summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--docs/oom_hardcoded_certificates.rst2
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/resources/certServiceClient-keystore.jksbin4087 -> 4066 bytes
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.jksbin4126 -> 4111 bytes
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.p12bin4691 -> 4683 bytes
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/resources/root.crt61
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/resources/truststore.jksbin1722 -> 1730 bytes
-rw-r--r--kubernetes/common/dgbuilder/resources/certs/node-cert.cerbin0 -> 818 bytes
-rw-r--r--kubernetes/common/dgbuilder/resources/certs/node-cert.pem19
-rw-r--r--kubernetes/common/dgbuilder/resources/certs/node-csr.pem16
-rw-r--r--kubernetes/common/dgbuilder/resources/certs/node-key.pem27
-rw-r--r--kubernetes/common/dgbuilder/templates/deployment.yaml5
-rw-r--r--kubernetes/common/dgbuilder/values.yaml9
-rw-r--r--kubernetes/policy/charts/brmsgw/values.yaml2
-rw-r--r--kubernetes/policy/charts/pdp/values.yaml2
-rw-r--r--kubernetes/policy/charts/policy-apex-pdp/resources/config/config.json64
-rw-r--r--kubernetes/policy/charts/policy-apex-pdp/templates/statefulset.yaml9
-rw-r--r--kubernetes/policy/charts/policy-apex-pdp/values.yaml17
-rw-r--r--kubernetes/policy/values.yaml2
m---------kubernetes/robot0
-rw-r--r--kubernetes/sdc/charts/sdc-be/values.yaml4
-rw-r--r--kubernetes/sdc/charts/sdc-cs/values.yaml4
-rw-r--r--kubernetes/sdc/charts/sdc-fe/values.yaml2
-rw-r--r--kubernetes/sdc/charts/sdc-onboarding-be/values.yaml4
-rw-r--r--kubernetes/so/charts/so-appc-orchestrator/values.yaml2
24 files changed, 138 insertions, 113 deletions
diff --git a/docs/oom_hardcoded_certificates.rst b/docs/oom_hardcoded_certificates.rst
index 8943910eb0..922cd5f01d 100644
--- a/docs/oom_hardcoded_certificates.rst
+++ b/docs/oom_hardcoded_certificates.rst
@@ -80,3 +80,5 @@ Here's the list of these certificates:
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
| CDS BP Executor | Yes | No | No | kubernetes/cds/charts/cds-blueprints-processor/resources/config/ONAP_RootCA.cer |
+------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
+ | CCSDK dgbuilder | No | Yes | No | kubernetes/common/dgbuilder/resources/certs |
+ +------------------+------------------+------------------+---------------------------------------------------------------------------------------------------+
