diff options
Diffstat (limited to 'kubernetes/portal/components/portal-widget')
9 files changed, 121 insertions, 20 deletions
diff --git a/kubernetes/portal/components/portal-widget/Chart.yaml b/kubernetes/portal/components/portal-widget/Chart.yaml index 25c2dfd201..7b7af72095 100644 --- a/kubernetes/portal/components/portal-widget/Chart.yaml +++ b/kubernetes/portal/components/portal-widget/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v1 description: Portal widgets micro service application name: portal-widget -version: 6.0.0 +version: 7.0.0 diff --git a/kubernetes/portal/components/portal-widget/requirements.yaml b/kubernetes/portal/components/portal-widget/requirements.yaml index c5d7864b9d..21436f4a17 100644 --- a/kubernetes/portal/components/portal-widget/requirements.yaml +++ b/kubernetes/portal/components/portal-widget/requirements.yaml @@ -14,5 +14,8 @@ dependencies: - name: common - version: ~6.x-0 + version: ~7.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~7.x-0 repository: '@local' diff --git a/kubernetes/portal/components/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.properties b/kubernetes/portal/components/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.properties index a53dd2e283..f5a900e8ce 100644 --- a/kubernetes/portal/components/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.properties +++ b/kubernetes/portal/components/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.properties @@ -7,27 +7,26 @@ microservice.widget.location=/tmp ## App DB Properties
spring.datasource.url=jdbc:mysql://portal-db:3306/portal
-spring.datasource.username=root
-spring.datasource.password=Aa123456
+spring.datasource.username=${PORTAL_DB_USER}
+spring.datasource.password=${PORTAL_DB_PASSWORD}
spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQLDialect
spring.database.driver.classname=org.mariadb.jdbc.Driver
spring.jpa.show-sql=false
spring.jpa.properties.hibernate.format_sql=false
## Basic Authentication Properties
-security.user.name=widget_user
-security.user.password=ENC(IjywcRnI9+nuVEh9+OFFiRWAjBT1n718)
+security.user.name=${WIDGET_USER}
+security.user.password=${WIDGET_PASSWORD}
initialization.default.widgets=true
initialization.widgetData.url=http://portal-app:{{.Values.global.portalPort}}/ONAPPORTAL/commonWidgets
## Account Basic Authentication Properties
-account.user.name=portal
-account.user.password=6APqvG4AU2rfLgCvMdySwQ==
+account.user.name=${ACC_USER}
+account.user.password=${ACC_PASSWORD}
## Certificate Properties
#server.ssl.key-store=classpath:widget-keystore.p12
#server.ssl.key-store-password=ENC(DiIYnAMab4u7rEW2yKhF9zBL00uU55q8)
#server.ssl.keyStoreType=PKCS12
#server.ssl.keyAlias=widget-microservice
-
diff --git a/kubernetes/portal/components/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.yml b/kubernetes/portal/components/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.yml index 087c93f5ce..f3da66f882 100644 --- a/kubernetes/portal/components/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.yml +++ b/kubernetes/portal/components/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.yml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2018 Amdocs, Bell Canada, AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,7 +12,8 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} jasypt: encryptor: - password: EncryptionKey + password: ${JASYPT_ENC_KEY} diff --git a/kubernetes/portal/components/portal-widget/templates/configmap.yaml b/kubernetes/portal/components/portal-widget/templates/configmap.yaml index 4ac5f6d4ea..58acd42a69 100644 --- a/kubernetes/portal/components/portal-widget/templates/configmap.yaml +++ b/kubernetes/portal/components/portal-widget/templates/configmap.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018 AT&T # @@ -12,6 +13,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/portal/components/portal-widget/templates/deployment.yaml b/kubernetes/portal/components/portal-widget/templates/deployment.yaml index 798f7c5f24..246257651a 100644 --- a/kubernetes/portal/components/portal-widget/templates/deployment.yaml +++ b/kubernetes/portal/components/portal-widget/templates/deployment.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018 AT&T # @@ -12,6 +13,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: apps/v1 kind: Deployment @@ -36,10 +38,10 @@ spec: spec: initContainers: - name: {{ include "common.name" . }}-readiness - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + image: {{ include "repositoryGenerator.image.readiness" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - - /root/ready.py + - /app/ready.py args: - --container-name - "portal-db" @@ -49,9 +51,43 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace + - name: {{ include "common.name" . }}-portal-widget-config + image: {{ include "repositoryGenerator.image.envsubst" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - sh + args: + - "-c" + - | + cd /config-input && \ + for PFILE in `ls -1 *.*` + do + envsubst <${PFILE} >/config/${PFILE} + chmod 0755 /config/${PFILE} + done + env: + - name: PORTAL_DB_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-backend-db" "key" "login") | indent 12 }} + - name: PORTAL_DB_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-backend-db" "key" "password") | indent 12 }} + - name: WIDGET_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-widget" "key" "login") | indent 12 }} + - name: WIDGET_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-widget" "key" "password") | indent 12 }} + - name: ACC_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-account" "key" "login") | indent 12 }} + - name: ACC_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-account" "key" "password") | indent 12 }} + - name: JASYPT_ENC_KEY + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "jasypt-enc-key" "key" "password") | indent 12 }} + volumeMounts: + - mountPath: /config-input + name: properties-onapwidgetms-scrubbed + - mountPath: /config + name: properties-onapwidgetms containers: - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - /start-wms.sh @@ -94,6 +130,9 @@ spec: hostPath: path: /etc/localtime - name: properties-onapwidgetms + emptyDir: + medium: Memory + - name: properties-onapwidgetms-scrubbed configMap: name: {{ include "common.fullname" . }}-onapwidgetms defaultMode: 0755 diff --git a/kubernetes/portal/components/portal-widget/templates/secret.yaml b/kubernetes/portal/components/portal-widget/templates/secret.yaml new file mode 100644 index 0000000000..9a3f011e80 --- /dev/null +++ b/kubernetes/portal/components/portal-widget/templates/secret.yaml @@ -0,0 +1,17 @@ +{{/* +# Copyright © 2020 Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{ include "common.secretFast" . }} diff --git a/kubernetes/portal/components/portal-widget/templates/service.yaml b/kubernetes/portal/components/portal-widget/templates/service.yaml index 58da55fdba..5197841189 100644 --- a/kubernetes/portal/components/portal-widget/templates/service.yaml +++ b/kubernetes/portal/components/portal-widget/templates/service.yaml @@ -1,3 +1,4 @@ +{{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018 AT&T # @@ -12,6 +13,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: v1 kind: Service diff --git a/kubernetes/portal/components/portal-widget/values.yaml b/kubernetes/portal/components/portal-widget/values.yaml index 079847c7e7..f86ff85f75 100644 --- a/kubernetes/portal/components/portal-widget/values.yaml +++ b/kubernetes/portal/components/portal-widget/values.yaml @@ -18,18 +18,51 @@ ################################################################# global: nodePortPrefix: 302 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - ubuntuInit: ubuntu-init:1.0.0 + +################################################################ +# Secrets metaconfig +################################################################# + +secrets: + - uid: portal-backend-db + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.mariadb.config.backendDbExternalSecret) . }}' + login: '{{ .Values.mariadb.config.backendUserName }}' + password: '{{ .Values.mariadb.config.backendPassword }}' + passwordPolicy: required + - uid: portal-widget + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.widgetCredsExternalSecret) . }}' + login: '{{ .Values.config.widgetUsername }}' + password: '{{ .Values.config.widgetPassword }}' + passwordPolicy: required + - uid: portal-account + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.accountCredsExternalSecret) . }}' + login: '{{ .Values.config.accountUsername }}' + password: '{{ .Values.config.accountPassword }}' + passwordPolicy: required + - uid: jasypt-enc-key + type: password + externalSecret: '{{ .Values.config.jasyptEncKeyExternalSecret}}' + password: '{{ .Values.config.jasyptEncKey }}' + passwordPolicy: required + +config: + widgetUsername: widget_user + widgetPassword: widget_pass +# widgetCredsExternalSecret: some secret + accountUsername: portal + accountPassword: portal +# accountCredsExternalSecret: some secret + jasyptEncKey: EncryptionKey + # jasyptEncKeyExternalSecret: some secret ################################################################# # Application configuration defaults. ################################################################# # application image -repository: nexus3.onap.org:10001 -image: onap/portal-wms:3.2.3 +image: onap/portal-wms:3.4.2 pullPolicy: Always # flag to enable debugging - application support required @@ -57,6 +90,10 @@ readiness: mariadb: service: name: portal-db + config: + # backendDbExternalSecret: some secret + backendUserName: portal + backendPassword: portal service: type: ClusterIP |