diff options
Diffstat (limited to 'kubernetes/aai/charts/aai-traversal')
21 files changed, 515 insertions, 200 deletions
diff --git a/kubernetes/aai/charts/aai-traversal/.helmignore b/kubernetes/aai/charts/aai-traversal/.helmignore index f0c1319444..daebc7da77 100644 --- a/kubernetes/aai/charts/aai-traversal/.helmignore +++ b/kubernetes/aai/charts/aai-traversal/.helmignore @@ -1,21 +1,21 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj +# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/kubernetes/aai/charts/aai-traversal/Chart.yaml b/kubernetes/aai/charts/aai-traversal/Chart.yaml index 8f79b421c3..15f69167e1 100644 --- a/kubernetes/aai/charts/aai-traversal/Chart.yaml +++ b/kubernetes/aai/charts/aai-traversal/Chart.yaml @@ -1,3 +1,17 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + apiVersion: v1 description: ONAP AAI traversal name: aai-traversal diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/cadi.properties b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/cadi.properties new file mode 100644 index 0000000000..9523367f27 --- /dev/null +++ b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/cadi.properties @@ -0,0 +1,8 @@ + +cadi_loglevel=INFO +cadi_prop_files=/opt/app/aai-traversal/resources/aaf/org.osaaf.location.props:/opt/app/aai-traversal/resources/aaf/org.onap.aai.props + +# OAuth2 +aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token +aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect + diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile new file mode 100644 index 0000000000..3416d4a737 --- /dev/null +++ b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.keyfile @@ -0,0 +1,27 @@ +2otP92kNFHdexroZxvgYY7ffslFiwCD3CiVYMIfUF2edqZK7972NwkvE_mbaBo6jh8lByLIqrWAf +jyzoiVsvQ_kCa0cS1xaRLpcxv3bx1b7o3hGPBqpd6vmSG4y2JLzNlCBZWuTJz827wr8p_fWrYuUm +4L1WoaEe8W5PRnXjl4hDqbJBAlEoRIBXugUDt_7O5wgx2Rl3HVoOczZtf0RzONZ1F0BmKf3QlAUe +moSbARitYRgIPt5sLbT7qPyoEpGDhQ1XBowR744-wsjBc-14yO62Ajp5xWKTp15uWn3_HHuw1SAf +GWSBRGlSlEVkXQqi9Hw5jDttKVzHX1ckwR0SQOirbtHPHplxPX3WKjKhSdSeMzw6LOAHIQYRMKBT +74oGnULAfPtV7TaGwOKriT3P49CoPdt9On89-LGyCZSxDWKH0K-rgB6I2_hPT2Uzr3jmXiMa-sfh +iMvyQ7ABBVx0OFsUuNb5mcU2O6dWiQreL5RerrloV_X3ZtnNjxENXKjQ5KBR1A5ISPjFFK-kf4Rb +p6FSII8LcsiqgdWuZ4GX_C6x8HX4A-vD0x3Uc9CfoXY-k23cNIy-R-W-oB-P2OgdWDNgZ7VaOLNt +3L-NwWpNblfYvs93cNmkbVAwCZ3r0OP7RFeuON84TRaynK_Fh2S3rypRyJcUmM1pvpZqJ5_-umSW +hUs1OqkdLv3xjlVzzK-3nMr0q3Zcyp4XdyLYtcX5I3Xqk9ZcsyAT7ghmHhV8KjUjue7OcfAWg0m7 +RJLGq6VC8HeK4HEMa4lF677Qh7DRufghIDEmQSIDfGA790WGSA8HqcOvAL4hURCHyCWiPa5i8ksX +xX4HyqF8PCVCLJ_ZhzcuIlc0jStAexWbJU_vcyX7XgUaHCkF-M-zv1FP6Z3DHBMD2QqSWjmyNCCk +8sIuwzs62P_j2o9jG33kssedCrUWOwZancU107-5H0Zw-UWvtCqUfmRZ7TsEbWY7lk_SKfLfAN5q +ncOQgU_VxDXUFDST4LN_WVECRafK3UtwWomxWSji25Lbf6NVni3ok-yLMDZR-wrE-54jLPES9j0i +5N0xrk9CfsvGUpUZ1_XQcgaxI6m27DtCCJXb5ywenPBiUIJCMCTq88CqNZxGpju2i4BJcUH2hUHe +GKhO8pgslwhtEVot9EDwdzSrJkWFCfb6ud4zMxrqdi7-mLWMOydg6lhpEFEX5wu2BLIujGsZlEGE +_K9jGfBypjXuJCKDZIuPfEnf_7idjKis_JcFB7x4Hx2HHDcBjlWWFZN_VIEnPkQSyZEC26RTFP3k +zkY3GwUfA36a4XW2pu3gE9wz-W6fkONfzOZ6YiyCm_dRFUVuGSdJG02Hh5iXYlMOGJltPzWH2jVf +S-QTOmXQTKSOheXoJO6O-9uQbsRf-kq-6w1pvIOp4ms35w4_0Xj0Xr2a9y-L9PdBZvrUsa-jxsZU +LyA-YY4Ej6QwDBDTD2MGjF1E5_ekYgjoNlltM9rJjofruM4ym0n7LPHC7YXXQSEFOZYeTKi6wUDw +hQ1DoWHgu4PQ2lexada8sxQdConbPe2iW16h-PrO5D12E4XbT00fqaMlBmjQwzdNRdCC2NRPIQ5W +nwaO8dZ9yjxsjT7ZVHb9-DRblb3XDocponzxVXqUGtJAie4WXQnerX0ApTWGaHEr5y56JJVS_3LP +bKrbXBXcs4jTUX4ECXRrOs8JQDQNysXhvTPCu0XUxNZpjx6KLxDs93k2OcESHjl5J6n6OKKJqqoN +JEyFO5LGXpnmUJbn0-CaHHPRI1mHwEu4brY8wDZd9A0PD1KGXDoCHMfEk1lGblQdyOcVrXZ6uSBk +Z6zHDnwSCHO1mPYqtelJQehZoFuPSv9PIgKLxs_qJOtZFnXII5YO1mGXgiIBWBjUFDR5HG4ENS6y +J4MCF-JLMp-PVMAkOaCIQRRDpRnMm_fT1sc_P562Diu_pcdt-r55pMFQYGoGfjRmxQBKk0-SsdnP +mlZIiis9DfQEN0q3QQdNRYBJD7tmhUwhAPZdLgXqJA8sZf8UyFQhhpsky79NT343YL9smUlF
\ No newline at end of file diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12 b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12 Binary files differnew file mode 100644 index 0000000000..023e2eaac6 --- /dev/null +++ b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.p12 diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props new file mode 100644 index 0000000000..4596d91cfe --- /dev/null +++ b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props @@ -0,0 +1,13 @@ +############################################################ +# Properties Generated by AT&T Certificate Manager +# @copyright 2016, AT&T +############################################################ +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US +cadi_keyfile=/opt/app/aai-traversal/resources/aaf/org.onap.aai.keyfile +cadi_keystore=/opt/app/aai-traversal/resources/aaf/org.onap.aai.p12 +cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV +#cadi_key_password=enc:<KEY PASSWORD (optional if the same as KEYSTORE PASSWORD)> +cadi_alias=aai@aai.onap.org +cadi_truststore=/opt/app/aai-traversal/resources/aaf/truststoreONAPall.jks +cadi_truststore_password=enc:s77wlnZFoQ08NhnU3OSeWO6uKgRwC6sAK-wTvVubNz2 +cadi_loglevel=INFO