diff --git a/kubernetes/aaf/components/aaf-cert-service/resources/certServiceClient-keystore.jks b/kubernetes/aaf/components/aaf-cert-service/resources/certServiceClient-keystore.jks
index f24908c55d..e7da9a7d44 100644
--- a/kubernetes/aaf/components/aaf-cert-service/resources/certServiceClient-keystore.jks
+++ b/kubernetes/aaf/components/aaf-cert-service/resources/certServiceClient-keystore.jks
Binary files differ
diff --git a/kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.jks b/kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.jks
index 89605b6b7a..f47adb614f 100644
--- a/kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.jks
+++ b/kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.jks
Binary files differ
diff --git a/kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.p12 b/kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.p12
index 2106c817ef..9b90af6499 100644
--- a/kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.p12
+++ b/kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.p12
Binary files differ
diff --git a/kubernetes/aaf/components/aaf-cert-service/resources/root.crt b/kubernetes/aaf/components/aaf-cert-service/resources/root.crt
index faeee81357..b5e75dadd6 100644
--- a/kubernetes/aaf/components/aaf-cert-service/resources/root.crt
+++ b/kubernetes/aaf/components/aaf-cert-service/resources/root.crt
@@ -1,32 +1,33 @@
-----BEGIN CERTIFICATE-----
-MIIFlDCCA3ygAwIBAgIETsAy8jANBgkqhkiG9w0BAQwFADByMQswCQYDVQQGEwJQ
-TDEUMBIGA1UECBMLRG9sbnkgU2xhc2sxEDAOBgNVBAcTB1dyb2NsYXcxFTATBgNV
-BAoTDFJvb3QgQ29tcGFueTERMA8GA1UECxMIUm9vdCBPcmcxETAPBgNVBAMTCHJv
-b3QuY29tMB4XDTIwMDQwMzA5MTYxNloXDTMwMDQwMTA5MTYxNlowcjELMAkGA1UE
-BhMCUEwxFDASBgNVBAgTC0RvbG55IFNsYXNrMRAwDgYDVQQHEwdXcm9jbGF3MRUw
-EwYDVQQKEwxSb290IENvbXBhbnkxETAPBgNVBAsTCFJvb3QgT3JnMREwDwYDVQQD
-Ewhyb290LmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAImm68wu
-rtdkVrC5JI2y53+DoVE4al7NxC2yHeVW0PRD3CgW1xba6dlSQoDQQKkDkxtuNhlU
-IQxU1bbKR6syqJgpJXwSDx4sl4J5lQGWN+iuNA72C1IyXATOgowGq6PbOVVTkApy
-3+ZZGBCmweTjhvddAO7k5p8v+ePt17VvBTxSt6rSvrkGMbpCxBGAPfGpL9xykm9Z
-okVSlA42gGhbra499QTT0Yc/WPPFotKkDKFGaDrLW3NYX1Lio11myYNvLOMwfSEV
-Xy9vkwxcdqFJpHjx+EVLLQXwkudZP+D53N4bk8nP3SacbZSQ/A85mZpWNtw+r9QL
-fZGecY1YIR0udLj66CIG3ybl3gSXX7TSRERTIMR6Um1lt+039FSa18mRBpQTCDXV
-tSL58Qs5BHFkCe0sGpY+XiSEypc6oYPf/7YjiTvMT/mHhDffrvFjhK+wP/oCIg8u
-vuPRoPWuyw41bBeFGitJgDn7E8p9B4K/1DCO/ZcjXiYMgn5Hwb3ojablYUeiXs99
