summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--docs/master_nfs_node.sh4
-rw-r--r--docs/openstack-k8s-controlnode.sh8
-rw-r--r--docs/openstack-k8s-workernode.sh8
-rw-r--r--docs/openstack-nfs-server.sh8
-rw-r--r--kubernetes/aai/.helmignore22
-rw-r--r--kubernetes/aai/components/aai-resources/templates/deployment.yaml2
-rw-r--r--kubernetes/appc/.helmignore1
-rw-r--r--kubernetes/cds/.helmignore1
-rw-r--r--kubernetes/common/cassandra/resources/config/docker-entrypoint.sh7
-rw-r--r--kubernetes/common/mariadb-galera/values.yaml3
-rwxr-xr-xkubernetes/common/mariadb-init/resources/config/db_init.sh12
-rw-r--r--kubernetes/consul/.helmignore22
-rw-r--r--kubernetes/dcaegen2-services/.helmignore1
-rw-r--r--kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml2
-rw-r--r--kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml2
-rw-r--r--kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml2
-rw-r--r--kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_READY.json2
-rw-r--r--kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_REGISTRATION.json2
-rw-r--r--kubernetes/dmaap/components/dmaap-bc/resources/topics/mirrormakeragent.json2
-rw-r--r--kubernetes/dmaap/components/dmaap-bc/values.yaml2
-rw-r--r--kubernetes/esr/.helmignore1
-rwxr-xr-xkubernetes/helm/plugins/deploy/deploy.sh2
-rwxr-xr-xkubernetes/helm/plugins/undeploy/undeploy.sh2
-rw-r--r--kubernetes/log/.helmignore1
-rw-r--r--kubernetes/modeling/.helmignore22
-rw-r--r--kubernetes/msb/.helmignore1
-rw-r--r--kubernetes/multicloud/.helmignore1
-rw-r--r--kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/deployment.yaml10
-rw-r--r--kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/values.yaml3
-rw-r--r--kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/deployment.yaml10
-rw-r--r--kubernetes/oof/components/oof-cmso/components/oof-cmso-service/values.yaml3
-rw-r--r--kubernetes/oof/components/oof-cmso/requirements.yaml1
-rw-r--r--kubernetes/oof/components/oof-cmso/values.yaml33
-rw-r--r--kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh16
-rwxr-xr-xkubernetes/robot/demo-k8s.sh2
-rwxr-xr-xkubernetes/robot/ete-k8s.sh2
-rwxr-xr-xkubernetes/robot/eteHelm-k8s.sh2
-rw-r--r--kubernetes/sdc/components/sdc-helm-validator/values.yaml2
-rwxr-xr-xkubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh2
-rwxr-xr-xkubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncStandby.sh4
-rwxr-xr-xkubernetes/sdnc/resources/geo/bin/switchVoting.sh4
-rw-r--r--kubernetes/uui/.helmignore1
-rw-r--r--kubernetes/vfc/.helmignore22
43 files changed, 188 insertions, 72 deletions
diff --git a/docs/master_nfs_node.sh b/docs/master_nfs_node.sh
index 4a7a8dbc12..32574c9f29 100644
--- a/docs/master_nfs_node.sh
+++ b/docs/master_nfs_node.sh
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/sh
usage () {
echo "Usage:"
@@ -23,7 +23,7 @@ sudo chown nobody:nogroup /dockerdata-nfs/
#Update the /etc/exports
NFS_EXP=""
for i in $@; do
- NFS_EXP+="$i(rw,sync,no_root_squash,no_subtree_check) "
+ NFS_EXP="${NFS_EXP}$i(rw,sync,no_root_squash,no_subtree_check) "
done
echo "/dockerdata-nfs "$NFS_EXP | sudo tee -a /etc/exports
diff --git a/docs/openstack-k8s-controlnode.sh b/docs/openstack-k8s-controlnode.sh
index cd219aa56f..d1515a7e5f 100644
--- a/docs/openstack-k8s-controlnode.sh
+++ b/docs/openstack-k8s-controlnode.sh
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/sh
DOCKER_VERSION=18.09.5
@@ -18,10 +18,10 @@ systemctl daemon-reload
systemctl restart docker
apt-mark hold docker-ce
-IP_ADDR=`ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}'`
-HOSTNAME=`hostname`
+IP_ADDR=$(ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}')
+HOST_NAME=$(hostname)
-echo "$IP_ADDR $HOSTNAME" >> /etc/hosts
+echo "$IP_ADDR $HOST_NAME" >> /etc/hosts
docker login -u docker -p docker nexus3.onap.org:10001
diff --git a/docs/openstack-k8s-workernode.sh b/docs/openstack-k8s-workernode.sh
index 3f32d050a9..8b1b9e41ee 100644
--- a/docs/openstack-k8s-workernode.sh
+++ b/docs/openstack-k8s-workernode.sh
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/sh
DOCKER_VERSION=18.09.5
@@ -18,10 +18,10 @@ systemctl daemon-reload
systemctl restart docker
apt-mark hold docker-ce
-IP_ADDR=`ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}'`
-HOSTNAME=`hostname`
+IP_ADDR=$(ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}')
+HOST_NAME=$(hostname)
-echo "$IP_ADDR $HOSTNAME" >> /etc/hosts
+echo "$IP_ADDR $HOST_NAME" >> /etc/hosts
docker login -u docker -p docker nexus3.onap.org:10001
diff --git a/docs/openstack-nfs-server.sh b/docs/openstack-nfs-server.sh
index 1db04eaff6..395d04f27c 100644
--- a/docs/openstack-nfs-server.sh
+++ b/docs/openstack-nfs-server.sh
@@ -1,11 +1,11 @@
-#!/bin/bash
+#!/bin/sh
apt-get update
-IP_ADDR=`ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}'`
-HOSTNAME=`hostname`
+IP_ADDR=$(ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}')
+HOST_NAME=$(hostname)
-echo "$IP_ADDR $HOSTNAME" >> /etc/hosts
+echo "$IP_ADDR $HOST_NAME" >> /etc/hosts
sudo apt-get install make -y
diff --git a/kubernetes/aai/.helmignore b/kubernetes/aai/.helmignore
new file mode 100644
index 0000000000..7ddbad7ef4
--- /dev/null
+++ b/kubernetes/aai/.helmignore
@@ -0,0 +1,22 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+components/
diff --git a/kubernetes/aai/components/aai-resources/templates/deployment.yaml b/kubernetes/aai/components/aai-resources/templates/deployment.yaml
index d630647883..1297809658 100644
--- a/kubernetes/aai/components/aai-resources/templates/deployment.yaml
+++ b/kubernetes/aai/components/aai-resources/templates/deployment.yaml
@@ -122,7 +122,7 @@ spec:
- name: LOCAL_GROUP_ID
value: {{ .Values.global.config.groupId | quote }}
- name: POST_JAVA_OPTS
- value: '-Djavax.net.ssl.trustStore=/opt/app/aai-resources/resources/aaf/truststoreONAPall.jks -Djavax.net.ssl.trustStorePassword={{ .Values.certInitializer.truststorePassword }}'
+ value: '-Djavax.net.ssl.trustStore={{ .Values.certInitializer.credsPath }}/truststoreONAPall.jks -Djavax.net.ssl.trustStorePassword={{ .Values.certInitializer.truststorePassword }}'
- name: TRUSTORE_ALL_PASSWORD
value: {{ .Values.certInitializer.truststorePassword }}
volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
diff --git a/kubernetes/appc/.helmignore b/kubernetes/appc/.helmignore
index f0c1319444..7ddbad7ef4 100644
--- a/kubernetes/appc/.helmignore
+++ b/kubernetes/appc/.helmignore
@@ -19,3 +19,4 @@
.project
.idea/
*.tmproj
+components/
diff --git a/kubernetes/cds/.helmignore b/kubernetes/cds/.helmignore
index f0c1319444..7ddbad7ef4 100644
--- a/kubernetes/cds/.helmignore
+++ b/kubernetes/cds/.helmignore
@@ -19,3 +19,4 @@
.project
.idea/
*.tmproj
+components/
diff --git a/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh b/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh
index 64c7daacbf..5f23a89867 100644
--- a/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh
+++ b/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh
@@ -1,4 +1,5 @@
#!/bin/bash
+
set -e
# first arg is `-f` or `--some-option`
@@ -71,7 +72,8 @@ if [ "$1" = 'cassandra' ]; then
authenticator \
; do
var="CASSANDRA_${yaml^^}"
- val="${!var}"
+ # eval presents no security issue here because of limited possible values of var
+ eval val=\$$var
if [ "$val" ]; then
_sed-in-place "$CASSANDRA_CONFIG/cassandra.yaml" \
-r 's/^(# )?('"$yaml"':).*/\2 '"$val"'/'
@@ -80,7 +82,8 @@ if [ "$1" = 'cassandra' ]; then
for rackdc in dc rack; do
var="CASSANDRA_${rackdc^^}"
- val="${!var}"
+ # eval presents no security issue here because of limited possible values of var
+ eval val=\$$var
if [ "$val" ]; then
_sed-in-place "$CASSANDRA_CONFIG/cassandra-rackdc.properties" \
-r 's/^('"$rackdc"'=).*/\1 '"$val"'/'
diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml
index 4c77efc83f..ed9977acd9 100644
--- a/kubernetes/common/mariadb-galera/values.yaml
+++ b/kubernetes/common/mariadb-galera/values.yaml
@@ -86,9 +86,10 @@ service:
##
type: ClusterIP
headless: {}
+ internalPort: &dbPort 3306
ports:
- name: mysql
- port: 3306
+ port: *dbPort
headlessPorts:
- name: galera
port: 4567
diff --git a/kubernetes/common/mariadb-init/resources/config/db_init.sh b/kubernetes/common/mariadb-init/resources/config/db_init.sh
index fa4b007a5a..f130bb5118 100755
--- a/kubernetes/common/mariadb-init/resources/config/db_init.sh
+++ b/kubernetes/common/mariadb-init/resources/config/db_init.sh
@@ -1,4 +1,5 @@
#!/bin/bash
+
{{/*
# Copyright © 2019 Orange
# Copyright © 2020 Samsung Electronics
@@ -22,8 +23,15 @@ set -e
while read DB ; do
USER_VAR="MYSQL_USER_${DB^^}"
PASS_VAR="MYSQL_PASSWORD_${DB^^}"
- USER=${!USER_VAR}
- PASS=`echo -n ${!PASS_VAR} | sed -e "s/'/''/g"`
+{{/*
+ # USER=${!USER_VAR}
+ # PASS=`echo -n ${!PASS_VAR} | sed -e "s/'/''/g"`
+ # eval replacement of the bashism equivalents above might present a security issue here
+ # since it reads content from DB values filled by helm at the end of the script.
+ # These possible values has to be constrainted and/or limited by helm for a safe use of eval.
+*/}}
+ eval USER=\$$USER_VAR
+ PASS=$(eval echo -n \$$PASS_VAR | sed -e "s/'/''/g")
MYSQL_OPTS=( -h ${DB_HOST} -P ${DB_PORT} -uroot -p${MYSQL_ROOT_PASSWORD} )
echo "Creating database ${DB} and user ${USER}..."
diff --git a/kubernetes/consul/.helmignore b/kubernetes/consul/.helmignore
new file mode 100644
index 0000000000..7ddbad7ef4
--- /dev/null
+++ b/kubernetes/consul/.helmignore
@@ -0,0 +1,22 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+components/
diff --git a/kubernetes/dcaegen2-services/.helmignore b/kubernetes/dcaegen2-services/.helmignore
index 50af031725..301d5b7d9e 100644
--- a/kubernetes/dcaegen2-services/.helmignore
+++ b/kubernetes/dcaegen2-services/.helmignore
@@ -20,3 +20,4 @@
.idea/
*.tmproj
.vscode/
+components/
diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
index 0a97f9e0c0..82e8229408 100644
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
@@ -104,7 +104,7 @@ mongo:
disableNfsProvisioner: true
# application image
-image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:3.0.4
+image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:3.2.0
default_k8s_location: central
# DCAE component images to be deployed via Cloudify Manager
diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml
index 313ac9b34d..10fb4430ea 100644
--- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml
@@ -53,7 +53,7 @@ config:
# Application configuration defaults.
#################################################################
# application image
-image: onap/org.onap.dcaegen2.deployments.cm-container:4.5.0
+image: onap/org.onap.dcaegen2.deployments.cm-container:4.6.0
pullPolicy: Always
# name of shared ConfigMap with kubeconfig for multiple clusters
diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml
index 521fac06a2..90bc0989d0 100644
--- a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml
@@ -36,7 +36,7 @@ config:
importK8S: plugin:k8splugin?version=>=3.5.1,<4.0.0
importPostgres: plugin:pgaas?version=1.3.0
importClamp: plugin:clamppolicyplugin?version=1.1.0
- importDMaaP: plugin:dmaap?version=1.5.0
+ importDMaaP: plugin:dmaap?version=>=1.5.1,<2.0.0
useDmaapPlugin: false
bpResourcesCpuLimit: 250m
bpResourcesMemoryLimit: 128Mi
diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_READY.json b/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_READY.json
index 8f4cf8bd64..34197b948e 100644
--- a/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_READY.json
+++ b/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_READY.json
@@ -2,7 +2,7 @@
"topicName": "PNF_READY",
"topicDescription": "This topic will be used to publish the PNF_READY events generated by the PNF REgistration Handler service in the DCAE platform.",
"owner": "PNFRegistrationHandler",
- "txenabled": false,
+ "tnxEnabled": false,
"clients": [
{
"dcaeLocationName": "san-francisco",
diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_REGISTRATION.json b/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_REGISTRATION.json
index f0dd2c7829..e7325794a1 100644
--- a/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_REGISTRATION.json
+++ b/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_REGISTRATION.json
@@ -2,7 +2,7 @@
"topicName": "PNF_REGISTRATION",
"topicDescription": "the VES collector will be publishing pnfRegistration events in this topic",
"owner": "VEScollector",
- "txenabled": false,
+ "tnxEnabled": false,
"clients": [
{
"dcaeLocationName": "san-francisco",
diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/topics/mirrormakeragent.json b/kubernetes/dmaap/components/dmaap-bc/resources/topics/mirrormakeragent.json
index ff1a5732e2..fb2c54ed4b 100644
--- a/kubernetes/dmaap/components/dmaap-bc/resources/topics/mirrormakeragent.json
+++ b/kubernetes/dmaap/components/dmaap-bc/resources/topics/mirrormakeragent.json
@@ -3,7 +3,7 @@
"topicDescription": "the topic used to provision the MM agent whitelist",
"replicationCase": "REPLICATION_NONE",
"owner": "dmaap",
- "txenabled": false,
+ "tnxEnabled": false,
"partitionCount": "1",
"clients": [
{
diff --git a/kubernetes/dmaap/components/dmaap-bc/values.yaml b/kubernetes/dmaap/components/dmaap-bc/values.yaml
index bfd0f1ebd3..65242b4a4f 100644
--- a/kubernetes/dmaap/components/dmaap-bc/values.yaml
+++ b/kubernetes/dmaap/components/dmaap-bc/values.yaml
@@ -40,7 +40,7 @@ secrets:
pullPolicy: Always
# application images
-image: onap/dmaap/dmaap-bc:2.0.5
+image: onap/dmaap/dmaap-bc:2.0.6
# application configuration
diff --git a/kubernetes/esr/.helmignore b/kubernetes/esr/.helmignore
index f0c1319444..7ddbad7ef4 100644
--- a/kubernetes/esr/.helmignore
+++ b/kubernetes/esr/.helmignore
@@ -19,3 +19,4 @@
.project
.idea/
*.tmproj
+components/
diff --git a/kubernetes/helm/plugins/deploy/deploy.sh b/kubernetes/helm/plugins/deploy/deploy.sh
index ce8e80225f..4fec3984db 100755
--- a/kubernetes/helm/plugins/deploy/deploy.sh
+++ b/kubernetes/helm/plugins/deploy/deploy.sh
@@ -251,7 +251,7 @@ deploy() {
fi
if [ "$DELAY" = "true" ]; then
echo sleep 3m
- sleep 3m
+ sleep 180
fi
else
array=($(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}"))
diff --git a/kubernetes/helm/plugins/undeploy/undeploy.sh b/kubernetes/helm/plugins/undeploy/undeploy.sh
index 790f84fda9..35fc4ca251 100755
--- a/kubernetes/helm/plugins/undeploy/undeploy.sh
+++ b/kubernetes/helm/plugins/undeploy/undeploy.sh
@@ -49,4 +49,4 @@ case "${1:-"help"}" in
;;
esac
-exit 0 \ No newline at end of file
+exit 0
diff --git a/kubernetes/log/.helmignore b/kubernetes/log/.helmignore
index f0c1319444..7ddbad7ef4 100644
--- a/kubernetes/log/.helmignore
+++ b/kubernetes/log/.helmignore
@@ -19,3 +19,4 @@
.project
.idea/
*.tmproj
+components/
diff --git a/kubernetes/modeling/.helmignore b/kubernetes/modeling/.helmignore
new file mode 100644
index 0000000000..7ddbad7ef4
--- /dev/null
+++ b/kubernetes/modeling/.helmignore
@@ -0,0 +1,22 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+components/
diff --git a/kubernetes/msb/.helmignore b/kubernetes/msb/.helmignore
index f0c1319444..7ddbad7ef4 100644
--- a/kubernetes/msb/.helmignore
+++ b/kubernetes/msb/.helmignore
@@ -19,3 +19,4 @@
.project
.idea/
*.tmproj
+components/
diff --git a/kubernetes/multicloud/.helmignore b/kubernetes/multicloud/.helmignore
index f0c1319444..7ddbad7ef4 100644
--- a/kubernetes/multicloud/.helmignore
+++ b/kubernetes/multicloud/.helmignore
@@ -19,3 +19,4 @@
.project
.idea/
*.tmproj
+components/
diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/deployment.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/deployment.yaml
index 08af62d844..2050fe676c 100644
--- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/templates/deployment.yaml
@@ -41,7 +41,7 @@ spec:
- /app/ready.py
args:
- --container-name
- - {{ .Values.config.db.container }}
+ - {{ include "common.mariadbService" . }}
env:
- name: NAMESPACE
valueFrom:
@@ -77,9 +77,9 @@ spec:
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
env:
- name: DB_HOST
- value: {{ .Values.config.db.host }}.{{.Release.Namespace}}
+ value: {{ include "common.mariadbService" . }}.{{.Release.Namespace}}
- name: DB_PORT
- value: {{ .Values.config.db.port | quote}}
+ value: {{ include "common.mariadbPort" . | quote}}
- name: DB_USERNAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "login") | indent 10}}
- name: DB_SCHEMA
@@ -99,9 +99,9 @@ spec:
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
env:
- name: DB_HOST
- value: {{ .Values.config.db.host }}.{{.Release.Namespace}}
+ value: {{ include "common.mariadbService" . }}.{{.Release.Namespace}}
- name: DB_PORT
- value: {{ .Values.config.db.port | quote}}
+ value: {{ include "common.mariadbPort" . | quote}}
- name: DB_USERNAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "login") | indent 10}}
- name: DB_SCHEMA
diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/values.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/values.yaml
index c9de6546c2..3bee34aaa7 100644
--- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/values.yaml
+++ b/kubernetes/oof/components/oof-cmso/components/oof-cmso-optimizer/values.yaml
@@ -19,6 +19,7 @@
global: # global defaults
nodePortPrefix: 302
readinessImage: onap/oom/readiness:3.0.1
+ mariadbGalera: {}
subChartsOnly:
enabled: true
@@ -85,6 +86,7 @@ service:
# as of 20181022 port 23 is reserved for cmso
# see https://wiki.onap.org/display/DW/OOM+NodePort+List
+mariadb-galera: {}
config:
aaf:
@@ -92,7 +94,6 @@ config:
password: pass
# userCredentialsExternalSecret: some-secret
db:
- port: 3306
# rootPassword: pass
# rootPasswordExternalSecret: some secret
user: cmso-admin
diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/deployment.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/deployment.yaml
index 3fd0112928..d82040b17b 100644
--- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/templates/deployment.yaml
@@ -41,7 +41,7 @@ spec:
- /app/ready.py
args:
- --container-name
- - {{ .Values.config.db.container }}
+ - {{ include "common.mariadbService" . }}
env:
- name: NAMESPACE
valueFrom:
@@ -77,9 +77,9 @@ spec:
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
env:
- name: DB_HOST
- value: {{ .Values.config.db.host }}.{{.Release.Namespace}}
+ value: {{ include "common.mariadbService" . }}.{{.Release.Namespace}}
- name: DB_PORT
- value: {{ .Values.config.db.port | quote}}
+ value: {{ include "common.mariadbPort" . | quote}}
- name: DB_USERNAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "login") | indent 10}}
- name: DB_SCHEMA
@@ -113,9 +113,9 @@ spec:
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
env:
- name: DB_HOST
- value: {{ .Values.config.db.host }}.{{.Release.Namespace}}
+ value: {{ include "common.mariadbService" . }}.{{.Release.Namespace}}
- name: DB_PORT
- value: {{ .Values.config.db.port | quote}}
+ value: {{ include "common.mariadbPort" . | quote}}
- name: DB_USERNAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "login") | indent 10}}
- name: DB_SCHEMA
diff --git a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/values.yaml b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/values.yaml
index 105163e95c..3eb94ead7b 100644
--- a/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/values.yaml
+++ b/kubernetes/oof/components/oof-cmso/components/oof-cmso-service/values.yaml
@@ -18,6 +18,7 @@
#################################################################
global: # global defaults
nodePortPrefix: 302
+ mariadbGalera: {}
subChartsOnly:
enabled: true
@@ -83,6 +84,7 @@ service:
# as of 20181022 port 23 is reserved for cmso
# see https://wiki.onap.org/display/DW/OOM+NodePort+List
+mariadb-galera: {}
config:
aaf:
@@ -90,7 +92,6 @@ config:
password: pass
# userCredentialsExternalSecret: some-secret
db:
- port: 3306
# rootPassword: pass
# rootPasswordExternalSecret: some secret
user: cmso-admin
diff --git a/kubernetes/oof/components/oof-cmso/requirements.yaml b/kubernetes/oof/components/oof-cmso/requirements.yaml
index 535a1e1696..30946c6a33 100644
--- a/kubernetes/oof/components/oof-cmso/requirements.yaml
+++ b/kubernetes/oof/components/oof-cmso/requirements.yaml
@@ -23,6 +23,7 @@ dependencies:
- name: mariadb-galera
version: ~8.x-0
repository: '@local'
+ condition: global.mariadbGalera.localCluster
- name: mariadb-init
version: ~8.x-0
repository: '@local'
diff --git a/kubernetes/oof/components/oof-cmso/values.yaml b/kubernetes/oof/components/oof-cmso/values.yaml
index c46fd0a33a..15aac51888 100644
--- a/kubernetes/oof/components/oof-cmso/values.yaml
+++ b/kubernetes/oof/components/oof-cmso/values.yaml
@@ -13,6 +13,19 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+global:
+ commonConfigPrefix: "oof-cmso"
+ truststoreFile: "truststoreONAPall.jks"
+ keystoreFile: "org.onap.oof.jks"
+ truststorePassword:
+ authentication: aaf-auth
+ mariadbGalera: &mariadbGalera
+ #This flag allows OOF-CMSO to instantiate its own mariadb-galera cluster
+ localCluster: false
+ service: mariadb-galera
+ internalPort: 3306
+ nameOverride: mariadb-galera
+
#################################################################
# Secrets metaconfig
#################################################################
@@ -42,7 +55,7 @@ secrets:
login: '{{ .Values.config.aaf.user }}'
password: '{{ .Values.config.aaf.password }}'
-mariadb-galera:
+mariadb-galera: &localMariadb
replicaCount: 1
nameOverride: &dbName cmso-db
nfsprovisionerPrefix: cmso
@@ -56,19 +69,7 @@ mariadb-galera:
serviceAccount:
nameOverride: *dbName
-global:
- commonConfigPrefix: "oof-cmso"
- truststoreFile: "truststoreONAPall.jks"
- keystoreFile: "org.onap.oof.jks"
- truststorePassword:
- authentication: aaf-auth
-
mariadb-init:
- mariadbGalera:
- containerName: *dbName
- serviceName: *dbName
- servicePort: 3306
- userRootSecret: *rootPassword
config:
userCredentialsExternalSecret: *serviceDbCreds
mysqlDatabase: cmso
@@ -117,11 +118,10 @@ oof-cmso-service:
certInitializer:
<< : *certInitConfig
nameOverride: oof-cmso-service-cert-initializer
+ mariadb-galera: *localMariadb
config:
db:
userCredentialsExternalSecret: *serviceDbCreds
- host: *dbName
- container: *dbName
mysqlDatabase: cmso
aaf:
userCredentialsExternalSecret: *aafCreds
@@ -131,12 +131,11 @@ oof-cmso-optimizer:
certInitializer:
<< : *certInitConfig
nameOverride: oof-cmso-optimizer-cert-initializer
+ mariadb-galera: *localMariadb
config:
enabled: true
db:
userCredentialsExternalSecret: *optimizerDbCreds
- host: *dbName
- container: *dbName
mysqlDatabase: optimizer
aaf:
userCredentialsExternalSecret: *aafCreds
diff --git a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh
index ebc8ca0f40..65b9636891 100644
--- a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh
+++ b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh
@@ -1,4 +1,5 @@
#!/bin/bash
+
set -eo pipefail
shopt -s nullglob
@@ -30,10 +31,15 @@ file_env() {
mysql_error "Both $var and $fileVar are set (but are exclusive)"
fi
local val="$def"
+ # val="${!var}"
+ # val="$(< "${!fileVar}")"
+ # eval replacement of the bashism equivalents above presents no security issue here
+ # since var and fileVar variables contents are derived from the file_env() function arguments.
+ # This method is only called inside this script with a limited number of possible values.
if [ "${!var:-}" ]; then
- val="${!var}"
+ eval val=\$$var
elif [ "${!fileVar:-}" ]; then
- val="$(< "${!fileVar}")"
+ val="$(< "$(eval echo "\$$fileVar")")"
fi
export "$var"="$val"
unset "$fileVar"
@@ -105,7 +111,7 @@ docker_temp_server_start() {
# so that it won't try to fill in a password file when it hasn't been set yet
extraArgs=()
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
- extraArgs+=( '--dont-use-mysql-root-password' )
+ extraArgs=${extraArgs}( '--dont-use-mysql-root-password' )
fi
if echo 'SELECT 1' |docker_process_sql "${extraArgs[@]}" --database=mysql >/dev/null 2>&1; then
break
@@ -155,7 +161,7 @@ docker_init_database_dir() {
# beginning in 10.4.3, install_db uses "socket" which only allows system user root to connect, switch back to "normal" to allow mysql root without a password
# see https://github.com/MariaDB/server/commit/b9f3f06857ac6f9105dc65caae19782f09b47fb3
# (this flag doesn't exist in 10.0 and below)
- installArgs+=( --auth-root-authentication-method=normal )
+ installArgs=${installArgs}( --auth-root-authentication-method=normal )
fi
# "Other options are passed to mysqld." (so we pass all "mysqld" arguments directly here)
mysql_install_db "${installArgs[@]}" "${@:2}"
@@ -191,7 +197,7 @@ docker_setup_env() {
docker_process_sql() {
passfileArgs=()
if [ '--dont-use-mysql-root-password' = "$1" ]; then
- passfileArgs+=( "$1" )
+ passfileArgs=${passfileArgs}( "$1" )
shift
fi
# args sent in can override this db, since they will be later in the command
diff --git a/kubernetes/robot/demo-k8s.sh b/kubernetes/robot/demo-k8s.sh
index 099f80ccff..5e4e216c95 100755
--- a/kubernetes/robot/demo-k8s.sh
+++ b/kubernetes/robot/demo-k8s.sh
@@ -222,7 +222,7 @@ ETEHOME=/var/opt/ONAP
if [ $execscript ]; then
for script in $(ls -1 "$DIR/$SCRIPTDIR"); do
- [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && source "$DIR/$SCRIPTDIR/$script"
+ [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && . "$DIR/$SCRIPTDIR/$script"
done
fi
diff --git a/kubernetes/robot/ete-k8s.sh b/kubernetes/robot/ete-k8s.sh
index 15d07fb3ee..01cf0922fa 100755
--- a/kubernetes/robot/ete-k8s.sh
+++ b/kubernetes/robot/ete-k8s.sh
@@ -78,7 +78,7 @@ ETEHOME=/var/opt/ONAP
if [ "${!#}" = "execscript" ]; then
for script in $(ls -1 "$DIR/$SCRIPTDIR"); do
- [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && source "$DIR/$SCRIPTDIR/$script"
+ [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && . "$DIR/$SCRIPTDIR/$script"
done
fi
diff --git a/kubernetes/robot/eteHelm-k8s.sh b/kubernetes/robot/eteHelm-k8s.sh
index d5e2fa41c3..8b74da77f8 100755
--- a/kubernetes/robot/eteHelm-k8s.sh
+++ b/kubernetes/robot/eteHelm-k8s.sh
@@ -46,7 +46,7 @@ ETEHOME=/var/opt/ONAP
if [ "${!#}" = "execscript" ]; then
for script in $(ls -1 "$DIR/$SCRIPTDIR"); do
- [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && source "$DIR/$SCRIPTDIR/$script"
+ [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && . "$DIR/$SCRIPTDIR/$script"
done
fi
diff --git a/kubernetes/sdc/components/sdc-helm-validator/values.yaml b/kubernetes/sdc/components/sdc-helm-validator/values.yaml
index ede80a6af0..5c5c5995b0 100644
--- a/kubernetes/sdc/components/sdc-helm-validator/values.yaml
+++ b/kubernetes/sdc/components/sdc-helm-validator/values.yaml
@@ -18,7 +18,7 @@
global:
pullPolicy: Always
-image: onap/org.onap.sdc.sdc-helm-validator:1.2.0
+image: onap/org.onap.sdc.sdc-helm-validator:1.2.1
containerPort: &svc_port 8080
config:
diff --git a/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh b/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh
index feb6662196..099103ca79 100755
--- a/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh
+++ b/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-{{/*
+{{/*
# Copyright © 2018 Amdocs
#
# Licensed under the Apache License, Version 2.0 (the "License");
diff --git a/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncStandby.sh b/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncStandby.sh
index 94858339e7..05a17017ab 100755
--- a/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncStandby.sh
+++ b/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncStandby.sh
@@ -1,6 +1,6 @@
-#!/bin/bash
-{{/*
+#!/bin/sh
+{{/*
# Copyright © 2018 Amdocs
#
# Licensed under the Apache License, Version 2.0 (the "License");
diff --git a/kubernetes/sdnc/resources/geo/bin/switchVoting.sh b/kubernetes/sdnc/resources/geo/bin/switchVoting.sh
index 65b76265fc..a276854d5c 100755
--- a/kubernetes/sdnc/resources/geo/bin/switchVoting.sh
+++ b/kubernetes/sdnc/resources/geo/bin/switchVoting.sh
@@ -1,6 +1,6 @@
-#!/bin/bash
-{{/*
+#!/bin/sh
+{{/*
# Copyright © 2018 Amdocs
#
# Licensed under the Apache License, Version 2.0 (the "License");
diff --git a/kubernetes/uui/.helmignore b/kubernetes/uui/.helmignore
index f0c1319444..7ddbad7ef4 100644
--- a/kubernetes/uui/.helmignore
+++ b/kubernetes/uui/.helmignore
@@ -19,3 +19,4 @@
.project
.idea/
*.tmproj
+components/
diff --git a/kubernetes/vfc/.helmignore b/kubernetes/vfc/.helmignore
new file mode 100644
index 0000000000..7ddbad7ef4
--- /dev/null
+++ b/kubernetes/vfc/.helmignore
@@ -0,0 +1,22 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+components/