diff options
Diffstat (limited to 'kubernetes/cds/components/cds-blueprints-processor')
5 files changed, 60 insertions, 27 deletions
diff --git a/kubernetes/cds/components/cds-blueprints-processor/Chart.yaml b/kubernetes/cds/components/cds-blueprints-processor/Chart.yaml index 4374926e40..2002e5695b 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/Chart.yaml +++ b/kubernetes/cds/components/cds-blueprints-processor/Chart.yaml @@ -17,18 +17,18 @@ apiVersion: v2 description: ONAP CDS Blueprints Processor name: cds-blueprints-processor -version: 10.0.0 +version: 11.0.0 dependencies: - name: common - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: repositoryGenerator - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: serviceAccount - version: ~10.x-0 + version: ~11.x-0 repository: '@local' - name: certInitializer - version: ~10.x-0 + version: ~11.x-0 repository: '@local' diff --git a/kubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties b/kubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties index 0beaf4a42a..2818fd99b4 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties +++ b/kubernetes/cds/components/cds-blueprints-processor/resources/config/application.properties @@ -18,7 +18,7 @@ ### START -Controller Blueprints Properties # Load Resource Source Mappings */}} -resourceSourceMappings=processor-db=source-db,input=source-input,default=source-default,sdnc=source-rest,aai-data=source-rest,capability=source-capability,rest=source-rest,vault-data=source-rest,script=source-capability +resourceSourceMappings=processor-db=source-db,input=source-input,default=source-default,sdnc=source-rest,aai-data=source-rest,capability=source-capability,rest=source-rest,vault-data=source-rest,script=source-capability,cps-data=source-rest # Blueprint Processor File Execution and Handling Properties blueprintsprocessor.blueprintDeployPath=/opt/app/onap/blueprints/deploy @@ -101,17 +101,29 @@ blueprintsprocessor.restclient.sdnc.password=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoG # AAI Data REST Client settings blueprintsprocessor.restclient.aai-data.type=basic-auth -blueprintsprocessor.restclient.aai-data.url=https://aai:8443 +{{ if ( include "common.needTLS" .) }} +blueprintsprocessor.restclient.aai-data.url=https://{{ .Values.global.aaiData.ServiceName }}:8443 +{{- else -}} +blueprintsprocessor.restclient.aai-data.url=http://{{ .Values.global.aaiData.ServiceName }}:{{ .Values.global.aaiData.ExternalPlainPort }} +{{- end }} blueprintsprocessor.restclient.aai-data.username=aai@aai.onap.org blueprintsprocessor.restclient.aai-data.password=demo123456! blueprintsprocessor.restclient.aai-data.additionalHeaders.X-TransactionId=cds-transaction-id blueprintsprocessor.restclient.aai-data.additionalHeaders.X-FromAppId=cds-app-id blueprintsprocessor.restclient.aai-data.additionalHeaders.Accept=application/json +# CPS Data +blueprintsprocessor.restclient.cps-data.type=basic-auth +blueprintsprocessor.restclient.cps-data.url=http://cps-core:8080 +blueprintsprocessor.restclient.cps-data.username=${CPS_USER} +blueprintsprocessor.restclient.cps-data.password=${CPS_PASS_PLAIN} +blueprintsprocessor.restclient.cps-data.additionalHeaders.Accept=application/json +blueprintsprocessor.restclient.cps-data.additionalHeaders.Content-Type=application/json + # Self Service Request Kafka Message Consumer blueprintsprocessor.messageconsumer.self-service-api.kafkaEnable={{ .Values.kafkaRequestConsumer.enabled }} blueprintsprocessor.messageconsumer.self-service-api.type={{ .Values.kafkaRequestConsumer.type }} -{{- if eq .Values.useStrimziKafka true }} +{{ if eq .Values.useStrimziKafka true }} blueprintsprocessor.messageconsumer.self-service-api.bootstrapServers={{ include "common.release" . }}-strimzi-kafka-bootstrap:9092 {{- else -}} blueprintsprocessor.messageconsumer.self-service-api.bootstrapServers={{ .Values.kafkaRequestConsumer.bootstrapServers }} @@ -120,7 +132,7 @@ blueprintsprocessor.messageconsumer.self-service-api.groupId={{ .Values.kafkaReq blueprintsprocessor.messageconsumer.self-service-api.topic={{ .Values.kafkaRequestConsumer.topic }} blueprintsprocessor.messageconsumer.self-service-api.clientId={{ .Values.kafkaRequestConsumer.clientId }} blueprintsprocessor.messageconsumer.self-service-api.pollMillSec={{ .Values.kafkaRequestConsumer.pollMillSec }} -{{- if and (eq .Values.kafkaRequestConsumer.type "kafka-scram-plain-text-auth") (eq .Values.useStrimziKafka true) }} +{{ if and (eq .Values.kafkaRequestConsumer.type "kafka-scram-plain-text-auth") (eq .Values.useStrimziKafka true) }} # SCRAM blueprintsprocessor.messageconsumer.self-service-api.scramUsername={{ include "common.release" . }}-{{ .Values.cdsKafkaUser }} blueprintsprocessor.messageconsumer.self-service-api.scramPassword=${JAAS_PASS} @@ -128,14 +140,14 @@ blueprintsprocessor.messageconsumer.self-service-api.scramPassword=${JAAS_PASS} # Self Service Response Kafka Message Producer blueprintsprocessor.messageproducer.self-service-api.type={{ .Values.kafkaRequestProducer.type }} -{{- if eq .Values.useStrimziKafka true }} +{{ if eq .Values.useStrimziKafka true }} blueprintsprocessor.messageproducer.self-service-api.bootstrapServers={{ include "common.release" . }}-strimzi-kafka-bootstrap:9092 {{- else -}} blueprintsprocessor.messageproducer.self-service-api.bootstrapServers={{ .Values.kafkaRequestProducer.bootstrapServers }} {{- end }} blueprintsprocessor.messageproducer.self-service-api.clientId={{ .Values.kafkaRequestProducer.clientId }} blueprintsprocessor.messageproducer.self-service-api.topic={{ .Values.kafkaRequestProducer.topic }} -{{- if and (eq .Values.kafkaRequestConsumer.type "kafka-scram-plain-text-auth") (eq .Values.useStrimziKafka true) }} +{{ if and (eq .Values.kafkaRequestConsumer.type "kafka-scram-plain-text-auth") (eq .Values.useStrimziKafka true) }} # SCRAM blueprintsprocessor.messageproducer.self-service-api.scramUsername={{ include "common.release" . }}-{{ .Values.cdsKafkaUser }} blueprintsprocessor.messageproducer.self-service-api.scramPassword=${JAAS_PASS} @@ -146,14 +158,14 @@ blueprintsprocessor.messageproducer.self-service-api.scramPassword=${JAAS_PASS} ## Audit request blueprintsprocessor.messageproducer.self-service-api.audit.kafkaEnable={{ .Values.kafkaAuditRequest.enabled }} blueprintsprocessor.messageproducer.self-service-api.audit.request.type={{ .Values.kafkaAuditRequest.type }} -{{- if eq .Values.useStrimziKafka true }} +{{ if eq .Values.useStrimziKafka true }} blueprintsprocessor.messageproducer.self-service-api.audit.request.bootstrapServers={{ include "common.release" . }}-strimzi-kafka-bootstrap:9092 {{- else -}} blueprintsprocessor.messageproducer.self-service-api.audit.request.bootstrapServers={{ .Values.kafkaAuditRequest.bootstrapServers }} {{- end }} blueprintsprocessor.messageproducer.self-service-api.audit.request.clientId={{ .Values.kafkaAuditRequest.clientId }} blueprintsprocessor.messageproducer.self-service-api.audit.request.topic={{ .Values.kafkaAuditRequest.topic }} -{{- if and (eq .Values.kafkaRequestConsumer.type "kafka-scram-plain-text-auth") (eq .Values.useStrimziKafka true) }} +{{ if and (eq .Values.kafkaRequestConsumer.type "kafka-scram-plain-text-auth") (eq .Values.useStrimziKafka true) }} # SCRAM blueprintsprocessor.messageproducer.self-service-api.audit.request.scramUsername={{ include "common.release" . }}-{{ .Values.cdsKafkaUser }} blueprintsprocessor.messageproducer.self-service-api.audit.request.scramPassword=${JAAS_PASS} @@ -161,14 +173,14 @@ blueprintsprocessor.messageproducer.self-service-api.audit.request.scramPassword ## Audit response blueprintsprocessor.messageproducer.self-service-api.audit.response.type={{ .Values.kafkaAuditResponse.type }} -{{- if eq .Values.useStrimziKafka true }} +{{ if eq .Values.useStrimziKafka true }} blueprintsprocessor.messageproducer.self-service-api.audit.response.bootstrapServers={{ include "common.release" . }}-strimzi-kafka-bootstrap:9092 {{- else -}} blueprintsprocessor.messageproducer.self-service-api.audit.response.bootstrapServers={{ .Values.kafkaAuditRequest.bootstrapServers }} {{- end }} blueprintsprocessor.messageproducer.self-service-api.audit.response.clientId={{ .Values.kafkaAuditResponse.clientId }} blueprintsprocessor.messageproducer.self-service-api.audit.response.topic={{ .Values.kafkaAuditResponse.topic }} -{{- if and (eq .Values.kafkaRequestConsumer.type "kafka-scram-plain-text-auth") (eq .Values.useStrimziKafka true) }} +{{ if and (eq .Values.kafkaRequestConsumer.type "kafka-scram-plain-text-auth") (eq .Values.useStrimziKafka true) }} # SCRAM blueprintsprocessor.messageproducer.self-service-api.audit.response.scramUsername={{ include "common.release" . }}-{{ .Values.cdsKafkaUser }} blueprintsprocessor.messageproducer.self-service-api.audit.response.scramPassword=${JAAS_PASS} @@ -194,7 +206,7 @@ endpoints.user.name=eHbVUbJAj4AG2522cSbrOQ== endpoints.user.password=eHbVUbJAj4AG2522cSbrOQ== #BaseUrls for health check blueprint processor services -blueprintprocessor.healthcheck.baseUrl=http://localhost:8080/ +blueprintprocessor.healthcheck.baseUrl=http://cds-blueprints-processor-http:8080/ blueprintprocessor.healthcheck.mapping-service-name-with-service-link=[Execution service,/api/v1/execution-service/health-check],[Resources service,/api/v1/resources/health-check],[Template service,/api/v1/template/health-check] #BaseUrls for health check Cds Listener services diff --git a/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml b/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml index d68e900222..1e4f5e10a0 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml +++ b/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml @@ -118,6 +118,10 @@ spec: fieldPath: metadata.name - name: CLUSTER_CONFIG_FILE value: {{ .Values.config.appConfigDir }}/hazelcast.yaml + - name: CPS_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-creds" "key" "login") | indent 12 }} + - name: CPS_PASS_PLAIN + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-creds" "key" "password") | indent 12 }} {{ if .Values.useStrimziKafka }} - name: JAAS_PASS value: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-kafka-secret" "key" "password") | indent 12 }} diff --git a/kubernetes/cds/components/cds-blueprints-processor/templates/service.yaml b/kubernetes/cds/components/cds-blueprints-processor/templates/service.yaml index 5d2e438e1e..153740c553 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/templates/service.yaml +++ b/kubernetes/cds/components/cds-blueprints-processor/templates/service.yaml @@ -33,7 +33,7 @@ spec: {{- if eq .Values.service.http.type "NodePort"}} nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.http.nodePort }} {{- end}} - name: {{ .Values.service.http.portName | default "http" }} + name: {{ .Values.service.http.portName | default "http" }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }} selector: app: {{ include "common.name" . }} release: {{ include "common.release" . }} diff --git a/kubernetes/cds/components/cds-blueprints-processor/values.yaml b/kubernetes/cds/components/cds-blueprints-processor/values.yaml index af9482b663..023bf4917b 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/values.yaml +++ b/kubernetes/cds/components/cds-blueprints-processor/values.yaml @@ -28,10 +28,17 @@ global: persistence: mountPath: /dockerdata-nfs - #This configuration specifies Service and port for SDNC OAM interface + # This configuration specifies Service and port for SDNC OAM interface sdncOamService: sdnc-oam sdncOamPort: 8282 + # This concerns CDS/AAI communication through HTTP when TLS is not being needed + # Port value should match the one in aai/values.yml : service.externalPlainPort + aaiData: + ExternalPlainPort: 80 # when TLS is not needed + ServiceName: aai # domain + # http://aai:80 or https://aai:443 + #AAF is enabled by default #aafEnabled: true @@ -65,6 +72,12 @@ secrets: - name: password value: '{{ .Values.config.someConfig }}' policy: generate + - uid: cps-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.cps.cpsUserExternalSecret) . }}' + login: '{{ .Values.config.cps.cpsUsername }}' + password: '{{ .Values.config.cps.cpsPassword }}' + passwordPolicy: required ################################################################# # AAF part @@ -108,7 +121,7 @@ config: dbService: mariadb-galera dbPort: 3306 dbName: sdnctl - #dbRootPass: Custom root password + # dbRootPass: Custom root password dbRootPassExternalSecret: '{{ include "common.mariadb.secret.rootPassSecretName" ( dict "dot" . "chartName" .Values.config.sdncDB.dbService ) }}' cdsDB: dbServer: cds-db @@ -120,6 +133,10 @@ config: # dbRootPassword: password # dbRootPassExternalSecret someConfig: blah + cps: + cpsUsername: '' + cpsPassword: '' + cpsUserExternalSecret: '{{ include "common.release" . }}-cps-core-app-user-creds' # default number of instances replicaCount: 1 @@ -170,12 +187,12 @@ startup: periodSeconds: 10 liveness: - initialDelaySeconds: 0 + initialDelaySeconds: 1 periodSeconds: 20 - timeoutSeconds: 20 + timeoutSeconds: 30 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container - enabled: true + enabled: false readiness: initialDelaySeconds: 120 @@ -185,17 +202,17 @@ readiness: service: http: type: ClusterIP - portName: blueprints-processor-http + portName: http internalPort: 8080 externalPort: 8080 grpc: type: ClusterIP - portName: blueprints-processor-grpc + portName: grpc internalPort: 9111 externalPort: 9111 cluster: type: ClusterIP - portName: blueprints-processor-cluster + portName: tcp-cluster internalPort: 5701 externalPort: 5701 @@ -223,8 +240,8 @@ ingress: - baseaddr: "blueprintsprocessorhttp" name: "cds-blueprints-processor-http" port: 8080 - config: - ssl: "none" + config: + ssl: "none" logback: rootLogLevel: INFO |