-2AAV8gCceUCdgcP8d6wdAydOVljavkgHPG0IMbiVG1WT57oM3HQpejgpujlKDDsI
-bi9/lbcC/U0JoN9yAaJZFr7CXJrxRv8DWeTwzMTo203KHNu9roQiERd38P8Dp6AQ
-ivmqf0+0VZM3IpjWBYKM68tclHJcG+7wyFjvAgMBAAGjMjAwMB0GA1UdDgQWBBSN
-lFyR56zh67mnvYTmmgJQVxEJrjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEB
-DAUAA4ICAQBczmFY0kmr1FK50glkT282ur0vukNtwXQNJONof3rYRqP2W98jID6D
-ayma0B4/H1EqCa0d66wRBxFdwW+MqOc4uWD3uUwgazrYD/Bv+V3aumaw8yX6vbyL
-hLNfpd4pViAEGtzYxYfMfFR6uzInF3NMpvt8OXCSGKiQjDMnMs0ekvUZLJm7yxwT
-Qr9aAEFYQYM/GstUC6qFfuUa4MaGvmyKWhZ10JoKXYbGGeFU4wI7Kzifh3VvawTg
-r314ZvQ3zpEwzNJpdvT5ZKuPvyN+drAKFpSPfOTFmmb3uF95FgYq33OFPpo7SR43
-tnw5u5YqKnsHmqCIRMctWiYZc8rBJ3+eBGmke6z/AN6FraG6Ejc8e4WPclrB8STb
-+oB3a4Cvri1VHyodkm50Sb/d1FAMDXvzEPBfu2D0dVvOwOcISSN/MQUom8NN4YeI
-aEATdAPNkokgehOzZ1OPRv47FKYEVPCXjaZEWAC7NNmNiRn4RQOti0DlNrLL7Nx9
-vK09G0EnW01MO2ARRkZ3dog+Ph7orJQV3sd7TO4EEortqWtbegSH75ylyYw6rt/j
-uBzYtMOnEtnQKhxj4Wj7PO+StCgspoOByn0d+iSgDd2TlpWm4naP2pfFZT0R+TOH
-wzSH0F47TSfRd0++uEz/QhViybrvQK7yMt1G1YwZp2im+imuWwUC8Q==
+MIIFnjCCA4agAwIBAgIEDQtWKTANBgkqhkiG9w0BAQwFADB3MQswCQYDVQQGEwJV
+UzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuLUZyYW5jaXNjbzEZ
+MBcGA1UEChMQTGludXgtRm91bmRhdGlvbjENMAsGA1UECxMET05BUDERMA8GA1UE
+AxMIb25hcC5vcmcwHhcNMjAwNzA5MDgwNDE1WhcNMzAwNzA3MDgwNDE1WjB3MQsw
+CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuLUZy
+YW5jaXNjbzEZMBcGA1UEChMQTGludXgtRm91bmRhdGlvbjENMAsGA1UECxMET05B
+UDERMA8GA1UEAxMIb25hcC5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
+AoICAQCkxel9G29Hgy9j7cEQ0BGlPrP9s1SF3ADe7f56jTjQd/jFUsN67Da+l9Dt
+vy1yUwPnTr3krpXOHwQKplsuBDMoa0ayRhqUpp6fuSuu/zgGJOQIe7NlJh9FbYfq
+ax0nHO8qtwd+eTUCqkwVfOFZpDFwR7Ss73Z++14Em8TgFiIsTlBV1sa/xRWLT9JL
+Sqnr0tQiUJewO6sCUsis+U7kEf+QCueJAktMxR70rQcAJ2gd/zlnIaoaL4rF+MU8
+xlbEfMK/rxC6jeVm3oJu4ihjDKj1V6PDyEtzjsWQFtM+y6wgd98Kxt+0mHW3mZZ0
++Ul0fHSE0fRNp8qEMOUKYFbCffWBrMBZaOaUy6FSnnGi8frv7WqJXNiO2lClhsN1
+2yA1HgiorhK9sXjVdwsjTmJhOdvn5sla22+QXrobNflHZHo8JhWHpZ9RbBWAZdaa
+FrEizBoDnkpdaNb2PykYjqPo8D1Y/lOSDOg32wOW50F6bZg3yyQzFe0+PsAPK/u+
+b8THRJhkbXYvcAoDQv785aXoaa0mVg+yAvz6dorchJkViaOvUlNl+DNNKGJb1hWc
+KWLU1SpH7I9QWQYGExFEzsg4Wv2ErGponSoecAm+IM23mn/fhGrwv1r/bl5WR++5
+5nUIAbPysz3yQoMllSsBBOpuSsCLo1KQqQeQxnTwFxLS0Ag2SwIDAQABozIwMDAd
+BgNVHQ4EFgQUff+Pkp90yZtYsNvFGhq6SBdL+f0wDwYDVR0TAQH/BAUwAwEB/zAN
+BgkqhkiG9w0BAQwFAAOCAgEAAWzAQxiJb+3WiXnVC0AeQ2GBnj3JNWI13WE1VJ1a
++hsKAGHk6ACzsGfN0BiGp81Bt/4y+AinWTPI0xnuYqfJHS8/7sEvC7aSzmR0TsuM
+u7xOYCiczoEwlM2YoFt1dRWt+ve6EZgTXzBSm75to7F3HS0dZzRaEKxyOA3ONFHT
+tGgT+u7851qJQvNVwTOt54C7/PZ9Me5y98sosiGbp0USKroJbiMXHzIligp8s1uT
++Pm581C8YTVHKciR/4fhChu+tx39ZR2p4AoJFjEvgcWqYy+sOyn+Z8sWWLoj3dFk
+xjdpSRLPI771ihGdV2JXwgzN1ei8OvUzrW1a1gLZkZ1ZWtK4rwpJteFh4YW/wuDb
+dKElfqXJITmOEO+uT4cJ5+hGa3rl6asxbEJ6vhy7SZPOzgM1uAjRT1MpBtG/ZPY5
+mOkjzNbjlNsgwJNkuXCi4+3DWNC3QNrIqm825Wdr79TM3kYGfkK/ngargA0z0KYc
+7sF6P0tGo6gLACbx+dO9KFpjBIqVaw9AUwb/IOGm1Yv+QutEISqgDQTKzT0iv2Pt
+eSkR2IzaEvH0VmBnTHoHQwrV7x10cMxhwoA1mRvdt8L+gKC91CbVirIiRGCrJabO
+GiKKZ+pD5kVi9gy7omrjw2kH6Vu4aQGySGBhzpIZ977oO9u+jaTdMHBtladqVvWd
+sIM=
-----END CERTIFICATE-----
diff --git a/kubernetes/aaf/components/aaf-cert-service/resources/truststore.jks b/kubernetes/aaf/components/aaf-cert-service/resources/truststore.jks
index c32d37fd9d..90dfcb937c 100644
--- a/kubernetes/aaf/components/aaf-cert-service/resources/truststore.jks
+++ b/kubernetes/aaf/components/aaf-cert-service/resources/truststore.jks
Binary files differ
diff --git a/kubernetes/common/dgbuilder/resources/certs/node-cert.cer b/kubernetes/common/dgbuilder/resources/certs/node-cert.cer
new file mode 100644
index 0000000000..d944fc702d
--- /dev/null
+++ b/kubernetes/common/dgbuilder/resources/certs/node-cert.cer
Binary files differ
diff --git a/kubernetes/common/dgbuilder/resources/certs/node-cert.pem b/kubernetes/common/dgbuilder/resources/certs/node-cert.pem
new file mode 100644
index 0000000000..13a4046d83
--- /dev/null
+++ b/kubernetes/common/dgbuilder/resources/certs/node-cert.pem
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDATCCAekCFC8zGpHciUlQB1u+pmfkprCO65ASMA0GCSqGSIb3DQEBCwUAMD0x
+CzAJBgNVBAYTAlVTMQswCQYDVQQIDAJOSjENMAsGA1UECgwET05BUDESMBAGA1UE
+AwwJZGdidWlsZGVyMB4XDTIwMDcxNTE5NTAwMVoXDTIxMDcxNTE5NTAwMVowPTEL
+MAkGA1UEBhMCVVMxCzAJBgNVBAgMAk5KMQ0wCwYDVQQKDARPTkFQMRIwEAYDVQQD
+DAlkZ2J1aWxkZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8p5VL
+FX+kneXJEwcO1fTy2AThZyhzjxGCllEKx5WVRc7vLBVdmFQr8jTbnGGIgPcXOFHz
+GyO8dYRra0tz+sIeBdkNDNRcmDyRVD0ThjDLTCbZ3KZJp8LKDE0iOO4NZVAm6lb8
+ZNLz8hX6rtw9YBOKQXW/WZ0kWIzC0/qnVQUPbtS6kvDcaWIacpGwUkLq0NcNCo9q
+b14ADChMpVtfBj7RRpqEVS9QVQ8VTK9kKT26GPSj4se2jN4Zu7m5ReVO1GcdxmyK
+AAaB0w/bmIfploRehuNFhPVkFJJD5BGjF/YiGhrvJCgqrmrueIwgu3sLXyMXakeJ
+7sPzkg/iLzt5ee93AgMBAAEwDQYJKoZIhvcNAQELBQADggEBAKhP8mTxEF2+cX6p
+V9lIX0M8sIN5ENEfF64QcNHWdoZK+8hr7xfV6l36F8SNNQJG5/o+R6doYQ4DkoH8
+UtIWz0JMA7C9Mo+/8fEpHUeg+co5KDsEYNkhoGi5RELRFon0Q/kCaVIhcpuOJkna
