summaryrefslogtreecommitdiffstats
path: root/kubernetes/oof/components
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/oof/components')
-rwxr-xr-xkubernetes/oof/components/Makefile13
-rw-r--r--kubernetes/oof/components/oof-cmso/Makefile13
-rwxr-xr-xkubernetes/oof/components/oof-cmso/components/Makefile13
-rw-r--r--kubernetes/oof/components/oof-has/Makefile13
-rwxr-xr-xkubernetes/oof/components/oof-has/components/Makefile13
-rw-r--r--kubernetes/oof/components/oof-has/components/oof-has-api/requirements.yaml3
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml21
-rw-r--r--kubernetes/oof/components/oof-has/components/oof-has-api/templates/secret.yaml15
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-api/values.yaml11
-rw-r--r--kubernetes/oof/components/oof-has/components/oof-has-controller/requirements.yaml3
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml7
-rw-r--r--kubernetes/oof/components/oof-has/components/oof-has-controller/templates/secret.yaml15
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml11
-rw-r--r--kubernetes/oof/components/oof-has/components/oof-has-data/requirements.yaml3
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml7
-rw-r--r--kubernetes/oof/components/oof-has/components/oof-has-data/templates/secret.yaml15
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-data/values.yaml11
-rw-r--r--kubernetes/oof/components/oof-has/components/oof-has-reservation/requirements.yaml3
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml8
-rw-r--r--kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/secret.yaml15
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml11
-rw-r--r--kubernetes/oof/components/oof-has/components/oof-has-solver/requirements.yaml3
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml7
-rw-r--r--kubernetes/oof/components/oof-has/components/oof-has-solver/templates/secret.yaml15
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml11
-rwxr-xr-xkubernetes/oof/components/oof-has/resources/config/AAF_RootCA.cer31
-rw-r--r--kubernetes/oof/components/oof-has/resources/config/nginx.conf4
-rw-r--r--kubernetes/oof/components/oof-has/templates/secret.yaml15
-rwxr-xr-xkubernetes/oof/components/oof-has/values.yaml17
-rwxr-xr-xkubernetes/oof/components/oof-templates/Chart.yaml19
-rwxr-xr-xkubernetes/oof/components/oof-templates/requirements.yaml20
-rw-r--r--kubernetes/oof/components/oof-templates/templates/_certificate.tpl11
-rw-r--r--kubernetes/oof/components/oof-templates/values.yaml14
33 files changed, 301 insertions, 90 deletions
diff --git a/kubernetes/oof/components/Makefile b/kubernetes/oof/components/Makefile
index 02371366f6..d62cb0b700 100755
--- a/kubernetes/oof/components/Makefile
+++ b/kubernetes/oof/components/Makefile
@@ -18,8 +18,9 @@ PACKAGE_DIR := $(OUTPUT_DIR)/packages
SECRET_DIR := $(OUTPUT_DIR)/secrets
EXCLUDES :=
+HELM_BIN := helm
HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
-HELM_VER := $(shell helm version --template "{{.Version}}")
+HELM_VER := $(shell $(HELM_BIN) version --template "{{.Version}}")
.PHONY: $(EXCLUDES) $(HELM_CHARTS)
@@ -33,19 +34,19 @@ make-%:
@if [ -f $*/Makefile ]; then make -C $*; fi
dep-%: make-%
- @if [ -f $*/requirements.yaml ]; then helm dep up $*; fi
+ @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi
lint-%: dep-%
- @if [ -f $*/Chart.yaml ]; then helm lint $*; fi
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi
package-%: lint-%
@mkdir -p $(PACKAGE_DIR)
