summaryrefslogtreecommitdiffstats
path: root/kubernetes
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes')
-rw-r--r--kubernetes/.gitignore1
-rw-r--r--kubernetes/cli/requirements.yaml3
-rw-r--r--kubernetes/cli/templates/deployment.yaml2
-rw-r--r--kubernetes/cli/values.yaml2
-rw-r--r--kubernetes/common/cmpv2Config/values.yaml4
-rw-r--r--kubernetes/contrib/components/ejbca/resources/entityprofile_Custom_EndEntity-1356531849.xml179
-rw-r--r--kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json4
-rw-r--r--kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml2
-rw-r--r--kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs-tls.yaml2
-rw-r--r--kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml4
-rw-r--r--kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml2
-rw-r--r--kubernetes/log/components/log-elasticsearch/templates/deployment.yaml3
-rw-r--r--kubernetes/log/components/log-kibana/templates/deployment.yaml3
-rw-r--r--kubernetes/log/components/log-logstash/templates/deployment.yaml3
-rw-r--r--kubernetes/msb/Makefile51
-rw-r--r--kubernetes/msb/charts/msb-iag/requirements.yaml17
-rw-r--r--kubernetes/msb/components/Makefile51
-rw-r--r--kubernetes/msb/components/kube2msb/.helmignore (renamed from kubernetes/msb/charts/kube2msb/.helmignore)0
-rw-r--r--kubernetes/msb/components/kube2msb/Chart.yaml (renamed from kubernetes/msb/charts/kube2msb/Chart.yaml)0
-rw-r--r--kubernetes/msb/components/kube2msb/requirements.yaml (renamed from kubernetes/msb/charts/msb-eag/requirements.yaml)3
-rw-r--r--kubernetes/msb/components/kube2msb/templates/deployment.yaml (renamed from kubernetes/msb/charts/kube2msb/templates/deployment.yaml)4
-rw-r--r--kubernetes/msb/components/kube2msb/values.yaml (renamed from kubernetes/msb/charts/kube2msb/values.yaml)2
-rw-r--r--kubernetes/msb/components/msb-consul/.helmignore (renamed from kubernetes/msb/charts/msb-consul/.helmignore)0
-rw-r--r--kubernetes/msb/components/msb-consul/Chart.yaml (renamed from kubernetes/msb/charts/msb-consul/Chart.yaml)0
-rw-r--r--kubernetes/msb/components/msb-consul/requirements.yaml (renamed from kubernetes/msb/charts/msb-consul/requirements.yaml)3
-rwxr-xr-xkubernetes/msb/components/msb-consul/resources/docker-entrypoint.sh (renamed from kubernetes/msb/charts/msb-consul/resources/docker-entrypoint.sh)0
-rw-r--r--kubernetes/msb/components/msb-consul/templates/NOTES.txt (renamed from kubernetes/msb/charts/msb-consul/templates/NOTES.txt)0
-rw-r--r--kubernetes/msb/components/msb-consul/templates/configmap.yaml (renamed from kubernetes/msb/charts/msb-consul/templates/configmap.yaml)0
-rw-r--r--kubernetes/msb/components/msb-consul/templates/deployment.yaml (renamed from kubernetes/msb/charts/msb-consul/templates/deployment.yaml)2
-rw-r--r--kubernetes/msb/components/msb-consul/templates/ingress.yaml (renamed from kubernetes/msb/charts/msb-consul/templates/ingress.yaml)0
-rw-r--r--kubernetes/msb/components/msb-consul/templates/service.yaml (renamed from kubernetes/msb/charts/msb-consul/templates/service.yaml)0
-rw-r--r--kubernetes/msb/components/msb-consul/values.yaml (renamed from kubernetes/msb/charts/msb-consul/values.yaml)1
-rw-r--r--kubernetes/msb/components/msb-discovery/.helmignore (renamed from kubernetes/msb/charts/msb-discovery/.helmignore)0
-rw-r--r--kubernetes/msb/components/msb-discovery/Chart.yaml (renamed from kubernetes/msb/charts/msb-discovery/Chart.yaml)0
-rw-r--r--kubernetes/msb/components/msb-discovery/requirements.yaml20
-rw-r--r--kubernetes/msb/components/msb-discovery/resources/config/logback.xml (renamed from kubernetes/msb/charts/msb-discovery/resources/config/logback.xml)0
-rw-r--r--kubernetes/msb/components/msb-discovery/templates/NOTES.txt (renamed from kubernetes/msb/charts/msb-discovery/templates/NOTES.txt)0
-rw-r--r--kubernetes/msb/components/msb-discovery/templates/configmap.yaml (renamed from kubernetes/msb/charts/msb-discovery/templates/configmap.yaml)0
-rw-r--r--kubernetes/msb/components/msb-discovery/templates/deployment.yaml (renamed from kubernetes/msb/charts/msb-discovery/templates/deployment.yaml)6
-rw-r--r--kubernetes/msb/components/msb-discovery/templates/ingress.yaml (renamed from kubernetes/msb/charts/msb-discovery/templates/ingress.yaml)0
-rw-r--r--kubernetes/msb/components/msb-discovery/templates/service.yaml (renamed from kubernetes/msb/charts/msb-discovery/templates/service.yaml)0
-rw-r--r--kubernetes/msb/components/msb-discovery/values.yaml (renamed from kubernetes/msb/charts/msb-discovery/values.yaml)2
-rw-r--r--kubernetes/msb/components/msb-eag/.helmignore (renamed from kubernetes/msb/charts/msb-eag/.helmignore)0
-rw-r--r--kubernetes/msb/components/msb-eag/Chart.yaml (renamed from kubernetes/msb/charts/msb-eag/Chart.yaml)0
-rw-r--r--kubernetes/msb/components/msb-eag/requirements.yaml (renamed from kubernetes/msb/charts/msb-discovery/requirements.yaml)3
-rw-r--r--kubernetes/msb/components/msb-eag/resources/config/log/logback.xml (renamed from kubernetes/msb/charts/msb-eag/resources/config/log/logback.xml)0
-rw-r--r--kubernetes/msb/components/msb-eag/resources/config/logback.xml (renamed from kubernetes/msb/charts/msb-eag/resources/config/logback.xml)0
-rw-r--r--kubernetes/msb/components/msb-eag/templates/NOTES.txt (renamed from kubernetes/msb/charts/msb-eag/templates/NOTES.txt)0
-rw-r--r--kubernetes/msb/components/msb-eag/templates/configmap.yaml (renamed from kubernetes/msb/charts/msb-eag/templates/configmap.yaml)0
-rw-r--r--kubernetes/msb/components/msb-eag/templates/deployment.yaml (renamed from kubernetes/msb/charts/msb-eag/templates/deployment.yaml)6
-rw-r--r--kubernetes/msb/components/msb-eag/templates/ingress.yaml (renamed from kubernetes/msb/charts/msb-eag/templates/ingress.yaml)0
-rw-r--r--kubernetes/msb/components/msb-eag/templates/service.yaml (renamed from kubernetes/msb/charts/msb-eag/templates/service.yaml)0
-rw-r--r--kubernetes/msb/components/msb-eag/values.yaml (renamed from kubernetes/msb/charts/msb-eag/values.yaml)2
-rw-r--r--kubernetes/msb/components/msb-iag/.helmignore (renamed from kubernetes/msb/charts/msb-iag/.helmignore)0
-rw-r--r--kubernetes/msb/components/msb-iag/Chart.yaml (renamed from kubernetes/msb/charts/msb-iag/Chart.yaml)0
-rw-r--r--kubernetes/msb/components/msb-iag/requirements.yaml20
-rw-r--r--kubernetes/msb/components/msb-iag/resources/config/log/logback.xml (renamed from kubernetes/msb/charts/msb-iag/resources/config/log/logback.xml)0
-rw-r--r--kubernetes/msb/components/msb-iag/resources/config/logback.xml (renamed from kubernetes/msb/charts/msb-iag/resources/config/logback.xml)0
-rw-r--r--kubernetes/msb/components/msb-iag/templates/NOTES.txt (renamed from kubernetes/msb/charts/msb-iag/templates/NOTES.txt)0
-rw-r--r--kubernetes/msb/components/msb-iag/templates/configmap.yaml (renamed from kubernetes/msb/charts/msb-iag/templates/configmap.yaml)0
-rw-r--r--kubernetes/msb/components/msb-iag/templates/deployment.yaml (renamed from kubernetes/msb/charts/msb-iag/templates/deployment.yaml)6
-rw-r--r--kubernetes/msb/components/msb-iag/templates/ingress.yaml (renamed from kubernetes/msb/charts/msb-iag/templates/ingress.yaml)0
-rw-r--r--kubernetes/msb/components/msb-iag/templates/service.yaml (renamed from kubernetes/msb/charts/msb-iag/templates/service.yaml)0
-rw-r--r--kubernetes/msb/components/msb-iag/values.yaml (renamed from kubernetes/msb/charts/msb-iag/values.yaml)2
-rw-r--r--kubernetes/msb/requirements.yaml18
-rw-r--r--kubernetes/msb/values.yaml2
-rw-r--r--kubernetes/onap/Chart.yaml2
-rwxr-xr-xkubernetes/onap/values.yaml2
-rw-r--r--kubernetes/platform/components/cmpv2-cert-provider/.helmignore22
-rw-r--r--kubernetes/platform/components/cmpv2-cert-provider/Chart.yaml18
-rw-r--r--kubernetes/platform/components/cmpv2-cert-provider/crds/cmpv2issuer.yaml138
-rw-r--r--kubernetes/platform/components/cmpv2-cert-provider/requirements.yaml (renamed from kubernetes/msb/charts/kube2msb/requirements.yaml)6
-rw-r--r--kubernetes/platform/components/cmpv2-cert-provider/templates/configuration.yaml34
-rw-r--r--kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml71
-rw-r--r--kubernetes/platform/components/cmpv2-cert-provider/templates/roles.yaml167
-rw-r--r--kubernetes/platform/components/cmpv2-cert-provider/templates/service.yaml38
-rw-r--r--kubernetes/platform/components/cmpv2-cert-provider/values.yaml79
-rw-r--r--kubernetes/platform/components/oom-cert-service/.gitignore5
-rw-r--r--kubernetes/platform/components/oom-cert-service/.helmignore1
-rw-r--r--kubernetes/platform/components/oom-cert-service/Makefile36
-rw-r--r--kubernetes/platform/components/oom-cert-service/resources/default/cmpServers.json2
-rw-r--r--kubernetes/platform/components/oom-cert-service/templates/secret.yaml15
-rw-r--r--kubernetes/platform/components/oom-cert-service/values.yaml9
-rw-r--r--kubernetes/platform/requirements.yaml5
m---------kubernetes/robot0
-rw-r--r--kubernetes/sdnc/values.yaml2
-rw-r--r--kubernetes/so/components/soHelpers/templates/_certificates.tpl17
-rw-r--r--kubernetes/vid/requirements.yaml3
-rw-r--r--kubernetes/vid/templates/deployment.yaml6
-rw-r--r--kubernetes/vid/values.yaml16
90 files changed, 1042 insertions, 87 deletions
diff --git a/kubernetes/.gitignore b/kubernetes/.gitignore
new file mode 100644
index 0000000000..bc3a4f1ee0
--- /dev/null
+++ b/kubernetes/.gitignore
@@ -0,0 +1 @@
+chartstorage/
diff --git a/kubernetes/cli/requirements.yaml b/kubernetes/cli/requirements.yaml
index f5931d50ed..1e08aaf3cd 100644
--- a/kubernetes/cli/requirements.yaml
+++ b/kubernetes/cli/requirements.yaml
@@ -19,3 +19,6 @@ dependencies:
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
+ - name: repositoryGenerator
+ version: ~7.x-0
+ repository: '@local'
diff --git a/kubernetes/cli/templates/deployment.yaml b/kubernetes/cli/templates/deployment.yaml
index 0823daffb6..74b2d2df37 100644
--- a/kubernetes/cli/templates/deployment.yaml
+++ b/kubernetes/cli/templates/deployment.yaml
@@ -37,7 +37,7 @@ spec:
spec:
containers:
- name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
- containerPort: {{ .Values.service.internalPort }}
diff --git a/kubernetes/cli/values.yaml b/kubernetes/cli/values.yaml
index bf3ba5b099..6e711c51c0 100644
--- a/kubernetes/cli/values.yaml
+++ b/kubernetes/cli/values.yaml
@@ -17,12 +17,10 @@
#################################################################
global:
nodePortPrefix: 302
- readinessImage: onap/oom/readiness:3.0.1
#################################################################
# Application configuration defaults.
#################################################################
# application image
-repository: nexus3.onap.org:10001
image: onap/cli:6.0.0
pullPolicy: Always
flavor: small
diff --git a/kubernetes/common/cmpv2Config/values.yaml b/kubernetes/common/cmpv2Config/values.yaml
index f6feee6e06..c22f9731b5 100644
--- a/kubernetes/common/cmpv2Config/values.yaml
+++ b/kubernetes/common/cmpv2Config/values.yaml
@@ -14,7 +14,7 @@
global:
platform:
certServiceClient:
- image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.1.0
+ image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.1
secretName: oom-cert-service-client-tls-secret
envVariables:
# Certificate related
@@ -29,5 +29,5 @@ global:
keystorePassword: "secret"
truststorePassword: "secret"
certPostProcessor:
- image: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.1.0
+ image: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.3.1
diff --git a/kubernetes/contrib/components/ejbca/resources/entityprofile_Custom_EndEntity-1356531849.xml b/kubernetes/contrib/components/ejbca/resources/entityprofile_Custom_EndEntity-1356531849.xml
index 19d872fe12..ec51a80d5e 100644
--- a/kubernetes/contrib/components/ejbca/resources/entityprofile_Custom_EndEntity-1356531849.xml
+++ b/kubernetes/contrib/components/ejbca/resources/entityprofile_Custom_EndEntity-1356531849.xml
@@ -60,19 +60,19 @@
<int>1</int>
</void>
<void method="add">
- <int>0</int>
+ <int>3</int>
</void>
<void method="add">
<int>3</int>
</void>
<void method="add">
- <int>0</int>
+ <int>3</int>
</void>
<void method="add">
<int>0</int>
</void>
<void method="add">
- <int>0</int>
+ <int>3</int>
</void>
<void method="add">
<int>0</int>
@@ -354,6 +354,33 @@
<void method="add">
<int>1802</int>
</void>
+ <void method="add">
+ <int>1700</int>
+ </void>
+ <void method="add">
+ <int>1701</int>
+ </void>
+ <void method="add">
+ <int>1702</int>
+ </void>
+ <void method="add">
+ <int>1900</int>
+ </void>
+ <void method="add">
+ <int>1901</int>
+ </void>
+ <void method="add">
+ <int>1902</int>
+ </void>
+ <void method="add">
+ <int>2100</int>
+ </void>
+ <void method="add">
+ <int>2101</int>
+ </void>
+ <void method="add">
+ <int>2102</int>
+ </void>
</object>
</void>
<void method="put">
@@ -570,7 +597,7 @@
</void>
<void method="put">
<int>37</int>
- <string>-1501801709</string>
+ <string>-29939301</string>
</void>
<void method="put">
<int>20037</int>
@@ -932,5 +959,149 @@
<int>30218</int>
<boolean>true</boolean>
</void>
+ <void method="put">
+ <int>17</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20017</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>10017</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>30017</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>117</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20117</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>10117</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>30117</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>217</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20217</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>10217</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>30217</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>19</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20019</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>10019</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>30019</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>119</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20119</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>10119</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>30119</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>219</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20219</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>10219</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>30219</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>21</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20021</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>10021</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>30021</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>121</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20121</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>10121</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>30121</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>221</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20221</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>10221</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>30221</int>
+ <boolean>true</boolean>
+ </void>
</object>
</java>
diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json
index 568d6f77c9..5e37856d19 100644
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json
@@ -54,7 +54,7 @@
"keystore_password": "{{ .Values.cmpv2Config.global.platform.certServiceClient.envVariables.keystorePassword }}",
"truststore_password": "{{ .Values.cmpv2Config.global.platform.certServiceClient.envVariables.truststorePassword }}"
},
- "truststore_merger": {
+ "cert_post_processor": {
"image_tag": "{{ include "repositoryGenerator.repository" . }}/{{ .Values.cmpv2Config.global.platform.certPostProcessor.image }}"
}
-} \ No newline at end of file
+}
diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml
index 08a3c357ba..0108d9a8ce 100644
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml
@@ -25,6 +25,6 @@ use_tls: true
security_ssl_disable: false
external_cert_ca_name: "RA"
external_cert_common_name: "dcae-hv-ves-collector"
-external_cert_sans: "dcae-hv-ves-collector:hv-ves-collector:hv-ves"
+external_cert_sans: "dcae-hv-ves-collector,hv-ves-collector,hv-ves"
external_cert_cert_type: "JKS"
external_cert_use_external_tls: false
diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs-tls.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs-tls.yaml
index e09e37dd31..c284612c79 100644
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs-tls.yaml
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs-tls.yaml
@@ -40,6 +40,6 @@ ves_3gpp_performance_assurance_publish_url: "http://{{ .Values.config.address.me
user_list: "sample1,$2a$10$0buh.2WeYwN868YMwnNNEuNEAMNYVU9.FSMJGyIKV3dGET/7oGOi6|demouser,$2a$10$1cc.COcqV/d3iT2N7BjPG.S6ZKv2jpb9a5MV.o7lMih/GpjJRX.Ce"
external_cert_ca_name: "RA"
external_cert_common_name: "dcae-ves-collector"
-external_cert_sans: "dcae-ves-collector:ves-collector:ves"
+external_cert_sans: "dcae-ves-collector,ves-collector,ves"
external_cert_cert_type: "JKS"
external_cert_use_external_tls: false
diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
index 668dcc7e18..a3bff07fb2 100644
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
@@ -103,7 +103,7 @@ mongo:
disableNfsProvisioner: true
# application image
-image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:2.1.8
+image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:2.2.1
default_k8s_location: central
# DCAE component images to be deployed via Cloudify Manager
@@ -115,7 +115,7 @@ componentImages:
ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.7.9
snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0
prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.5.4
- hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.5.0
+ hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.5.1
# Resource Limit flavor -By Default using small
flavor: small
diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml
index fd4e1217c4..c13d3cebe6 100644
--- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml
@@ -49,7 +49,7 @@ config:
# Application configuration defaults.
#################################################################
# application image
-image: onap/org.onap.dcaegen2.deployments.cm-container:3.3.4
+image: onap/org.onap.dcaegen2.deployments.cm-container:3.4.1
pullPolicy: Always
# name of shared ConfigMap with kubeconfig for multiple clusters
diff --git a/kubernetes/log/components/log-elasticsearch/templates/deployment.yaml b/kubernetes/log/components/log-elasticsearch/templates/deployment.yaml
index 6a0e6d2e3d..b778af8564 100644
--- a/kubernetes/log/components/log-elasticsearch/templates/deployment.yaml
+++ b/kubernetes/log/components/log-elasticsearch/templates/deployment.yaml
@@ -26,6 +26,9 @@ metadata:
release: {{ include "common.release" . }}
heritage: {{ .Release.Service }}
spec:
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
replicas: {{ .Values.replicaCount }}
template:
metadata:
diff --git a/kubernetes/log/components/log-kibana/templates/deployment.yaml b/kubernetes/log/components/log-kibana/templates/deployment.yaml
index a1824d2509..5e3dc98f84 100644
--- a/kubernetes/log/components/log-kibana/templates/deployment.yaml
+++ b/kubernetes/log/components/log-kibana/templates/deployment.yaml
@@ -26,6 +26,9 @@ metadata:
release: {{ include "common.release" . }}
heritage: {{ .Release.Service }}
spec:
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
replicas: {{ .Values.replicaCount }}
template:
metadata:
diff --git a/kubernetes/log/components/log-logstash/templates/deployment.yaml b/kubernetes/log/components/log-logstash/templates/deployment.yaml
index 566c7a3b10..92817fac88 100644
--- a/kubernetes/log/components/log-logstash/templates/deployment.yaml
+++ b/kubernetes/log/components/log-logstash/templates/deployment.yaml
@@ -26,6 +26,9 @@ metadata:
release: {{ include "common.release" . }}
heritage: {{ .Release.Service }}
spec:
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
replicas: {{ .Values.replicaCount }}
template:
metadata:
diff --git a/kubernetes/msb/Makefile b/kubernetes/msb/Makefile
new file mode 100644
index 0000000000..4c79718d02
--- /dev/null
+++ b/kubernetes/msb/Makefile
@@ -0,0 +1,51 @@
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+OUTPUT_DIR := $(ROOT_DIR)/../dist
+PACKAGE_DIR := $(OUTPUT_DIR)/packages
+SECRET_DIR := $(OUTPUT_DIR)/secrets
+
+EXCLUDES := dist resources templates charts docker
+HELM_BIN := helm
+HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+
+.PHONY: $(EXCLUDES) $(HELM_CHARTS)
+
+all: $(HELM_CHARTS)
+
+$(HELM_CHARTS):
+ @echo "\n[$@]"
+ @make package-$@
+
+make-%:
+ @if [ -f $*/Makefile ]; then make -C $*; fi
+
+dep-%: make-%
+ @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi
+
+lint-%: dep-%
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi
+
+package-%: lint-%
+ @mkdir -p $(PACKAGE_DIR)
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi
+ @$(HELM_BIN) repo index $(PACKAGE_DIR)
+
+clean:
+ @rm -f */requirements.lock
+ @rm -f *tgz */charts/*tgz
+ @rm -rf $(PACKAGE_DIR)
+%:
+ @:
diff --git a/kubernetes/msb/charts/msb-iag/requirements.yaml b/kubernetes/msb/charts/msb-iag/requirements.yaml
deleted file mode 100644
index 6cc26cd239..0000000000
--- a/kubernetes/msb/charts/msb-iag/requirements.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-# Copyright © 2018 Amdocs, Bell Canada , ZTE
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-dependencies:
- - name: common
- version: ~7.x-0
- repository: '@local'
diff --git a/kubernetes/msb/components/Makefile b/kubernetes/msb/components/Makefile
new file mode 100644
index 0000000000..bf267b7720
--- /dev/null
+++ b/kubernetes/msb/components/Makefile
@@ -0,0 +1,51 @@
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+OUTPUT_DIR := $(ROOT_DIR)/../../dist
+PACKAGE_DIR := $(OUTPUT_DIR)/packages
+SECRET_DIR := $(OUTPUT_DIR)/secrets
+
+EXCLUDES :=
+HELM_BIN := helm
+HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+
+.PHONY: $(EXCLUDES) $(HELM_CHARTS)
+
+all: $(HELM_CHARTS)
+
+$(HELM_CHARTS):
+ @echo "\n[$@]"
+ @make package-$@
+
+make-%:
+ @if [ -f $*/Makefile ]; then make -C $*; fi
+
+dep-%: make-%
+ @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi
+
+lint-%: dep-%
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi
+
+package-%: lint-%
+ @mkdir -p $(PACKAGE_DIR)
+ @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi
+ @$(HELM_BIN) repo index $(PACKAGE_DIR)
+
+clean:
+ @rm -f */requirements.lock
+ @rm -f *tgz */charts/*tgz
+ @rm -rf $(PACKAGE_DIR)
+%:
+ @:
diff --git a/kubernetes/msb/charts/kube2msb/.helmignore b/kubernetes/msb/components/kube2msb/.helmignore
index f0c1319444..f0c1319444 100644
--- a/kubernetes/msb/charts/kube2msb/.helmignore
+++ b/kubernetes/msb/components/kube2msb/.helmignore
diff --git a/kubernetes/msb/charts/kube2msb/Chart.yaml b/kubernetes/msb/components/kube2msb/Chart.yaml
index 10c9818098..10c9818098 100644
--- a/kubernetes/msb/charts/kube2msb/Chart.yaml
+++ b/kubernetes/msb/components/kube2msb/Chart.yaml
diff --git a/kubernetes/msb/charts/msb-eag/requirements.yaml b/kubernetes/msb/components/kube2msb/requirements.yaml
index 6cc26cd239..467a52ab21 100644
--- a/kubernetes/msb/charts/msb-eag/requirements.yaml
+++ b/kubernetes/msb/components/kube2msb/requirements.yaml
@@ -15,3 +15,6 @@ dependencies:
- name: common
version: ~7.x-0
repository: '@local'
+ - name: repositoryGenerator
+ version: ~7.x-0
+ repository: '@local'
diff --git a/kubernetes/msb/charts/kube2msb/templates/deployment.yaml b/kubernetes/msb/components/kube2msb/templates/deployment.yaml
index 3d0dcd63ba..ed99deea43 100644
--- a/kubernetes/msb/charts/kube2msb/templates/deployment.yaml
+++ b/kubernetes/msb/components/kube2msb/templates/deployment.yaml
@@ -49,12 +49,12 @@ spec:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
+ image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-readiness
containers:
- name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
env:
- name: KUBE_MASTER_URL
diff --git a/kubernetes/msb/charts/kube2msb/values.yaml b/kubernetes/msb/components/kube2msb/values.yaml
index 3c67227873..d2a0a15f49 100644
--- a/kubernetes/msb/charts/kube2msb/values.yaml
+++ b/kubernetes/msb/components/kube2msb/values.yaml
@@ -16,13 +16,11 @@
#################################################################
global:
nodePortPrefix: 302
- readinessImage: onap/oom/readiness:3.0.1
#################################################################
# Application configuration defaults.
#################################################################
# application image
-repository: nexus3.onap.org:10001
image: onap/oom/kube2msb:1.2.6
pullPolicy: Always
istioSidecar: true
diff --git a/kubernetes/msb/charts/msb-consul/.helmignore b/kubernetes/msb/components/msb-consul/.helmignore
index f0c1319444..f0c1319444 100644
--- a/kubernetes/msb/charts/msb-consul/.helmignore
+++ b/kubernetes/msb/components/msb-consul/.helmignore
diff --git a/kubernetes/msb/charts/msb-consul/Chart.yaml b/kubernetes/msb/components/msb-consul/Chart.yaml
index fc4f22463b..fc4f22463b 100644
--- a/kubernetes/msb/charts/msb-consul/Chart.yaml
+++ b/kubernetes/msb/components/msb-consul/Chart.yaml
diff --git a/kubernetes/msb/charts/msb-consul/requirements.yaml b/kubernetes/msb/components/msb-consul/requirements.yaml
index 6cc26cd239..467a52ab21 100644
--- a/kubernetes/msb/charts/msb-consul/requirements.yaml
+++ b/kubernetes/msb/components/msb-consul/requirements.yaml
@@ -15,3 +15,6 @@ dependencies:
- name: common
version: ~7.x-0
repository: '@local'
+ - name: repositoryGenerator
+ version: ~7.x-0
+ repository: '@local'
diff --git a/kubernetes/msb/charts/msb-consul/resources/docker-entrypoint.sh b/kubernetes/msb/components/msb-consul/resources/docker-entrypoint.sh
index 0cd46167e4..0cd46167e4 100755
--- a/kubernetes/msb/charts/msb-consul/resources/docker-entrypoint.sh
+++ b/kubernetes/msb/components/msb-consul/resources/docker-entrypoint.sh
diff --git a/kubernetes/msb/charts/msb-consul/templates/NOTES.txt b/kubernetes/msb/components/msb-consul/templates/NOTES.txt
index e0cea22074..e0cea22074 100644
--- a/kubernetes/msb/charts/msb-consul/templates/NOTES.txt
+++ b/kubernetes/msb/components/msb-consul/templates/NOTES.txt
diff --git a/kubernetes/msb/charts/msb-consul/templates/configmap.yaml b/kubernetes/msb/components/msb-consul/templates/configmap.yaml
index 32adcaec5f..32adcaec5f 100644
--- a/kubernetes/msb/charts/msb-consul/templates/configmap.yaml
+++ b/kubernetes/msb/components/msb-consul/templates/configmap.yaml
diff --git a/kubernetes/msb/charts/msb-consul/templates/deployment.yaml b/kubernetes/msb/components/msb-consul/templates/deployment.yaml
index c7472cca72..97dd1781f2 100644
--- a/kubernetes/msb/charts/msb-consul/templates/deployment.yaml
+++ b/kubernetes/msb/components/msb-consul/templates/deployment.yaml
@@ -39,7 +39,7 @@ spec:
serviceAccountName: msb
containers:
- name: {{ include "common.name" . }}
- image: "{{ .Values.global.dockerHubRepository | default .Values.dockerHubRepository }}/{{ .Values.image }}"
+ image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
securityContext:
runAsUser: {{ .Values.securityContext.runAsUser }}
diff --git a/kubernetes/msb/charts/msb-consul/templates/ingress.yaml b/kubernetes/msb/components/msb-consul/templates/ingress.yaml
index 8f87c68f1e..8f87c68f1e 100644
--- a/kubernetes/msb/charts/msb-consul/templates/ingress.yaml
+++ b/kubernetes/msb/components/msb-consul/templates/ingress.yaml
diff --git a/kubernetes/msb/charts/msb-consul/templates/service.yaml b/kubernetes/msb/components/msb-consul/templates/service.yaml
index af735b6e74..af735b6e74 100644
--- a/kubernetes/msb/charts/msb-consul/templates/service.yaml
+++ b/kubernetes/msb/components/msb-consul/templates/service.yaml
diff --git a/kubernetes/msb/charts/msb-consul/values.yaml b/kubernetes/msb/components/msb-consul/values.yaml
index 4704f3b24d..1c7fa38171 100644
--- a/kubernetes/msb/charts/msb-consul/values.yaml
+++ b/kubernetes/msb/components/msb-consul/values.yaml
@@ -21,7 +21,6 @@ global:
# Application configuration defaults.
#################################################################
# application image
-dockerHubRepository: docker.io
image: library/consul:1.4.3
pullPolicy: Always
istioSidecar: true
diff --git a/kubernetes/msb/charts/msb-discovery/.helmignore b/kubernetes/msb/components/msb-discovery/.helmignore
index f0c1319444..f0c1319444 100644
--- a/kubernetes/msb/charts/msb-discovery/.helmignore
+++ b/kubernetes/msb/components/msb-discovery/.helmignore
diff --git a/kubernetes/msb/charts/msb-discovery/Chart.yaml b/kubernetes/msb/components/msb-discovery/Chart.yaml
index 527af56f06..527af56f06 100644
--- a/kubernetes/msb/charts/msb-discovery/Chart.yaml
+++ b/kubernetes/msb/components/msb-discovery/Chart.yaml
diff --git a/kubernetes/msb/components/msb-discovery/requirements.yaml b/kubernetes/msb/components/msb-discovery/requirements.yaml
new file mode 100644
index 0000000000..467a52ab21
--- /dev/null
+++ b/kubernetes/msb/components/msb-discovery/requirements.yaml
@@ -0,0 +1,20 @@
+# Copyright © 2018 Amdocs, Bell Canada , ZTE
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+dependencies:
+ - name: common
+ version: ~7.x-0
+ repository: '@local'
+ - name: repositoryGenerator
+ version: ~7.x-0
+ repository: '@local'
diff --git a/kubernetes/msb/charts/msb-discovery/resources/config/logback.xml b/kubernetes/msb/components/msb-discovery/resources/config/logback.xml
index 3781d96328..3781d96328 100644
--- a/kubernetes/msb/charts/msb-discovery/resources/config/logback.xml
+++ b/kubernetes/msb/components/msb-discovery/resources/config/logback.xml
diff --git a/kubernetes/msb/charts/msb-discovery/templates/NOTES.txt b/kubernetes/msb/components/msb-discovery/templates/NOTES.txt
index e0cea22074..e0cea22074 100644
--- a/kubernetes/msb/charts/msb-discovery/templates/NOTES.txt
+++ b/kubernetes/msb/components/msb-discovery/templates/NOTES.txt
diff --git a/kubernetes/msb/charts/msb-discovery/templates/configmap.yaml b/kubernetes/msb/components/msb-discovery/templates/configmap.yaml
index 33c77e5eae..33c77e5eae 100644
--- a/kubernetes/msb/charts/msb-discovery/templates/configmap.yaml
+++ b/kubernetes/msb/components/msb-discovery/templates/configmap.yaml
diff --git a/kubernetes/msb/charts/msb-discovery/templates/deployment.yaml b/kubernetes/msb/components/msb-discovery/templates/deployment.yaml
index bcb9da55a1..e5e5f9eb0f 100644
--- a/kubernetes/msb/charts/msb-discovery/templates/deployment.yaml
+++ b/kubernetes/msb/components/msb-discovery/templates/deployment.yaml
@@ -49,12 +49,12 @@ spec:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
+ image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-readiness
containers:
- name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
- containerPort: {{ .Values.service.internalPort }}
@@ -94,7 +94,7 @@ spec:
# Filebeat sidecar container
- name: {{ include "common.name" . }}-filebeat-onap
- image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ image: {{ include "repositoryGenerator.image.logging" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
volumeMounts:
- name: {{ include "common.fullname" . }}-filebeat-conf
diff --git a/kubernetes/msb/charts/msb-discovery/templates/ingress.yaml b/kubernetes/msb/components/msb-discovery/templates/ingress.yaml
index 8f87c68f1e..8f87c68f1e 100644
--- a/kubernetes/msb/charts/msb-discovery/templates/ingress.yaml
+++ b/kubernetes/msb/components/msb-discovery/templates/ingress.yaml
diff --git a/kubernetes/msb/charts/msb-discovery/templates/service.yaml b/kubernetes/msb/components/msb-discovery/templates/service.yaml
index af735b6e74..af735b6e74 100644
--- a/kubernetes/msb/charts/msb-discovery/templates/service.yaml
+++ b/kubernetes/msb/components/msb-discovery/templates/service.yaml
diff --git a/kubernetes/msb/charts/msb-discovery/values.yaml b/kubernetes/msb/components/msb-discovery/values.yaml
index 4ac27a8f9d..994e84b722 100644
--- a/kubernetes/msb/charts/msb-discovery/values.yaml
+++ b/kubernetes/msb/components/msb-discovery/values.yaml
@@ -16,13 +16,11 @@
#################################################################
global:
nodePortPrefix: 302
- readinessImage: onap/oom/readiness:3.0.1
#################################################################
# Application configuration defaults.
#################################################################
# application image
-repository: nexus3.onap.org:10001
image: onap/msb/msb_discovery:1.2.6
pullPolicy: Always
istioSidecar: true
diff --git a/kubernetes/msb/charts/msb-eag/.helmignore b/kubernetes/msb/components/msb-eag/.helmignore
index f0c1319444..f0c1319444 100644
--- a/kubernetes/msb/charts/msb-eag/.helmignore
+++ b/kubernetes/msb/components/msb-eag/.helmignore
diff --git a/kubernetes/msb/charts/msb-eag/Chart.yaml b/kubernetes/msb/components/msb-eag/Chart.yaml
index c1843627a8..c1843627a8 100644
--- a/kubernetes/msb/charts/msb-eag/Chart.yaml
+++ b/kubernetes/msb/components/msb-eag/Chart.yaml
diff --git a/kubernetes/msb/charts/msb-discovery/requirements.yaml b/kubernetes/msb/components/msb-eag/requirements.yaml
index 6cc26cd239..c59eb6fdf9 100644
--- a/kubernetes/msb/charts/msb-discovery/requirements.yaml
+++ b/kubernetes/msb/components/msb-eag/requirements.yaml
@@ -15,3 +15,6 @@ dependencies:
- name: common
version: ~7.x-0
repository: '@local'
+ - name: repositoryGenerator
+ version: ~7.x-0
+ repository: '@local' \ No newline at end of file
diff --git a/kubernetes/msb/charts/msb-eag/resources/config/log/logback.xml b/kubernetes/msb/components/msb-eag/resources/config/log/logback.xml
index 680cb7357a..680cb7357a 100644
--- a/kubernetes/msb/charts/msb-eag/resources/config/log/logback.xml
+++ b/kubernetes/msb/components/msb-eag/resources/config/log/logback.xml
diff --git a/kubernetes/msb/charts/msb-eag/resources/config/logback.xml b/kubernetes/msb/components/msb-eag/resources/config/logback.xml
index 6dc4443d6e..6dc4443d6e 100644
--- a/kubernetes/msb/charts/msb-eag/resources/config/logback.xml
+++ b/kubernetes/msb/components/msb-eag/resources/config/logback.xml
diff --git a/kubernetes/msb/charts/msb-eag/templates/NOTES.txt b/kubernetes/msb/components/msb-eag/templates/NOTES.txt
index e0cea22074..e0cea22074 100644
--- a/kubernetes/msb/charts/msb-eag/templates/NOTES.txt
+++ b/kubernetes/msb/components/msb-eag/templates/NOTES.txt
diff --git a/kubernetes/msb/charts/msb-eag/templates/configmap.yaml b/kubernetes/msb/components/msb-eag/templates/configmap.yaml
index 33c77e5eae..33c77e5eae 100644
--- a/kubernetes/msb/charts/msb-eag/templates/configmap.yaml
+++ b/kubernetes/msb/components/msb-eag/templates/configmap.yaml
diff --git a/kubernetes/msb/charts/msb-eag/templates/deployment.yaml b/kubernetes/msb/components/msb-eag/templates/deployment.yaml
index 8ce19fb304..36cb13dc52 100644
--- a/kubernetes/msb/charts/msb-eag/templates/deployment.yaml
+++ b/kubernetes/msb/components/msb-eag/templates/deployment.yaml
@@ -49,12 +49,12 @@ spec:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
+ image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-readiness
containers:
- name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
- containerPort: {{ .Values.service.internalPort }}
@@ -108,7 +108,7 @@ spec:
{{- end }}
# side car containers
- name: filebeat-onap
- image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ image: {{ include "repositoryGenerator.image.logging" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
volumeMounts:
- name: {{ include "common.fullname" . }}-filebeat-conf
diff --git a/kubernetes/msb/charts/msb-eag/templates/ingress.yaml b/kubernetes/msb/components/msb-eag/templates/ingress.yaml
index 8f87c68f1e..8f87c68f1e 100644
--- a/kubernetes/msb/charts/msb-eag/templates/ingress.yaml
+++ b/kubernetes/msb/components/msb-eag/templates/ingress.yaml
diff --git a/kubernetes/msb/charts/msb-eag/templates/service.yaml b/kubernetes/msb/components/msb-eag/templates/service.yaml
index e8e3a8a947..e8e3a8a947 100644
--- a/kubernetes/msb/charts/msb-eag/templates/service.yaml
+++ b/kubernetes/msb/components/msb-eag/templates/service.yaml
diff --git a/kubernetes/msb/charts/msb-eag/values.yaml b/kubernetes/msb/components/msb-eag/values.yaml
index f63964cd15..b8813b8f1a 100644
--- a/kubernetes/msb/charts/msb-eag/values.yaml
+++ b/kubernetes/msb/components/msb-eag/values.yaml
@@ -16,13 +16,11 @@
#################################################################
global:
nodePortPrefix: 302
- readinessImage: onap/oom/readiness:3.0.1
#################################################################
# Application configuration defaults.
#################################################################
# application image
-repository: nexus3.onap.org:10001
image: onap/msb/msb_apigateway:1.2.7
pullPolicy: Always
istioSidecar: true
diff --git a/kubernetes/msb/charts/msb-iag/.helmignore b/kubernetes/msb/components/msb-iag/.helmignore
index f0c1319444..f0c1319444 100644
--- a/kubernetes/msb/charts/msb-iag/.helmignore
+++ b/kubernetes/msb/components/msb-iag/.helmignore
diff --git a/kubernetes/msb/charts/msb-iag/Chart.yaml b/kubernetes/msb/components/msb-iag/Chart.yaml
index 9b8d56c3a3..9b8d56c3a3 100644
--- a/kubernetes/msb/charts/msb-iag/Chart.yaml
+++ b/kubernetes/msb/components/msb-iag/Chart.yaml
diff --git a/kubernetes/msb/components/msb-iag/requirements.yaml b/kubernetes/msb/components/msb-iag/requirements.yaml
new file mode 100644
index 0000000000..467a52ab21
--- /dev/null
+++ b/kubernetes/msb/components/msb-iag/requirements.yaml
@@ -0,0 +1,20 @@
+# Copyright © 2018 Amdocs, Bell Canada , ZTE
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+dependencies:
+ - name: common
+ version: ~7.x-0
+ repository: '@local'
+ - name: repositoryGenerator
+ version: ~7.x-0
+ repository: '@local'
diff --git a/kubernetes/msb/charts/msb-iag/resources/config/log/logback.xml b/kubernetes/msb/components/msb-iag/resources/config/log/logback.xml
index 680cb7357a..680cb7357a 100644
--- a/kubernetes/msb/charts/msb-iag/resources/config/log/logback.xml
+++ b/kubernetes/msb/components/msb-iag/resources/config/log/logback.xml
diff --git a/kubernetes/msb/charts/msb-iag/resources/config/logback.xml b/kubernetes/msb/components/msb-iag/resources/config/logback.xml
index 65ff43485a..65ff43485a 100644
--- a/kubernetes/msb/charts/msb-iag/resources/config/logback.xml
+++ b/kubernetes/msb/components/msb-iag/resources/config/logback.xml
diff --git a/kubernetes/msb/charts/msb-iag/templates/NOTES.txt b/kubernetes/msb/components/msb-iag/templates/NOTES.txt
index e0cea22074..e0cea22074 100644
--- a/kubernetes/msb/charts/msb-iag/templates/NOTES.txt
+++ b/kubernetes/msb/components/msb-iag/templates/NOTES.txt
diff --git a/kubernetes/msb/charts/msb-iag/templates/configmap.yaml b/kubernetes/msb/components/msb-iag/templates/configmap.yaml
index 33c77e5eae..33c77e5eae 100644
--- a/kubernetes/msb/charts/msb-iag/templates/configmap.yaml
+++ b/kubernetes/msb/components/msb-iag/templates/configmap.yaml
diff --git a/kubernetes/msb/charts/msb-iag/templates/deployment.yaml b/kubernetes/msb/components/msb-iag/templates/deployment.yaml
index 42f36cd279..00dc6b69b3 100644
--- a/kubernetes/msb/charts/msb-iag/templates/deployment.yaml
+++ b/kubernetes/msb/components/msb-iag/templates/deployment.yaml
@@ -49,12 +49,12 @@ spec:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
+ image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-readiness
containers:
- name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
- containerPort: {{ .Values.service.internalPort }}
@@ -108,7 +108,7 @@ spec:
{{- end }}
# side car containers
- name: filebeat-onap
- image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ image: {{ include "repositoryGenerator.image.logging" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
volumeMounts:
- name: {{ include "common.fullname" . }}-filebeat-conf
diff --git a/kubernetes/msb/charts/msb-iag/templates/ingress.yaml b/kubernetes/msb/components/msb-iag/templates/ingress.yaml
index 8f87c68f1e..8f87c68f1e 100644
--- a/kubernetes/msb/charts/msb-iag/templates/ingress.yaml
+++ b/kubernetes/msb/components/msb-iag/templates/ingress.yaml
diff --git a/kubernetes/msb/charts/msb-iag/templates/service.yaml b/kubernetes/msb/components/msb-iag/templates/service.yaml
index e8e3a8a947..e8e3a8a947 100644
--- a/kubernetes/msb/charts/msb-iag/templates/service.yaml
+++ b/kubernetes/msb/components/msb-iag/templates/service.yaml
diff --git a/kubernetes/msb/charts/msb-iag/values.yaml b/kubernetes/msb/components/msb-iag/values.yaml
index b1f19c9448..b91ddcae1b 100644
--- a/kubernetes/msb/charts/msb-iag/values.yaml
+++ b/kubernetes/msb/components/msb-iag/values.yaml
@@ -16,13 +16,11 @@
#################################################################
global:
nodePortPrefix: 302
- readinessImage: onap/oom/readiness:3.0.1
#################################################################
# Application configuration defaults.
#################################################################
# application image
-repository: nexus3.onap.org:10001
image: onap/msb/msb_apigateway:1.2.7
pullPolicy: Always
istioSidecar: true
diff --git a/kubernetes/msb/requirements.yaml b/kubernetes/msb/requirements.yaml
index 6cc26cd239..c52bec4944 100644
--- a/kubernetes/msb/requirements.yaml
+++ b/kubernetes/msb/requirements.yaml
@@ -15,3 +15,21 @@ dependencies:
- name: common
version: ~7.x-0
repository: '@local'
+ - name: repositoryGenerator
+ version: ~7.x-0
+ repository: '@local'
+ - name: kube2msb
+ version: ~7.x-0
+ repository: 'file://components/kube2msb'
+ - name: msb-consul
+ version: ~7.x-0
+ repository: 'file://components/msb-consul'
+ - name: msb-discovery
+ version: ~7.x-0
+ repository: 'file://components/msb-discovery'
+ - name: msb-eag
+ version: ~7.x-0
+ repository: 'file://components/msb-eag'
+ - name: msb-iag
+ version: ~7.x-0
+ repository: 'file://components/msb-iag' \ No newline at end of file
diff --git a/kubernetes/msb/values.yaml b/kubernetes/msb/values.yaml
index 27fc008a5a..739fcea9d2 100644
--- a/kubernetes/msb/values.yaml
+++ b/kubernetes/msb/values.yaml
@@ -18,8 +18,6 @@
#################################################################
global:
nodePortPrefix: 302
- loggingRepository: docker.elastic.co
- loggingImage: beats/filebeat:5.5.0
# application configuration
config:
diff --git a/kubernetes/onap/Chart.yaml b/kubernetes/onap/Chart.yaml
index a9be436ae5..fceda43e73 100644
--- a/kubernetes/onap/Chart.yaml
+++ b/kubernetes/onap/Chart.yaml
@@ -15,7 +15,7 @@
apiVersion: v1
name: onap
version: 7.0.0
-appVersion: Frankfurt
+appVersion: Guilin
description: Open Network Automation Platform (ONAP)
home: https://www.onap.org/
sources:
diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml
index 3c8b1e9d90..5b29afc194 100755
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -164,7 +164,7 @@ global:
cmpv2Enabled: true
platform:
certServiceClient:
- image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.1.0
+ image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.1
secret:
name: oom-cert-service-client-tls-secret
mountPath: /etc/onap/oom/certservice/certs/
diff --git a/kubernetes/platform/components/cmpv2-cert-provider/.helmignore b/kubernetes/platform/components/cmpv2-cert-provider/.helmignore
new file mode 100644
index 0000000000..50af031725
--- /dev/null
+++ b/kubernetes/platform/components/cmpv2-cert-provider/.helmignore
@@ -0,0 +1,22 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/kubernetes/platform/components/cmpv2-cert-provider/Chart.yaml b/kubernetes/platform/components/cmpv2-cert-provider/Chart.yaml
new file mode 100644
index 0000000000..38446f1bfa
--- /dev/null
+++ b/kubernetes/platform/components/cmpv2-cert-provider/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2020 Nokia
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP CMPv2 certificate external provider for cert-manager
+name: cmpv2-cert-provider
+version: 7.0.0
diff --git a/kubernetes/platform/components/cmpv2-cert-provider/crds/cmpv2issuer.yaml b/kubernetes/platform/components/cmpv2-cert-provider/crds/cmpv2issuer.yaml
new file mode 100644
index 0000000000..0bc24afe86
--- /dev/null
+++ b/kubernetes/platform/components/cmpv2-cert-provider/crds/cmpv2issuer.yaml
@@ -0,0 +1,138 @@
+# ============LICENSE_START=======================================================
+# Copyright (c) 2020 Nokia
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ name: cmpv2issuers.certmanager.onap.org
+spec:
+ group: certmanager.onap.org
+ names:
+ kind: CMPv2Issuer
+ listKind: CMPv2IssuerList
+ plural: cmpv2issuers
+ singular: cmpv2issuer
+ scope: Namespaced
+ versions:
+ - name: v1
+ served: true
+ storage: true
+ schema:
+ openAPIV3Schema:
+ description: CMPv2Issuer is the Schema for the cmpv2issuers API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/cmpv2api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/cmpv2api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: CMPv2IssuerSpec defines the desired state of CMPv2Issuer
+ properties:
+ url:
+ description: URL to CertService API.
+ type: string
+ healthEndpoint:
+ description: Path of health check endpoint.
+ type: string
+ certEndpoint:
+ description: Path of cerfificate signing enpoint.
+ type: string
+ caName:
+ description: Name of the external CA server configured on CertService API side.
+ type: string
+ certSecretRef:
+ description: Reference to K8s secret which contains certificate, private key and CA certificate
+ needed to connect to CertService API (which requires client certificate authentication)
+ properties:
+ name:
+ description: The name of K8s secret to select certificates from. Secret must be in the same
+ namespace as CMPv2Issuer.
+ type: string
+ keyRef:
+ description: The key of the secret to select private key from. Must be a
+ valid secret key.
+ type: string
+ certRef:
+ description: The key of the secret to select cert from. Must be a
+ valid secret key.
+ type: string
+ cacertRef:
+ description: The key of the secret to select cacert from. Must be a
+ valid secret key.
+ type: string
+ required:
+ - name
+ - keyRef
+ - certRef
+ - cacertRef
+ type: object
+ required:
+ - url
+ - healthEndpoint
+ - certEndpoint
+ - caName
+ - certSecretRef
+ type: object
+ status:
+ description: CMPv2IssuerStatus defines the observed state of CMPv2Issuer
+ properties:
+ conditions:
+ items:
+ description: CMPv2IssuerCondition contains condition information for
+ the certservice issuer.
+ properties:
+ lastTransitionTime:
+ description: LastTransitionTime is the timestamp corresponding
+ to the last status change of this condition.
+ format: date-time
+ type: string
+ message:
+ description: Message is a human readable description of the details
+ of the last transition, complementing reason.
+ type: string
+ reason:
+ description: Reason is a brief machine readable explanation for
+ the condition's last transition.
+ type: string
+ status:
+ allOf:
+ - enum:
+ - "True"
+ - "False"
+ - Unknown
+ description: Status of the condition, one of ('True', 'False',
+ 'Unknown').
+ type: string
+ type:
+ description: Type of the condition, currently ('Ready').
+ enum:
+ - Ready
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ type: object
+ type: object
diff --git a/kubernetes/msb/charts/kube2msb/requirements.yaml b/kubernetes/platform/components/cmpv2-cert-provider/requirements.yaml
index 6cc26cd239..def35866d7 100644
--- a/kubernetes/msb/charts/kube2msb/requirements.yaml
+++ b/kubernetes/platform/components/cmpv2-cert-provider/requirements.yaml
@@ -1,5 +1,4 @@
-# Copyright © 2018 Amdocs, Bell Canada , ZTE
-#
+# Copyright © 2020 Nokia
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
@@ -11,7 +10,8 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-dependencies:
+
+ dependencies:
- name: common
version: ~7.x-0
repository: '@local'
diff --git a/kubernetes/platform/components/cmpv2-cert-provider/templates/configuration.yaml b/kubernetes/platform/components/cmpv2-cert-provider/templates/configuration.yaml
new file mode 100644
index 0000000000..9ba61a5f57
--- /dev/null
+++ b/kubernetes/platform/components/cmpv2-cert-provider/templates/configuration.yaml
@@ -0,0 +1,34 @@
+{{ if .Values.global.CMPv2CertManagerIntegration }}
+
+# ============LICENSE_START=======================================================
+# Copyright (c) 2020 Nokia
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: certmanager.onap.org/v1
+kind: CMPv2Issuer
+metadata:
+ name: {{ .Values.cmpv2issuer.name }}
+ namespace: {{ include "common.namespace" . }}
+spec:
+ url: {{ .Values.cmpv2issuer.url }}
+ healthEndpoint: {{ .Values.cmpv2issuer.healthcheckEndpoint }}
+ certEndpoint: {{ .Values.cmpv2issuer.certEndpoint }}
+ caName: {{ .Values.cmpv2issuer.caName }}
+ certSecretRef:
+ name: {{ .Values.cmpv2issuer.certSecretRef.name }}
+ keyRef: {{ .Values.cmpv2issuer.certSecretRef.keyRef }}
+ certRef: {{ .Values.cmpv2issuer.certSecretRef.certRef }}
+ cacertRef: {{ .Values.cmpv2issuer.certSecretRef.cacertRef }}
+{{ end }}
diff --git a/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml b/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml
new file mode 100644
index 0000000000..3f0027f1be
--- /dev/null
+++ b/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml
@@ -0,0 +1,71 @@
+{{ if .Values.global.CMPv2CertManagerIntegration }}
+
+# ============LICENSE_START=======================================================
+# Copyright (c) 2020 Nokia
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ labels:
+ control-plane: controller-manager
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ control-plane: controller-manager
+ template:
+ metadata:
+ labels:
+ control-plane: controller-manager
+ spec:
+ containers:
+ - name: {{ .Values.deploymentProxy.name }}
+ image: {{ .Values.deploymentProxy.image }}
+ imagePullPolicy: {{ .Values.deploymentProxy.pullPolicy }}
+ args:
+ - --secure-listen-address=0.0.0.0:8443
+ - --upstream=http://127.0.0.1:8080/
+ - --logtostderr=true
+ - --v=10
+ ports:
+ - containerPort: 8443
+ name: https
+ resources:
+ limits:
+ cpu: {{ .Values.deploymentProxy.resources.limits.cpu }}
+ memory: {{ .Values.deploymentProxy.resources.limits.memory }}
+ requests:
+ cpu: {{ .Values.deploymentProxy.resources.requests.cpu }}
+ memory: {{ .Values.deploymentProxy.resources.requests.memory }}
+ - name: provider
+ image: {{ .Values.global.repository }}{{if .Values.global.repository }}/{{ end }}{{ .Values.deployment.image }}
+ imagePullPolicy: {{ .Values.deployment.pullPolicy }}
+ command:
+ - /oom-certservice-cmpv2issuer
+ args:
+ - --metrics-addr=127.0.0.1:8080
+ - --log-level={{ .Values.deployment.logLevel }}
+ resources:
+ limits:
+ cpu: {{ .Values.deployment.resources.limits.cpu }}
+ memory: {{ .Values.deployment.resources.limits.memory }}
+ requests:
+ cpu: {{ .Values.deployment.resources.requests.cpu }}
+ memory: {{ .Values.deployment.resources.requests.memory }}
+ terminationGracePeriodSeconds: 10
+{{ end }}
diff --git a/kubernetes/platform/components/cmpv2-cert-provider/templates/roles.yaml b/kubernetes/platform/components/cmpv2-cert-provider/templates/roles.yaml
new file mode 100644
index 0000000000..add5622f41
--- /dev/null
+++ b/kubernetes/platform/components/cmpv2-cert-provider/templates/roles.yaml
@@ -0,0 +1,167 @@
+{{ if .Values.global.CMPv2CertManagerIntegration }}
+
+# ============LICENSE_START=======================================================
+# Copyright (c) 2020 Nokia
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ name: cmpv2-issuer-leader-election-role
+ namespace: {{ include "common.namespace" . }}
+rules:
+ - apiGroups:
+ - ""
+ resources:
+ - configmaps
+ verbs:
+ - get
+ - list
+ - watch
+ - create
+ - update
+ - patch
+ - delete
+ - apiGroups:
+ - ""
+ resources:
+ - configmaps/status
+ verbs:
+ - get
+ - update
+ - patch
+ - apiGroups:
+ - ""
+ resources:
+ - events
+ verbs:
+ - create
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ name: cmpv2-issuer-manager-role
+rules:
+ - apiGroups:
+ - ""
+ resources:
+ - events
+ verbs:
+ - create
+ - patch
+ - apiGroups:
+ - ""
+ resources:
+ - secrets
+ verbs:
+ - get
+ - list
+ - watch
+ - apiGroups:
+ - cert-manager.io
+ resources:
+ - certificaterequests
+ verbs:
+ - get
+ - list
+ - update
+ - watch
+ - apiGroups:
+ - cert-manager.io
+ resources:
+ - certificaterequests/status
+ verbs:
+ - get
+ - patch
+ - update
+ - apiGroups:
+ - certmanager.onap.org
+ resources:
+ - cmpv2issuers
+ verbs:
+ - create
+ - delete
+ - get
+ - list
+ - patch
+ - update
+ - watch
+ - apiGroups:
+ - certmanager.onap.org
+ resources:
+ - cmpv2issuers/status
+ verbs:
+ - get
+ - patch
+ - update
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ name: cmpv2-issuer-proxy-role
+rules:
+ - apiGroups:
+ - authentication.k8s.io
+ resources:
+ - tokenreviews
+ verbs:
+ - create
+ - apiGroups:
+ - authorization.k8s.io
+ resources:
+ - subjectaccessreviews
+ verbs:
+ - create
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+ name: cmpv2-issuer-leader-election-rolebinding
+ namespace: {{ include "common.namespace" . }}
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: cmpv2-issuer-leader-election-role
+subjects:
+ - kind: ServiceAccount
+ name: default
+ namespace: {{ include "common.namespace" . }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: cmpv2-issuer-manager-rolebinding
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: cmpv2-issuer-manager-role
+subjects:
+ - kind: ServiceAccount
+ name: default
+ namespace: {{ include "common.namespace" . }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: cmpv2-issuer-proxy-rolebinding
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: cmpv2-issuer-proxy-role
+subjects:
+ - kind: ServiceAccount
+ name: default
+ namespace: {{ include "common.namespace" . }}
+{{ end }}
diff --git a/kubernetes/platform/components/cmpv2-cert-provider/templates/service.yaml b/kubernetes/platform/components/cmpv2-cert-provider/templates/service.yaml
new file mode 100644
index 0000000000..152bd68ba6
--- /dev/null
+++ b/kubernetes/platform/components/cmpv2-cert-provider/templates/service.yaml
@@ -0,0 +1,38 @@
+{{ if .Values.global.CMPv2CertManagerIntegration }}
+
+# ============LICENSE_START=======================================================
+# Copyright (c) 2020 Nokia
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+apiVersion: v1
+kind: Service
+metadata:
+ annotations:
+ prometheus.io/port: "8443"
+ prometheus.io/scheme: https
+ prometheus.io/scrape: "true"
