aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--docs/oom_setup_paas.rst10
-rwxr-xr-xkubernetes/cps/resources/config/application.yml7
-rwxr-xr-xkubernetes/cps/templates/deployment.yaml9
-rwxr-xr-xkubernetes/cps/values.yaml2
4 files changed, 18 insertions, 10 deletions
diff --git a/docs/oom_setup_paas.rst b/docs/oom_setup_paas.rst
index 9d90558250..258a4eeadf 100644
--- a/docs/oom_setup_paas.rst
+++ b/docs/oom_setup_paas.rst
@@ -26,11 +26,13 @@ The versions of PaaS compoents that are supported by OOM are as follows:
honolulu 1.2.0 13.x
============== ============= =================
-This guide provides instructions on how to install the following PaaS
-components for ONAP:
+This guide provides instructions on how to install the PaaS
+components for ONAP.
-- Cert-Manager
-- Prometheus Stack
+.. contents::
+ :depth: 1
+ :local:
+..
Cert-Manager
============
diff --git a/kubernetes/cps/resources/config/application.yml b/kubernetes/cps/resources/config/application.yml
index 3fa080e395..d85d341081 100755
--- a/kubernetes/cps/resources/config/application.yml
+++ b/kubernetes/cps/resources/config/application.yml
@@ -52,6 +52,13 @@ spring:
change-log: classpath:changelog/changelog-master.yaml
labels: ${LIQUIBASE_LABELS}
+security:
+ # comma-separated uri patterns which do not require authorization
+ permit-uri: /manage/health/**,/manage/info,/swagger-ui/**,/swagger-resources/**,/v3/api-docs
+ auth:
+ username: ${CPS_USERNAME}
+ password: ${CPS_PASSWORD}
+
# Actuator
management:
endpoints:
diff --git a/kubernetes/cps/templates/deployment.yaml b/kubernetes/cps/templates/deployment.yaml
index 59062cc0f8..861782a0b9 100755
--- a/kubernetes/cps/templates/deployment.yaml
+++ b/kubernetes/cps/templates/deployment.yaml
@@ -43,6 +43,10 @@ spec:
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "password") | indent 12 }}
- name: LIQUIBASE_LABELS
value: {{ .Values.config.liquibaseLabels }}
+ - name: CPS_USERNAME
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "login") | indent 12 }}
+ - name: CPS_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "password") | indent 12 }}
volumeMounts:
- mountPath: /config-input
name: init-data-input
@@ -70,11 +74,6 @@ spec:
path: {{ .Values.readiness.path }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
- env:
- - name: CPS_USERNAME
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "login") | indent 12 }}
- - name: CPS_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "password") | indent 12 }}
resources: {{ include "common.resources" . | nindent 10 }}
{{- if .Values.nodeSelector }}
nodeSelector: {{ toYaml .Values.nodeSelector | nindent 12 }}
diff --git a/kubernetes/cps/values.yaml b/kubernetes/cps/values.yaml
index 77ebb09dd9..ea4639f315 100755
--- a/kubernetes/cps/values.yaml
+++ b/kubernetes/cps/values.yaml
@@ -47,7 +47,7 @@ global:
virtualhost:
baseurl: "simpledemo.onap.org"
-image: onap/cps-and-nf-proxy:1.0.0
+image: onap/cps-and-nf-proxy:1.0.1
containerPort: &svc_port 8080
service: