diff options
13 files changed, 56 insertions, 582 deletions
diff --git a/kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml b/kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml index 69178fd6c7..661ed64b0e 100644 --- a/kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-appc-orchestrator/resources/config/overrides/override.yaml @@ -22,7 +22,7 @@ server: mso: logPath: ./logs/soappcorch auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.auth.rest.aafEncrypted "value2" .Values.mso.auth )}} - msoKey: {{ .Values.mso.msoKey }} + msoKey: {{ .Values.global.app.msoKey }} config: {{ if .Values.global.security.aaf.enabled }} cadi: {{ include "so.cadi.keys" . | nindent 8}} diff --git a/kubernetes/so/components/so-appc-orchestrator/values.yaml b/kubernetes/so/components/so-appc-orchestrator/values.yaml index e63838d3b1..7570116fd5 100644 --- a/kubernetes/so/components/so-appc-orchestrator/values.yaml +++ b/kubernetes/so/components/so-appc-orchestrator/values.yaml @@ -30,7 +30,8 @@ global: security: aaf: enabled: false - + app: + msoKey: 07a7159d3bf51a0e53be7a8f89699be7 ################################################################# # Secrets metaconfig ################################################################# @@ -73,7 +74,6 @@ db: adminName: so_admin adminPassword: so_Admin123 # adminCredsExternalSecret: some secret - server: actuator: username: mso_admin @@ -87,8 +87,8 @@ service: name: so-appc-orchestrator type: ClusterIP ports: - - port: *containerPort - name: http + - port: *containerPort + name: http updateStrategy: type: RollingUpdate maxUnavailable: 1 @@ -96,6 +96,7 @@ updateStrategy: # Resource Limit flavor -By Default using small flavor: small + ################################################################# # soHelper part ################################################################# @@ -127,14 +128,14 @@ resources: cpu: 1000m unlimited: {} livenessProbe: - path: /manage/health - port: 8083 - scheme: HTTP - initialDelaySeconds: 600 - periodSeconds: 60 - timeoutSeconds: 10 - successThreshold: 1 - failureThreshold: 3 + path: /manage/health + port: 8083 + scheme: HTTP + initialDelaySeconds: 600 + periodSeconds: 60 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 ingress: enabled: false nodeSelector: {} @@ -148,7 +149,6 @@ auth: mso: auth: BEA8637716A7EB617DF472BA6552D22F68C1CB17B0D094D77DDA562F4ADAAC4457CAB848E1A4 basicUser: poBpmn - msoKey: 07a7159d3bf51a0e53be7a8f89699be7 appc: client: diff --git a/kubernetes/so/components/so-cnf-adapter/Chart.yaml b/kubernetes/so/components/so-cnf-adapter/Chart.yaml deleted file mode 100755 index f2ccd6a707..0000000000 --- a/kubernetes/so/components/so-cnf-adapter/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2020 Huawei Technologies Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -apiVersion: v1 -appVersion: "1.7.1" -description: A Helm chart for Kubernetes -name: so-cnf-adapter -version: 6.0.0 diff --git a/kubernetes/so/components/so-cnf-adapter/requirements.yaml b/kubernetes/so/components/so-cnf-adapter/requirements.yaml deleted file mode 100755 index b0bda362dd..0000000000 --- a/kubernetes/so/components/so-cnf-adapter/requirements.yaml +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -dependencies: - - name: common - version: ~6.x-0 - # local reference to common chart, as it is - # a part of this chart's package and will not - # be published independently to a repo (at this point) - repository: '@local' - - name: readinessCheck - version: ~6.x-0 - repository: '@local' - - name: soHelpers - version: ~6.x-0 - repository: 'file://../soHelpers' diff --git a/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml deleted file mode 100755 index 37024d4d4d..0000000000 --- a/kubernetes/so/components/so-cnf-adapter/resources/config/overrides/override.yaml +++ /dev/null @@ -1,50 +0,0 @@ -{{/* -# Copyright © 2020 Huawei Technologies Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -aai: - auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.server.aai.auth ) }} - endpoint: https://aai.{{ include "common.namespace" . }}:8443 -logging: - path: logs -spring: - security: - usercredentials: - - username: ${ACTUATOR_USERNAME} - password: ${ACTUATOR_PASSWORD} - role: ACTUATOR -server: - port: {{ index .Values.containerPort }} - tomcat: - max-threads: 50 - -mso: - site-name: localSite - logPath: ./logs/cnf - msb-ip: msb-iag.{{ include "common.namespace" . }} - msb-port: 80 -#Actuator -management: - endpoints: - web: - base-path: /manage - exposure: - include: "*" - metrics: - se-global-registry: false - export: - prometheus: - enabled: true # Whether exporting of metrics to Prometheus is enabled. - step: 1m # Step size (i.e. reporting frequency) to use. diff --git a/kubernetes/so/components/so-cnf-adapter/templates/configmap.yaml b/kubernetes/so/components/so-cnf-adapter/templates/configmap.yaml deleted file mode 100755 index fcdd381e72..0000000000 --- a/kubernetes/so/components/so-cnf-adapter/templates/configmap.yaml +++ /dev/null @@ -1,29 +0,0 @@ -{{/* -# Copyright © 2020 Huawei Technologies Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: ConfigMap -metadata: {{- include "common.resourceMetadata" (dict "dot" . "suffix" "env") | nindent 2 }} -data: - LOG_PATH: {{ index .Values.logPath }} - APP: {{ index .Values.app }} - ACTIVE_PROFILE: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}} ---- -apiVersion: v1 -kind: ConfigMap -metadata: {{- include "common.resourceMetadata" . | nindent 2 }} -data: -{{ tpl (.Files.Glob "resources/config/overrides/*").AsConfig . | indent 2 }} diff --git a/kubernetes/so/components/so-cnf-adapter/templates/deployment.yaml b/kubernetes/so/components/so-cnf-adapter/templates/deployment.yaml deleted file mode 100755 index dfff4341f5..0000000000 --- a/kubernetes/so/components/so-cnf-adapter/templates/deployment.yaml +++ /dev/null @@ -1,117 +0,0 @@ -{{/* -# Copyright © 2020 Huawei Technologies Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1 -kind: Deployment -metadata: {{- include "common.resourceMetadata" . | nindent 2 }} -spec: - selector: {{- include "common.selectors" . | nindent 4 }} - replicas: {{ index .Values.replicaCount }} - minReadySeconds: {{ index .Values.minReadySeconds }} - strategy: - type: {{ index .Values.updateStrategy.type }} - rollingUpdate: - maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }} - maxSurge: {{ index .Values.updateStrategy.maxSurge }} - template: - metadata: - labels: {{- include "common.labels" . | nindent 8 }} - spec: - initContainers: {{ include "so.certificate.container_importer" . | nindent 8 }} - - name: {{ include "common.name" . }}-encrypter - command: - - sh - args: - - -c - - | - java Crypto "${AAI_USERNAME}:${AAI_PASSWORD}" "${MSO_KEY}" > /output/.aai_creds - env: - - name: AAI_USERNAME - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-aai-creds" "key" "login") | indent 14 }} - - name: AAI_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-aai-creds" "key" "password") | indent 14 }} - - name: MSO_KEY - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cnf-adapter-mso-key" "key" "password") | indent 14 }} - image: {{ .Values.global.dockerHubRepository }}/{{ .Values.global.soCryptoImage }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - name: encoder - mountPath: /output - {{ include "common.readinessCheck.waitFor" . | indent 8 | trim }} - containers: - - name: {{ include "common.name" . }} - image: {{ include "common.repository" . }}/{{ .Values.image }} - command: - - sh - args: - - -c - - | - export AAF_BASE64=$(echo -n "${AAF_USERNAME}:${AAF_PASSWORD}" | base64) - export AAF_AUTH=$(echo "Basic ${AAF_BASE64}") - export AAI_AUTH=$(cat /input/.aai_creds) - {{- if .Values.global.aafEnabled }} - export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) - export TRUSTSTORE_PASSWORD="${cadi_truststore_password}" - {{- if .Values.global.security.aaf.enabled }} - export KEYSTORE_PASSWORD="${cadi_keystore_password}" - {{- end }} - {{- end }} - ./start-app.sh - resources: {{ include "common.resources" . | nindent 12 }} - ports: {{- include "common.containerPorts" . | nindent 12 }} - env: - - name: AAF_USERNAME - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-aaf-creds" "key" "login") | indent 14 }} - - name: AAF_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-aaf-creds" "key" "password") | indent 14 }} - - name: ACTUATOR_USERNAME - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-actuator-creds" "key" "login") | indent 14 }} - - name: ACTUATOR_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-actuator-creds" "key" "password") | indent 14 }} - {{ include "so.certificates.env" . | indent 12 | trim }} - envFrom: - - configMapRef: - name: {{ include "common.fullname" . }}-env - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 12 }} - - name: logs - mountPath: /app/logs - - name: config - mountPath: /app/config - readOnly: true - - name: encoder - mountPath: /input - livenessProbe: - httpGet: - path: {{ index .Values.livenessProbe.path}} - port: {{ index .Values.containerPort }} - scheme: {{ index .Values.livenessProbe.scheme}} - initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}} - periodSeconds: {{ index .Values.livenessProbe.periodSeconds}} - timeoutSeconds: {{ index .Values.livenessProbe.timeoutSeconds}} - successThreshold: {{ index .Values.livenessProbe.successThreshold}} - failureThreshold: {{ index .Values.livenessProbe.failureThreshold}} - volumes: {{ include "so.certificate.volumes" . | nindent 8 }} - - name: logs - emptyDir: {} - - name: config - configMap: - name: {{ include "common.fullname" . }} - - name: encoder - emptyDir: - medium: Memory - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/so/components/so-cnf-adapter/templates/secret.yaml b/kubernetes/so/components/so-cnf-adapter/templates/secret.yaml deleted file mode 100644 index cc40499c76..0000000000 --- a/kubernetes/so/components/so-cnf-adapter/templates/secret.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{/* -# Copyright © 2020 Huawei Technologies Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{ include "common.secretFast" . }} diff --git a/kubernetes/so/components/so-cnf-adapter/templates/service.yaml b/kubernetes/so/components/so-cnf-adapter/templates/service.yaml deleted file mode 100755 index 665601d832..0000000000 --- a/kubernetes/so/components/so-cnf-adapter/templates/service.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{/* -# Copyright © 2020 Huawei Technologies Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{ include "common.service" . }} diff --git a/kubernetes/so/components/so-cnf-adapter/values.yaml b/kubernetes/so/components/so-cnf-adapter/values.yaml deleted file mode 100755 index 66703f2597..0000000000 --- a/kubernetes/so/components/so-cnf-adapter/values.yaml +++ /dev/null @@ -1,182 +0,0 @@ -# Copyright © 2020 Huawei Technologies Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - nodePortPrefixExt: 304 - repository: nexus3.onap.org:10001 - readinessImage: oomk8s/readiness-check:2.2.2 - soCryptoImage: sdesbure/so_crypto:latest - dockerHubRepository: docker.io - persistence: - mountPath: /dockerdata-nfs - security: - aaf: - enabled: false - aaf: - auth: - header: ${AAF_AUTH} - -readinessCheck: - wait_for: - - so-mariadb-config - -################################################################# -# Secrets metaconfig -################################################################# -secrets: - - uid: db-user-creds - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.db.userCredsExternalSecret) . }}' - login: '{{ .Values.db.userName }}' - password: '{{ .Values.db.userPassword }}' - passwordPolicy: required - - uid: db-admin-creds - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.db.adminCredsExternalSecret) . }}' - login: '{{ .Values.db.adminName }}' - password: '{{ .Values.db.adminPassword }}' - passwordPolicy: required - - uid: server-actuator-creds - name: '{{ include "common.release" . }}-so-cnf-actuator-creds' - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.server.actuatorCredsExternalSecret) . }}' - login: '{{ .Values.server.actuator.username }}' - password: '{{ .Values.server.actuator.password }}' - passwordPolicy: required - - uid: so-aaf-creds - name: '{{ include "common.release" . }}-so-cnf-aaf-creds' - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.server.aafCredsExternalSecret) . }}' - login: '{{ .Values.server.aaf.username }}' - password: '{{ .Values.server.aaf.password }}' - passwordPolicy: required - - uid: so-aai-creds - name: '{{ include "common.release" . }}-so-cnf-aai-creds' - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.server.aaiCredsExternalSecret) . }}' - login: '{{ .Values.server.aai.username }}' - password: '{{ .Values.server.aai.password }}' - passwordPolicy: required - - uid: cnf-adapter-mso-key - name: '{{ include "common.release" . }}-so-cnf-mso-key' - type: password - externalSecret: '{{ tpl (default "" .Values.mso.msoKeySecret) . }}' - password: '{{ .Values.mso.msoKey }}' - -#secretsFilePaths: | -# - 'my file 1' -# - '{{ include "templateThatGeneratesFileName" . }}' - -################################################################# -# Application configuration defaults. -################################################################# -repository: nexus3.onap.org:10001 -image: onap/so/mso-cnf-adapter:1.7.1 -pullPolicy: Always - -db: - userName: so_user - userPassword: so_User123 - # userCredsExternalSecret: some secret - adminName: so_admin - adminPassword: so_Admin123 - # adminCredsExternalSecret: some secret - -server: - aaf: - username: so@so.onap.org - password: demo123456 - # aafCredsExternalSecret: some secret - aai: - username: aai@aai.onap.org - password: demo123456! - auth: ${AAI_AUTH} - # aaiCredsExternalSecret: some secret - actuator: - username: mso_admin - password: password1$ - # actuatorCredsExternalSecret: some secret - -mso: - msoKey: 07a7159d3bf51a0e53be7a8f89699be7 - # msoKeySecret: some secret - adapters: - requestDb: - auth: ${REQUEST_AUTH} - -replicaCount: 1 -minReadySeconds: 10 -containerPort: &containerPort 8090 -logPath: ./logs/cnf/ -app: cnf-adapter -service: - type: ClusterIP - ports: - - name: http-api - port: *containerPort -updateStrategy: - type: RollingUpdate - maxUnavailable: 1 - maxSurge: 1 - -soHelpers: - nameOverride: so-cnf-cert-init - certInitializer: - nameOverride: so-cnf-cert-init - credsPath: /opt/app/osaaf/local - cadi: - apiEnforcement: org.onap.so.openStackAdapterPerm - containerPort: *containerPort - -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - memory: 4Gi - cpu: 2000m - requests: - memory: 1Gi - cpu: 500m - large: - limits: - memory: 8Gi - cpu: 4000m - requests: - memory: 2Gi - cpu: 1000m - unlimited: {} - -livenessProbe: - path: /manage/health - port: 8090 - scheme: HTTP - initialDelaySeconds: 600 - periodSeconds: 60 - timeoutSeconds: 10 - successThreshold: 1 - failureThreshold: 3 - -ingress: - enabled: false - -nodeSelector: {} - -tolerations: [] - -affinity: {} diff --git a/kubernetes/so/requirements.yaml b/kubernetes/so/requirements.yaml index 1728705414..bbd84cfcfd 100755 --- a/kubernetes/so/requirements.yaml +++ b/kubernetes/so/requirements.yaml @@ -23,40 +23,36 @@ dependencies: repository: '@local' - name: mariadb-galera version: ~6.x-0 - repository: "@local" + repository: '@local' condition: global.mariadbGalera.localCluster - name: soHelpers version: ~6.x-0 - repository: "file://components/soHelpers" + repository: 'file://components/soHelpers' - name: so-appc-orchestrator version: ~6.x-0 - repository: "file://components/so-appc-orchestrator" + repository: 'file://components/so-appc-orchestrator' condition: so-appc-orchestrator.enabled - name: so-bpmn-infra version: ~6.x-0 - repository: "file://components/so-bpmn-infra" + repository: 'file://components/so-bpmn-infra' - name: so-catalog-db-adapter version: ~6.x-0 - repository: "file://components/so-catalog-db-adapter" + repository: 'file://components/so-catalog-db-adapter' condition: so-catalog-db-adapter.enabled - - name: so-cnf-adapter - version: ~6.x-0 - repository: "file://components/so-cnf-adapter" - condition: so-cnf-adapter.enabled - name: so-etsi-nfvo-ns-lcm version: ~6.x-0 repository: 'file://components/so-etsi-nfvo-ns-lcm' condition: so-etsi-nfvo-ns-lcm.enabled - name: so-mariadb version: ~6.x-0 - repository: "file://components/so-mariadb" + repository: 'file://components/so-mariadb' - name: so-monitoring version: ~6.x-0 - repository: "file://components/so-monitoring" + repository: 'file://components/so-monitoring' condition: so-monitoring.enabled - name: so-nssmf-adapter version: ~6.x-0 - repository: "file://components/so-nssmf-adapter" + repository: 'file://components/so-nssmf-adapter' condition: so-nssmf-adapter.enabled - name: so-oof-adapter version: ~6.x-0 @@ -64,27 +60,27 @@ dependencies: condition: so-oof-adapter.enabled - name: so-openstack-adapter version: ~6.x-0 - repository: "file://components/so-openstack-adapter" + repository: 'file://components/so-openstack-adapter' condition: so-openstack-adapter.enabled - name: so-request-db-adapter version: ~6.x-0 - repository: "file://components/so-request-db-adapter" + repository: 'file://components/so-request-db-adapter' - name: so-sdc-controller version: ~6.x-0 - repository: "file://components/so-sdc-controller" + repository: 'file://components/so-sdc-controller' - name: so-sdnc-adapter version: ~6.x-0 - repository: "file://components/so-sdnc-adapter" + repository: 'file://components/so-sdnc-adapter' condition: so-sdnc-adapter.enabled - name: so-ve-vnfm-adapter version: ~6.x-0 - repository: "file://components/so-ve-vnfm-adapter" + repository: 'file://components/so-ve-vnfm-adapter' condition: so-ve-vnfm-adapter.enabled - name: so-vfc-adapter version: ~6.x-0 - repository: "file://components/so-vfc-adapter" + repository: 'file://components/so-vfc-adapter' condition: so-vfc-adapter.enabled - name: so-vnfm-adapter version: ~6.x-0 - repository: "file://components/so-vnfm-adapter" + repository: 'file://components/so-vnfm-adapter' condition: so-vnfm-adapter.enabled diff --git a/kubernetes/so/resources/config/overrides/override.yaml b/kubernetes/so/resources/config/overrides/override.yaml index 8ed9fd6401..efcf029fbc 100755 --- a/kubernetes/so/resources/config/overrides/override.yaml +++ b/kubernetes/so/resources/config/overrides/override.yaml @@ -124,4 +124,4 @@ org: cloud-owner: CloudOwner adapters: network: - encryptionKey: {{ .Values.mso.msoKey }} + encryptionKey: {{ .Values.global.app.msoKey }} diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml index 4f64dac032..d47d1fb429 100755 --- a/kubernetes/so/values.yaml +++ b/kubernetes/so/values.yaml @@ -60,6 +60,7 @@ global: siteName: onapheat auth: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456 defaultCloudOwner: onap + msoKey: 07a7159d3bf51a0e53be7a8f89699be7 client: certs: truststore: /app/client/org.onap.so.trust.jks @@ -114,44 +115,16 @@ secrets: type: generic filePaths: - resources/config/certificates/msb-ca.crt - - uid: 'mso-key' + - uid: "mso-key" name: &mso-key '{{ include "common.release" . }}-mso-key' type: password - password: '{{ .Values.mso.msoKey }}' + password: '{{ .Values.global.app.msoKey }}' - uid: mso-oof-auth name: &mso-oof-auth '{{ include "common.release" . }}-mso-oof-auth' type: basicAuth login: '{{ .Values.mso.oof.login }}' password: '{{ .Values.mso.oof.password }}' passwordPolicy: required - - uid: server-actuator-creds - name: &actuator-secrets '{{ include "common.release" . }}-so-server-actuator-creds' - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.server.actuatorCredsExternalSecret) . }}' - login: '{{ .Values.server.actuator.username }}' - password: '{{ .Values.server.actuator.password }}' - passwordPolicy: required - - uid: server-bpel-creds - name: &bpel-secrets '{{ include "common.release" . }}-so-server-bpel-creds' - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.server.bpelCredsExternalSecret) . }}' - login: '{{ .Values.server.bpel.username }}' - password: '{{ .Values.server.bpel.password }}' - passwordPolicy: required - - uid: so-aaf-creds - name: &aaf-secrets '{{ include "common.release" . }}-so-server-aaf-creds' - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.server.aafCredsExternalSecret) . }}' - login: '{{ .Values.server.aaf.username }}' - password: '{{ .Values.server.aaf.password }}' - passwordPolicy: required - - uid: so-aai-creds - name: &aai-secrets '{{ include "common.release" . }}-so-server-aai-creds' - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.server.aaiCredsExternalSecret) . }}' - login: '{{ .Values.server.aai.username }}' - password: '{{ .Values.server.aai.password }}' - passwordPolicy: required aafConfig: permission_user: 1000 @@ -173,44 +146,20 @@ dbCreds: userName: so_user adminName: so_admin -server: - aaf: - username: so@so.onap.org - password: demo123456 - # aafCredsExternalSecret: some secret - aai: - username: aai@aai.onap.org - password: demo123456! - # aaiCredsExternalSecret: some secret - actuator: - username: mso_admin - password: password1$ - # actuatorCredsExternalSecret: some secret - bpel: - username: bpel - password: password1$ - # bpelCredsExternalSecret: some secret - repository: nexus3.onap.org:10001 image: onap/so/api-handler-infra:1.6.4 pullPolicy: Always - replicaCount: 1 minReadySeconds: 10 - containerPort: &containerPort 8080 - logPath: ./logs/apih/ - app: api-handler-infra - service: type: NodePort nodePort: 77 internalPort: *containerPort externalPort: *containerPort portName: so-apih-port - updateStrategy: type: RollingUpdate maxUnavailable: 1 @@ -287,7 +236,6 @@ mso: requestDb: auth: Basic YnBlbDpwYXNzd29yZDEk camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A - msoKey: 07a7159d3bf51a0e53be7a8f89699be7 sdc: client: auth: 878785F4F31BC9CFA5AB52A172008212D8845ED2DE08AD5E56AF114720A4E49768B8F95CDA2EB971765D28EDCDAA24 @@ -305,8 +253,6 @@ mso: so-appc-orchestrator: enabled: false - server: - actuatorCredsExternalSecret: *actuator-secrets db: <<: *dbSecrets @@ -319,51 +265,16 @@ so-catalog-db-adapter: db: <<: *dbSecrets -so-cnf-adapter: - enabled: true - server: - aafCredsExternalSecret: *aaf-secrets - aaiCredsExternalSecret: *aai-secrets - actuatorCredsExternalSecret: *actuator-secrets - mso: - msoKeySecret: *mso-key - so-etsi-nfvo-ns-lcm: enabled: true db: <<: *dbSecrets -so-mariadb: - db: - rootPasswordExternalSecretLocalDb: *dbRootPassSecretName - rootPasswordExternalSecret: '{{ ternary .Values.db.rootPasswordExternalSecretLocalDb (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)) .Values.global.mariadbGalera.localCluster }}' - backupCredsExternalSecret: *dbBackupCredsSecretName - userCredsExternalSecret: *dbUserCredsSecretName - adminCredsExternalSecret: *dbAdminCredsSecretName - so-monitoring: enabled: true db: <<: *dbSecrets -so-nssmf-adapter: - enabled: true - server: - actuatorCredsExternalSecret: *actuator-secrets - bpelCredsExternalSecret: *bpel-secrets - db: - <<: *dbSecrets - -so-oof-adapter: - enabled: true - db: - <<: *dbSecrets - mso: - msoKeySecret: *mso-key - camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A - oof: - authSecret: *mso-oof-auth - so-openstack-adapter: enabled: true db: @@ -390,5 +301,28 @@ so-vfc-adapter: db: <<: *dbSecrets +so-nssmf-adapter: + enabled: true + db: + <<: *dbSecrets + +so-oof-adapter: + enabled: true + db: + <<: *dbSecrets + mso: + msoKeySecret: *mso-key + camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A + oof: + authSecret: *mso-oof-auth + so-vnfm-adapter: enabled: true + +so-mariadb: + db: + rootPasswordExternalSecretLocalDb: *dbRootPassSecretName + rootPasswordExternalSecret: '{{ ternary .Values.db.rootPasswordExternalSecretLocalDb (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)) .Values.global.mariadbGalera.localCluster }}' + backupCredsExternalSecret: *dbBackupCredsSecretName + userCredsExternalSecret: *dbUserCredsSecretName + adminCredsExternalSecret: *dbAdminCredsSecretName |