summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--kubernetes/common/mariadb-galera/templates/statefulset.yaml17
-rw-r--r--kubernetes/common/mariadb-galera/values.yaml20
-rw-r--r--kubernetes/dcaemod/components/dcaemod-designtool/requirements.yaml3
-rw-r--r--kubernetes/dcaemod/components/dcaemod-designtool/templates/deployment.yaml1
-rw-r--r--kubernetes/dcaemod/components/dcaemod-designtool/values.yaml6
-rw-r--r--kubernetes/dcaemod/components/dcaemod-distributor-api/requirements.yaml3
-rw-r--r--kubernetes/dcaemod/components/dcaemod-distributor-api/templates/deployment.yaml1
-rw-r--r--kubernetes/dcaemod/components/dcaemod-distributor-api/values.yaml6
-rw-r--r--kubernetes/dcaemod/components/dcaemod-genprocessor/requirements.yaml3
-rw-r--r--kubernetes/dcaemod/components/dcaemod-genprocessor/templates/deployment.yaml1
-rw-r--r--kubernetes/dcaemod/components/dcaemod-genprocessor/values.yaml6
-rw-r--r--kubernetes/dcaemod/components/dcaemod-healthcheck/requirements.yaml3
-rw-r--r--kubernetes/dcaemod/components/dcaemod-healthcheck/templates/deployment.yaml1
-rw-r--r--kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml5
-rw-r--r--kubernetes/dcaemod/components/dcaemod-nifi-registry/requirements.yaml3
-rw-r--r--kubernetes/dcaemod/components/dcaemod-nifi-registry/templates/deployment.yaml1
-rw-r--r--kubernetes/dcaemod/components/dcaemod-nifi-registry/values.yaml6
-rw-r--r--kubernetes/dcaemod/components/dcaemod-onboarding-api/requirements.yaml3
-rw-r--r--kubernetes/dcaemod/components/dcaemod-onboarding-api/templates/deployment.yaml1
-rw-r--r--kubernetes/dcaemod/components/dcaemod-onboarding-api/values.yaml6
-rw-r--r--kubernetes/dcaemod/components/dcaemod-runtime-api/requirements.yaml3
-rw-r--r--kubernetes/dcaemod/components/dcaemod-runtime-api/templates/deployment.yaml1
-rw-r--r--kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml6
-rw-r--r--kubernetes/msb/components/msb-discovery/values.yaml2
-rw-r--r--kubernetes/msb/components/msb-eag/values.yaml2
-rw-r--r--kubernetes/msb/components/msb-iag/values.yaml2
-rwxr-xr-xkubernetes/policy/components/policy-apex-pdp/resources/config/OnapPfConfig.json3
-rwxr-xr-xkubernetes/policy/components/policy-apex-pdp/resources/config/config.json66
-rwxr-xr-xkubernetes/policy/components/policy-apex-pdp/values.yaml2
-rwxr-xr-xkubernetes/policy/components/policy-api/resources/config/config.json3
-rwxr-xr-xkubernetes/policy/components/policy-api/values.yaml2
-rwxr-xr-xkubernetes/policy/components/policy-distribution/resources/config/config.json31
-rwxr-xr-xkubernetes/policy/components/policy-distribution/values.yaml2
-rwxr-xr-xkubernetes/policy/components/policy-drools-pdp/resources/configmaps/base.conf8
-rw-r--r--kubernetes/policy/components/policy-drools-pdp/resources/configmaps/engine-system.properties45
-rwxr-xr-xkubernetes/policy/components/policy-drools-pdp/resources/configmaps/logback.xml8
-rwxr-xr-xkubernetes/policy/components/policy-drools-pdp/values.yaml5
-rwxr-xr-xkubernetes/policy/components/policy-pap/resources/config/config.json14
-rwxr-xr-xkubernetes/policy/components/policy-pap/values.yaml2
-rwxr-xr-xkubernetes/policy/components/policy-xacml-pdp/resources/config/config.json11
-rwxr-xr-xkubernetes/policy/components/policy-xacml-pdp/values.yaml2
-rwxr-xr-xkubernetes/policy/resources/config/db.sh2
-rw-r--r--kubernetes/policy/resources/config/db_migrator_policy_init.sh21
-rwxr-xr-xkubernetes/policy/templates/configmap.yaml3
-rwxr-xr-xkubernetes/policy/templates/job.yaml30
-rwxr-xr-xkubernetes/policy/values.yaml6
46 files changed, 269 insertions, 109 deletions
diff --git a/kubernetes/common/mariadb-galera/templates/statefulset.yaml b/kubernetes/common/mariadb-galera/templates/statefulset.yaml
index 9227e182b6..bb3af76115 100644
--- a/kubernetes/common/mariadb-galera/templates/statefulset.yaml
+++ b/kubernetes/common/mariadb-galera/templates/statefulset.yaml
@@ -1,5 +1,6 @@
{{/*
-# Copyright © 2018 Amdocs, Bell Canada
+# Copyright © 2018 Amdocs
+# Copyright © 2018,2021 Bell Canada
# Copyright © 2019 Samsung Electronics
# Copyright © 2019-2020 Orange
# Copyright © 2020 Bitnami
@@ -202,14 +203,20 @@ spec:
httpGet:
path: /metrics
port: metrics
- initialDelaySeconds: 30
- timeoutSeconds: 5
+ initialDelaySeconds: {{ .Values.metrics.livenessProbe.initialDelaySeconds }}
+ periodSeconds: {{ .Values.metrics.livenessProbe.periodSeconds }}
+ timeoutSeconds: {{ .Values.metrics.livenessProbe.timeoutSeconds }}
+ successThreshold: {{ .Values.metrics.livenessProbe.successThreshold }}
+ failureThreshold: {{ .Values.metrics.livenessProbe.failureThreshold }}
readinessProbe:
httpGet:
path: /metrics
port: metrics
- initialDelaySeconds: 5
- timeoutSeconds: 1
+ initialDelaySeconds: {{ .Values.metrics.readinessProbe.initialDelaySeconds }}
+ periodSeconds: {{ .Values.metrics.readinessProbe.periodSeconds }}
