diff options
Diffstat (limited to 'kubernetes/aaf/components')
102 files changed, 504 insertions, 673 deletions
diff --git a/kubernetes/aaf/components/Makefile b/kubernetes/aaf/components/Makefile index 2fc0cbe4ab..bf267b7720 100644 --- a/kubernetes/aaf/components/Makefile +++ b/kubernetes/aaf/components/Makefile @@ -18,6 +18,7 @@ PACKAGE_DIR := $(OUTPUT_DIR)/packages SECRET_DIR := $(OUTPUT_DIR)/secrets EXCLUDES := +HELM_BIN := helm HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) .PHONY: $(EXCLUDES) $(HELM_CHARTS) @@ -32,15 +33,15 @@ make-%: @if [ -f $*/Makefile ]; then make -C $*; fi dep-%: make-% - @if [ -f $*/requirements.yaml ]; then helm dep up $*; fi + @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi lint-%: dep-% - @if [ -f $*/Chart.yaml ]; then helm lint $*; fi + @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi package-%: lint-% @mkdir -p $(PACKAGE_DIR) - @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi - @helm repo index $(PACKAGE_DIR) + @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi + @$(HELM_BIN) repo index $(PACKAGE_DIR) clean: @rm -f */requirements.lock diff --git a/kubernetes/aaf/components/aaf-cass/Chart.yaml b/kubernetes/aaf/components/aaf-cass/Chart.yaml index 42b4076689..62e0b5487d 100644 --- a/kubernetes/aaf/components/aaf-cass/Chart.yaml +++ b/kubernetes/aaf/components/aaf-cass/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF cassandra name: aaf-cass -version: 6.0.0 +version: 7.0.0 diff --git a/kubernetes/aaf/components/aaf-cass/requirements.yaml b/kubernetes/aaf/components/aaf-cass/requirements.yaml index 6afaa06e8a..5e4dc93d39 100644 --- a/kubernetes/aaf/components/aaf-cass/requirements.yaml +++ b/kubernetes/aaf/components/aaf-cass/requirements.yaml @@ -14,5 +14,8 @@ dependencies: - name: common - version: ~6.x-0 + version: ~7.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 repository: '@local' diff --git a/kubernetes/aaf/components/aaf-cass/templates/deployment.yaml b/kubernetes/aaf/components/aaf-cass/templates/deployment.yaml index 309a9f38c6..461553c469 100644 --- a/kubernetes/aaf/components/aaf-cass/templates/deployment.yaml +++ b/kubernetes/aaf/components/aaf-cass/templates/deployment.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications © 2020 Orange # @@ -12,6 +13,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: apps/v1 kind: Deployment @@ -31,7 +33,7 @@ spec: - | chown -R 1000:1000 /opt/app/aaf/status chown -R 1000:1000 /var/lib/cassandra - image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}" + image: {{ include "repositoryGenerator.image.busybox" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: /var/lib/cassandra @@ -45,7 +47,7 @@ spec: memory: 100Mi containers: - name: {{ include "common.name" . }} - image: {{ include "common.repository" . }}/{{ .Values.image }} + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} # installing with cmd "onap" will not only initialize the DB, but add ONAP bootstrap data as well command: ["/bin/bash","/opt/app/aaf/cass_init/cmd.sh","onap"] diff --git a/kubernetes/aaf/components/aaf-cass/templates/service.yaml b/kubernetes/aaf/components/aaf-cass/templates/service.yaml index 8f80ee12a2..149a8708a6 100644 --- a/kubernetes/aaf/components/aaf-cass/templates/service.yaml +++ b/kubernetes/aaf/components/aaf-cass/templates/service.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications © 2020 Orange # @@ -12,5 +13,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{ include "common.service" . }} diff --git a/kubernetes/aaf/components/aaf-cass/values.yaml b/kubernetes/aaf/components/aaf-cass/values.yaml index c5e5811fd1..525674434e 100644 --- a/kubernetes/aaf/components/aaf-cass/values.yaml +++ b/kubernetes/aaf/components/aaf-cass/values.yaml @@ -14,23 +14,10 @@ # limitations under the License. global: nodePortPrefix: 302 - # Readiness image - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.2 - # Ubuntu Init image - ubuntuInitRepository: registry.hub.docker.com - ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 - # Logging image - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - # BusyBox image - busyboxRepository: registry.hub.docker.com - busyboxImage: library/busybox:1.31 persistence: enabled: true # Standard OOM pullPolicy: "Always" - repository: "nexus3.onap.org:10001" flavor: small diff --git a/kubernetes/aaf/components/aaf-cert-service/.helmignore b/kubernetes/aaf/components/aaf-cert-service/.helmignore deleted file mode 100644 index 50af031725..0000000000 --- a/kubernetes/aaf/components/aaf-cert-service/.helmignore +++ /dev/null @@ -1,22 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/kubernetes/aaf/components/aaf-cert-service/resources/certServiceClient-keystore.jks b/kubernetes/aaf/components/aaf-cert-service/resources/certServiceClient-keystore.jks Binary files differdeleted file mode 100644 index e7da9a7d44..0000000000 --- a/kubernetes/aaf/components/aaf-cert-service/resources/certServiceClient-keystore.jks +++ /dev/null diff --git a/kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.jks b/kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.jks Binary files differdeleted file mode 100644 index f47adb614f..0000000000 --- a/kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.jks +++ /dev/null diff --git a/kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.p12 b/kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.p12 Binary files differdeleted file mode 100644 index 9b90af6499..0000000000 --- a/kubernetes/aaf/components/aaf-cert-service/resources/certServiceServer-keystore.p12 +++ /dev/null diff --git a/kubernetes/aaf/components/aaf-cert-service/resources/default/cmpServers.json b/kubernetes/aaf/components/aaf-cert-service/resources/default/cmpServers.json deleted file mode 100644 index 358f2a82c7..0000000000 --- a/kubernetes/aaf/components/aaf-cert-service/resources/default/cmpServers.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "cmpv2Servers": [] -}
\ No newline at end of file diff --git a/kubernetes/aaf/components/aaf-cert-service/resources/root.crt b/kubernetes/aaf/components/aaf-cert-service/resources/root.crt deleted file mode 100644 index b5e75dadd6..0000000000 --- a/kubernetes/aaf/components/aaf-cert-service/resources/root.crt +++ /dev/null @@ -1,33 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFnjCCA4agAwIBAgIEDQtWKTANBgkqhkiG9w0BAQwFADB3MQswCQYDVQQGEwJV
-UzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuLUZyYW5jaXNjbzEZ
-MBcGA1UEChMQTGludXgtRm91bmRhdGlvbjENMAsGA1UECxMET05BUDERMA8GA1UE
-AxMIb25hcC5vcmcwHhcNMjAwNzA5MDgwNDE1WhcNMzAwNzA3MDgwNDE1WjB3MQsw
-CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuLUZy
-YW5jaXNjbzEZMBcGA1UEChMQTGludXgtRm91bmRhdGlvbjENMAsGA1UECxMET05B
-UDERMA8GA1UEAxMIb25hcC5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
-AoICAQCkxel9G29Hgy9j7cEQ0BGlPrP9s1SF3ADe7f56jTjQd/jFUsN67Da+l9Dt
-vy1yUwPnTr3krpXOHwQKplsuBDMoa0ayRhqUpp6fuSuu/zgGJOQIe7NlJh9FbYfq
-ax0nHO8qtwd+eTUCqkwVfOFZpDFwR7Ss73Z++14Em8TgFiIsTlBV1sa/xRWLT9JL
-Sqnr0tQiUJewO6sCUsis+U7kEf+QCueJAktMxR70rQcAJ2gd/zlnIaoaL4rF+MU8
-xlbEfMK/rxC6jeVm3oJu4ihjDKj1V6PDyEtzjsWQFtM+y6wgd98Kxt+0mHW3mZZ0
-+Ul0fHSE0fRNp8qEMOUKYFbCffWBrMBZaOaUy6FSnnGi8frv7WqJXNiO2lClhsN1
-2yA1HgiorhK9sXjVdwsjTmJhOdvn5sla22+QXrobNflHZHo8JhWHpZ9RbBWAZdaa
-FrEizBoDnkpdaNb2PykYjqPo8D1Y/lOSDOg32wOW50F6bZg3yyQzFe0+PsAPK/u+
-b8THRJhkbXYvcAoDQv785aXoaa0mVg+yAvz6dorchJkViaOvUlNl+DNNKGJb1hWc
-KWLU1SpH7I9QWQYGExFEzsg4Wv2ErGponSoecAm+IM23mn/fhGrwv1r/bl5WR++5
-5nUIAbPysz3yQoMllSsBBOpuSsCLo1KQqQeQxnTwFxLS0Ag2SwIDAQABozIwMDAd
-BgNVHQ4EFgQUff+Pkp90yZtYsNvFGhq6SBdL+f0wDwYDVR0TAQH/BAUwAwEB/zAN
-BgkqhkiG9w0BAQwFAAOCAgEAAWzAQxiJb+3WiXnVC0AeQ2GBnj3JNWI13WE1VJ1a
-+hsKAGHk6ACzsGfN0BiGp81Bt/4y+AinWTPI0xnuYqfJHS8/7sEvC7aSzmR0TsuM
-u7xOYCiczoEwlM2YoFt1dRWt+ve6EZgTXzBSm75to7F3HS0dZzRaEKxyOA3ONFHT
-tGgT+u7851qJQvNVwTOt54C7/PZ9Me5y98sosiGbp0USKroJbiMXHzIligp8s1uT
-+Pm581C8YTVHKciR/4fhChu+tx39ZR2p4AoJFjEvgcWqYy+sOyn+Z8sWWLoj3dFk
-xjdpSRLPI771ihGdV2JXwgzN1ei8OvUzrW1a1gLZkZ1ZWtK4rwpJteFh4YW/wuDb
-dKElfqXJITmOEO+uT4cJ5+hGa3rl6asxbEJ6vhy7SZPOzgM1uAjRT1MpBtG/ZPY5
-mOkjzNbjlNsgwJNkuXCi4+3DWNC3QNrIqm825Wdr79TM3kYGfkK/ngargA0z0KYc
-7sF6P0tGo6gLACbx+dO9KFpjBIqVaw9AUwb/IOGm1Yv+QutEISqgDQTKzT0iv2Pt
-eSkR2IzaEvH0VmBnTHoHQwrV7x10cMxhwoA1mRvdt8L+gKC91CbVirIiRGCrJabO
-GiKKZ+pD5kVi9gy7omrjw2kH6Vu4aQGySGBhzpIZ977oO9u+jaTdMHBtladqVvWd
-sIM= ------END CERTIFICATE----- diff --git a/kubernetes/aaf/components/aaf-cert-service/resources/test/cmpServers.json b/kubernetes/aaf/components/aaf-cert-service/resources/test/cmpServers.json deleted file mode 100644 index 06e1087f60..0000000000 --- a/kubernetes/aaf/components/aaf-cert-service/resources/test/cmpServers.json +++ /dev/null @@ -1,24 +0,0 @@ -{ - "cmpv2Servers": [ - { - "caName": "CLIENT", - "url": "http://ejbca:8080/ejbca/publicweb/cmp/cmp", - "issuerDN": "CN=ManagementCA", - "caMode": "CLIENT", - "authentication": { - "iak": "${CLIENT_IAK}", - "rv": "${CLIENT_RV}" - } - }, - { - "caName": "RA", - "url": "http://ejbca:8080/ejbca/publicweb/cmp/cmpRA", - "issuerDN": "CN=ManagementCA", - "caMode": "RA", - "authentication": { - "iak": "${RA_IAK}", - "rv": "${RA_RV}" - } - } - ] -}