ifeq "$(findstring v3,$(HELM_VER))" "v3"
- @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$(helm package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && helm push -f $$PACKAGE_NAME local; fi
+ @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) push -f $$PACKAGE_NAME local; fi
else
- @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi
endif
- @helm repo index $(PACKAGE_DIR)
+ @$(HELM_BIN) repo index $(PACKAGE_DIR)
clean:
@rm -f */requirements.lock
diff --git a/kubernetes/oof/components/oof-cmso/Makefile b/kubernetes/oof/components/oof-cmso/Makefile
index 48cebe96e7..33d61041cd 100644
--- a/kubernetes/oof/components/oof-cmso/Makefile
+++ b/kubernetes/oof/components/oof-cmso/Makefile
@@ -18,8 +18,9 @@ PACKAGE_DIR := $(OUTPUT_DIR)/packages
SECRET_DIR := $(OUTPUT_DIR)/secrets
EXCLUDES := dist resources templates charts docker
+HELM_BIN := helm
HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
-HELM_VER := $(shell helm version --template "{{.Version}}")
+HELM_VER := $(shell $(HELM_BIN) version --template "{{.Version}}")
.PHONY: $(EXCLUDES) $(HELM_CHARTS)
@@ -33,19 +34,19 @@ make-%:
@if [ -f $*/Makefile ]; then make -C $*; fi
dep-%: make-%
- @if [ -f $*/requirements.yaml ]; then helm dep up $*; fi
+ @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi
lint-%: dep-%
- @if [ -f $*/Chart.yaml ]; then helm lint $*; fi
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi
package-%: lint-%
@mkdir -p $(PACKAGE_DIR)
ifeq "$(findstring v3,$(HELM_VER))" "v3"
- @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$(helm package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && helm push -f $$PACKAGE_NAME local; fi
+ @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) push -f $$PACKAGE_NAME local; fi
else
- @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi
endif
- @helm repo index $(PACKAGE_DIR)
+ @$(HELM_BIN) repo index $(PACKAGE_DIR)
clean:
@rm -f */requirements.lock
diff --git a/kubernetes/oof/components/oof-cmso/components/Makefile b/kubernetes/oof/components/oof-cmso/components/Makefile
index f7a698d0ec..36ea7b6c2b 100755
--- a/kubernetes/oof/components/oof-cmso/components/Makefile
+++ b/kubernetes/oof/components/oof-cmso/components/Makefile
@@ -18,8 +18,9 @@ PACKAGE_DIR := $(OUTPUT_DIR)/packages
SECRET_DIR := $(OUTPUT_DIR)/secrets
EXCLUDES :=
+HELM_BIN := helm
HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
-HELM_VER := $(shell helm version --template "{{.Version}}")
+HELM_VER := $(shell $(HELM_BIN) version --template "{{.Version}}")
.PHONY: $(EXCLUDES) $(HELM_CHARTS)
@@ -33,19 +34,19 @@ make-%:
@if [ -f $*/Makefile ]; then make -C $*; fi
dep-%: make-%
- @if [ -f $*/requirements.yaml ]; then helm dep up $*; fi
+ @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi
lint-%: dep-%
- @if [ -f $*/Chart.yaml ]; then helm lint $*; fi
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi
package-%: lint-%
@mkdir -p $(PACKAGE_DIR)
ifeq "$(findstring v3,$(HELM_VER))" "v3"
- @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$(helm package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && helm push -f $$PACKAGE_NAME local; fi
+ @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) push -f $$PACKAGE_NAME local; fi
else
- @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi
endif
- @helm repo index $(PACKAGE_DIR)
+ @$(HELM_BIN) repo index $(PACKAGE_DIR)
clean:
@rm -f */requirements.lock
diff --git a/kubernetes/oof/components/oof-has/Makefile b/kubernetes/oof/components/oof-has/Makefile
