diff options
Diffstat (limited to 'kubernetes/contrib/components')
19 files changed, 1606 insertions, 18 deletions
diff --git a/kubernetes/contrib/components/awx/Makefile b/kubernetes/contrib/components/awx/Makefile index d8a50339d6..cb88b57fc9 100644 --- a/kubernetes/contrib/components/awx/Makefile +++ b/kubernetes/contrib/components/awx/Makefile @@ -11,6 +11,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +HELM_BIN := helm make-awx: - cd charts && helm dep up awx-postgres + cd charts && $(HELM_BIN) dep up awx-postgres diff --git a/kubernetes/contrib/components/awx/charts/awx/resources/config/credentials.py b/kubernetes/contrib/components/awx/charts/awx/resources/config/credentials.py index 39350e05d0..85808d10d4 100644 --- a/kubernetes/contrib/components/awx/charts/awx/resources/config/credentials.py +++ b/kubernetes/contrib/components/awx/charts/awx/resources/config/credentials.py @@ -1,3 +1,4 @@ +{{/* # Copyright © 2019 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} DATABASES = { 'default': { diff --git a/kubernetes/contrib/components/awx/charts/awx/resources/config/environment.sh b/kubernetes/contrib/components/awx/charts/awx/resources/config/environment.sh index 7c58c6bb48..b9d01d079c 100644 --- a/kubernetes/contrib/components/awx/charts/awx/resources/config/environment.sh +++ b/kubernetes/contrib/components/awx/charts/awx/resources/config/environment.sh @@ -1,3 +1,4 @@ +{{/* # Copyright © 2019 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} DATABASE_USER={{ .Values.config.postgresUser }} DATABASE_NAME={{ .Values.config.postgresDB }} diff --git a/kubernetes/contrib/components/awx/charts/awx/templates/job.yaml b/kubernetes/contrib/components/awx/charts/awx/templates/job.yaml index 4be13fbf88..74c02bcd5f 100644 --- a/kubernetes/contrib/components/awx/charts/awx/templates/job.yaml +++ b/kubernetes/contrib/components/awx/charts/awx/templates/job.yaml @@ -40,7 +40,7 @@ spec: image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - - /root/ready.py + - /app/ready.py args: - --container-name - awx-postgres @@ -122,4 +122,4 @@ spec: name: {{ include "common.fullname" . }}-rabbitmq name: rabbitmq-config imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/contrib/components/awx/charts/awx/templates/statefulset.yaml b/kubernetes/contrib/components/awx/charts/awx/templates/statefulset.yaml index 988ac174ae..6023bb4fdb 100644 --- a/kubernetes/contrib/components/awx/charts/awx/templates/statefulset.yaml +++ b/kubernetes/contrib/components/awx/charts/awx/templates/statefulset.yaml @@ -47,7 +47,7 @@ spec: image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - - /root/ready.py + - /app/ready.py args: - --container-name - {{ include "common.name" . }}-mgnt @@ -210,4 +210,4 @@ spec: name: {{ include "common.fullname" . }}-rabbitmq name: rabbitmq-config imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key"
\ No newline at end of file + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/contrib/components/awx/values.yaml b/kubernetes/contrib/components/awx/values.yaml index 6c6a90e0de..1ed35c2c23 100755 --- a/kubernetes/contrib/components/awx/values.yaml +++ b/kubernetes/contrib/components/awx/values.yaml @@ -16,10 +16,10 @@ # Global configuration defaults. ################################################################# global: + readinessRepository: nexus3.onap.org:10001 nodePortPrefixExt: 304 commonConfigPrefix: awx - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.2 + readinessImage: onap/oom/readiness:3.0.1 ################################################################# # Application configuration defaults. diff --git a/kubernetes/contrib/components/ejbca/resources/certprofile_CUSTOM_ENDUSER-1834889499.xml b/kubernetes/contrib/components/ejbca/resources/certprofile_CUSTOM_ENDUSER-1834889499.xml new file mode 100644 index 0000000000..e163aed82a --- /dev/null +++ b/kubernetes/contrib/components/ejbca/resources/certprofile_CUSTOM_ENDUSER-1834889499.xml @@ -0,0 +1,595 @@ +<?xml version="1.0" encoding="UTF-8"?> +<java version="1.8.0_242" class="java.beans.XMLDecoder"> + <object class="java.util.LinkedHashMap"> + <void method="put"> + <string>version</string> + <float>46.0</float> + </void> + <void method="put"> + <string>type</string> + <int>1</int> + </void> + <void method="put"> + <string>certversion</string> + <string>X509v3</string> + </void> + <void method="put"> + <string>encodedvalidity</string> + <string>2y</string> + </void> + <void method="put"> + <string>usecertificatevalidityoffset</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>certificatevalidityoffset</string> + <string>-10m</string> + </void> + <void method="put"> + <string>useexpirationrestrictionforweekdays</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>expirationrestrictionforweekdaysbefore</string> + <boolean>true</boolean> + </void> + <void method="put"> + <string>expirationrestrictionweekdays</string> + <object class="java.util.ArrayList"> + <void method="add"> + <boolean>true</boolean> + </void> + <void method="add"> + <boolean>true</boolean> + </void> + <void method="add"> + <boolean>false</boolean> + </void> + <void method="add"> + <boolean>false</boolean> + </void> + <void method="add"> + <boolean>false</boolean> + </void> + <void method="add"> + <boolean>true</boolean> + </void> + <void method="add"> + <boolean>true</boolean> + </void> + </object> + </void> + <void method="put"> + <string>allowvalidityoverride</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>allowextensionoverride</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>allowdnoverride</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>allowdnoverridebyeei</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>allowbackdatedrevokation</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>usecertificatestorage</string> + <boolean>true</boolean> + </void> + <void method="put"> + <string>storecertificatedata</string> + <boolean>true</boolean> + </void> + <void method="put"> + <string>storesubjectaltname</string> + <boolean>true</boolean> + </void> + <void method="put"> + <string>usebasicconstrants</string> + <boolean>true</boolean> + </void> + <void method="put"> + <string>basicconstraintscritical</string> + <boolean>true</boolean> + </void> + <void method="put"> + <string>usesubjectkeyidentifier</string> + <boolean>true</boolean> + </void> + <void method="put"> + <string>subjectkeyidentifiercritical</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>useauthoritykeyidentifier</string> + <boolean>true</boolean> + </void> + <void method="put"> + <string>authoritykeyidentifiercritical</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>usesubjectalternativename</string> + <boolean>true</boolean> + </void> + <void method="put"> + <string>subjectalternativenamecritical</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>useissueralternativename</string> + <boolean>true</boolean> + </void> + <void method="put"> + <string>issueralternativenamecritical</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>usecrldistributionpoint</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>usedefaultcrldistributionpoint</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>crldistributionpointcritical</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>crldistributionpointuri</string> + <string></string> + </void> + <void method="put"> + <string>usefreshestcrl</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>usecadefinedfreshestcrl</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>freshestcrluri</string> + <string></string> + </void> + <void method="put"> + <string>crlissuer</string> + <string></string> + </void> + <void method="put"> + <string>usecertificatepolicies</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>certificatepoliciescritical</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>certificatepolicies</string> + <object class="java.util.ArrayList"/> + </void> + <void method="put"> + <string>availablekeyalgorithms</string> + <object class="java.util.ArrayList"> + <void method="add"> + <string>DSA</string> + </void> + <void method="add"> + <string>ECDSA</string> + </void> + <void method="add"> + <string>RSA</string> + </void> + </object> + </void> + <void method="put"> + <string>availableeccurves</string> + <object class="java.util.ArrayList"> + <void method="add"> + <string>ANY_EC_CURVE</string> + </void> + </object> + </void> + <void method="put"> + <string>availablebitlengths</string> + <object class="java.util.ArrayList"> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>192</int> + </void> + <void method="add"> + <int>224</int> + </void> + <void method="add"> + <int>239</int> + </void> + <void method="add"> + <int>256</int> + </void> + <void method="add"> + <int>384</int> + </void> + <void method="add"> + <int>512</int> + </void> + <void method="add"> + <int>521</int> + </void> + <void method="add"> + <int>1024</int> + </void> + <void method="add"> + <int>1536</int> + </void> + <void method="add"> + <int>2048</int> + </void> + <void method="add"> + <int>3072</int> + </void> + <void method="add"> + <int>4096</int> + </void> + <void method="add"> + <int>6144</int> + </void> + <void method="add"> + <int>8192</int> + </void> + </object> + </void> + <void method="put"> + <string>minimumavailablebitlength</string> + <int>0</int> + </void> + <void method="put"> + <string>maximumavailablebitlength</string> + <int>8192</int> + </void> + <void method="put"> + <string>signaturealgorithm</string> + <null/> + </void> + <void method="put"> + <string>usekeyusage</string> + <boolean>true</boolean> + </void> + <void method="put"> + <string>keyusage</string> + <object class="java.util.ArrayList"> + <void method="add"> + <boolean>true</boolean> + </void> + <void method="add"> + <boolean>true</boolean> + </void> + <void method="add"> + <boolean>true</boolean> + </void> + <void method="add"> + <boolean>false</boolean> + </void> + <void method="add"> + <boolean>false</boolean> + </void> + <void method="add"> + <boolean>false</boolean> + </void> + <void method="add"> + <boolean>false</boolean> + </void> + <void method="add"> + <boolean>false</boolean> + </void> + <void method="add"> + <boolean>false</boolean> + </void> + </object> + </void> + <void method="put"> + <string>allowkeyusageoverride</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>keyusagecritical</string> + <boolean>true</boolean> + </void> + <void method="put"> + <string>useextendedkeyusage</string> + <boolean>true</boolean> + </void> + <void method="put"> + <string>extendedkeyusage</string> + <object class="java.util.ArrayList"> + <void method="add"> + <string>1.3.6.1.5.5.7.3.2</string> + </void> + <void method="add"> + <string>1.3.6.1.5.5.7.3.4</string> + </void> + <void method="add"> + <string>1.3.6.1.5.5.7.3.1</string> + </void> + </object> + </void> + <void method="put"> + <string>extendedkeyusagecritical</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>usedocumenttypelist</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>documenttypelistcritical</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>documenttypelist</string> + <object class="java.util.ArrayList"/> + </void> + <void method="put"> + <string>availablecas</string> + <object class="java.util.ArrayList"> + <void method="add"> + <int>-1</int> + </void> + </object> + </void> + <void method="put"> + <string>usedpublishers</string> + <object class="java.util.ArrayList"/> + </void> + <void method="put"> + <string>useocspnocheck</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>useldapdnorder</string> + <boolean>true</boolean> + </void> + <void method="put"> + <string>usecustomdnorder</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>usemicrosofttemplate</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>microsofttemplate</string> + <string></string> + </void> + <void method="put"> + <string>usecardnumber</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>usecnpostfix</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>cnpostfix</string> + <string></string> + </void> + <void method="put"> + <string>usesubjectdnsubset</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>subjectdnsubset</string> + <object class="java.util.ArrayList"/> + </void> + <void method="put"> + <string>usesubjectaltnamesubset</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>subjectaltnamesubset</string> + <object class="java.util.ArrayList"/> + </void> + <void method="put"> + <string>usepathlengthconstraint</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>pathlengthconstraint</string> + <int>0</int> + </void> + <void method="put"> + <string>useqcstatement</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>usepkixqcsyntaxv2</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>useqcstatementcritical</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>useqcstatementraname</string> + <string></string> + </void> + <void method="put"> + <string>useqcsematicsid</string> + <string></string> + </void> + <void method="put"> + <string>useqcetsiqccompliance</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>useqcetsisignaturedevice</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>useqcetsivaluelimit</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>qcetsivaluelimit</string> + <int>0</int> + </void> + <void method="put"> + <string>qcetsivaluelimitexp</string> + <int>0</int> + </void> + <void method="put"> + <string>qcetsivaluelimitcurrency</string> + <string></string> + </void> + <void method="put"> + <string>useqcetsiretentionperiod</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>qcetsiretentionperiod</string> + <int>0</int> + </void> + <void method="put"> + <string>useqccustomstring</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>qccustomstringoid</string> + <string></string> + </void> + <void method="put"> + <string>qccustomstringtext</string> + <string></string> + </void> + <void method="put"> + <string>qcetsipds</string> + <null/> + </void> + <void method="put"> + <string>qcetsitype</string> + <null/> + </void> + <void method="put"> + <string>usecertificatetransparencyincerts</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>usecertificatetransparencyinocsp</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>usecertificatetransparencyinpublisher</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>usesubjectdirattributes</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>usenameconstraints</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>useauthorityinformationaccess</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>caissuers</string> + <object class="java.util.ArrayList"/> + </void> + <void method="put"> + <string>usedefaultcaissuer</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>usedefaultocspservicelocator</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>ocspservicelocatoruri</string> + <string></string> + </void> + <void method="put"> + <string>cvcaccessrights</string> + <int>3</int> + </void> + <void method="put"> + <string>usedcertificateextensions</string> + <object class="java.util.ArrayList"/> + </void> + <void method="put"> + <string>approvals</string> + <object class="java.util.LinkedHashMap"> + <void method="put"> + <object class="java.lang.Enum" method="valueOf"> + <class>org.cesecore.certificates.ca.ApprovalRequestType</class> + <string>REVOCATION</string> + </object> + <int>-1</int> + </void> + <void method="put"> + <object class="java.lang.Enum" method="valueOf"> + <class>org.cesecore.certificates.ca.ApprovalRequestType</class> + <string>KEYRECOVER</string> + </object> + <int>-1</int> + </void> + <void method="put"> + <object class="java.lang.Enum" method="valueOf"> + <class>org.cesecore.certificates.ca.ApprovalRequestType</class> + <string>ADDEDITENDENTITY</string> + </object> + <int>-1</int> + </void> + </object> + </void> + <void method="put"> + <string>useprivkeyusageperiodnotbefore</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>useprivkeyusageperiod</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>useprivkeyusageperiodnotafter</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>privkeyusageperiodstartoffset</string> + <long>0</long> + </void> + <void method="put"> + <string>privkeyusageperiodlength</string> + <long>63072000</long> + </void> + <void method="put"> + <string>usesingleactivecertificateconstraint</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>overridableextensionoids</string> + <object class="java.util.LinkedHashSet"/> + </void> + <void method="put"> + <string>nonoverridableextensionoids</string> + <object class="java.util.LinkedHashSet"/> + </void> + <void method="put"> + <string>allowcertsnoverride</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>usecustomdnorderldap</string> + <boolean>false</boolean> + </void> + </object> +</java> diff --git a/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh b/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh index f1bd07e158..ad10240b94 100755 --- a/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh +++ b/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh @@ -12,6 +12,12 @@ configureEjbca() { ejbca.sh config cmp updatealias --alias cmpRA --key operationmode --value ra ejbca.sh ca editca --caname ManagementCA --field cmpRaAuthSecret --value ${RA_IAK} ejbca.sh config cmp updatealias --alias cmpRA --key responseprotection --value pbe + #Custom EJBCA cert profile and endentity are imported to allow issuing certificates with correct extended usage (containing serverAuth) + ejbca.sh ca importprofiles -d /opt/primekey/custom_profiles + #Profile name taken from certprofile filename (certprofile_<profile-name>-<id>.xml) + ejbca.sh config cmp updatealias --alias cmpRA --key ra.certificateprofile --value CUSTOM_ENDUSER + #ID taken from entityprofile filename (entityprofile_<profile-name>-<id>.xml) + ejbca.sh config cmp updatealias --alias cmpRA --key ra.endentityprofileid --value 1356531849 ejbca.sh config cmp dumpalias --alias cmpRA ejbca.sh config cmp addalias --alias cmp ejbca.sh config cmp updatealias --alias cmp --key allowautomatickeyupdate --value true diff --git a/kubernetes/contrib/components/ejbca/resources/entityprofile_Custom_EndEntity-1356531849.xml b/kubernetes/contrib/components/ejbca/resources/entityprofile_Custom_EndEntity-1356531849.xml new file mode 100644 index 0000000000..19d872fe12 --- /dev/null +++ b/kubernetes/contrib/components/ejbca/resources/entityprofile_Custom_EndEntity-1356531849.xml @@ -0,0 +1,936 @@ +<?xml version="1.0" encoding="UTF-8"?