\ No newline at end of file diff --git a/kubernetes/aaf/components/aaf-cert-service/resources/truststore.jks b/kubernetes/aaf/components/aaf-cert-service/resources/truststore.jks Binary files differdeleted file mode 100644 index 90dfcb937c..0000000000 --- a/kubernetes/aaf/components/aaf-cert-service/resources/truststore.jks +++ /dev/null diff --git a/kubernetes/aaf/components/aaf-cert-service/templates/deployment.yaml b/kubernetes/aaf/components/aaf-cert-service/templates/deployment.yaml deleted file mode 100644 index a44066461b..0000000000 --- a/kubernetes/aaf/components/aaf-cert-service/templates/deployment.yaml +++ /dev/null @@ -1,123 +0,0 @@ -# Copyright © 2020, Nokia -# Modifications Copyright © 2020, Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -{{- if .Values.global.cmpv2Enabled }} -apiVersion: apps/v1 -kind: Deployment -metadata: {{- include "common.resourceMetadata" . | nindent 2 }} -spec: - replicas: {{ .Values.replicaCount }} - selector: {{- include "common.selectors" . | nindent 4 }} - template: - metadata: {{- include "common.templateMetadata" . | nindent 6 }} - spec: - volumes: -{{- if .Values.global.addTestingComponents }} - - name: cmp-servers-template-volume - secret: - secretName: {{ .Values.cmpServers.secret.name }} - - name: {{ .Values.cmpServers.volume.name }} - emptyDir: - medium: Memory -{{- else }} - - name: {{ .Values.cmpServers.volume.name }} - secret: - secretName: {{ .Values.cmpServers.secret.name }} -{{- end }} - - name: {{ .Values.tls.server.volume.name }} - secret: - secretName: {{ .Values.tls.server.secret.name }} -{{- if .Values.global.addTestingComponents }} - initContainers: - - name: wait-for-ejbca - command: - - /root/ready.py - args: - - --container-name - - ejbca-ejbca - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - - name: subsitute-envs - image: "{{ .Values.global.envsubstImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: ['sh', '-c', "cd /config-input && envsubst < cmpServers.json > {{ .Values.cmpServers.volume.mountPath }}/cmpServers.json"] - volumeMounts: - - name: cmp-servers-template-volume - mountPath: /config-input - readOnly: true - - name: {{ .Values.cmpServers.volume.name }} - mountPath: {{ .Values.cmpServers.volume.mountPath }} - readOnly: false - env: - - name: CLIENT_IAK - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ejbca-server-client-iak" "key" "password") | indent 14 }} - - name: CLIENT_RV - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmp-config-client-rv" "key" "password") | indent 14 }} - - name: RA_IAK - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ejbca-server-ra-iak" "key" "password") | indent 14 }} - - name: RA_RV - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmp-config-ra-rv" "key" "password") | indent 14 }} -{{- end }} - containers: - - name: {{ include "common.name" . }} - image: {{ include "common.repository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: {{ include "common.containerPorts" . | nindent 10 }} - env: - - name: HTTPS_PORT - value: "{{ .Values.envs.httpsPort }}" - - name: KEYSTORE_PATH - value: "{{ .Values.tls.server.volume.mountPath }}/{{ .Values.envs.keystore.jksName }}" - - name: KEYSTORE_P12_PATH - value: "{{ .Values.tls.server.volume.mountPath }}/{{ .Values.envs.keystore.p12Name }}" - - name: TRUSTSTORE_PATH - value: "{{ .Values.tls.server.volume.mountPath }}/{{ .Values.envs.truststore.jksName }}" - - name: ROOT_CERT - value: "{{ .Values.tls.server.volume.mountPath }}/{{ .Values.envs.truststore.crtName }}" - - name: KEYSTORE_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 14 }} - - name: TRUSTSTORE_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 14 }} - livenessProbe: - exec: - command: - - /bin/bash - - -c - - {{ .Values.liveness.command }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - readinessProbe: - exec: - command: - - /bin/bash - - -c - - {{ .Values.readiness.command }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - volumeMounts: - - name: {{ .Values.cmpServers.volume.name }} - mountPath: {{ .Values.cmpServers.volume.mountPath }} - readOnly: false - - name: {{ .Values.tls.server.volume.name }} - mountPath: {{ .Values.tls.server.volume.mountPath }} - readOnly: true - resources: {{ include "common.resources" . | nindent 12 }} -{{ end -}} diff --git a/kubernetes/aaf/components/aaf-cert-service/templates/secret.yaml b/kubernetes/aaf/components/aaf-cert-service/templates/secret.yaml deleted file mode 100644 index ac92f56487..0000000000 --- a/kubernetes/aaf/components/aaf-cert-service/templates/secret.yaml +++ /dev/null @@ -1,56 +0,0 @@ -# Copyright © 2020, Nokia -# Modifications Copyright © 2020, Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -{{- if .Values.global.cmpv2Enabled }} -{{ include "common.secretFast" . }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ .Values.cmpServers.secret.name }} -type: Opaque -data: -{{ if .Values.global.addTestingComponents }} - {{ (.Files.Glob "resources/test/cmpServers.json").AsSecrets }} -{{ else }} - {{ (.Files.Glob "resources/default/cmpServers.json").AsSecrets }} -{{ end }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ .Values.global.aaf.certServiceClient.secret.name | default .Values.tls.client.secret.defaultName }} -type: Opaque -data: - certServiceClient-keystore.jks: - {{ (.Files.Glob "resources/certServiceClient-keystore.jks").AsSecrets }} - truststore.jks: - {{ (.Files.Glob "resources/truststore.jks").AsSecrets }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ .Values.tls.server.secret.name }} -type: Opaque -data: - certServiceServer-keystore.jks: - {{ (.Files.Glob "resources/certServiceServer-keystore.jks").AsSecrets }} - certServiceServer-keystore.p12: - {{ (.Files.Glob "resources/certServiceServer-keystore.p12").AsSecrets }} - truststore.jks: - {{ (.Files.Glob "resources/truststore.jks").AsSecrets }} - root.crt: - {{ (.Files.Glob "resources/root.crt").AsSecrets }} -{{ end -}}
\ No newline at end of file diff --git a/kubernetes/aaf/components/aaf-cert-service/templates/service.yaml b/kubernetes/aaf/components/aaf-cert-service/templates/service.yaml deleted file mode 100644 index 60e2afa41d..0000000000 --- a/kubernetes/aaf/components/aaf-cert-service/templates/service.yaml +++ /dev/null @@ -1,17 +0,0 @@ -# Copyright © 2020, Nokia -# Modifications Copyright © 2020, Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -{{- if .Values.global.cmpv2Enabled }} - {{ include "common.service" . }} -{{ end -}}
\ No newline at end of file diff --git a/kubernetes/aaf/components/aaf-cert-service/values.yaml b/kubernetes/aaf/components/aaf-cert-service/values.yaml deleted file mode 100644 index ee3beffd7f..0000000000 --- a/kubernetes/aaf/components/aaf-cert-service/values.yaml +++ /dev/null @@ -1,160 +0,0 @@ -# Copyright © 2020, Nokia -# Modifications Copyright © 2020, Nordix Foundation, Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Global -global: - envsubstImage: dibi/envsubst - nodePortPrefix: 302 - # Readiness image - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.2 - # Ubuntu Init image - ubuntuInitRepository: registry.hub.docker.com - ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 - # Logging image - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - # BusyBox image - busyboxRepository: registry.hub.docker.com - busyboxImage: library/busybox:1.31 - persistence: - enabled: true - # Standard OOM - pullPolicy: "Always" - repository: "nexus3.onap.org:10001" - - -# Service configuration -service: - type: ClusterIP - ports: - - name: http - port: 8443 - port_protocol: http - - -# Deployment configuration -repository: nexus3.onap.org:10001 -image: onap/org.onap.aaf.certservice.aaf-certservice-api:1.2.0 -pullPolicy: Always -replicaCount: 1 - -liveness: - initialDelaySeconds: 60 - periodSeconds: 10 - command: curl https://localhost:$HTTPS_PORT/actuator/health --cacert $ROOT_CERT --cert-type p12 --cert $KEYSTORE_P12_PATH --pass $KEYSTORE_PASSWORD -readiness: - initialDelaySeconds: 30 - periodSeconds: 10 - command: curl https://localhost:$HTTPS_PORT/ready --cacert $ROOT_CERT --cert-type p12 --cert $KEYSTORE_P12_PATH --pass $KEYSTORE_PASSWORD - -flavor: small -resources: - small: - limits: - cpu: 0.5 - memory: 1Gi - requests: - cpu: 0.2 - memory: 512Mi - large: - limits: - cpu: 1 - memory: 2Gi - requests: - cpu: 0.4 - memory: 1Gi - unlimited: {} - - -# Application configuration -cmpServers: - secret: - name: aaf-cert-service-secret - volume: - name: aaf-cert-service-volume - mountPath: /etc/onap/aaf/certservice - -tls: - server: - secret: - name: aaf-cert-service-server-tls-secret - volume: - name: aaf-cert-service-server-tls-volume - mountPath: /etc/onap/aaf/certservice/certs/ - client: - secret: - defaultName: aaf-cert-service-client-tls-secret - -envs: - keystore: - jksName: certServiceServer-keystore.jks - p12Name: certServiceServer-keystore.p12 - truststore: - jksName: truststore.jks - crtName: root.crt - httpsPort: 8443 - -# External secrets with credentials can be provided to override default credentials defined below, -# by uncommenting and filling appropriate *ExternalSecret value -credentials: - tls: - keystorePassword: secret - truststorePassword: secret - #keystorePasswordExternalSecret: - #truststorePasswordExternalSecret: - # Below cmp values contain credentials for EJBCA test instance and are relevant only if global addTestingComponents flag is enabled - cmp: - #clientIakExternalSecret: - #clientRvExternalSecret: - #raIakExternalSecret: - #raRvExternalSecret: - client: {} - # iak: mypassword - # rv: unused - ra: {} - # iak: mypassword - # rv: unused - -secrets: - - uid: keystore-password - name: '{{ include "common.release" . }}-keystore-password' - type: password - externalSecret: '{{ tpl (default "" .Values.credentials.tls.keystorePasswordExternalSecret) . }}' - password: '{{ .Values.credentials.tls.keystorePassword }}' - passwordPolicy: required - - uid: truststore-password - name: '{{ include "common.release" . }}-truststore-password' - type: password - externalSecret: '{{ tpl (default "" .Values.credentials.tls.truststorePasswordExternalSecret) . }}' - password: '{{ .Values.credentials.tls.truststorePassword }}' - passwordPolicy: required - # Below values are relevant only if global addTestingComponents flag is enabled - - uid: ejbca-server-client-iak - type: password - externalSecret: '{{ tpl (default "" .Values.credentials.cmp.clientIakExternalSecret) . }}' - password: '{{ .Values.credentials.cmp.client.iak }}' - - uid: cmp-config-client-rv - type: password - externalSecret: '{{ tpl (default "" .Values.credentials.cmp.clientRvExternalSecret) . }}' - password: '{{ .Values.credentials.cmp.client.rv }}' - - uid: ejbca-server-ra-iak - type: password - externalSecret: '{{ tpl (default "" .Values.credentials.cmp.raIakExternalSecret) . }}' - password: '{{ .Values.credentials.cmp.ra.iak }}' - - uid: cmp-config-ra-rv - type: password - externalSecret: '{{ tpl (default "" .Values.credentials.cmp.raRvExternalSecret) . }}' - password: '{{ .Values.credentials.cmp.ra.rv }}' diff --git a/kubernetes/aaf/components/aaf-cm/Chart.yaml b/kubernetes/aaf/components/aaf-cm/Chart.yaml index ed453f7ac7..e674facdeb 100644 --- a/kubernetes/aaf/components/aaf-cm/Chart.yaml +++ b/kubernetes/aaf/components/aaf-cm/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP AAF Certificate Manager name: aaf-cm -version: 6.0.0 +version: 7.0.0 diff --git a/kubernetes/aaf/components/aaf-cm/requirements.yaml b/kubernetes/aaf/components/aaf-cm/requirements.yaml index 08ef7fe836..85e9d72488 100644 --- a/kubernetes/aaf/components/aaf-cm/requirements.yaml +++ b/kubernetes/aaf/components/aaf-cm/requirements.yaml @@ -14,8 +14,11 @@ dependencies: - name: common - version: ~6.x-0 + version: ~7.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 repository: '@local' - name: aaf-templates - version: ~6.x-0 + version: ~7.x-0 repository: 'file://../aaf-templates' diff --git a/kubernetes/aaf/components/aaf-cm/templates/deployment.yaml b/kubernetes/aaf/components/aaf-cm/templates/deployment.yaml index 5074c8bc08..656aa1746d 100644 --- a/kubernetes/aaf/components/aaf-cm/templates/deployment.yaml +++ b/kubernetes/aaf/components/aaf-cm/templates/deployment.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2017 Amdocs # Modifications © 2020 Orange # @@ -12,5 +13,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{ include "aaf.deployment" . }} diff --git a/kubernetes/aaf/components/aaf-cm/templates/service.yaml b/kubernetes/aaf/components/aaf-cm/templates/service.yaml index e54c4f3057..ea95e44497 100644 --- a/kubernetes/aaf/components/aaf-cm/templates/service.yaml +++ b/kubernetes/aaf/components/aaf-cm/templates/service.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2017 Amdocs, Orange # Modifications © 2020 Orange # @@ -12,5 +13,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{ include "common.service" . }} diff --git a/kubernetes/aaf/components/aaf-cm/values.yaml b/kubernetes/aaf/components/aaf-cm/values.yaml index 0997c7db41..964b5c1002 100644 --- a/kubernetes/aaf/components/aaf-cm/values.yaml +++ b/kubernetes/aaf/components/aaf-cm/values.yaml @@ -15,25 +15,13 @@ global: nodePortPrefix: 302 - # Readiness image - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.2 - # Ubuntu Init image - ubuntuInitRepository: registry.hub.docker.com - ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 - # Logging image - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - # BusyBox image - busyboxRepository: registry.hub.docker.com - busyboxImage: library/busybox:1.31 persistence: enabled: true # Standard OOM pullPolicy: "Always" - repository: "nexus3.onap.org:10001" aaf: + image: onap/aaf/aaf_core:2.1.23 config: image: onap/aaf/aaf_config:2.1.23 diff --git a/kubernetes/aaf/components/aaf-fs/Chart.yaml b/kubernetes/aaf/components/aaf-fs/Chart.yaml index 211c4c28de..df15819aa9 100644 --- a/kubernetes/aaf/components/aaf-fs/Chart.yaml +++ b/kubernetes/aaf/components/aaf-fs/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF File Server name: aaf-fs -version: 6.0.0
\ No newline at end of file +version: 7.0.0
\ No newline at end of file diff --git a/kubernetes/aaf/components/aaf-fs/requirements.yaml b/kubernetes/aaf/components/aaf-fs/requirements.yaml index 08ef7fe836..85e9d72488 100644 --- a/kubernetes/aaf/components/aaf-fs/requirements.yaml +++ b/kubernetes/aaf/components/aaf-fs/requirements.yaml @@ -14,8 +14,11 @@ dependencies: - name: common - version: ~6.x-0 + version: ~7.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 repository: '@local' - name: aaf-templates - version: ~6.x-0 + version: ~7.x-0 repository: 'file://../aaf-templates' diff --git a/kubernetes/aaf/components/aaf-fs/templates/deployment.yaml b/kubernetes/aaf/components/aaf-fs/templates/deployment.yaml index c36750809c..5d40538e49 100644 --- a/kubernetes/aaf/components/aaf-fs/templates/deployment.yaml +++ b/kubernetes/aaf/components/aaf-fs/templates/deployment.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2017 Amdocs, Orange # Modifications © 2020 Orange # @@ -12,5 +13,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{ include "aaf.deployment" . }} diff --git a/kubernetes/aaf/components/aaf-fs/templates/service.yaml b/kubernetes/aaf/components/aaf-fs/templates/service.yaml index e54c4f3057..ea95e44497 100644 --- a/kubernetes/aaf/components/aaf-fs/templates/service.yaml +++ b/kubernetes/aaf/components/aaf-fs/templates/service.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2017 Amdocs, Orange # Modifications © 2020 Orange # @@ -12,5 +13,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{ include "common.service" . }} diff --git a/kubernetes/aaf/components/aaf-fs/values.yaml b/kubernetes/aaf/components/aaf-fs/values.yaml index 9bffb95724..e911a10828 100644 --- a/kubernetes/aaf/components/aaf-fs/values.yaml +++ b/kubernetes/aaf/components/aaf-fs/values.yaml @@ -15,25 +15,13 @@ global: nodePortPrefix: 302 - # Readiness image - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.2 - # Ubuntu Init image - ubuntuInitRepository: registry.hub.docker.com - ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 - # Logging image - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - # BusyBox image - busyboxRepository: registry.hub.docker.com - busyboxImage: library/busybox:1.31 persistence: enabled: true # Standard OOM pullPolicy: "Always" - repository: "nexus3.onap.org:10001" aaf: + image: onap/aaf/aaf_core:2.1.23 config: image: onap/aaf/aaf_config:2.1.23 diff --git a/kubernetes/aaf/components/aaf-gui/Chart.yaml b/kubernetes/aaf/components/aaf-gui/Chart.yaml index 7e81a70759..2eb6c7e2e7 100644 --- a/kubernetes/aaf/components/aaf-gui/Chart.yaml +++ b/kubernetes/aaf/components/aaf-gui/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF GUI name: aaf-gui -version: 6.0.0
\ No newline at end of file +version: 7.0.0
\ No newline at end of file diff --git a/kubernetes/aaf/components/aaf-gui/requirements.yaml b/kubernetes/aaf/components/aaf-gui/requirements.yaml index 08ef7fe836..85e9d72488 100644 --- a/kubernetes/aaf/components/aaf-gui/requirements.yaml +++ b/kubernetes/aaf/components/aaf-gui/requirements.yaml @@ -14,8 +14,11 @@ dependencies: - name: common - version: ~6.x-0 + version: ~7.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 repository: '@local' - name: aaf-templates - version: ~6.x-0 + version: ~7.x-0 repository: 'file://../aaf-templates' diff --git a/kubernetes/aaf/components/aaf-gui/templates/deployment.yaml b/kubernetes/aaf/components/aaf-gui/templates/deployment.yaml index c36750809c..5d40538e49 100644 --- a/kubernetes/aaf/components/aaf-gui/templates/deployment.yaml +++ b/kubernetes/aaf/components/aaf-gui/templates/deployment.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2017 Amdocs, Orange # Modifications © 2020 Orange # @@ -12,5 +13,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{ include "aaf.deployment" . }} diff --git a/kubernetes/aaf/components/aaf-gui/templates/service.yaml b/kubernetes/aaf/components/aaf-gui/templates/service.yaml index e54c4f3057..ea95e44497 100644 --- a/kubernetes/aaf/components/aaf-gui/templates/service.yaml +++ b/kubernetes/aaf/components/aaf-gui/templates/service.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2017 Amdocs, Orange # Modifications © 2020 Orange # @@ -12,5 +13,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{ include "common.service" . }} diff --git a/kubernetes/aaf/components/aaf-gui/values.yaml b/kubernetes/aaf/components/aaf-gui/values.yaml index 8639d6c0f0..e239e615ed 100644 --- a/kubernetes/aaf/components/aaf-gui/values.yaml +++ b/kubernetes/aaf/components/aaf-gui/values.yaml @@ -15,25 +15,13 @@ global: nodePortPrefix: 302 - # Readiness image - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.2 - # Ubuntu Init image - ubuntuInitRepository: registry.hub.docker.com - ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 - # Logging image - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - # BusyBox image - busyboxRepository: registry.hub.docker.com - busyboxImage: library/busybox:1.31 persistence: enabled: true # Standard OOM pullPolicy: "Always" - repository: "nexus3.onap.org:10001" aaf: + image: onap/aaf/aaf_core:2.1.23 config: image: onap/aaf/aaf_config:2.1.23 diff --git a/kubernetes/aaf/components/aaf-hello/Chart.yaml b/kubernetes/aaf/components/aaf-hello/Chart.yaml index 71b3242558..0b11b2f59d 100644 --- a/kubernetes/aaf/components/aaf-hello/Chart.yaml +++ b/kubernetes/aaf/components/aaf-hello/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF Hello name: aaf-hello -version: 6.0.0
\ No newline at end of file +version: 7.0.0
\ No newline at end of file diff --git a/kubernetes/aaf/components/aaf-hello/requirements.yaml b/kubernetes/aaf/components/aaf-hello/requirements.yaml index 08ef7fe836..85e9d72488 100644 --- a/kubernetes/aaf/components/aaf-hello/requirements.yaml +++ b/kubernetes/aaf/components/aaf-hello/requirements.yaml @@ -14,8 +14,11 @@ dependencies: - name: common - version: ~6.x-0 + version: ~7.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 repository: '@local' - name: aaf-templates - version: ~6.x-0 + version: ~7.x-0 repository: 'file://../aaf-templates' diff --git a/kubernetes/aaf/components/aaf-hello/templates/deployment.yaml b/kubernetes/aaf/components/aaf-hello/templates/deployment.yaml index 891b829f43..60e7c6bcc8 100644 --- a/kubernetes/aaf/components/aaf-hello/templates/deployment.yaml +++ b/kubernetes/aaf/components/aaf-hello/templates/deployment.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications © 2020 Orange # @@ -12,6 +13,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: apps/v1 kind: Deployment metadata: {{- include "common.resourceMetadata" . | nindent 2 }} @@ -26,7 +28,7 @@ spec: containers: - name: {{ include "common.name" . }} command: ["bash","-c","cd /opt/app/aaf && if [ ! -d /opt/app/osaaf/etc ]; then cp -Rf etc logs /opt/app/osaaf; fi && exec bin/hello"] - image: {{ .Values.global.repository }}/{{.Values.image }} + image: {{ include "repositoryGenerator.repository" . }}/{{.Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: {{ include "common.containerPorts" . | nindent 10 }} volumeMounts: {{ include "common.aaf-config-volume-mountpath" . | nindent 8 }} diff --git a/kubernetes/aaf/components/aaf-hello/templates/secret.yaml b/kubernetes/aaf/components/aaf-hello/templates/secret.yaml index f8c32e0670..9a3f011e80 100644 --- a/kubernetes/aaf/components/aaf-hello/templates/secret.yaml +++ b/kubernetes/aaf/components/aaf-hello/templates/secret.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,5 +12,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{ include "common.secretFast" . }} diff --git a/kubernetes/aaf/components/aaf-hello/templates/service.yaml b/kubernetes/aaf/components/aaf-hello/templates/service.yaml index 8f80ee12a2..149a8708a6 100644 --- a/kubernetes/aaf/components/aaf-hello/templates/service.yaml +++ b/kubernetes/aaf/components/aaf-hello/templates/service.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications © 2020 Orange # @@ -12,5 +13,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{ include "common.service" . }} diff --git a/kubernetes/aaf/components/aaf-locate/Chart.yaml b/kubernetes/aaf/components/aaf-locate/Chart.yaml index 3133191280..ab8443c4d2 100644 --- a/kubernetes/aaf/components/aaf-locate/Chart.yaml +++ b/kubernetes/aaf/components/aaf-locate/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF Locate name: aaf-locate -version: 6.0.0
\ No newline at end of file +version: 7.0.0
\ No newline at end of file diff --git a/kubernetes/aaf/components/aaf-locate/requirements.yaml b/kubernetes/aaf/components/aaf-locate/requirements.yaml index 08ef7fe836..85e9d72488 100644 --- a/kubernetes/aaf/components/aaf-locate/requirements.yaml +++ b/kubernetes/aaf/components/aaf-locate/requirements.yaml @@ -14,8 +14,11 @@ dependencies: - name: common - version: ~6.x-0 + version: ~7.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 repository: '@local' - name: aaf-templates - version: ~6.x-0 + version: ~7.x-0 repository: 'file://../aaf-templates' diff --git a/kubernetes/aaf/components/aaf-locate/templates/deployment.yaml b/kubernetes/aaf/components/aaf-locate/templates/deployment.yaml index 5074c8bc08..656aa1746d 100644 --- a/kubernetes/aaf/components/aaf-locate/templates/deployment.yaml +++ b/kubernetes/aaf/components/aaf-locate/templates/deployment.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2017 Amdocs # Modifications © 2020 Orange # @@ -12,5 +13,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{ include "aaf.deployment" . }} diff --git a/kubernetes/aaf/components/aaf-locate/templates/service.yaml b/kubernetes/aaf/components/aaf-locate/templates/service.yaml index e54c4f3057..ea95e44497 100644 --- a/kubernetes/aaf/components/aaf-locate/templates/service.yaml +++ b/kubernetes/aaf/components/aaf-locate/templates/service.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2017 Amdocs, Orange # Modifications © 2020 Orange # @@ -12,5 +13,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{ include "common.service" . }} diff --git a/kubernetes/aaf/components/aaf-locate/values.yaml b/kubernetes/aaf/components/aaf-locate/values.yaml index 7bcf10dabb..0a3e4d432b 100644 --- a/kubernetes/aaf/components/aaf-locate/values.yaml +++ b/kubernetes/aaf/components/aaf-locate/values.yaml @@ -15,25 +15,13 @@ global: nodePortPrefix: 302 - # Readiness image - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.2 - # Ubuntu Init image - ubuntuInitRepository: registry.hub.docker.com - ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 - # Logging image - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - # BusyBox image - busyboxRepository: registry.hub.docker.com - busyboxImage: library/busybox:1.31 persistence: enabled: true # Standard OOM pullPolicy: "Always" - repository: "nexus3.onap.org:10001" aaf: + image: onap/aaf/aaf_core:2.1.23 config: image: onap/aaf/aaf_config:2.1.23 diff --git a/kubernetes/aaf/components/aaf-oauth/Chart.yaml b/kubernetes/aaf/components/aaf-oauth/Chart.yaml index a64a17c7b1..ac76618c64 100644 --- a/kubernetes/aaf/components/aaf-oauth/Chart.yaml +++ b/kubernetes/aaf/components/aaf-oauth/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF OAuth name: aaf-oauth -version: 6.0.0
\ No newline at end of file +version: 7.0.0
\ No newline at end of file diff --git a/kubernetes/aaf/components/aaf-oauth/requirements.yaml b/kubernetes/aaf/components/aaf-oauth/requirements.yaml index 08ef7fe836..85e9d72488 100644 --- a/kubernetes/aaf/components/aaf-oauth/requirements.yaml +++ b/kubernetes/aaf/components/aaf-oauth/requirements.yaml @@ -14,8 +14,11 @@ dependencies: - name: common - version: ~6.x-0 + version: ~7.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 repository: '@local' - name: aaf-templates - version: ~6.x-0 + version: ~7.x-0 repository: 'file://../aaf-templates' diff --git a/kubernetes/aaf/components/aaf-oauth/templates/deployment.yaml b/kubernetes/aaf/components/aaf-oauth/templates/deployment.yaml index 5074c8bc08..656aa1746d 100644 --- a/kubernetes/aaf/components/aaf-oauth/templates/deployment.yaml +++ b/kubernetes/aaf/components/aaf-oauth/templates/deployment.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2017 Amdocs # Modifications © 2020 Orange # @@ -12,5 +13,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{ include "aaf.deployment" . }} diff --git a/kubernetes/aaf/components/aaf-oauth/templates/service.yaml b/kubernetes/aaf/components/aaf-oauth/templates/service.yaml index e54c4f3057..ea95e44497 100644 --- a/kubernetes/aaf/components/aaf-oauth/templates/service.yaml +++ b/kubernetes/aaf/components/aaf-oauth/templates/service.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2017 Amdocs, Orange # Modifications © 2020 Orange # @@ -12,5 +13,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{ include "common.service" . }} diff --git a/kubernetes/aaf/components/aaf-oauth/values.yaml b/kubernetes/aaf/components/aaf-oauth/values.yaml index 8771041778..2e9b6d42fa 100644 --- a/kubernetes/aaf/components/aaf-oauth/values.yaml +++ b/kubernetes/aaf/components/aaf-oauth/values.yaml @@ -15,25 +15,13 @@ global: nodePortPrefix: 302 - # Readiness image - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.2 - # Ubuntu Init image - ubuntuInitRepository: registry.hub.docker.com - ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 - # Logging image - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - # BusyBox image - busyboxRepository: registry.hub.docker.com - busyboxImage: library/busybox:1.31 persistence: enabled: true # Standard OOM pullPolicy: "Always" - repository: "nexus3.onap.org:10001" aaf: + image: onap/aaf/aaf_core:2.1.23 config: image: onap/aaf/aaf_config:2.1.23 diff --git a/kubernetes/aaf/components/aaf-service/Chart.yaml b/kubernetes/aaf/components/aaf-service/Chart.yaml index 187e33ac6f..9bf1a88b04 100644 --- a/kubernetes/aaf/components/aaf-service/Chart.yaml +++ b/kubernetes/aaf/components/aaf-service/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP AAF Service name: aaf-service -version: 6.0.0 +version: 7.0.0 diff --git a/kubernetes/aaf/components/aaf-service/requirements.yaml b/kubernetes/aaf/components/aaf-service/requirements.yaml index 08ef7fe836..85e9d72488 100644 --- a/kubernetes/aaf/components/aaf-service/requirements.yaml +++ b/kubernetes/aaf/components/aaf-service/requirements.yaml @@ -14,8 +14,11 @@ dependencies: - name: common - version: ~6.x-0 + version: ~7.