summaryrefslogtreecommitdiffstats
path: root/kubernetes/aai/charts
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/aai/charts')
-rw-r--r--kubernetes/aai/charts/aai-babel/values.yaml2
-rw-r--r--kubernetes/aai/charts/aai-champ/resources/config/log/logback.xml21
-rw-r--r--kubernetes/aai/charts/aai-champ/values.yaml2
-rw-r--r--kubernetes/aai/charts/aai-data-router/values.yaml2
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/client-cert.p12bin0 -> 2556 bytes
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/tomcat_keystorebin0 -> 2214 bytes
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/fproxy.properties2
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/logback-spring.xml48
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/readme.txt1
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/client-cert.p12bin0 -> 2556 bytes
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/tomcat_keystorebin0 -> 3594 bytes
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json99
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties25
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/forward-proxy.properties4
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/logback-spring.xml48
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/primary-service.properties3
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/readme.txt1
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/reverse-proxy.properties1
-rw-r--r--kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/security/keyfile27
-rw-r--r--kubernetes/aai/charts/aai-gizmo/templates/configmap.yaml36
-rw-r--r--kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml110
-rw-r--r--kubernetes/aai/charts/aai-gizmo/templates/secrets.yaml30
-rw-r--r--kubernetes/aai/charts/aai-gizmo/templates/service.yaml30
-rw-r--r--kubernetes/aai/charts/aai-gizmo/values.yaml2
-rw-r--r--kubernetes/aai/charts/aai-graphadmin/resources/config/application.properties1
-rw-r--r--kubernetes/aai/charts/aai-graphadmin/resources/config/realm.properties1
-rw-r--r--kubernetes/aai/charts/aai-graphadmin/templates/deployment.yaml3
-rw-r--r--kubernetes/aai/charts/aai-graphadmin/values.yaml2
-rw-r--r--kubernetes/aai/charts/aai-modelloader/values.yaml2
-rw-r--r--kubernetes/aai/charts/aai-resources/resources/config/aaf/bath_config.csv33
-rw-r--r--kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.props3
-rw-r--r--kubernetes/aai/charts/aai-resources/resources/config/application.properties1
-rw-r--r--kubernetes/aai/charts/aai-resources/resources/config/realm.properties1
-rw-r--r--kubernetes/aai/charts/aai-resources/templates/configmap.yaml1
-rw-r--r--kubernetes/aai/charts/aai-resources/templates/deployment.yaml6
-rw-r--r--kubernetes/aai/charts/aai-resources/values.yaml2
-rw-r--r--kubernetes/aai/charts/aai-search-data/values.yaml2
-rw-r--r--kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml6
-rw-r--r--kubernetes/aai/charts/aai-sparky-be/values.yaml2
-rw-r--r--kubernetes/aai/charts/aai-traversal/resources/config/aaf/bath_config.csv33
-rw-r--r--kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props3
-rw-r--r--kubernetes/aai/charts/aai-traversal/resources/config/application.properties1
-rw-r--r--kubernetes/aai/charts/aai-traversal/resources/config/realm.properties1
-rw-r--r--kubernetes/aai/charts/aai-traversal/templates/configmap.yaml1
-rw-r--r--kubernetes/aai/charts/aai-traversal/templates/deployment.yaml6
-rw-r--r--kubernetes/aai/charts/aai-traversal/templates/job.yaml3
-rw-r--r--kubernetes/aai/charts/aai-traversal/values.yaml2
47 files changed, 564 insertions, 46 deletions
diff --git a/kubernetes/aai/charts/aai-babel/values.yaml b/kubernetes/aai/charts/aai-babel/values.yaml
index 59c336660c..8e55d49075 100644
--- a/kubernetes/aai/charts/aai-babel/values.yaml
+++ b/kubernetes/aai/charts/aai-babel/values.yaml
@@ -25,7 +25,7 @@ global:
#################################################################
# application image
-image: onap/babel:1.3-STAGING-latest
+image: onap/babel:1.3.0
flavor: small
diff --git a/kubernetes/aai/charts/aai-champ/resources/config/log/logback.xml b/kubernetes/aai/charts/aai-champ/resources/config/log/logback.xml
index 1fbd913907..67f6ac34f1 100644
--- a/kubernetes/aai/charts/aai-champ/resources/config/log/logback.xml
+++ b/kubernetes/aai/charts/aai-champ/resources/config/log/logback.xml
@@ -143,27 +143,12 @@ limitations under the License.
<logger name="org.springframework.web" level="WARN" />
<logger name="com.blog.spring.jms" level="WARN" />
- <!-- AJSC Services (bootstrap services) -->
- <logger name="ajsc" level="WARN" />
- <logger name="ajsc.RouteMgmtService" level="WARN" />
- <logger name="ajsc.ComputeService" level="WARN" />
- <logger name="ajsc.VandelayService" level="WARN" />
- <logger name="ajsc.FilePersistenceService" level="WARN" />
- <logger name="ajsc.UserDefinedJarService" level="WARN" />
- <logger name="ajsc.UserDefinedBeansDefService" level="WARN" />
- <logger name="ajsc.LoggingConfigurationService" level="WARN" />
-
- <!-- AJSC related loggers -->
- <logger name="ajsc.restlet" level="WARN" />
- <logger name="ajsc.servlet" level="WARN" />
-
<!-- General loggers -->
- <logger name="com.att" level="INFO" />
- <logger name="org.onap" level="INFO" />
- <logger name="org.openecomp" level="INFO" />
+ <logger name="org.onap" level="WARN" />
<!-- Other Loggers that may help troubleshoot -->
<logger name="net.sf" level="WARN" />
+ <logger name="org.apache" level="WARN" />
<logger name="org.apache.commons.httpclient" level="WARN" />
<logger name="org.apache.commons" level="WARN" />
<logger name="org.apache.coyote" level="WARN" />
@@ -188,4 +173,4 @@ limitations under the License.
<!-- <appender-ref ref="asyncEELFDebug" /> -->
</root>
-</configuration>
+</configuration> \ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-champ/values.yaml b/kubernetes/aai/charts/aai-champ/values.yaml
index 9e1c9bd23b..1cf9452e4d 100644
--- a/kubernetes/aai/charts/aai-champ/values.yaml
+++ b/kubernetes/aai/charts/aai-champ/values.yaml
@@ -25,7 +25,7 @@ global:
#################################################################
# application image
-image: onap/champ:1.3-STAGING-latest
+image: onap/champ:1.3.0
flavor: small
diff --git a/kubernetes/aai/charts/aai-data-router/values.yaml b/kubernetes/aai/charts/aai-data-router/values.yaml
index c1fa49f3f0..64a0fe1ab4 100644
--- a/kubernetes/aai/charts/aai-data-router/values.yaml
+++ b/kubernetes/aai/charts/aai-data-router/values.yaml
@@ -21,7 +21,7 @@ global: # global defaults
# application image
repository: nexus3.onap.org:10001
-image: onap/data-router:1.3-STAGING-latest
+image: onap/data-router:1.3.0
pullPolicy: Always
restartPolicy: Always
flavor: small
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/client-cert.p12 b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/client-cert.p12
new file mode 100644
index 0000000000..dbf4fcacec
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/client-cert.p12
Binary files differ
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/tomcat_keystore b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/tomcat_keystore
new file mode 100644
index 0000000000..9eec841aa2
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/tomcat_keystore
Binary files differ
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/fproxy.properties b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/fproxy.properties
new file mode 100644
index 0000000000..f512fb71a6
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/fproxy.properties
@@ -0,0 +1,2 @@
+credential.cache.timeout.ms=180000
+transactionid.header.name=X-TransactionId \ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/logback-spring.xml b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/logback-spring.xml
new file mode 100644
index 0000000000..3a35b76f7b
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/logback-spring.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+
+ <property name="LOGS" value="./logs/AAF-FPS" />
+ <property name="FILEPREFIX" value="application" />
+
+ <appender name="Console"
+ class="ch.qos.logback.core.ConsoleAppender">
+ <layout class="ch.qos.logback.classic.PatternLayout">
+ <Pattern>
+ %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable
+ </Pattern>
+ </layout>
+ </appender>
+
+ <appender name="RollingFile"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${LOGS}/${FILEPREFIX}.log</file>
+ <encoder
+ class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+ <Pattern>%d %p %C{1.} [%t] %m%n</Pattern>
+ </encoder>
+
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- rollover daily and when the file reaches 10 MegaBytes -->
+ <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log
+ </fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>10MB</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ </rollingPolicy>
+ </appender>
+
+ <!-- LOG everything at INFO level -->
+ <root level="info">
+ <appender-ref ref="RollingFile" />
+ <appender-ref ref="Console" />
+ </root>
+
+ <!-- LOG "com.baeldung*" at TRACE level -->
+ <logger name="org.onap.aaf.fproxy" level="trace" additivity="false">
+ <appender-ref ref="RollingFile" />
+ <appender-ref ref="Console" />
+ </logger>
+
+</configuration> \ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/readme.txt b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/readme.txt
new file mode 100644
index 0000000000..79cf29e73c
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/readme.txt
@@ -0,0 +1 @@
+Relevant configuration files need to be copied here to successfully run this service locally. \ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/client-cert.p12 b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/client-cert.p12
new file mode 100644
index 0000000000..dbf4fcacec
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/client-cert.p12
Binary files differ
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/tomcat_keystore b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/tomcat_keystore
new file mode 100644
index 0000000000..99129c145f
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/tomcat_keystore
Binary files differ
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json
new file mode 100644
index 0000000000..e468b3d7bd
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json
@@ -0,0 +1,99 @@
+[
+ {
+ "uri": "\/not\/allowed\/at\/all$",
+ "permissions": [
+ "test.auth.access.ifYouLikedItYouShouldHavePutAPermissionOnIt"
+ ]
+ },
+ {
+ "uri": "\/one\/auth\/required$",
+ "permissions": [
+ "test.auth.access.aSimpleSingleAuth"
+ ]
+ },
+ {
+ "uri": "\/multi\/auth\/required$",
+ "permissions": [
+ "test.auth.access.aMultipleAuth1",
+ "test.auth.access.aMultipleAuth2",
+ "test.auth.access.aMultipleAuth3"
+ ]
+ },
+ {
+ "uri": "\/one\/[^\/]+\/required$",
+ "permissions": [
+ "test.auth.access.aSimpleSingleAuth"
+ ]
+ },
+ {
+ "uri": "\/services\/getAAFRequest$",
+ "permissions": [
+ "test.auth.access|services|GET,PUT"
+ ]
+ },
+ {
+ "uri": "\/admin\/getAAFRequest$",
+ "permissions": [
+ "test.auth.access|admin|GET,PUT,POST"
+ ]
+ },
+ {
+ "uri": "\/service\/aai\/webapp\/index.html$",
+ "permissions": [
+ "test.auth.access|services|GET,PUT"
+ ]
+ },
+ {
+ "uri": "\/services\/aai\/webapp\/index.html$",
+ "permissions": [
+ "test.auth.access|services|GET,PUT"
+ ]
+ },
+ {
+ "uri": "\/$",
+ "permissions": [
+ "\\|services\\|GET",
+ "test\\.auth\\.access\\|services\\|GET,PUT"
+ ]
+ },
+ {
+ "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions$",
+ "permissions": [
+ "test\\.auth\\.access\\|rest\\|read"
+ ]
+ },
+ {
+ "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+$*",
+ "permissions": [
+ "test.auth.access|clouds|read",
+ "test.auth.access|tenants|read"
+ ]
+ },
+ {
+ "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+\/tenants/tenant/[^\/]+/vservers/vserver/[^\/]+$",
+ "permissions": [
+ "test.auth.access|clouds|read",
+ "test.auth.access|tenants|read",
+ "test.auth.access|vservers|read"
+ ]
+ },
+ {
+ "uri": "\/backend$",
+ "permissions": [
+ "test\\.auth\\.access\\|services\\|GET,PUT",
+ "\\|services\\|GET"
+ ]
+ },
+ {
+ "uri": "\/services\/inventory\/.*",
+ "permissions": [
+ "org\\.access\\|\\*\\|\\*"
+ ]
+ },
+ {
+ "uri": "\/services\/gizmo\/.*",
+ "permissions": [
+ "org\\.access\\|\\*\\|\\*"
+ ]
+ }
+]
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties
new file mode 100644
index 0000000000..a82e38caf6
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties
@@ -0,0 +1,25 @@
+# This is a normal Java Properties File
+# Comments are with Pound Signs at beginning of lines,
+# and multi-line expression of properties can be obtained by backslash at end of line
+
+#hostname is used for local testing where you may have to set your hostname to **.att.com or **.sbc.com. The example given below
+#will allow for an ATT cross domain cookie to be used for GLO. If you are running on Windows corp machine, your machine name
+#may be used automatically by cadi. However, if it is not, you will need to use hostname=mywebserver.att.com and add mywebserver.att.com
+#to your hosts file on your machine.
+#hostname=test.aic.cip.att.com
+
+cadi_loglevel=DEBUG
+cadi_keyfile=/opt/app/rproxy/config/security/keyfile
+
+cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore
+cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+
+# Configure AAF
+aaf_url=https://{{.Values.global.aaf.serverHostname}}:{{.Values.global.aaf.serverPort}}
+aaf_env=DEV
+
+aaf_id=demo@people.osaaf.org
+aaf_password=enc:92w4px0y_rrm265LXLpw58QnNPgDXykyA1YTrflbAKz
+
+# This is a colon separated list of client cert issuers
+cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/forward-proxy.properties b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/forward-proxy.properties
new file mode 100644
index 0000000000..1b58d4235c
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/forward-proxy.properties
@@ -0,0 +1,4 @@
+forward-proxy.protocol = https
+forward-proxy.host = localhost
+forward-proxy.port = 10680
+forward-proxy.cacheurl = /credential-cache \ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/logback-spring.xml b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/logback-spring.xml
new file mode 100644
index 0000000000..289fe7512c
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/logback-spring.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+
+ <property name="LOGS" value="./logs/reverse-proxy" />
+ <property name="FILEPREFIX" value="application" />
+
+ <appender name="Console"
+ class="ch.qos.logback.core.ConsoleAppender">
+ <layout class="ch.qos.logback.classic.PatternLayout">
+ <Pattern>
+ %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable
+ </Pattern>
+ </layout>
+ </appender>
+
+ <appender name="RollingFile"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${LOGS}/${FILEPREFIX}.log</file>
+ <encoder
+ class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+ <Pattern>%d %p %C{1.} [%t] %m%n</Pattern>
+ </encoder>
+
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- rollover daily and when the file reaches 10 MegaBytes -->
+ <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log
+ </fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>10MB</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ </rollingPolicy>
+ </appender>
+
+ <!-- LOG everything at INFO level -->
+ <root level="debug">
+ <appender-ref ref="RollingFile" />
+ <appender-ref ref="Console" />
+ </root>
+
+ <!-- LOG "com.baeldung*" at TRACE level -->
+ <logger name="org.onap.aaf.rproxy" level="trace" additivity="false">
+ <appender-ref ref="RollingFile" />
+ <appender-ref ref="Console" />
+ </logger>
+
+</configuration>
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/primary-service.properties b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/primary-service.properties
new file mode 100644
index 0000000000..8ab780edcb
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/primary-service.properties
@@ -0,0 +1,3 @@
+primary-service.protocol = https
+primary-service.host = localhost
+primary-service.port = 9520
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/readme.txt b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/readme.txt
new file mode 100644
index 0000000000..79cf29e73c
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/readme.txt
@@ -0,0 +1 @@
+Relevant configuration files need to be copied here to successfully run this service locally. \ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/reverse-proxy.properties b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/reverse-proxy.properties
new file mode 100644
index 0000000000..8d46e1f429
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/reverse-proxy.properties
@@ -0,0 +1 @@
+transactionid.header.name=X-TransactionId \ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/security/keyfile b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/security/keyfile
new file mode 100644
index 0000000000..6cd12fcfb4
--- /dev/null
+++ b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/security/keyfile
@@ -0,0 +1,27 @@
+bZNOXiGDJ2_eiKBKWYLIFx27URvb-SWfmOl2d-QKetcVKIupOrsG-ScS_VXOtKN3Yxfb2cR6t7oM
+1RNpDnhsKAxDLM6A62IkS_h_Rp3Q9c2JeyomVmyiuHR7a2ARbelaMrX8WDrxXI_t9ce4pIHDVE29
+xiQm3Bdp7d7IiKkgg-ipvOU7Y6NEzeQbvHlHvRTJ3ZZMSwHxBOA5M8DhKN-AF1sqwozEVaNAuJxK
+BVdh72A6KTW7ieb_GvVQQp8h32BuOz8oJhZV7KaGXsWTEvXg9ImboY0h7Sl9hufgn1ZtDK1jxzGm
+6O6LBg1qezzZaFGTXRmHvaeYmEeYSu0bGsU4x-JCU0RyhNTzFhkhjNoccaqPXBdcJymLf096mD99
+QLS8nyji_KtLQJL1fqr500c8p6SOURLPgG6Gzkn4ghgFYlfgve92xs1R3ggHKhNTLV4HJ4O6iSDm
+zCoHeRbsZR1JER9yxT-v8NtcHOMAZe1oDQeY6jVyxb-bhaonN6eZPI4nyF6MHJQtWKhGARC_kOs6
+x9E0ZdAEp5TrX7F7J5PwkXzbCOuSiTVftOBum43iUB4q9He8tn2tJ0X4LtLHT3bPl16wWnZm9RPf
+8wBtTJh4QP_cTStPq1ftSaLIAuqVFpbiC2DxGemXZn3QvykuYqa-rKeYPoIJ5dtWd5rNb_hhcSIz
+FakKTELb0HWYGji98TBF6PaStea2f2m-wGX_uQGD7_Dijl6AgnV9koKVs1bN1XljLtNMPbLdD8sz
+UCvc5lwvCFyyeunljI7os1fgwBmaMyckflq5VfZv9kFxom6jFLbcozylQ_uBg4j7oCP79IXVUI-r
+banZltOSmm8zHGc2R9UlUyxJWBi01yxwi1hUtn9g1H4RtncQpu3BY0Qvu5YLAmS5imivUnGVZWbv
+6wcqnJt5HwaVatE9NHONSLNTViQPsUOutWZBZxhJtAncdZuWOYZSh4TPzUJWvt6zT0E3YMBc_UuG
+yPmdLyqo7qGHR8YWRqq_vq6ISJqENMnVD6X9-BeI6KM4GPEAlDWyhgENXxQFjG45ufg3UpP8LBTB
+xDntlfkphRumsd13-8IlvwVtlpgnbuCMbwP_-lNVeNJcdA1InPt79oY-SEVZ-RVM1881ZASCnFeB
+lh3BTc_bGQ8YoC9s6iHtcCK_1SdbwzBfQBJUqqcYsa8hJLe-j8di7KCaFzI3a-UXWKuuWljpbKbq
+ibd48UFJt_34_GxkD6bmLxycuNH-og2Sd2VcYU0o5UarcrY4-2sgFPE7Mzxovrl98uayfgNF9DqE
+fJ4MwFGqLRtEHlm4zfuMxQ5Rh_giMUHDJApc1DYRkxdGbNUd4bC4aRBln2IhN-rNKbSVtiW_uT6v
+1KTMGmElvktjPWybJd2SvhT5qOLUM81-cmZzAsNa04jxZLBlQn_1fel3IroVos4Ohbdhar2NG6T5
+liten9RZ9P4Cg9RWhgeQonAD5kqLWXAHnCfffb5CVcAU5PHqkCgCbdThvD0-zIGETLO9AE0jKISc
+0o67CUZn3MzJ9pP_3gh-ALr2w-KAwqasqCf0igf1wmEDijv9wEDcgDm39ERIElTpGKgfyuVl4F8u
+PrpK5ZfpUYySUB6CZFQVVz0MvH6E7orQk4dCKFIimV_XwEtGijBttrTvyV6xYNScAEw_olt-0mdm
+8UEKSsuqSyDMxUWLjKJT19rNedahYJNtI87WR9Fhhjsrai9Or3a-srOYa56wcvSj2ZHbkevbO9Xv
+dQ2wzWCGEAMQSpSr83n0XEpR2pZT19Z19Svbhr08mnt2JNykCk60FLCeDTUOylJtYw6YOjqBizQZ
+-85B51BCbSEaAKJkgT9-8n_-LGW5aPBrBB_9FT7UIYczNEt3B1Lqr2s4ipPI_36JecEfqaS2cNLn
+c0ObAtNGAONkhO5LYLneMR3fZPMFuOX1-rMObPgE0i9dYqWDZ_30w9rpRsmiWyxYi5lvWDxU5L1J
+uJxwREz3oa_VgpSC3Y2oxCufdQwzBk57iVLDOb1qs_Hwj1SWd1nukWyAo2-g5sR1folAEcao \ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-gizmo/templates/configmap.yaml b/kubernetes/aai/charts/aai-gizmo/templates/configmap.yaml
index 8d8a8fa008..a25dcbc806 100644
--- a/kubernetes/aai/charts/aai-gizmo/templates/configmap.yaml
+++ b/kubernetes/aai/charts/aai-gizmo/templates/configmap.yaml
@@ -64,3 +64,39 @@ metadata:
heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }}
+
+{{ if .Values.global.installSidecarSecurity }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-fproxy-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/fproxy/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-fproxy-log-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/fproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-log-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
+{{ end }}
+
diff --git a/kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml b/kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml
index 278a8f5ffa..1e68712749 100644
--- a/kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml
+++ b/kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml
@@ -31,6 +31,19 @@ spec:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
spec:
+ {{ if .Values.global.installSidecarSecurity }}
+ hostAliases:
+ - ip: {{ .Values.global.aaf.serverIp }}
+ hostnames:
+ - {{ .Values.global.aaf.serverHostname }}
+
+ initContainers:
+ - name: {{ .Values.global.tproxyConfig.name }}
+ image: "{{ include "common.repository" . }}/{{ .Values.global.tproxyConfig.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ securityContext:
+ privileged: true
+ {{ end }}
containers:
- name: {{ .Chart.Name }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
@@ -111,6 +124,79 @@ spec:
- mountPath: /usr/share/filebeat/data
name: {{ include "common.fullname" . }}-data-filebeat
+ {{ if .Values.global.installSidecarSecurity }}
+ - name: {{ .Values.global.rproxy.name }}
+ image: "{{ include "common.repository" . }}/{{ .Values.global.rproxy.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: CONFIG_HOME
+ value: "/opt/app/rproxy/config"
+ - name: KEY_STORE_PASSWORD
+ value: {{ .Values.config.keyStorePassword }}
+ - name: spring_profiles_active
+ value: {{ .Values.global.rproxy.activeSpringProfiles }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ mountPath: /opt/app/rproxy/config/forward-proxy.properties
+ subPath: forward-proxy.properties
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ mountPath: /opt/app/rproxy/config/primary-service.properties
+ subPath: primary-service.properties
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ mountPath: /opt/app/rproxy/config/reverse-proxy.properties
+ subPath: reverse-proxy.properties
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ mountPath: /opt/app/rproxy/config/cadi.properties
+ subPath: cadi.properties
+ - name: {{ include "common.fullname" . }}-rproxy-log-config
+ mountPath: /opt/app/rproxy/config/logback-spring.xml
+ subPath: logback-spring.xml
+ - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ mountPath: /opt/app/rproxy/config/auth/tomcat_keystore
+ subPath: tomcat_keystore
+ - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ mountPath: /opt/app/rproxy/config/auth/client-cert.p12
+ subPath: client-cert.p12
+ - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
+ subPath: uri-authorization.json
+ - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks
+ subPath: aaf_truststore.jks
+ - name: {{ include "common.fullname" . }}-rproxy-security-config
+ mountPath: /opt/app/rproxy/config/security/keyfile
+ subPath: keyfile
+
+ ports:
+ - containerPort: {{ .Values.global.rproxy.port }}
+
+ - name: {{ .Values.global.fproxy.name }}
+ image: "{{ include "common.repository" . }}/{{ .Values.global.fproxy.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: CONFIG_HOME
+ value: "/opt/app/fproxy/config"
+ - name: KEY_STORE_PASSWORD
+ value: {{ .Values.config.keyStorePassword }}
+ - name: spring_profiles_active
+ value: {{ .Values.global.fproxy.activeSpringProfiles }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-fproxy-config
+ mountPath: /opt/app/fproxy/config/fproxy.properties
+ subPath: fproxy.properties
+ - name: {{ include "common.fullname" . }}-fproxy-log-config
+ mountPath: /opt/app/fproxy/config/logback-spring.xml
+ subPath: logback-spring.xml
+ - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ mountPath: /opt/app/fproxy/config/auth/tomcat_keystore
+ subPath: tomcat_keystore
+ - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ mountPath: /opt/app/fproxy/config/auth/client-cert.p12
+ subPath: client-cert.p12
+ ports:
+ - containerPort: {{ .Values.global.fproxy.port }}
+ {{ end }}
+
volumes:
- name: localtime
hostPath:
@@ -144,5 +230,29 @@ spec:
- name: {{ include "common.fullname" . }}-model-config
configMap:
name: {{ include "common.fullname" . }}-model-configmap
+ {{ if .Values.global.installSidecarSecurity }}
+ - name: {{ include "common.fullname" . }}-rproxy-config
+ configMap:
+ name: {{ include "common.fullname" . }}-rproxy-config
+ - name: {{ include "common.fullname" . }}-rproxy-log-config
+ configMap:
+ name: {{ include "common.fullname" . }}-rproxy-log-config
+ - name: {{ include "common.fullname" . }}-rproxy-auth-config
+ secret:
+ secretName: {{ include "common.fullname" . }}-rproxy-auth-config
+ - name: {{ include "common.fullname" . }}-rproxy-security-config
+ secret:
+ secretName: {{ include "common.fullname" . }}-rproxy-security-config
+ - name: {{ include "common.fullname" . }}-fproxy-config
+ configMap:
+ name: {{ include "common.fullname" . }}-fproxy-config
+ - name: {{ include "common.fullname" . }}-fproxy-log-config
+ configMap:
+ name: {{ include "common.fullname" . }}-fproxy-log-config
+ - name: {{ include "common.fullname" . }}-fproxy-auth-config
+ secret:
+ secretName: {{ include "common.fullname" . }}-fproxy-auth-config
+ {{ end }}
+
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aai/charts/aai-gizmo/templates/secrets.yaml b/kubernetes/aai/charts/aai-gizmo/templates/secrets.yaml
index 58d57697da..7db76055d1 100644
--- a/kubernetes/aai/charts/aai-gizmo/templates/secrets.yaml
+++ b/kubernetes/aai/charts/aai-gizmo/templates/secrets.yaml
@@ -40,3 +40,33 @@ type: Opaque
data:
KEY_STORE_PASSWORD: {{ .Values.config.keyStorePassword | b64enc | quote }}
KEY_MANAGER_PASSWORD: {{ .Values.config.keyManagerPassword | b64enc | quote }}
+
+{{ if .Values.global.installSidecarSecurity }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-fproxy-auth-config
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/fproxy/config/auth/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-auth-config
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-rproxy-security-config
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/rproxy/config/security/*").AsSecrets . | indent 2 }}
+{{ end }}
diff --git a/kubernetes/aai/charts/aai-gizmo/templates/service.yaml b/kubernetes/aai/charts/aai-gizmo/templates/service.yaml
index 88948cfdf5..ac34ed9248 100644
--- a/kubernetes/aai/charts/aai-gizmo/templates/service.yaml
+++ b/kubernetes/aai/charts/aai-gizmo/templates/service.yaml
@@ -27,15 +27,27 @@ metadata:
spec:
type: {{ .Values.service.type }}
ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- {{- end}}
+ {{ if .Values.global.installSidecarSecurity }}
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.global.rproxy.port }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.global.rproxy.port }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ {{ else }}
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ {{ end }}
selector:
app: {{ include "common.name" . }}
release: {{ .Release.Name }}
diff --git a/kubernetes/aai/charts/aai-gizmo/values.yaml b/kubernetes/aai/charts/aai-gizmo/values.yaml
index 6ad25c5246..ff2049ba16 100644
--- a/kubernetes/aai/charts/aai-gizmo/values.yaml
+++ b/kubernetes/aai/charts/aai-gizmo/values.yaml
@@ -23,7 +23,7 @@ global:
#################################################################
# application image
-image: onap/gizmo:1.3-STAGING-latest
+image: onap/gizmo:1.3.0
flavor: small
# application configuration
config:
diff --git a/kubernetes/aai/charts/aai-graphadmin/resources/config/application.properties b/kubernetes/aai/charts/aai-graphadmin/resources/config/application.properties
index 75572479b6..81a9c7b27d 100644
--- a/kubernetes/aai/charts/aai-graphadmin/resources/config/application.properties
+++ b/kubernetes/aai/charts/aai-graphadmin/resources/config/application.properties
@@ -55,6 +55,7 @@ server.ssl.key-store-type=JKS
# JMS bind address host port
jms.bind.address=tcp://localhost:61649
dmaap.ribbon.listOfServers=message-router.{{.Release.Namespace}}:3905
+dmaap.ribbon.transportType=https
# Schema related attributes for the oxm and edges
# Any additional schema related attributes should start with prefix schema
diff --git a/kubernetes/aai/charts/aai-graphadmin/resources/config/realm.properties b/kubernetes/aai/charts/aai-graphadmin/resources/config/realm.properties
index 8a14f81606..97627eac16 100644
--- a/kubernetes/aai/charts/aai-graphadmin/resources/config/realm.properties
+++ b/kubernetes/aai/charts/aai-graphadmin/resources/config/realm.properties
@@ -16,7 +16,6 @@
# See the License for the specific language governing permissions and
# limitations under the License.
# ============LICENSE_END=========================================================
-
# format : username: password[,rolename ...]
# default username/password: AAI/AAI, MSO/MSO, ModelLoader/ModelLoader...
AAI:OBF:1gfr1ev31gg7,admin
diff --git a/kubernetes/aai/charts/aai-graphadmin/templates/deployment.yaml b/kubernetes/aai/charts/aai-graphadmin/templates/deployment.yaml
index 5b23fa6064..869eac0cc7 100644
--- a/kubernetes/aai/charts/aai-graphadmin/templates/deployment.yaml
+++ b/kubernetes/aai/charts/aai-graphadmin/templates/deployment.yaml
@@ -96,6 +96,9 @@ spec:
- mountPath: /opt/app/aai-graphadmin/resources/localhost-access-logback.xml
name: {{ include "common.fullname" . }}-localhost-access-log-conf
subPath: localhost-access-logback.xml
+ - mountPath: /opt/app/aai-graphadmin/resources/etc/auth/realm.properties
+ name: {{ include "common.fullname" . }}-realm-conf
+ subPath: realm.properties
- mountPath: /opt/app/aai-graphadmin/resources/application.properties
name: {{ include "common.fullname" . }}-springapp-conf
subPath: application.properties
diff --git a/kubernetes/aai/charts/aai-graphadmin/values.yaml b/kubernetes/aai/charts/aai-graphadmin/values.yaml
index b7af3d0bd7..b1fd98e5ee 100644
--- a/kubernetes/aai/charts/aai-graphadmin/values.yaml
+++ b/kubernetes/aai/charts/aai-graphadmin/values.yaml
@@ -28,7 +28,7 @@ global: # global defaults
# application image
repository: nexus3.onap.org:10001
-image: onap/aai-graphadmin:1.0-STAGING-latest
+image: onap/aai-graphadmin:1.0.0
pullPolicy: Always
restartPolicy: Always
flavor: small
diff --git a/kubernetes/aai/charts/aai-modelloader/values.yaml b/kubernetes/aai/charts/aai-modelloader/values.yaml
index 1617fc08a7..a2b64f2318 100644
--- a/kubernetes/aai/charts/aai-modelloader/values.yaml
+++ b/kubernetes/aai/charts/aai-modelloader/values.yaml
@@ -21,7 +21,7 @@ global: # global defaults
# application image
repository: nexus3.onap.org:10001
-image: onap/model-loader:1.3-STAGING-latest
+image: onap/model-loader:1.3.0
pullPolicy: Always
restartPolicy: Always
flavor: small
diff --git a/kubernetes/aai/charts/aai-resources/resources/config/aaf/bath_config.csv b/kubernetes/aai/charts/aai-resources/resources/config/aaf/bath_config.csv
new file mode 100644
index 0000000000..b926dfd260
--- /dev/null
+++ b/kubernetes/aai/charts/aai-resources/resources/config/aaf/bath_config.csv
@@ -0,0 +1,33 @@
+# AAI -> aai@aai.onap.org
+Basic QUFJOkFBSQ==,Basic YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03
+
+# ModelLoader -> aai@aai.onap.org
+Basic TW9kZWxMb2FkZXI6TW9kZWxMb2FkZXI=,Basic YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03
+
+# AaiUI -> aai@aai.onap.org,
+Basic QWFpVUk6QWFpVUk=,Basic YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03
+
+# MSO -> so@so.onap.org
+Basic TVNPOk1TTw==,Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1NiE=,2050-03-03
+
+# SDNC -> sdnc@sdnc.onap.org
+Basic U0ROQzpTRE5D,Basic c2RuY0BzZG5jLm9uYXAub3JnOmRlbW8xMjM0NTYh,2050-03-03
+
+# DCAE -> dcae@dcae.onap.org
+Basic RENBRTpEQ0FF,Basic ZGNhZUBkY2FlLm9uYXAub3JnOmRlbW8xMjMzNDU2IQ==,2050-03-03
+
+# POLICY -> policy@policy.onap.org
+Basic UE9MSUNZOlBPTElDWQ==,Basic cG9saWN5QHBvbGljeS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03
+
+# ASDC -> sdc@sdc.onap.org
+Basic QVNEQzpBU0RD,Basic c2RjQHNkYy5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03
+
+# VID -> vid@vid.onap.org
+Basic VklEOlZJRA==,Basic dmlkQHZpZC5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03
+
+# APPC -> appc@appc.onap.org
+Basic QVBQQzpBUFBD,Basic YXBwY0BhcHBjLm9uYXAub3JnOmRlbW8xMjM0NTYh,2050-03-03
+
+# OOF -> oof@oof.onap.org
+Basic T09GOk9PRg==,Basic b29mQG9vZi5vbmFwLm9yZzpkZW1vMTIzNDQ2IQ==,2050-03-03
+
diff --git a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.props b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.props
index 906f170f56..78e4e71dc6 100644
--- a/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.props
+++ b/kubernetes/aai/charts/aai-resources/resources/config/aaf/org.onap.aai.props
@@ -10,4 +10,5 @@ cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5
cadi_alias=aai@aai.onap.org
cadi_truststore=/opt/app/aai-resources/resources/aaf/truststoreONAPall.jks
cadi_truststore_password=enc:s77wlnZFoQ08NhnU3OSeWO6uKgRwC6sAK-wTvVubNz2
-cadi_loglevel=INFO \ No newline at end of file
+cadi_loglevel=INFO
+cadi_bath_convert=/opt/app/aai-resources/resources/aaf/bath_config.csv
diff --git a/kubernetes/aai/charts/aai-resources/resources/config/application.properties b/kubernetes/aai/charts/aai-resources/resources/config/application.properties
index 29a6d23341..c8648e499e 100644
--- a/kubernetes/aai/charts/aai-resources/resources/config/application.properties
+++ b/kubernetes/aai/charts/aai-resources/resources/config/application.properties
@@ -50,6 +50,7 @@ server.ssl.key-store-type=JKS
# JMS bind address host port
jms.bind.address=tcp://localhost:61647
dmaap.ribbon.listOfServers=message-router.{{.Release.Namespace}}:3905
+dmaap.ribbon.transportType=https
# Schema related attributes for the oxm and edges
# Any additional schema related attributes should start with prefix schema
diff --git a/kubernetes/aai/charts/aai-resources/resources/config/realm.properties b/kubernetes/aai/charts/aai-resources/resources/config/realm.properties
index 1efcfbee03..0499b34f1c 100644
--- a/kubernetes/aai/charts/aai-resources/resources/config/realm.properties
+++ b/kubernetes/aai/charts/aai-resources/resources/config/realm.properties
@@ -11,7 +11,6 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
# format : username: password[,rolename ...]
# default username/password: AAI/AAI, MSO/MSO, ModelLoader/ModelLoader...
AAI:OBF:1gfr1ev31gg7,admin
diff --git a/kubernetes/aai/charts/aai-resources/templates/configmap.yaml b/kubernetes/aai/charts/aai-resources/templates/configmap.yaml
index 60fb645475..001f5ead65 100644
--- a/kubernetes/aai/charts/aai-resources/templates/configmap.yaml
+++ b/kubernetes/aai/charts/aai-resources/templates/configmap.yaml
@@ -135,3 +135,4 @@ data:
{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.keyfile").AsSecrets . | indent 2 }}
{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.p12").AsSecrets . | indent 2 }}
{{ tpl (.Files.Glob "resources/config/aaf/truststoreONAPall.jks").AsSecrets . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/aaf/bath_config.csv").AsSecrets . | indent 2 }}
diff --git a/kubernetes/aai/charts/aai-resources/templates/deployment.yaml b/kubernetes/aai/charts/aai-resources/templates/deployment.yaml
index 04549dfb94..4dcfa2cf9c 100644
--- a/kubernetes/aai/charts/aai-resources/templates/deployment.yaml
+++ b/kubernetes/aai/charts/aai-resources/templates/deployment.yaml
@@ -472,9 +472,15 @@ spec:
- mountPath: /opt/app/aai-resources/resources/localhost-access-logback.xml
name: {{ include "common.fullname" . }}-localhost-access-log-conf
subPath: localhost-access-logback.xml
+ - mountPath: /opt/app/aai-resources/resources/etc/auth/realm.properties
+ name: {{ include "common.fullname" . }}-realm-conf
+ subPath: realm.properties
- mountPath: /opt/app/aai-resources/resources/aaf/org.onap.aai.keyfile
name: {{ include "common.fullname" . }}-aaf-certs
subPath: org.onap.aai.keyfile
+ - mountPath: /opt/app/aai-resources/resources/aaf/bath_config.csv
+ name: {{ include "common.fullname" . }}-aaf-certs
+ subPath: bath_config.csv
- mountPath: /opt/app/aai-resources/resources/aaf/org.onap.aai.props
name: {{ include "common.fullname" . }}-aaf-properties
subPath: org.onap.aai.props
diff --git a/kubernetes/aai/charts/aai-resources/values.yaml b/kubernetes/aai/charts/aai-resources/values.yaml
index 8e50ba0421..770832b16a 100644
--- a/kubernetes/aai/charts/aai-resources/values.yaml
+++ b/kubernetes/aai/charts/aai-resources/values.yaml
@@ -22,7 +22,7 @@ global: # global defaults
# application image
repository: nexus3.onap.org:10001
-image: onap/aai-resources:1.3-STAGING-latest
+image: onap/aai-resources:1.3.0
pullPolicy: Always
restartPolicy: Always
flavor: small
diff --git a/kubernetes/aai/charts/aai-search-data/values.yaml b/kubernetes/aai/charts/aai-search-data/values.yaml
index b58350cac4..292e23c59c 100644
--- a/kubernetes/aai/charts/aai-search-data/values.yaml
+++ b/kubernetes/aai/charts/aai-search-data/values.yaml
@@ -23,7 +23,7 @@ global: # global defaults
# application image
repository: nexus3.onap.org:10001
-image: onap/search-data-service:1.3-STAGING-latest
+image: onap/search-data-service:1.3.1
pullPolicy: Always
restartPolicy: Always
flavor: small
diff --git a/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml b/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml
index 6a992dd618..d622be662d 100644
--- a/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml
+++ b/kubernetes/aai/charts/aai-sparky-be/templates/deployment.yaml
@@ -90,7 +90,7 @@ spec:
- mountPath: /opt/app/sparky/config/application-oxm-default.properties
name: {{ include "common.fullname" . }}-properties
subPath: application-oxm-default.properties
-
+
- mountPath: /opt/app/sparky/config/application-oxm-override.properties
name: {{ include "common.fullname" . }}-properties
subPath: application-oxm-override.properties
@@ -103,10 +103,10 @@ spec:
name: {{ include "common.fullname" . }}-properties
subPath: roles.config
- mountPath: /opt/app/sparky/config/users.config
+ - mountPath: /opt/app/sparky/config/users.config
name: {{ include "common.fullname" . }}-properties
subPath: users.config
-
+
ports:
- containerPort: {{ .Values.service.internalPort }}
- containerPort: {{ .Values.service.internalPort2 }}
diff --git a/kubernetes/aai/charts/aai-sparky-be/values.yaml b/kubernetes/aai/charts/aai-sparky-be/values.yaml
index a323d2987a..fdcb2ab6e9 100644
--- a/kubernetes/aai/charts/aai-sparky-be/values.yaml
+++ b/kubernetes/aai/charts/aai-sparky-be/values.yaml
@@ -28,7 +28,7 @@ global: # global defaults
# application image
repository: nexus3.onap.org:10001
-image: onap/sparky-be:1.3-STAGING-latest
+image: onap/sparky-be:1.3.0
pullPolicy: Always
restartPolicy: Always
flavor: small
diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/bath_config.csv b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/bath_config.csv
new file mode 100644
index 0000000000..b926dfd260
--- /dev/null
+++ b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/bath_config.csv
@@ -0,0 +1,33 @@
+# AAI -> aai@aai.onap.org
+Basic QUFJOkFBSQ==,Basic YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03
+
+# ModelLoader -> aai@aai.onap.org
+Basic TW9kZWxMb2FkZXI6TW9kZWxMb2FkZXI=,Basic YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03
+
+# AaiUI -> aai@aai.onap.org,
+Basic QWFpVUk6QWFpVUk=,Basic YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03
+
+# MSO -> so@so.onap.org
+Basic TVNPOk1TTw==,Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1NiE=,2050-03-03
+
+# SDNC -> sdnc@sdnc.onap.org
+Basic U0ROQzpTRE5D,Basic c2RuY0BzZG5jLm9uYXAub3JnOmRlbW8xMjM0NTYh,2050-03-03
+
+# DCAE -> dcae@dcae.onap.org
+Basic RENBRTpEQ0FF,Basic ZGNhZUBkY2FlLm9uYXAub3JnOmRlbW8xMjMzNDU2IQ==,2050-03-03
+
+# POLICY -> policy@policy.onap.org
+Basic UE9MSUNZOlBPTElDWQ==,Basic cG9saWN5QHBvbGljeS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03
+
+# ASDC -> sdc@sdc.onap.org
+Basic QVNEQzpBU0RD,Basic c2RjQHNkYy5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03
+
+# VID -> vid@vid.onap.org
+Basic VklEOlZJRA==,Basic dmlkQHZpZC5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03
+
+# APPC -> appc@appc.onap.org
+Basic QVBQQzpBUFBD,Basic YXBwY0BhcHBjLm9uYXAub3JnOmRlbW8xMjM0NTYh,2050-03-03
+
+# OOF -> oof@oof.onap.org
+Basic T09GOk9PRg==,Basic b29mQG9vZi5vbmFwLm9yZzpkZW1vMTIzNDQ2IQ==,2050-03-03
+
diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props
index 4596d91cfe..7cb0d492ce 100644
--- a/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props
+++ b/kubernetes/aai/charts/aai-traversal/resources/config/aaf/org.onap.aai.props
@@ -10,4 +10,5 @@ cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5
cadi_alias=aai@aai.onap.org
cadi_truststore=/opt/app/aai-traversal/resources/aaf/truststoreONAPall.jks
cadi_truststore_password=enc:s77wlnZFoQ08NhnU3OSeWO6uKgRwC6sAK-wTvVubNz2
-cadi_loglevel=INFO \ No newline at end of file
+cadi_loglevel=INFO
+cadi_bath_convert=/opt/app/aai-traversal/resources/aaf/bath_config.csv
diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/application.properties b/kubernetes/aai/charts/aai-traversal/resources/config/application.properties
index 1ad208fd86..8d35e2f5d6 100644
--- a/kubernetes/aai/charts/aai-traversal/resources/config/application.properties
+++ b/kubernetes/aai/charts/aai-traversal/resources/config/application.properties
@@ -50,6 +50,7 @@ server.ssl.key-store-type=JKS
# JMS bind address host port
jms.bind.address=tcp://localhost:61647
dmaap.ribbon.listOfServers=message-router.{{ include "common.namespace" . }}:3905
+dmaap.ribbon.transportType=https
# Schema related attributes for the oxm and edges
# Any additional schema related attributes should start with prefix schema
diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/realm.properties b/kubernetes/aai/charts/aai-traversal/resources/config/realm.properties
index 1efcfbee03..0499b34f1c 100644
--- a/kubernetes/aai/charts/aai-traversal/resources/config/realm.properties
+++ b/kubernetes/aai/charts/aai-traversal/resources/config/realm.properties
@@ -11,7 +11,6 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
# format : username: password[,rolename ...]
# default username/password: AAI/AAI, MSO/MSO, ModelLoader/ModelLoader...
AAI:OBF:1gfr1ev31gg7,admin
diff --git a/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml b/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml
index 8b93e8b3ae..79d6abd6c0 100644
--- a/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml
+++ b/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml
@@ -134,3 +134,4 @@ data:
{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.keyfile").AsSecrets . | indent 2 }}
{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.p12").AsSecrets . | indent 2 }}
{{ tpl (.Files.Glob "resources/config/aaf/truststoreONAPall.jks").AsSecrets . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/aaf/bath_config.csv").AsSecrets . | indent 2 }}
diff --git a/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml b/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml
index 68bd0185f6..834ab322cd 100644
--- a/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml
+++ b/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml
@@ -304,9 +304,15 @@ spec:
- mountPath: /opt/app/aai-traversal/resources/localhost-access-logback.xml
name: {{ include "common.fullname" . }}-localhost-access-log-conf
subPath: localhost-access-logback.xml
+ - mountPath: /opt/app/aai-traversal/resources/etc/auth/realm.properties
+ name: {{ include "common.fullname" . }}-realm-conf
+ subPath: realm.properties
- mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.keyfile
name: {{ include "common.fullname" . }}-aaf-certs
subPath: org.onap.aai.keyfile
+ - mountPath: /opt/app/aai-traversal/resources/aaf/bath_config.csv
+ name: {{ include "common.fullname" . }}-aaf-certs
+ subPath: bath_config.csv
- mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.props
name: {{ include "common.fullname" . }}-aaf-properties
subPath: org.onap.aai.props
diff --git a/kubernetes/aai/charts/aai-traversal/templates/job.yaml b/kubernetes/aai/charts/aai-traversal/templates/job.yaml
index a018ede1a3..c8efed74ae 100644
--- a/kubernetes/aai/charts/aai-traversal/templates/job.yaml
+++ b/kubernetes/aai/charts/aai-traversal/templates/job.yaml
@@ -58,6 +58,7 @@ spec:
- |
set -x
mkdir -p /opt/aai/logroot/AAI-GQ/misc
+ until nc -w10 -z -v aai.{{.Release.Namespace}} 8443; do echo "Retrying to reach aai on port 8443"; done;
bash -x /opt/app/aai-traversal/docker-entrypoint.sh install/updateQueryData.sh
env:
- name: LOCAL_USER_ID
@@ -77,7 +78,7 @@ spec:
- mountPath: /opt/app/aai-traversal/resources/etc/appprops/aaiconfig.properties
name: {{ include "common.fullname" . }}-aaiconfig-conf
subPath: aaiconfig.properties
- - mountPath: /var/log/onap
+ - mountPath: /opt/aai/logroot/AAI-GQ/
name: {{ include "common.fullname" . }}-logs
- mountPath: /opt/app/aai-traversal/resources/logback.xml
name: {{ include "common.fullname" . }}-log-conf
diff --git a/kubernetes/aai/charts/aai-traversal/values.yaml b/kubernetes/aai/charts/aai-traversal/values.yaml
index 4e651259b3..0cd2117fe3 100644
--- a/kubernetes/aai/charts/aai-traversal/values.yaml
+++ b/kubernetes/aai/charts/aai-traversal/values.yaml
@@ -23,7 +23,7 @@ global: # global defaults
# application image
repository: nexus3.onap.org:10001
-image: onap/aai-traversal:1.3-STAGING-latest
+image: onap/aai-traversal:1.3.0
pullPolicy: Always
restartPolicy: Always
flavor: small