\ No newline at end of file diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.osaaf.location.props b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.osaaf.location.props new file mode 100644 index 0000000000..132fb242f4 --- /dev/null +++ b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.osaaf.location.props @@ -0,0 +1,23 @@ +## +## org.osaaf.location.props +## +## Localized Machine Information +## +# Almeda California ? +cadi_latitude=37.78187 +cadi_longitude=-122.26147 + +# Locate URL (which AAF Env) +aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095 + +# AAF URL +aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0 + +# AAF Environment Designation +aaf_env=DEV + +# OAuth2 Endpoints +aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token +aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect + + diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/permissions.properties b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/permissions.properties new file mode 100644 index 0000000000..d4956f577c --- /dev/null +++ b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/permissions.properties @@ -0,0 +1,2 @@ +permission.type=org.onap.aai.traversal +permission.instance=*
\ No newline at end of file diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/truststoreONAPall.jks b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/truststoreONAPall.jks Binary files differnew file mode 100644 index 0000000000..2da1dcc4b4 --- /dev/null +++ b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/truststoreONAPall.jks diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaiconfig.properties b/kubernetes/aai/charts/aai-traversal/resources/config/aaiconfig.properties index 735609b424..3859590aaf 100644 --- a/kubernetes/aai/charts/aai-traversal/resources/config/aaiconfig.properties +++ b/kubernetes/aai/charts/aai-traversal/resources/config/aaiconfig.properties @@ -20,81 +20,47 @@ # ECOMP is a trademark and service mark of AT&T Intellectual Property. # -#################################################################### -# REMEMBER TO THINK ABOUT ENVIRONMENTAL DIFFERENCES AND CHANGE THE -# TEMPLATE AND *ALL* DATAFILES -#################################################################### - -#################################################################### -# REMEMBER TO THINK ABOUT ENVIRONMENTAL DIFFERENCES AND CHANGE THE -# TEMPLATE AND *ALL* DATAFILES -#################################################################### - aai.config.checktime=1000 # this could come from siteconfig.pl? aai.config.nodename=AutomaticallyOverwritten - - -aai.auth.cspcookies_on=false -aai.dbmodel.filename=ex5.json - aai.server.url.base=https://aai.{{ include "common.namespace" . }}:8443/aai/ -aai.server.url=https://aai.{{ include "common.namespace" . }}:8443/aai/v11/ +aai.server.url=https://aai.{{ include "common.namespace" . }}:8443/aai/{{ .Values.global.config.schema.version.api.default }}/ aai.global.callback.url=https://aai.{{ include "common.namespace" . }}:8443/aai/ +{{ if .Values.global.config.basic.auth.enabled }} aai.tools.enableBasicAuth=true -aai.tools.username=AAI -aai.tools.password=AAI - -aai.truststore.filename=aai_keystore -aai.truststore.passwd.x=OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 -aai.keystore.filename=aai_keystore -aai.keystore.passwd.x=OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 +aai.tools.username={{ .Values.global.config.basic.auth.username }} +aai.tools.password={{ .Values.global.config.basic.auth.passwd }} +{{ end }} +aai.truststore.filename={{ .Values.global.config.truststore.filename }} +aai.truststore.passwd.x={{ .Values.global.config.truststore.passwd }} +aai.keystore.filename={{ .Values.global.config.keystore.filename }} +aai.keystore.passwd.x={{ .Values.global.config.keystore.passwd }} -aai.notification.current.version=v11 +aai.notification.current.version={{ .Values.global.config.schema.version.api.default }} aai.notificationEvent.default.status=UNPROCESSED -aai.notificationEvent.default.eventType=AAI-EVENT -aai.notificationEvent.default.domain=dev +aai.notificationEvent.default.eventType={{ .Values.global.config.notification.eventType }} +aai.notificationEvent.default.domain={{ .Values.global.config.notification.domain }} aai.notificationEvent.default.sourceName=aai aai.notificationEvent.default.sequenceNumber=0 aai.notificationEvent.default.severity=NORMAL -aai.notificationEvent.default.version=v11 +aai.notificationEvent.default.version={{ .Values.global.config.schema.version.api.default }} # This one lets us enable/disable resource-version checking on updates/deletes aai.resourceversion.enableflag=true aai.logging.maxStackTraceEntries=10 -aai.default.api.version=v11 - - +aai.default.api.version={{ .Values.global.config.schema.version.api.default }} # Used by Model-processing code aai.model.delete.sleep.per.vtx.msec=500 aai.model.query.resultset.maxcount=50 aai.model.query.timeout.sec=90 -# Used by Data Grooming -aai.grooming.default.max.file=150 -aai.grooming.default.sleep.minutes=7 - aai.model.proc.max.levels=50 aai.edgeTag.proc.max.levels=50 -# for transaction log -aai.logging.hbase.interceptor=true -aai.logging.hbase.enabled=true -aai.logging.hbase.logrequest=true -aai.logging.hbase.logresponse=true - -# for gremlin server -aai.server.rebind=g -hbase.table.name=aailogging.dev -hbase.table.timestamp.format=YYYYMMdd-HH:mm:ss:SSS -hbase.zookeeper.quorum=localhost -hbase.zookeeper.property.clientPort=2181 -hbase.zookeeper.znode.parent=/hbase - aai.logging.trace.enabled=true aai.logging.trace.logrequest=false aai.logging.trace.logresponse=false @@ -103,13 +69,13 @@ aai.transaction.logging=true aai.transaction.logging.get=false aai.transaction.logging.post=false -aai.realtime.clients=SDNC,MSO,SO,robot-ete +aai.realtime.clients={{ .Values.global.config.realtime.clients }} #timeout for traversal enabled flag -aai.traversal.timeoutenabled=true +aai.traversal.timeoutenabled={{ .Values.config.timeout.enabled }} #timeout app specific -aai.traversal.timeout.appspecific=JUNITTESTAPP1,1|JUNITTESTAPP2,-1|DCAE-CCS,-1|DCAES,-1|AAI-FILEGEN-GFPIP,-1 +aai.traversal.timeout.appspecific={{ .Values.config.timeout.appspecific }} #default timeout limit added for traversal if not overridden (in ms) -aai.traversal.timeoutlimit=180000 +aai.traversal.timeoutlimit={{ .Values.config.timeout.limit | int }} diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/application.properties b/kubernetes/aai/charts/aai-traversal/resources/config/application.properties index ebfe98b77d..2ff95aab51 100644 --- a/kubernetes/aai/charts/aai-traversal/resources/config/application.properties +++ b/kubernetes/aai/charts/aai-traversal/resources/config/application.properties @@ -1,8 +1,22 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + # The following info parameters are being referenced by ajsc6 info.build.artifact=aai-traversal info.build.name=traversal info.build.description=Traversal Microservice -info.build.version=1.2.0 +info.build.version=1.3.0 spring.application.name=aai-traversal spring.jersey.type=filter @@ -10,7 +24,8 @@ spring.jersey.type=filter server.contextPath=/ spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration -spring.profiles.active=production,dmaap +spring.profiles.active={{ .Values.global.config.profiles.active }} +spring.jersey.application-path=${schema.uri.base.path} #The max number of active threads in this pool server.tomcat.max-threads=200 #The minimum number of threads always kept alive @@ -18,15 +33,6 @@ server.tomcat.min-Spare-Threads=25 #The number of milliseconds before an idle thread shutsdown, unless the number of active threads are less or equal to minSpareThreads server.tomcat.max-idle-time=60000 - -#Add this properties only if you want to change the URL, AJSC Framework interceptors will intercept -#com.att.ajsc.common.interceptors.PreInterceptor.url=/** -#com.att.ajsc.common.interceptors.PostInterceptor.url=/** - -#Servlet context parameters -server.context_parameters.p-name=value #context parameter with p-name as key and value as value. -kubernetes.namespace={{ include "common.namespace" . }} - # If you get an application startup failure that the port is already taken # If thats not it, please check if the key-store file path makes sense server.local.startpath=aai-traversal/src/main/resources/ @@ -34,39 +40,45 @@ server.basic.auth.location=${server.local.startpath}etc/auth/realm.properties server.port=8446 server.ssl.enabled-protocols=TLSv1.1,TLSv1.2 -server.ssl.key-store=${server.local.startpath}etc/auth/aai_keystore -server.ssl.key-store-password=password(OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0) -server.ssl.trust-store=${server.local.startpath}etc/auth/aai_keystore -server.ssl.trust-store-password=password(OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0) +server.ssl.key-store=${server.local.startpath}etc/auth/{{ .Values.global.config.keystore.filename }} +server.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }}) +server.ssl.trust-store=${server.local.startpath}etc/auth/{{ .Values.global.config.truststore.filename }} +server.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }}) server.ssl.client-auth=want server.ssl.key-store-type=JKS # JMS bind address host port jms.bind.address=tcp://localhost:61647 -dmaap.ribbon.eureka.enabled=false dmaap.ribbon.listOfServers=message-router.{{ include "common.namespace" . }}:3904 -# Number of milliseconds to wait before making ping requests again -dmaap.ribbon.ServerListRefreshInterval=75000 -dmaap.ribbon.NFLoadBalancerPingInterval=75000 -dmaap.ribbon.NFLoadBalancerRuleClassName=com.netflix.loadbalancer.AvailabilityFilteringRule -dmaap.ribbon.NFLoadBalancerPingClassName=org.onap.aai.config.HttpPingImpl -dmaap.ribbon.EnableMarkingServerDownOnReachingFailureLimit=true -dmaap.ribbon.ServerDownFailureLimit=1 -# This needs to be verified but it seems that adding this property should automatically -# Make the dmaap client change the url from http to https depending on the server -dmaap.ribbon.securePorts=3905 -# Custom Dmaap Specific Configuration -dmaap.ribbon.username= -dmaap.ribbon.password= -dmaap.ribbon.health.endpoint=/topics/AAI-EVENT -# Number of seconds to wait for the ping to work and might need to increase this if the pings are all failing -dmaap.ribbon.pingport.timeout=3 +# Schema related attributes for the oxm and edges +# Any additional schema related attributes should start with prefix schema +schema.configuration.location=N/A +schema.source.name={{ .Values.global.config.schema.source.name }} +schema.nodes.location=${server.local.startpath}/schema/${schema.source.name}/oxm/ +schema.edges.location=${server.local.startpath}/schema/${schema.source.name}/dbedgerules/ +# Location of where the stored queries are +schema.queries.location=${server.local.startpath}/schema/${schema.source.name}/query/ + +schema.ingest.file=${server.local.startpath}/application.properties + +# Schema Version Related Attributes + +schema.uri.base.path={{ .Values.global.config.schema.uri.base.path }} +# Lists all of the versions in the schema +schema.version.list={{ .Values.global.config.schema.version.list }} +# Specifies from which version should the depth parameter to default to zero +schema.version.depth.start={{ .Values.global.config.schema.version.depth }} +# Specifies from which version should the related link be displayed in response payload +schema.version.related.link.start={{ .Values.global.config.schema.version.related.link }} + +# Specifies from which version should the client see only the uri excluding host info +# Before this version server base will also be included +schema.version.app.root.start={{ .Values.global.config.schema.version.app.root }} +# Specifies from which version should the namespace be changed +schema.version.namespace.change.start={{ .Values.global.config.schema.version.namespace.change }} +# Specifies from which version should the client start seeing the edge label in payload +schema.version.edge.label.start={{ .Values.global.config.schema.version.edge.label }} +# Specifies the version that the application should default to +schema.version.api.default={{ .Values.global.config.schema.version.api.default }} -niws.loadbalancer.dmaap.filterCircuitTripped=true -niws.loadbalancer.dmaap.connectionFailureCountThreshold=3 -niws.loadbalancer.dmaap.circuitTripMaxTimeoutSeconds=180 -#dmaap.ribbon.retryableStatusCodes=404,503 -#dmaap.ribbon.retryableStatusCodes.MaxAutoRetriesNextServer=2 -#dmaap.ribbon.retryableStatusCodes.MaxAutoRetries=2 -#dmaap.ribbon.retryableStatusCodes.OkToRetryOnAllOperations=true diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/janusgraph-cached.properties b/kubernetes/aai/charts/aai-traversal/resources/config/janusgraph-cached.properties index b9216bf8e0..2c22d14a41 100644 --- a/kubernetes/aai/charts/aai-traversal/resources/config/janusgraph-cached.properties +++ b/kubernetes/aai/charts/aai-traversal/resources/config/janusgraph-cached.properties @@ -23,6 +23,8 @@ query.fast-property=true query.smart-limit=false +{{ if .Values.global.config.cluster.cassandra.dynamic }} + {{- $seed_size := default 1 .Values.global.cassandra.replicas | int -}} {{- $global := . }} @@ -35,9 +37,60 @@ storage.cassandra.read-consistency-level=LOCAL_QUORUM storage.cassandra.write-consistency-level=LOCAL_QUORUM storage.cassandra.replication-factor=3 storage.cassandra.replication-strategy-class=org.apache.cassandra.locator.SimpleStrategy -#storage.cassandra.replication-strategy-options=MTA1cass,3 -#schema.default=none +{{ else }} + +{{ if .Values.global.config.storage }} + +storage.backend={{ .Values.global.config.storage.backend }} + +{{ if eq .Values.global.config.storage.backend "cassandra" }} + +storage.hostname={{ .Values.global.config.storage.hostname }} +storage.cassandra.keyspace={{ .Values.global.config.storage.name }} + +storage.cassandra.read-consistency-level={{ .Values.global.config.storage.cassandra.readConsistency }} +storage.cassandra.write-consistency-level={{ .Values.global.config.storage.cassandra.writeConsistency }} +storage.cassandra.replication-factor={{ .Values.global.config.storage.cassandra.replicationFactor | int }} +storage.cassandra.astyanax.cluster-name= {{ .Values.global.config.storage.clusterName }} +storage.cassandra.astyanax.local-datacenter= {{ .Values.global.config.storage.localDataCenter }} + +storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }} +cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} +log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} + +{{ else if eq .Values.global.config.storage.backend "cql" }} + +storage.hostname={{ .Values.global.config.storage.hostname }} +storage.cql.keyspace={{ .Values.global.config.storage.name }} + +storage.cql.read-consistency-level={{ .Values.global.config.storage.cql.readConsistency }} +storage.cql.write-consistency-level={{ .Values.global.config.storage.cql.readConsistency }} +storage.cql.replication-factor={{ .Values.global.config.storage.cql.replicationFactor | int }} + +storage.cql.only-use-local-consistency-for-system-operations={{ .Values.global.config.storage.cql.localConsistencyForSysOps }} +storage.cql.cluster-name={{ .Values.global.config.storage.clusterName }} +storage.cql.local-datacenter={{ .Values.global.config.storage.localDataCenter }} + +storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }} +cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} +log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} + +{{ else if eq .Values.global.config.storage.backend "hbase" }} + +storage.hostname={{ .Values.global.config.storage.hostname }} +storage.hbase.table={{ .Values.global.config.storage.name }} + +storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }} +cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} +log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} + +{{ end }} + +{{ end }} + +{{ end }} + storage.lock.wait-time=300 #caching on cache.db-cache = true diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/janusgraph-realtime.properties b/kubernetes/aai/charts/aai-traversal/resources/config/janusgraph-realtime.properties index a8504dc1c4..b19c9b6df6 100644 --- a/kubernetes/aai/charts/aai-traversal/resources/config/janusgraph-realtime.properties +++ b/kubernetes/aai/charts/aai-traversal/resources/config/janusgraph-realtime.properties @@ -21,10 +21,11 @@ query.fast-property=true query.smart-limit=false +{{ if .Values.global.config.cluster.cassandra.dynamic }} + {{- $seed_size := default 1 .Values.global.cassandra.replicas | int -}} {{- $global := . }} -# the following parameters are not reloaded automatically and require a manual bounce storage.backend=cassandra storage.hostname={{- range $i, $e := until $seed_size }}{{ $global.Release.Name }}-{{$global.Values.global.cassandra.serviceName}}-{{ $i }}.{{$global.Values.global.cassandra.serviceName}},{{- end }} @@ -34,12 +35,62 @@ storage.cassandra.read-consistency-level=LOCAL_QUORUM storage.cassandra.write-consistency-level=LOCAL_QUORUM storage.cassandra.replication-factor=3 storage.cassandra.replication-strategy-class=org.apache.cassandra.locator.SimpleStrategy -#storage.cassandra.replication-strategy-options=MTA1cass,3 -#schema.default=none +{{ else }} + +{{ if .Values.global.config.storage }} + +storage.backend={{ .Values.global.config.storage.backend }} + +{{ if eq .Values.global.config.storage.backend "cassandra" }} + +storage.hostname={{ .Values.global.config.storage.hostname }} +storage.cassandra.keyspace={{ .Values.global.config.storage.name }} + +storage.cassandra.read-consistency-level={{ .Values.global.config.storage.cassandra.readConsistency }} +storage.cassandra.write-consistency-level={{ .Values.global.config.storage.cassandra.writeConsistency }} +storage.cassandra.replication-factor={{ .Values.global.config.storage.cassandra.replicationFactor | int }} +storage.cassandra.astyanax.cluster-name= {{ .Values.global.config.storage.clusterName }} +storage.cassandra.astyanax.local-datacenter= {{ .Values.global.config.storage.localDataCenter }} + +storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }} +cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} +log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} + +{{ else if eq .Values.global.config.storage.backend "cql" }} + +storage.hostname={{ .Values.global.config.storage.hostname }} +storage.cql.keyspace={{ .Values.global.config.storage.name }} + +storage.cql.read-consistency-level={{ .Values.global.config.storage.cql.readConsistency }} +storage.cql.write-consistency-level={{ .Values.global.config.storage.cql.readConsistency }} +storage.cql.replication-factor={{ .Values.global.config.storage.cql.replicationFactor | int }} + +storage.cql.only-use-local-consistency-for-system-operations={{ .Values.global.config.storage.cql.localConsistencyForSysOps }} +storage.cql.cluster-name={{ .Values.global.config.storage.clusterName }} +storage.cql.local-datacenter={{ .Values.global.config.storage.localDataCenter }} + +storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }} +cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} +log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} + +{{ else if eq .Values.global.config.storage.backend "hbase" }} + +storage.hostname={{ .Values.global.config.storage.hostname }} +storage.hbase.table={{ .Values.global.config.storage.name }} + +storage.connection-timeout={{ .Values.global.config.storage.connectionTimeout | int }} +cache.tx-cache-size={{ .Values.global.config.storage.cacheSize | int }} +log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }} + +{{ end }} + +{{ end }} + +{{ end }} + storage.lock.wait-time=300 # Setting db-cache to false ensure the fastest propagation of changes across servers cache.db-cache = false - #load graphson file on startup load.snapshot.file=false diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/localhost-access-logback.xml b/kubernetes/aai/charts/aai-traversal/resources/config/localhost-access-logback.xml index a318796c57..4cf6c74333 100644 --- a/kubernetes/aai/charts/aai-traversal/resources/config/localhost-access-logback.xml +++ b/kubernetes/aai/charts/aai-traversal/resources/config/localhost-access-logback.xml @@ -1,62 +1,63 @@ -<!-- - - ============LICENSE_START======================================================= - org.onap.aai - ================================================================================ - Copyright © 2017 AT&T Intellectual Property. All rights reserved. - ================================================================================ - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - ============LICENSE_END========================================================= - - ECOMP is a trademark and service mark of AT&T Intellectual Property. - ---> -<configuration> - <property name="AJSC_HOME" value="${AJSC_HOME:-.}" /> - <appender name="ACCESS" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd} - </fileNamePattern> - </rollingPolicy> - <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder"> - <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D</Pattern> - </encoder> - </appender> - <appender-ref ref="ACCESS" /> -</configuration> - -<!-- -%a - Remote IP address -%A - Local IP address -%b - Bytes sent, excluding HTTP headers, or '-' if no bytes were sent -%B - Bytes sent, excluding HTTP headers -%h - Remote host name -%H - Request protocol -%l - Remote logical username from identd (always returns '-') -%m - Request method -%p - Local port -%q - Query string (prepended with a '?' if it exists, otherwise an empty string -%r - First line of the request -%s - HTTP status code of the response -%S - User session ID -%t - Date and time, in Common Log Format format -%u - Remote user that was authenticated -%U - Requested URL path -%v - Local server name -%I - current request thread name (can compare later with stacktraces) - -%z - Custom pattern that parses the cert for the subject -%y - Custom pattern determines rest or dme2 - -->
\ No newline at end of file +<!--
+
+ ============LICENSE_START=======================================================
+ org.onap.aai
+ ================================================================================
+ Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ Modifications Copyright © 2018 Amdocs, Bell Canada
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END=========================================================
+
+ ECOMP is a trademark and service mark of AT&T Intellectual Property.
+
+-->
+<configuration>
+ <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
+ <appender name="ACCESS"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ </rollingPolicy>
+ <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
+ <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D</Pattern>
+ </encoder>
+ </appender>
+ <appender-ref ref="ACCESS" />
+</configuration>
+
+<!--
+%a - Remote IP address
+%A - Local IP address
+%b - Bytes sent, excluding HTTP headers, or '-' if no bytes were sent
+%B - Bytes sent, excluding HTTP headers
+%h - Remote host name
+%H - Request protocol
+%l - Remote logical username from identd (always returns '-')
+%m - Request method
+%p - Local port
+%q - Query string (prepended with a '?' if it exists, otherwise an empty string
+%r - First line of the request
+%s - HTTP status code of the response
+%S - User session ID
+%t - Date and time, in Common Log Format format
+%u - Remote user that was authenticated
+%U - Requested URL path
+%v - Local server name
+%I - current request thread name (can compare later with stacktraces)
+
+%z - Custom pattern that parses the cert for the subject
+%y - Custom pattern determines rest or dme2
+ -->
diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/logback.xml b/kubernetes/aai/charts/aai-traversal/resources/config/logback.xml index 2ed8f5c8f1..96fe00567d 100644 --- a/kubernetes/aai/charts/aai-traversal/resources/config/logback.xml +++ b/kubernetes/aai/charts/aai-traversal/resources/config/logback.xml @@ -3,6 +3,7 @@ org.onap.aai ================================================================================ Copyright © 2017 AT&T Intellectual Property. All rights reserved. + Modifications Copyright © 2018 Amdocs, Bell Canada ================================================================================ Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -361,5 +362,8 @@ </logger> <root level="DEBUG"> <appender-ref ref="external" /> + {{if .Values.global.config.logback.console.enabled}} + <appender-ref ref="STDOUT" /> + {{ end }} </root> </configuration> diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/realm.properties b/kubernetes/aai/charts/aai-traversal/resources/config/realm.properties index f0e0172d2d..962e4917eb 100644 --- a/kubernetes/aai/charts/aai-traversal/resources/config/realm.properties +++ b/kubernetes/aai/charts/aai-traversal/resources/config/realm.properties @@ -1,3 +1,17 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + # format : username: password[,rolename ...] # default username/password: AAI/AAI, MSO/MSO, ModelLoader/ModelLoader... AAI:OBF:1gfr1ev31gg7,admin diff --git a/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml b/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml index 373819e39e..80983695a4 100644 --- a/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml +++ b/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml @@ -1,3 +1,17 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + apiVersion: v1 kind: ConfigMap metadata: @@ -53,3 +67,25 @@ metadata: namespace: {{ include "common.namespace" . }} data: {{ tpl (.Files.Glob "resources/config/realm.properties").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-aaf-props + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/aaf/org.osaaf.location.props").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/aaf/permissions.properties").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.props").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/aaf/cadi.properties").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-aaf-keys + namespace: {{ include "common.namespace" . }} +type: Opaque +data: +{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.keyfile").AsSecrets . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.p12").AsSecrets . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/aaf/truststoreONAPall.jks").AsSecrets . | indent 2 }} diff --git a/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml b/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml index 25cd3a9537..3cedaecc9b 100644 --- a/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml @@ -1,4 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -247,14 +248,20 @@ spec: ]' spec: hostname: aai-traversal + {{ if .Values.global.initContainers.enabled }} initContainers: - command: + {{ if .Values.global.jobs.createSchema.enabled }} + - /root/job_complete.py + args: + - --job-name + - {{ .Release.Name }}-aai-graphadmin-create-db-schema + {{ else }} - /root/ready.py args: - --container-name - aai-cassandra - - --container-name - - aai-resources + {{ end }} env: - name: NAMESPACE valueFrom: @@ -264,6 +271,7 @@ spec: image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness + {{ end }} containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" @@ -272,9 +280,9 @@ spec: - name: DISABLE_UPDATE_QUERY value: {{ .Values.config.disableUpdateQuery | quote }} - name: LOCAL_USER_ID - value: {{ .Values.config.userId | quote }} + value: {{ .Values.global.config.userId | quote }} - name: LOCAL_GROUP_ID - value: {{ .Values.config.groupId | quote }} + value: {{ .Values.global.config.groupId | quote }} volumeMounts: - mountPath: /etc/localtime name: localtime @@ -296,12 +304,36 @@ spec: - mountPath: /opt/app/aai-traversal/resources/localhost-access-logback.xml name: {{ include "common.fullname" . }}-localhost-access-log-conf subPath: localhost-access-logback.xml + - mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.keyfile + name: {{ include "common.fullname" . }}-aaf-certs + subPath: org.onap.aai.keyfile + - mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.props + name: {{ include "common.fullname" . }}-aaf-properties + subPath: org.onap.aai.props + - mountPath: /opt/app/aai-traversal/resources/aaf/org.osaaf.location.props + name: {{ include "common.fullname" . }}-aaf-properties + subPath: org.osaaf.location.props + - mountPath: /opt/app/aai-traversal/resources/aaf/permissions.properties + name: {{ include "common.fullname" . }}-aaf-properties + subPath: permissions.properties + - mountPath: /opt/app/aai-traversal/resources/cadi.properties + name: {{ include "common.fullname" . }}-aaf-properties + subPath: cadi.properties + - mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.p12 + name: {{ include "common.fullname" . }}-aaf-certs + subPath: org.onap.aai.p12 + - mountPath: /opt/app/aai-traversal/resources/aaf/truststoreONAPall.jks + name: {{ include "common.fullname" . }}-aaf-certs + subPath: truststoreONAPall.jks - mountPath: /opt/app/aai-traversal/resources/application.properties name: {{ include "common.fullname" . }}-springapp-conf subPath: application.properties - - mountPath: /opt/app/aai-traversal/resources/etc/auth/aai_keystore - name: {{ include "common.fullname" . }}-auth-sec - subPath: aai_keystore + {{ $global := . }} + {{ range $job := .Values.global.config.auth.files }} + - mountPath: /opt/app/aai-traversal/resources/etc/auth/{{ . }} + name: {{ include "common.fullname" $global }}-auth-truststore-sec + subPath: {{ . }} + {{ end }} ports: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.internalPort2 }} @@ -368,15 +400,26 @@ spec: - name: {{ include "common.fullname" . }}-aaiconfig-conf configMap: name: {{ include "common.fullname" . }}-aaiconfig-configmap + - name: {{ include "common.fullname" . }}-aaf-properties + configMap: + name: {{ include "common.fullname" . }}-aaf-props + - name: {{ include "common.fullname" . }}-aaf-certs + secret: + secretName: {{ include "common.fullname" . }}-aaf-keys - name: {{ include "common.fullname" . }}-springapp-conf configMap: name: {{ include "common.fullname" . }}-springapp-configmap - name: {{ include "common.fullname" . }}-realm-conf configMap: name: {{ include "common.fullname" . }}-realm-configmap - - name: {{ include "common.fullname" . }}-auth-sec + - name: {{ include "common.fullname" . }}-auth-truststore-sec secret: - secretName: aai-auth-secret + secretName: aai-auth-truststore-secret + items: + {{ range $job := .Values.global.config.auth.files }} + - key: {{ . }} + path: {{ . }} + {{ end }} restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aai/charts/aai-traversal/templates/job.yaml b/kubernetes/aai/charts/aai-traversal/templates/job.yaml index 46af0047f7..a018ede1a3 100644 --- a/kubernetes/aai/charts/aai-traversal/templates/job.yaml +++ b/kubernetes/aai/charts/aai-traversal/templates/job.yaml @@ -1,4 +1,5 @@ # Copyright © 2017-2018 AT&T +# Modifications Copyright © 2018 Amdocs, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,6 +13,8 @@ # See the License for the specific language governing permissions and # limitations under the License. +{{ if .Values.global.jobs.updateQueryData.enabled }} + apiVersion: batch/v1 kind: Job metadata: @@ -58,9 +61,9 @@ spec: bash -x /opt/app/aai-traversal/docker-entrypoint.sh install/updateQueryData.sh env: - name: LOCAL_USER_ID - value: "1000" + value: {{ .Values.global.config.userId | quote }} - name: LOCAL_GROUP_ID - value: "1000" + value: {{ .Values.global.config.groupId | quote }} volumeMounts: - mountPath: /etc/localtime name: localtime @@ -85,9 +88,12 @@ spec: - mountPath: /opt/app/aai-traversal/resources/application.properties name: {{ include "common.fullname" . }}-springapp-conf subPath: application.properties - - mountPath: /opt/app/aai-traversal/resources/etc/auth/aai_keystore - name: {{ include "common.fullname" . }}-auth-sec - subPath: aai_keystore + {{ $global := . }} + {{ range $job := .Values.global.config.auth.files }} + - mountPath: /opt/app/aai-traversal/resources/etc/auth/{{ . }} + name: {{ include "common.fullname" $global }}-auth-truststore-sec + subPath: {{ . }} + {{ end }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container volumes: @@ -123,9 +129,15 @@ spec: - name: {{ include "common.fullname" . }}-realm-conf configMap: name: {{ include "common.fullname" . }}-realm-configmap - - name: {{ include "common.fullname" . }}-auth-sec + - name: {{ include "common.fullname" . }}-auth-truststore-sec secret: - secretName: aai-auth-secret + secretName: aai-auth-truststore-secret + items: + {{ range $job := .Values.global.config.auth.files }} + - key: {{ . }} + path: {{ . }} + {{ end }} restartPolicy: OnFailure imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" +{{ end }} diff --git a/kubernetes/aai/charts/aai-traversal/templates/service.yaml b/kubernetes/aai/charts/aai-traversal/templates/service.yaml index 9ba61fa00c..d1199125d2 100644 --- a/kubernetes/aai/charts/aai-traversal/templates/service.yaml +++ b/kubernetes/aai/charts/aai-traversal/templates/service.yaml @@ -1,3 +1,17 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + apiVersion: v1 kind: Service metadata: diff --git a/kubernetes/aai/charts/aai-traversal/values.yaml b/kubernetes/aai/charts/aai-traversal/values.yaml index 5cc49a4716..a3410adacc 100644 --- a/kubernetes/aai/charts/aai-traversal/values.yaml +++ b/kubernetes/aai/charts/aai-traversal/values.yaml @@ -1,3 +1,17 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + # Default values for traversal. # This is a YAML-formatted file. # Declare variables to be passed into your templates. @@ -9,15 +23,23 @@ global: # global defaults # application image repository: nexus3.onap.org:10001 -image: onap/aai-traversal:1.2.2 +image: onap/aai-traversal:1.3-STAGING-latest pullPolicy: Always restartPolicy: Always # application configuration config: - aaicoreversion: 1.1.0-SNAPSHOT - userId: 1000 - groupId: 1000 + + # Specifies timeout information such as application specific and limits + timeout: + # If set to true application will timeout for queries taking longer than limit + enabled: true + # Specifies which apps (X-FromAppId) header should get overridden and (-1) no timeout + appspecific: JUNITTESTAPP1,1|JUNITTESTAPP2,-1|DCAE-CCS,-1|DCAES,-1|AAI-FILEGEN-GFPIP,-1 + # Specifies how long should it wait before timing out the REST request + limit: 180000 + + # Disables the updateQueryData script to run as part of traversal disableUpdateQuery: true persistence: |