> +<java version="1.8.0_242" class="java.beans.XMLDecoder"> + <object class="java.util.LinkedHashMap"> + <void method="put"> + <string>version</string> + <float>14.0</float> + </void> + <void method="put"> + <string>NUMBERARRAY</string> + <object class="java.util.ArrayList"> + <void method="add"> + <int>1</int> + </void> + <void method="add"> + <int>1</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>1</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>1</int> + </void> + <void method="add"> + <int>1</int> + </void> + <void method="add"> + <int>1</int> + </void> + <void method="add"> + <int>1</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>1</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>3</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>1</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>1</int> + </void> + <void method="add"> + <int>1</int> + </void> + <void method="add"> + <int>1</int> + </void> + <void method="add"> + <int>1</int> + </void> + <void method="add"> + <int>1</int> + </void> + <void method="add"> + <int>1</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>1</int> + </void> + <void method="add"> + <int>1</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>1</int> + </void> + <void method="add"> + <int>1</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>1</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>1</int> + </void> + <void method="add"> + <int>1</int> + </void> + <void method="add"> + <int>1</int> + </void> + <void method="add"> + <int>1</int> + </void> + <void method="add"> + <int>1</int> + </void> + <void method="add"> + <int>1</int> + </void> + <void method="add"> + <int>1</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + <void method="add"> + <int>0</int> + </void> + </object> + </void> + <void method="put"> + <string>SUBJECTDNFIELDORDER</string> + <object class="java.util.ArrayList"> + <void method="add"> + <int>500</int> + </void> + <void method="add"> + <int>1100</int> + </void> + <void method="add"> + <int>1200</int> + </void> + <void method="add"> + <int>1300</int> + </void> + <void method="add"> + <int>1400</int> + </void> + <void method="add"> + <int>1600</int> + </void> + </object> + </void> + <void method="put"> + <string>SUBJECTALTNAMEFIELDORDER</string> + <object class="java.util.ArrayList"> + <void method="add"> + <int>1800</int> + </void> + <void method="add"> + <int>1801</int> + </void> + <void method="add"> + <int>1802</int> + </void> + </object> + </void> + <void method="put"> + <string>SUBJECTDIRATTRFIELDORDER</string> + <object class="java.util.ArrayList"/> + </void> + <void method="put"> + <int>0</int> + <string></string> + </void> + <void method="put"> + <int>20000</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>10000</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>30000</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>1</int> + <string></string> + </void> + <void method="put"> + <int>20001</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>10001</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>30001</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>95</int> + <string></string> + </void> + <void method="put"> + <int>20095</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10095</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>30095</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>96</int> + <string></string> + </void> + <void method="put"> + <int>20096</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10096</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>30096</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>5</int> + <string></string> + </void> + <void method="put"> + <int>20005</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>10005</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>30005</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>26</int> + <string></string> + </void> + <void method="put"> + <int>20026</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10026</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>30026</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>29</int> + <string>1834889499</string> + </void> + <void method="put"> + <int>20029</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>10029</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>30029</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>30</int> + <string>1834889499</string> + </void> + <void method="put"> + <int>20030</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>10030</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>30030</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>31</int> + <string>1</string> + </void> + <void method="put"> + <int>20031</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>10031</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>30031</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>32</int> + <string>1;2;3;4</string> + </void> + <void method="put"> + <int>20032</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>10032</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>30032</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>33</int> + <string></string> + </void> + <void method="put"> + <int>20033</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>10033</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>30033</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>34</int> + <string></string> + </void> + <void method="put"> + <int>20034</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>10034</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>30034</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>38</int> + <string>1</string> + </void> + <void method="put"> + <int>20038</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>10038</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>30038</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>37</int> + <string>-1501801709</string> + </void> + <void method="put"> + <int>20037</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>10037</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>30037</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>98</int> + <string></string> + </void> + <void method="put"> + <int>20098</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10098</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>30098</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>99</int> + <string></string> + </void> + <void method="put"> + <int>20099</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10099</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>30099</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>97</int> + <string></string> + </void> + <void method="put"> + <int>20097</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10097</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>30097</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>91</int> + <string>false</string> + </void> + <void method="put"> + <int>20091</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10091</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>30091</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>94</int> + <string>-1</string> + </void> + <void method="put"> + <int>20094</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>10094</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>30094</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>93</int> + <string>-1</string> + </void> + <void method="put"> + <int>20093</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10093</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>30093</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>89</int> + <string></string> + </void> + <void method="put"> + <int>20089</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10089</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>30089</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>88</int> + <string></string> + </void> + <void method="put"> + <int>20088</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10088</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>30088</int> + <boolean>true</boolean> + </void> + <void method="put"> + <string>ALLOW_MERGEDN_WEBSERVICES</string> + <boolean>false</boolean> + </void> + <void method="put"> + <int>2</int> + <string></string> + </void> + <void method="put"> + <int>20002</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10002</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10090</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>90</int> + <string>0</string> + </void> + <void method="put"> + <string>REVERSEFFIELDCHECKS</string> + <boolean>false</boolean> + </void> + <void method="put"> + <int>28</int> + <string>false</string> + </void> + <void method="put"> + <int>20028</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10028</int> + <boolean>false</boolean> + </void> + <void method="put"> + <string>REUSECERTIFICATE</string> + <boolean>false</boolean> + </void> + <void method="put"> + <int>35</int> + <string>false</string> + </void> + <void method="put"> + <int>20035</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10035</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10092</int> + <boolean>false</boolean> + </void> + <void method="put"> + <string>USEEXTENSIONDATA</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>PRINTINGUSE</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>PRINTINGDEFAULT</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>PRINTINGREQUIRED</string> + <boolean>false</boolean> + </void> + <void method="put"> + <string>PRINTINGCOPIES</string> + <int>1</int> + </void> + <void method="put"> + <string>PRINTINGPRINTERNAME</string> + <string></string> + </void> + <void method="put"> + <string>PRINTINGSVGDATA</string> + <string></string> + </void> + <void method="put"> + <string>PRINTINGSVGFILENAME</string> + <string></string> + </void> + <void method="put"> + <int>11</int> + <string></string> + </void> + <void method="put"> + <int>20011</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10011</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>30011</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>12</int> + <string></string> + </void> + <void method="put"> + <int>20012</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>10012</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>30012</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>13</int> + <string></string> + </void> + <void method="put"> + <int>20013</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10013</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>30013</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>14</int> + <string></string> + </void> + <void method="put"> + <int>20014</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>10014</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>30014</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>16</int> + <string></string> + </void> + <void method="put"> + <int>20016</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>10016</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>30016</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>18</int> + <string></string> + </void> + <void method="put"> + <int>20018</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10018</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>30018</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>118</int> + <string></string> + </void> + <void method="put"> + <int>20118</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10118</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>30118</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>218</int> + <string></string> + </void> + <void method="put"> + <int>20218</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10218</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>30218</int> + <boolean>true</boolean> + </void> + </object> +</java> diff --git a/kubernetes/contrib/components/ejbca/templates/configmap.yaml b/kubernetes/contrib/components/ejbca/templates/configmap.yaml index d336bc9a94..093657dfe0 100644 --- a/kubernetes/contrib/components/ejbca/templates/configmap.yaml +++ b/kubernetes/contrib/components/ejbca/templates/configmap.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2020, Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: v1 kind: ConfigMap @@ -18,3 +20,11 @@ metadata: name: "{{ include "common.fullname" . }}-config-script" data: {{ tpl (.Files.Glob "resources/ejbca-config.sh").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: "{{ include "common.fullname" . }}-profiles" +data: +{{ tpl (.Files.Glob "resources/certprofile_CUSTOM_ENDUSER-1834889499.xml").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/entityprofile_Custom_EndEntity-1356531849.xml").AsConfig . | indent 2 }} diff --git a/kubernetes/contrib/components/ejbca/templates/deployment.yaml b/kubernetes/contrib/components/ejbca/templates/deployment.yaml index c6981e5fc4..55de54febf 100644 --- a/kubernetes/contrib/components/ejbca/templates/deployment.yaml +++ b/kubernetes/contrib/components/ejbca/templates/deployment.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2020, Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: apps/v1 kind: Deployment @@ -24,7 +26,7 @@ spec: initContainers: - name: {{ include "common.name" . }}-db-readiness command: - - /root/ready.py + - /app/ready.py args: - --container-name {{- if .Values.global.mariadbGalera.localCluster }} @@ -38,7 +40,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} containers: - name: {{ include "common.name" . }}-ejbca @@ -51,6 +53,8 @@ spec: volumeMounts: - name: "{{ include "common.fullname" . }}-volume" mountPath: /opt/primekey/scripts/ + - name: "{{ include "common.fullname" . }}-profiles-volume" + mountPath: /opt/primekey/custom_profiles/ ports: {{ include "common.containerPorts" . | nindent 10 }} env: - name: INITIAL_ADMIN @@ -85,8 +89,13 @@ spec: {{- if .Values.affinity }} affinity: {{ toYaml .Values.affinity | nindent 10 }} {{- end }} + resources: {{ include "common.resources" . | nindent 10 }} volumes: - configMap: name: "{{ include "common.fullname" . }}-config-script" defaultMode: 0755 name: "{{ include "common.fullname" . }}-volume" + - configMap: + name: "{{ include "common.fullname" . }}-profiles" + defaultMode: 0755 + name: "{{ include "common.fullname" . }}-profiles-volume" diff --git a/kubernetes/contrib/components/ejbca/templates/secret.yaml b/kubernetes/contrib/components/ejbca/templates/secret.yaml index ecb51ae4d3..837da0959b 100644 --- a/kubernetes/contrib/components/ejbca/templates/secret.yaml +++ b/kubernetes/contrib/components/ejbca/templates/secret.