PASSWORD}
+ cps.username: ${CPS_IDENTITY}
+ cps.password: ${CPS_PASSWORD}
sonhandler.pollingInterval: 20
sonhandler.pollingTimeout: 60
cbsPollingInterval: 60
@@ -145,6 +161,12 @@ applicationConfig:
sonhandler.bufferTime: 60
sonhandler.cg: sonhms-cg
sonhandler.cid: sonhms-cid
+ sonhandler.clientType: cps
+ cps.service.url: http://cps-tbdmt:8080
+ cps.get.celldata: execute/cps-ran-schemaset/get-cell-data
+ cps.get.nbr.list.url: execute/cps-ran-schemaset/get-nbr-list
+ cps.get.pci.url: execute/ran-network-schemaset/get-pci
+ cps.get.pnf.url: execute/ran-network-schemaset/get-pnf
sonhandler.configDb.service: http://configdb:8080
sonhandler.oof.service: https://oof-osdf:8698
sonhandler.oof.endpoint: /api/oof/v1/pci
diff --git a/kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml b/kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml
index 8134e0df9d..67312d73a0 100644
--- a/kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml
@@ -42,7 +42,7 @@ readiness:
initialDelaySeconds: 10
periodSeconds: 10
# application image
-image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.3.0
+image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.4.0
# Resource Limit flavor -By Default using small
flavor: small
diff --git a/kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml b/kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml
index bbc72a5b08..73661ac843 100644
--- a/kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml
@@ -42,7 +42,7 @@ readiness:
initialDelaySeconds: 10
periodSeconds: 10
# application image
-image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.2.0
+image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.4.0
# Resource Limit flavor -By Default using small
flavor: small
diff --git a/kubernetes/holmes/components/holmes-engine-mgmt/resources/config/onap-holmes_engine-createobj.sql b/kubernetes/holmes/components/holmes-engine-mgmt/resources/config/onap-holmes_engine-createobj.sql
index 81998453e4..e5eecb1a5a 100644
--- a/kubernetes/holmes/components/holmes-engine-mgmt/resources/config/onap-holmes_engine-createobj.sql
+++ b/kubernetes/holmes/components/holmes-engine-mgmt/resources/config/onap-holmes_engine-createobj.sql
@@ -22,12 +22,10 @@ CREATE ROLE ${JDBC_USERNAME} with PASSWORD '${JDBC_PASSWORD}' LOGIN;
\encoding UTF8;
-/******************DELETE OLD TABLE AND CREATE NEW***************************/
+/******************CREATE NEW TABLE***************************/
\c ${DB_NAME};
-DROP TABLE IF EXISTS ALARM_INFO;
-
-CREATE TABLE ALARM_INFO (
+CREATE TABLE IF NOT EXISTS ALARM_INFO (
EVENTID VARCHAR(150) NOT NULL,
EVENTNAME VARCHAR(150) NOT NULL,
ALARMISCLEARED SMALLINT NOT NULL,
@@ -36,7 +34,8 @@ CREATE TABLE ALARM_INFO (
LASTEPOCHMICROSEC BIGINT NOT NULL,
SOURCEID VARCHAR(150) NOT NULL,
SOURCENAME VARCHAR(150) NOT NULL,
- PRIMARY KEY (EVENTID)
+ SEQUENCE SMALLINT NOT NULL,
+ PRIMARY KEY (EVENTID, SEQUENCE, SOURCENAME)
);
CREATE TABLE IF NOT EXISTS ENGINE_ENTITY (
diff --git a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh
index fe496bc47d..ddaf099bdf 100644
--- a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh
+++ b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh
@@ -50,13 +50,6 @@ file_env() {
unset "$fileVar"
}
-# check to see if this file is being run or sourced from another script
-_is_sourced() {
- # https://unix.stackexchange.com/a/215279
- [ "${#FUNCNAME[@]}" -ge 2 ] \
- && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
- && [ "${FUNCNAME[1]}" = 'source' ]
-}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
@@ -378,6 +371,7 @@ _main() {
}
# If we are sourced from elsewhere, don't perform any further actions
-if ! _is_sourced; then
+# https://stackoverflow.com/questions/2683279/how-to-detect-if-a-script-is-being-sourced/2942183#2942183
+if [ "$(basename $0)" = "docker-entrypoint.sh" ]; then
_main "$@"
fi
diff --git a/tox.ini b/tox.ini
index dee4f3accf..6388e88cea 100644
--- a/tox.ini
+++ b/tox.ini
@@ -57,17 +57,17 @@ commands =
[testenv:checkbashisms]
deps =
-whitelist_externals = sh
- find
- checkbashisms
+whitelist_externals =
+ {toxinidir}/.ci/check-bashisms.sh
commands =
- sh -c 'which checkbashisms>/dev/null || sudo yum install devscripts-minimal || sudo apt-get install devscripts \
- || (echo "checkbashisms command not found - please install it (e.g. sudo apt-get install devscripts | \
- yum install devscripts-minimal )" >&2 && exit 1)'
- find . -not -path '*/\.*' -name *.sh -exec checkbashisms \{\} +
- find . -not -path '*/\.*' -name *.failover -exec checkbashisms -f \{\} +
- sh -c "! find . -not -path '*/\.*' -name *.sh -exec grep 'local .*=' \{\} + || exit 2"
- sh -c "! find . -not -path '*/\.*' -name *.failover -exec grep 'local .*=' \{\} + || exit 2"
+ {toxinidir}/.ci/check-bashisms.sh
+
+[testenv:shellcheck]
+basepython = python3
+deps = shellcheck-py
+whitelist_externals = find
+commands =
+ find . -not -path '*/\.*' -name *.sh -exec shellcheck \{\} +
[testenv:autopep8]
deps =
@@ -112,3 +112,9 @@ commands =
# As a result, the line above is always skipped in jenkins CI since there cannot be a .git/COMMIT_EDITMSG file.
# A dedicated gitlint profile for CI is proposed above. Also to behave fine locally, this profile must have access
# to the HOME variable so that Gitlint can retrieve Git user settings.
+
+[testenv:pre-commit-autoupdate]
+basepython = python3
+deps = pre-commit
+commands =
+ pre-commit autoupdate