aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--docs/oom_hardcoded_certificates.rst4
-rw-r--r--docs/oom_user_guide.rst2
-rw-r--r--kubernetes/aaf/Makefile50
-rw-r--r--kubernetes/aaf/components/Makefile50
-rw-r--r--kubernetes/aaf/components/aaf-cass/.helmignore (renamed from kubernetes/aaf/charts/aaf-cass/.helmignore)0
-rw-r--r--kubernetes/aaf/components/aaf-cass/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-cass/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-cass/requirements.yaml18
-rw-r--r--kubernetes/aaf/components/aaf-cass/templates/NOTES.txt (renamed from kubernetes/aaf/charts/aaf-cass/templates/NOTES.txt)0
-rw-r--r--kubernetes/aaf/components/aaf-cass/templates/deployment.yaml (renamed from kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-cass/templates/pv.yaml (renamed from kubernetes/aaf/charts/aaf-cass/templates/pv.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-cass/templates/pvc.yaml (renamed from kubernetes/aaf/charts/aaf-cass/templates/pvc.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-cass/templates/service.yaml (renamed from kubernetes/aaf/charts/aaf-cass/templates/service.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-cass/values.yaml (renamed from kubernetes/aaf/charts/aaf-cass/values.yaml)21
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/.helmignore22
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/Chart.yaml18
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/requirements.yaml18
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/resources/certServiceClient-keystore.jksbin0 -> 4087 bytes
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.jksbin0 -> 4126 bytes
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.p12bin0 -> 4691 bytes
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/resources/default/cmpServers.json3
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/resources/root.crt32
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/resources/test/cmpServers.json24
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/resources/truststore.jksbin0 -> 1722 bytes
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/templates/deployment.yaml123
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/templates/secret.yaml56
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/templates/service.yaml17
-rw-r--r--kubernetes/aaf/components/aaf-cert-service/values.yaml160
-rw-r--r--kubernetes/aaf/components/aaf-cm/.helmignore (renamed from kubernetes/aaf/charts/aaf-cm/.helmignore)0
-rw-r--r--kubernetes/aaf/components/aaf-cm/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-cm/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-cm/requirements.yaml21
-rw-r--r--kubernetes/aaf/components/aaf-cm/templates/NOTES.txt (renamed from kubernetes/aaf/charts/aaf-cm/templates/NOTES.txt)0
-rw-r--r--kubernetes/aaf/components/aaf-cm/templates/deployment.yaml (renamed from kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-cm/templates/ingress.yaml (renamed from kubernetes/aaf/charts/aaf-cm/templates/ingress.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-cm/templates/service.yaml (renamed from kubernetes/aaf/charts/aaf-cm/templates/service.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-cm/values.yaml (renamed from kubernetes/aaf/charts/aaf-cm/values.yaml)27
-rw-r--r--kubernetes/aaf/components/aaf-fs/.helmignore (renamed from kubernetes/aaf/charts/aaf-fs/.helmignore)0
-rw-r--r--kubernetes/aaf/components/aaf-fs/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-fs/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-fs/requirements.yaml21
-rw-r--r--kubernetes/aaf/components/aaf-fs/templates/NOTES.txt (renamed from kubernetes/aaf/charts/aaf-fs/templates/NOTES.txt)0
-rw-r--r--kubernetes/aaf/components/aaf-fs/templates/deployment.yaml (renamed from kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-fs/templates/ingress.yaml (renamed from kubernetes/aaf/charts/aaf-fs/templates/ingress.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-fs/templates/service.yaml (renamed from kubernetes/aaf/charts/aaf-fs/templates/service.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-fs/values.yaml (renamed from kubernetes/aaf/charts/aaf-fs/values.yaml)24
-rw-r--r--kubernetes/aaf/components/aaf-gui/.helmignore (renamed from kubernetes/aaf/charts/aaf-gui/.helmignore)0
-rw-r--r--kubernetes/aaf/components/aaf-gui/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-gui/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-gui/requirements.yaml21
-rw-r--r--kubernetes/aaf/components/aaf-gui/templates/NOTES.txt (renamed from kubernetes/aaf/charts/aaf-gui/templates/NOTES.txt)0
-rw-r--r--kubernetes/aaf/components/aaf-gui/templates/deployment.yaml (renamed from kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-gui/templates/ingress.yaml (renamed from kubernetes/aaf/charts/aaf-gui/templates/ingress.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-gui/templates/service.yaml (renamed from kubernetes/aaf/charts/aaf-gui/templates/service.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-gui/values.yaml (renamed from kubernetes/aaf/charts/aaf-gui/values.yaml)26
-rw-r--r--kubernetes/aaf/components/aaf-hello/.helmignore (renamed from kubernetes/aaf/charts/aaf-hello/.helmignore)0
-rw-r--r--kubernetes/aaf/components/aaf-hello/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-hello/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-hello/requirements.yaml21
-rw-r--r--kubernetes/aaf/components/aaf-hello/templates/NOTES.txt (renamed from kubernetes/aaf/charts/aaf-hello/templates/NOTES.txt)0
-rw-r--r--kubernetes/aaf/components/aaf-hello/templates/deployment.yaml (renamed from kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-hello/templates/ingress.yaml (renamed from kubernetes/aaf/charts/aaf-hello/templates/ingress.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-hello/templates/secret.yaml (renamed from kubernetes/aaf/charts/aaf-hello/templates/secret.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-hello/templates/service.yaml (renamed from kubernetes/aaf/charts/aaf-hello/templates/service.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-hello/values.yaml (renamed from kubernetes/aaf/charts/aaf-hello/values.yaml)2
-rw-r--r--kubernetes/aaf/components/aaf-locate/.helmignore (renamed from kubernetes/aaf/charts/aaf-locate/.helmignore)0
-rw-r--r--kubernetes/aaf/components/aaf-locate/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-locate/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-locate/requirements.yaml21
-rw-r--r--kubernetes/aaf/components/aaf-locate/templates/NOTES.txt (renamed from kubernetes/aaf/charts/aaf-locate/templates/NOTES.txt)0
-rw-r--r--kubernetes/aaf/components/aaf-locate/templates/deployment.yaml (renamed from kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-locate/templates/ingress.yaml (renamed from kubernetes/aaf/charts/aaf-locate/templates/ingress.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-locate/templates/service.yaml (renamed from kubernetes/aaf/charts/aaf-locate/templates/service.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-locate/values.yaml (renamed from kubernetes/aaf/charts/aaf-locate/values.yaml)27
-rw-r--r--kubernetes/aaf/components/aaf-oauth/.helmignore (renamed from kubernetes/aaf/charts/aaf-oauth/.helmignore)0
-rw-r--r--kubernetes/aaf/components/aaf-oauth/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-oauth/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-oauth/requirements.yaml21
-rw-r--r--kubernetes/aaf/components/aaf-oauth/templates/NOTES.txt (renamed from kubernetes/aaf/charts/aaf-oauth/templates/NOTES.txt)0
-rw-r--r--kubernetes/aaf/components/aaf-oauth/templates/deployment.yaml (renamed from kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-oauth/templates/ingress.yaml (renamed from kubernetes/aaf/charts/aaf-oauth/templates/ingress.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-oauth/templates/service.yaml (renamed from kubernetes/aaf/charts/aaf-oauth/templates/service.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-oauth/values.yaml (renamed from kubernetes/aaf/charts/aaf-oauth/values.yaml)27
-rw-r--r--kubernetes/aaf/components/aaf-service/.helmignore (renamed from kubernetes/aaf/charts/aaf-service/.helmignore)0
-rw-r--r--kubernetes/aaf/components/aaf-service/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-service/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-service/requirements.yaml21
-rw-r--r--kubernetes/aaf/components/aaf-service/templates/deployment.yaml (renamed from kubernetes/aaf/charts/aaf-service/templates/deployment.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-service/templates/ingress.yaml (renamed from kubernetes/aaf/charts/aaf-service/templates/ingress.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-service/templates/service.yaml (renamed from kubernetes/aaf/charts/aaf-service/templates/service.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-service/values.yaml (renamed from kubernetes/aaf/charts/aaf-service/values.yaml)27
-rw-r--r--kubernetes/aaf/components/aaf-sms/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-sms/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/resources/config/config.json (renamed from kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/resources/config/config.json)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml (renamed from kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml (renamed from kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml (renamed from kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/values.yaml (renamed from kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/configmap.yaml (renamed from kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/configmap.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml (renamed from kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/service.yaml (renamed from kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/service.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml (renamed from kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/values.yaml (renamed from kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/requirements.yaml21
-rw-r--r--kubernetes/aaf/components/aaf-sms/resources/certs/intermediate_root_ca.pem26
-rw-r--r--kubernetes/aaf/components/aaf-sms/resources/config/has.json (renamed from kubernetes/aaf/charts/aaf-sms/resources/config/has.json)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/resources/config/osdf.json (renamed from kubernetes/aaf/charts/aaf-sms/resources/config/osdf.json)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/templates/configmap.yaml (renamed from kubernetes/aaf/charts/aaf-sms/templates/configmap.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/templates/deployment.yaml (renamed from kubernetes/aaf/charts/aaf-sms/templates/deployment.yaml)30
-rw-r--r--kubernetes/aaf/components/aaf-sms/templates/job.yaml (renamed from kubernetes/aaf/charts/aaf-sms/templates/job.yaml)8
-rw-r--r--kubernetes/aaf/components/aaf-sms/templates/pv.yaml (renamed from kubernetes/aaf/charts/aaf-sms/templates/pv.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/templates/pvc.yaml (renamed from kubernetes/aaf/charts/aaf-sms/templates/pvc.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/templates/secret.yaml32
-rw-r--r--kubernetes/aaf/components/aaf-sms/templates/service.yaml (renamed from kubernetes/aaf/charts/aaf-sms/templates/service.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sms/values.yaml (renamed from kubernetes/aaf/charts/aaf-sms/values.yaml)38
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/README.md (renamed from kubernetes/aaf/charts/aaf-sshsm/README.md)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/configmap.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/configmap.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/configmap.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/configmap.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/requirements.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/requirements.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/resources/config/prk_passwd (renamed from kubernetes/aaf/charts/aaf-sshsm/resources/config/prk_passwd)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/resources/config/srk_handle (renamed from kubernetes/aaf/charts/aaf-sshsm/resources/config/srk_handle)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/templates/pv-data.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/templates/pv-data.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/templates/pv-dbus.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/templates/pv-dbus.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/templates/pvc-data.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/templates/pvc-data.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/templates/pvc-dbus.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/templates/pvc-dbus.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/templates/secret.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/templates/secret.yaml)0
-rw-r--r--kubernetes/aaf/components/aaf-sshsm/values.yaml (renamed from kubernetes/aaf/charts/aaf-sshsm/values.yaml)18
-rw-r--r--kubernetes/aaf/components/aaf-templates/Chart.yaml19
-rw-r--r--kubernetes/aaf/components/aaf-templates/requirements.yaml18
-rw-r--r--kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl (renamed from kubernetes/aaf/templates/_deployment.tpl)0
-rw-r--r--kubernetes/aaf/components/aaf-templates/templates/_initContainers.tpl (renamed from kubernetes/aaf/templates/_initContainers.tpl)0
-rw-r--r--kubernetes/aaf/components/aaf-templates/values.yaml13
-rw-r--r--kubernetes/aaf/requirements.yaml36
-rw-r--r--kubernetes/aaf/values.yaml12
-rwxr-xr-xkubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties2
-rwxr-xr-xkubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml2
-rw-r--r--kubernetes/common/certInitializer/templates/_certInitializer.yaml2
-rw-r--r--kubernetes/common/certInitializer/values.yaml1
-rw-r--r--kubernetes/common/mariadb-galera/resources/create-deployment.yml50
-rw-r--r--kubernetes/common/mariadb-galera/resources/post-upgrade-script.sh26
-rw-r--r--kubernetes/common/mariadb-galera/resources/upgrade-scripts.sh101
-rw-r--r--kubernetes/common/mariadb-galera/templates/configmap.yaml37
-rw-r--r--kubernetes/common/mariadb-galera/templates/job.yaml107
-rw-r--r--kubernetes/common/mariadb-galera/values.yaml5
-rw-r--r--kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml5
-rw-r--r--kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml73
-rw-r--r--kubernetes/dmaap/components/dmaap-dr-prov/templates/pv.yaml45
-rw-r--r--kubernetes/dmaap/components/dmaap-dr-prov/templates/pvc.yaml44
-rw-r--r--kubernetes/dmaap/components/dmaap-dr-prov/values.yaml19
-rw-r--r--kubernetes/onap/resources/overrides/aaf-cert-service-environment.yaml47
-rwxr-xr-xkubernetes/onap/values.yaml31
-rw-r--r--kubernetes/portal/components/portal-sdk/requirements.yaml3
-rw-r--r--kubernetes/portal/components/portal-sdk/resources/server/server.xml4
-rw-r--r--kubernetes/portal/components/portal-sdk/templates/configmap.yaml14
-rw-r--r--kubernetes/portal/components/portal-sdk/templates/deployment.yaml18
-rw-r--r--kubernetes/portal/components/portal-sdk/values.yaml20
m---------kubernetes/robot0
-rw-r--r--kubernetes/sdc/charts/sdc-be/values.yaml4
-rw-r--r--kubernetes/sdc/charts/sdc-cs/values.yaml4
-rw-r--r--kubernetes/sdc/charts/sdc-fe/values.yaml2
-rw-r--r--kubernetes/sdc/charts/sdc-onboarding-be/values.yaml4
-rw-r--r--kubernetes/sdnc/resources/config/log/org.ops4j.pax.logging.cfg199
-rw-r--r--kubernetes/so/charts/so-appc-orchestrator/Chart.yaml18
-rw-r--r--kubernetes/so/charts/so-appc-orchestrator/resources/config/overrides/override.yaml57
-rwxr-xr-xkubernetes/so/charts/so-appc-orchestrator/templates/configmap.yaml41
-rw-r--r--kubernetes/so/charts/so-appc-orchestrator/templates/deployment.yaml83
-rw-r--r--kubernetes/so/charts/so-appc-orchestrator/templates/secret.yaml (renamed from kubernetes/aaf/charts/aaf-sms/templates/secret.yaml)2
-rw-r--r--kubernetes/so/charts/so-appc-orchestrator/templates/service.yaml15
-rw-r--r--kubernetes/so/charts/so-appc-orchestrator/values.yaml125
-rwxr-xr-xkubernetes/so/charts/so-bpmn-infra/values.yaml2
-rwxr-xr-xkubernetes/so/charts/so-catalog-db-adapter/values.yaml2
-rw-r--r--kubernetes/so/charts/so-monitoring/values.yaml2
-rwxr-xr-xkubernetes/so/charts/so-nssmf-adapter/values.yaml2
-rwxr-xr-xkubernetes/so/charts/so-openstack-adapter/values.yaml2
-rwxr-xr-xkubernetes/so/charts/so-request-db-adapter/values.yaml2
-rwxr-xr-xkubernetes/so/charts/so-sdc-controller/values.yaml2
-rwxr-xr-xkubernetes/so/charts/so-sdnc-adapter/values.yaml2
-rwxr-xr-xkubernetes/so/charts/so-ve-vnfm-adapter/values.yaml2
-rwxr-xr-xkubernetes/so/charts/so-vfc-adapter/values.yaml2
-rwxr-xr-xkubernetes/so/charts/so-vnfm-adapter/values.yaml2
-rwxr-xr-xkubernetes/so/values.yaml34
187 files changed, 2143 insertions, 319 deletions
diff --git a/docs/oom_hardcoded_certificates.rst b/docs/oom_hardcoded_certificates.rst
index 9cf11c5b26..085beaa4d1 100644
--- a/docs/oom_hardcoded_certificates.rst
+++ b/docs/oom_hardcoded_certificates.rst
@@ -14,6 +14,10 @@ Here's the list of these certificates:
+-----------------------------------------------------------------------------------------------------------------------------------------------------+
| Project | ONAP Certificate | Own Certificate | MSB Certificate | Path |
+==================+==================+==================+============================================================================================+
+ | AAF | No | Yes | No | aaf/charts/aaf-cert-service/resources/ |
+ +------------------+------------------+------------------+--------------------------------------------------------------------------------------------+
+ | AAF | Yes | No | No | aaf/components/aaf-sms/resources/certs/intermediate_root_ca.pem |
+ +------------------+------------------+------------------+--------------------------------------------------------------------------------------------+
| AAI | Yes | No | No | aai/oom/resources/config/haproxy/aai.pem |
+------------------+------------------+------------------+--------------------------------------------------------------------------------------------+
| AAI | Yes | No | No | aai/oom/resources/config/aai/aai_keystore |
diff --git a/docs/oom_user_guide.rst b/docs/oom_user_guide.rst
index 3e36cd165e..847795dc17 100644
--- a/docs/oom_user_guide.rst
+++ b/docs/oom_user_guide.rst
@@ -115,7 +115,7 @@ stable which should be removed to avoid confusion::
To prepare your system for an installation of ONAP, you'll need to::
- > git clone -b frankfurt http://gerrit.onap.org/r/oom
+ > git clone -b frankfurt --recurse-submodules -j2 http://gerrit.onap.org/r/oom
> cd oom/kubernetes
diff --git a/kubernetes/aaf/Makefile b/kubernetes/aaf/Makefile
new file mode 100644
index 0000000000..9396001ebc
--- /dev/null
+++ b/kubernetes/aaf/Makefile
@@ -0,0 +1,50 @@
+# Copyright © 2020 Samsung Electronics, Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+OUTPUT_DIR := $(ROOT_DIR)/../dist
+PACKAGE_DIR := $(OUTPUT_DIR)/packages
+SECRET_DIR := $(OUTPUT_DIR)/secrets
+
+EXCLUDES := dist resources templates charts
+HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+
+.PHONY: $(EXCLUDES) $(HELM_CHARTS)
+
+all: $(HELM_CHARTS)
+
+$(HELM_CHARTS):
+ @echo "\n[$@]"
+ @make package-$@
+
+make-%:
+ @if [ -f $*/Makefile ]; then make -C $*; fi
+
+dep-%: make-%
+ @if [ -f $*/requirements.yaml ]; then helm dep up $*; fi
+
+lint-%: dep-%
+ @if [ -f $*/Chart.yaml ]; then helm lint $*; fi
+
+package-%: lint-%
+ @mkdir -p $(PACKAGE_DIR)
+ @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+ @helm repo index $(PACKAGE_DIR)
+
+clean:
+ @rm -f */requirements.lock
+ @rm -f *tgz */charts/*tgz
+ @rm -rf $(PACKAGE_DIR)
+%:
+ @:
diff --git a/kubernetes/aaf/components/Makefile b/kubernetes/aaf/components/Makefile
new file mode 100644
index 0000000000..2fc0cbe4ab
--- /dev/null
+++ b/kubernetes/aaf/components/Makefile
@@ -0,0 +1,50 @@
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+OUTPUT_DIR := $(ROOT_DIR)/../../dist
+PACKAGE_DIR := $(OUTPUT_DIR)/packages
+SECRET_DIR := $(OUTPUT_DIR)/secrets
+
+EXCLUDES :=
+HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+
+.PHONY: $(EXCLUDES) $(HELM_CHARTS)
+
+all: $(HELM_CHARTS)
+
+$(HELM_CHARTS):
+ @echo "\n[$@]"
+ @make package-$@
+
+make-%:
+ @if [ -f $*/Makefile ]; then make -C $*; fi
+
+dep-%: make-%
+ @if [ -f $*/requirements.yaml ]; then helm dep up $*; fi
+
+lint-%: dep-%
+ @if [ -f $*/Chart.yaml ]; then helm lint $*; fi
+
+package-%: lint-%
+ @mkdir -p $(PACKAGE_DIR)
+ @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+ @helm repo index $(PACKAGE_DIR)
+
+clean:
+ @rm -f */requirements.lock
+ @rm -f *tgz */charts/*tgz
+ @rm -rf $(PACKAGE_DIR)
+%:
+ @:
diff --git a/kubernetes/aaf/charts/aaf-cass/.helmignore b/kubernetes/aaf/components/aaf-cass/.helmignore
index daebc7da77..daebc7da77 100644
--- a/kubernetes/aaf/charts/aaf-cass/.helmignore
+++ b/kubernetes/aaf/components/aaf-cass/.helmignore
diff --git a/kubernetes/aaf/charts/aaf-cass/Chart.yaml b/kubernetes/aaf/components/aaf-cass/Chart.yaml
index 42b4076689..42b4076689 100644
--- a/kubernetes/aaf/charts/aaf-cass/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-cass/Chart.yaml
diff --git a/kubernetes/aaf/components/aaf-cass/requirements.yaml b/kubernetes/aaf/components/aaf-cass/requirements.yaml
new file mode 100644
index 0000000000..6afaa06e8a
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cass/requirements.yaml
@@ -0,0 +1,18 @@
+ # Copyright © 2020 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
diff --git a/kubernetes/aaf/charts/aaf-cass/templates/NOTES.txt b/kubernetes/aaf/components/aaf-cass/templates/NOTES.txt
index bd74a42cd5..bd74a42cd5 100644
--- a/kubernetes/aaf/charts/aaf-cass/templates/NOTES.txt
+++ b/kubernetes/aaf/components/aaf-cass/templates/NOTES.txt
diff --git a/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml b/kubernetes/aaf/components/aaf-cass/templates/deployment.yaml
index 309a9f38c6..309a9f38c6 100644
--- a/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml
+++ b/kubernetes/aaf/components/aaf-cass/templates/deployment.yaml
diff --git a/kubernetes/aaf/charts/aaf-cass/templates/pv.yaml b/kubernetes/aaf/components/aaf-cass/templates/pv.yaml
index 187e9b75de..187e9b75de 100644
--- a/kubernetes/aaf/charts/aaf-cass/templates/pv.yaml
+++ b/kubernetes/aaf/components/aaf-cass/templates/pv.yaml
diff --git a/kubernetes/aaf/charts/aaf-cass/templates/pvc.yaml b/kubernetes/aaf/components/aaf-cass/templates/pvc.yaml
index e56c98751c..e56c98751c 100644
--- a/kubernetes/aaf/charts/aaf-cass/templates/pvc.yaml
+++ b/kubernetes/aaf/components/aaf-cass/templates/pvc.yaml
diff --git a/kubernetes/aaf/charts/aaf-cass/templates/service.yaml b/kubernetes/aaf/components/aaf-cass/templates/service.yaml
index 8f80ee12a2..8f80ee12a2 100644
--- a/kubernetes/aaf/charts/aaf-cass/templates/service.yaml
+++ b/kubernetes/aaf/components/aaf-cass/templates/service.yaml
diff --git a/kubernetes/aaf/charts/aaf-cass/values.yaml b/kubernetes/aaf/components/aaf-cass/values.yaml
index 3d9f21e297..c5e5811fd1 100644
--- a/kubernetes/aaf/charts/aaf-cass/values.yaml
+++ b/kubernetes/aaf/components/aaf-cass/values.yaml
@@ -12,6 +12,25 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+global:
+ nodePortPrefix: 302
+ # Readiness image
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+ # Ubuntu Init image
+ ubuntuInitRepository: registry.hub.docker.com
+ ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
+ # Logging image
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ # BusyBox image
+ busyboxRepository: registry.hub.docker.com
+ busyboxImage: library/busybox:1.31
+ persistence:
+ enabled: true
+ # Standard OOM
+ pullPolicy: "Always"
+ repository: "nexus3.onap.org:10001"
flavor: small
@@ -34,7 +53,7 @@ liveness:
enabled: true
port: tcp-cql
-image: onap/aaf/aaf_cass:2.1.20
+image: onap/aaf/aaf_cass:2.1.23
config:
cluster_name: osaaf
diff --git a/kubernetes/aaf/components/aaf-cert-service/.helmignore b/kubernetes/aaf/components/aaf-cert-service/.helmignore
new file mode 100644
index 0000000000..50af031725
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cert-service/.helmignore
@@ -0,0 +1,22 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/kubernetes/aaf/components/aaf-cert-service/Chart.yaml b/kubernetes/aaf/components/aaf-cert-service/Chart.yaml
new file mode 100644
index 0000000000..525b2ac4b6
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cert-service/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2020 Nokia
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP AAF Cert Service
+name: aaf-cert-service
+version: 6.0.0
diff --git a/kubernetes/aaf/components/aaf-cert-service/requirements.yaml b/kubernetes/aaf/components/aaf-cert-service/requirements.yaml
new file mode 100644
index 0000000000..6afaa06e8a
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cert-service/requirements.yaml
@@ -0,0 +1,18 @@
+ # Copyright © 2020 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
diff --git a/kubernetes/aaf/components/aaf-cert-service/resources/certServiceClient-keystore.jks b/kubernetes/aaf/components/aaf-cert-service/resources/certServiceClient-keystore.jks
new file mode 100644
index 0000000000..f24908c55d
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cert-service/resources/certServiceClient-keystore.jks
Binary files differ
diff --git a/kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.jks b/kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.jks
new file mode 100644
index 0000000000..89605b6b7a
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.jks
Binary files differ
diff --git a/kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.p12 b/kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.p12
new file mode 100644
index 0000000000..2106c817ef
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.p12
Binary files differ
diff --git a/kubernetes/aaf/components/aaf-cert-service/resources/default/cmpServers.json b/kubernetes/aaf/components/aaf-cert-service/resources/default/cmpServers.json
new file mode 100644
index 0000000000..358f2a82c7
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cert-service/resources/default/cmpServers.json
@@ -0,0 +1,3 @@
+{
+ "cmpv2Servers": []
+} \ No newline at end of file
diff --git a/kubernetes/aaf/components/aaf-cert-service/resources/root.crt b/kubernetes/aaf/components/aaf-cert-service/resources/root.crt
new file mode 100644
index 0000000000..faeee81357
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cert-service/resources/root.crt
@@ -0,0 +1,32 @@
+-----BEGIN CERTIFICATE-----
+MIIFlDCCA3ygAwIBAgIETsAy8jANBgkqhkiG9w0BAQwFADByMQswCQYDVQQGEwJQ
+TDEUMBIGA1UECBMLRG9sbnkgU2xhc2sxEDAOBgNVBAcTB1dyb2NsYXcxFTATBgNV
+BAoTDFJvb3QgQ29tcGFueTERMA8GA1UECxMIUm9vdCBPcmcxETAPBgNVBAMTCHJv
+b3QuY29tMB4XDTIwMDQwMzA5MTYxNloXDTMwMDQwMTA5MTYxNlowcjELMAkGA1UE
+BhMCUEwxFDASBgNVBAgTC0RvbG55IFNsYXNrMRAwDgYDVQQHEwdXcm9jbGF3MRUw
+EwYDVQQKEwxSb290IENvbXBhbnkxETAPBgNVBAsTCFJvb3QgT3JnMREwDwYDVQQD
+Ewhyb290LmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAImm68wu
+rtdkVrC5JI2y53+DoVE4al7NxC2yHeVW0PRD3CgW1xba6dlSQoDQQKkDkxtuNhlU
+IQxU1bbKR6syqJgpJXwSDx4sl4J5lQGWN+iuNA72C1IyXATOgowGq6PbOVVTkApy
+3+ZZGBCmweTjhvddAO7k5p8v+ePt17VvBTxSt6rSvrkGMbpCxBGAPfGpL9xykm9Z
+okVSlA42gGhbra499QTT0Yc/WPPFotKkDKFGaDrLW3NYX1Lio11myYNvLOMwfSEV
+Xy9vkwxcdqFJpHjx+EVLLQXwkudZP+D53N4bk8nP3SacbZSQ/A85mZpWNtw+r9QL
+fZGecY1YIR0udLj66CIG3ybl3gSXX7TSRERTIMR6Um1lt+039FSa18mRBpQTCDXV
+tSL58Qs5BHFkCe0sGpY+XiSEypc6oYPf/7YjiTvMT/mHhDffrvFjhK+wP/oCIg8u
+vuPRoPWuyw41bBeFGitJgDn7E8p9B4K/1DCO/ZcjXiYMgn5Hwb3ojablYUeiXs99
+2AAV8gCceUCdgcP8d6wdAydOVljavkgHPG0IMbiVG1WT57oM3HQpejgpujlKDDsI
+bi9/lbcC/U0JoN9yAaJZFr7CXJrxRv8DWeTwzMTo203KHNu9roQiERd38P8Dp6AQ
+ivmqf0+0VZM3IpjWBYKM68tclHJcG+7wyFjvAgMBAAGjMjAwMB0GA1UdDgQWBBSN
+lFyR56zh67mnvYTmmgJQVxEJrjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEB
+DAUAA4ICAQBczmFY0kmr1FK50glkT282ur0vukNtwXQNJONof3rYRqP2W98jID6D
+ayma0B4/H1EqCa0d66wRBxFdwW+MqOc4uWD3uUwgazrYD/Bv+V3aumaw8yX6vbyL
+hLNfpd4pViAEGtzYxYfMfFR6uzInF3NMpvt8OXCSGKiQjDMnMs0ekvUZLJm7yxwT
+Qr9aAEFYQYM/GstUC6qFfuUa4MaGvmyKWhZ10JoKXYbGGeFU4wI7Kzifh3VvawTg
+r314ZvQ3zpEwzNJpdvT5ZKuPvyN+drAKFpSPfOTFmmb3uF95FgYq33OFPpo7SR43
+tnw5u5YqKnsHmqCIRMctWiYZc8rBJ3+eBGmke6z/AN6FraG6Ejc8e4WPclrB8STb
++oB3a4Cvri1VHyodkm50Sb/d1FAMDXvzEPBfu2D0dVvOwOcISSN/MQUom8NN4YeI
+aEATdAPNkokgehOzZ1OPRv47FKYEVPCXjaZEWAC7NNmNiRn4RQOti0DlNrLL7Nx9
+vK09G0EnW01MO2ARRkZ3dog+Ph7orJQV3sd7TO4EEortqWtbegSH75ylyYw6rt/j
+uBzYtMOnEtnQKhxj4Wj7PO+StCgspoOByn0d+iSgDd2TlpWm4naP2pfFZT0R+TOH
+wzSH0F47TSfRd0++uEz/QhViybrvQK7yMt1G1YwZp2im+imuWwUC8Q==
+-----END CERTIFICATE-----
diff --git a/kubernetes/aaf/components/aaf-cert-service/resources/test/cmpServers.json b/kubernetes/aaf/components/aaf-cert-service/resources/test/cmpServers.json
new file mode 100644
index 0000000000..06e1087f60
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cert-service/resources/test/cmpServers.json
@@ -0,0 +1,24 @@
+{
+ "cmpv2Servers": [
+ {
+ "caName": "CLIENT",
+ "url": "http://ejbca:8080/ejbca/publicweb/cmp/cmp",
+ "issuerDN": "CN=ManagementCA",
+ "caMode": "CLIENT",
+ "authentication": {
+ "iak": "${CLIENT_IAK}",
+ "rv": "${CLIENT_RV}"
+ }
+ },
+ {
+ "caName": "RA",
+ "url": "http://ejbca:8080/ejbca/publicweb/cmp/cmpRA",
+ "issuerDN": "CN=ManagementCA",
+ "caMode": "RA",
+ "authentication": {
+ "iak": "${RA_IAK}",
+ "rv": "${RA_RV}"
+ }
+ }
+ ]
+} \ No newline at end of file
diff --git a/kubernetes/aaf/components/aaf-cert-service/resources/truststore.jks b/kubernetes/aaf/components/aaf-cert-service/resources/truststore.jks
new file mode 100644
index 0000000000..c32d37fd9d
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cert-service/resources/truststore.jks
Binary files differ
diff --git a/kubernetes/aaf/components/aaf-cert-service/templates/deployment.yaml b/kubernetes/aaf/components/aaf-cert-service/templates/deployment.yaml
new file mode 100644
index 0000000000..76e610f169
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cert-service/templates/deployment.yaml
@@ -0,0 +1,123 @@
+# Copyright © 2020, Nokia
+# Modifications Copyright © 2020, Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.global.cmpv2Enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector: {{- include "common.selectors" . | nindent 4 }}
+ template:
+ metadata: {{- include "common.templateMetadata" . | nindent 6 }}
+ spec:
+ volumes:
+{{- if .Values.global.addTestingComponents }}
+ - name: cmp-servers-template-volume
+ secret:
+ secretName: {{ .Values.cmpServers.secret.name }}
+ - name: {{ .Values.cmpServers.volume.name }}
+ emptyDir:
+ medium: Memory
+{{- else }}
+ - name: {{ .Values.cmpServers.volume.name }}
+ secret:
+ secretName: {{ .Values.cmpServers.secret.name }}
+{{- end }}
+ - name: {{ .Values.tls.server.volume.name }}
+ secret:
+ secretName: {{ .Values.tls.server.secret.name }}
+{{- if .Values.global.addTestingComponents }}
+ initContainers:
+ - name: wait-for-ejbca
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - ejbca-ejbca
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ - name: subsitute-envs
+ image: "{{ .Values.global.envsubstImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command: ['sh', '-c', "cd /config-input && envsubst < cmpServers.json > {{ .Values.cmpServers.volume.mountPath }}/cmpServers.json"]
+ volumeMounts:
+ - name: cmp-servers-template-volume
+ mountPath: /config-input
+ readOnly: true
+ - name: {{ .Values.cmpServers.volume.name }}
+ mountPath: {{ .Values.cmpServers.volume.mountPath }}
+ readOnly: false
+ env:
+ - name: CLIENT_IAK
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ejbca-server-client-iak" "key" "password") | indent 14 }}
+ - name: CLIENT_RV
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmp-config-client-rv" "key" "password") | indent 14 }}
+ - name: RA_IAK
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ejbca-server-ra-iak" "key" "password") | indent 14 }}
+ - name: RA_RV
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmp-config-ra-rv" "key" "password") | indent 14 }}
+{{- end }}
+ containers:
+ - name: {{ include "common.name" . }}
+ image: {{ .Values.repository }}/{{ .Values.image }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ ports: {{ include "common.containerPorts" . | nindent 10 }}
+ env:
+ - name: HTTPS_PORT
+ value: "{{ .Values.envs.httpsPort }}"
+ - name: KEYSTORE_PATH
+ value: "{{ .Values.tls.server.volume.mountPath }}/{{ .Values.envs.keystore.jksName }}"
+ - name: KEYSTORE_P12_PATH
+ value: "{{ .Values.tls.server.volume.mountPath }}/{{ .Values.envs.keystore.p12Name }}"
+ - name: TRUSTSTORE_PATH
+ value: "{{ .Values.tls.server.volume.mountPath }}/{{ .Values.envs.truststore.jksName }}"
+ - name: ROOT_CERT
+ value: "{{ .Values.tls.server.volume.mountPath }}/{{ .Values.envs.truststore.crtName }}"
+ - name: KEYSTORE_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 14 }}
+ - name: TRUSTSTORE_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 14 }}
+ livenessProbe:
+ exec:
+ command:
+ - /bin/bash
+ - -c
+ - {{ .Values.liveness.command }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ readinessProbe:
+ exec:
+ command:
+ - /bin/bash
+ - -c
+ - {{ .Values.readiness.command }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - name: {{ .Values.cmpServers.volume.name }}
+ mountPath: {{ .Values.cmpServers.volume.mountPath }}
+ readOnly: false
+ - name: {{ .Values.tls.server.volume.name }}
+ mountPath: {{ .Values.tls.server.volume.mountPath }}
+ readOnly: true
+ resources: {{ include "common.resources" . | nindent 12 }}
+{{ end -}}
diff --git a/kubernetes/aaf/components/aaf-cert-service/templates/secret.yaml b/kubernetes/aaf/components/aaf-cert-service/templates/secret.yaml
new file mode 100644
index 0000000000..ac92f56487
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cert-service/templates/secret.yaml
@@ -0,0 +1,56 @@
+# Copyright © 2020, Nokia
+# Modifications Copyright © 2020, Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.global.cmpv2Enabled }}
+{{ include "common.secretFast" . }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ .Values.cmpServers.secret.name }}
+type: Opaque
+data:
+{{ if .Values.global.addTestingComponents }}
+ {{ (.Files.Glob "resources/test/cmpServers.json").AsSecrets }}
+{{ else }}
+ {{ (.Files.Glob "resources/default/cmpServers.json").AsSecrets }}
+{{ end }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ .Values.global.aaf.certServiceClient.secret.name | default .Values.tls.client.secret.defaultName }}
+type: Opaque
+data:
+ certServiceClient-keystore.jks:
+ {{ (.Files.Glob "resources/certServiceClient-keystore.jks").AsSecrets }}
+ truststore.jks:
+ {{ (.Files.Glob "resources/truststore.jks").AsSecrets }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ .Values.tls.server.secret.name }}
+type: Opaque
+data:
+ certServiceServer-keystore.jks:
+ {{ (.Files.Glob "resources/certServiceServer-keystore.jks").AsSecrets }}
+ certServiceServer-keystore.p12:
+ {{ (.Files.Glob "resources/certServiceServer-keystore.p12").AsSecrets }}
+ truststore.jks:
+ {{ (.Files.Glob "resources/truststore.jks").AsSecrets }}
+ root.crt:
+ {{ (.Files.Glob "resources/root.crt").AsSecrets }}
+{{ end -}} \ No newline at end of file
diff --git a/kubernetes/aaf/components/aaf-cert-service/templates/service.yaml b/kubernetes/aaf/components/aaf-cert-service/templates/service.yaml
new file mode 100644
index 0000000000..60e2afa41d
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cert-service/templates/service.yaml
@@ -0,0 +1,17 @@
+# Copyright © 2020, Nokia
+# Modifications Copyright © 2020, Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+{{- if .Values.global.cmpv2Enabled }}
+ {{ include "common.service" . }}
+{{ end -}} \ No newline at end of file
diff --git a/kubernetes/aaf/components/aaf-cert-service/values.yaml b/kubernetes/aaf/components/aaf-cert-service/values.yaml
new file mode 100644
index 0000000000..17b0b758cd
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cert-service/values.yaml
@@ -0,0 +1,160 @@
+# Copyright © 2020, Nokia
+# Modifications Copyright © 2020, Nordix Foundation, Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Global
+global:
+ envsubstImage: dibi/envsubst
+ nodePortPrefix: 302
+ # Readiness image
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+ # Ubuntu Init image
+ ubuntuInitRepository: registry.hub.docker.com
+ ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
+ # Logging image
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ # BusyBox image
+ busyboxRepository: registry.hub.docker.com
+ busyboxImage: library/busybox:1.31
+ persistence:
+ enabled: true
+ # Standard OOM
+ pullPolicy: "Always"
+ repository: "nexus3.onap.org:10001"
+
+
+# Service configuration
+service:
+ type: ClusterIP
+ ports:
+ - name: http
+ port: 8443
+ port_protocol: http
+
+
+# Deployment configuration
+repository: nexus3.onap.org:10001
+image: onap/org.onap.aaf.certservice.aaf-certservice-api:1.0.0
+pullPolicy: Always
+replicaCount: 1
+
+liveness:
+ initialDelaySeconds: 60
+ periodSeconds: 10
+ command: curl https://localhost:$HTTPS_PORT/actuator/health --cacert $ROOT_CERT --cert-type p12 --cert $KEYSTORE_P12_PATH --pass $KEYSTORE_PASSWORD
+readiness:
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ command: curl https://localhost:$HTTPS_PORT/ready --cacert $ROOT_CERT --cert-type p12 --cert $KEYSTORE_P12_PATH --pass $KEYSTORE_PASSWORD
+
+flavor: small
+resources:
+ small:
+ limits:
+ cpu: 0.5
+ memory: 1Gi
+ requests:
+ cpu: 0.2
+ memory: 512Mi
+ large:
+ limits:
+ cpu: 1
+ memory: 2Gi
+ requests:
+ cpu: 0.4
+ memory: 1Gi
+ unlimited: {}
+
+
+# Application configuration
+cmpServers:
+ secret:
+ name: aaf-cert-service-secret
+ volume:
+ name: aaf-cert-service-volume
+ mountPath: /etc/onap/aaf/certservice
+
+tls:
+ server:
+ secret:
+ name: aaf-cert-service-server-tls-secret
+ volume:
+ name: aaf-cert-service-server-tls-volume
+ mountPath: /etc/onap/aaf/certservice/certs/
+ client:
+ secret:
+ defaultName: aaf-cert-service-client-tls-secret
+
+envs:
+ keystore:
+ jksName: certServiceServer-keystore.jks
+ p12Name: certServiceServer-keystore.p12
+ truststore:
+ jksName: truststore.jks
+ crtName: root.crt
+ httpsPort: 8443
+
+# External secrets with credentials can be provided to override default credentials defined below,
+# by uncommenting and filling appropriate *ExternalSecret value
+credentials:
+ tls:
+ keystorePassword: secret
+ truststorePassword: secret
+ #keystorePasswordExternalSecret:
+ #truststorePasswordExternalSecret:
+ # Below cmp values contain credentials for EJBCA test instance and are relevant only if global addTestingComponents flag is enabled
+ cmp:
+ #clientIakExternalSecret:
+ #clientRvExternalSecret:
+ #raIakExternalSecret:
+ #raRvExternalSecret:
+ client: {}
+ # iak: mypassword
+ # rv: unused
+ ra: {}
+ # iak: mypassword
+ # rv: unused
+
+secrets:
+ - uid: keystore-password
+ name: '{{ include "common.release" . }}-keystore-password'
+ type: password
+ externalSecret: '{{ tpl (default "" .Values.credentials.tls.keystorePasswordExternalSecret) . }}'
+ password: '{{ .Values.credentials.tls.keystorePassword }}'
+ passwordPolicy: required
+ - uid: truststore-password
+ name: '{{ include "common.release" . }}-truststore-password'
+ type: password
+ externalSecret: '{{ tpl (default "" .Values.credentials.tls.truststorePasswordExternalSecret) . }}'
+ password: '{{ .Values.credentials.tls.truststorePassword }}'
+ passwordPolicy: required
+ # Below values are relevant only if global addTestingComponents flag is enabled
+ - uid: ejbca-server-client-iak
+ type: password
+ externalSecret: '{{ tpl (default "" .Values.credentials.cmp.clientIakExternalSecret) . }}'
+ password: '{{ .Values.credentials.cmp.client.iak }}'
+ - uid: cmp-config-client-rv
+ type: password
+ externalSecret: '{{ tpl (default "" .Values.credentials.cmp.clientRvExternalSecret) . }}'
+ password: '{{ .Values.credentials.cmp.client.rv }}'
+ - uid: ejbca-server-ra-iak
+ type: password
+ externalSecret: '{{ tpl (default "" .Values.credentials.cmp.raIakExternalSecret) . }}'
+ password: '{{ .Values.credentials.cmp.ra.iak }}'
+ - uid: cmp-config-ra-rv
+ type: password
+ externalSecret: '{{ tpl (default "" .Values.credentials.cmp.raRvExternalSecret) . }}'
+ password: '{{ .Values.credentials.cmp.ra.rv }}'
diff --git a/kubernetes/aaf/charts/aaf-cm/.helmignore b/kubernetes/aaf/components/aaf-cm/.helmignore
index daebc7da77..daebc7da77 100644
--- a/kubernetes/aaf/charts/aaf-cm/.helmignore
+++ b/kubernetes/aaf/components/aaf-cm/.helmignore
diff --git a/kubernetes/aaf/charts/aaf-cm/Chart.yaml b/kubernetes/aaf/components/aaf-cm/Chart.yaml
index ed453f7ac7..ed453f7ac7 100644
--- a/kubernetes/aaf/charts/aaf-cm/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-cm/Chart.yaml
diff --git a/kubernetes/aaf/components/aaf-cm/requirements.yaml b/kubernetes/aaf/components/aaf-cm/requirements.yaml
new file mode 100644
index 0000000000..08ef7fe836
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-cm/requirements.yaml
@@ -0,0 +1,21 @@
+ # Copyright © 2020 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
+ - name: aaf-templates
+ version: ~6.x-0
+ repository: 'file://../aaf-templates'
diff --git a/kubernetes/aaf/charts/aaf-cm/templates/NOTES.txt b/kubernetes/aaf/components/aaf-cm/templates/NOTES.txt
index bd74a42cd5..bd74a42cd5 100644
--- a/kubernetes/aaf/charts/aaf-cm/templates/NOTES.txt
+++ b/kubernetes/aaf/components/aaf-cm/templates/NOTES.txt
diff --git a/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml b/kubernetes/aaf/components/aaf-cm/templates/deployment.yaml
index 5074c8bc08..5074c8bc08 100644
--- a/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml
+++ b/kubernetes/aaf/components/aaf-cm/templates/deployment.yaml
diff --git a/kubernetes/aaf/charts/aaf-cm/templates/ingress.yaml b/kubernetes/aaf/components/aaf-cm/templates/ingress.yaml
index 40b4bba0ce..40b4bba0ce 100644
--- a/kubernetes/aaf/charts/aaf-cm/templates/ingress.yaml
+++ b/kubernetes/aaf/components/aaf-cm/templates/ingress.yaml
diff --git a/kubernetes/aaf/charts/aaf-cm/templates/service.yaml b/kubernetes/aaf/components/aaf-cm/templates/service.yaml
index e54c4f3057..e54c4f3057 100644
--- a/kubernetes/aaf/charts/aaf-cm/templates/service.yaml
+++ b/kubernetes/aaf/components/aaf-cm/templates/service.yaml
diff --git a/kubernetes/aaf/charts/aaf-cm/values.yaml b/kubernetes/aaf/components/aaf-cm/values.yaml
index c391369db6..0997c7db41 100644
--- a/kubernetes/aaf/charts/aaf-cm/values.yaml
+++ b/kubernetes/aaf/components/aaf-cm/values.yaml
@@ -1,5 +1,5 @@
# Copyright © 2017 Amdocs, Bell Canada
-# Modifications © 2020 AT&T
+# Modifications © 2020 AT&T, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -13,6 +13,31 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+global:
+ nodePortPrefix: 302
+ # Readiness image
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+ # Ubuntu Init image
+ ubuntuInitRepository: registry.hub.docker.com
+ ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
+ # Logging image
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ # BusyBox image
+ busyboxRepository: registry.hub.docker.com
+ busyboxImage: library/busybox:1.31
+ persistence:
+ enabled: true
+ # Standard OOM
+ pullPolicy: "Always"
+ repository: "nexus3.onap.org:10001"
+
+ aaf:
+ config:
+ image: onap/aaf/aaf_config:2.1.23
+
+
flavor: small
#################################################################
diff --git a/kubernetes/aaf/charts/aaf-fs/.helmignore b/kubernetes/aaf/components/aaf-fs/.helmignore
index f0c1319444..f0c1319444 100644
--- a/kubernetes/aaf/charts/aaf-fs/.helmignore
+++ b/kubernetes/aaf/components/aaf-fs/.helmignore
diff --git a/kubernetes/aaf/charts/aaf-fs/Chart.yaml b/kubernetes/aaf/components/aaf-fs/Chart.yaml
index 211c4c28de..211c4c28de 100644
--- a/kubernetes/aaf/charts/aaf-fs/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-fs/Chart.yaml
diff --git a/kubernetes/aaf/components/aaf-fs/requirements.yaml b/kubernetes/aaf/components/aaf-fs/requirements.yaml
new file mode 100644
index 0000000000..08ef7fe836
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-fs/requirements.yaml
@@ -0,0 +1,21 @@
+ # Copyright © 2020 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
+ - name: aaf-templates
+ version: ~6.x-0
+ repository: 'file://../aaf-templates'
diff --git a/kubernetes/aaf/charts/aaf-fs/templates/NOTES.txt b/kubernetes/aaf/components/aaf-fs/templates/NOTES.txt
index bd74a42cd5..bd74a42cd5 100644
--- a/kubernetes/aaf/charts/aaf-fs/templates/NOTES.txt
+++ b/kubernetes/aaf/components/aaf-fs/templates/NOTES.txt
diff --git a/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml b/kubernetes/aaf/components/aaf-fs/templates/deployment.yaml
index c36750809c..c36750809c 100644
--- a/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml
+++ b/kubernetes/aaf/components/aaf-fs/templates/deployment.yaml
diff --git a/kubernetes/aaf/charts/aaf-fs/templates/ingress.yaml b/kubernetes/aaf/components/aaf-fs/templates/ingress.yaml
index 40b4bba0ce..40b4bba0ce 100644
--- a/kubernetes/aaf/charts/aaf-fs/templates/ingress.yaml
+++ b/kubernetes/aaf/components/aaf-fs/templates/ingress.yaml
diff --git a/kubernetes/aaf/charts/aaf-fs/templates/service.yaml b/kubernetes/aaf/components/aaf-fs/templates/service.yaml
index e54c4f3057..e54c4f3057 100644
--- a/kubernetes/aaf/charts/aaf-fs/templates/service.yaml
+++ b/kubernetes/aaf/components/aaf-fs/templates/service.yaml
diff --git a/kubernetes/aaf/charts/aaf-fs/values.yaml b/kubernetes/aaf/components/aaf-fs/values.yaml
index 6ddc07278b..9bffb95724 100644
--- a/kubernetes/aaf/charts/aaf-fs/values.yaml
+++ b/kubernetes/aaf/components/aaf-fs/values.yaml
@@ -13,6 +13,30 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+global:
+ nodePortPrefix: 302
+ # Readiness image
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+ # Ubuntu Init image
+ ubuntuInitRepository: registry.hub.docker.com
+ ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
+ # Logging image
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ # BusyBox image
+ busyboxRepository: registry.hub.docker.com
+ busyboxImage: library/busybox:1.31
+ persistence:
+ enabled: true
+ # Standard OOM
+ pullPolicy: "Always"
+ repository: "nexus3.onap.org:10001"
+
+ aaf:
+ config:
+ image: onap/aaf/aaf_config:2.1.23
+
flavor: small
#################################################################
diff --git a/kubernetes/aaf/charts/aaf-gui/.helmignore b/kubernetes/aaf/components/aaf-gui/.helmignore
index f0c1319444..f0c1319444 100644
--- a/kubernetes/aaf/charts/aaf-gui/.helmignore
+++ b/kubernetes/aaf/components/aaf-gui/.helmignore
diff --git a/kubernetes/aaf/charts/aaf-gui/Chart.yaml b/kubernetes/aaf/components/aaf-gui/Chart.yaml
index 7e81a70759..7e81a70759 100644
--- a/kubernetes/aaf/charts/aaf-gui/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-gui/Chart.yaml
diff --git a/kubernetes/aaf/components/aaf-gui/requirements.yaml b/kubernetes/aaf/components/aaf-gui/requirements.yaml
new file mode 100644
index 0000000000..08ef7fe836
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-gui/requirements.yaml
@@ -0,0 +1,21 @@
+ # Copyright © 2020 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
+ - name: aaf-templates
+ version: ~6.x-0
+ repository: 'file://../aaf-templates'
diff --git a/kubernetes/aaf/charts/aaf-gui/templates/NOTES.txt b/kubernetes/aaf/components/aaf-gui/templates/NOTES.txt
index bd74a42cd5..bd74a42cd5 100644
--- a/kubernetes/aaf/charts/aaf-gui/templates/NOTES.txt
+++ b/kubernetes/aaf/components/aaf-gui/templates/NOTES.txt
diff --git a/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml b/kubernetes/aaf/components/aaf-gui/templates/deployment.yaml
index c36750809c..c36750809c 100644
--- a/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml
+++ b/kubernetes/aaf/components/aaf-gui/templates/deployment.yaml
diff --git a/kubernetes/aaf/charts/aaf-gui/templates/ingress.yaml b/kubernetes/aaf/components/aaf-gui/templates/ingress.yaml
index 40b4bba0ce..40b4bba0ce 100644
--- a/kubernetes/aaf/charts/aaf-gui/templates/ingress.yaml
+++ b/kubernetes/aaf/components/aaf-gui/templates/ingress.yaml
diff --git a/kubernetes/aaf/charts/aaf-gui/templates/service.yaml b/kubernetes/aaf/components/aaf-gui/templates/service.yaml
index e54c4f3057..e54c4f3057 100644
--- a/kubernetes/aaf/charts/aaf-gui/templates/service.yaml
+++ b/kubernetes/aaf/components/aaf-gui/templates/service.yaml
diff --git a/kubernetes/aaf/charts/aaf-gui/values.yaml b/kubernetes/aaf/components/aaf-gui/values.yaml
index f418fd5b41..8639d6c0f0 100644
--- a/kubernetes/aaf/charts/aaf-gui/values.yaml
+++ b/kubernetes/aaf/components/aaf-gui/values.yaml
@@ -1,5 +1,5 @@
# Copyright © 2017 Amdocs, Bell Canada
-# Modifications © 2020 AT&T
+# Modifications © 2020 AT&T, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -13,6 +13,30 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+global:
+ nodePortPrefix: 302
+ # Readiness image
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+ # Ubuntu Init image
+ ubuntuInitRepository: registry.hub.docker.com
+ ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
+ # Logging image
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ # BusyBox image
+ busyboxRepository: registry.hub.docker.com
+ busyboxImage: library/busybox:1.31
+ persistence:
+ enabled: true
+ # Standard OOM
+ pullPolicy: "Always"
+ repository: "nexus3.onap.org:10001"
+
+ aaf:
+ config:
+ image: onap/aaf/aaf_config:2.1.23
+
flavor: small
#################################################################
# Application configuration defaults.
diff --git a/kubernetes/aaf/charts/aaf-hello/.helmignore b/kubernetes/aaf/components/aaf-hello/.helmignore
index f0c1319444..f0c1319444 100644
--- a/kubernetes/aaf/charts/aaf-hello/.helmignore
+++ b/kubernetes/aaf/components/aaf-hello/.helmignore
diff --git a/kubernetes/aaf/charts/aaf-hello/Chart.yaml b/kubernetes/aaf/components/aaf-hello/Chart.yaml
index 71b3242558..71b3242558 100644
--- a/kubernetes/aaf/charts/aaf-hello/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-hello/Chart.yaml
diff --git a/kubernetes/aaf/components/aaf-hello/requirements.yaml b/kubernetes/aaf/components/aaf-hello/requirements.yaml
new file mode 100644
index 0000000000..08ef7fe836
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-hello/requirements.yaml
@@ -0,0 +1,21 @@
+ # Copyright © 2020 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
+ - name: aaf-templates
+ version: ~6.x-0
+ repository: 'file://../aaf-templates'
diff --git a/kubernetes/aaf/charts/aaf-hello/templates/NOTES.txt b/kubernetes/aaf/components/aaf-hello/templates/NOTES.txt
index ef4d8e7d23..ef4d8e7d23 100644
--- a/kubernetes/aaf/charts/aaf-hello/templates/NOTES.txt
+++ b/kubernetes/aaf/components/aaf-hello/templates/NOTES.txt
diff --git a/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml b/kubernetes/aaf/components/aaf-hello/templates/deployment.yaml
index 891b829f43..891b829f43 100644
--- a/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml
+++ b/kubernetes/aaf/components/aaf-hello/templates/deployment.yaml
diff --git a/kubernetes/aaf/charts/aaf-hello/templates/ingress.yaml b/kubernetes/aaf/components/aaf-hello/templates/ingress.yaml
index 40b4bba0ce..40b4bba0ce 100644
--- a/kubernetes/aaf/charts/aaf-hello/templates/ingress.yaml
+++ b/kubernetes/aaf/components/aaf-hello/templates/ingress.yaml
diff --git a/kubernetes/aaf/charts/aaf-hello/templates/secret.yaml b/kubernetes/aaf/components/aaf-hello/templates/secret.yaml
index f8c32e0670..f8c32e0670 100644
--- a/kubernetes/aaf/charts/aaf-hello/templates/secret.yaml
+++ b/kubernetes/aaf/components/aaf-hello/templates/secret.yaml
diff --git a/kubernetes/aaf/charts/aaf-hello/templates/service.yaml b/kubernetes/aaf/components/aaf-hello/templates/service.yaml
index 8f80ee12a2..8f80ee12a2 100644
--- a/kubernetes/aaf/charts/aaf-hello/templates/service.yaml
+++ b/kubernetes/aaf/components/aaf-hello/templates/service.yaml
diff --git a/kubernetes/aaf/charts/aaf-hello/values.yaml b/kubernetes/aaf/components/aaf-hello/values.yaml
index aeb659082d..df3abec67c 100644
--- a/kubernetes/aaf/charts/aaf-hello/values.yaml
+++ b/kubernetes/aaf/components/aaf-hello/values.yaml
@@ -41,7 +41,7 @@ aaf_init:
replicaCount: 0
-image: onap/aaf/aaf_hello:2.1.20
+image: onap/aaf/aaf_hello:2.1.23
service:
name: aaf-hello
diff --git a/kubernetes/aaf/charts/aaf-locate/.helmignore b/kubernetes/aaf/components/aaf-locate/.helmignore
index f0c1319444..f0c1319444 100644
--- a/kubernetes/aaf/charts/aaf-locate/.helmignore
+++ b/kubernetes/aaf/components/aaf-locate/.helmignore
diff --git a/kubernetes/aaf/charts/aaf-locate/Chart.yaml b/kubernetes/aaf/components/aaf-locate/Chart.yaml
index 3133191280..3133191280 100644
--- a/kubernetes/aaf/charts/aaf-locate/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-locate/Chart.yaml
diff --git a/kubernetes/aaf/components/aaf-locate/requirements.yaml b/kubernetes/aaf/components/aaf-locate/requirements.yaml
new file mode 100644
index 0000000000..08ef7fe836
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-locate/requirements.yaml
@@ -0,0 +1,21 @@
+ # Copyright © 2020 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
+ - name: aaf-templates
+ version: ~6.x-0
+ repository: 'file://../aaf-templates'
diff --git a/kubernetes/aaf/charts/aaf-locate/templates/NOTES.txt b/kubernetes/aaf/components/aaf-locate/templates/NOTES.txt
index bd74a42cd5..bd74a42cd5 100644
--- a/kubernetes/aaf/charts/aaf-locate/templates/NOTES.txt
+++ b/kubernetes/aaf/components/aaf-locate/templates/NOTES.txt
diff --git a/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml b/kubernetes/aaf/components/aaf-locate/templates/deployment.yaml
index 5074c8bc08..5074c8bc08 100644
--- a/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml
+++ b/kubernetes/aaf/components/aaf-locate/templates/deployment.yaml
diff --git a/kubernetes/aaf/charts/aaf-locate/templates/ingress.yaml b/kubernetes/aaf/components/aaf-locate/templates/ingress.yaml
index 1b33c1f8d1..1b33c1f8d1 100644
--- a/kubernetes/aaf/charts/aaf-locate/templates/ingress.yaml
+++ b/kubernetes/aaf/components/aaf-locate/templates/ingress.yaml
diff --git a/kubernetes/aaf/charts/aaf-locate/templates/service.yaml b/kubernetes/aaf/components/aaf-locate/templates/service.yaml
index e54c4f3057..e54c4f3057 100644
--- a/kubernetes/aaf/charts/aaf-locate/templates/service.yaml
+++ b/kubernetes/aaf/components/aaf-locate/templates/service.yaml
diff --git a/kubernetes/aaf/charts/aaf-locate/values.yaml b/kubernetes/aaf/components/aaf-locate/values.yaml
index 01a5ab158a..7bcf10dabb 100644
--- a/kubernetes/aaf/charts/aaf-locate/values.yaml
+++ b/kubernetes/aaf/components/aaf-locate/values.yaml
@@ -1,5 +1,5 @@
# Copyright © 2017 Amdocs, Bell Canada
-# Modifications © 2020 AT&T
+# Modifications © 2020 AT&T, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -13,6 +13,31 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+global:
+ nodePortPrefix: 302
+ # Readiness image
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+ # Ubuntu Init image
+ ubuntuInitRepository: registry.hub.docker.com
+ ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
+ # Logging image
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ # BusyBox image
+ busyboxRepository: registry.hub.docker.com
+ busyboxImage: library/busybox:1.31
+ persistence:
+ enabled: true
+ # Standard OOM
+ pullPolicy: "Always"
+ repository: "nexus3.onap.org:10001"
+
+ aaf:
+ config:
+ image: onap/aaf/aaf_config:2.1.23
+
+
flavor: small
#################################################################
# Application configuration defaults.
diff --git a/kubernetes/aaf/charts/aaf-oauth/.helmignore b/kubernetes/aaf/components/aaf-oauth/.helmignore
index f0c1319444..f0c1319444 100644
--- a/kubernetes/aaf/charts/aaf-oauth/.helmignore
+++ b/kubernetes/aaf/components/aaf-oauth/.helmignore
diff --git a/kubernetes/aaf/charts/aaf-oauth/Chart.yaml b/kubernetes/aaf/components/aaf-oauth/Chart.yaml
index a64a17c7b1..a64a17c7b1 100644
--- a/kubernetes/aaf/charts/aaf-oauth/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-oauth/Chart.yaml
diff --git a/kubernetes/aaf/components/aaf-oauth/requirements.yaml b/kubernetes/aaf/components/aaf-oauth/requirements.yaml
new file mode 100644
index 0000000000..08ef7fe836
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-oauth/requirements.yaml
@@ -0,0 +1,21 @@
+ # Copyright © 2020 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
+ - name: aaf-templates
+ version: ~6.x-0
+ repository: 'file://../aaf-templates'
diff --git a/kubernetes/aaf/charts/aaf-oauth/templates/NOTES.txt b/kubernetes/aaf/components/aaf-oauth/templates/NOTES.txt
index bd74a42cd5..bd74a42cd5 100644
--- a/kubernetes/aaf/charts/aaf-oauth/templates/NOTES.txt
+++ b/kubernetes/aaf/components/aaf-oauth/templates/NOTES.txt
diff --git a/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml b/kubernetes/aaf/components/aaf-oauth/templates/deployment.yaml
index 5074c8bc08..5074c8bc08 100644
--- a/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml
+++ b/kubernetes/aaf/components/aaf-oauth/templates/deployment.yaml
diff --git a/kubernetes/aaf/charts/aaf-oauth/templates/ingress.yaml b/kubernetes/aaf/components/aaf-oauth/templates/ingress.yaml
index 1b33c1f8d1..1b33c1f8d1 100644
--- a/kubernetes/aaf/charts/aaf-oauth/templates/ingress.yaml
+++ b/kubernetes/aaf/components/aaf-oauth/templates/ingress.yaml
diff --git a/kubernetes/aaf/charts/aaf-oauth/templates/service.yaml b/kubernetes/aaf/components/aaf-oauth/templates/service.yaml
index e54c4f3057..e54c4f3057 100644
--- a/kubernetes/aaf/charts/aaf-oauth/templates/service.yaml
+++ b/kubernetes/aaf/components/aaf-oauth/templates/service.yaml
diff --git a/kubernetes/aaf/charts/aaf-oauth/values.yaml b/kubernetes/aaf/components/aaf-oauth/values.yaml
index 7604b86393..8771041778 100644
--- a/kubernetes/aaf/charts/aaf-oauth/values.yaml
+++ b/kubernetes/aaf/components/aaf-oauth/values.yaml
@@ -1,5 +1,5 @@
# Copyright © 2017 Amdocs, Bell Canada
-# Modifications © 2020 AT&T
+# Modifications © 2020 AT&T, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -13,6 +13,31 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+global:
+ nodePortPrefix: 302
+ # Readiness image
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+ # Ubuntu Init image
+ ubuntuInitRepository: registry.hub.docker.com
+ ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
+ # Logging image
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ # BusyBox image
+ busyboxRepository: registry.hub.docker.com
+ busyboxImage: library/busybox:1.31
+ persistence:
+ enabled: true
+ # Standard OOM
+ pullPolicy: "Always"
+ repository: "nexus3.onap.org:10001"
+
+ aaf:
+ config:
+ image: onap/aaf/aaf_config:2.1.23
+
+
flavor: small
#################################################################
diff --git a/kubernetes/aaf/charts/aaf-service/.helmignore b/kubernetes/aaf/components/aaf-service/.helmignore
index f0c1319444..f0c1319444 100644
--- a/kubernetes/aaf/charts/aaf-service/.helmignore
+++ b/kubernetes/aaf/components/aaf-service/.helmignore
diff --git a/kubernetes/aaf/charts/aaf-service/Chart.yaml b/kubernetes/aaf/components/aaf-service/Chart.yaml
index 187e33ac6f..187e33ac6f 100644
--- a/kubernetes/aaf/charts/aaf-service/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-service/Chart.yaml
diff --git a/kubernetes/aaf/components/aaf-service/requirements.yaml b/kubernetes/aaf/components/aaf-service/requirements.yaml
new file mode 100644
index 0000000000..08ef7fe836
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-service/requirements.yaml
@@ -0,0 +1,21 @@
+ # Copyright © 2020 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
+ - name: aaf-templates
+ version: ~6.x-0
+ repository: 'file://../aaf-templates'
diff --git a/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml b/kubernetes/aaf/components/aaf-service/templates/deployment.yaml
index 5074c8bc08..5074c8bc08 100644
--- a/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml
+++ b/kubernetes/aaf/components/aaf-service/templates/deployment.yaml
diff --git a/kubernetes/aaf/charts/aaf-service/templates/ingress.yaml b/kubernetes/aaf/components/aaf-service/templates/ingress.yaml
index 40b4bba0ce..40b4bba0ce 100644
--- a/kubernetes/aaf/charts/aaf-service/templates/ingress.yaml
+++ b/kubernetes/aaf/components/aaf-service/templates/ingress.yaml
diff --git a/kubernetes/aaf/charts/aaf-service/templates/service.yaml b/kubernetes/aaf/components/aaf-service/templates/service.yaml
index e54c4f3057..e54c4f3057 100644
--- a/kubernetes/aaf/charts/aaf-service/templates/service.yaml
+++ b/kubernetes/aaf/components/aaf-service/templates/service.yaml
diff --git a/kubernetes/aaf/charts/aaf-service/values.yaml b/kubernetes/aaf/components/aaf-service/values.yaml
index c2d96032cc..d924bb4f54 100644
--- a/kubernetes/aaf/charts/aaf-service/values.yaml
+++ b/kubernetes/aaf/components/aaf-service/values.yaml
@@ -1,5 +1,5 @@
# Copyright © 2017 Amdocs, Bell Canada
-# Modifications © 2020 AT&T
+# Modifications © 2020 AT&T, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -13,6 +13,31 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+global:
+ nodePortPrefix: 302
+ # Readiness image
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+ # Ubuntu Init image
+ ubuntuInitRepository: registry.hub.docker.com
+ ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
+ # Logging image
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ # BusyBox image
+ busyboxRepository: registry.hub.docker.com
+ busyboxImage: library/busybox:1.31
+ persistence:
+ enabled: true
+ # Standard OOM
+ pullPolicy: "Always"
+ repository: "nexus3.onap.org:10001"
+
+ aaf:
+ config:
+ image: onap/aaf/aaf_config:2.1.23
+
+
flavor: small
#################################################################
diff --git a/kubernetes/aaf/charts/aaf-sms/Chart.yaml b/kubernetes/aaf/components/aaf-sms/Chart.yaml
index 557894f456..557894f456 100644
--- a/kubernetes/aaf/charts/aaf-sms/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-sms/Chart.yaml
diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml
index 2dc3d49b66..2dc3d49b66 100644
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml
diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/resources/config/config.json b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/resources/config/config.json
index 3a43f00019..3a43f00019 100644
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/resources/config/config.json
+++ b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/resources/config/config.json
diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml
index 02f1080f29..02f1080f29 100644
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml
+++ b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml
diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml
index d855ae6fdf..d855ae6fdf 100644
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml
+++ b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml
diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml
index 1c6cc933f5..1c6cc933f5 100644
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml
+++ b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml
diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/values.yaml
index 1459624536..1459624536 100644
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml
+++ b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/values.yaml
diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/Chart.yaml
index 074958ff70..074958ff70 100644
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/Chart.yaml
diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/configmap.yaml b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/configmap.yaml
index 2c70c23e03..2c70c23e03 100644
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/configmap.yaml
+++ b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/configmap.yaml
diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml
index d855ae6fdf..d855ae6fdf 100644
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml
+++ b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml
diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/service.yaml b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/service.yaml
index a3a7591b02..a3a7591b02 100644
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/service.yaml
+++ b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/service.yaml
diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml
index 4023106091..4023106091 100644
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml
+++ b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml
diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/values.yaml
index 7787f0b85d..7787f0b85d 100644
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml
+++ b/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/values.yaml
diff --git a/kubernetes/aaf/components/aaf-sms/requirements.yaml b/kubernetes/aaf/components/aaf-sms/requirements.yaml
new file mode 100644
index 0000000000..7152c37ff0
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-sms/requirements.yaml
@@ -0,0 +1,21 @@
+ # Copyright © 2020 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
+ - name: certInitializer
+ version: ~6.x-0
+ repository: '@local'
diff --git a/kubernetes/aaf/components/aaf-sms/resources/certs/intermediate_root_ca.pem b/kubernetes/aaf/components/aaf-sms/resources/certs/intermediate_root_ca.pem
new file mode 100644
index 0000000000..7939846bf0
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-sms/resources/certs/intermediate_root_ca.pem
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEdTCCAl2gAwIBAgIBBzANBgkqhkiG9w0BAQsFADAsMQ4wDAYDVQQLDAVPU0FB
+RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMwHhcNMTgwODE3MTg1MTM3WhcN
+MjMwODE3MTg1MTM3WjBHMQswCQYDVQQGEwJVUzENMAsGA1UECgwET05BUDEOMAwG
+A1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVkaWF0ZUNBXzkwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv0HHUkba3uNtNI3jPKimUcd6RNwmhSCJL
+neMWpnjqp5/A+HCKyNsEaT4y177hNLmCm/aMm1u2JIfikc+8wEqLCSBBPz+P0h+d
+o+sZ7U+4oeQizdYYpEdzHJ2SieHHa8vtu80rU3nO2NEIkuYC20HcKSEtl8fFKsk3
+nqlhY+tGfYJPTXcDOQAO40BTcgat3C3uIJHkWJJ4RivunE4LEuRv9QyKgAw7rkJV
+v+f7guqpZlXy6dzAkuU7XULWcgo55MkZlssoiErMvEZJad5aWKvRY3g7qUjaQ6wO
+15wOAUoRBW96eeZZbytgn8kybcBy++Ue49gPtgm1MF/KlAsp0MD5AgMBAAGjgYYw
+gYMwHQYDVR0OBBYEFIH3mVsQuciM3vNSXupOaaBDPqzdMB8GA1UdIwQYMBaAFFNV
+M/JL69BRscF4msEoMXvv6u1JMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/
+BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B
+AQsFAAOCAgEADxNymiCNr2e37iLReoaxKmZvwox0cTiNAaj7iafRzmwIoY3VXO8Q
+ix5IYcp4FaQ7fV1jyp/AmaSnyHf6Osl0sx8PxsQkO7ALttxKUrjfbvNSVUA2C/vl
+u5m7UVJLIUtFDZBWanzUSmkTsYLHpiANFQKd2c/cU1qXcyzgJVFEFVyyHNkF7Is+
++pjG9M1hwQHOoTnEuU013P7X1mHek+RXEfhJWwe7UsZnBKZaZKbQZu7hEtqKWYp/
+QsHgnjoLYXsh0WD5rz/mBxdTdDLGpFqWDzDqb8rsYnqBzoowvsasV8X8OSkov0Ht
+8Yka0ckFH9yf8j1Cwmbl6ttuonOhky3N/gwLEozuhy7TPcZGVyzevF70kXy7g1CX
+kpFGJyEHXoprlNi8FR4I+NFzbDe6a2cFow1JN19AJ9Z5Rk5m7M0mQPaQ4RcikjB3
+aoLsASCJTm1OpOFHfxEKiBW4Lsp3Uc5/Rb9ZNbfLrwqWZRM7buW1e3ekLqntgbky
+uKKISHqVJuw/vXHl1jNibEo9+JuQ88VNuAcm7WpGUogeCa2iAlPTckPZei+MwZ8w
+tpvxTyYlZEC8DWzY1VC29+W2N5cvh01e2E3Ql08W1zL63dqrgdEZ3VWjzooYi4ep
+BmMXTvouW+Flyvcw/0oTcfN0biDIt0mCkZ5CQVjfGL9DTOYteR5hw+k=
+-----END CERTIFICATE-----
diff --git a/kubernetes/aaf/charts/aaf-sms/resources/config/has.json b/kubernetes/aaf/components/aaf-sms/resources/config/has.json
index 679b5189de..679b5189de 100644
--- a/kubernetes/aaf/charts/aaf-sms/resources/config/has.json
+++ b/kubernetes/aaf/components/aaf-sms/resources/config/has.json
diff --git a/kubernetes/aaf/charts/aaf-sms/resources/config/osdf.json b/kubernetes/aaf/components/aaf-sms/resources/config/osdf.json
index add0808701..add0808701 100644
--- a/kubernetes/aaf/charts/aaf-sms/resources/config/osdf.json
+++ b/kubernetes/aaf/components/aaf-sms/resources/config/osdf.json
diff --git a/kubernetes/aaf/charts/aaf-sms/templates/configmap.yaml b/kubernetes/aaf/components/aaf-sms/templates/configmap.yaml
index a74fe277b7..a74fe277b7 100644
--- a/kubernetes/aaf/charts/aaf-sms/templates/configmap.yaml
+++ b/kubernetes/aaf/components/aaf-sms/templates/configmap.yaml
diff --git a/kubernetes/aaf/charts/aaf-sms/templates/deployment.yaml b/kubernetes/aaf/components/aaf-sms/templates/deployment.yaml
index 6113c0d5c8..bb409f33c5 100644
--- a/kubernetes/aaf/charts/aaf-sms/templates/deployment.yaml
+++ b/kubernetes/aaf/components/aaf-sms/templates/deployment.yaml
@@ -31,8 +31,25 @@ spec:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
spec:
- initContainers:
- - name: fix-permission
+ initContainers: {{ include "common.certInitializer.initContainer" . | nindent 8 }}
+ # Currently intermediate certificate is not given by AAF CM so we need
+ # to give it "by hand"
+ {{- if .Values.global.aafEnabled }}
+ - name: {{ include "common.fullname" . }}-add-intermediate-cert
+ command:
+ - /bin/sh
+ args:
+ - -c
+ - |
+ cat /int-certs/intermediate_root_ca.pem >> {{ .Values.certInitializer.mountPath }}/local/org.onap.aaf-sms.crt
+ image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 12 }}
+ - mountPath: /int-certs
+ name: {{ include "common.fullname" . }}-int-certs
+ readOnly: true
+ {{- end }}
+ - name: {{ include "common.fullname" . }}-fix-permission
command:
- /bin/sh
args:
@@ -85,7 +102,7 @@ spec:
path: /v1/sms/quorum/status
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
- volumeMounts:
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- mountPath: /etc/localtime
name: localtime
readOnly: true
@@ -104,13 +121,18 @@ spec:
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
- volumes:
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
- name: localtime
hostPath:
path: /etc/localtime
- name : {{ include "common.name" . }}
configMap:
name: {{ include "common.fullname" . }}
+ {{- if .Values.global.aafEnabled }}
+ - name: {{ include "common.fullname" . }}-int-certs
+ secret:
+ secretName: {{ include "common.fullname" . }}-int-certs
+ {{- end }}
- name: {{ include "common.fullname" . }}-auth
{{- if .Values.persistence.enabled }}
persistentVolumeClaim:
diff --git a/kubernetes/aaf/charts/aaf-sms/templates/job.yaml b/kubernetes/aaf/components/aaf-sms/templates/job.yaml
index bb145ef3f8..315d068676 100644
--- a/kubernetes/aaf/charts/aaf-sms/templates/job.yaml
+++ b/kubernetes/aaf/components/aaf-sms/templates/job.yaml
@@ -32,7 +32,7 @@ spec:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
spec:
- initContainers:
+ initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
- command:
- sh
args:
@@ -163,7 +163,7 @@ spec:
command:
- "/sms/bin/preload"
- "-cacert"
- - "/sms/certs/aaf_root_ca.cer"
+ - "{{ .Values.certInitializer.mountPath }}/local/{{ .Values.certInitializer.root_ca_name }}"
- "-jsondir"
- "/preload/config"
- "-serviceport"
@@ -171,7 +171,7 @@ spec:
- "-serviceurl"
- "https://aaf-sms.{{ include "common.namespace" . }}"
workingDir: /sms
- volumeMounts:
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- mountPath: /etc/localtime
name: localtime
readOnly: true
@@ -187,7 +187,7 @@ spec:
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
- volumes:
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
- name: localtime
hostPath:
path: /etc/localtime
diff --git a/kubernetes/aaf/charts/aaf-sms/templates/pv.yaml b/kubernetes/aaf/components/aaf-sms/templates/pv.yaml
index d06131feb5..d06131feb5 100644
--- a/kubernetes/aaf/charts/aaf-sms/templates/pv.yaml
+++ b/kubernetes/aaf/components/aaf-sms/templates/pv.yaml
diff --git a/kubernetes/aaf/charts/aaf-sms/templates/pvc.yaml b/kubernetes/aaf/components/aaf-sms/templates/pvc.yaml
index c46d50607c..c46d50607c 100644
--- a/kubernetes/aaf/charts/aaf-sms/templates/pvc.yaml
+++ b/kubernetes/aaf/components/aaf-sms/templates/pvc.yaml
diff --git a/kubernetes/aaf/components/aaf-sms/templates/secret.yaml b/kubernetes/aaf/components/aaf-sms/templates/secret.yaml
new file mode 100644
index 0000000000..7a0213f16c
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-sms/templates/secret.yaml
@@ -0,0 +1,32 @@
+{{/*
+# Copyright © 2020 Samsung Electronics, Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.secretFast" . }}
+---
+{{- if .Values.global.aafEnabled }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-int-certs
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }}
+{{- end }}
diff --git a/kubernetes/aaf/charts/aaf-sms/templates/service.yaml b/kubernetes/aaf/components/aaf-sms/templates/service.yaml
index 9c94202fe3..9c94202fe3 100644
--- a/kubernetes/aaf/charts/aaf-sms/templates/service.yaml
+++ b/kubernetes/aaf/components/aaf-sms/templates/service.yaml
diff --git a/kubernetes/aaf/charts/aaf-sms/values.yaml b/kubernetes/aaf/components/aaf-sms/values.yaml
index 7e0aa5c282..dccf57ca96 100644
--- a/kubernetes/aaf/charts/aaf-sms/values.yaml
+++ b/kubernetes/aaf/components/aaf-sms/values.yaml
@@ -1,5 +1,5 @@
# Copyright 2018 Intel Corporation, Inc
-# Modifications © 2020 AT&T
+# Modifications © 2020 AT&T, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -22,8 +22,38 @@ global:
loggingImage: beats/filebeat:5.5.0
persistence: {}
envsubstImage: dibi/envsubst
+ aafEnabled: true
flavor: small
+
+#################################################################
+# AAF part
+#################################################################
+certInitializer:
+ nameOverride: aaf-sms-cert-init
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ # aafDeployCredsExternalSecret: some secret
+ fqdn: aaf-sms
+ fqi: aaf-sms@aaf-sms.onap.org
+ public_fqdn: aaf-sms.onap.org
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ app_ns: org.osaaf.aaf
+ mountPath: /opt/app/osaaf
+ keystore: truststoreONAPall.jks
+ keystore_pass: changeit
+ root_ca_alias: onaptestca
+ root_ca_name: aaf_root_ca.cer
+ permission_user: 1000
+ permission_group: 1000
+ aaf_add_config: >
+ cd {{ .Values.mountPath }}/local;
+ keytool -exportcert -rfc -file {{ .Values.root_ca_name }} -keystore {{ .Values.keystore }}
+ -alias {{ .Values.root_ca_alias }} -storepass {{ .Values.keystore_pass }};
+ chown -R {{.Values.permission_user}}:{{.Values.permission_group}}
+ {{ .Values.mountPath }};
+
#################################################################
# Application configuration defaults.
#################################################################
@@ -39,9 +69,9 @@ debugEnabled: false
# Example:
config:
smsdbaddress: "http://aaf-sms-db:8200"
- cafile: "/sms/certs/aaf_root_ca.cer"
- servercert: "/sms/certs/aaf-sms.pub"
- serverkey: "/sms/certs/aaf-sms.pr"
+ cafile: "/opt/app/osaaf/local/aaf_root_ca.cer"
+ servercert: "/opt/app/osaaf/local/org.onap.aaf-sms.crt"
+ serverkey: "/opt/app/osaaf/local/org.onap.aaf-sms.key"
password: "c2VjcmV0bWFuYWdlbWVudHNlcnZpY2VzZWNyZXRwYXNzd29yZA=="
# subchart configuration
diff --git a/kubernetes/aaf/charts/aaf-sshsm/Chart.yaml b/kubernetes/aaf/components/aaf-sshsm/Chart.yaml
index d39b561905..d39b561905 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/Chart.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/README.md b/kubernetes/aaf/components/aaf-sshsm/README.md
index a6f2e62cb9..a6f2e62cb9 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/README.md
+++ b/kubernetes/aaf/components/aaf-sshsm/README.md
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml
index 499b82caaf..499b82caaf 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/configmap.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/configmap.yaml
index 8d1faf7e32..8d1faf7e32 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/configmap.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/configmap.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml
index 23fe79d716..23fe79d716 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml
index c624ccfc4d..c624ccfc4d 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml
index 2a733632bf..2a733632bf 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml
index 22ba3da019..22ba3da019 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/configmap.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/configmap.yaml
index 99176fcdf6..99176fcdf6 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/configmap.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/configmap.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml
index fb48c7df4a..fb48c7df4a 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml
index bf0ef74be2..bf0ef74be2 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml
index a13b7f353b..a13b7f353b 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml
index 94791be713..94791be713 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml
index b64e0c331a..b64e0c331a 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml
index a64f483d74..a64f483d74 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml
index dd04c93bd7..dd04c93bd7 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/requirements.yaml b/kubernetes/aaf/components/aaf-sshsm/requirements.yaml
index 0704a2c9df..0704a2c9df 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/requirements.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/requirements.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/resources/config/prk_passwd b/kubernetes/aaf/components/aaf-sshsm/resources/config/prk_passwd
index 640b325898..640b325898 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/resources/config/prk_passwd
+++ b/kubernetes/aaf/components/aaf-sshsm/resources/config/prk_passwd
diff --git a/kubernetes/aaf/charts/aaf-sshsm/resources/config/srk_handle b/kubernetes/aaf/components/aaf-sshsm/resources/config/srk_handle
index b8b9d8ddb0..b8b9d8ddb0 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/resources/config/srk_handle
+++ b/kubernetes/aaf/components/aaf-sshsm/resources/config/srk_handle
diff --git a/kubernetes/aaf/charts/aaf-sshsm/templates/pv-data.yaml b/kubernetes/aaf/components/aaf-sshsm/templates/pv-data.yaml
index b566b11458..b566b11458 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/templates/pv-data.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/templates/pv-data.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/templates/pv-dbus.yaml b/kubernetes/aaf/components/aaf-sshsm/templates/pv-dbus.yaml
index b3e7f9fabd..b3e7f9fabd 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/templates/pv-dbus.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/templates/pv-dbus.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/templates/pvc-data.yaml b/kubernetes/aaf/components/aaf-sshsm/templates/pvc-data.yaml
index b8971cc03c..b8971cc03c 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/templates/pvc-data.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/templates/pvc-data.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/templates/pvc-dbus.yaml b/kubernetes/aaf/components/aaf-sshsm/templates/pvc-dbus.yaml
index 7297d6f81d..7297d6f81d 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/templates/pvc-dbus.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/templates/pvc-dbus.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/templates/secret.yaml b/kubernetes/aaf/components/aaf-sshsm/templates/secret.yaml
index 50b6f36cd3..50b6f36cd3 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/templates/secret.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/templates/secret.yaml
diff --git a/kubernetes/aaf/charts/aaf-sshsm/values.yaml b/kubernetes/aaf/components/aaf-sshsm/values.yaml
index 5600213e11..30fb0d2f2f 100644
--- a/kubernetes/aaf/charts/aaf-sshsm/values.yaml
+++ b/kubernetes/aaf/components/aaf-sshsm/values.yaml
@@ -1,4 +1,5 @@
# Copyright 2018 Intel Corporation, Inc
+# Modifications © 2020 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -16,6 +17,23 @@
# Global configuration defaults.
#################################################################
global:
+ nodePortPrefix: 302
+ # Readiness image
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+ # Ubuntu Init image
+ ubuntuInitRepository: registry.hub.docker.com
+ ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
+ # Logging image
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ # BusyBox image
+ busyboxRepository: registry.hub.docker.com
+ busyboxImage: library/busybox:1.31
+ # Standard OOM
+ pullPolicy: "Always"
+ repository: "nexus3.onap.org:10001"
+
tpm:
enabled: false
# if enabled, nodeselector will use the below
diff --git a/kubernetes/aaf/components/aaf-templates/Chart.yaml b/kubernetes/aaf/components/aaf-templates/Chart.yaml
new file mode 100644
index 0000000000..c8739e0105
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-templates/Chart.yaml
@@ -0,0 +1,19 @@
+# Copyright © 2020 Orange
+# Modifications Copyright © 2018 AT&T, Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP Application Authorization Framework Templates
+name: aaf-templates
+version: 6.0.0
diff --git a/kubernetes/aaf/components/aaf-templates/requirements.yaml b/kubernetes/aaf/components/aaf-templates/requirements.yaml
new file mode 100644
index 0000000000..6afaa06e8a
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-templates/requirements.yaml
@@ -0,0 +1,18 @@
+ # Copyright © 2020 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
diff --git a/kubernetes/aaf/templates/_deployment.tpl b/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl
index bf6931a8e3..bf6931a8e3 100644
--- a/kubernetes/aaf/templates/_deployment.tpl
+++ b/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl
diff --git a/kubernetes/aaf/templates/_initContainers.tpl b/kubernetes/aaf/components/aaf-templates/templates/_initContainers.tpl
index 43c511fd6d..43c511fd6d 100644
--- a/kubernetes/aaf/templates/_initContainers.tpl
+++ b/kubernetes/aaf/components/aaf-templates/templates/_initContainers.tpl
diff --git a/kubernetes/aaf/components/aaf-templates/values.yaml b/kubernetes/aaf/components/aaf-templates/values.yaml
new file mode 100644
index 0000000000..73efdc6132
--- /dev/null
+++ b/kubernetes/aaf/components/aaf-templates/values.yaml
@@ -0,0 +1,13 @@
+# Copyright © 2020 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
diff --git a/kubernetes/aaf/requirements.yaml b/kubernetes/aaf/requirements.yaml
index 6a61926e9e..ccbe14c7a3 100644
--- a/kubernetes/aaf/requirements.yaml
+++ b/kubernetes/aaf/requirements.yaml
@@ -1,4 +1,6 @@
# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T
+# Modifications Copyright © 2020 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -13,6 +15,36 @@
# limitations under the License.
dependencies:
- - name: common
+ - name: aaf-cass
version: ~6.x-0
- repository: '@local' \ No newline at end of file
+ repository: 'file://components/aaf-cass'
+ - name: aaf-cert-service
+ version: ~6.x-0
+ repository: 'file://components/aaf-cert-service'
+ - name: aaf-cm
+ version: ~6.x-0
+ repository: 'file://components/aaf-cm'
+ - name: aaf-fs
+ version: ~6.x-0
+ repository: 'file://components/aaf-fs'
+ - name: aaf-gui
+ version: ~6.x-0
+ repository: 'file://components/aaf-gui'
+ - name: aaf-hello
+ version: ~6.x-0
+ repository: 'file://components/aaf-hello'
+ - name: aaf-locate
+ version: ~6.x-0
+ repository: 'file://components/aaf-locate'
+ - name: aaf-oauth
+ version: ~6.x-0
+ repository: 'file://components/aaf-oauth'
+ - name: aaf-service
+ version: ~6.x-0
+ repository: 'file://components/aaf-service'
+ - name: aaf-sms
+ version: ~6.x-0
+ repository: 'file://components/aaf-sms'
+ - name: aaf-sshsm
+ version: ~6.x-0
+ repository: 'file://components/aaf-sshsm'
diff --git a/kubernetes/aaf/values.yaml b/kubernetes/aaf/values.yaml
index bedf243639..df4dcf3723 100644
--- a/kubernetes/aaf/values.yaml
+++ b/kubernetes/aaf/values.yaml
@@ -16,6 +16,7 @@
#################################################################
# Global configuration defaults.
#################################################################
+
global:
nodePortPrefix: 302
# Readiness image
@@ -40,12 +41,14 @@ global:
#pullPolicy: IfNotPresent
#repository: "nexus3.onap.org:10003"
+ cmpv2Enabled: true
+ addTestingComponents: false
aaf:
readiness: false
- image: onap/aaf/aaf_core:2.1.20
+ image: onap/aaf/aaf_core:2.1.23
aaf_env: "DEV"
public_fqdn: "aaf.osaaf.org"
- aaf_release: "El Alto"
+ aaf_release: "Frankfurt"
# DUBLIN ONLY - for M4 compatibility with Casablanca
# aaf_locator_name: "public.%NS.%N"
# aaf_locator_name_oom: "%NS.%N"
@@ -57,7 +60,7 @@ global:
cadi_x509_issuers: "CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US"
config:
- image: onap/aaf/aaf_config:2.1.20
+ image: onap/aaf/aaf_config:2.1.23
service:
fqdn: "aaf-service"
@@ -73,6 +76,9 @@ global:
public_port: 31112
# Note: as hello is a sample app, find values in charts/aaf-hello/values.yaml
+ certServiceClient:
+ secret:
+ name: aaf-cert-service-client-tls-secret
#################################################################
# Application configuration defaults.
diff --git a/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties b/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties
index 05ac61cf57..453f906101 100755
--- a/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties
+++ b/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties
@@ -127,6 +127,8 @@ blueprintsprocessor.netconfExecutor.enabled=true
blueprintsprocessor.restConfExecutor.enabled=true
blueprintsprocessor.cliExecutor.enabled=true
blueprintsprocessor.remoteScriptCommand.enabled=true
+## Enable py-executor
+blueprintsprocessor.streamingRemoteExecution.enabled=true
# Used in Health Check
blueprintsprocessor.messageproducer.self-service-api.type=kafka-basic-auth
diff --git a/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml b/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml
index 161cf28d27..c2b6d520b5 100755
--- a/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml
+++ b/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml
@@ -90,7 +90,7 @@ spec:
command:
- chown
- -R
- - 100:101
+ - 1000:1000
- /opt/app/onap/blueprints/deploy
image: busybox:latest
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
diff --git a/kubernetes/common/certInitializer/templates/_certInitializer.yaml b/kubernetes/common/certInitializer/templates/_certInitializer.yaml
index eddc7bc124..9c744f39ba 100644
--- a/kubernetes/common/certInitializer/templates/_certInitializer.yaml
+++ b/kubernetes/common/certInitializer/templates/_certInitializer.yaml
@@ -61,7 +61,7 @@
apiVersion: v1
fieldPath: metadata.namespace
- name: {{ include "common.name" $dot }}-aaf-config
- image: {{ (default $subchartDot.Values.repository $subchartDot.Values.global.repository) }}/{{ $subchartDot.Values.global.aafAgentImage }}
+ image: {{ include "common.repository" $subchartDot }}/{{ $subchartDot.Values.global.aafAgentImage }}
imagePullPolicy: {{ $subchartDot.Values.global.pullPolicy | default $subchartDot.Values.pullPolicy }}
volumeMounts:
- mountPath: {{ $initRoot.mountPath }}
diff --git a/kubernetes/common/certInitializer/values.yaml b/kubernetes/common/certInitializer/values.yaml
index b55ba5e2f3..fdee4c9bd2 100644
--- a/kubernetes/common/certInitializer/values.yaml
+++ b/kubernetes/common/certInitializer/values.yaml
@@ -15,6 +15,7 @@
global:
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.2
+ repository: nexus3.onap.org:10001
aafAgentImage: onap/aaf/aaf_agent:2.1.20
aafEnabled: true
diff --git a/kubernetes/common/mariadb-galera/resources/create-deployment.yml b/kubernetes/common/mariadb-galera/resources/create-deployment.yml
new file mode 100644
index 0000000000..61bfc78945
--- /dev/null
+++ b/kubernetes/common/mariadb-galera/resources/create-deployment.yml
@@ -0,0 +1,50 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata: {{- include "common.resourceMetadata" (dict "suffix" "upgrade-deployment" "dot" .) | nindent 4 }}
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: {{ include "common.fullname" . }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.fullname" . }}
+ spec:
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ - containerPort: {{ .Values.service.sstPort }}
+ name: {{ .Values.service.sstPortName }}
+ - containerPort: {{ .Values.service.replicationPort }}
+ name: {{ .Values.service.replicationName }}
+ - containerPort: {{ .Values.service.istPort }}
+ name: {{ .Values.service.istPortName }}
+ env:
+ - name: POD_NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ - name: MYSQL_USER
+ valueFrom:
+ secretKeyRef:
+ key: login
+ name: {{ include "common.fullname" . }}-temp-upgrade-usercred
+ - name: MYSQL_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ key: password
+ name: {{ include "common.fullname" . }}-temp-upgrade-usercred
+ - name: MYSQL_DATABASE
+ value: {{ default "" .Values.config.mysqlDatabase | quote }}
+ - name: MYSQL_ROOT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ key: password
+ name: {{ include "common.fullname" . }}-temp-upgrade-root
+ subdomain: {{ .Values.service.name }}
+ hostname: {{ .Values.nameOverride }}-upgrade-deployment \ No newline at end of file
diff --git a/kubernetes/common/mariadb-galera/resources/post-upgrade-script.sh b/kubernetes/common/mariadb-galera/resources/post-upgrade-script.sh
new file mode 100644
index 0000000000..132ac27ea2
--- /dev/null
+++ b/kubernetes/common/mariadb-galera/resources/post-upgrade-script.sh
@@ -0,0 +1,26 @@
+#!/bin/bash
+
+TEMP_POD=$(kubectl get pod -n $NAMESPACE_ENV --selector \
+ app='{{ include "common.fullname" . }}' -o \
+ jsonpath='{.items[?(@.metadata.ownerReferences[].kind=="ReplicaSet")].metadata.name}')
+
+tmp_MYSQL_PASSWORD=$(echo -n $(kubectl exec -n $NAMESPACE_ENV $TEMP_POD -- printenv \
+ MYSQL_PASSWORD) | base64)
+
+tmp_ROOT_PASSWORD=$(echo -n $(kubectl exec -n $NAMESPACE_ENV $TEMP_POD -- printenv \
+ MYSQL_ROOT_PASSWORD) | base64)
+
+FLAG_EX_ROOT_SEC='{{ include "common.secret.getSecretNameFast" (dict "global" . "uid" (include "common.mariadb.secret.rootPassUID" .)) }}'
+
+FLAG_EX_SEC='{{ include "common.secret.getSecretNameFast" (dict "global" . "uid" (include "common.mariadb.secret.userCredentialsUID" .)) }}'
+
+kubectl patch secret $FLAG_EX_ROOT_SEC -p \
+ '{"data":{"password":"'"$tmp_ROOT_PASSWORD"'"}}'
+
+kubectl patch secret $FLAG_EX_SEC -p \
+ '{"data":{"password":"'"$tmp_MYSQL_PASSWORD"'"}}'
+
+kubectl delete pod -n $NAMESPACE_ENV {{ include "common.fullname" . }}-0 --now
+kubectl delete deployment -n $NAMESPACE_ENV {{ include "common.fullname" . }}-upgrade-deployment
+kubectl delete secret -n $NAMESPACE_ENV {{ include "common.fullname" . }}-temp-upgrade-root
+kubectl delete secret -n $NAMESPACE_ENV {{ include "common.fullname" . }}-temp-upgrade-usercred \ No newline at end of file
diff --git a/kubernetes/common/mariadb-galera/resources/upgrade-scripts.sh b/kubernetes/common/mariadb-galera/resources/upgrade-scripts.sh
new file mode 100644
index 0000000000..ff44606e23
--- /dev/null
+++ b/kubernetes/common/mariadb-galera/resources/upgrade-scripts.sh
@@ -0,0 +1,101 @@
+#!/bin/bash
+MYSQL_USER=$(kubectl exec -n $NAMESPACE_ENV \
+ {{ include "common.fullname" . }}-0 -- printenv MYSQL_USER)
+
+MYSQL_PASSWORD=$(kubectl exec -n $NAMESPACE_ENV \
+ {{ include "common.fullname" . }}-0 -- printenv MYSQL_PASSWORD)
+
+MYSQL_ROOT_PASSWORD=$(kubectl exec -n $NAMESPACE_ENV \
+ {{ include "common.fullname" . }}-0 -- printenv MYSQL_ROOT_PASSWORD)
+
+kubectl create secret generic \
+ '{{ include "common.fullname" . }}'-temp-upgrade-root \
+ --from-literal=password=$MYSQL_ROOT_PASSWORD
+
+kubectl create secret generic \
+ '{{ include "common.fullname" . }}'-temp-upgrade-usercred \
+ --from-literal=login=$MYSQL_USER --from-literal=password=$MYSQL_PASSWORD
+
+kubectl create -f /upgrade/create-deployment.yml
+
+TEMP_POD=$(kubectl get pod -n $NAMESPACE_ENV --selector \
+ app='{{ include "common.fullname" . }}' -o \
+ jsonpath='{.items[?(@.metadata.ownerReferences[].kind=="ReplicaSet")].metadata.name}')
+
+CLUSTER_NO=$(kubectl exec -n $NAMESPACE_ENV $TEMP_POD -- \
+ mysql --skip-column-names -h{{ $.Values.service.name }} -u$MYSQL_USER \
+ -p$MYSQL_PASSWORD -e "SHOW GLOBAL STATUS LIKE 'wsrep_cluster_size';" | \
+ awk '{print $2}')
+
+CLUSTER_STATE=$(kubectl exec -n $NAMESPACE_ENV $TEMP_POD -- \
+ mysql --skip-column-names -h{{ $.Values.service.name }} -u$MYSQL_USER \
+ -p$MYSQL_PASSWORD -e "SHOW GLOBAL STATUS LIKE 'wsrep_local_state_comment';" \
+ | awk '{print $2}')
+
+STS_REPLICA=$(kubectl get statefulsets -n $NAMESPACE_ENV \
+ {{ include "common.fullname" . }} -o jsonpath='{.status.replicas}')
+
+DEPLOYMENT_REPLICA=$(kubectl get deployment -n $NAMESPACE_ENV \
+ {{ include "common.fullname" . }}-upgrade-deployment -o \
+ jsonpath='{.status.replicas}')
+
+while [[ ! $CLUSTER_NO == $((STS_REPLICA+DEPLOYMENT_REPLICA)) ]] \
+ || [[ ! $CLUSTER_STATE == "Synced" ]]
+do
+ echo "$CLUSTER_NO and $CLUSTER_STATE"
+ CLUSTER_NO=$(kubectl exec -n $NAMESPACE_ENV $TEMP_POD -- mysql \
+ --skip-column-names -h{{ $.Values.service.name }} -u$MYSQL_USER \
+ -p$MYSQL_PASSWORD -e "SHOW GLOBAL STATUS LIKE 'wsrep_cluster_size';" \
+ | awk '{print $2}')
+ CLUSTER_STATE=$(kubectl exec -n $NAMESPACE_ENV $TEMP_POD -- mysql \
+ --skip-column-names -h{{ $.Values.service.name }} -u$MYSQL_USER \
+ -p$MYSQL_PASSWORD -e "SHOW GLOBAL STATUS LIKE 'wsrep_local_state_comment';" \
+ | awk '{print $2}')
+ sleep 2
+ if [[ $CLUSTER_NO == $((STS_REPLICA+DEPLOYMENT_REPLICA)) ]] \
+ && [[ $CLUSTER_STATE == "Synced" ]]
+ then
+ echo "The cluster has $CLUSTER_NO members and $CLUSTER_STATE state."
+ break
+ fi
+done
+
+MYSQL_STATUS=$(kubectl exec -n $NAMESPACE_ENV $TEMP_POD -- mysqladmin \
+ -uroot -p$MYSQL_ROOT_PASSWORD ping)
+
+while [[ ! $MYSQL_STATUS == "mysqld is alive" ]]
+do
+ echo "Mariadb deployment is not ready yet."
+ sleep 2
+ MYSQL_STATUS=$(kubectl exec -n $NAMESPACE_ENV $TEMP_POD -- mysqladmin \
+ -uroot -p$MYSQL_ROOT_PASSWORD ping)
+ if [[ $MYSQL_STATUS == "mysqld is alive" ]]
+ then
+ echo "Mariadb deployment is ready."
+ break
+ fi
+done
+
+kubectl scale statefulsets {{ include "common.fullname" . }} --replicas=0
+MY_REPLICA_NUMBER=$(kubectl get statefulsets -n $NAMESPACE_ENV \
+ {{ include "common.fullname" . }} -o jsonpath='{.status.replicas}')
+echo "The the cluster has $MY_REPLICA_NUMBER replicas."
+
+while [[ ! $MY_REPLICA_NUMBER == "0" ]]
+do
+ echo "The cluster is not scaled to 0 yet. Please wait ..."
+ MY_REPLICA_NUMBER=$(kubectl get statefulsets -n $NAMESPACE_ENV \
+ {{ include "common.fullname" . }} -o jsonpath='{.status.replicas}')
+ echo "The current status of the cluster is $MY_REPLICA_NUMBER"
+ sleep 2
+ if [[ $MY_REPLICA_NUMBER == "0" ]]
+ then
+ break
+ fi
+done
+
+for (( index=0; index<$STS_REPLICA; index+=1 ))
+do
+ kubectl delete pvc \
+ "{{ include "common.fullname" . }}-data-{{ include "common.fullname" . }}-$index"
+done
diff --git a/kubernetes/common/mariadb-galera/templates/configmap.yaml b/kubernetes/common/mariadb-galera/templates/configmap.yaml
index a7064d7ce4..685901fa95 100644
--- a/kubernetes/common/mariadb-galera/templates/configmap.yaml
+++ b/kubernetes/common/mariadb-galera/templates/configmap.yaml
@@ -1,6 +1,6 @@
{{/*
# Copyright © 2018 Amdocs, Bell Canada
-# Copyright © 2020 Samsung Electronics
+# Copyright © 2020 Samsung Electronics, and TATA Communications
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -14,7 +14,6 @@
# See the License for the specific language governing permissions and
# limitations under the License.
*/}}
-
{{- if .Values.externalConfig }}
apiVersion: v1
kind: ConfigMap
@@ -43,3 +42,37 @@ metadata:
heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-upgrade-deployment
+ annotations:
+ "helm.sh/hook": "pre-upgrade"
+ "helm.sh/hook-weight": "0"
+ "helm.sh/hook-delete-policy": hook-succeeded
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-post-upgrade-deployment
+ annotations:
+ "helm.sh/hook": "post-upgrade"
+ "helm.sh/hook-weight": "0"
+ "helm.sh/hook-delete-policy": hook-succeeded
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/post-upgrade-script.sh").AsConfig . | indent 2 }}
diff --git a/kubernetes/common/mariadb-galera/templates/job.yaml b/kubernetes/common/mariadb-galera/templates/job.yaml
new file mode 100644
index 0000000000..cc71bb855c
--- /dev/null
+++ b/kubernetes/common/mariadb-galera/templates/job.yaml
@@ -0,0 +1,107 @@
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}-pre-upgrade
+ annotations:
+ "helm.sh/hook": "pre-upgrade"
+ "helm.sh/hook-weight": "1"
+ "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+spec:
+ template:
+ spec:
+ securityContext:
+ fsGroup: 1001
+ runAsUser: 1001
+ containers:
+ - name: mariadb-job-pre-upgrade
+ image: {{ .Values.global.kubectlImage}}
+ imagePullPolicy: IfNotPresent
+ env:
+ - name: NAMESPACE_ENV
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ command: ["/bin/bash", "-c", "--"]
+ args: ["/upgrade/upgrade-scripts.sh"]
+ volumeMounts:
+ - name: config-mariadb-upgrade
+ mountPath: /upgrade
+ volumes:
+ - name: config-mariadb-upgrade
+ configMap:
+ name: {{ include "common.fullname" . }}-upgrade-deployment
+ defaultMode: 0777
+ restartPolicy: OnFailure
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}-post-upgrade
+ annotations:
+ "helm.sh/hook": "post-upgrade"
+ "helm.sh/hook-weight": "1"
+ "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+spec:
+ template:
+ spec:
+ securityContext:
+ fsGroup: 1001
+ runAsUser: 0
+ initContainers:
+ - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ name: mariadb-galera-upgrade-readiness
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - mariadb-galera
+ containers:
+ - name: mariadb-job-post-upgrade
+ image: {{ .Values.global.kubectlImage}}
+ imagePullPolicy: IfNotPresent
+ env:
+ - name: NAMESPACE_ENV
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ command: ["/bin/bash", "-c", "--"]
+ args: ["/upgrade/post-upgrade-script.sh"]
+ volumeMounts:
+ - name: config-mariadb-upgrade
+ mountPath: /upgrade
+ volumes:
+ - name: config-mariadb-upgrade
+ configMap:
+ name: {{ include "common.fullname" . }}-post-upgrade-deployment
+ defaultMode: 0777
+ restartPolicy: OnFailure
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}-post-delete
+ annotations:
+ "helm.sh/hook": "post-delete"
+ "helm.sh/hook-weight": "1"
+ "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+spec:
+ template:
+ spec:
+ containers:
+ - name: mariadb-job-post-delete
+ image: {{ .Values.global.kubectlImage}}
+ imagePullPolicy: IfNotPresent
+ command: ["/bin/bash", "-c", "--"]
+ args:
+ - for ((index=0;index<{{ $.Values.replicaCount }};index+=1));
+ do kubectl delete pvc "{{ include "common.fullname" . }}-data-{{ include "common.fullname" . }}-$index";
+ done; kubectl delete deployment {{ include "common.fullname" . }}-upgrade-deployment;
+ restartPolicy: OnFailure
diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml
index af08ea3d58..4ccb0e5c6e 100644
--- a/kubernetes/common/mariadb-galera/values.yaml
+++ b/kubernetes/common/mariadb-galera/values.yaml
@@ -42,7 +42,10 @@ global:
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.2
-
+ busyboxImage: busybox:1.30
+ busyboxRepository: docker.io
+ # kubeclt image
+ kubectlImage: "bitnami/kubectl:1.15"
#################################################################
# Application configuration defaults.
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml
index 94b026fab7..a873762295 100644
--- a/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-prov/requirements.yaml
@@ -25,4 +25,7 @@ dependencies:
- name: mariadb-galera
alias: mariadb
version: ~6.x-0
- repository: '@local' \ No newline at end of file
+ repository: '@local'
+ - name: certInitializer
+ version: ~6.x-0
+ repository: '@local'
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml
index adbdb688c2..8db6edba1e 100644
--- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml
@@ -46,61 +46,15 @@ spec:
apiVersion: v1
fieldPath: metadata.namespace
{{- if .Values.global.aafEnabled }}
- - name: {{ include "common.name" . }}-aaf-readiness
- image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command:
- - /root/ready.py
- args:
- - --container-name
- - aaf-locate
- - --container-name
- - aaf-cm
- - --container-name
- - aaf-service
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- - name: {{ include "common.name" . }}-dr-prov-aaf-config
- image: "{{ include "common.repository" . }}/{{ .Values.global.aafAgentImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["bash","-c","exec /opt/app/aaf_config/bin/agent.sh"]
- volumeMounts:
- - mountPath: {{ .Values.persistence.aafCredsPath }}
- name: {{ include "common.fullname" . }}-aaf-config-vol
- env:
- - name: APP_FQI
- value: "{{ .Values.aafConfig.fqi }}"
- - name: aaf_locate_url
- value: "https://aaf-locate.{{ .Release.Namespace }}:8095"
- - name: aaf_locator_container
- value: "{{ .Values.global.aafLocatorContainer }}"
- - name: aaf_locator_container_ns
- value: "{{ .Release.Namespace }}"
- - name: aaf_locator_fqdn
- value: "{{ .Values.aafConfig.fqdn }}"
- - name: aaf_locator_public_fqdn
- value: "{{.Values.aafConfig.publicFqdn}}"
- - name: aaf_locator_app_ns
- value: "{{ .Values.global.aafAppNs }}"
- - name: DEPLOY_FQI
- value: "{{ .Values.aafConfig.aafDeployFqi }}"
- - name: DEPLOY_PASSWORD
- value: "{{ .Values.aafConfig.aafDeployPass }}"
- - name: cadi_longitude
- value: "{{ .Values.aafConfig.cadiLongitude }}"
- - name: cadi_latitude
- value: "{{ .Values.aafConfig.cadiLatitude }}"
+
+ {{ include "common.certInitializer.initContainer" . | nindent 8 }}
+
- name: {{ include "common.name" . }}-permission-fixer
image: "{{ .Values.global.busyBoxRepository }}/{{ .Values.global.busyBoxImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
- - mountPath: {{ .Values.persistence.aafCredsPath }}
- name: {{ include "common.fullname" . }}-aaf-config-vol
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
command: ["chown","-Rf","1000:1001", "/opt/app/"]
+
{{ end }}
containers:
- name: {{ include "common.name" . }}
@@ -125,11 +79,7 @@ spec:
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-dr-db-user-secret" "key" "login") | indent 12 }}
- name: DB_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-dr-db-user-secret" "key" "password") | indent 12 }}
- volumeMounts:
- {{- if .Values.global.aafEnabled }}
- - mountPath: {{ .Values.persistence.aafCredsPath }}
- name: {{ include "common.fullname" . }}-aaf-config-vol
- {{- end }}
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- mountPath: /etc/localtime
name: localtime
readOnly: false
@@ -163,7 +113,7 @@ spec:
mountPath: /usr/share/filebeat/data
- name: {{ include "common.fullname" . }}-logs
mountPath: /var/log/onap/datarouter-prov
- volumes:
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
- name: localtime
hostPath:
path: /etc/localtime
@@ -183,14 +133,5 @@ spec:
emptyDir: {}
- name: {{ include "common.fullname" . }}-logs
emptyDir: {}
- {{- if .Values.global.aafEnabled }}
- - name: {{ include "common.fullname" . }}-aaf-config-vol
- {{- if .Values.persistence.enabled }}
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}-aaf-props
- {{- else }}
- emptyDir: {}
- {{- end }}
- {{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/pv.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/pv.yaml
deleted file mode 100644
index 1a09a81a0e..0000000000
--- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/pv.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-{{/*
- # ============LICENSE_START=======================================================
- # Copyright (C) 2019 Nordix Foundation.
- # ================================================================================
- # Licensed under the Apache License, Version 2.0 (the "License");
- # you may not use this file except in compliance with the License.
- # You may obtain a copy of the License at
- #
- # http://www.apache.org/licenses/LICENSE-2.0
- #
- # Unless required by applicable law or agreed to in writing, software
- # distributed under the License is distributed on an "AS IS" BASIS,
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- # See the License for the specific language governing permissions and
- # limitations under the License.
- #
- # SPDX-License-Identifier: Apache-2.0
- # ============LICENSE_END=========================================================
-*/}}
-{{- if .Values.global.aafEnabled }}
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
-{{- if eq "True" (include "common.needPV" .) -}}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-aaf-props
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}-aaf-props
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}-aaf-props
-spec:
- capacity:
- storage: {{ .Values.persistence.aafCredsSize}}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- storageClassName: "{{ include "common.fullname" . }}-data"
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.aafCredsMountSubPath }}
-{{ end -}}
-{{- end -}}
-{{- end -}}
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/pvc.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/pvc.yaml
deleted file mode 100644
index c6ac7497b5..0000000000
--- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/pvc.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-{{/*
- # ============LICENSE_START=======================================================
- # Copyright (C) 2019 Nordix Foundation.
- # ================================================================================
- # Licensed under the Apache License, Version 2.0 (the "License");
- # you may not use this file except in compliance with the License.
- # You may obtain a copy of the License at
- #
- # http://www.apache.org/licenses/LICENSE-2.0
- #
- # Unless required by applicable law or agreed to in writing, software
- # distributed under the License is distributed on an "AS IS" BASIS,
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- # See the License for the specific language governing permissions and
- # limitations under the License.
- #
- # SPDX-License-Identifier: Apache-2.0
- # ============LICENSE_END=========================================================
-*/}}
-{{- if .Values.global.aafEnabled }}
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-aaf-props
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- accessModes:
- - {{ .Values.persistence.accessMode }}
- storageClassName: {{ include "common.storageClass" . }}
- resources:
- requests:
- storage: {{ .Values.persistence.aafCredsSize }}
-{{ end -}}
-{{ end -}}
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml
index 3fb90f0533..1cf2e583d1 100644
--- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml
@@ -25,7 +25,7 @@ global:
#################################################################
secrets:
- uid: dmaap-dr-db-user-secret
- name: '{{ include "common.release" . }}-dmaap-dr-db-user-secret'
+ name: &dbSecretName '{{ include "common.release" . }}-dmaap-dr-db-user-secret'
type: basicAuth
externalSecret: '{{ tpl (default "" .Values.config.dmaapDrDb.userCredentialsExternalSecret) . }}'
login: '{{ .Values.config.dmaapDrDb.userName }}'
@@ -69,10 +69,6 @@ persistence:
accessMode: ReadWriteOnce
mountPath: /dockerdata-nfs
- aafCredsMountSubPath: data-router/dr-prov/aaf-props
- aafCredsSize: 10M
- aafCredsPath: /opt/app/osaaf/local
-
ingress:
enabled: false
service:
@@ -111,7 +107,7 @@ mariadb:
nameOverride: dmaap-dr-db
replicaCount: 2
config:
- userCredentialsExternalSecret: '{{ include "common.release" . }}-dmaap-dr-db-user-secret'
+ userCredentialsExternalSecret: *dbSecretName
mysqlDatabase: datarouter
service:
name: dmaap-dr-db-svc
@@ -121,15 +117,22 @@ mariadb:
size: 1Gi
mountSubPath: data-router/dr-db-data
-#AAF local config
-aafConfig:
+#################################################################
+# AAF part
+#################################################################
+certInitializer:
+ nameOverride: dmaap-dr-prov-cert-initializer
aafDeployFqi: deployer@people.osaaf.org
aafDeployPass: demo123456!
+# aafDeployCredsExternalSecret: some secret
fqdn: dmaap-dr-prov
fqi: dmaap-dr-prov@dmaap-dr.onap.org
publicFqdn: dmaap-dr.onap.org
cadiLatitude: 0.0
cadiLongitude: 0.0
+ app_ns: org.osaaf.aaf
+ credsPath: /opt/app/osaaf/local
+
# Resource Limit flavor -By Default using small
flavor: small
diff --git a/kubernetes/onap/resources/overrides/aaf-cert-service-environment.yaml b/kubernetes/onap/resources/overrides/aaf-cert-service-environment.yaml
new file mode 100644
index 0000000000..da00f61e2f
--- /dev/null
+++ b/kubernetes/onap/resources/overrides/aaf-cert-service-environment.yaml
@@ -0,0 +1,47 @@
+# Copyright © 2020 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+#
+# These overrides will affect all helm charts (ie. applications)
+# that are listed below and are 'enabled'.
+#
+#
+# This is specifically for the environments which take time to
+# deploy ONAP. This increase in timeouts prevents false restarting of
+# the pods during startup configuration.
+#
+# These timers have been tuned by the ONAP integration team. They
+# have been tested and validated in the ONAP integration lab (Intel/Windriver lab).
+# They are however indicative and may be adapted to your environment as they
+# depend on the performance of the infrastructure you are installing ONAP on.
+#
+# Please note that these timers must remain reasonable, in other words, if
+# your infrastructure is not performant enough, extending the timers to very
+# large value may not fix all installation issues on over subscribed hardware.
+#
+#################################################################
+global:
+ cmpv2Enabled: true
+ aaf:
+ certServiceClient:
+ envVariables:
+ # Certificate related
+ cmpv2Organization: "Linux-Foundation"
+ cmpv2OrganizationalUnit: "ONAP"
+ cmpv2Location: "San-Francisco"
+ cmpv2State: "California"
+ cmpv2Country: "US"
+ # Client configuration related
+ caName: "RA"
diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml
index 973613b464..e60925f21f 100755
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -58,6 +58,16 @@ global:
# logging agent - temporary repo until images migrated to nexus3
loggingRepository: docker.elastic.co
+ # dockerHub main repository
+ dockerHubRepository: docker.io
+
+ # busybox repo and image
+ busyboxRepository: docker.io
+ busyboxImage: busybox:1.30
+
+ # kubeclt image
+ kubectlImage: "bitnami/kubectl:1.15"
+
# image pull policy
pullPolicy: Always
@@ -101,6 +111,27 @@ global:
# Enabling CMPv2
cmpv2Enabled: true
+ aaf:
+ certServiceClient:
+ image: onap/org.onap.aaf.certservice.aaf-certservice-client:1.0.0
+ secret:
+ name: aaf-cert-service-client-tls-secret
+ mountPath: /etc/onap/aaf/certservice/certs/
+ envVariables:
+ # Certificate related
+ cmpv2Organization: "Linux-Foundation"
+ cmpv2OrganizationalUnit: "ONAP"
+ cmpv2Location: "San-Francisco"
+ cmpv2State: "California"
+ cmpv2Country: "US"
+ # Client configuration related
+ caName: "RA"
+ requestURL: "https://aaf-cert-service:8443/v1/certificate/"
+ requestTimeout: "20000"
+ keystorePath: "/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks"
+ keystorePassword: "secret"
+ truststorePath: "/etc/onap/aaf/certservice/certs/truststore.jks"
+ truststorePassword: "secret"
# TLS
# Set to false if you want to disable TLS for NodePorts. Be aware that this
diff --git a/kubernetes/portal/components/portal-sdk/requirements.yaml b/kubernetes/portal/components/portal-sdk/requirements.yaml
index c5d7864b9d..00b92235f3 100644
--- a/kubernetes/portal/components/portal-sdk/requirements.yaml
+++ b/kubernetes/portal/components/portal-sdk/requirements.yaml
@@ -16,3 +16,6 @@ dependencies:
- name: common
version: ~6.x-0
repository: '@local'
+ - name: certInitializer
+ version: ~6.x-0
+ repository: '@local'
diff --git a/kubernetes/portal/components/portal-sdk/resources/server/server.xml b/kubernetes/portal/components/portal-sdk/resources/server/server.xml
index dffcfbe419..1cea5ab8f8 100644
--- a/kubernetes/portal/components/portal-sdk/resources/server/server.xml
+++ b/kubernetes/portal/components/portal-sdk/resources/server/server.xml
@@ -94,7 +94,7 @@
{{ if .Values.global.aafEnabled }}
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
- keystoreFile="{{.Values.aafConfig.credsPath}}/{{.Values.aafConfig.keystoreFile}}"
+ keystoreFile="{{.Values.certInitializer.credsPath}}/{{.Values.certInitializer.keystoreFile}}"
keystorePass="${javax.net.ssl.keyStorePassword}"
clientAuth="false" sslProtocol="TLS" />
{{ end }}
@@ -152,4 +152,4 @@
</Host>
</Engine>
</Service>
-</Server> \ No newline at end of file
+</Server>
diff --git a/kubernetes/portal/components/portal-sdk/templates/configmap.yaml b/kubernetes/portal/components/portal-sdk/templates/configmap.yaml
index 1dbdeedd5a..5ad9910c56 100644
--- a/kubernetes/portal/components/portal-sdk/templates/configmap.yaml
+++ b/kubernetes/portal/components/portal-sdk/templates/configmap.yaml
@@ -26,17 +26,3 @@ metadata:
data:
{{ tpl (.Files.Glob "resources/config/deliveries/properties/ONAPPORTALSDK/*").AsConfig . | indent 2 }}
{{ tpl (.Files.Glob "resources/server/*").AsConfig . | indent 2 }}
-
-{{ if .Values.global.aafEnabled }}
-{{- if .Values.aafConfig.addconfig -}}
----
-apiVersion: v1
-kind: ConfigMap
-{{- $suffix := "aaf-add-config" }}
-metadata: {{- include "common.resourceMetadata" (dict "suffix" $suffix "dot" . )| nindent 2 }}
-data:
- aaf-add-config.sh: |-
- /opt/app/aaf_config/bin/agent.sh;/opt/app/aaf_config/bin/agent.sh local showpass \
- {{.Values.aafConfig.fqi}} {{ .Values.aafConfig.fqdn }} > {{ .Values.aafConfig.credsPath }}/mycreds.prop
-{{- end -}}
-{{- end -}} \ No newline at end of file
diff --git a/kubernetes/portal/components/portal-sdk/templates/deployment.yaml b/kubernetes/portal/components/portal-sdk/templates/deployment.yaml
index b78ef34fa1..e7913ba1a5 100644
--- a/kubernetes/portal/components/portal-sdk/templates/deployment.yaml
+++ b/kubernetes/portal/components/portal-sdk/templates/deployment.yaml
@@ -46,24 +46,22 @@ spec:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- {{- if .Values.global.aafEnabled }}
-{{ include "common.aaf-config" . | indent 6 }}
- {{- end }}
+{{ include "common.certInitializer.initContainer" . | indent 6 }}
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command: ["bash","-c"]
{{- if .Values.global.aafEnabled }}
- args: ["export $(grep '^c' {{ .Values.aafConfig.credsPath }}/mycreds.prop | xargs -0);\
+ args: ["export $(grep '^c' {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0);\
export _JAVA_OPTIONS=\"-Djavax.net.ssl.trustStorePassword=$cadi_truststore_password \
-Djavax.net.ssl.keyStorePassword=$cadi_keystore_password_p12\";\
/start-apache-tomcat.sh -b {{ .Values.global.env.tomcatDir }}"]
env:
- name: CATALINA_OPTS
value: >
- -Djavax.net.ssl.keyStore="{{ .Values.aafConfig.credsPath }}/{{ .Values.aafConfig.keystoreFile }}"
- -Djavax.net.ssl.trustStore="{{ .Values.aafConfig.credsPath }}/{{ .Values.aafConfig.truststoreFile }}"
+ -Djavax.net.ssl.keyStore="{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }}"
+ -Djavax.net.ssl.trustStore="{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }}"
{{- else }}
args: ["/start-apache-tomcat.sh -b {{ .Values.global.env.tomcatDir }}"]
{{- end }}
@@ -82,9 +80,7 @@ spec:
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
- {{- if .Values.global.aafEnabled }}
-{{ include "common.aaf-config-volume-mountpath" . | indent 8 }}
- {{- end }}
+{{ include "common.certInitializer.volumeMount" . | indent 8 }}
- name: properties-onapportalsdk
mountPath: "{{ .Values.global.env.tomcatDir }}/conf/server.xml"
subPath: server.xml
@@ -148,8 +144,6 @@ spec:
emptyDir: {}
- name: portal-tomcat-logs
emptyDir: {}
- {{- if .Values.global.aafEnabled }}
-{{ include "common.aaf-config-volumes" . | indent 8 }}
- {{- end }}
+{{ include "common.certInitializer.volumes" . | indent 8 }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/portal/components/portal-sdk/values.yaml b/kubernetes/portal/components/portal-sdk/values.yaml
index 2363ec5691..47c0189c40 100644
--- a/kubernetes/portal/components/portal-sdk/values.yaml
+++ b/kubernetes/portal/components/portal-sdk/values.yaml
@@ -27,7 +27,6 @@ global:
persistence: {}
#AAF service
aafEnabled: true
- aafAgentImage: onap/aaf/aaf_agent:2.1.20
#################################################################
# Application configuration defaults.
@@ -40,30 +39,25 @@ pullPolicy: Always
#AAF local config
aafURL: https://aaf-service:8100/authz/
-aafConfig:
+certInitializer:
+ nameOverride: portal-sdk-cert-initializer
aafDeployFqi: deployer@people.osaaf.org
aafDeployPass: demo123456!
fqdn: portal
fqi: portal@portal.onap.org
- publicFqdn: portal.onap.org
+ public_fqdn: portal.onap.org
cadi_latitude: "38.0"
cadi_longitude: "-72.0"
credsPath: /opt/app/osaaf/local
app_ns: org.osaaf.aaf
permission_user: 1000
permission_group: 999
- addconfig: true
- secret_uid: &aaf_secret_uid portal-sdk-aaf-deploy-creds
keystoreFile: "org.onap.portal.p12"
truststoreFile: "org.onap.portal.trust.jks"
-
-secrets:
- - uid: *aaf_secret_uid
- type: basicAuth
- externalSecret: '{{ ternary (tpl (default "" .Values.aafConfig.aafDeployCredsExternalSecret) .) "aafIsDiabled" .Values.global.aafEnabled }}'
- login: '{{ .Values.aafConfig.aafDeployFqi }}'
- password: '{{ .Values.aafConfig.aafDeployPass }}'
- passwordPolicy: required
+ aaf_add_config: >
+ /opt/app/aaf_config/bin/agent.sh;
+ /opt/app/aaf_config/bin/agent.sh local showpass \
+ {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
# flag to enable debugging - application support required
debugEnabled: false
diff --git a/kubernetes/robot b/kubernetes/robot
-Subproject 51322d3b374588a051b4a5522fbd25ac92ffb32
+Subproject 7ee95b4c8f667dd0506499db17688473309cd91
diff --git a/kubernetes/sdc/charts/sdc-be/values.yaml b/kubernetes/sdc/charts/sdc-be/values.yaml
index a0e9b539e6..ac0403b889 100644
--- a/kubernetes/sdc/charts/sdc-be/values.yaml
+++ b/kubernetes/sdc/charts/sdc-be/values.yaml
@@ -28,8 +28,8 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-backend:1.6.5
-backendInitImage: onap/sdc-backend-init:1.6.5
+image: onap/sdc-backend:1.6.6
+backendInitImage: onap/sdc-backend-init:1.6.6
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/sdc/charts/sdc-cs/values.yaml b/kubernetes/sdc/charts/sdc-cs/values.yaml
index 3cef2cf49e..cabf2c19eb 100644
--- a/kubernetes/sdc/charts/sdc-cs/values.yaml
+++ b/kubernetes/sdc/charts/sdc-cs/values.yaml
@@ -28,8 +28,8 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-cassandra:1.6.5
-cassandraInitImage: onap/sdc-cassandra-init:1.6.5
+image: onap/sdc-cassandra:1.6.6
+cassandraInitImage: onap/sdc-cassandra-init:1.6.6
pullPolicy: Always
diff --git a/kubernetes/sdc/charts/sdc-fe/values.yaml b/kubernetes/sdc/charts/sdc-fe/values.yaml
index 8754d0fc87..98452c23e1 100644
--- a/kubernetes/sdc/charts/sdc-fe/values.yaml
+++ b/kubernetes/sdc/charts/sdc-fe/values.yaml
@@ -28,7 +28,7 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-frontend:1.6.5
+image: onap/sdc-frontend:1.6.6
pullPolicy: Always
config:
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml
index 0471c031a6..f83000f74a 100644
--- a/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml
+++ b/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml
@@ -28,8 +28,8 @@ global:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-onboard-backend:1.6.5
-onboardingInitImage: onap/sdc-onboard-cassandra-init:1.6.5
+image: onap/sdc-onboard-backend:1.6.6
+onboardingInitImage: onap/sdc-onboard-cassandra-init:1.6.6
pullPolicy: Always
# flag to enable debugging - application support required
diff --git a/kubernetes/sdnc/resources/config/log/org.ops4j.pax.logging.cfg b/kubernetes/sdnc/resources/config/log/org.ops4j.pax.logging.cfg
index 117a663dd4..46c5db0ea9 100644
--- a/kubernetes/sdnc/resources/config/log/org.ops4j.pax.logging.cfg
+++ b/kubernetes/sdnc/resources/config/log/org.ops4j.pax.logging.cfg
@@ -17,8 +17,10 @@
#
################################################################################
-# Common pattern layout for appenders
-log4j2.pattern = %d{ISO8601} | %-5p | %-16t | %-32c{1} | %X{bundle.id} - %X{bundle.name} - %X{bundle.version} | %X{currentGraph} - %X{nodeId} | %m%n
+# Properties used as default values in MDC
+log4j2.property.ServiceName = INTERNAL
+log4j2.property.ErrorCode = 900
+log4j2.property.ErrorDesc = UnknownError
# Common properties
@@ -33,23 +35,18 @@ metricsLogName=metrics
auditLogName=audit
debugLogName=debug
-
-# Root logger
-log4j2.rootLogger.level = INFO
-# uncomment to use asynchronous loggers, which require mvn:com.lmax/disruptor/3.3.2 library
-#log4j2.rootLogger.type = asyncRoot
-#log4j2.rootLogger.includeLocation = false
-log4j2.rootLogger.appenderRef.RollingFile.ref = RollingFile
+log4j2.rootLogger.appenderRef.KarafFile.ref = KarafFile
log4j2.rootLogger.appenderRef.PaxOsgi.ref = PaxOsgi
log4j2.rootLogger.appenderRef.Console.ref = Console
+log4j2.rootLogger.appenderRef.DebugFile.ref = DebugFile
+log4j2.rootLogger.appenderRef.ErrorFile.ref = ErrorFile
log4j2.rootLogger.appenderRef.Console.filter.threshold.type = ThresholdFilter
log4j2.rootLogger.appenderRef.Console.filter.threshold.level = ${karaf.log.console:-OFF}
-# Loggers configuration
-
-# Spifly logger
-log4j2.logger.spifly.name = org.apache.aries.spifly
-log4j2.logger.spifly.level = WARN
+log4j2.bundle.info = %X{bundle.id} - %.50X{bundle.name} - %X{bundle.version}
+# Veracode: Address Improper Output Neutralization for Logs CWE ID 117 flaw
+# \\R matches any new line character, any new line character will replaced with space (stripped)
+log4j2.pattern = %d{ISO8601} | %-5p | %-16t | %-32c{1} | ${log4j2.bundle.info} | %X{currentGraph} - %X{nodeId} | %replace{%m}{\\R}{ }%n
# Security audit logger
log4j2.logger.audit.name = org.apache.karaf.jaas.modules.audit
@@ -65,74 +62,150 @@ log4j2.appender.console.name = Console
log4j2.appender.console.layout.type = PatternLayout
log4j2.appender.console.layout.pattern = ${log4j2.pattern}
-# Rolling file appender
-log4j2.appender.rolling.type = RollingRandomAccessFile
-log4j2.appender.rolling.name = RollingFile
-log4j.appender.rolling.level = INFO
-log4j2.appender.rolling.fileName = ${logDirectory}/${karafLogName}.log
-log4j2.appender.rolling.filePattern = ${logDirectory}/${karafLogName}.log.%i
-# uncomment to not force a disk flush
-#log4j2.appender.rolling.immediateFlush = false
-log4j2.appender.rolling.append = true
-log4j2.appender.rolling.layout.type = PatternLayout
-log4j2.appender.rolling.layout.pattern = ${log4j2.pattern}
-log4j2.appender.rolling.policies.type = Policies
-log4j2.appender.rolling.policies.size.type = SizeBasedTriggeringPolicy
-log4j2.appender.rolling.policies.size.size = ${maxFileSize}
-
-# Audit file appender - not currently used, so commented out
-log4j2.appender.audit.type = RollingRandomAccessFile
-log4j2.appender.audit.name = AuditRollingFile
-log4j2.appender.audit.fileName = ${logDirectory}/${auditLogName}.log
-log4j2.appender.audit.filePattern = ${logDirectory}/${auditLogName}.log.%i
-log4j2.appender.audit.append = true
-log4j2.appender.audit.layout.type = PatternLayout
-log4j2.appender.audit.layout.pattern = ${log4j2.pattern}
-log4j2.appender.audit.policies.type = Policies
-log4j2.appender.audit.policies.size.type = SizeBasedTriggeringPolicy
-log4j2.appender.audit.policies.size.size = ${maxFileSize}
-
# OSGi appender
log4j2.appender.osgi.type = PaxOsgi
log4j2.appender.osgi.name = PaxOsgi
log4j2.appender.osgi.filter = *
-
-#ECOMP Debug appender
+# KarafFile appender
+log4j2.appender.karaf.type = RollingRandomAccessFile
+log4j2.appender.karaf.name = KarafFile
+log4j2.appender.karaf.fileName = ${logDirectory}/log/karaf.log
+log4j2.appender.karaf.filePattern = ${logDirectory}/log/karaf.log.%i
+# uncomment to not force a disk flush
+#log4j2.appender.karaf.immediateFlush = false
+log4j2.appender.karaf.append = true
+log4j2.appender.karaf.layout.type = PatternLayout
+log4j2.appender.karaf.layout.pattern = ${log4j2.pattern}
+log4j2.appender.karaf.policies.type = Policies
+log4j2.appender.karaf.policies.size.type = SizeBasedTriggeringPolicy
+log4j2.appender.karaf.policies.size.size = ${maxFileSize}
+log4j2.appender.karaf.strategy.type = DefaultRolloverStrategy
+log4j2.appender.karaf.strategy.max = ${maxBackupIndex}
+log4j2.appender.karaf.strategy.fileIndex = min
+# Routing appender (log4j sift)
+log4j2.appender.routing.type = Routing
+log4j2.appender.routing.name = Routing
+log4j2.appender.routing.routes.type = Routes
+log4j2.appender.routing.routes.pattern = \$\$\\\{ctx:bundle.name\}
+log4j2.appender.routing.routes.bundle.type = Route
+log4j2.appender.routing.routes.bundle.appender.type = RollingRandomAccessFile
+log4j2.appender.routing.routes.bundle.appender.name = Bundle-\$\\\{ctx:bundle.name\}
+log4j2.appender.routing.routes.bundle.appender.fileName = ${logDirectory}/log/bundle-\$\\\{ctx:bundle.name\}.log
+log4j2.appender.routing.routes.bundle.appender.filePattern= ${logDirectory}/log/bundle-\$\\\{ctx:bundle.name\}.log.%i
+log4j2.appender.routing.routes.bundle.appender.append = true
+log4j2.appender.routing.routes.bundle.appender.layout.type = PatternLayout
+log4j2.appender.routing.routes.bundle.appender.layout.pattern = ${log4j2.pattern}
+log4j2.appender.routing.routes.bundle.appender.policies.type = Policies
+log4j2.appender.routing.routes.bundle.appender.policies.size.type = SizeBasedTriggeringPolicy
+log4j2.appender.routing.routes.bundle.appender.policies.size.size = ${maxFileSize}
+
+#ecomp logging standards
log4j2.appender.debug.type = RollingRandomAccessFile
-log4j2.appender.debug.name = DebugRollingFile
-log4j2.appender.debug.fileName = ${logDirectory}/${debugLogName}.log
-log4j2.appender.debug.filePattern = ${logDirectory}/${debugLogName}.log.%i
+log4j2.appender.debug.name = DebugFile
+log4j2.appender.debug.fileName = <%= @logDir %>/debug.log
+log4j2.appender.debug.filePattern = <%= @logDir %>/debug.log.%i
+# uncomment to not force a disk flush
+#log4j2.appender.debug.immediateFlush = false
log4j2.appender.debug.append = true
log4j2.appender.debug.layout.type = PatternLayout
-log4j2.appender.debug.layout.pattern = ${log4j2.pattern}
+log4j2.appender.debug.layout.pattern = %d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestID}|%-16.16t|%-5.5p|%-32.32c{1}|${log4j2.bundle.info}|%replace{%m}{\\R}{ }%n
log4j2.appender.debug.policies.type = Policies
log4j2.appender.debug.policies.size.type = SizeBasedTriggeringPolicy
log4j2.appender.debug.policies.size.size = ${maxFileSize}
+log4j2.appender.debug.strategy.type = DefaultRolloverStrategy
+log4j2.appender.debug.strategy.max = ${maxBackupIndex}
+log4j2.appender.debug.strategy.fileIndex = min
-#Error appender
log4j2.appender.error.type = RollingRandomAccessFile
-log4j2.appender.error.name = ErrorRollingFile
-log4j2.appender.error.fileName = ${logDirectory}/${errorLogName}.log
-log4j2.appender.error.filePattern = ${logDirectory}/${errorLogName}.log.%i
+log4j2.appender.error.name = ErrorFile
+log4j2.appender.error.fileName = <%= @logDir %>/error.log
+log4j2.appender.error.filePattern = <%= @logDir %>/error.log.%i
+# uncomment to not force a disk flush
+#log4j2.appender.error.immediateFlush = false
log4j2.appender.error.append = true
log4j2.appender.error.layout.type = PatternLayout
-log4j2.appender.error.layout.pattern = ${log4j2.pattern}
+log4j2.appender.error.layout.pattern = %d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestID}|%-16.16t|$\$\\\{ctx:ServiceName\}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%p|$\$\\\{ctx:ErrorCode\}|$\$\\\{ctx:ErrorDesc\}|%replace{%m}{\\R}{ }%ex{full}{separator(\\n)}%n
+
log4j2.appender.error.policies.type = Policies
log4j2.appender.error.policies.size.type = SizeBasedTriggeringPolicy
log4j2.appender.error.policies.size.size = ${maxFileSize}
+log4j2.appender.error.strategy.type = DefaultRolloverStrategy
+log4j2.appender.error.strategy.max = ${maxBackupIndex}
+log4j2.appender.error.strategy.fileIndex = min
+log4j2.appender.error.filter.threshold.type = ThresholdFilter
+log4j2.appender.error.filter.threshold.level = WARN
+log4j2.appender.error.filter.threshold.match = ACCEPT
+
+
+
+log4j2.appender.metric.type = RollingRandomAccessFile
+log4j2.appender.metric.name = MetricFile
+log4j2.appender.metric.fileName = <%= @logDir %>/metric.log
+log4j2.appender.metric.filePattern = <%= @logDir %>/metric.log.%i
+# uncomment to not force a disk flush
+#log4j2.appender.metric.immediateFlush = false
+log4j2.appender.metric.append = true
+log4j2.appender.metric.layout.type = PatternLayout
+log4j2.appender.metric.layout.pattern=%X{InvokeTimestamp}|%X{LogTimestamp}|%X{RequestID}|%X{ServiceInstanceID}|%-16.16t|%X{ServerFQDN}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDesc}|%X{InstanceID}|%p|%X{Severity}|<%= @hostIP %>|%X{ElapsedTime}|<%= @hostFQDN %>|%X{ClientIPAddress}|%C{1}|||%X{TargetElement}|%X{slf4j.marker}|%X|%X{currentGraph} - %X{nodeId}|${log4j2.bundle.info}|%m%n
+log4j2.appender.metric.policies.type = Policies
+log4j2.appender.metric.policies.size.type = SizeBasedTriggeringPolicy
+log4j2.appender.metric.policies.size.size = ${maxFileSize}
+log4j2.appender.metric.strategy.type = DefaultRolloverStrategy
+log4j2.appender.metric.strategy.max = 100
+log4j2.appender.metric.strategy.fileIndex = min
-#Metrics appender - not used so commented out
-#log4j2.appender.metrics.type = RollingRandomAccessFile
-#log4j2.appender.metrics.name = MetricsRollingFile
-#log4j2.appender.metrics.fileName = ${logDirectory}/${metricsLogName}.log
-#log4j2.appender.metrics.filePattern = ${logDirectory}/${metricsLogName}.log.%i
-#log4j2.appender.metrics.append = true
-#log4j2.appender.metrics.layout.type = PatternLayout
-#log4j2.appender.metrics.layout.pattern = ${log4j2.pattern}
-#log4j2.appender.metrics.policies.type = Policies
-#log4j2.appender.metrics.policies.size.type = SizeBasedTriggeringPolicy
-#log4j2.appender.metrics.policies.size.size = ${maxFileSize}
+log4j2.appender.audit.type = RollingRandomAccessFile
+log4j2.appender.audit.name = AuditFile
+log4j2.appender.audit.fileName = <%= @logDir %>/audit.log
+log4j2.appender.audit.filePattern = <%= @logDir %>/audit.log.%i
+# uncomment to not force a disk flush
+#log4j2.appender.audit.immediateFlush = false
+log4j2.appender.audit.append = true
+log4j2.appender.audit.layout.type = PatternLayout
+log4j2.appender.audit.layout.pattern=%X{EntryTimestamp}|%X{LogTimestamp}|%X{RequestID}|%X{ServiceInstanceID}|%-16.16t|%X{ServerFQDN}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDesc}|%X{InstanceID}|INFO|%X{Severity}|<%= @hostIP %>|%X{ElapsedTime}|<%= @hostFQDN %>|%X{ClientIPAddress}|%C{1}|%X{AUDIT-Unused}|%X{AUDIT-ProcessKey}|%X{slf4j.marker}|%X|%X{currentGraph} - %X{nodeId}|${log4j2.bundle.info}|%m%n
+log4j2.appender.audit.policies.type = Policies
+log4j2.appender.audit.policies.size.type = SizeBasedTriggeringPolicy
+log4j2.appender.audit.policies.size.size = ${maxFileSize}
+log4j2.appender.audit.strategy.type = DefaultRolloverStrategy
+log4j2.appender.audit.strategy.max = ${maxBackupIndex}
+log4j2.appender.audit.strategy.fileIndex = min
+
+# Loggers
+
+log4j2.logger.metric.name = org.onap.ccsdk.sli.core.filters.metric
+log4j2.logger.metric.level = INFO
+log4j2.logger.metric.additivity = false
+log4j2.logger.metric.appenderRef.MetricFile.ref = MetricFile
+
+log4j2.logger.metric2.name = org.onap.logging.filter.base.AbstractBaseMetricLogFilter
+log4j2.logger.metric2.level = INFO
+log4j2.logger.metric2.additivity = false
+log4j2.logger.metric2.appenderRef.MetricFile.ref = MetricFile
+
+log4j2.logger.audit.name = org.onap.logging.filter.base.AbstractAuditLogFilter
+log4j2.logger.audit.level = INFO
+log4j2.logger.audit.additivity = false
+log4j2.logger.audit.appenderRef.AuditFile.ref = AuditFile
+
+log4j2.logger.metric.name = org.onap.ccsdk.sli.core.filters.metric
+log4j2.logger.metric.level = INFO
+log4j2.logger.metric.additivity = false
+log4j2.logger.metric.appenderRef.MetricFile.ref = MetricFile
+
+log4j2.logger.metric2.name = org.onap.logging.filter.base.AbstractBaseMetricLogFilter
+log4j2.logger.metric2.level = INFO
+log4j2.logger.metric2.additivity = false
+log4j2.logger.metric2.appenderRef.MetricFile.ref = MetricFile
+
+log4j2.logger.audit.name = org.onap.logging.filter.base.AbstractAuditLogFilter
+log4j2.logger.audit.level = INFO
+log4j2.logger.audit.additivity = false
+log4j2.logger.audit.appenderRef.AuditFile.ref = AuditFile
+log4j2.logger.rr.name = org.onap.logging.filter.base.PayloadLoggingServletFilter
+log4j2.logger.rr.level = INFO
+log4j2.logger.rr.additivity = false
+log4j2.logger.rr.appenderRef.RequestResponseFile.ref = RequestResponseFile \ No newline at end of file
diff --git a/kubernetes/so/charts/so-appc-orchestrator/Chart.yaml b/kubernetes/so/charts/so-appc-orchestrator/Chart.yaml
new file mode 100644
index 0000000000..ab2bad332a
--- /dev/null
+++ b/kubernetes/so/charts/so-appc-orchestrator/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2020 AT&T USA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: A Helm chart for so appc orchestrator
+name: so-appc-orchestrator
+version: 6.0.0
diff --git a/kubernetes/so/charts/so-appc-orchestrator/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-appc-orchestrator/resources/config/overrides/override.yaml
new file mode 100644
index 0000000000..c897f48e4a
--- /dev/null
+++ b/kubernetes/so/charts/so-appc-orchestrator/resources/config/overrides/override.yaml
@@ -0,0 +1,57 @@
+# Copyright © 2020 AT&T USA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+server:
+ port: {{ index .Values.containerPort }}
+ tomcat:
+ max-threads: 50
+ ssl-enable: false
+mso:
+ logPath: ./logs/soappcorch
+ auth: {{ include "helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.auth.rest.aafEncrypted "value2" .Values.mso.auth )}}
+ msoKey: {{ .Values.global.app.msoKey }}
+ config:
+ {{ if eq .Values.global.security.aaf.enabled true }}
+ cadi: {{ include "cadi.keys" . | nindent 8}}
+ {{- else }}
+ cadi:
+ aafId: {{ .Values.mso.basicUser }}
+ {{- end }}
+ workflow:
+ endpoint: http://so-bpmn-infra.{{ include "common.namespace" . }}:8081/sobpmnengine
+ topics:
+ retryMultiplier: 1000
+appc:
+ client:
+ topic:
+ read:
+ name: {{ .Values.appc.client.topic.read.name }}
+ timeout: {{ .Values.appc.client.topic.read.timeout }}
+ write: {{ .Values.appc.client.topic.write }}
+ sdnc:
+ read: {{ .Values.appc.client.topic.sdnc.read }}
+ write: {{ .Values.appc.client.topic.sdnc.write }}
+ response:
+ timeout: {{ .Values.appc.client.response.timeout }}
+ key: {{ .Values.appc.client.key }}
+ secret: {{ .Values.appc.client.secret }}
+ service: ueb
+ poolMembers: message-router.{{ include "common.namespace" . }}:3904,message-router.{{ include "common.namespace" . }}:3904
+spring:
+ security:
+ usercredentials:
+ -
+ username: ${ACTUATOR_USERNAME}
+ password: ${ACTUATOR_PASSWORD}
+ role: ACTUATOR
diff --git a/kubernetes/so/charts/so-appc-orchestrator/templates/configmap.yaml b/kubernetes/so/charts/so-appc-orchestrator/templates/configmap.yaml
new file mode 100755
index 0000000000..8c0ee290ce
--- /dev/null
+++ b/kubernetes/so/charts/so-appc-orchestrator/templates/configmap.yaml
@@ -0,0 +1,41 @@
+# Copyright © 2020 AT&T USA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+data:
+ LOG_PATH: {{ index .Values.logPath }}
+ APP: {{ index .Values.app }}
+ ACTIVE_PROFILE: {{ include "helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}}
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-app-configmap
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/overrides/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/so/charts/so-appc-orchestrator/templates/deployment.yaml b/kubernetes/so/charts/so-appc-orchestrator/templates/deployment.yaml
new file mode 100644
index 0000000000..b9a39fe8c3
--- /dev/null
+++ b/kubernetes/so/charts/so-appc-orchestrator/templates/deployment.yaml
@@ -0,0 +1,83 @@
+# Copyright © 2020 AT&T USA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: apps/v1
+kind: Deployment
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+spec:
+ selector: {{- include "common.selectors" . | nindent 4 }}
+ replicas: {{ index .Values.replicaCount }}
+ minReadySeconds: {{ index .Values.minReadySeconds }}
+ strategy:
+ type: {{ index .Values.updateStrategy.type }}
+ rollingUpdate:
+ maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }}
+ maxSurge: {{ index .Values.updateStrategy.maxSurge }}
+ template:
+ metadata:
+ labels: {{- include "common.labels" . | nindent 8 }}
+ spec:
+ initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }}
+ - name: {{ include "common.name" . }}-pass-encoder
+ command:
+ - sh
+ args:
+ {{/* bcrypt plain text and convert to OpenBSD variant using sed */}}
+ - -c
+ - htpasswd -bnBC 10 "" "${ACTUATOR_PASSWORD}" | tr -d ':\n' | sed 's/\$2y/\$2a/' 1>/tmp/app/encoded;
+ env:
+ - name: ACTUATOR_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-actuator-creds" "key" "password") | indent 10 }}
+ image: {{ .Values.global.dockerHubRepository }}/{{ .Values.global.htpasswdImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - name: encoder
+ mountPath: /tmp/app
+ containers:
+ - name: {{ include "common.name" . }}
+ command:
+ - sh
+ args:
+ - -c
+ - export ACTUATOR_PASSWORD="$(cat /tmp/app/encoded)"; ./start-app.sh
+ image: {{ include "common.repository" . }}/{{ .Values.image }}
+ resources: {{ include "common.resources" . | nindent 12 }}
+ env:
+ - name: ACTUATOR_USERNAME
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-actuator-creds" "key" "login") | indent 10 }}
+ envFrom:
+ - configMapRef:
+ name: {{ include "common.fullname" . }}-configmap
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ ports: {{- include "common.containerPorts" . | nindent 10 }}
+ volumeMounts: {{ include "so.certificate.volume-mounts" . | nindent 8 }}
+ - name: logs
+ mountPath: /app/logs
+ - name: encoder
+ mountPath: /tmp/app
+ - name: config
+ mountPath: /app/config
+ readOnly: true
+{{ include "helpers.livenessProbe" .| indent 8 }}
+ volumes: {{ include "so.certificate.volumes" . | nindent 6 }}
+ - name: logs
+ emptyDir: {}
+ - name: encoder
+ emptyDir:
+ medium: Memory
+ - name: config
+ configMap:
+ name: {{ include "common.fullname" . }}-app-configmap
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aaf/charts/aaf-sms/templates/secret.yaml b/kubernetes/so/charts/so-appc-orchestrator/templates/secret.yaml
index 34932b713d..bd7eb8ea40 100644
--- a/kubernetes/aaf/charts/aaf-sms/templates/secret.yaml
+++ b/kubernetes/so/charts/so-appc-orchestrator/templates/secret.yaml
@@ -1,4 +1,3 @@
-{{/*
# Copyright © 2020 Samsung Electronics
#
# Licensed under the Apache License, Version 2.0 (the "License");
@@ -12,6 +11,5 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-*/}}
{{ include "common.secretFast" . }}
diff --git a/kubernetes/so/charts/so-appc-orchestrator/templates/service.yaml b/kubernetes/so/charts/so-appc-orchestrator/templates/service.yaml
new file mode 100644
index 0000000000..fc3e2879ce
--- /dev/null
+++ b/kubernetes/so/charts/so-appc-orchestrator/templates/service.yaml
@@ -0,0 +1,15 @@
+# Copyright © 2020 AT&T USA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{ include "common.service" . }}
diff --git a/kubernetes/so/charts/so-appc-orchestrator/values.yaml b/kubernetes/so/charts/so-appc-orchestrator/values.yaml
new file mode 100644
index 0000000000..f10873d66b
--- /dev/null
+++ b/kubernetes/so/charts/so-appc-orchestrator/values.yaml
@@ -0,0 +1,125 @@
+# Copyright © 2020 AT&T USA
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#################################################################
+# Global configuration defaults.
+#################################################################
+
+global:
+ nodePortPrefix: 302
+ nodePortPrefixExt: 304
+ repository: nexus3.onap.org:10001
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.2
+ persistence:
+ mountPath: /dockerdata-nfs
+ htpasswdImage: xmartlabs/htpasswd
+ dockerHubRepository: docker.io
+#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+ - uid: db-user-creds
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.db.userCredsExternalSecret) . }}'
+ login: '{{ .Values.db.userName }}'
+ password: '{{ .Values.db.userPassword }}'
+ passwordPolicy: required
+ - uid: db-admin-creds
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.db.adminCredsExternalSecret) . }}'
+ login: '{{ .Values.db.adminName }}'
+ password: '{{ .Values.db.adminPassword }}'
+ passwordPolicy: required
+ - uid: "so-onap-certs"
+ externalSecret: '{{ tpl (default "" .Values.certSecret) . }}'
+ type: generic
+ filePaths: '{{ .Values.secretsFilePaths }}'
+ - uid: server-actuator-creds
+ name: '{{ include "common.release" . }}-so-appc-actuator-creds'
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.server.actuatorCredsExternalSecret) . }}'
+ login: '{{ .Values.server.actuator.username }}'
+ password: '{{ .Values.server.actuator.password }}'
+ passwordPolicy: required
+
+#secretsFilePaths: |
+# - 'my file 1'
+# - '{{ include "templateThatGeneratesFileName" . }}'
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+repository: nexus3.onap.org:10001
+image: onap/so/so-appc-orchestrator:1.6.0
+pullPolicy: Always
+
+db:
+ userName: so_user
+ userPassword: so_User123
+ # userCredsExternalSecret: some secret
+ adminName: so_admin
+ adminPassword: so_Admin123
+ # adminCredsExternalSecret: some secret
+server:
+ actuator:
+ username: mso_admin
+ password: password1$
+replicaCount: 1
+minReadySeconds: 10
+containerPort: 8080
+logPath: ./logs/soappcorch
+app: appc-orchestrator
+service:
+ name: so-appc-orchestrator
+ type: ClusterIP
+ ports:
+ - port: 8080
+ name: http
+updateStrategy:
+ type: RollingUpdate
+ maxUnavailable: 1
+ maxSurge: 1
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ memory: 4Gi
+ cpu: 2000m
+ requests:
+ memory: 1Gi
+ cpu: 500m
+ large:
+ limits:
+ memory: 8Gi
+ cpu: 4000m
+ requests:
+ memory: 2Gi
+ cpu: 1000m
+ unlimited: {}
+livenessProbe:
+ path: /manage/health
+ port: 8083
+ scheme: HTTP
+ initialDelaySeconds: 600
+ periodSeconds: 60
+ timeoutSeconds: 10
+ successThreshold: 1
+ failureThreshold: 3
+ingress:
+ enabled: false
+nodeSelector: {}
+tolerations: []
+affinity: {}
diff --git a/kubernetes/so/charts/so-bpmn-infra/values.yaml b/kubernetes/so/charts/so-bpmn-infra/values.yaml
index b6ba63e051..b73032e0b7 100755
--- a/kubernetes/so/charts/so-bpmn-infra/values.yaml
+++ b/kubernetes/so/charts/so-bpmn-infra/values.yaml
@@ -57,7 +57,7 @@ secrets:
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/bpmn-infra:1.6.2
+image: onap/so/bpmn-infra:1.6.3
pullPolicy: Always
db:
diff --git a/kubernetes/so/charts/so-catalog-db-adapter/values.yaml b/kubernetes/so/charts/so-catalog-db-adapter/values.yaml
index 70d008b106..a66a869fb1 100755
--- a/kubernetes/so/charts/so-catalog-db-adapter/values.yaml
+++ b/kubernetes/so/charts/so-catalog-db-adapter/values.yaml
@@ -54,7 +54,7 @@ secrets:
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/catalog-db-adapter:1.6.2
+image: onap/so/catalog-db-adapter:1.6.3
pullPolicy: Always
db:
diff --git a/kubernetes/so/charts/so-monitoring/values.yaml b/kubernetes/so/charts/so-monitoring/values.yaml
index 1272dbdb57..fc91ee2abc 100644
--- a/kubernetes/so/charts/so-monitoring/values.yaml
+++ b/kubernetes/so/charts/so-monitoring/values.yaml
@@ -57,7 +57,7 @@ secrets:
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/so-monitoring:1.6.2
+image: onap/so/so-monitoring:1.6.3
pullPolicy: Always
db:
diff --git a/kubernetes/so/charts/so-nssmf-adapter/values.yaml b/kubernetes/so/charts/so-nssmf-adapter/values.yaml
index 7412dfa809..8a0d4e4386 100755
--- a/kubernetes/so/charts/so-nssmf-adapter/values.yaml
+++ b/kubernetes/so/charts/so-nssmf-adapter/values.yaml
@@ -69,7 +69,7 @@ secrets:
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/nssmf-adapter:1.6.2
+image: onap/so/nssmf-adapter:1.6.3
pullPolicy: Always
db:
diff --git a/kubernetes/so/charts/so-openstack-adapter/values.yaml b/kubernetes/so/charts/so-openstack-adapter/values.yaml
index e611ee301b..9f50806ede 100755
--- a/kubernetes/so/charts/so-openstack-adapter/values.yaml
+++ b/kubernetes/so/charts/so-openstack-adapter/values.yaml
@@ -51,7 +51,7 @@ secrets:
#################################################################
# Application configuration defaults.
#################################################################
-image: onap/so/openstack-adapter:1.6.2
+image: onap/so/openstack-adapter:1.6.3
pullPolicy: Always
repository: nexus3.onap.org:10001
diff --git a/kubernetes/so/charts/so-request-db-adapter/values.yaml b/kubernetes/so/charts/so-request-db-adapter/values.yaml
index 2541d0e92b..e79b57c5f9 100755
--- a/kubernetes/so/charts/so-request-db-adapter/values.yaml
+++ b/kubernetes/so/charts/so-request-db-adapter/values.yaml
@@ -52,7 +52,7 @@ secrets:
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/request-db-adapter:1.6.2
+image: onap/so/request-db-adapter:1.6.3
pullPolicy: Always
db:
diff --git a/kubernetes/so/charts/so-sdc-controller/values.yaml b/kubernetes/so/charts/so-sdc-controller/values.yaml
index 3cba4a0fd6..ee4b5f965d 100755
--- a/kubernetes/so/charts/so-sdc-controller/values.yaml
+++ b/kubernetes/so/charts/so-sdc-controller/values.yaml
@@ -52,7 +52,7 @@ secrets:
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/sdc-controller:1.6.2
+image: onap/so/sdc-controller:1.6.3
pullPolicy: Always
db:
diff --git a/kubernetes/so/charts/so-sdnc-adapter/values.yaml b/kubernetes/so/charts/so-sdnc-adapter/values.yaml
index 0ea7e69348..9337721ac0 100755
--- a/kubernetes/so/charts/so-sdnc-adapter/values.yaml
+++ b/kubernetes/so/charts/so-sdnc-adapter/values.yaml
@@ -55,7 +55,7 @@ secrets:
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/sdnc-adapter:1.6.2
+image: onap/so/sdnc-adapter:1.6.3
pullPolicy: Always
db:
diff --git a/kubernetes/so/charts/so-ve-vnfm-adapter/values.yaml b/kubernetes/so/charts/so-ve-vnfm-adapter/values.yaml
index 5f9d5842cf..69c877a228 100755
--- a/kubernetes/so/charts/so-ve-vnfm-adapter/values.yaml
+++ b/kubernetes/so/charts/so-ve-vnfm-adapter/values.yaml
@@ -37,7 +37,7 @@ secrets:
#################################################################
# Application configuration defaults.
#################################################################
-image: onap/so/ve-vnfm-adapter:1.6.2
+image: onap/so/ve-vnfm-adapter:1.6.3
pullPolicy: Always
replicaCount: 1
service:
diff --git a/kubernetes/so/charts/so-vfc-adapter/values.yaml b/kubernetes/so/charts/so-vfc-adapter/values.yaml
index d139b4968d..9128a5205e 100755
--- a/kubernetes/so/charts/so-vfc-adapter/values.yaml
+++ b/kubernetes/so/charts/so-vfc-adapter/values.yaml
@@ -52,7 +52,7 @@ secrets:
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/vfc-adapter:1.6.2
+image: onap/so/vfc-adapter:1.6.3
pullPolicy: Always
db:
diff --git a/kubernetes/so/charts/so-vnfm-adapter/values.yaml b/kubernetes/so/charts/so-vnfm-adapter/values.yaml
index 9ddc0dd835..7547096842 100755
--- a/kubernetes/so/charts/so-vnfm-adapter/values.yaml
+++ b/kubernetes/so/charts/so-vnfm-adapter/values.yaml
@@ -40,7 +40,7 @@ secrets:
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
-image: onap/so/vnfm-adapter:1.6.2
+image: onap/so/vnfm-adapter:1.6.3
pullPolicy: Always
replicaCount: 1
diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml
index a6f2c8cd7b..ad20b0f117 100755
--- a/kubernetes/so/values.yaml
+++ b/kubernetes/so/values.yaml
@@ -137,7 +137,7 @@ dbCreds:
adminName: so_admin
repository: nexus3.onap.org:10001
-image: onap/so/api-handler-infra:1.6.2
+image: onap/so/api-handler-infra:1.6.3
pullPolicy: Always
replicaCount: 1
minReadySeconds: 10
@@ -457,3 +457,35 @@ so-mariadb:
backupCredsExternalSecret: *dbBackupCredsSecretName
userCredsExternalSecret: *dbUserCredsSecretName
adminCredsExternalSecret: *dbAdminCredsSecretName
+so-appc-orchestrator:
+ certSecret: *so-certs
+ db:
+ <<: *dbSecrets
+ mso:
+ basicUser: poBpmn
+ auth: BEA8637716A7EB617DF472BA6552D22F68C1CB17B0D094D77DDA562F4ADAAC4457CAB848E1A4
+ config:
+ cadi:
+ aafId: so@so.onap.org
+ aafPassword: enc:EME-arXn2lx8PO0f2kEtyK7VVGtAGWavXorFoxRmPO9
+ apiEnforcement: org.onap.so.openStackAdapterPerm
+ noAuthn: /manage/health
+ appc:
+ client:
+ topic:
+ read:
+ name: APPC-LCM-WRITE
+ timeout: 360000
+ write: APPC-LCM-READ
+ sdnc:
+ read: SDNC-LCM-WRITE
+ write: SDNC-LCM-READ
+ response:
+ timeout: 3600000
+ key: VIlbtVl6YLhNUrtU
+ secret: 64AG2hF4pYeG2pq7CT6XwUOT
+ service: ueb
+ auth:
+ rest:
+ aaf: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo=
+ aafEncrypted: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456