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2020, Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,5 +12,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{ include "common.secretFast" . }} diff --git a/kubernetes/contrib/components/ejbca/templates/service.yaml b/kubernetes/contrib/components/ejbca/templates/service.yaml index 01680ee78e..46eed4264c 100644 --- a/kubernetes/contrib/components/ejbca/templates/service.yaml +++ b/kubernetes/contrib/components/ejbca/templates/service.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2020, Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,5 +12,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} {{ include "common.service" . }} diff --git a/kubernetes/contrib/components/ejbca/values.yaml b/kubernetes/contrib/components/ejbca/values.yaml index 82bc03c597..35160e4b13 100644 --- a/kubernetes/contrib/components/ejbca/values.yaml +++ b/kubernetes/contrib/components/ejbca/values.yaml @@ -12,9 +12,8 @@ # See the License for the specific language governing permissions and # limitations under the License. global: - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.1 - mariadbGalera: &mariadbGalera + readinessImage: onap/oom/readiness:3.0.1 + mariadbGalera: &mariadbGalera #This flag allows EJBCA to instantiate its own mariadb-galera cluster localCluster: false service: mariadb-galera @@ -38,6 +37,7 @@ secrets: password: '{{ .Values.config.ejbca.clientIak }}' # application configuration +repository: nexus3.onap.org:10001 config: db: userName: ejbca @@ -104,3 +104,23 @@ service: port: 8443 plain_port: 8080 port_protocol: http + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1500m + memory: 1536Mi + requests: + cpu: 10m + memory: 750Mi + large: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 20m + memory: 1Gi + unlimited: {} diff --git a/kubernetes/contrib/components/netbox/Makefile b/kubernetes/contrib/components/netbox/Makefile index 3194d40020..da18203981 100644 --- a/kubernetes/contrib/components/netbox/Makefile +++ b/kubernetes/contrib/components/netbox/Makefile @@ -11,6 +11,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +HELM_BIN := helm make-netbox: - cd charts && helm dep up netbox-postgres && helm dep up netbox-nginx && helm dep up netbox-app + cd charts && $(HELM_BIN) dep up netbox-postgres && $(HELM_BIN) dep up netbox-nginx && $(HELM_BIN) dep up netbox-app diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/templates/job.yaml b/kubernetes/contrib/components/netbox/charts/netbox-app/templates/job.yaml index 7586a6c95e..ed6518ed1a 100644 --- a/kubernetes/contrib/components/netbox/charts/netbox-app/templates/job.yaml +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/templates/job.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2018 Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,6 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: batch/v1 kind: Job @@ -36,7 +38,7 @@ spec: image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - - /root/ready.py + - /app/ready.py args: - --container-name - netbox-app diff --git a/kubernetes/contrib/components/netbox/charts/netbox-nginx/templates/service.yaml b/kubernetes/contrib/components/netbox/charts/netbox-nginx/templates/service.yaml index ed761374fa..c01612e0f4 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-nginx/templates/service.yaml +++ b/kubernetes/contrib/components/netbox/charts/netbox-nginx/templates/service.yaml @@ -31,7 +31,7 @@ spec: - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }} {{- else -}} - - port: {{ .Values.service.externalPort }} + - port: {{ .Values.service.internalPort }} targetPort: {{ .Values.service.internalPort }} {{- end}} selector: diff --git a/kubernetes/contrib/components/netbox/charts/netbox-nginx/values.yaml b/kubernetes/contrib/components/netbox/charts/netbox-nginx/values.yaml index f67ff06410..e94e50bc4f 100755 --- a/kubernetes/contrib/components/netbox/charts/netbox-nginx/values.yaml +++ b/kubernetes/contrib/components/netbox/charts/netbox-nginx/values.yaml @@ -75,7 +75,7 @@ persistence: staticPvName: netbox-static service: - type: NodePort + type: ClusterIP name: netbox-nginx portName: netbox-nginx internalPort: 8080 diff --git a/kubernetes/contrib/components/netbox/values.yaml b/kubernetes/contrib/components/netbox/values.yaml index 2dfb36b1e5..5dc4535ca3 100755 --- a/kubernetes/contrib/components/netbox/values.yaml +++ b/kubernetes/contrib/components/netbox/values.yaml @@ -16,10 +16,10 @@ # Global configuration defaults. ################################################################# global: + readinessRepository: nexus3.onap.org:10001 nodePortPrefixExt: 304 commonConfigPrefix: netbox - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 + readinessImage: onap/oom/readiness:3.0.1 ################################################################# # Application configuration defaults. |