+0ZoIxExSzKOWfJeybtZMMHJVJbmCyPkcnx5m5yZ/Q5VcWA2b11lvldfjkaTR27C1
+2N2m9qgi93frv+wilbwAMLv+tCarjaxS5IZO0YhrCmjIwCRQtg7tLW7j8DSfohPo
+xG3TmoNdt0m3xUsiC+M7Th+V/xtwimaaHuqu1iwN/c67wV3XlBn76zqBx88YoRvM
+b8lj6Qc=
+-----END CERTIFICATE-----
diff --git a/kubernetes/common/dgbuilder/resources/certs/node-csr.pem b/kubernetes/common/dgbuilder/resources/certs/node-csr.pem
new file mode 100644
index 0000000000..28a6a370d5
--- /dev/null
+++ b/kubernetes/common/dgbuilder/resources/certs/node-csr.pem
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICgjCCAWoCAQAwPTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk5KMQ0wCwYDVQQK
+DARPTkFQMRIwEAYDVQQDDAlkZ2J1aWxkZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQC8p5VLFX+kneXJEwcO1fTy2AThZyhzjxGCllEKx5WVRc7vLBVd
+mFQr8jTbnGGIgPcXOFHzGyO8dYRra0tz+sIeBdkNDNRcmDyRVD0ThjDLTCbZ3KZJ
+p8LKDE0iOO4NZVAm6lb8ZNLz8hX6rtw9YBOKQXW/WZ0kWIzC0/qnVQUPbtS6kvDc
+aWIacpGwUkLq0NcNCo9qb14ADChMpVtfBj7RRpqEVS9QVQ8VTK9kKT26GPSj4se2
+jN4Zu7m5ReVO1GcdxmyKAAaB0w/bmIfploRehuNFhPVkFJJD5BGjF/YiGhrvJCgq
+rmrueIwgu3sLXyMXakeJ7sPzkg/iLzt5ee93AgMBAAGgADANBgkqhkiG9w0BAQsF
+AAOCAQEAE5Qgik0whJkv4WJVCbCPpbHvpXXXNqMeuxybCixKVTZGY9xxxYOPe/OL
+5UqMTqes8Tb56e0feOweCecFLX+AatiDjPg9ZlPW/1LQEWEmvG2uh/0AeNt2nTA5
+WnmqgEwdJszopumVfCDg8vqcaGuDxRXE38mD1jnJYPjjQIumGhpHtqjIfp5CSXJb
+2HXpMQUOqs9dJJATyKvjIpnAJPInlxp3c24pehuMT/IXtbAAGUlGl4wCEQOREzHi
+3fLqJ9eZ3/96jlWAY8KHeAne+IOV8QRf6XsdpJ/TIFGBxlGokqSY1lE3kbAhlfgP
++vnPsK4kQP0JuQ7Mr5cLnSknOMxICw==
+-----END CERTIFICATE REQUEST-----
diff --git a/kubernetes/common/dgbuilder/resources/certs/node-key.pem b/kubernetes/common/dgbuilder/resources/certs/node-key.pem
new file mode 100644
index 0000000000..c6f44914b1
--- /dev/null
+++ b/kubernetes/common/dgbuilder/resources/certs/node-key.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAvKeVSxV/pJ3lyRMHDtX08tgE4Wcoc48RgpZRCseVlUXO7ywV
+XZhUK/I025xhiID3FzhR8xsjvHWEa2tLc/rCHgXZDQzUXJg8kVQ9E4Ywy0wm2dym
+SafCygxNIjjuDWVQJupW/GTS8/IV+q7cPWATikF1v1mdJFiMwtP6p1UFD27UupLw
+3GliGnKRsFJC6tDXDQqPam9eAAwoTKVbXwY+0UaahFUvUFUPFUyvZCk9uhj0o+LH
+tozeGbu5uUXlTtRnHcZsigAGgdMP25iH6ZaEXobjRYT1ZBSSQ+QRoxf2Ihoa7yQo
+Kq5q7niMILt7C18jF2pHie7D85IP4i87eXnvdwIDAQABAoIBAAnKRJQd7H7VdtxF
+cYNSlSCZFz+/Q7kjfowhUtlVXCzf74o35m/x/MQ/EIEpD2KvFqOM16vfB667BoEw
+kzzUkYhPU2E6/jZD7Di6f2To/NVAAXAi5DpES3aCxun0vF3TmSI73QHCFbR1JrDY
+rDM/LiRpmzuv4djGA6AEsihG4DlZtzRjgf6E7bISEv0GKJKnSotFsygvCxFj4n87
+gILsRpbcJgfCyCt5AYHN2Slw0N588WLMm2ShzFT1BoXDX2F2rZFPsHYM/DaFkHHe