index 48cebe96e7..33d61041cd 100644
--- a/kubernetes/oof/components/oof-has/Makefile
+++ b/kubernetes/oof/components/oof-has/Makefile
@@ -18,8 +18,9 @@ PACKAGE_DIR := $(OUTPUT_DIR)/packages
SECRET_DIR := $(OUTPUT_DIR)/secrets
EXCLUDES := dist resources templates charts docker
+HELM_BIN := helm
HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
-HELM_VER := $(shell helm version --template "{{.Version}}")
+HELM_VER := $(shell $(HELM_BIN) version --template "{{.Version}}")
.PHONY: $(EXCLUDES) $(HELM_CHARTS)
@@ -33,19 +34,19 @@ make-%:
@if [ -f $*/Makefile ]; then make -C $*; fi
dep-%: make-%
- @if [ -f $*/requirements.yaml ]; then helm dep up $*; fi
+ @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi
lint-%: dep-%
- @if [ -f $*/Chart.yaml ]; then helm lint $*; fi
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi
package-%: lint-%
@mkdir -p $(PACKAGE_DIR)
ifeq "$(findstring v3,$(HELM_VER))" "v3"
- @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$(helm package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && helm push -f $$PACKAGE_NAME local; fi
+ @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) push -f $$PACKAGE_NAME local; fi
else
- @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi
endif
- @helm repo index $(PACKAGE_DIR)
+ @$(HELM_BIN) repo index $(PACKAGE_DIR)
clean:
@rm -f */requirements.lock
diff --git a/kubernetes/oof/components/oof-has/components/Makefile b/kubernetes/oof/components/oof-has/components/Makefile
index f7a698d0ec..36ea7b6c2b 100755
--- a/kubernetes/oof/components/oof-has/components/Makefile
+++ b/kubernetes/oof/components/oof-has/components/Makefile
@@ -18,8 +18,9 @@ PACKAGE_DIR := $(OUTPUT_DIR)/packages
SECRET_DIR := $(OUTPUT_DIR)/secrets
EXCLUDES :=
+HELM_BIN := helm
HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
-HELM_VER := $(shell helm version --template "{{.Version}}")
+HELM_VER := $(shell $(HELM_BIN) version --template "{{.Version}}")
.PHONY: $(EXCLUDES) $(HELM_CHARTS)
@@ -33,19 +34,19 @@ make-%:
@if [ -f $*/Makefile ]; then make -C $*; fi
dep-%: make-%
- @if [ -f $*/requirements.yaml ]; then helm dep up $*; fi
+ @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi
lint-%: dep-%
- @if [ -f $*/Chart.yaml ]; then helm lint $*; fi
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi
package-%: lint-%
@mkdir -p $(PACKAGE_DIR)
ifeq "$(findstring v3,$(HELM_VER))" "v3"
- @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$(helm package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && helm push -f $$PACKAGE_NAME local; fi
+ @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) push -f $$PACKAGE_NAME local; fi
else
- @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi
endif
- @helm repo index $(PACKAGE_DIR)
+ @$(HELM_BIN) repo index $(PACKAGE_DIR)
clean:
@rm -f */requirements.lock
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/requirements.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/requirements.yaml
index 1d9792fa5f..90fe5dd732 100644
--- a/kubernetes/oof/components/oof-has/components/oof-has-api/requirements.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-api/requirements.yaml
@@ -19,3 +19,6 @@ dependencies:
- name: certInitializer
version: ~6.x-0
repository: '@local'
+ - name: oof-templates
+ version: ~6.x-0
+ repository: 'file://../../../oof-templates'
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml
index 1538b47343..78c054bd28 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml
@@ -122,13 +122,21 @@ spec:
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: log.conf
- mountPath: /usr/local/bin/AAF_RootCA.cer
- name: {{ .Values.global.commonConfigPrefix }}-config
- subPath: AAF_RootCA.cer
+ name: {{ include "common.fullname" . }}-onap-certs
+ subPath: aaf_root_ca.cer
resources:
{{ include "common.resources" . | indent 12 }}
- name: {{ include "common.name" . }}-nginx
image: "{{ .Values.global.dockerHubRepository }}/{{ .Values.nginx.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /bin/sh
+ args:
+ - "-c"
+ - |
+ grep -v '^$' /opt/bitnami/nginx/ssl/local/org.onap.oof.crt > /tmp/oof.crt
+ cat /tmp/oof.crt /tmp/intermediate_root_ca.pem /tmp/AAF_RootCA.cer >> /opt/bitnami/nginx/org.onap.oof.crt
+ /opt/bitnami/scripts/nginx/entrypoint.sh /opt/bitnami/scripts/nginx/run.sh
ports:
- containerPort: {{ .Values.service.internalPort }}
{{- if .Values.liveness.enabled }}
@@ -151,6 +159,12 @@ spec:
- mountPath: /opt/bitnami/nginx/conf/nginx.conf
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: nginx.conf
+ - mountPath: /tmp/AAF_RootCA.cer
+ name: {{ include "common.fullname" . }}-onap-certs
+ subPath: aaf_root_ca.cer
+ - mountPath: /tmp/intermediate_root_ca.pem
+ name: {{ include "common.fullname" . }}-onap-certs
+ subPath: intermediate_root_ca.pem
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -176,7 +190,6 @@ spec:
path: conductor.conf
- key: log.conf
path: log.conf
- - key: AAF_RootCA.cer
- path: AAF_RootCA.cer
+{{ include "oof.certificate.volume" . | indent 8 }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/secret.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/secret.yaml
new file mode 100644
index 0000000000..c5fe2be5da
--- /dev/null
+++ b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/secret.yaml
@@ -0,0 +1,15 @@
+# Copyright (C) 2020 Wipro Limited.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml
index f19ecb61ee..b17eed6b2f 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml
@@ -16,7 +16,16 @@
global: # global defaults
nodePortPrefix: 302
image:
- optf_has: onap/optf-has:2.1.1
+ optf_has: onap/optf-has:2.1.2
+
+#################################################################
+# secrets metaconfig
+#################################################################
+secrets:
+ - uid: oof-onap-certs
+ externalSecret: '{{ tpl (default "" .Values.certSecret) . }}'
+ type: generic
+ filePaths: '{{ .Values.secretsFilePaths }}'
service:
type: NodePort
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-controller/requirements.yaml b/kubernetes/oof/components/oof-has/components/oof-has-controller/requirements.yaml
index 1967814f63..1bb059b173 100644
--- a/kubernetes/oof/components/oof-has/components/oof-has-controller/requirements.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-controller/requirements.yaml
@@ -16,3 +16,6 @@ dependencies:
- name: common
version: ~6.x-0
repository: '@local'
+ - name: oof-templates
+ version: ~6.x-0
+ repository: 'file://../../../oof-templates'
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml
index 506ff939e3..53e053aa42 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml
@@ -127,8 +127,8 @@ spec:
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: healthy.sh
- mountPath: /usr/local/bin/AAF_RootCA.cer
- name: {{ .Values.global.commonConfigPrefix }}-config
- subPath: AAF_RootCA.cer
+ name: {{ include "common.fullname" . }}-onap-certs
+ subPath: aaf_root_ca.cer
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -153,7 +153,6 @@ spec:
path: log.conf
- key: healthy.sh
path: healthy.sh
- - key: AAF_RootCA.cer
- path: AAF_RootCA.cer
+{{ include "oof.certificate.volume" . | indent 8 }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/secret.yaml b/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/secret.yaml
new file mode 100644
index 0000000000..c5fe2be5da
--- /dev/null
+++ b/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/secret.yaml
@@ -0,0 +1,15 @@
+# Copyright (C) 2020 Wipro Limited.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml
index 5fa0f2408e..327a537f41 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml
@@ -16,7 +16,16 @@ global:
readinessImage: onap/oom/readiness:3.0.1
repository: nexus3.onap.org:10001
image:
- optf_has: onap/optf-has:2.1.1
+ optf_has: onap/optf-has:2.1.2
+
+#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+ - uid: oof-onap-certs
+ externalSecret: '{{ tpl (default "" .Values.certSecret) . }}'
+ type: generic
+ filePaths: '{{ .Values.secretsFilePaths }}'
ingress:
enabled: false
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-data/requirements.yaml b/kubernetes/oof/components/oof-has/components/oof-has-data/requirements.yaml
index 1967814f63..1bb059b173 100644
--- a/kubernetes/oof/components/oof-has/components/oof-has-data/requirements.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-data/requirements.yaml
@@ -16,3 +16,6 @@ dependencies:
- name: common
version: ~6.x-0
repository: '@local'
+ - name: oof-templates
+ version: ~6.x-0
+ repository: 'file://../../../oof-templates'
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml
index 2041dd2c9d..3ed74a048a 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml
@@ -147,8 +147,8 @@ spec:
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: aai_key.key
- mountPath: /usr/local/bin/AAF_RootCA.cer
- name: {{ .Values.global.commonConfigPrefix }}-config
- subPath: AAF_RootCA.cer
+ name: {{ include "common.fullname" . }}-onap-certs
+ subPath: aaf_root_ca.cer
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -177,7 +177,6 @@ spec:
path: aai_cert.cer
- key: aai_key.key
path: aai_key.key
- - key: AAF_RootCA.cer
- path: AAF_RootCA.cer
+{{ include "oof.certificate.volume" . | indent 8 }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-data/templates/secret.yaml b/kubernetes/oof/components/oof-has/components/oof-has-data/templates/secret.yaml
new file mode 100644
index 0000000000..c5fe2be5da
--- /dev/null
+++ b/kubernetes/oof/components/oof-has/components/oof-has-data/templates/secret.yaml
@@ -0,0 +1,15 @@
+# Copyright (C) 2020 Wipro Limited.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml
index 5fa0f2408e..570c0df5b2 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml
@@ -16,7 +16,16 @@ global:
readinessImage: onap/oom/readiness:3.0.1
repository: nexus3.onap.org:10001
image:
- optf_has: onap/optf-has:2.1.1
+ optf_has: onap/optf-has:2.1.2
+
+#################################################################
+# secrets metaconfig
+#################################################################
+secrets:
+ - uid: oof-onap-certs
+ externalSecret: '{{ tpl (default "" .Values.certSecret) . }}'
+ type: generic
+ filePaths: '{{ .Values.secretsFilePaths }}'
ingress:
enabled: false
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-reservation/requirements.yaml b/kubernetes/oof/components/oof-has/components/oof-has-reservation/requirements.yaml
index 1967814f63..1bb059b173 100644
--- a/kubernetes/oof/components/oof-has/components/oof-has-reservation/requirements.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-reservation/requirements.yaml
@@ -16,3 +16,6 @@ dependencies:
- name: common
version: ~6.x-0
repository: '@local'
+ - name: oof-templates
+ version: ~6.x-0
+ repository: 'file://../../../oof-templates'
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml
index 10bba9f61e..4f5067db12 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml
@@ -141,8 +141,8 @@ spec:
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: healthy.sh
- mountPath: /usr/local/bin/AAF_RootCA.cer
- name: {{ .Values.global.commonConfigPrefix }}-config
- subPath: AAF_RootCA.cer
+ name: {{ include "common.fullname" . }}-onap-certs
+ subPath: aaf_root_ca.cer
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -167,8 +167,6 @@ spec:
path: log.conf
- key: healthy.sh
path: healthy.sh
- - key: AAF_RootCA.cer
- path: AAF_RootCA.cer
-
+{{ include "oof.certificate.volume" . | indent 8 }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/secret.yaml b/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/secret.yaml
new file mode 100644
index 0000000000..c5fe2be5da
--- /dev/null
+++ b/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/secret.yaml
@@ -0,0 +1,15 @@
+# Copyright (C) 2020 Wipro Limited.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml
index 5fa0f2408e..570c0df5b2 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml
@@ -16,7 +16,16 @@ global:
readinessImage: onap/oom/readiness:3.0.1
repository: nexus3.onap.org:10001
image:
- optf_has: onap/optf-has:2.1.1
+ optf_has: onap/optf-has:2.1.2
+
+#################################################################
+# secrets metaconfig
+#################################################################
+secrets:
+ - uid: oof-onap-certs
+ externalSecret: '{{ tpl (default "" .Values.certSecret) . }}'
+ type: generic
+ filePaths: '{{ .Values.secretsFilePaths }}'
ingress:
enabled: false
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-solver/requirements.yaml b/kubernetes/oof/components/oof-has/components/oof-has-solver/requirements.yaml
index 1967814f63..1bb059b173 100644
--- a/kubernetes/oof/components/oof-has/components/oof-has-solver/requirements.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-solver/requirements.yaml
@@ -16,3 +16,6 @@ dependencies:
- name: common
version: ~6.x-0
repository: '@local'
+ - name: oof-templates
+ version: ~6.x-0
+ repository: 'file://../../../oof-templates'
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml
index 55c9d362e4..d1e4946ae1 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml
@@ -141,8 +141,8 @@ spec:
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: healthy.sh
- mountPath: /usr/local/bin/AAF_RootCA.cer
- name: {{ .Values.global.commonConfigPrefix }}-config
- subPath: AAF_RootCA.cer
+ name: {{ include "common.fullname" . }}-onap-certs
+ subPath: aaf_root_ca.cer
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -167,7 +167,6 @@ spec:
path: log.conf
- key: healthy.sh
path: healthy.sh
- - key: AAF_RootCA.cer
- path: AAF_RootCA.cer
+{{ include "oof.certificate.volume" . | indent 8 }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/secret.yaml b/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/secret.yaml
new file mode 100644
index 0000000000..c5fe2be5da
--- /dev/null
+++ b/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/secret.yaml
@@ -0,0 +1,15 @@
+# Copyright (C) 2020 Wipro Limited.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml
index 5fa0f2408e..570c0df5b2 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml
@@ -16,7 +16,16 @@ global:
readinessImage: onap/oom/readiness:3.0.1
repository: nexus3.onap.org:10001
image:
- optf_has: onap/optf-has:2.1.1
+ optf_has: onap/optf-has:2.1.2
+
+#################################################################
+# secrets metaconfig
+#################################################################
+secrets:
+ - uid: oof-onap-certs
+ externalSecret: '{{ tpl (default "" .Values.certSecret) . }}'
+ type: generic
+ filePaths: '{{ .Values.secretsFilePaths }}'
ingress:
enabled: false
diff --git a/kubernetes/oof/components/oof-has/resources/config/AAF_RootCA.cer b/kubernetes/oof/components/oof-has/resources/config/AAF_RootCA.cer
deleted file mode 100755
index e9a50d7ea0..0000000000
--- a/kubernetes/oof/components/oof-has/resources/config/AAF_RootCA.cer
+++ /dev/null
@@ -1,31 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIFPjCCAyagAwIBAgIJAJ6u7cCnzrWdMA0GCSqGSIb3DQEBCwUAMCwxDjAMBgNV
-BAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzAeFw0xODA0MDUx
-NDE1MjhaFw0zODAzMzExNDE1MjhaMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQK
-DARPTkFQMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
-ggIBAMA5pkgRs7NhGG4ew5JouhyYakgYUyFaG121+/h8qbSdt0hVQv56+EA41Yq7
-XGie7RYDQK9NmAFF3gruE+6X7wvJiChp+Cyd7sFMnb65uWhxEdxWTM2BJFrgfzUn
-H8ZCxgaCo3XH4PzlKRy2LQQJEJECwl/RZmRCXijMt5e9h8XoZY/fKkKcZZUsWNCM
-pTo266wjvA9MXLmdgReRj0+vrCjrNqy+htwJDztoiHWiYPqT6o8EvGcgjNqjlZx7
-NUNf8MfLDByqKF6+wRbHv1GKjn3/Vijd45Fv8riyRYROiFanvbV6jIfBkv8PZbXg
-2VDWsYsgp8NAvMxK+iV8cO+Ck3lBI2GOPZbCEqpPVTYbLUz6sczAlCXwQoPzDIZY
-wYa3eR/gYLY1gP2iEVHORag3bLPap9ZX5E8DZkzTNTjovvLk8KaCmfcaUMJsBtDd
-ApcUitz10cnRyZc1sX3gE1f3DpzQM6t9C5sOVyRhDcSrKqqwb9m0Ss04XAS9FsqM
-P3UWYQyqDXSxlUAYaX892u8mV1hxnt2gjb22RloXMM6TovM3sSrJS0wH+l1nznd6
-aFXftS/G4ZVIVZ/LfT1is4StoyPWZCwwwly1z8qJQ/zhip5NgZTxQw4mi7ww35DY
-PdAQOCoajfSvFjqslQ/cPRi/MRCu079heVb5fQnnzVtnpFQRAgMBAAGjYzBhMB0G
-A1UdDgQWBBRTVTPyS+vQUbHBeJrBKDF77+rtSTAfBgNVHSMEGDAWgBRTVTPyS+vQ
-UbHBeJrBKDF77+rtSTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAN
-BgkqhkiG9w0BAQsFAAOCAgEAPx/IaK94n02wPxpnYTy+LVLIxwdq/kawNd6IbiMz
-L87zmNMDmHcGbfoRCj8OkhuggX9Lx1/CkhpXimuYsZOFQi5blr/u+v4mIbsgbmi9
-7j+cUHDP0zLycvSvxKHty51LwmaX9a4wkJl5zBU4O1sd/H9tWcEmwJ39ltKoBKBx
-c94Zc3iMm5ytRWGj+0rKzLDAXEWpoZ5bE5PLJauA6UDCxDLfs3FwhbS7uDggxYvf
-jySF5FCNET94oJ+m8s7VeHvoa8iPGKvXrIqdd7XDHnqJJlVKr7m9S0fMbyEB8ci2
-RtOXDt93ifY1uhoEtEykn4dqBSp8ezvNMnwoXdYPDvTd9uCAFeWFLVreBAWxd25h
-PsBTkZA5hpa/rA+mKv6Af4VBViYr8cz4dZCsFChuioVebe9ighrfjB//qKepFjPF
-CyjzKN1u0JKm/2x/ORqxkTONG8p3uDwoIOyimUcTtTMv42bfYD88RKakqSFXE9G+
-Z0LlaKABqfjK49o/tsAp+c5LoNlYllKhnetO3QAdraHwdmC36BhoghzR1jpX751A
-cZn2VH3Q4XKyp01cJNCJIrua+A+bx6zh3RyW6zIIkbRCbET+UD+4mr8WIcSE3mtR
-ZVlnhUDO4z9//WKMVzwS9Rh8/kuszrGFI1KQozXCHLrce3YP6RYZfOed79LXaRwX
-dYY=
------END CERTIFICATE-----
diff --git a/kubernetes/oof/components/oof-has/resources/config/nginx.conf b/kubernetes/oof/components/oof-has/resources/config/nginx.conf
index a6790164d8..cbb1b60a58 100644
--- a/kubernetes/oof/components/oof-has/resources/config/nginx.conf
+++ b/kubernetes/oof/components/oof-has/resources/config/nginx.conf
@@ -13,9 +13,9 @@ http {
listen 8091 ssl;
server_name oof;
- ssl_certificate /opt/bitnami/nginx/ssl/local/org.onap.oof.crt;
+ ssl_certificate /opt/bitnami/nginx/org.onap.oof.crt;
ssl_certificate_key /opt/bitnami/nginx/ssl/local/org.onap.oof.key;
- ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
location / {
diff --git a/kubernetes/oof/components/oof-has/templates/secret.yaml b/kubernetes/oof/components/oof-has/templates/secret.yaml
new file mode 100644
index 0000000000..c5fe2be5da
--- /dev/null
+++ b/kubernetes/oof/components/oof-has/templates/secret.yaml
@@ -0,0 +1,15 @@
+# Copyright (C) 2020 Wipro Limited.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/oof/components/oof-has/values.yaml b/kubernetes/oof/components/oof-has/values.yaml
index c7799cdc02..ffd11db2dd 100755
--- a/kubernetes/oof/components/oof-has/values.yaml
+++ b/kubernetes/oof/components/oof-has/values.yaml
@@ -23,11 +23,21 @@ global:
repository: nexus3.onap.org:10001
commonConfigPrefix: onap-oof-has
image:
- optf_has: onap/optf-has:2.1.1
+ optf_has: onap/optf-has:2.1.2
filebeat: docker.elastic.co/beats/filebeat:5.5.0
persistence:
enabled: true
+#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+ - uid: oof-onap-certs
+ name: &oof-certs '{{ include "common.release" . }}-oof-onap-certs'
+ externalSecret: '{{ tpl (default "" .Values.certSecret) . }}'
+ type: generic
+ filePaths: '{{ .Values.secretsFilePaths }}'
+
pullPolicy: Always
nodePortPrefix: 302
dataRootDir: /dockerdata-nfs
@@ -70,12 +80,17 @@ resources:
#component overrides
oof-has-api:
enabled: true
+ certSecret: *oof-certs
oof-has-controller:
enabled: true
+ certSecret: *oof-certs
oof-has-data:
enabled: true
+ certSecret: *oof-certs
oof-has-reservation:
enabled: true
+ certSecret: *oof-certs
oof-has-solver:
enabled: true
+ certSecret: *oof-certs
diff --git a/kubernetes/oof/components/oof-templates/Chart.yaml b/kubernetes/oof/components/oof-templates/Chart.yaml
new file mode 100755
index 0000000000..885491c1a9
--- /dev/null
+++ b/kubernetes/oof/components/oof-templates/Chart.yaml
@@ -0,0 +1,19 @@
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T,VMware
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP OOF helm templates
+name: oof-templates
+version: 6.0.0
diff --git a/kubernetes/oof/components/oof-templates/requirements.yaml b/kubernetes/oof/components/oof-templates/requirements.yaml
new file mode 100755
index 0000000000..b93260a4fa
--- /dev/null
+++ b/kubernetes/oof/components/oof-templates/requirements.yaml
@@ -0,0 +1,20 @@
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T,VMware
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
+
diff --git a/kubernetes/oof/components/oof-templates/templates/_certificate.tpl b/kubernetes/oof/components/oof-templates/templates/_certificate.tpl
new file mode 100644
index 0000000000..4da128bcbb
--- /dev/null
+++ b/kubernetes/oof/components/oof-templates/templates/_certificate.tpl
@@ -0,0 +1,11 @@
+{{- define "oof.certificate.volume" -}}
+- name: {{ include "common.fullname" . }}-onap-certs
+ secret:
+ secretName: {{ include "common.secret.getSecretNameFast" (dict "global" . "uid" "oof-onap-certs") }}
+ items:
+ - key: aaf_root_ca.cer
+ path: aaf_root_ca.cer
+ - key: intermediate_root_ca.pem
+ path: intermediate_root_ca.pem
+{{- end -}}
+
diff --git a/kubernetes/oof/components/oof-templates/values.yaml b/kubernetes/oof/components/oof-templates/values.yaml
new file mode 100644
index 0000000000..a97238e9af
--- /dev/null
+++ b/kubernetes/oof/components/oof-templates/values.yaml
@@ -0,0 +1,14 @@
+# Copyright (C) 2020 Wipro Limited.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+