diff options
Diffstat (limited to 'kubernetes/aai')
9 files changed, 40 insertions, 16 deletions
diff --git a/kubernetes/aai/components/aai-babel/values.yaml b/kubernetes/aai/components/aai-babel/values.yaml index f2dfd2c9c2..14f162a486 100644 --- a/kubernetes/aai/components/aai-babel/values.yaml +++ b/kubernetes/aai/components/aai-babel/values.yaml @@ -59,7 +59,7 @@ certInitializer: ################################################################# # application image -image: onap/babel:1.9.2 +image: onap/babel:1.9.3 flavor: small flavorOverride: small diff --git a/kubernetes/aai/components/aai-graphadmin/values.yaml b/kubernetes/aai/components/aai-graphadmin/values.yaml index 118f446b26..6f372f9bd9 100644 --- a/kubernetes/aai/components/aai-graphadmin/values.yaml +++ b/kubernetes/aai/components/aai-graphadmin/values.yaml @@ -76,11 +76,11 @@ global: # global defaults version: # Current version of the REST API api: - default: v24 + default: v26 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API - list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24 + list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26 # Specifies from which version related link should appear related: link: v11 @@ -144,7 +144,7 @@ certInitializer: chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }} # application image -image: onap/aai-graphadmin:1.9.2 +image: onap/aai-graphadmin:1.9.3 pullPolicy: Always restartPolicy: Always flavor: small diff --git a/kubernetes/aai/components/aai-modelloader/values.yaml b/kubernetes/aai/components/aai-modelloader/values.yaml index 95eae6a80b..6d1a37e561 100644 --- a/kubernetes/aai/components/aai-modelloader/values.yaml +++ b/kubernetes/aai/components/aai-modelloader/values.yaml @@ -56,7 +56,7 @@ certInitializer: chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }} # application image -image: onap/model-loader:1.9.1 +image: onap/model-loader:1.9.2 pullPolicy: Always restartPolicy: Always flavor: small diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml index 51984947cd..b1f8c085b8 100644 --- a/kubernetes/aai/components/aai-resources/values.yaml +++ b/kubernetes/aai/components/aai-resources/values.yaml @@ -77,11 +77,11 @@ global: # global defaults version: # Current version of the REST API api: - default: v24 + default: v26 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API - list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24 + list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26 # Specifies from which version related link should appear related: link: v11 @@ -157,7 +157,7 @@ certInitializer: chown -R 1000 {{ .Values.credsPath }} # application image -image: onap/aai-resources:1.9.3 +image: onap/aai-resources:1.9.4 pullPolicy: Always restartPolicy: Always flavor: small diff --git a/kubernetes/aai/components/aai-schema-service/values.yaml b/kubernetes/aai/components/aai-schema-service/values.yaml index 9ca398319b..1dd374c4dc 100644 --- a/kubernetes/aai/components/aai-schema-service/values.yaml +++ b/kubernetes/aai/components/aai-schema-service/values.yaml @@ -40,11 +40,11 @@ global: # global defaults version: # Current version of the REST API api: - default: v24 + default: v26 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API - list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24 + list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26 # Specifies from which version related link should appear related: link: v11 @@ -94,7 +94,7 @@ certInitializer: chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }} # application image -image: onap/aai-schema-service:1.9.3 +image: onap/aai-schema-service:1.9.4 pullPolicy: Always restartPolicy: Always flavorOverride: small diff --git a/kubernetes/aai/components/aai-traversal/values.yaml b/kubernetes/aai/components/aai-traversal/values.yaml index 7de12f54a7..b1c8fdd221 100644 --- a/kubernetes/aai/components/aai-traversal/values.yaml +++ b/kubernetes/aai/components/aai-traversal/values.yaml @@ -84,11 +84,11 @@ global: # global defaults version: # Current version of the REST API api: - default: v24 + default: v26 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API - list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24 + list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26 # Specifies from which version related link should appear related: link: v11 @@ -140,7 +140,7 @@ certInitializer: chown -R 1000 {{ .Values.credsPath }} # application image -image: onap/aai-traversal:1.9.3 +image: onap/aai-traversal:1.9.4 pullPolicy: Always restartPolicy: Always flavor: small diff --git a/kubernetes/aai/resources/config/haproxy/haproxy-pluggable-security.cfg b/kubernetes/aai/resources/config/haproxy/haproxy-pluggable-security.cfg index 9fa6d2ee9b..6e7acef17f 100644 --- a/kubernetes/aai/resources/config/haproxy/haproxy-pluggable-security.cfg +++ b/kubernetes/aai/resources/config/haproxy/haproxy-pluggable-security.cfg @@ -88,6 +88,15 @@ frontend IST_8443 http-request set-header X-AAI-SSL-Client-ST %{+Q}[ssl_c_s_dn(ST)] http-request set-header X-AAI-SSL-Client-C %{+Q}[ssl_c_s_dn(C)] http-request set-header X-AAI-SSL-Client-O %{+Q}[ssl_c_s_dn(O)] +####################################### +## Request blocking configuration ### +####################################### + {{- if eq $.Values.haproxy.requestBlocking.enabled true }} + {{- range $custom_config := $.Values.haproxy.requestBlocking.customConfigs }} + {{ $custom_config }} + {{- end }} + {{- end }} + reqadd X-Forwarded-Proto:\ https reqadd X-Forwarded-Port:\ 8443 diff --git a/kubernetes/aai/resources/config/haproxy/haproxy.cfg b/kubernetes/aai/resources/config/haproxy/haproxy.cfg index 1db4addb5a..1accff9935 100644 --- a/kubernetes/aai/resources/config/haproxy/haproxy.cfg +++ b/kubernetes/aai/resources/config/haproxy/haproxy.cfg @@ -119,6 +119,15 @@ frontend IST_8443 http-request set-header X-AAI-SSL-Client-ST %{+Q}[ssl_c_s_dn(ST)] http-request set-header X-AAI-SSL-Client-C %{+Q}[ssl_c_s_dn(C)] http-request set-header X-AAI-SSL-Client-O %{+Q}[ssl_c_s_dn(O)] +####################################### +## Request blocking configuration ### +####################################### + {{- if eq $.Values.haproxy.requestBlocking.enabled true }} + {{- range $custom_config := $.Values.haproxy.requestBlocking.customConfigs }} + {{ $custom_config }} + {{- end }} + {{- end }} + reqadd X-Forwarded-Proto:\ https reqadd X-Forwarded-Port:\ 8443 {{- end }} diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml index 42b0fa622a..62d1d2eabd 100644 --- a/kubernetes/aai/values.yaml +++ b/kubernetes/aai/values.yaml @@ -231,11 +231,11 @@ global: # global defaults version: # Current version of the REST API api: - default: v24 + default: v26 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API - list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24 + list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26 # Specifies from which version related link should appear related: link: v11 @@ -349,6 +349,12 @@ nodeSelector: {} affinity: {} +# HAProxy configuration to block HTTP requests to AAI based on configurable URL patterns +haproxy: + requestBlocking: + enabled: false + customConfigs: [] + # probe configuration parameters liveness: initialDelaySeconds: 10 |