+5Q8GlMou0OLnpH+9eJIR9TWXqjCokuEVu5nMLwccsEcujkc5OSt3R0U9HZqpvAPY
+K1l/rkkCgYEA6ZaIgI1w9lGt26rmYD87dlfrPAk/y3qeWbnADE9TcGf1A+qLntuK
+MWGTCzQ25nmQykAjBLt+688EaVBmeL3M33EIsUco1G3wM0y3UYoJ3YOgiYwMz+bm
+4xrWm388H+fwwR8XsmdgVlQ4/ssbPlIZVwiKP16Fe5TEKnj/VkJnxZUCgYEAzsFh
+f+NDEx0qZiZ0a+e8bdZzEjPuq0DI0bn2Q6nL1VOCcrPrvjPRyuX655v2ruvKMEe/
+mLwwH2XwCHcurLXog/y8ZMsMnm5hPufmoyWxP3L6l+uPho+fUk8s+rpWPtS2cgAt
+OhuKPGYub5yesnc4q5BibD4MtcHWM0YYsm54BdsCgYB/hxPXO2Fk2YsV1uQXv+3y
+2mUvTc1qhfNWATd8gQKI5/i4vqCjhjCYbTEeeM9QXSZThViZCNRuYYODC8YmPVlQ
+1CFux+7eq3bsSwH6nmZsbaSD89Y621FKxChOlNR6huLGTPdfC1lpSGolkTW6fJAh
+GCSCHFS796hxl8WvjmmhUQKBgGcMSyQKiSvFpZQ0JmKBpZC5CbFQ4OvJ5k1hejRP
+NKCmdqXktuKdwTp3VY6KVXDpZGSb3gqqAPIlRHVzsXezUqg2F0/FRAzSxvUrb/Bw
+oN8W139QkMBoZOgJPknZBZNbQXOgUupbP5LK+un2DcK1WTFpTSTV6E/OxIvZrAWC
+uZ9xAoGBAJufbS/h8Yo1sQMuIZEZhC6jFiPqA5fnIyQgaZu+zgpy3zjYXHpJ0THE
+wYZMEMKKxRFgZ7XXTWDkgdEfoJXMtnq/bN4BFxJ5Ns0FkitXmIc96+UYaKjC2KJK
+9TXMGe4bMJtFDhHZ0lzBqs0U88Yy/7AIupusuBnyupU5vLDUujh3
+-----END RSA PRIVATE KEY-----
diff --git a/kubernetes/common/dgbuilder/templates/deployment.yaml b/kubernetes/common/dgbuilder/templates/deployment.yaml
index e1fac77a97..ac15055a81 100644
--- a/kubernetes/common/dgbuilder/templates/deployment.yaml
+++ b/kubernetes/common/dgbuilder/templates/deployment.yaml
@@ -113,6 +113,8 @@ spec:
- name: config
mountPath: /opt/onap/ccsdk/dgbuilder/releases/sdnc1.0/customSettings.js
subPath: customSettings.js
+ - name: certificates
+ mountPath: /opt/onap/ccsdk/dgbuilder/certs
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -133,5 +135,8 @@ spec:
- name: config
emptyDir:
medium: Memory
+ - name: certificates
+ secret:
+ secretName: {{ include "common.secret.getSecretNameFast" (dict "global" . "uid" "{{.Release.Name}}-dgbuilder-onap-certs") }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/common/dgbuilder/values.yaml b/kubernetes/common/dgbuilder/values.yaml
index a1f637b199..6f8beef576 100644
--- a/kubernetes/common/dgbuilder/values.yaml
+++ b/kubernetes/common/dgbuilder/values.yaml
@@ -78,6 +78,15 @@ secrets:
externalSecret: '{{ tpl (default "" .Values.config.restconfCredsExternalSecret) . }}'
login: '{{ .Values.config.restconfUser }}'
password: '{{ .Values.config.restconfPassword }}'
+ - uid: "{{.Release.Name}}-dgbuilder-onap-certs"
+ name: '{{.Release.Name}}-dgbuilder-certs'
+ externalSecret: '{{ tpl (default "" .Values.certSecret) . }}'
+ type: generic
+ filePaths:
+ - resources/certs/node-cert.cer
+ - resources/certs/node-cert.pem
+ - resources/certs/node-csr.pem
+ - resources/certs/node-key.pem
#################################################################
# Application configuration defaults.
diff --git a/kubernetes/policy/charts/brmsgw/values.yaml b/kubernetes/policy/charts/brmsgw/values.yaml
index 70a2e3e855..70bea2c028 100644
--- a/kubernetes/policy/charts/brmsgw/values.yaml
+++ b/kubernetes/policy/charts/brmsgw/values.yaml
@@ -56,7 +56,7 @@ secrets:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/policy-pe:1.6.4
+image: onap/policy-pe:1.6.5
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/charts/pdp/values.yaml b/kubernetes/policy/charts/pdp/values.yaml
index 8921eabf81..f33a736c80 100644
--- a/kubernetes/policy/charts/pdp/values.yaml
+++ b/kubernetes/policy/charts/pdp/values.yaml
@@ -51,7 +51,7 @@ secrets:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/policy-pe:1.6.4
+image: onap/policy-pe:1.6.5
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/charts/policy-apex-pdp/resources/config/config.json b/kubernetes/policy/charts/policy-apex-pdp/resources/config/config.json
deleted file mode 100644
index 5df0a26596..0000000000
--- a/kubernetes/policy/charts/policy-apex-pdp/resources/config/config.json
+++ /dev/null
@@ -1,64 +0,0 @@
-# ============LICENSE_START=======================================================
-# Copyright (C) 2018 Ericsson. All rights reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# SPDX-License-Identifier: Apache-2.0
-# ============LICENSE_END=========================================================
-{
- "javaProperties" : [
- ["javax.net.ssl.trustStore", "/opt/app/policy/apex-pdp/etc/ssl/policy-truststore"],
- ["javax.net.ssl.trustStorePassword", "${TRUSTSTORE_PASSWORD_BASE64}"]
- ],
- "engineServiceParameters": {
- "name": "MyApexEngine",
- "version": "0.0.1",
- "id": 45,
- "instanceCount": 4,
- "deploymentPort": 12345,
- "policyModelFileName": "examples/models/SampleDomain/SamplePolicyModelJAVASCRIPT.json",
- "engineParameters": {
- "executorParameters": {
- "JAVASCRIPT": {
- "parameterClassName": "org.onap.policy.apex.plugins.executor.javascript.JavascriptExecutorParameters"
- }
- }
- }
- },
- "eventOutputParameters": {
- "FirstProducer": {
- "carrierTechnologyParameters": {
- "carrierTechnology": "FILE",
- "parameters": {
- "standardIo": true
- }
- },
- "eventProtocolParameters": {
- "eventProtocol": "JSON"
- }
- }
- },
- "eventInputParameters": {
- "FirstConsumer": {
- "carrierTechnologyParameters": {
- "carrierTechnology": "FILE",
- "parameters": {
- "standardIo": true
- }
- },
- "eventProtocolParameters": {
- "eventProtocol": "JSON"
- }
- }
- }
-}
diff --git a/kubernetes/policy/charts/policy-apex-pdp/templates/statefulset.yaml b/kubernetes/policy/charts/policy-apex-pdp/templates/statefulset.yaml
index 35f8aacb40..2e6a08c487 100644
--- a/kubernetes/policy/charts/policy-apex-pdp/templates/statefulset.yaml
+++ b/kubernetes/policy/charts/policy-apex-pdp/templates/statefulset.yaml
@@ -1,5 +1,6 @@
# ============LICENSE_START=======================================================
# Copyright (C) 2018 Ericsson. All rights reserved.
+# Modifications Copyright (C) 2020 Nordix Foundation.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -43,10 +44,8 @@ spec:
- sh
args:
- -c
- - "export TRUSTSTORE_PASSWORD_BASE64=`echo -n ${TRUSTSTORE_PASSWORD} | base64`; cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done"
+ - "cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done"
env:
- - name: TRUSTSTORE_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-pass" "key" "password") | indent 10 }}
- name: RESTSERVER_USER
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "login") | indent 10 }}
- name: RESTSERVER_PASSWORD
@@ -84,6 +83,10 @@ spec:
env:
- name: REPLICAS
value: "{{ .Values.replicaCount }}"
+ - name: KEYSTORE_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-pass" "key" "password") | indent 12 }}
+ - name: TRUSTSTORE_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-pass" "key" "password") | indent 12 }}
volumeMounts:
- mountPath: /etc/localtime
name: localtime
diff --git a/kubernetes/policy/charts/policy-apex-pdp/values.yaml b/kubernetes/policy/charts/policy-apex-pdp/values.yaml
