diff options
Diffstat (limited to 'kubernetes/policy')
33 files changed, 142 insertions, 27 deletions
diff --git a/kubernetes/policy/Chart.yaml b/kubernetes/policy/Chart.yaml index 9dc7c2862c..f98bcd6fdd 100644 --- a/kubernetes/policy/Chart.yaml +++ b/kubernetes/policy/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Policy Administration Point name: policy -version: 5.0.0 +version: 6.0.0 diff --git a/kubernetes/policy/charts/brmsgw/Chart.yaml b/kubernetes/policy/charts/brmsgw/Chart.yaml index 2538be9f70..b09939d64c 100644 --- a/kubernetes/policy/charts/brmsgw/Chart.yaml +++ b/kubernetes/policy/charts/brmsgw/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Policy BRMS GW name: brmsgw -version: 5.0.0 +version: 6.0.0 diff --git a/kubernetes/policy/charts/brmsgw/requirements.yaml b/kubernetes/policy/charts/brmsgw/requirements.yaml index 05d49a8d7b..d3c442d32e 100644 --- a/kubernetes/policy/charts/brmsgw/requirements.yaml +++ b/kubernetes/policy/charts/brmsgw/requirements.yaml @@ -15,7 +15,7 @@ dependencies: - name: common - version: ~5.x-0 + version: ~6.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/policy/charts/brmsgw/templates/deployment.yaml b/kubernetes/policy/charts/brmsgw/templates/deployment.yaml index 2b2f383e6c..6ff76ddfd1 100644 --- a/kubernetes/policy/charts/brmsgw/templates/deployment.yaml +++ b/kubernetes/policy/charts/brmsgw/templates/deployment.yaml @@ -54,6 +54,11 @@ spec: name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: JDBC_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }} + - name: JDBC_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }} ports: - containerPort: {{ .Values.service.externalPort }} {{- if eq .Values.liveness.enabled true }} diff --git a/kubernetes/policy/charts/brmsgw/templates/secrets.yaml b/kubernetes/policy/charts/brmsgw/templates/secrets.yaml new file mode 100644 index 0000000000..bd7eb8ea40 --- /dev/null +++ b/kubernetes/policy/charts/brmsgw/templates/secrets.yaml @@ -0,0 +1,15 @@ +# Copyright © 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{ include "common.secretFast" . }} diff --git a/kubernetes/policy/charts/brmsgw/values.yaml b/kubernetes/policy/charts/brmsgw/values.yaml index 9e8bf7324b..08afdeeac0 100644 --- a/kubernetes/policy/charts/brmsgw/values.yaml +++ b/kubernetes/policy/charts/brmsgw/values.yaml @@ -22,6 +22,17 @@ global: readinessImage: readiness-check:2.0.2 ################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: db-secret + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.db.credsExternalSecret) . }}' + login: '{{ .Values.db.user }}' + password: '{{ .Values.db.password }}' + passwordPolicy: required + +################################################################# # Application configuration defaults. ################################################################# # application image @@ -38,6 +49,10 @@ config: pdpPort: 8081 nexusPort: 8081 +db: + user: policy_user + password: policy_user + # default number of instances replicaCount: 1 diff --git a/kubernetes/policy/charts/drools/Chart.yaml b/kubernetes/policy/charts/drools/Chart.yaml index c6b11a43f8..3cc791d36b 100644 --- a/kubernetes/policy/charts/drools/Chart.yaml +++ b/kubernetes/policy/charts/drools/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Drools Policy Engine name: drools -version: 5.0.0 +version: 6.0.0 diff --git a/kubernetes/policy/charts/drools/charts/nexus/Chart.yaml b/kubernetes/policy/charts/drools/charts/nexus/Chart.yaml index d7ff043192..faf8a38748 100644 --- a/kubernetes/policy/charts/drools/charts/nexus/Chart.yaml +++ b/kubernetes/policy/charts/drools/charts/nexus/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Policy Nexus name: nexus -version: 5.0.0 +version: 6.0.0 diff --git a/kubernetes/policy/charts/drools/charts/nexus/requirements.yaml b/kubernetes/policy/charts/drools/charts/nexus/requirements.yaml index 05d49a8d7b..d3c442d32e 100644 --- a/kubernetes/policy/charts/drools/charts/nexus/requirements.yaml +++ b/kubernetes/policy/charts/drools/charts/nexus/requirements.yaml @@ -15,7 +15,7 @@ dependencies: - name: common - version: ~5.x-0 + version: ~6.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/policy/charts/drools/requirements.yaml b/kubernetes/policy/charts/drools/requirements.yaml index 05d49a8d7b..d3c442d32e 100644 --- a/kubernetes/policy/charts/drools/requirements.yaml +++ b/kubernetes/policy/charts/drools/requirements.yaml @@ -15,7 +15,7 @@ dependencies: - name: common - version: ~5.x-0 + version: ~6.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/policy/charts/pap/Chart.yaml b/kubernetes/policy/charts/pap/Chart.yaml index 25e481b9fc..9133e8685a 100644 --- a/kubernetes/policy/charts/pap/Chart.yaml +++ b/kubernetes/policy/charts/pap/Chart.yaml @@ -19,4 +19,4 @@ apiVersion: v1 description: ONAP Policy Administration (PAP) name: pap -version: 5.0.0 +version: 6.0.0 diff --git a/kubernetes/policy/charts/pap/requirements.yaml b/kubernetes/policy/charts/pap/requirements.yaml index f035fb9801..a6c2f0a42a 100644 --- a/kubernetes/policy/charts/pap/requirements.yaml +++ b/kubernetes/policy/charts/pap/requirements.yaml @@ -18,5 +18,5 @@ dependencies: - name: common - version: ~5.x-0 + version: ~6.x-0 repository: '@local' diff --git a/kubernetes/policy/charts/pdp/Chart.yaml b/kubernetes/policy/charts/pdp/Chart.yaml index d17329a544..25301ee483 100644 --- a/kubernetes/policy/charts/pdp/Chart.yaml +++ b/kubernetes/policy/charts/pdp/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Policy PDP name: pdp -version: 5.0.0 +version: 6.0.0 diff --git a/kubernetes/policy/charts/pdp/requirements.yaml b/kubernetes/policy/charts/pdp/requirements.yaml index 05d49a8d7b..d3c442d32e 100644 --- a/kubernetes/policy/charts/pdp/requirements.yaml +++ b/kubernetes/policy/charts/pdp/requirements.yaml @@ -15,7 +15,7 @@ dependencies: - name: common - version: ~5.x-0 + version: ~6.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/policy/charts/pdp/templates/secrets.yaml b/kubernetes/policy/charts/pdp/templates/secrets.yaml new file mode 100644 index 0000000000..bd7eb8ea40 --- /dev/null +++ b/kubernetes/policy/charts/pdp/templates/secrets.yaml @@ -0,0 +1,15 @@ +# Copyright © 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{ include "common.secretFast" . }} diff --git a/kubernetes/policy/charts/pdp/templates/statefulset.yaml b/kubernetes/policy/charts/pdp/templates/statefulset.yaml index 127c400c12..16d5fb5cec 100644 --- a/kubernetes/policy/charts/pdp/templates/statefulset.yaml +++ b/kubernetes/policy/charts/pdp/templates/statefulset.yaml @@ -58,6 +58,11 @@ spec: name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: JDBC_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }} + - name: JDBC_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }} resources: {{ include "common.resources" . | indent 12 }} ports: diff --git a/kubernetes/policy/charts/pdp/values.yaml b/kubernetes/policy/charts/pdp/values.yaml index 8b3b9d4a3b..7b9c561a61 100644 --- a/kubernetes/policy/charts/pdp/values.yaml +++ b/kubernetes/policy/charts/pdp/values.yaml @@ -24,6 +24,17 @@ global: loggingImage: beats/filebeat:5.5.0 ################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: db-secret + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.db.credsExternalSecret) . }}' + login: '{{ .Values.db.user }}' + password: '{{ .Values.db.password }}' + passwordPolicy: required + +################################################################# # Application configuration defaults. ################################################################# # application image @@ -35,6 +46,11 @@ pullPolicy: Always debugEnabled: false # application configuration + +db: + user: policy_user + password: policy_user + config: papPort: 9091 diff --git a/kubernetes/policy/charts/policy-apex-pdp/Chart.yaml b/kubernetes/policy/charts/policy-apex-pdp/Chart.yaml index 34bd140eab..d63683ed62 100644 --- a/kubernetes/policy/charts/policy-apex-pdp/Chart.yaml +++ b/kubernetes/policy/charts/policy-apex-pdp/Chart.yaml @@ -19,4 +19,4 @@ apiVersion: v1 description: ONAP Policy APEX PDP name: policy-apex-pdp -version: 5.0.0 +version: 6.0.0 diff --git a/kubernetes/policy/charts/policy-apex-pdp/requirements.yaml b/kubernetes/policy/charts/policy-apex-pdp/requirements.yaml index 138addd99c..95b3b6deac 100644 --- a/kubernetes/policy/charts/policy-apex-pdp/requirements.yaml +++ b/kubernetes/policy/charts/policy-apex-pdp/requirements.yaml @@ -18,5 +18,5 @@ dependencies: - name: common - version: ~5.x-0 + version: ~6.x-0 repository: '@local' diff --git a/kubernetes/policy/charts/policy-api/Chart.yaml b/kubernetes/policy/charts/policy-api/Chart.yaml index ad74784c7e..021263a1fc 100644 --- a/kubernetes/policy/charts/policy-api/Chart.yaml +++ b/kubernetes/policy/charts/policy-api/Chart.yaml @@ -19,4 +19,4 @@ apiVersion: v1 description: ONAP Policy Design API name: policy-api -version: 5.0.0 +version: 6.0.0 diff --git a/kubernetes/policy/charts/policy-api/requirements.yaml b/kubernetes/policy/charts/policy-api/requirements.yaml index 316e7e376b..f70a3630c3 100644 --- a/kubernetes/policy/charts/policy-api/requirements.yaml +++ b/kubernetes/policy/charts/policy-api/requirements.yaml @@ -18,5 +18,5 @@ dependencies: - name: common - version: ~5.x-0 + version: ~6.x-0 repository: '@local' diff --git a/kubernetes/policy/charts/policy-common/Chart.yaml b/kubernetes/policy/charts/policy-common/Chart.yaml index 028a5b56b7..0af8e01b51 100644 --- a/kubernetes/policy/charts/policy-common/Chart.yaml +++ b/kubernetes/policy/charts/policy-common/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: ONAP Policy Common name: policy-common -version: 5.0.0 +version: 6.0.0 diff --git a/kubernetes/policy/charts/policy-common/requirements.yaml b/kubernetes/policy/charts/policy-common/requirements.yaml index 05d49a8d7b..d3c442d32e 100644 --- a/kubernetes/policy/charts/policy-common/requirements.yaml +++ b/kubernetes/policy/charts/policy-common/requirements.yaml @@ -15,7 +15,7 @@ dependencies: - name: common - version: ~5.x-0 + version: ~6.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) diff --git a/kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh b/kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh index 052b6f2c2f..0e473105a2 100644 --- a/kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh +++ b/kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh @@ -78,8 +78,17 @@ else # wait for DB up # now that DB is up, invoke database upgrade # (which does nothing if the db is already up-to-date) - dbuser=$(echo $(grep '^JDBC_USER=' base.conf | cut -f2 -d=)) - dbpw=$(echo $(grep '^JDBC_PASSWORD=' base.conf | cut -f2 -d=)) + if [[ -v JDBC_USER ]]; then + dbuser=${JDBC_USER}; + else + dbuser=$(echo $(grep '^JDBC_USER=' base.conf | cut -f2 -d=)) + fi + + if [[ -v JDBC_PASSWORD ]]; then + dbpw=${JDBC_PASSWORD} + else + dbpw=$(echo $(grep '^JDBC_PASSWORD=' base.conf | cut -f2 -d=)) + fi db_upgrade_remote.sh $dbuser $dbpw {{.Values.global.mariadb.service.name}} fi diff --git a/kubernetes/policy/charts/policy-distribution/Chart.yaml b/kubernetes/policy/charts/policy-distribution/Chart.yaml index e6c8910238..db04d7cc6d 100644 --- a/kubernetes/policy/charts/policy-distribution/Chart.yaml +++ b/kubernetes/policy/charts/policy-distribution/Chart.yaml @@ -19,4 +19,4 @@ apiVersion: v1 description: ONAP Policy Distribution name: policy-distribution -version: 5.0.0 +version: 6.0.0 diff --git a/kubernetes/policy/charts/policy-distribution/requirements.yaml b/kubernetes/policy/charts/policy-distribution/requirements.yaml index 138addd99c..95b3b6deac 100644 --- a/kubernetes/policy/charts/policy-distribution/requirements.yaml +++ b/kubernetes/policy/charts/policy-distribution/requirements.yaml @@ -18,5 +18,5 @@ dependencies: - name: common - version: ~5.x-0 + version: ~6.x-0 repository: '@local' diff --git a/kubernetes/policy/charts/policy-xacml-pdp/Chart.yaml b/kubernetes/policy/charts/policy-xacml-pdp/Chart.yaml index d9f6056fac..ab79a68745 100644 --- a/kubernetes/policy/charts/policy-xacml-pdp/Chart.yaml +++ b/kubernetes/policy/charts/policy-xacml-pdp/Chart.yaml @@ -19,4 +19,4 @@ apiVersion: v1 description: ONAP Policy XACML PDP name: policy-xacml-pdp -version: 5.0.0 +version: 6.0.0 diff --git a/kubernetes/policy/charts/policy-xacml-pdp/requirements.yaml b/kubernetes/policy/charts/policy-xacml-pdp/requirements.yaml index 316e7e376b..f70a3630c3 100644 --- a/kubernetes/policy/charts/policy-xacml-pdp/requirements.yaml +++ b/kubernetes/policy/charts/policy-xacml-pdp/requirements.yaml @@ -18,5 +18,5 @@ dependencies: - name: common - version: ~5.x-0 + version: ~6.x-0 repository: '@local' diff --git a/kubernetes/policy/charts/policy-xacml-pdp/resources/config/xacml.properties b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/xacml.properties index 29feeb6e24..f2c2cd7765 100644 --- a/kubernetes/policy/charts/policy-xacml-pdp/resources/config/xacml.properties +++ b/kubernetes/policy/charts/policy-xacml-pdp/resources/config/xacml.properties @@ -49,5 +49,5 @@ xacml.pip.engines=count-recent-operations,get-operation-outcome # javax.persistence.jdbc.driver=org.mariadb.jdbc.Driver javax.persistence.jdbc.url=jdbc:mariadb://{{ .Values.global.mariadb.service.name }}:{{ .Values.global.mariadb.service.internalPort }}/operationshistory -javax.persistence.jdbc.user={{ .Values.global.mariadb.config.userName }} -javax.persistence.jdbc.password={{ .Values.global.mariadb.config.userPassword | b64enc }} +javax.persistence.jdbc.user=${SQL_USER} +javax.persistence.jdbc.password=${SQL_PASSWORD} diff --git a/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml b/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml index 57e7c78218..5b02c177b5 100644 --- a/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml +++ b/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml @@ -37,6 +37,11 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: ["/opt/app/policy/pdpx/bin/policy-pdpx.sh"] args: ["/opt/app/policy/pdpx/etc/mounted/config.json"] + env: + - name: SQL_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }} + - name: SQL_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }} ports: - containerPort: {{ .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger diff --git a/kubernetes/policy/charts/policy-xacml-pdp/templates/secrets.yaml b/kubernetes/policy/charts/policy-xacml-pdp/templates/secrets.yaml new file mode 100644 index 0000000000..bd7eb8ea40 --- /dev/null +++ b/kubernetes/policy/charts/policy-xacml-pdp/templates/secrets.yaml @@ -0,0 +1,15 @@ +# Copyright © 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{ include "common.secretFast" . }} diff --git a/kubernetes/policy/charts/policy-xacml-pdp/values.yaml b/kubernetes/policy/charts/policy-xacml-pdp/values.yaml index 5c062a0e7a..dc7266e9a1 100644 --- a/kubernetes/policy/charts/policy-xacml-pdp/values.yaml +++ b/kubernetes/policy/charts/policy-xacml-pdp/values.yaml @@ -23,6 +23,17 @@ global: persistence: {} ################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: db-secret + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.db.credsExternalSecret) . }}' + login: '{{ .Values.db.user }}' + password: '{{ .Values.db.password }}' + passwordPolicy: required + +################################################################# # Application configuration defaults. ################################################################# # application image @@ -35,6 +46,10 @@ debugEnabled: false # application configuration +db: + user: policy_user + password: policy_user + # default number of instances replicaCount: 1 diff --git a/kubernetes/policy/requirements.yaml b/kubernetes/policy/requirements.yaml index 589dfa4810..01e41d9d0f 100644 --- a/kubernetes/policy/requirements.yaml +++ b/kubernetes/policy/requirements.yaml @@ -15,11 +15,11 @@ dependencies: - name: common - version: ~5.x-0 + version: ~6.x-0 # local reference to common chart, as it is # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' - name: mariadb-galera - version: ~5.x-0 + version: ~6.x-0 repository: '@local' |