aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-x.ci/check-bashisms.sh27
-rw-r--r--.pre-commit-config.yaml2
-rw-r--r--kubernetes/common/cassandra/resources/config/docker-entrypoint.sh3
-rw-r--r--kubernetes/common/certInitializer/templates/_certInitializer.yaml13
-rw-r--r--kubernetes/common/mariadb-galera/values.yaml2
-rw-r--r--kubernetes/common/mongo/templates/statefulset.yaml19
-rw-r--r--kubernetes/common/mongo/values.yaml2
-rw-r--r--kubernetes/common/readinessCheck/templates/_readinessCheck.tpl4
-rw-r--r--kubernetes/common/repositoryGenerator/values.yaml2
-rwxr-xr-xkubernetes/config/prepull_docker.sh11
-rwxr-xr-xkubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh21
-rwxr-xr-xkubernetes/contrib/metallb-loadbalancer-inst/install-metallb-on-cluster.sh9
-rwxr-xr-xkubernetes/contrib/tools/registry-initialize.sh56
-rw-r--r--kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl6
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/templates/deployment.yaml2
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/values.yaml7
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml26
-rw-r--r--kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml2
-rw-r--r--kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml2
-rw-r--r--kubernetes/holmes/components/holmes-engine-mgmt/resources/config/onap-holmes_engine-createobj.sql9
-rwxr-xr-xkubernetes/onap/values.yaml2
-rw-r--r--kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh41
-rwxr-xr-xkubernetes/robot/demo-k8s.sh86
-rw-r--r--kubernetes/robot/resources/config/eteshare/config/robot_properties.py10
-rw-r--r--kubernetes/robot/values.yaml4
-rwxr-xr-xkubernetes/sdnc/components/sdnc-prom/resources/bin/sdnc.failover6
-rw-r--r--tox.ini23
27 files changed, 314 insertions, 83 deletions
diff --git a/.ci/check-bashisms.sh b/.ci/check-bashisms.sh
new file mode 100755
index 0000000000..0dae2255b7
--- /dev/null
+++ b/.ci/check-bashisms.sh
@@ -0,0 +1,27 @@
+#!/bin/sh
+
+# Copyright © 2021 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+if ! which checkbashisms >/dev/null && ! sudo yum install devscripts-minimal && ! sudo apt-get install devscripts
+then
+ printf "checkbashisms command not found - please install it \n\
+ (e.g. sudo apt-get install devscripts | yum install devscripts-minimal )\n" >&2
+ exit 2
+fi
+find . -not -path '*/.*' -name '*.sh' -exec checkbashisms {} + || exit 3
+find . -not -path '*/.*' -name '*.failover' -exec checkbashisms -f \{\} + || exit 4
+! find . -not -path '*/.*' -name '*.sh' -exec grep 'local .*=' {} + || exit 5
+! find . -not -path '*/.*' -name '*.failover' -exec grep 'local .*=' {} + || exit 6
+exit 0
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 6bfce7af6c..980093a7a5 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -6,7 +6,7 @@ repos:
- id: trailing-whitespace
#exclude: '^ordmodels/'
- repo: https://github.com/jorisroovers/gitlint
- rev: v0.15.1
+ rev: v0.17.0
hooks:
- id: gitlint
stages: [commit-msg]
diff --git a/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh b/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh
index 4dcebc8883..f9f62739f2 100644
--- a/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh
+++ b/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh
@@ -29,7 +29,8 @@ _ip_address() {
# "sed -i", but without "mv" (which doesn't work on a bind-mounted file, for example)
_sed_in_place() {
- local filename="$1"; shift
+ local filename
+ filename="$1"; shift
local tempFile
tempFile="$(mktemp)"
sed "$@" "$filename" > "$tempFile"
diff --git a/kubernetes/common/certInitializer/templates/_certInitializer.yaml b/kubernetes/common/certInitializer/templates/_certInitializer.yaml
index ecd7129567..b1e85c00cc 100644
--- a/kubernetes/common/certInitializer/templates/_certInitializer.yaml
+++ b/kubernetes/common/certInitializer/templates/_certInitializer.yaml
@@ -84,12 +84,19 @@
env:
- name: APP_FQI
value: "{{ $initRoot.fqi }}"
+ {{- if $initRoot.aaf_namespace }}
- name: aaf_locate_url
- value: "https://aaf-locate.{{ $dot.Release.Namespace}}:8095"
- - name: aaf_locator_container
- value: "oom"
+ value: "https://aaf-locate.{{ $initRoot.aaf_namespace }}:8095"
+ - name: aaf_locator_container_ns
+ value: "{{ $initRoot.aaf_namespace }}"
+ {{- else }}
+ - name: aaf_locate_url
+ value: "https://aaf-locate.{{ $dot.Release.Namespace }}:8095"
- name: aaf_locator_container_ns
value: "{{ $dot.Release.Namespace }}"
+ {{- end }}
+ - name: aaf_locator_container
+ value: "oom"
- name: aaf_locator_fqdn
value: "{{ $initRoot.fqdn }}"
- name: aaf_locator_app_ns
diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml
index bc9273f41f..769c9b7946 100644
--- a/kubernetes/common/mariadb-galera/values.yaml
+++ b/kubernetes/common/mariadb-galera/values.yaml
@@ -50,7 +50,7 @@ global:
clusterDomain: cluster.local
metrics: {}
-image: bitnami/mariadb-galera:10.5.8
+image: bitnami/mariadb-galera:10.6.5
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
diff --git a/kubernetes/common/mongo/templates/statefulset.yaml b/kubernetes/common/mongo/templates/statefulset.yaml
index 11602054e8..e156db27db 100644
--- a/kubernetes/common/mongo/templates/statefulset.yaml
+++ b/kubernetes/common/mongo/templates/statefulset.yaml
@@ -39,6 +39,23 @@ spec:
{{ include "common.podSecurityContext" . | indent 6 }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
+ initContainers:
+ # we shouldn't need this but for unknown reason, it's fsGroup is not
+ # applied
+ - name: fix-permission
+ command:
+ - /bin/sh
+ args:
+ - -c
+ - |
+ chown -R {{ .Values.securityContext.user_id }}:{{ .Values.securityContext.group_id }} /data
+ image: {{ include "repositoryGenerator.image.busybox" . }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ securityContext:
+ runAsUser: 0
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-data
+ mountPath: /data
containers:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }}
@@ -72,7 +89,7 @@ spec:
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
- name: {{ include "common.fullname" . }}-data
- mountPath: /var/lib/mongo
+ mountPath: /data/db
resources: {{ include "common.resources" . | nindent 12 }}
{{ include "common.containerSecurityContext" . | indent 10 }}
{{- if .Values.nodeSelector }}
diff --git a/kubernetes/common/mongo/values.yaml b/kubernetes/common/mongo/values.yaml
index ee1d8c72fa..caab71890d 100644
--- a/kubernetes/common/mongo/values.yaml
+++ b/kubernetes/common/mongo/values.yaml
@@ -24,7 +24,7 @@ global:
# Application configuration defaults.
#################################################################
-image: library/mongo:4.0.8
+image: library/mongo:4.4.10
pullPolicy: Always
# application configuration
diff --git a/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl b/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl
index 71201a1cc6..90c278e4c5 100644
--- a/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl
+++ b/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl
@@ -83,10 +83,14 @@
{{- end }}
env:
- name: NAMESPACE
+ {{- if $subchartDot.Values.namespace }}
+ value: {{ $subchartDot.Values.namespace }}
+ {{- else }}
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
+ {{- end }}
resources:
limits:
cpu: {{ $subchartDot.Values.limits.cpu }}
diff --git a/kubernetes/common/repositoryGenerator/values.yaml b/kubernetes/common/repositoryGenerator/values.yaml
index e2fe1ffbdb..ee56577c63 100644
--- a/kubernetes/common/repositoryGenerator/values.yaml
+++ b/kubernetes/common/repositoryGenerator/values.yaml
@@ -32,7 +32,7 @@ global:
jreImage: onap/integration-java11:7.1.0
kubectlImage: bitnami/kubectl:1.19
loggingImage: beats/filebeat:5.5.0
- mariadbImage: bitnami/mariadb:10.5.8
+ mariadbImage: bitnami/mariadb:10.6.5
nginxImage: bitnami/nginx:1.18-debian-10
postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1
readinessImage: onap/oom/readiness:3.0.1
diff --git a/kubernetes/config/prepull_docker.sh b/kubernetes/config/prepull_docker.sh
index 596ace6ad5..bfd679bf3e 100755
--- a/kubernetes/config/prepull_docker.sh
+++ b/kubernetes/config/prepull_docker.sh
@@ -27,8 +27,15 @@ EOF
#calling syntax: parse_yaml <yaml_file_name>
parse_yaml () {
- local prefix=$2
- local s='[[:space:]]*' w='[a-zA-Z0-9_]*' fs=$(echo @|tr @ '\034')
+ local prefix
+ prefix=$2
+ local s
+ s='[[:space:]]*'
+ local w
+ w='[a-zA-Z0-9_]*'
+ local fs
+ fs=$(echo @|tr @ '\034')
+
sed -ne "s|^\($s\):|\1|" \
-e "s|^\($s\)\($w\)$s:$s[\"']\(.*\)[\"']$s\$|\1$fs\2$fs\3|p" \
-e "s|^\($s\)\($w\)$s:$s\(.*\)$s\$|\1$fs\2$fs\3|p" $1 |
diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh
index 3c66feeb46..294ae0a55e 100755
--- a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh
+++ b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh
@@ -49,10 +49,13 @@ Extra DNS server already deployed:
list_node_with_external_addrs()
{
- local WORKER_NODES=$(kubectl get no -l node-role.kubernetes.io/worker=true -o jsonpath='{.items..metadata.name}')
+ local WORKER_NODES
+ WORKER_NODES=$(kubectl get no -l node-role.kubernetes.io/worker=true -o jsonpath='{.items..metadata.name}')
for worker in $WORKER_NODES; do
- local external_ip=$(kubectl get no $worker -o jsonpath='{.metadata.annotations.rke\.cattle\.io/external-ip }')
- local internal_ip=$(kubectl get no $worker -o jsonpath='{.metadata.annotations.rke\.cattle\.io/internal-ip }')
+ local external_ip
+ external_ip=$(kubectl get no $worker -o jsonpath='{.metadata.annotations.rke\.cattle\.io/external-ip }')
+ local internal_ip
+ internal_ip=$(kubectl get no $worker -o jsonpath='{.metadata.annotations.rke\.cattle\.io/internal-ip }')
if [ $internal_ip != $external_ip ]; then
echo $external_ip
break
@@ -61,7 +64,8 @@ list_node_with_external_addrs()
}
ingress_controller_ip() {
- local metal_ns=$(kubectl get ns --no-headers --output=custom-columns=NAME:metadata.name |grep metallb-system)
+ local metal_ns
+ metal_ns=$(kubectl get ns --no-headers --output=custom-columns=NAME:metadata.name |grep metallb-system)
if [ -z $metal_ns ]; then
echo $CLUSTER_IP
else
@@ -70,13 +74,16 @@ ingress_controller_ip() {
}
deploy() {
- local ingress_ip=$(ingress_controller_ip)
+ local ingress_ip
+ ingress_ip=$(ingress_controller_ip)
initdir = $(pwd)
cd $SPATH/bind9dns
if [ $# -eq 0 ]; then
- local cl_domain="simpledemo.onap.org"
+ local cl_domain
+ cl_domain="simpledemo.onap.org"
else
- local cl_domain=$1
+ local cl_domain
+ cl_domain=$1
shift
fi
if [ $# -ne 0 ]; then
diff --git a/kubernetes/contrib/metallb-loadbalancer-inst/install-metallb-on-cluster.sh b/kubernetes/contrib/metallb-loadbalancer-inst/install-metallb-on-cluster.sh
index c62e2a51bd..495d540905 100755
--- a/kubernetes/contrib/metallb-loadbalancer-inst/install-metallb-on-cluster.sh
+++ b/kubernetes/contrib/metallb-loadbalancer-inst/install-metallb-on-cluster.sh
@@ -29,10 +29,13 @@ $0 [cluster_ip1] ... [cluster_ipn] Cluster address or ip ranges
find_nodes_with_external_addrs()
{
- local WORKER_NODES=$(kubectl get no -l node-role.kubernetes.io/worker=true -o jsonpath='{.items..metadata.name}')
+ local WORKER_NODES
+ WORKER_NODES=$(kubectl get no -l node-role.kubernetes.io/worker=true -o jsonpath='{.items..metadata.name}')
for worker in $WORKER_NODES; do
- local external_ip=$(kubectl get no $worker -o jsonpath='{.metadata.annotations.rke\.cattle\.io/external-ip }')
- local internal_ip=$(kubectl get no $worker -o jsonpath='{.metadata.annotations.rke\.cattle\.io/internal-ip }')
+ local external_ip
+ external_ip=$(kubectl get no $worker -o jsonpath='{.metadata.annotations.rke\.cattle\.io/external-ip }')
+ local internal_ip
+ internal_ip=$(kubectl get no $worker -o jsonpath='{.metadata.annotations.rke\.cattle\.io/internal-ip }')
if [ $internal_ip != $external_ip ]; then
echo $external_ip
fi
diff --git a/kubernetes/contrib/tools/registry-initialize.sh b/kubernetes/contrib/tools/registry-initialize.sh
index 75b36bbc52..45ee44f3c5 100755
--- a/kubernetes/contrib/tools/registry-initialize.sh
+++ b/kubernetes/contrib/tools/registry-initialize.sh
@@ -21,9 +21,9 @@
usage()
{
- echo "Chart Base directory must be provided as input!!"
+ echo "Chart Base directory or helm chart from local repo must be provided as input!!"
echo "Usage: registry-initialize.sh -d chartdirectory \
-<-n namespace override> <-r helmrelease override>"
+<-n namespace override> <-r helmrelease override> <-p chart name prefix> | <-h helm charts from local repo>"
exit 1
}
@@ -36,8 +36,10 @@ NAMESPACE=onap
RLS_NAME=onap
LOGIN=""
PASSWORD=""
+PREF=""
+HELM_REPO=local
-while getopts ":d:n:r:" opt; do
+while getopts ":d:n:r:p:h:c:" opt; do
case $opt in
d) BASEDIR="$OPTARG"
;;
@@ -45,20 +47,52 @@ while getopts ":d:n:r:" opt; do
;;
r) RLS_NAME="$OPTARG"
;;
+ p) PREF="$OPTARG"
+ ;;
+ h) HELM_CHART="$OPTARG"
+ ;;
+ c) HELM_REPO="$OPTARG"
+ ;;
\?) echo "Invalid option -$OPTARG" >&2
usage
;;
esac
done
-if [ -z "$BASEDIR" ]; then
- exit "Chart base directory provided $BASEDIR is empty"
+
+if [ -z "$BASEDIR" ] && [ -z "$HELM_CHART" ] ; then
+ echo "Chart base directory provided $BASEDIR and helm chart from local repo is empty"
+ exit
+fi
+
+if [ -n "$BASEDIR" ] && [ -n "$HELM_CHART" ] ; then
+ echo "Both chart base directory $BASEDIR and helm chart from local repo $HELM_CHART cannot be used at the same time "
+ exit
+fi
+
+if [ -n "$BASEDIR" ]; then
+ if [ "$(find $BASEDIR -maxdepth 1 -name '*tgz' -print -quit)" ]; then
+ echo "$BASEDIR valid"
+ else
+ echo "No chart package on $BASEDIR provided"
+ exit
+ fi
+fi
+
+if [ -n "$HELM_CHART" ]; then
+ tmp_location=$(mktemp -d)
+ helm pull $HELM_REPO/$HELM_CHART -d $tmp_location
+ if [ $? -eq 0 ]; then
+ echo "Helm chart $HELM_CHART has been pulled out from in $HELM_REPO repo"
+ BASEDIR=$tmp_location
+ else
+ echo "No chart package $HELM_CHART on $HELM_REPO repo"
+ exit
+ fi
fi
-if [ "$(find $BASEDIR -maxdepth 1 -name '*tgz' -print -quit)" ]; then
- echo "$BASEDIR valid"
-else
- exit "No chart package on $BASEDIR provided"
+if [ -z "$PREF" ] && [ -z "$HELM_CHART" ] ; then
+ PREF=dcae
fi
LOGIN=$(kubectl -n "$NAMESPACE" get secret \
@@ -77,7 +111,7 @@ fi
# Expose cluster port via port-forwarding
kubectl -n $NAMESPACE port-forward service/chart-museum 27017:80 &
if [ $? -ne 0 ]; then
- echo "Error in portforwarding; registry cannot be added!!"
+ echo "Error in port forwarding; registry cannot be added!!"
exit 1
fi
@@ -96,7 +130,7 @@ fi
# Initial scope is pushing only dcae charts
# can be expanded to include all onap charts if required
-for file in $BASEDIR/dcae*tgz; do
+for file in $BASEDIR/$PREF*tgz; do
# use helm plugin to push charts
helm push $file k8s-registry
if [ $? -eq 0 ]; then
diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
index aac0f4b3a9..5ba7d2977a 100644
--- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
+++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
@@ -229,10 +229,12 @@ policies:
{{- $policy := default dict .Values.policies -}}
{{- $policyRls := default $commonRelease $policy.policyRelease -}}
{{- $drFeedConfig := default "" .Values.drFeedConfig -}}
-
+{{- $dcaeName := print (include "common.fullname" .) }}
+{{- $dcaeLabel := (dict "dcaeMicroserviceName" $dcaeName) -}}
+{{- $dot := . -}}
apiVersion: apps/v1
kind: Deployment
-metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+metadata: {{- include "common.resourceMetadata" (dict "dot" $dot "labels" $dcaeLabel) | nindent 2 }}
spec:
replicas: 1
selector: {{- include "common.selectors" . | nindent 4 }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/templates/deployment.yaml
index 2b3ab328b5..4a51c7f9d8 100644
--- a/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/templates/deployment.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/templates/deployment.yaml
@@ -59,6 +59,8 @@ spec:
value: {{ include "common.namespace" . }}
- name: HELM_RELEASE
value: {{ include "common.release" . }}
+ - name: DEPLOY_LABEL
+ value: {{ .Values.deployLabel }}
volumes:
- name: {{ include "common.fullname" . }}-expected-components
configMap:
diff --git a/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/values.yaml
index 58ae706e0a..3b47e7f70e 100644
--- a/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-ms-healthcheck/values.yaml
@@ -31,6 +31,11 @@ service:
- port: 8080
name: http
+# Label on DCAE microservice deployments
+# (Used by healthcheck code to find deployments
+# created after initial DCAE installation)
+deployLabel: dcaeMicroserviceName
+
# probe configuration parameters
liveness:
initialDelaySeconds: 10
@@ -43,7 +48,7 @@ readiness:
initialDelaySeconds: 10
periodSeconds: 10
# application image
-image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.3.0
+image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.4.0
# Resource Limit flavor -By Default using small
flavor: small
diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml
index 1e60d24d7a..54dcda831e 100644
--- a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml
@@ -38,6 +38,11 @@ secrets:
login: '{{ .Values.aafCreds.identity }}'
password: '{{ .Values.aafCreds.password }}'
passwordPolicy: required
+ - uid: &cpsCredsUID cpscreds
+ type: basicAuth
+ login: '{{ .Values.cpsCreds.identity }}'
+ password: '{{ .Values.cpsCreds.password }}'
+ passwordPolicy: required
- uid: &pgUserCredsSecretUid pg-user-creds
name: &pgUserCredsSecretName '{{ include "common.release" . }}-sonhms-pg-user-creds'
type: basicAuth
@@ -70,7 +75,7 @@ certDirectory: /opt/app/sonhms/etc/certs
# TLS role -- set to true if microservice acts as server
# If true, an init container will retrieve a server cert
# and key from AAF and mount them in certDirectory.
-tlsServer: true
+tlsServer: false
# Policy configuraiton properties
# if present, policy-sync side car will be deployed
@@ -92,7 +97,7 @@ readiness:
periodSeconds: 15
timeoutSeconds: 1
path: /healthcheck
- scheme: HTTPS
+ scheme: HTTP
port: 8080
# Service Configuration
@@ -108,6 +113,9 @@ service:
aafCreds:
identity: dcae@dcae.onap.org
password: demo123456!
+cpsCreds:
+ identity: cps
+ password: cpsr0cks!
credentials:
- name: AAF_IDENTITY
@@ -116,6 +124,12 @@ credentials:
- name: AAF_PASSWORD
uid: *aafCredsUID
key: password
+- name: CPS_IDENTITY
+ uid: *cpsCredsUID
+ key: login
+- name: CPS_PASSWORD
+ uid: *cpsCredsUID
+ key: password
- name: PG_USERNAME
uid: *pgUserCredsSecretUid
key: login
@@ -130,6 +144,8 @@ applicationConfig:
postgres.port: 5432
postgres.username: ${PG_USERNAME}
postgres.password: ${PG_PASSWORD}
+ cps.username: ${CPS_IDENTITY}
+ cps.password: ${CPS_PASSWORD}
sonhandler.pollingInterval: 20
sonhandler.pollingTimeout: 60
cbsPollingInterval: 60
@@ -145,6 +161,12 @@ applicationConfig:
sonhandler.bufferTime: 60
sonhandler.cg: sonhms-cg
sonhandler.cid: sonhms-cid
+ sonhandler.clientType: cps
+ cps.service.url: http://cps-tbdmt:8080
+ cps.get.celldata: execute/cps-ran-schemaset/get-cell-data
+ cps.get.nbr.list.url: execute/cps-ran-schemaset/get-nbr-list
+ cps.get.pci.url: execute/ran-network-schemaset/get-pci
+ cps.get.pnf.url: execute/ran-network-schemaset/get-pnf
sonhandler.configDb.service: http://configdb:8080
sonhandler.oof.service: https://oof-osdf:8698
sonhandler.oof.endpoint: /api/oof/v1/pci
diff --git a/kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml b/kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml
index 8134e0df9d..67312d73a0 100644
--- a/kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-healthcheck/values.yaml
@@ -42,7 +42,7 @@ readiness:
initialDelaySeconds: 10
periodSeconds: 10
# application image
-image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.3.0
+image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.4.0
# Resource Limit flavor -By Default using small
flavor: small
diff --git a/kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml b/kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml
index bbc72a5b08..73661ac843 100644
--- a/kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-healthcheck/values.yaml
@@ -42,7 +42,7 @@ readiness:
initialDelaySeconds: 10
periodSeconds: 10
# application image
-image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.2.0
+image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.4.0
# Resource Limit flavor -By Default using small
flavor: small
diff --git a/kubernetes/holmes/components/holmes-engine-mgmt/resources/config/onap-holmes_engine-createobj.sql b/kubernetes/holmes/components/holmes-engine-mgmt/resources/config/onap-holmes_engine-createobj.sql
index 81998453e4..e5eecb1a5a 100644
--- a/kubernetes/holmes/components/holmes-engine-mgmt/resources/config/onap-holmes_engine-createobj.sql
+++ b/kubernetes/holmes/components/holmes-engine-mgmt/resources/config/onap-holmes_engine-createobj.sql
@@ -22,12 +22,10 @@ CREATE ROLE ${JDBC_USERNAME} with PASSWORD '${JDBC_PASSWORD}' LOGIN;
\encoding UTF8;
-/******************DELETE OLD TABLE AND CREATE NEW***************************/
+/******************CREATE NEW TABLE***************************/
\c ${DB_NAME};
-DROP TABLE IF EXISTS ALARM_INFO;
-
-CREATE TABLE ALARM_INFO (
+CREATE TABLE IF NOT EXISTS ALARM_INFO (
EVENTID VARCHAR(150) NOT NULL,
EVENTNAME VARCHAR(150) NOT NULL,
ALARMISCLEARED SMALLINT NOT NULL,
@@ -36,7 +34,8 @@ CREATE TABLE ALARM_INFO (
LASTEPOCHMICROSEC BIGINT NOT NULL,
SOURCEID VARCHAR(150) NOT NULL,
SOURCENAME VARCHAR(150) NOT NULL,
- PRIMARY KEY (EVENTID)
+ SEQUENCE SMALLINT NOT NULL,
+ PRIMARY KEY (EVENTID, SEQUENCE, SOURCENAME)
);
CREATE TABLE IF NOT EXISTS ENGINE_ENTITY (
diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml
index 133e59fb01..aecac0f71a 100755
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -97,7 +97,7 @@ global:
loggingImage: beats/filebeat:5.5.0
# mariadb client image
- mariadbImage: bitnami/mariadb:10.5.8
+ mariadbImage: bitnami/mariadb:10.6.5
# nginx server image
nginxImage: bitnami/nginx:1.18-debian-10
diff --git a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh
index a363ab3bb0..ddaf099bdf 100644
--- a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh
+++ b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh
@@ -5,7 +5,8 @@ shopt -s nullglob
# logging functions
mysql_log() {
- local type="$1"; shift
+ local type
+ type="$1"; shift
printf '%s [%s] [Entrypoint]: %s\n' "$(date --rfc-3339=seconds)" "$type" "$*"
}
mysql_note() {
@@ -24,13 +25,17 @@ mysql_error() {
# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
file_env() {
- local var="$1"
- local fileVar="${var}_FILE"
- local def="${2:-}"
+ local var
+ var="$1"
+ local fileVar
+ fileVar="${var}_FILE"
+ local def
+ def="${2:-}"
if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
mysql_error "Both $var and $fileVar are set (but are exclusive)"
fi
- local val="$def"
+ local val
+ val="$def"
# val="${!var}"
# val="$(< "${!fileVar}")"
# eval replacement of the bashism equivalents above presents no security issue here
@@ -45,13 +50,6 @@ file_env() {
unset "$fileVar"
}
-# check to see if this file is being run or sourced from another script
-_is_sourced() {
- # https://unix.stackexchange.com/a/215279
- [ "${#FUNCNAME[@]}" -ge 2 ] \
- && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
- && [ "${FUNCNAME[1]}" = 'source' ]
-}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
@@ -85,7 +83,9 @@ docker_process_init_files() {
}
mysql_check_config() {
- local toRun=( "$@" --verbose --help --log-bin-index="$(mktemp -u)" ) errors
+ local toRun
+ local errors
+ toRun=( "$@" --verbose --help --log-bin-index="$(mktemp -u)" )
if ! errors="$("${toRun[@]}" 2>&1 >/dev/null)"; then
mysql_error "$(printf 'mysqld failed while attempting to check config\n\tcommand was: ')${toRun[*]}$(printf'\n\t')$errors"
fi
@@ -95,7 +95,8 @@ mysql_check_config() {
# We use mysqld --verbose --help instead of my_print_defaults because the
# latter only show values present in config files, and not server defaults
mysql_get_config() {
- local conf="$1"; shift
+ local conf
+ conf="$1"; shift
"$@" --verbose --help --log-bin-index="$(mktemp -u)" 2>/dev/null \
| awk -v conf="$conf" '$1 == conf && /^[^ \t]/ { sub(/^[^ \t]+[ \t]+/, ""); print; exit }'
# match "datadir /some/path with/spaces in/it here" but not "--xyz=abc\n datadir (xyz)"
@@ -141,7 +142,8 @@ docker_verify_minimum_env() {
# creates folders for the database
# also ensures permission for user mysql of run as root
docker_create_db_directories() {
- local user; user="$(id -u)"
+ local user
+ user="$(id -u)"
# TODO other directories that are used by default? like /var/lib/mysql-files
# see https://github.com/docker-library/mysql/issues/562
@@ -216,7 +218,8 @@ docker_setup_db() {
# Aria in 10.4+ is slow due to "transactional" (crash safety)
# https://jira.mariadb.org/browse/MDEV-23326
# https://github.com/docker-library/mariadb/issues/262
- local tztables=( time_zone time_zone_leap_second time_zone_name time_zone_transition time_zone_transition_type )
+ local tztables
+ tztables=( time_zone time_zone_leap_second time_zone_name time_zone_transition time_zone_transition_type )
for table in "${tztables[@]}"; do
echo "/*!100400 ALTER TABLE $table TRANSACTIONAL=0 */;"
done
@@ -237,7 +240,8 @@ docker_setup_db() {
mysql_note "GENERATED ROOT PASSWORD: $MYSQL_ROOT_PASSWORD"
fi
# Sets root password and creates root users for non-localhost hosts
- local rootCreate=
+ local rootCreate
+ rootCreate=
# default root to listen for connections from anywhere
if [ -n "$MYSQL_ROOT_HOST" ] && [ "$MYSQL_ROOT_HOST" != 'localhost' ]; then
# no, we don't care if read finds a terminating character in this heredoc
@@ -367,6 +371,7 @@ _main() {
}
# If we are sourced from elsewhere, don't perform any further actions
-if ! _is_sourced; then
+# https://stackoverflow.com/questions/2683279/how-to-detect-if-a-script-is-being-sourced/2942183#2942183
+if [ "$(basename $0)" = "docker-entrypoint.sh" ]; then
_main "$@"
fi
diff --git a/kubernetes/robot/demo-k8s.sh b/kubernetes/robot/demo-k8s.sh
index 439390525f..3cbfb76646 100755
--- a/kubernetes/robot/demo-k8s.sh
+++ b/kubernetes/robot/demo-k8s.sh
@@ -23,11 +23,32 @@ usage ()
echo "Usage: demo-k8s.sh <namespace> <command> [<parameters>] [execscript]"
echo " "
echo " demo-k8s.sh <namespace> init"
- echo " - Execute both init_customer + distribute"
+ echo " - Execute both init_customer + distribute + registrySynch"
echo " "
echo " demo-k8s.sh <namespace> init_customer"
echo " - Create demo customer (Demonstration) and services, etc."
echo " "
+ echo " demo-k8s.sh <namespace> registrySynch [ repo <chart name> | path [ <path to helm charts> ]"
+ echo " [ <chart prefix> ] ]"
+ echo " - Synchronize chart museum inside of onap k8s cluster with"
+ echo " onap helm charts git repository (OOM)"
+ echo " By default following charts are synchronized:"
+ echo " - oom/kubernetes/dcaegen2-services/charts/,"
+ echo " - oom/kubernetes/common/common/charts,"
+ echo " - oom/kubernetes/common/postgres/charts/,"
+ echo " - oom/kubernetes/common/repositoryGenerator/charts/,"
+ echo " - oom/kubernetes/common/readinessCheck/charts/,"
+ echo " User is able also to synchronize custom helm charts by providing"
+ echo " flag 'path' and path to charts into command and chart name/s prefix for example:"
+ echo " demo-k8s.sh onap registrySynch /home/ubuntu/oom/kubernetes/common/postgres/charts/ postgres"
+ echo " - Synchronize chart museum inside of onap k8s cluster with"
+ echo " onap installation server 'local' helm charts repository"
+ echo " By default following charts are synchronized:"
+ echo " - local/certInitializer"
+ echo " User is able also to synchronize custom helm charts by providing"
+ echo " flag 'repo' and chart name in 'local' repo into command for example:"
+ echo " demo-k8s.sh onap registrySynch repo certInitializer"
+ echo " "
echo " demo-k8s.sh <namespace> distribute [<prefix>]"
echo " - Distribute demo models (demoVFW and demoVLB)"
echo " "
@@ -45,17 +66,17 @@ usage ()
echo " "
echo " demo-k8s.sh <namespace> instantiateVFWdirectso csar_filename"
echo " - Instantiate vFW module using direct SO interface using previously distributed model "
- echo " that is in /tmp/csar in robot container"
+ echo " that is in /tmp/csar in robot container"
+ echo " "
+ echo " demo-k8s.sh <namespace> instantiateVLB_CDS"
+ echo " - Instantiate vLB module using CDS with a preloaded CBA "
echo " "
- echo " demo-k8s.sh <namespace> instantiateVLB_CDS"
- echo " - Instantiate vLB module using CDS with a preloaded CBA "
- echo " "
echo " demo-k8s.sh <namespace> deleteVNF <module_name from instantiateVFW>"
echo " - Delete the module created by instantiateVFW"
echo " "
echo " demo-k8s.sh <namespace> vfwclosedloop <pgn-ip-address>"
- echo " - vFWCL: Sets the packet generator to high and low rates, and checks whether the policy "
- echo " kicks in to modulate the rates back to medium"
+ echo " - vFWCL: Sets the packet generator to high and low rates, and checks whether the policy "
+ echo " kicks in to modulate the rates back to medium"
echo " "
echo " demo-k8s.sh <namespace> <command> [<parameters>] execscript"
echo " - Optional parameter to execute user custom scripts located in scripts/demoscript directory"
@@ -74,7 +95,7 @@ fi
echo "Number of parameters:"
echo $#
-if [ $# -lt 2 ];then
+if [ $# -lt 2 ]; then
usage
exit
fi
@@ -112,6 +133,7 @@ do
;;
init)
TAG="InitDemo"
+ dcaeRegistrySynch=true
shift
;;
vescollector)
@@ -209,6 +231,26 @@ do
VARIABLES="$VARIABLES -v PACKET_GENERATOR_HOST:$1 -v pkg_host:$1"
shift
;;
+ registrySynch)
+ dcaeRegistrySynch=true
+ echo $dcaeRegistrySynch
+ shift
+ echo $1
+ if [ "$1" = "path" ]; then
+ shift
+ customHelmChartsPath=$1
+ shift
+ customHelmChartsPref=$1
+ shift
+ elif [ "$1" = "repo" ]; then
+ shift
+ customHelmChartFromLocalRepo=$1
+ echo $customHelmChartFromLocalRepo
+ shift
+ else
+ echo "demo-k8s.sh <namespace> registrySynch { repo <chart name> | path [ <path to helm charts> ] [ <chart prefix> ] }"
+ fi
+ ;;
*)
usage
exit
@@ -218,6 +260,7 @@ done
set -x
POD=$(kubectl --namespace $NAMESPACE get pods | sed 's/ .*//'| grep robot)
+HELM_RELEASE=$(kubectl --namespace onap get pods | sed 's/ .*//' | grep robot | sed 's/-.*//')
DIR=$(dirname "$0")
SCRIPTDIR=scripts/demoscript
@@ -234,6 +277,29 @@ export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bas
OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_demo_$key
DISPLAY_NUM=$(($GLOBAL_BUILD_NUMBER + 90))
-VARIABLEFILES="-V /share/config/robot_properties.py"
+if [ $dcaeRegistrySynch ]; then
+ CURRENT_DIR=$PWD
+ PARENT_PATH=${0%/*}
+ cd $PARENT_PATH
+ cd ../contrib/tools
+ if [ -n "$customHelmChartsPath" ]; then
+ ./registry-initialize.sh -d $customHelmChartsPath -n $NAMESPACE -r $HELM_RELEASE -p customHelmChartsPref
+ elif [ -n "$customHelmChartFromLocalRepo" ]; then
+ ./registry-initialize.sh -h $customHelmChartFromLocalRepo -n $NAMESPACE -r $HELM_RELEASE
+ else
+ ./registry-initialize.sh -d ../../dcaegen2-services/charts/ -n $NAMESPACE -r $HELM_RELEASE
+ ./registry-initialize.sh -d ../../dcaegen2-services/charts/ -n $NAMESPACE -r $HELM_RELEASE -p common
+ ./registry-initialize.sh -h certInitializer -n $NAMESPACE -r $HELM_RELEASE
+ ./registry-initialize.sh -h repositoryGenerator -n $NAMESPACE -r $HELM_RELEASE
+ ./registry-initialize.sh -h readinessCheck -n $NAMESPACE -r $HELM_RELEASE
+ ./registry-initialize.sh -h dcaegen2-services-common -n $NAMESPACE -r $HELM_RELEASE
+ ./registry-initialize.sh -h postgres -n $NAMESPACE -r $HELM_RELEASE
+ ./registry-initialize.sh -h serviceAccount -n $NAMESPACE -r $HELM_RELEASE
+ fi
+ cd $CURRENT_DIR
+fi
-kubectl --namespace $NAMESPACE exec ${POD} -- ${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} -i ${TAG} --display $DISPLAY_NUM 2> ${TAG}.out
+if [ -n "$TAG" ]; then
+ VARIABLEFILES="-V /share/config/robot_properties.py"
+ kubectl --namespace $NAMESPACE exec ${POD} -- ${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} -i ${TAG} --display $DISPLAY_NUM 2> ${TAG}.out
+fi \ No newline at end of file
diff --git a/kubernetes/robot/resources/config/eteshare/config/robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/robot_properties.py
index 5b51b70bfc..9076a1f9f9 100644
--- a/kubernetes/robot/resources/config/eteshare/config/robot_properties.py
+++ b/kubernetes/robot/resources/config/eteshare/config/robot_properties.py
@@ -230,6 +230,16 @@ GLOBAL_INVENTORY_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "h
GLOBAL_DEPLOYMENT_HANDLER_SERVER_NAME = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "deployment-handler") }}'
GLOBAL_DEPLOYMENT_HANDLER_SERVER_PROTOCOL = "https"
GLOBAL_DEPLOYMENT_HANDLER_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "deployment-handler" "port" 8443) }}'
+GLOBAL_K8S_CHART_REPOSTORY_SERVER_NAME = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "chart-museum") }}'
+GLOBAL_K8S_CHART_REPOSTORY_SERVER_PROTOCOL = "http"
+GLOBAL_K8S_CHART_REPOSTORY_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "chart-museum" "port" 80) }}'
+GLOBAL_K8S_CHART_REPOSTORY_SERVER_USERNAME = '{{ .Values.k8sChartRepoUsername }}'
+GLOBAL_K8S_CHART_REPOSTORY_SERVER_PASSWORD = '{{ .Values.k8sChartRepoPassword }}'
+# consul info
+GLOBAL_CONSUL_SERVER_NAME = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "consul-server-ui") }}'
+GLOBAL_CONSUL_SERVER_PROTOCOL = "http"
+GLOBAL_CONSUL_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "consul-server-ui" "port" 8500) }}'
+
# dcae mod info
GLOBAL_DCAEMOD_ONBOARDING_API_SERVER_PROTOCOL = "http"
GLOBAL_DCAEMOD_ONBOARDING_API_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dcaemod-onboarding-api" "port" 8080) }}'
diff --git a/kubernetes/robot/values.yaml b/kubernetes/robot/values.yaml
index 087fc853d0..89d83c85a3 100644
--- a/kubernetes/robot/values.yaml
+++ b/kubernetes/robot/values.yaml
@@ -375,6 +375,10 @@ oofOsdfPciOptPassword: "demo123456!"
oofHomingUsername: "admin1"
oofHomingPassword: "plan.15"
+#K8S chart repository - ChartMuseum
+k8sChartRepoUsername: "onapinitializer"
+k8sChartRepoPassword: "demo123456!"
+
# default number of instances
replicaCount: 1
diff --git a/kubernetes/sdnc/components/sdnc-prom/resources/bin/sdnc.failover b/kubernetes/sdnc/components/sdnc-prom/resources/bin/sdnc.failover
index d9133e8477..1a74c1edce 100755
--- a/kubernetes/sdnc/components/sdnc-prom/resources/bin/sdnc.failover
+++ b/kubernetes/sdnc/components/sdnc-prom/resources/bin/sdnc.failover
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/sh
{{/*
# Copyright © 2018 Amdocs
@@ -30,7 +30,7 @@ fi
APP_BIN=/app/bin
debugLog(){
- if [ "$enableDebugLogging" == true ]; then
+ if [ "$enableDebugLogging" = true ]; then
if [ $# -eq 0 ]; then
echo "" >> $LOGFILE
else
@@ -41,7 +41,7 @@ debugLog(){
EXC_SIMPLE_FAILOVER=`${APP_BIN}/switchVoting.sh`
-if [ "$EXC_SIMPLE_FAILOVER" == "success" ]; then
+if [ "$EXC_SIMPLE_FAILOVER" = "success" ]; then
debugLog "Simple failover success. SDNC failover completed."
else
# Simple failover failed. Trying catastrophic failover ...
diff --git a/tox.ini b/tox.ini
index bbd00f85c4..6388e88cea 100644
--- a/tox.ini
+++ b/tox.ini
@@ -57,14 +57,17 @@ commands =
[testenv:checkbashisms]
deps =
-whitelist_externals = sh
- find
- checkbashisms
+whitelist_externals =
+ {toxinidir}/.ci/check-bashisms.sh
commands =
- sh -c 'which checkbashisms>/dev/null || sudo yum install devscripts-minimal || sudo apt-get install devscripts \
- || (echo "checkbashisms command not found - please install it (e.g. sudo apt-get install devscripts | \
- yum install devscripts-minimal )" >&2 && exit 1)'
- find . -not -path '*/\.*' -name *.sh -exec checkbashisms \{\} +
+ {toxinidir}/.ci/check-bashisms.sh
+
+[testenv:shellcheck]
+basepython = python3
+deps = shellcheck-py
+whitelist_externals = find
+commands =
+ find . -not -path '*/\.*' -name *.sh -exec shellcheck \{\} +
[testenv:autopep8]
deps =
@@ -109,3 +112,9 @@ commands =
# As a result, the line above is always skipped in jenkins CI since there cannot be a .git/COMMIT_EDITMSG file.
# A dedicated gitlint profile for CI is proposed above. Also to behave fine locally, this profile must have access
# to the HOME variable so that Gitlint can retrieve Git user settings.
+
+[testenv:pre-commit-autoupdate]
+basepython = python3
+deps = pre-commit
+commands =
+ pre-commit autoupdate