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 repository: '@local' - name: aaf-templates - version: ~6.x-0 + version: ~7.x-0 repository: 'file://../aaf-templates' diff --git a/kubernetes/aaf/components/aaf-service/templates/deployment.yaml b/kubernetes/aaf/components/aaf-service/templates/deployment.yaml index 5074c8bc08..656aa1746d 100644 --- a/kubernetes/aaf/components/aaf-service/templates/deployment.yaml +++ b/kubernetes/aaf/components/aaf-service/templates/deployment.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2017 Amdocs # Modifications © 2020 Orange # @@ -12,5 +13,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{ include "aaf.deployment" . }} diff --git a/kubernetes/aaf/components/aaf-service/templates/service.yaml b/kubernetes/aaf/components/aaf-service/templates/service.yaml index e54c4f3057..ea95e44497 100644 --- a/kubernetes/aaf/components/aaf-service/templates/service.yaml +++ b/kubernetes/aaf/components/aaf-service/templates/service.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2017 Amdocs, Orange # Modifications © 2020 Orange # @@ -12,5 +13,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{ include "common.service" . }} diff --git a/kubernetes/aaf/components/aaf-service/values.yaml b/kubernetes/aaf/components/aaf-service/values.yaml index d924bb4f54..8d8da0db4a 100644 --- a/kubernetes/aaf/components/aaf-service/values.yaml +++ b/kubernetes/aaf/components/aaf-service/values.yaml @@ -15,25 +15,13 @@ global: nodePortPrefix: 302 - # Readiness image - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.2 - # Ubuntu Init image - ubuntuInitRepository: registry.hub.docker.com - ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 - # Logging image - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - # BusyBox image - busyboxRepository: registry.hub.docker.com - busyboxImage: library/busybox:1.31 persistence: enabled: true # Standard OOM pullPolicy: "Always" - repository: "nexus3.onap.org:10001" aaf: + image: onap/aaf/aaf_core:2.1.23 config: image: onap/aaf/aaf_config:2.1.23 diff --git a/kubernetes/aaf/components/aaf-sms/Chart.yaml b/kubernetes/aaf/components/aaf-sms/Chart.yaml index 557894f456..0d8cef7684 100644 --- a/kubernetes/aaf/components/aaf-sms/Chart.yaml +++ b/kubernetes/aaf/components/aaf-sms/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Secret Management Service name: aaf-sms -version: 6.0.0 +version: 7.0.0 diff --git a/kubernetes/aaf/components/aaf-sms/Makefile b/kubernetes/aaf/components/aaf-sms/Makefile new file mode 100644 index 0000000000..4c79718d02 --- /dev/null +++ b/kubernetes/aaf/components/aaf-sms/Makefile @@ -0,0 +1,51 @@ +# Copyright © 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) +OUTPUT_DIR := $(ROOT_DIR)/../dist +PACKAGE_DIR := $(OUTPUT_DIR)/packages +SECRET_DIR := $(OUTPUT_DIR)/secrets + +EXCLUDES := dist resources templates charts docker +HELM_BIN := helm +HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) + +.PHONY: $(EXCLUDES) $(HELM_CHARTS) + +all: $(HELM_CHARTS) + +$(HELM_CHARTS): + @echo "\n[$@]" + @make package-$@ + +make-%: + @if [ -f $*/Makefile ]; then make -C $*; fi + +dep-%: make-% + @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi + +lint-%: dep-% + @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi + +package-%: lint-% + @mkdir -p $(PACKAGE_DIR) + @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi + @$(HELM_BIN) repo index $(PACKAGE_DIR) + +clean: + @rm -f */requirements.lock + @rm -f *tgz */charts/*tgz + @rm -rf $(PACKAGE_DIR) +%: + @: diff --git a/kubernetes/aaf/components/aaf-sms/components/Makefile b/kubernetes/aaf/components/aaf-sms/components/Makefile new file mode 100644 index 0000000000..bf267b7720 --- /dev/null +++ b/kubernetes/aaf/components/aaf-sms/components/Makefile @@ -0,0 +1,51 @@ +# Copyright © 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) +OUTPUT_DIR := $(ROOT_DIR)/../../dist +PACKAGE_DIR := $(OUTPUT_DIR)/packages +SECRET_DIR := $(OUTPUT_DIR)/secrets + +EXCLUDES := +HELM_BIN := helm +HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) + +.PHONY: $(EXCLUDES) $(HELM_CHARTS) + +all: $(HELM_CHARTS) + +$(HELM_CHARTS): + @echo "\n[$@]" + @make package-$@ + +make-%: + @if [ -f $*/Makefile ]; then make -C $*; fi + +dep-%: make-% + @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi + +lint-%: dep-% + @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi + +package-%: lint-% + @mkdir -p $(PACKAGE_DIR) + @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi + @$(HELM_BIN) repo index $(PACKAGE_DIR) + +clean: + @rm -f */requirements.lock + @rm -f *tgz */charts/*tgz + @rm -rf $(PACKAGE_DIR) +%: + @: diff --git a/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/Chart.yaml index 2dc3d49b66..f06d82da2c 100644 --- a/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml +++ b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Secret Management Service Quorum Client name: aaf-sms-quorumclient -version: 6.0.0 +version: 7.0.0 diff --git a/kubernetes/aaf/components/aaf-cert-service/requirements.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/requirements.yaml index 6afaa06e8a..f1f5e645c9 100644 --- a/kubernetes/aaf/components/aaf-cert-service/requirements.yaml +++ b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/requirements.yaml @@ -12,7 +12,10 @@ # See the License for the specific language governing permissions and # limitations under the License. - dependencies: +dependencies: - name: common - version: ~6.x-0 + version: ~7.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 repository: '@local' diff --git a/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/resources/config/config.json b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/resources/config/config.json index 3a43f00019..3a43f00019 100644 --- a/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/resources/config/config.json +++ b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/resources/config/config.json diff --git a/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/templates/configmap.yaml index 02f1080f29..471c9094aa 100644 --- a/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml +++ b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/templates/configmap.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright 2018 Intel Corporation, Inc # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/templates/pv.yaml index d855ae6fdf..d855ae6fdf 100644 --- a/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml +++ b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/templates/pv.yaml diff --git a/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/templates/statefulset.yaml index bf1179d49a..0e9e66dc47 100644 --- a/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml +++ b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/templates/statefulset.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright 2018 Intel Corporation, Inc # Modifications © 2020 AT&T # @@ -12,6 +13,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: apps/v1 kind: StatefulSet @@ -28,7 +30,7 @@ spec: selector: matchLabels: app: {{ include "common.name" . }} - serviceName: + serviceName: {{ include "common.servicename" . }} template: metadata: labels: @@ -47,14 +49,14 @@ spec: - | chmod -R 775 /quorumclient/auth chown -R 100:1000 /quorumclient/auth - image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}" + image: {{ include "repositoryGenerator.image.busybox" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: /quorumclient/auth name: {{ include "common.fullname" . }}-data {{- end }} containers: - - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} name: {{ include "common.name" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["/quorumclient/bin/quorumclient"] diff --git a/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/values.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/values.yaml index 1459624536..d41d31ce82 100644 --- a/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-quorumclient/values.yaml +++ b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-quorumclient/values.yaml @@ -23,7 +23,6 @@ global: # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 image: onap/aaf/smsquorumclient:4.0.2 pullPolicy: Always @@ -39,6 +38,9 @@ nodeSelector: {} affinity: {} +service: + name: aaf-sms + persistence: enabled: true volumeReclaimPolicy: Retain diff --git a/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/Chart.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/Chart.yaml index 074958ff70..19ece7bf69 100644 --- a/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/Chart.yaml +++ b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: Chart to launch Vault as SMS backend name: aaf-sms-vault appVersion: 0.9.5 -version: 6.0.0 +version: 7.0.0 diff --git a/kubernetes/aaf/components/aaf-cert-service/Chart.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/requirements.yaml index 525b2ac4b6..f1f5e645c9 100644 --- a/kubernetes/aaf/components/aaf-cert-service/Chart.yaml +++ b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/requirements.yaml @@ -1,4 +1,4 @@ -# Copyright © 2020 Nokia + # Copyright © 2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,7 +12,10 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: v1 -description: ONAP AAF Cert Service -name: aaf-cert-service -version: 6.0.0 +dependencies: + - name: common + version: ~7.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 + repository: '@local' diff --git a/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/configmap.