index 9d52812f91..0959a77a5d 100644
--- a/kubernetes/policy/charts/policy-apex-pdp/values.yaml
+++ b/kubernetes/policy/charts/policy-apex-pdp/values.yaml
@@ -1,6 +1,7 @@
# ============LICENSE_START=======================================================
# Copyright (C) 2018 Ericsson. All rights reserved.
# Modifications Copyright (C) 2019-2020 AT&T Intellectual Property.
+# Modifications Copyright (C) 2020 Nordix Foundation.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -35,9 +36,14 @@ secrets:
password: '{{ .Values.restServer.password }}'
- uid: truststore-pass
type: password
- externalSecret: '{{ tpl (default "" .Values.truststore.passwordExternalSecret) . }}'
- password: '{{ .Values.truststore.password }}'
- policy: required
+ externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}'
+ password: '{{ .Values.certStores.trustStorePassword }}'
+ passwordPolicy: required
+ - uid: keystore-pass
+ type: password
+ externalSecret: '{{ tpl (default "" .Values.certStores.keyStorePasswordExternalSecret) . }}'
+ password: '{{ .Values.certStores.keyStorePassword }}'
+ passwordPolicy: required
#################################################################
# Application configuration defaults.
@@ -55,8 +61,9 @@ debugEnabled: false
restServer:
user: healthcheck
password: zb!XztG34
-truststore:
- password: Pol1cy_0nap
+certStores:
+ keyStorePassword: Pol1cy_0nap
+ trustStorePassword: Pol1cy_0nap
# default number of instances
replicaCount: 1
diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml
index 4de13eee2d..a136b0ad46 100644
--- a/kubernetes/policy/values.yaml
+++ b/kubernetes/policy/values.yaml
@@ -67,7 +67,7 @@ secrets:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/policy-pe:1.6.4
+image: onap/policy-pe:1.6.5
mariadb_image: library/mariadb:10
pullPolicy: Always
diff --git a/kubernetes/robot b/kubernetes/robot
-Subproject 36eee9317915ad1728421a5abeaa84fff239911
+Subproject 878f64c190e1dc5937ed30ff13921ff7fb1cbd9
diff --git a/kubernetes/sdc/charts/sdc-be/values.yaml b/kubernetes/sdc/charts/sdc-be/values.yaml
index ac0403b889..efe9cb0cf0 100644
--- a/kubernetes/sdc/charts/sdc-be/values.yaml
+++ b/kubernetes/sdc/charts/sdc-be/values.yaml
@@ -28,8 +28,8 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-backend:1.6.6
-backendInitImage: onap/sdc-backend-init:1.6.6
+image: onap/sdc-backend:1.6.7
+backendInitImage: onap/sdc-backend-init:1.6.7
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/sdc/charts/sdc-cs/values.yaml b/kubernetes/sdc/charts/sdc-cs/values.yaml
index cabf2c19eb..927dd98887 100644
--- a/kubernetes/sdc/charts/sdc-cs/values.yaml
+++ b/kubernetes/sdc/charts/sdc-cs/values.yaml
@@ -28,8 +28,8 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-cassandra:1.6.6
-cassandraInitImage: onap/sdc-cassandra-init:1.6.6
+image: onap/sdc-cassandra:1.6.7
+cassandraInitImage: onap/sdc-cassandra-init:1.6.7
pullPolicy: Always
diff --git a/kubernetes/sdc/charts/sdc-fe/values.yaml b/kubernetes/sdc/charts/sdc-fe/values.yaml
index 98452c23e1..ff1890ca66 100644
--- a/kubernetes/sdc/charts/sdc-fe/values.yaml
+++ b/kubernetes/sdc/charts/sdc-fe/values.yaml
@@ -28,7 +28,7 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-frontend:1.6.6
+image: onap/sdc-frontend:1.6.7
pullPolicy: Always
config:
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml
index f83000f74a..bdd99953bd 100644
--- a/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml
+++ b/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml
@@ -28,8 +28,8 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-onboard-backend:1.6.6
-onboardingInitImage: onap/sdc-onboard-cassandra-init:1.6.6
+image: onap/sdc-onboard-backend:1.6.7
+onboardingInitImage: onap/sdc-onboard-cassandra-init:1.6.7
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/so/charts/so-appc-orchestrator/values.yaml b/kubernetes/so/charts/so-appc-orchestrator/values.yaml
index f10873d66b..1c0cd43c6f 100644
--- a/kubernetes/so/charts/so-appc-orchestrator/values.yaml
+++ b/kubernetes/so/charts/so-appc-orchestrator/values.yaml
@@ -61,7 +61,7 @@ secrets:
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/so-appc-orchestrator:1.6.0
+image: onap/so/so-appc-orchestrator:1.6.4
pullPolicy: Always
db: