diff options
Diffstat (limited to 'kubernetes/dcaegen2-services/components/dcae-pmsh/templates')
5 files changed, 0 insertions, 212 deletions
diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/authorizationpolicy.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/authorizationpolicy.yaml deleted file mode 100644 index 30d173c2d8..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/authorizationpolicy.yaml +++ /dev/null @@ -1,136 +0,0 @@ -{{/* -# Copyright © 2023 Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{ include "common.authorizationPolicy" . }} ---- -{{- $dot := default . .dot -}} -{{- $trustedDomain := default "cluster.local" $dot.Values.serviceMesh.authorizationPolicy.trustedDomain -}} -{{- $authorizedPrincipalsPostgres := default list $dot.Values.serviceMesh.authorizationPolicy.authorizedPrincipalsPostgres -}} -{{- $defaultOperationPorts := list "5432" -}} -{{- $relName := include "common.release" . -}} -{{- $postgresName := $dot.Values.postgres.service.name -}} -{{- if (include "common.useAuthorizationPolicies" .) }} -apiVersion: security.istio.io/v1beta1 -kind: AuthorizationPolicy -metadata: - name: {{ $relName }}-{{ $postgresName }}-authz - namespace: {{ include "common.namespace" . }} -spec: - selector: - matchLabels: - app: {{ $postgresName }} - action: ALLOW - rules: -{{- if $authorizedPrincipalsPostgres }} -{{- range $principal := $authorizedPrincipalsPostgres }} - - from: - - source: - principals: -{{- $namespace := default "onap" $principal.namespace -}} -{{- if eq "onap" $namespace }} - - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $relName }}-{{ $principal.serviceAccount }}" -{{- else }} - - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $principal.serviceAccount }}" -{{- end }} - to: - - operation: - ports: -{{- range $port := $defaultOperationPorts }} - - "{{ $port }}" -{{- end }} -{{- end }} -{{- end }} -{{- end }} ---- -{{- $dot := default . .dot -}} -{{- $trustedDomain := default "cluster.local" $dot.Values.serviceMesh.authorizationPolicy.trustedDomain -}} -{{- $authorizedPrincipalsPostgres := default list $dot.Values.serviceMesh.authorizationPolicy.authorizedPrincipalsPostgres -}} -{{- $defaultOperationPorts := list "5432" -}} -{{- $relName := include "common.release" . -}} -{{- $postgresName := $dot.Values.postgres.service.name -}} -{{- $pgHost := "primary" -}} -{{- if (include "common.useAuthorizationPolicies" .) }} -apiVersion: security.istio.io/v1beta1 -kind: AuthorizationPolicy -metadata: - name: {{ $relName }}-{{ $postgresName }}-{{ $pgHost }}-authz - namespace: {{ include "common.namespace" . }} -spec: - selector: - matchLabels: - app: {{ $postgresName }}-{{ $pgHost }} - action: ALLOW - rules: -{{- if $authorizedPrincipalsPostgres }} -{{- range $principal := $authorizedPrincipalsPostgres }} - - from: - - source: - principals: -{{- $namespace := default "onap" $principal.namespace -}} -{{- if eq "onap" $namespace }} - - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $relName }}-{{ $principal.serviceAccount }}" -{{- else }} - - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $principal.serviceAccount }}" -{{- end }} - to: - - operation: - ports: -{{- range $port := $defaultOperationPorts }} - - "{{ $port }}" -{{- end }} -{{- end }} -{{- end }} -{{- end }} ---- -{{- $dot := default . .dot -}} -{{- $trustedDomain := default "cluster.local" $dot.Values.serviceMesh.authorizationPolicy.trustedDomain -}} -{{- $authorizedPrincipalsPostgres := default list $dot.Values.serviceMesh.authorizationPolicy.authorizedPrincipalsPostgres -}} -{{- $defaultOperationPorts := list "5432" -}} -{{- $relName := include "common.release" . -}} -{{- $postgresName := $dot.Values.postgres.service.name -}} -{{- $pgHost := "replica" -}} -{{- if (include "common.useAuthorizationPolicies" .) }} -apiVersion: security.istio.io/v1beta1 -kind: AuthorizationPolicy -metadata: - name: {{ $relName }}-{{ $postgresName }}-{{ $pgHost }}-authz - namespace: {{ include "common.namespace" . }} -spec: - selector: - matchLabels: - app: {{ $postgresName }}-{{ $pgHost }} - action: ALLOW - rules: -{{- if $authorizedPrincipalsPostgres }} -{{- range $principal := $authorizedPrincipalsPostgres }} - - from: - - source: - principals: -{{- $namespace := default "onap" $principal.namespace -}} -{{- if eq "onap" $namespace }} - - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $relName }}-{{ $principal.serviceAccount }}" -{{- else }} - - "{{ $trustedDomain }}/ns/{{ $namespace }}/sa/{{ $principal.serviceAccount }}" -{{- end }} - to: - - operation: - ports: -{{- range $port := $defaultOperationPorts }} - - "{{ $port }}" -{{- end }} -{{- end }} -{{- end }} -{{- end }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/configmap.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/configmap.yaml deleted file mode 100644 index b4b8e59b2e..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/configmap.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{/* -################################################################################ -# Copyright (c) 2021 Nordix Foundation. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); # -# you may not use this file except in compliance with the License. # -# You may obtain a copy of the License at # -# # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, # -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -################################################################################ -*/}} - -{{ include "dcaegen2-services-common.configMap" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/deployment.yaml deleted file mode 100644 index 60fce4a7be..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/deployment.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{/* -################################################################################ -# Copyright (c) 2021 Nordix Foundation. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); # -# you may not use this file except in compliance with the License. # -# You may obtain a copy of the License at # -# # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, # -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -################################################################################ -*/}} - -{{ include "dcaegen2-services-common.microserviceDeployment" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/secret.yaml deleted file mode 100644 index 0f1129cfb4..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/secret.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{/* -################################################################################ -# Copyright (c) 2021 Nordix Foundation. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); # -# you may not use this file except in compliance with the License. # -# You may obtain a copy of the License at # -# # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, # -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -################################################################################ -*/}} - -{{ include "common.secretFast" . }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/service.yaml deleted file mode 100644 index fedb766524..0000000000 --- a/kubernetes/dcaegen2-services/components/dcae-pmsh/templates/service.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{/* -################################################################################ -# Copyright (c) 2021 Nordix Foundation. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); # -# you may not use this file except in compliance with the License. # -# You may obtain a copy of the License at # -# # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, # -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -################################################################################ -*/}} - -{{ include "common.service" . }}
\ No newline at end of file |