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/templates/configmap.yaml index 2c70c23e03..0d09221644 100644 --- a/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/configmap.yaml +++ b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/templates/configmap.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright 2018 Intel Corporation, Inc # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/templates/pv.yaml index d855ae6fdf..d855ae6fdf 100644 --- a/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml +++ b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/templates/pv.yaml diff --git a/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/service.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/templates/service.yaml index a3a7591b02..b642e39540 100644 --- a/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/service.yaml +++ b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/templates/service.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright 2018 Intel Corporation, Inc # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: v1 kind: Service diff --git a/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/templates/statefulset.yaml index 45bf399437..994e1555d3 100644 --- a/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml +++ b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/templates/statefulset.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright 2018 Intel Corporation, Inc # Modifications © 2020 AT&T # @@ -12,6 +13,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: apps/v1 kind: StatefulSet @@ -28,7 +30,7 @@ spec: selector: matchLabels: app: {{ include "common.name" . }} - serviceName: + serviceName: {{ include "common.servicename" . }} template: metadata: labels: @@ -45,14 +47,14 @@ spec: - | chmod -R 775 /consul/data chown -R 100:1000 /consul/data - image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}" + image: {{ include "repositoryGenerator.image.busybox" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: /consul/data name: {{ include "common.fullname" . }}-data {{- end }} containers: - - image: "{{ include "common.repository" . }}/{{ .Values.image.vault }}" + - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.vault }} name: {{ include "common.name" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} args: ["server"] @@ -67,7 +69,7 @@ spec: readOnly: true resources: {{ include "common.resources" . | indent 10 }} - - image: "{{ include "common.repository" . }}/{{ .Values.image.consul }}" + - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image.consul }} name: {{ include "common.name" . }}-backend imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} args: ["agent","-server","-bind","0.0.0.0","-bootstrap-expect=1","-config-file","/consul/config/config.json"] diff --git a/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/values.yaml b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/values.yaml index 7787f0b85d..750363c8f4 100644 --- a/kubernetes/aaf/components/aaf-sms/charts/aaf-sms-vault/values.yaml +++ b/kubernetes/aaf/components/aaf-sms/components/aaf-sms-vault/values.yaml @@ -20,7 +20,6 @@ global: persistence: {} # application image -repository: nexus3.onap.org:10001 image: consul: library/consul:1.7.1 vault: library/vault:1.3.3 diff --git a/kubernetes/aaf/components/aaf-sms/requirements.yaml b/kubernetes/aaf/components/aaf-sms/requirements.yaml index 7152c37ff0..95bdb6e69f 100644 --- a/kubernetes/aaf/components/aaf-sms/requirements.yaml +++ b/kubernetes/aaf/components/aaf-sms/requirements.yaml @@ -14,8 +14,17 @@ dependencies: - name: common - version: ~6.x-0 + version: ~7.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 repository: '@local' - name: certInitializer - version: ~6.x-0 + version: ~7.x-0 repository: '@local' + - name: aaf-sms-quorumclient + version: ~7.x-0 + repository: 'file://components/aaf-sms-quorumclient' + - name: aaf-sms-vault + version: ~7.x-0 + repository: 'file://components/aaf-sms-vault' diff --git a/kubernetes/aaf/components/aaf-sms/templates/deployment.yaml b/kubernetes/aaf/components/aaf-sms/templates/deployment.yaml index 2d3b641659..cfe54cf07b 100644 --- a/kubernetes/aaf/components/aaf-sms/templates/deployment.yaml +++ b/kubernetes/aaf/components/aaf-sms/templates/deployment.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright 2018 Intel Corporation, Inc # Modifications © 2020 AT&T # @@ -12,6 +13,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: apps/v1 kind: Deployment @@ -45,7 +47,7 @@ spec: - -c - | cat /int-certs/intermediate_root_ca.pem >> {{ .Values.certInitializer.mountPath }}/local/org.onap.aaf-sms.crt - image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}" + image: {{ include "repositoryGenerator.image.busybox" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 12 }} - mountPath: /int-certs @@ -60,16 +62,16 @@ spec: - | chmod -R 775 /sms/auth chown -R 1000:1000 /sms/auth - image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}" + image: {{ include "repositoryGenerator.image.busybox" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: /sms/auth name: {{ include "common.fullname" . }}-auth - name: {{ include "common.name" . }}-readiness - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - - /root/ready.py + - /app/ready.py args: - --container-name - "aaf-sms-vault" @@ -82,7 +84,7 @@ spec: apiVersion: v1 fieldPath: metadata.namespace containers: - - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }} command: ["/sms/bin/sms"] diff --git a/kubernetes/aaf/components/aaf-sms/templates/job.yaml b/kubernetes/aaf/components/aaf-sms/templates/job.yaml index 315d068676..1341889af3 100644 --- a/kubernetes/aaf/components/aaf-sms/templates/job.yaml +++ b/kubernetes/aaf/components/aaf-sms/templates/job.yaml @@ -25,7 +25,6 @@ metadata: release: {{ include "common.release" . }} heritage: {{ .Release.Service }} spec: - replicas: {{ .Values.replicaCount }} template: metadata: labels: @@ -137,14 +136,14 @@ spec: name: {{ include "common.name" . }}-preload-input - mountPath: /config/ name: {{ include "common.name" . }}-preload - image: "{{ .Values.global.envsubstImage }}" + image: {{ include "repositoryGenerator.image.envsubst" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-update-config - - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + - image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness command: - - /root/ready.py + - /app/ready.py args: - --container-name - "aaf-sms" @@ -157,7 +156,7 @@ spec: apiVersion: v1 fieldPath: metadata.namespace containers: - - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-preload command: diff --git a/kubernetes/aaf/components/aaf-sms/templates/service.yaml b/kubernetes/aaf/components/aaf-sms/templates/service.yaml index 9c94202fe3..8f30164fec 100644 --- a/kubernetes/aaf/components/aaf-sms/templates/service.yaml +++ b/kubernetes/aaf/components/aaf-sms/templates/service.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright 2018 Intel Corporation, Inc # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: v1 kind: Service diff --git a/kubernetes/aaf/components/aaf-sms/values.yaml b/kubernetes/aaf/components/aaf-sms/values.yaml index dccf57ca96..3b777c64f6 100644 --- a/kubernetes/aaf/components/aaf-sms/values.yaml +++ b/kubernetes/aaf/components/aaf-sms/values.yaml @@ -18,10 +18,7 @@ ################################################################# global: nodePortPrefix: 302 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 persistence: {} - envsubstImage: dibi/envsubst aafEnabled: true flavor: small @@ -58,7 +55,6 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 image: onap/aaf/sms:4.0.2 pullPolicy: Always @@ -104,6 +100,11 @@ service: internalPort: 10443 externalPort: 10443 +#define value for aaf-sms-quorumclient subchart +aaf-sms-quorumclient: + service: + name: aaf-sms + persistence: enabled: true volumeReclaimPolicy: Retain diff --git a/kubernetes/aaf/components/aaf-sshsm/Chart.yaml b/kubernetes/aaf/components/aaf-sshsm/Chart.yaml index d39b561905..c35979954e 100644 --- a/kubernetes/aaf/components/aaf-sshsm/Chart.yaml +++ b/kubernetes/aaf/components/aaf-sshsm/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Hardware Security Components name: aaf-sshsm -version: 6.0.0 +version: 7.0.0 diff --git a/kubernetes/aaf/components/aaf-sshsm/Makefile b/kubernetes/aaf/components/aaf-sshsm/Makefile new file mode 100644 index 0000000000..4c79718d02 --- /dev/null +++ b/kubernetes/aaf/components/aaf-sshsm/Makefile @@ -0,0 +1,51 @@ +# Copyright © 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) +OUTPUT_DIR := $(ROOT_DIR)/../dist +PACKAGE_DIR := $(OUTPUT_DIR)/packages +SECRET_DIR := $(OUTPUT_DIR)/secrets + +EXCLUDES := dist resources templates charts docker +HELM_BIN := helm +HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) + +.PHONY: $(EXCLUDES) $(HELM_CHARTS) + +all: $(HELM_CHARTS) + +$(HELM_CHARTS): + @echo "\n[$@]" + @make package-$@ + +make-%: + @if [ -f $*/Makefile ]; then make -C $*; fi + +dep-%: make-% + @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi + +lint-%: dep-% + @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi + +package-%: lint-% + @mkdir -p $(PACKAGE_DIR) + @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi + @$(HELM_BIN) repo index $(PACKAGE_DIR) + +clean: + @rm -f */requirements.lock + @rm -f *tgz */charts/*tgz + @rm -rf $(PACKAGE_DIR) +%: + @: diff --git a/kubernetes/aaf/components/aaf-sshsm/components/Makefile b/kubernetes/aaf/components/aaf-sshsm/components/Makefile new file mode 100644 index 0000000000..bf267b7720 --- /dev/null +++ b/kubernetes/aaf/components/aaf-sshsm/components/Makefile @@ -0,0 +1,51 @@ +# Copyright © 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) +OUTPUT_DIR := $(ROOT_DIR)/../../dist +PACKAGE_DIR := $(OUTPUT_DIR)/packages +SECRET_DIR := $(OUTPUT_DIR)/secrets + +EXCLUDES := +HELM_BIN := helm +HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) + +.PHONY: $(EXCLUDES) $(HELM_CHARTS) + +all: $(HELM_CHARTS) + +$(HELM_CHARTS): + @echo "\n[$@]" + @make package-$@ + +make-%: + @if [ -f $*/Makefile ]; then make -C $*; fi + +dep-%: make-% + @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi + +lint-%: dep-% + @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi + +package-%: lint-% + @mkdir -p $(PACKAGE_DIR) + @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi + @$(HELM_BIN) repo index $(PACKAGE_DIR) + +clean: + @rm -f */requirements.lock + @rm -f *tgz */charts/*tgz + @rm -rf $(PACKAGE_DIR) +%: + @: diff --git a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/Chart.yaml index 499b82caaf..d3b04fbed8 100644 --- a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml +++ b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Trusted Platform Module Resource Manager name: aaf-sshsm-abrmd -version: 6.0.0 +version: 7.0.0 diff --git a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/requirements.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/requirements.yaml new file mode 100644 index 0000000000..4144bfa95d --- /dev/null +++ b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~7.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 + repository: '@local' diff --git a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/configmap.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/templates/configmap.yaml index 99176fcdf6..8555a3c153 100644 --- a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/configmap.yaml +++ b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/templates/configmap.yaml @@ -14,7 +14,7 @@ # limitations under the License. */}} -{{- if .Values.global.distcenter.enabled -}} +{{- if .Values.global.tpm.enabled -}} apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/templates/deployment.yaml index c624ccfc4d..a2df4e53b9 100644 --- a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml +++ b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/templates/deployment.yaml @@ -14,10 +14,10 @@ # limitations under the License. */}} -{{- if and .Values.global.tpm.enabled .Values.global.abrmd.enabled -}} +{{- if .Values.global.tpm.enabled -}} apiVersion: apps/v1 -kind: StatefulSet +kind: Deployment metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: selector: {{- include "common.selectors" . | nindent 4 }} @@ -27,11 +27,11 @@ spec: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: - - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + - image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-job-complete command: - - /root/job_complete.py + - /app/ready.py args: - -j - "{{ include "common.fullname" . }}-init" @@ -49,7 +49,7 @@ spec: cpu: 3m memory: 20Mi containers: - - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} name: {{ include "common.name" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["/abrmd/bin/run_abrmd.sh"] @@ -67,14 +67,14 @@ spec: resources: {{ include "common.resources" . | nindent 10 }} nodeSelector: {{- if .Values.nodeSelector }} -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end -}} + {{ toYaml .Values.nodeSelector | indent 8 | trim }} + {{- end }} {{- if .Values.global.tpm.enabled }} {{ (printf "%s: \"%s\"" .Values.global.tpm.nodeLabel .Values.global.tpm.nodeLabelValue) }} - {{- end -}} - {{- if .Values.affinity }} - affinity: {{ toYaml .Values.affinity | nindent 8 }} {{- end }} + {{- if .Values.affinity }} + affinity: {{ toYaml .Values.affinity | nindent 8 }} + {{- end }} volumes: - name: localtime hostPath: diff --git a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/templates/job.yaml index 23fe79d716..8a8b6bd8fe 100644 --- a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml +++ b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/templates/job.yaml @@ -14,7 +14,7 @@ # limitations under the License. */}} -{{- if and .Values.global.tpm.enabled .Values.global.abrmd.enabled -}} +{{- if .Values.global.tpm.enabled -}} apiVersion: batch/v1 kind: Job @@ -27,7 +27,7 @@ spec: restartPolicy: Never containers: - name: {{ include "common.name" . }}-job - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["/abrmd/bin/initialize_tpm.sh"] workingDir: /abrmd/bin @@ -48,17 +48,16 @@ spec: - name: {{ include "common.fullname" . }}-tpmconfig mountPath: "/abrmd/cred/" readOnly: true - resources: {{ toYaml .Values.resources | nindent 10 }} + resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }} - {{- end -}} {{- if .Values.global.tpm.enabled }} {{ (printf "%s: \"%s\"" .Values.global.tpm.nodeLabel .Values.global.tpm.nodeLabelValue) }} {{- end -}} + {{- end -}} {{- if .Values.affinity }} affinity: {{ toYaml .Values.affinity | nindent 8 }} {{- end }} - resources: {{ include "common.resources" . | nindent 10 }} volumes: - name: {{ include "common.fullname" . }}-data persistentVolumeClaim: diff --git a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/values.yaml index 2a733632bf..e97519aa3e 100644 --- a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml +++ b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-abrmd/values.yaml @@ -15,12 +15,18 @@ ################################################################# # Global configuration defaults. ################################################################# +global: + tpm: + enabled: true + # if enabled, nodeselector will use the below + # values in the nodeselector section of the pod + nodeLabel: "tpm-node" + nodeLabelValue: "true" ################################################################# # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 image: onap/aaf/abrmd:4.0.0 pullPolicy: Always diff --git a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/Chart.yaml index 22ba3da019..1e881b5230 100644 --- a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml +++ b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Trusted Platform Module Distribution Center name: aaf-sshsm-distcenter -version: 6.0.0 +version: 7.0.0 diff --git a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/requirements.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/requirements.yaml new file mode 100644 index 0000000000..4144bfa95d --- /dev/null +++ b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~7.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 + repository: '@local' diff --git a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/configmap.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/templates/configmap.yaml index 8d1faf7e32..2e82f5bd26 100644 --- a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/configmap.yaml +++ b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/templates/configmap.yaml @@ -14,12 +14,8 @@ # limitations under the License. */}} -{{- if and .Values.global.tpm.enabled .Values.global.abrmd.enabled -}} - apiVersion: v1 kind: ConfigMap metadata: {{- include "common.resourceMetadata" . | nindent 2 }} data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} - -{{- end -}} +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
\ No newline at end of file diff --git a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/templates/job.yaml index fb48c7df4a..f74b5c8f2d 100644 --- a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml +++ b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/templates/job.yaml @@ -14,13 +14,10 @@ # limitations under the License. */}} -{{- if .Values.global.distcenter.enabled -}} - apiVersion: batch/v1 kind: Job metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: - replicas: {{ .Values.replicaCount }} serviceName: template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} @@ -28,11 +25,11 @@ spec: restartPolicy: Never initContainers: {{- if .Values.global.tpm.enabled }} - - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + - image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness command: - - /root/job_complete.py + - /app/ready.py args: - -j - "{{ include "common.release" . }}-aaf-sshsm-abrmd-init" @@ -50,7 +47,7 @@ spec: cpu: 3m memory: 20Mi {{ else }} - - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-gen-passphrase command: ["sh", "-c", "/usr/bin/openssl rand -base64 12 >/distcenter/data/passphrase"] @@ -75,7 +72,7 @@ spec: memory: 20Mi {{- end }} containers: - - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} name: {{ include "common.name" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["/entrypoint.sh"] @@ -102,5 +99,3 @@ spec: claimName: {{ include "common.release" . }}-aaf-sshsm imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" - -{{- end -}} diff --git a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/templates/pv.yaml index bf0ef74be2..22acb2a609 100644 --- a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml +++ b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/templates/pv.yaml @@ -14,6 +14,4 @@ # limitations under the License. */}} -{{- if .Values.global.distcenter.enabled -}} {{ include "common.PV" . }} -{{- end -}} diff --git a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/templates/pvc.yaml index a13b7f353b..1c7f6ffe4a 100644 --- a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml +++ b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/templates/pvc.yaml @@ -14,6 +14,4 @@ # limitations under the License. */}} -{{- if .Values.global.distcenter.enabled -}} {{ include "common.PVC" . }} -{{- end -}} diff --git a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/values.yaml index 94791be713..fb42843cb7 100644 --- a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml +++ b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-distcenter/values.yaml @@ -17,12 +17,13 @@ ################################################################# global: persistence: {} + tpm: + enabled: true ################################################################# # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 image: onap/aaf/distcenter:4.0.0 pullPolicy: Always diff --git a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/Chart.yaml index b64e0c331a..ca82abb4b4 100644 --- a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml +++ b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/Chart.yaml @@ -15,4 +15,4 @@ apiVersion: v1 description: ONAP Trusted Platform Module Test CA Service name: aaf-sshsm-testca -version: 6.0.0 +version: 7.0.0 diff --git a/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/requirements.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/requirements.yaml new file mode 100644 index 0000000000..4144bfa95d --- /dev/null +++ b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~7.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 + repository: '@local' diff --git a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/templates/job.yaml index a64f483d74..71e7c299bc 100644 --- a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml +++ b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/templates/job.yaml @@ -14,23 +14,20 @@ # limitations under the License. */}} -{{- if .Values.global.testca.enabled -}} - apiVersion: batch/v1 kind: Job metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: - replicas: {{ .Values.replicaCount }} template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: restartPolicy: Never initContainers: - - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + - image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-distcenter-ready command: - - /root/job_complete.py + - /app/ready.py args: - -j - "{{ include "common.release" . }}-aaf-sshsm-distcenter" @@ -48,7 +45,7 @@ spec: cpu: 3m memory: 20Mi {{- if .Values.global.tpm.enabled }} - - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-abrmd-ready command: ["sh", "/sshsm/bin/abrmd_ready.sh", "300"] @@ -71,7 +68,7 @@ spec: memory: 20Mi {{- end }} containers: - - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} name: {{ include "common.name" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["./import.sh"] @@ -104,7 +101,7 @@ spec: resources: {{ include "common.resources" . | nindent 10 }} nodeSelector: {{- if .Values.nodeSelector }} -{{ toYaml .Values.nodeSelector | indent 8 }} + {{ toYaml .Values.nodeSelector | indent 8 | trim }} {{- end -}} {{- if .Values.global.tpm.enabled }} {{ (printf "%s: \"%s\"" .Values.global.tpm.nodeLabel .Values.global.tpm.nodeLabelValue) }} @@ -127,5 +124,3 @@ spec: secretName: {{ include "common.release" . }}-aaf-sshsm imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" - -{{- end -}} diff --git a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/values.yaml index dd04c93bd7..f116c6d5e9 100644 --- a/kubernetes/aaf/components/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml +++ b/kubernetes/aaf/components/aaf-sshsm/components/aaf-sshsm-testca/values.yaml @@ -16,13 +16,18 @@ # Global configuration defaults. ################################################################# -enabled: true +global: + tpm: + enabled: true + # if enabled, nodeselector will use the below + # values in the nodeselector section of the pod + nodeLabel: "tpm-node" + nodeLabelValue: "true" ################################################################# # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 image: onap/aaf/testcaservice:4.0.0 pullPolicy: Always diff --git a/kubernetes/aaf/components/aaf-sshsm/requirements.yaml b/kubernetes/aaf/components/aaf-sshsm/requirements.yaml index 0704a2c9df..831e0aff75 100644 --- a/kubernetes/aaf/components/aaf-sshsm/requirements.yaml +++ b/kubernetes/aaf/components/aaf-sshsm/requirements.yaml @@ -14,5 +14,20 @@ dependencies: - name: common - version: ~6.x-0 + version: ~7.x-0 repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 + repository: '@local' + - name: aaf-sshsm-abrmd + version: ~7.x-0 + repository: 'file://components/aaf-sshsm-abrmd' + condition: aaf-sshsm-abrmd.enabled + - name: aaf-sshsm-distcenter + version: ~7.x-0 + repository: 'file://components/aaf-sshsm-distcenter' + condition: aaf-sshsm-distcenter.enabled + - name: aaf-sshsm-testca + version: ~7.x-0 + repository: 'file://components/aaf-sshsm-testca' + condition: aaf-sshsm-testca.testca.enabled diff --git a/kubernetes/aaf/components/aaf-sshsm/templates/secret.yaml b/kubernetes/aaf/components/aaf-sshsm/templates/secret.yaml index 50b6f36cd3..4be63fa18b 100644 --- a/kubernetes/aaf/components/aaf-sshsm/templates/secret.yaml +++ b/kubernetes/aaf/components/aaf-sshsm/templates/secret.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright 2018 Intel Corporation, Inc # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: v1 kind: Secret diff --git a/kubernetes/aaf/components/aaf-sshsm/values.yaml b/kubernetes/aaf/components/aaf-sshsm/values.yaml index 30fb0d2f2f..7e8d4f1352 100644 --- a/kubernetes/aaf/components/aaf-sshsm/values.yaml +++ b/kubernetes/aaf/components/aaf-sshsm/values.yaml @@ -18,21 +18,8 @@ ################################################################# global: nodePortPrefix: 302 - # Readiness image - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.2 - # Ubuntu Init image - ubuntuInitRepository: registry.hub.docker.com - ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 - # Logging image - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - # BusyBox image - busyboxRepository: registry.hub.docker.com - busyboxImage: library/busybox:1.31 # Standard OOM pullPolicy: "Always" - repository: "nexus3.onap.org:10001" tpm: enabled: false @@ -40,14 +27,15 @@ global: # values in the nodeselector section of the pod nodeLabel: "tpm-node" nodeLabelValue: "true" - abrmd: - enabled: true - distcenter: - enabled: true - testca: - enabled: true persistence: {} +aaf-sshsm-abrmd: + enabled: true +aaf-sshsm-distcenter: + enabled: true +aaf-sshsm-testca: + enabled: true + persistence: enabled: true data: diff --git a/kubernetes/aaf/components/aaf-templates/Chart.yaml b/kubernetes/aaf/components/aaf-templates/Chart.yaml index c8739e0105..04e41e91ee 100644 --- a/kubernetes/aaf/components/aaf-templates/Chart.yaml +++ b/kubernetes/aaf/components/aaf-templates/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Application Authorization Framework Templates name: aaf-templates -version: 6.0.0 +version: 7.0.0 diff --git a/kubernetes/aaf/components/aaf-templates/requirements.yaml b/kubernetes/aaf/components/aaf-templates/requirements.yaml index 6afaa06e8a..fc2e0ef0b3 100644 --- a/kubernetes/aaf/components/aaf-templates/requirements.yaml +++ b/kubernetes/aaf/components/aaf-templates/requirements.yaml @@ -14,5 +14,5 @@ dependencies: - name: common - version: ~6.x-0 + version: ~7.x-0 repository: '@local' diff --git a/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl b/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl index bf6931a8e3..25a05a5e2f 100644 --- a/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl +++ b/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl @@ -28,7 +28,7 @@ spec: - name: {{ include "common.name" . }} workingDir: /opt/app/aaf command: ["bin/{{ .Values.binary }}"] - image: {{ include "common.repository" . }}/{{.Values.global.aaf.image}} + image: {{ include "repositoryGenerator.repository" . }}/{{.Values.global.aaf.image}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: {{ include "common.containerPorts" . | nindent 10 }} volumeMounts: diff --git a/kubernetes/aaf/components/aaf-templates/templates/_initContainers.tpl b/kubernetes/aaf/components/aaf-templates/templates/_initContainers.tpl index 43c511fd6d..7cdf4d072e 100644 --- a/kubernetes/aaf/components/aaf-templates/templates/_initContainers.tpl +++ b/kubernetes/aaf/components/aaf-templates/templates/_initContainers.tpl @@ -23,7 +23,7 @@ - | chown -R 1000:1000 /opt/app/aaf chown -R 1000:1000 /opt/app/osaaf - image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}" + image: {{ include "repositoryGenerator.image.busybox" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: - mountPath: /opt/app/osaaf @@ -39,7 +39,7 @@ {{- define "aaf.podConfiguration" }} - name: {{ include "common.name" . }}-config-container - image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}} + image: {{ include "repositoryGenerator.repository" . }}/{{.Values.global.aaf.config.image}} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - /bin/bash @@ -96,7 +96,7 @@ initContainers: {{- if .Values.sequence_order }} - name: {{ include "common.name" . }}-aaf-readiness command: - - /root/ready.py + - /app/ready.py args: {{- range $container := .Values.sequence_order }} - --container-name @@ -108,7 +108,7 @@ initContainers: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} resources: limits: |