+ timeoutSeconds: {{ .Values.metrics.readinessProbe.timeoutSeconds }}
+ successThreshold: {{ .Values.metrics.readinessProbe.successThreshold }}
+ failureThreshold: {{ .Values.metrics.readinessProbe.failureThreshold }}
{{ include "common.containerSecurityContext" . | indent 10 | trim }}
resources: {{- toYaml .Values.metrics.resources | nindent 12 }}
{{- end }}
diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml
index ed9977acd9..bc9273f41f 100644
--- a/kubernetes/common/mariadb-galera/values.yaml
+++ b/kubernetes/common/mariadb-galera/values.yaml
@@ -1,4 +1,5 @@
-# Copyright © 2018 Amdocs, Bell Canada
+# Copyright © 2018 Amdocs
+# Copyright © 2018,2021 Bell Canada
# Copyright © 2019 Samsung Electronics
# Copyright © 2020 Bitnami, Orange
#
@@ -560,6 +561,23 @@ metrics:
requests:
cpu: 0.5
memory: 256Mi
+ ## MariaDB Galera metrics container's liveness and readiness probes
+ ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
+ ##
+ livenessProbe:
+ enabled: true
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ timeoutSeconds: 5
+ successThreshold: 1
+ failureThreshold: 3
+ readinessProbe:
+ enabled: true
+ initialDelaySeconds: 5
+ periodSeconds: 10
+ timeoutSeconds: 5
+ successThreshold: 1
+ failureThreshold: 3
## MySQL Prometheus exporter service parameters
##
service:
diff --git a/kubernetes/dcaemod/components/dcaemod-designtool/requirements.yaml b/kubernetes/dcaemod/components/dcaemod-designtool/requirements.yaml
index 0972e6b6b9..233f6e4651 100644
--- a/kubernetes/dcaemod/components/dcaemod-designtool/requirements.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-designtool/requirements.yaml
@@ -22,3 +22,6 @@ dependencies:
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
diff --git a/kubernetes/dcaemod/components/dcaemod-designtool/templates/deployment.yaml b/kubernetes/dcaemod/components/dcaemod-designtool/templates/deployment.yaml
index bd2766f6db..556ac90e02 100644
--- a/kubernetes/dcaemod/components/dcaemod-designtool/templates/deployment.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-designtool/templates/deployment.yaml
@@ -84,5 +84,6 @@ spec:
value: {{ .Values.config.nifiJarsIndexURL }}
- name: NIFI_DCAE_DISTRIBUTOR_API_URL
value: {{ .Values.config.distributorAPIURL }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/dcaemod/components/dcaemod-designtool/values.yaml b/kubernetes/dcaemod/components/dcaemod-designtool/values.yaml
index 74c7bdb223..86aad57b1b 100644
--- a/kubernetes/dcaemod/components/dcaemod-designtool/values.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-designtool/values.yaml
@@ -90,3 +90,9 @@ resources:
cpu: 2
memory: 2Gi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: dcaemod-designtool
+ roles:
+ - read
diff --git a/kubernetes/dcaemod/components/dcaemod-distributor-api/requirements.yaml b/kubernetes/dcaemod/components/dcaemod-distributor-api/requirements.yaml
index b242fbf51d..268442616b 100644
--- a/kubernetes/dcaemod/components/dcaemod-distributor-api/requirements.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-distributor-api/requirements.yaml
@@ -22,3 +22,6 @@ dependencies:
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
diff --git a/kubernetes/dcaemod/components/dcaemod-distributor-api/templates/deployment.yaml b/kubernetes/dcaemod/components/dcaemod-distributor-api/templates/deployment.yaml
index 696b43a536..f36c2af002 100644
--- a/kubernetes/dcaemod/components/dcaemod-distributor-api/templates/deployment.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-distributor-api/templates/deployment.yaml
@@ -72,5 +72,6 @@ spec:
- name : ONBOARDING_API_URL
value: {{ .Values.config.onboardingAPIURL }}
resources: {{ include "common.resources" . | nindent 12 }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/dcaemod/components/dcaemod-distributor-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-distributor-api/values.yaml
index 541f239d77..61ccfdef79 100644
--- a/kubernetes/dcaemod/components/dcaemod-distributor-api/values.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-distributor-api/values.yaml
@@ -89,3 +89,9 @@ resources:
cpu: 2
memory: 2Gi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: dcaemod-distributor-api
+ roles:
+ - read
diff --git a/kubernetes/dcaemod/components/dcaemod-genprocessor/requirements.yaml b/kubernetes/dcaemod/components/dcaemod-genprocessor/requirements.yaml
index b242fbf51d..268442616b 100644
--- a/kubernetes/dcaemod/components/dcaemod-genprocessor/requirements.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-genprocessor/requirements.yaml
@@ -22,3 +22,6 @@ dependencies:
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
diff --git a/kubernetes/dcaemod/components/dcaemod-genprocessor/templates/deployment.yaml b/kubernetes/dcaemod/components/dcaemod-genprocessor/templates/deployment.yaml
index 40b0f3edc4..26f6586688 100644
--- a/kubernetes/dcaemod/components/dcaemod-genprocessor/templates/deployment.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-genprocessor/templates/deployment.yaml
@@ -72,6 +72,7 @@ spec:
- mountPath: /www/data
name: genprocessor-data
readOnly: true
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- name: genprocessor-data
persistentVolumeClaim:
diff --git a/kubernetes/dcaemod/components/dcaemod-genprocessor/values.yaml b/kubernetes/dcaemod/components/dcaemod-genprocessor/values.yaml
index 4b79525c83..81c5888f10 100644
--- a/kubernetes/dcaemod/components/dcaemod-genprocessor/values.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-genprocessor/values.yaml
@@ -96,3 +96,9 @@ resources:
memory: 2Gi
unlimited: {}
+#Pods Service Account
+serviceAccount:
+ nameOverride: dcaemod-genprocessor
+ roles:
+ - read
+
diff --git a/kubernetes/dcaemod/components/dcaemod-healthcheck/requirements.yaml b/kubernetes/dcaemod/components/dcaemod-healthcheck/requirements.yaml
index 0697ceb1d6..3762a2acea 100644
--- a/kubernetes/dcaemod/components/dcaemod-healthcheck/requirements.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-healthcheck/requirements.yaml
@@ -23,3 +23,6 @@ dependencies:
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
diff --git a/kubernetes/dcaemod/components/dcaemod-healthcheck/templates/deployment.yaml b/kubernetes/dcaemod/components/dcaemod-healthcheck/templates/deployment.yaml
index 0eaa2296bb..f46dc5f287 100644
--- a/kubernetes/dcaemod/components/dcaemod-healthcheck/templates/deployment.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-healthcheck/templates/deployment.yaml
@@ -58,6 +58,7 @@ spec:
value: {{ include "common.namespace" . }}
- name: HELM_RELEASE
value: {{ include "common.release" . }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- name: {{ include "common.fullname" . }}-expected-components
configMap:
diff --git a/kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml b/kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml
index 6a4fd542e7..bbc72a5b08 100644
--- a/kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml
@@ -64,4 +64,9 @@ resources:
memory: 2Gi
unlimited: {}
+#Pods Service Account
+serviceAccount:
+ nameOverride: dcaemod-healthcheck
+ roles:
+ - read
diff --git a/kubernetes/dcaemod/components/dcaemod-nifi-registry/requirements.yaml b/kubernetes/dcaemod/components/dcaemod-nifi-registry/requirements.yaml
index b242fbf51d..268442616b 100644
--- a/kubernetes/dcaemod/components/dcaemod-nifi-registry/requirements.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-nifi-registry/requirements.yaml
@@ -22,3 +22,6 @@ dependencies:
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
diff --git a/kubernetes/dcaemod/components/dcaemod-nifi-registry/templates/deployment.yaml b/kubernetes/dcaemod/components/dcaemod-nifi-registry/templates/deployment.yaml
index 90561ac231..53f1de59bc 100644
--- a/kubernetes/dcaemod/components/dcaemod-nifi-registry/templates/deployment.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-nifi-registry/templates/deployment.yaml
@@ -69,6 +69,7 @@ spec:
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dbsecret" "key" "login") | indent 12 }}
- name: NIFI_REGISTRY_DB_PASS
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dbsecret" "key" "password") | indent 12 }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- name: flow-storage
persistentVolumeClaim:
diff --git a/kubernetes/dcaemod/components/dcaemod-nifi-registry/values.yaml b/kubernetes/dcaemod/components/dcaemod-nifi-registry/values.yaml
index 25b3b9e318..a0bbacc7ef 100644
--- a/kubernetes/dcaemod/components/dcaemod-nifi-registry/values.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-nifi-registry/values.yaml
@@ -88,3 +88,9 @@ resources:
cpu: 2
memory: 2Gi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: dcaemod-nifi-registry
+ roles:
+ - read
diff --git a/kubernetes/dcaemod/components/dcaemod-onboarding-api/requirements.yaml b/kubernetes/dcaemod/components/dcaemod-onboarding-api/requirements.yaml
index 7416c8cf4f..9320cd04ca 100644
--- a/kubernetes/dcaemod/components/dcaemod-onboarding-api/requirements.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-onboarding-api/requirements.yaml
@@ -25,3 +25,6 @@ dependencies:
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
diff --git a/kubernetes/dcaemod/components/dcaemod-onboarding-api/templates/deployment.yaml b/kubernetes/dcaemod/components/dcaemod-onboarding-api/templates/deployment.yaml
index b795f6b736..5c7d1b6d0d 100644
--- a/kubernetes/dcaemod/components/dcaemod-onboarding-api/templates/deployment.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-onboarding-api/templates/deployment.yaml
@@ -78,5 +78,6 @@ spec:
value: "5432"
- name: PG_DB_NAME
value: dcae_onboarding_db
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/dcaemod/components/dcaemod-onboarding-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-onboarding-api/values.yaml
index 9401bf5340..c36e9b7129 100644
--- a/kubernetes/dcaemod/components/dcaemod-onboarding-api/values.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-onboarding-api/values.yaml
@@ -114,3 +114,9 @@ resources:
memory: 2Gi
unlimited: {}
+#Pods Service Account
+serviceAccount:
+ nameOverride: dcaemod-onboarding-api
+ roles:
+ - read
+
diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/requirements.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/requirements.yaml
index b242fbf51d..268442616b 100644
--- a/kubernetes/dcaemod/components/dcaemod-runtime-api/requirements.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/requirements.yaml
@@ -22,3 +22,6 @@ dependencies:
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/templates/deployment.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/templates/deployment.yaml
index 42f596db1e..d5c37e9858 100644
--- a/kubernetes/dcaemod/components/dcaemod-runtime-api/templates/deployment.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/templates/deployment.yaml
@@ -71,6 +71,7 @@ spec:
value: {{ .Values.config.bpResourcesCpuLimit }}
- name: BP_RESOURCES_MEMORY_LIMIT
value: {{ .Values.config.bpResourcesMemoryLimit }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml
index 22c4cdb3b2..e54608b30e 100644
--- a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml
@@ -93,3 +93,9 @@ resources:
memory: 2Gi
unlimited: {}
+#Pods Service Account
+serviceAccount:
+ nameOverride: dcaemod-runtime-api
+ roles:
+ - read
+
diff --git a/kubernetes/msb/components/msb-discovery/values.yaml b/kubernetes/msb/components/msb-discovery/values.yaml
index 994e84b722..e981bbd091 100644
--- a/kubernetes/msb/components/msb-discovery/values.yaml
+++ b/kubernetes/msb/components/msb-discovery/values.yaml
@@ -21,7 +21,7 @@ global:
# Application configuration defaults.
#################################################################
# application image
-image: onap/msb/msb_discovery:1.2.6
+image: onap/msb/msb_discovery:1.2.7
pullPolicy: Always
istioSidecar: true
diff --git a/kubernetes/msb/components/msb-eag/values.yaml b/kubernetes/msb/components/msb-eag/values.yaml
index 3629eb43ec..0a343cf925 100644
--- a/kubernetes/msb/components/msb-eag/values.yaml
+++ b/kubernetes/msb/components/msb-eag/values.yaml
@@ -52,7 +52,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/msb/msb_apigateway:1.2.7
+image: onap/msb/msb_apigateway:1.2.8
pullPolicy: Always
istioSidecar: true
diff --git a/kubernetes/msb/components/msb-iag/values.yaml b/kubernetes/msb/components/msb-iag/values.yaml
index b95a11914d..baf2bec4bc 100644
--- a/kubernetes/msb/components/msb-iag/values.yaml
+++ b/kubernetes/msb/components/msb-iag/values.yaml
@@ -52,7 +52,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/msb/msb_apigateway:1.2.7
+image: onap/msb/msb_apigateway:1.2.8
pullPolicy: Always
istioSidecar: true
diff --git a/kubernetes/policy/components/policy-apex-pdp/resources/config/OnapPfConfig.json b/kubernetes/policy/components/policy-apex-pdp/resources/config/OnapPfConfig.json
index 66a42f0171..0c9d6a504f 100755
--- a/kubernetes/policy/components/policy-apex-pdp/resources/config/OnapPfConfig.json
+++ b/kubernetes/policy/components/policy-apex-pdp/resources/config/OnapPfConfig.json
@@ -5,7 +5,8 @@
"port": 6969,
"userName": "${RESTSERVER_USER}",
"password": "${RESTSERVER_PASSWORD}",
- "https": true
+ "https": true,
+ "prometheus": true
},
"pdpStatusParameters":{
"pdpGroup": "defaultGroup",
diff --git a/kubernetes/policy/components/policy-apex-pdp/resources/config/config.json b/kubernetes/policy/components/policy-apex-pdp/resources/config/config.json
deleted file mode 100755
index d6bd17f65b..0000000000
--- a/kubernetes/policy/components/policy-apex-pdp/resources/config/config.json
+++ /dev/null
@@ -1,66 +0,0 @@
-{{/*
-# ============LICENSE_START=======================================================
-# Copyright (C) 2018 Ericsson. All rights reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# SPDX-License-Identifier: Apache-2.0
-# ============LICENSE_END=========================================================
-*/}}
-{
- "javaProperties" : [
- ["javax.net.ssl.trustStore", "/opt/app/policy/apex-pdp/etc/ssl/policy-truststore"],
- ["javax.net.ssl.trustStorePassword", "${TRUSTSTORE_PASSWORD_BASE64}"]
- ],
- "engineServiceParameters": {
- "name": "MyApexEngine",
- "version": "0.0.1",
- "id": 45,
- "instanceCount": 4,
- "deploymentPort": 12345,
- "policyModelFileName": "examples/models/SampleDomain/SamplePolicyModelJAVASCRIPT.json",
- "engineParameters": {
- "executorParameters": {
- "JAVASCRIPT": {
- "parameterClassName": "org.onap.policy.apex.plugins.executor.javascript.JavascriptExecutorParameters"
- }
- }
- }
- },
- "eventOutputParameters": {
- "FirstProducer": {
- "carrierTechnologyParameters": {
- "carrierTechnology": "FILE",
- "parameters": {
- "standardIo": true
- }
- },
- "eventProtocolParameters": {
- "eventProtocol": "JSON"
- }
- }
- },
- "eventInputParameters": {
- "FirstConsumer": {
- "carrierTechnologyParameters": {
- "carrierTechnology": "FILE",
- "parameters": {
- "standardIo": true
- }
- },
- "eventProtocolParameters": {
- "eventProtocol": "JSON"
- }
- }
- }
-}
diff --git a/kubernetes/policy/components/policy-apex-pdp/values.yaml b/kubernetes/policy/components/policy-apex-pdp/values.yaml
index eb6292a039..3983d932a0 100755
--- a/kubernetes/policy/components/policy-apex-pdp/values.yaml
+++ b/kubernetes/policy/components/policy-apex-pdp/values.yaml
@@ -49,7 +49,7 @@ secrets:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-apex-pdp:2.5.2
+image: onap/policy-apex-pdp:2.6.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-api/resources/config/config.json b/kubernetes/policy/components/policy-api/resources/config/config.json
index 729eea87ff..ce59965521 100755
--- a/kubernetes/policy/components/policy-api/resources/config/config.json
+++ b/kubernetes/policy/components/policy-api/resources/config/config.json
@@ -25,7 +25,8 @@
"userName":"${RESTSERVER_USER}",
"password":"${RESTSERVER_PASSWORD}",
"https": true,
- "aaf": false
+ "aaf": false,
+ "prometheus": true
},
"databaseProviderParameters": {
"name": "PolicyProviderParameterGroup",
diff --git a/kubernetes/policy/components/policy-api/values.yaml b/kubernetes/policy/components/policy-api/values.yaml
index 36eb5c4899..87ddd73adf 100755
--- a/kubernetes/policy/components/policy-api/values.yaml
+++ b/kubernetes/policy/components/policy-api/values.yaml
@@ -78,7 +78,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-api:2.4.2
+image: onap/policy-api:2.5.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-distribution/resources/config/config.json b/kubernetes/policy/components/policy-distribution/resources/config/config.json
index ae31633843..615afc6351 100755
--- a/kubernetes/policy/components/policy-distribution/resources/config/config.json
+++ b/kubernetes/policy/components/policy-distribution/resources/config/config.json
@@ -2,6 +2,7 @@
# ============LICENSE_START=======================================================
# Copyright (C) 2018 Ericsson. All rights reserved.
# Modifications Copyright (C) 2020 AT&T Intellectual Property.
+# Modifications Copyright (C) 2021 Bell Canada. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -25,7 +26,8 @@
"port":6969,
"userName":"${RESTSERVER_USER}",
"password":"${RESTSERVER_PASSWORD}",
- "https":true
+ "https":true,
+ "prometheus": true
},
"receptionHandlerParameters":{
"SDCReceptionHandler":{
@@ -69,8 +71,8 @@
],
"consumerGroup": "policy-group",
"environmentName": "AUTO",
- "keystorePath": "null",
- "keystorePassword": "null",
+ "keyStorePath": "null",
+ "keyStorePassword": "null",
"activeserverTlsAuth": false,
"isFilterinEmptyResources": true,
"isUseHttpsWithDmaap": true
@@ -91,18 +93,21 @@
"parameterClassName":"org.onap.policy.distribution.forwarding.lifecycle.api.LifecycleApiForwarderParameters",
"parameters":{
"apiParameters": {
- "hostName": "policy-api",
- "port": 6969,
- "userName": "${API_USER}",
- "password": "${API_PASSWORD}"
- },
+ "clientName": "policy-api",
+ "hostname": "policy-api",
+ "port": 6969,
+ "userName": "${API_USER}",
+ "password": "${API_PASSWORD}",
+ "useHttps": true
+ },
"papParameters": {
- "hostName": "policy-pap",
- "port": 6969,
- "userName": "${PAP_USER}",
- "password": "${PAP_PASSWORD}"
+ "clientName": "policy-pap",
+ "hostname": "policy-pap",
+ "port": 6969,
+ "userName": "${PAP_USER}",
+ "password": "${PAP_PASSWORD}",
+ "useHttps": true
},
- "isHttps": true,
"deployPolicies": true
}
}
diff --git a/kubernetes/policy/components/policy-distribution/values.yaml b/kubernetes/policy/components/policy-distribution/values.yaml
index fb6ef6e039..1614bd840e 100755
--- a/kubernetes/policy/components/policy-distribution/values.yaml
+++ b/kubernetes/policy/components/policy-distribution/values.yaml
@@ -67,7 +67,7 @@ global:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-distribution:2.5.2
+image: onap/policy-distribution:2.6.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-drools-pdp/resources/configmaps/base.conf b/kubernetes/policy/components/policy-drools-pdp/resources/configmaps/base.conf
index ec8d119fa6..ff532ab5c1 100755
--- a/kubernetes/policy/components/policy-drools-pdp/resources/configmaps/base.conf
+++ b/kubernetes/policy/components/policy-drools-pdp/resources/configmaps/base.conf
@@ -1,6 +1,7 @@
{{/*
# Copyright © 2017-2018 Amdocs, Bell Canada.
# Modifications Copyright (C) 2018-2020 AT&T Intellectual Property.
+# Modifications Copyright (C) 2021 Bell Canada. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -40,6 +41,7 @@ REPOSITORY_OFFLINE={{.Values.nexus.offline}}
# Relational (SQL) DB access
SQL_HOST={{ .Values.db.name }}
+SQL_PORT=3306
# AAF
@@ -47,6 +49,11 @@ AAF={{.Values.aaf.enabled}}
AAF_NAMESPACE=org.onap.policy
AAF_HOST=aaf-locate.{{.Release.Namespace}}
+# HTTP Servers
+
+HTTP_SERVER_HTTPS=true
+PROMETHEUS=true
+
# PDP-D DMaaP configuration channel
PDPD_CONFIGURATION_TOPIC=PDPD-CONFIGURATION
@@ -85,6 +92,7 @@ DCAE_CONSUMER_GROUP=dcae.policy.shared
# Open DMaaP
DMAAP_SERVERS=message-router
+DMAAP_HTTPS=true
# AAI
diff --git a/kubernetes/policy/components/policy-drools-pdp/resources/configmaps/engine-system.properties b/kubernetes/policy/components/policy-drools-pdp/resources/configmaps/engine-system.properties
new file mode 100644
index 0000000000..c7cca2b03a
--- /dev/null
+++ b/kubernetes/policy/components/policy-drools-pdp/resources/configmaps/engine-system.properties
@@ -0,0 +1,45 @@
+#
+# ============LICENSE_START=======================================================
+# ONAP
+# ================================================================================
+# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+#
+
+# system properties set within the application
+
+java.net.preferIPv4Stack=true
+
+# jmx
+
+com.sun.management.jmxremote.port=9991
+com.sun.management.jmxremote.authenticate=false
+com.sun.management.jmxremote.ssl=false
+
+# certs
+
+javax.net.ssl.trustStore=${envd:TRUSTSTORE:/opt/app/policy/etc/ssl/policy-truststore}
+javax.net.ssl.trustStorePassword=${envd:TRUSTSTORE_PASSWD}
+
+javax.net.ssl.keyStore=${envd:KEYSTORE}
+javax.net.ssl.keyStorePassword=${envd:KEYSTORE_PASSWD}
+
+# kie
+
+kie.maven.offline.force=${envd:REPOSITORY_OFFLINE:false}
+
+# symmetric key for sensitive configuration data
+
+engine.symm.key=${envd:SYMM_KEY}
diff --git a/kubernetes/policy/components/policy-drools-pdp/resources/configmaps/logback.xml b/kubernetes/policy/components/policy-drools-pdp/resources/configmaps/logback.xml
index 7173d80e57..2fc08e4e5d 100755
--- a/kubernetes/policy/components/policy-drools-pdp/resources/configmaps/logback.xml
+++ b/kubernetes/policy/components/policy-drools-pdp/resources/configmaps/logback.xml
@@ -80,7 +80,7 @@
<maxHistory>30</maxHistory>
<totalSizeCap>10GB</totalSizeCap>
</rollingPolicy>
- <filter class="org.onap.policy.drools.utils.logging.LoggerMarkerFilter$MetricLoggerMarkerFilter" />
+ <filter class="org.onap.policy.common.utils.logging.LoggerMarkerFilter$MetricLoggerMarkerFilter" />
<encoder>
<pattern>%X{RequestID}|%X{InvocationID}|%X{ServiceName}|%X{PartnerName}|%X{BeginTimestamp}|%X{EndTimestamp}|%X{ElapsedTime}|%X{ServiceInstanceID}|%X{VirtualServerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%X{Severity}|%X{TargetEntity}|%X{TargetServiceName}|%X{Server}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{ClientIPAddress}|%X{ProcessKey}|%X{RemoteHost}||%X{TargetVirtualEntity}|%level|%thread| %msg%n</pattern>
</encoder>
@@ -98,7 +98,7 @@
<maxHistory>30</maxHistory>
<totalSizeCap>10GB</totalSizeCap>
</rollingPolicy>
- <filter class="org.onap.policy.drools.utils.logging.LoggerMarkerFilter$TransactionLoggerMarkerFilter" />
+ <filter class="org.onap.policy.common.utils.logging.LoggerMarkerFilter$TransactionLoggerMarkerFilter" />
<encoder>
<pattern>%X{RequestID}|%X{InvocationID}|%X{ServiceName}|%X{PartnerName}|%X{BeginTimestamp}|%X{EndTimestamp}|%X{ElapsedTime}|%X{ServiceInstanceID}|%X{VirtualServerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%X{Severity}|%X{TargetEntity}|%X{TargetServiceName}|%X{Server}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{ClientIPAddress}|%X{ProcessKey}|%X{RemoteHost}||%X{TargetVirtualEntity}|%level|%thread| %msg%n</pattern>
</encoder>
@@ -119,7 +119,7 @@
</appender>
<appender name="MetricStdOut" class="ch.qos.logback.core.ConsoleAppender">
- <filter class="org.onap.policy.drools.utils.logging.LoggerMarkerFilter$MetricLoggerMarkerFilter" />
+ <filter class="org.onap.policy.common.utils.logging.LoggerMarkerFilter$MetricLoggerMarkerFilter" />
<encoder>
<pattern>%X{RequestID}|%X{InvocationID}|%X{ServiceName}|%X{PartnerName}|%X{BeginTimestamp}|%X{EndTimestamp}|%X{ElapsedTime}|%X{ServiceInstanceID}|%X{VirtualServerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%X{Severity}|%X{TargetEntity}|%X{TargetServiceName}|%X{Server}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{ClientIPAddress}|%X{ProcessKey}|%X{RemoteHost}||%X{TargetVirtualEntity}|%level|%thread| %msg%n</pattern>
</encoder>
@@ -130,7 +130,7 @@
</appender>
<appender name="TransactionStdOut" class="ch.qos.logback.core.ConsoleAppender">
- <filter class="org.onap.policy.drools.utils.logging.LoggerMarkerFilter$TransactionLoggerMarkerFilter" />
+ <filter class="org.onap.policy.common.utils.logging.LoggerMarkerFilter$TransactionLoggerMarkerFilter" />
<encoder>
<pattern>%X{RequestID}|%X{InvocationID}|%X{ServiceName}|%X{PartnerName}|%X{BeginTimestamp}|%X{EndTimestamp}|%X{ElapsedTime}|%X{ServiceInstanceID}|%X{VirtualServerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%X{Severity}|%X{TargetEntity}|%X{TargetServiceName}|%X{Server}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{ClientIPAddress}|%X{ProcessKey}|%X{RemoteHost}||%X{TargetVirtualEntity}|%level|%thread| %msg%n</pattern>
</encoder>
diff --git a/kubernetes/policy/components/policy-drools-pdp/values.yaml b/kubernetes/policy/components/policy-drools-pdp/values.yaml
index 38d398998c..678cce74ee 100755
--- a/kubernetes/policy/components/policy-drools-pdp/values.yaml
+++ b/kubernetes/policy/components/policy-drools-pdp/values.yaml
@@ -1,4 +1,5 @@
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2017 Amdocs
+# Copyright © 2017, 2021 Bell Canada
# Modifications Copyright © 2018-2021 AT&T Intellectual Property
#
# Licensed under the Apache License, Version 2.0 (the "License");
@@ -34,7 +35,7 @@ secrets:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-pdpd-cl:1.8.2
+image: onap/policy-pdpd-cl:1.9.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-pap/resources/config/config.json b/kubernetes/policy/components/policy-pap/resources/config/config.json
index 0b30a27535..e5cbd22105 100755
--- a/kubernetes/policy/components/policy-pap/resources/config/config.json
+++ b/kubernetes/policy/components/policy-pap/resources/config/config.json
@@ -1,6 +1,7 @@
{{/*
# ============LICENSE_START=======================================================
# Copyright (C) 2019 Nordix Foundation.
+# Modifications Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -25,7 +26,8 @@
"userName":"${RESTSERVER_USER}",
"password":"${RESTSERVER_PASSWORD}",
"https": true,
- "aaf": false
+ "aaf": false,
+ "prometheus": true
},
"pdpParameters": {
"heartBeatMs": 120000,
@@ -47,6 +49,7 @@
"databasePassword": "${SQL_PASSWORD}",
"persistenceUnit": "PolicyMariaDb"
},
+ "savePdpStatisticsInDb": true,
"topicParameterGroup": {
"topicSources" : [{
"topic" : "POLICY-PDP-PAP",
@@ -54,6 +57,15 @@
"useHttps": true,
"fetchTimeout": 15000,
"topicCommInfrastructure" : "dmaap"
+ },
+ {
+ "topic" : "POLICY-HEARTBEAT",
+ "effectiveTopic": "POLICY-PDP-PAP",
+ "consumerGroup": "policy-pap",
+ "servers" : [ "message-router" ],
+ "useHttps": true,
+ "fetchTimeout": 15000,
+ "topicCommInfrastructure" : "dmaap"
}],
"topicSinks" : [{
"topic" : "POLICY-PDP-PAP",
diff --git a/kubernetes/policy/components/policy-pap/values.yaml b/kubernetes/policy/components/policy-pap/values.yaml
index 3c4c3e5ec6..c373e04cf2 100755
--- a/kubernetes/policy/components/policy-pap/values.yaml
+++ b/kubernetes/policy/components/policy-pap/values.yaml
@@ -92,7 +92,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-pap:2.4.2
+image: onap/policy-pap:2.5.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/components/policy-xacml-pdp/resources/config/config.json b/kubernetes/policy/components/policy-xacml-pdp/resources/config/config.json
index a626a046a5..19b4d9c03b 100755
--- a/kubernetes/policy/components/policy-xacml-pdp/resources/config/config.json
+++ b/kubernetes/policy/components/policy-xacml-pdp/resources/config/config.json
@@ -27,17 +27,20 @@
"userName": "${RESTSERVER_USER}",
"password": "${RESTSERVER_PASSWORD}",
"https": true,
- "aaf": false
+ "aaf": false,
+ "prometheus": true
},
"policyApiParameters": {
- "host": "policy-api",
+ "hostname": "policy-api",
"port": 6969,
"userName": "${API_USER}",
"password": "${API_PASSWORD}",
- "https": true,
+ "useHttps": true,
"aaf": false
},
- "applicationPath": "/opt/app/policy/pdpx/apps",
+ "applicationParameters": {
+ "applicationPath": "/opt/app/policy/pdpx/apps"
+ },
"topicParameterGroup": {
"topicSources" : [{
"topic" : "POLICY-PDP-PAP",
diff --git a/kubernetes/policy/components/policy-xacml-pdp/values.yaml b/kubernetes/policy/components/policy-xacml-pdp/values.yaml
index 9eda53ee9b..91984cc81b 100755
--- a/kubernetes/policy/components/policy-xacml-pdp/values.yaml
+++ b/kubernetes/policy/components/policy-xacml-pdp/values.yaml
@@ -83,7 +83,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-xacml-pdp:2.4.2
+image: onap/policy-xacml-pdp:2.5.0
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/policy/resources/config/db.sh b/kubernetes/policy/resources/config/db.sh
index 08d84928e1..7b9437217d 100755
--- a/kubernetes/policy/resources/config/db.sh
+++ b/kubernetes/policy/resources/config/db.sh
@@ -18,7 +18,7 @@
mysql() { /usr/bin/mysql -h ${MYSQL_HOST} -P ${MYSQL_USER} "$@"; };
-for db in support onap_sdk log migration operationshistory10 pooling policyadmin policyclamp operationshistory
+for db in migration pooling policyadmin policyclamp operationshistory
do
mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "CREATE DATABASE IF NOT EXISTS ${db};"
mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "GRANT ALL PRIVILEGES ON \`${db}\`.* TO '${MYSQL_USER}'@'%' ;"
diff --git a/kubernetes/policy/resources/config/db_migrator_policy_init.sh b/kubernetes/policy/resources/config/db_migrator_policy_init.sh
new file mode 100644
index 0000000000..d1cc108fec
--- /dev/null
+++ b/kubernetes/policy/resources/config/db_migrator_policy_init.sh
@@ -0,0 +1,21 @@
+#!/bin/sh
+{{/*
+# Copyright (C) 2021 Nordix Foundation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+/opt/app/policy/bin/prepare_upgrade.sh ${SQL_DB}
+/opt/app/policy/bin/db-migrator -s ${SQL_DB} -o upgrade
+rc=$?
+/opt/app/policy/bin/db-migrator -s ${SQL_DB} -o report
+exit $rc
diff --git a/kubernetes/policy/templates/configmap.yaml b/kubernetes/policy/templates/configmap.yaml
index 7809c746bb..17558f86ea 100755
--- a/kubernetes/policy/templates/configmap.yaml
+++ b/kubernetes/policy/templates/configmap.yaml
@@ -1,6 +1,7 @@
{{/*
# Copyright © 2017 Amdocs, Bell Canada
# Modifications Copyright © 2018, 2020 AT&T Intellectual Property
+# Modifications Copyright (C) 2021 Nordix Foundation.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -26,4 +27,4 @@ metadata:
release: {{ include "common.release" . }}
heritage: {{ .Release.Service }}
data:
-{{ tpl (.Files.Glob "resources/config/db.sh").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/*.sh").AsConfig . | indent 2 }}
diff --git a/kubernetes/policy/templates/job.yaml b/kubernetes/policy/templates/job.yaml
index 72c94f30c5..d781a634ae 100755
--- a/kubernetes/policy/templates/job.yaml
+++ b/kubernetes/policy/templates/job.yaml
@@ -1,6 +1,7 @@
{{/*
# Copyright © 2018 Amdocs, Bell Canada
# Modifications Copyright © 2020 AT&T Intellectual Property
+# Modifications Copyright (C) 2021 Nordix Foundation.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -47,7 +48,6 @@ spec:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- containers:
- name: {{ include "common.release" . }}-policy-galera-config
image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.mariadb.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
@@ -71,6 +71,32 @@ spec:
value: "{{ index .Values "mariadb-galera" "service" "internalPort" }}"
resources:
{{ include "common.resources" . }}
+ containers:
+ - name: {{ include "common.release" . }}-policy-galera-db-migrator
+ image: {{ .Values.repository }}/{{ .Values.dbmigrator.image }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: /dbcmd-config/db_migrator_policy_init.sh
+ name: {{ include "common.fullname" . }}-config
+ subPath: db_migrator_policy_init.sh
+ command:
+ - /bin/sh
+ args:
+ - -x
+ - /dbcmd-config/db_migrator_policy_init.sh
+ env:
+ - name: SQL_HOST
+ value: "{{ index .Values "mariadb-galera" "service" "name" }}"
+ - name: SQL_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
+ - name: SQL_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }}
+ - name: SQL_DB
+ value: {{ .Values.dbmigrator.schema }}
+ - name: POLICY_HOME
+ value: {{ .Values.dbmigrator.policy_home }}
+ resources:
+{{ include "common.resources" . }}
restartPolicy: Never
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
@@ -80,3 +106,5 @@ spec:
items:
- key: db.sh
path: db.sh
+ - key: db_migrator_policy_init.sh
+ path: db_migrator_policy_init.sh
diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml
index 92344dd2fe..5478e5baa8 100755
--- a/kubernetes/policy/values.yaml
+++ b/kubernetes/policy/values.yaml
@@ -1,5 +1,6 @@
# Copyright © 2017 Amdocs, Bell Canada
# Modifications Copyright © 2018-2020 AT&T Intellectual Property
+# Modifications Copyright (C) 2021 Nordix Foundation.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -84,6 +85,11 @@ pullPolicy: Always
mariadb:
image: mariadb:10.5.8
+dbmigrator:
+ image: onap/policy-db-migrator:2.3.0
+ schema: policyadmin
+ policy_home: "/opt/app/policy"
+
subChartsOnly:
enabled: true