+ labels:
+ control-plane: controller-manager
+ name: {{ .Values.service.name }}
+ namespace: {{ include "common.namespace" . }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ - name: {{ .Values.service.ports.name }}
+ port: {{ .Values.service.ports.port }}
+ targetPort: {{ .Values.service.ports.targetPort }}
+ selector:
+ control-plane: controller-manager
+{{ end }}
diff --git a/kubernetes/platform/components/cmpv2-cert-provider/values.yaml b/kubernetes/platform/components/cmpv2-cert-provider/values.yaml
new file mode 100644
index 0000000000..5ea763a812
--- /dev/null
+++ b/kubernetes/platform/components/cmpv2-cert-provider/values.yaml
@@ -0,0 +1,79 @@
+# Copyright © 2020, Nokia
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Global
+global:
+ nodePortPrefix: 302
+ readinessImage: onap/oom/readiness:3.0.1
+ loggingRepository: docker.elastic.co
+ loggingImage: beats/filebeat:5.5.0
+ busyboxRepository: registry.hub.docker.com
+ busyboxImage: library/busybox:latest
+ repository: "nexus3.onap.org:10001"
+ CMPv2CertManagerIntegration: false
+
+namespace: onap
+
+# Service configuration
+service:
+ name: oom-certservice-cmpv2issuer-metrics-service
+ type: ClusterIP
+ ports:
+ name: https
+ port: 8443
+ targetPort: https
+
+# Deployment configuration
+deployment:
+ name: oom-certservice-cmpv2issuer
+ image: onap/org.onap.oom.platform.cert-service.oom-certservice-k8s-external-provider:2.3.0
+ proxyImage: gcr.io/kubebuilder/kube-rbac-proxy:v0.4.0
+ # fol local development use IfNotPresent
+ pullPolicy: Always
+ logLevel: debug
+ resources:
+ limits:
+ cpu: 250m
+ memory: 128Mi
+ requests:
+ cpu: 100m
+ memory: 64Mi
+deploymentProxy:
+ name: kube-rbac-proxy
+ image: gcr.io/kubebuilder/kube-rbac-proxy:v0.4.0
+ pullPolicy: IfNotPresent
+ resources:
+ limits:
+ cpu: 250m
+ memory: 128Mi
+ requests:
+ cpu: 50m
+ memory: 32Mi
+
+# CMPv2Issuer
+cmpv2issuer:
+ name: cmpv2-issuer-onap
+ url: https://oom-cert-service:8443
+ healthcheckEndpoint: actuator/health
+ certEndpoint: v1/certificate
+ caName: RA
+ certSecretRef:
+ name: cmpv2-issuer-secret
+ certRef: certServiceServer-cert.pem
+ keyRef: certServiceServer-key.pem
+ cacertRef: truststore.pem
+
+
+
+
diff --git a/kubernetes/platform/components/oom-cert-service/.gitignore b/kubernetes/platform/components/oom-cert-service/.gitignore
new file mode 100644
index 0000000000..d5e121c17d
--- /dev/null
+++ b/kubernetes/platform/components/oom-cert-service/.gitignore
@@ -0,0 +1,5 @@
+resources/*.jks
+resources/*.pem
+resources/*.p12
+resources/*.crt
+resources/*.csr
diff --git a/kubernetes/platform/components/oom-cert-service/.helmignore b/kubernetes/platform/components/oom-cert-service/.helmignore
index 50af031725..5d9272cd5d 100644
--- a/kubernetes/platform/components/oom-cert-service/.helmignore
+++ b/kubernetes/platform/components/oom-cert-service/.helmignore
@@ -20,3 +20,4 @@
.idea/
*.tmproj
.vscode/
+
diff --git a/kubernetes/platform/components/oom-cert-service/Makefile b/kubernetes/platform/components/oom-cert-service/Makefile
index 736a19fbd4..ea0cb8aae4 100644
--- a/kubernetes/platform/components/oom-cert-service/Makefile
+++ b/kubernetes/platform/components/oom-cert-service/Makefile
@@ -19,6 +19,10 @@ all: start_docker \
server_import_root_certificate \
server_convert_certificate_to_jks \
server_convert_certificate_to_p12 \
+ convert_truststore_to_p12 \
+ convert_truststore_to_pem \
+ server_export_certificate_to_pem \
+ server_export_key_to_pem \
clear_unused_files \
stop_docker
@@ -32,7 +36,7 @@ start_docker:
$(eval FULL_JAVA_IMAGE := $(REPOSITORY)/$(JAVA_IMAGE))
$(eval USERNAME :=$(shell id -u))
$(eval GROUP :=$(shell id -g))
- docker run --rm --name ${DOCKER_CONTAINER} --user "$(USERNAME):$(GROUP)" --mount type=bind,source=${CURRENT_DIR}/${CERTS_DIR},target=/app -w /app --entrypoint "sh" -td $(FULL_JAVA_IMAGE)
+ docker run --rm --name ${DOCKER_CONTAINER} --user "$(USERNAME):$(GROUP)" --mount type=bind,source=${CURRENT_DIR}/${CERTS_DIR},target=/certs -w /certs --entrypoint "sh" -td $(FULL_JAVA_IMAGE)
# Stops docker container for generating certificates. 'true' is used to return 0 status code, if container is already deleted
stop_docker:
@@ -46,7 +50,7 @@ clear_all:
#Clear certificates
clear_existing_certificates:
@echo "Clear certificates"
- ${DOCKER_EXEC} rm -f certServiceClient-keystore.jks certServiceServer-keystore.jks root.crt truststore.jks certServiceServer-keystore.p12
+ ${DOCKER_EXEC} rm -f certServiceClient-keystore.jks certServiceServer-keystore.jks root.crt truststore.jks certServiceServer-keystore.p12 truststore.pem certServiceServer-cert.pem certServiceServer-key.pem
@echo "#####done#####"
#Generate root private and public keys
@@ -146,8 +150,34 @@ server_convert_certificate_to_p12:
-destkeystore certServiceServer-keystore.p12 -deststoretype PKCS12 -deststorepass secret
@echo "#####done#####"
+#Convert truststore(.jks) to PCKS12 format(.p12)
+convert_truststore_to_p12:
+ @echo "Convert certServiceServer-keystore(.jks) to PCKS12 format(.p12)"
+ ${DOCKER_EXEC} keytool -importkeystore -srckeystore truststore.jks -srcstorepass secret \
+ -destkeystore truststore.p12 -deststoretype PKCS12 -deststorepass secret
+ @echo "#####done#####"
+
+#Convert truststore(.p12) to PEM format(.pem)
+convert_truststore_to_pem:
+ @echo "Convert certServiceServer-keystore(.p12) to PEM format(.pem)"
+ ${DOCKER_EXEC} openssl pkcs12 -nodes -in truststore.p12 -out truststore.pem -passin pass:secret
+ @echo "#####done#####"
+
+#Export certificates from certServiceServer-keystore(.p12) to PEM format(.pem)
+server_export_certificate_to_pem:
+ @echo "Export certificates from certServiceClient-keystore(.p12) to PEM format(.pem)"
+ ${DOCKER_EXEC} openssl pkcs12 -in certServiceServer-keystore.p12 -passin 'pass:secret' -nodes -nokeys -out certServiceServer-cert.pem
+ @echo "#####done#####"
+
+#Export keys from certServiceServer-keystore(.p12) to PEM format(.pem)
+server_export_key_to_pem:
+ @echo "Export keys from certServiceClient-keystore(.p12) to PEM format(.pem)"
+ ${DOCKER_EXEC} openssl pkcs12 -in certServiceServer-keystore.p12 -passin 'pass:secret' -nodes -nocerts -out certServiceServer-key.pem
+ @echo "#####done#####"
+
+
#Clear unused certificates
clear_unused_files:
@echo "Clear unused certificates"
- ${DOCKER_EXEC} rm -f certServiceClientByRoot.crt certServiceClient.csr root-keystore.jks certServiceServerByRoot.crt certServiceServer.csr
+ ${DOCKER_EXEC} rm -f certServiceClientByRoot.crt certServiceClient.csr root-keystore.jks certServiceServerByRoot.crt certServiceServer.csr truststore.p12
@echo "#####done#####"
diff --git a/kubernetes/platform/components/oom-cert-service/resources/default/cmpServers.json b/kubernetes/platform/components/oom-cert-service/resources/default/cmpServers.json
index 358f2a82c7..c6d76c1f57 100644
--- a/kubernetes/platform/components/oom-cert-service/resources/default/cmpServers.json
+++ b/kubernetes/platform/components/oom-cert-service/resources/default/cmpServers.json
@@ -1,3 +1,3 @@
{
"cmpv2Servers": []
-} \ No newline at end of file
+}
diff --git a/kubernetes/platform/components/oom-cert-service/templates/secret.yaml b/kubernetes/platform/components/oom-cert-service/templates/secret.yaml
index 280922a014..2d47e6f57c 100644
--- a/kubernetes/platform/components/oom-cert-service/templates/secret.yaml
+++ b/kubernetes/platform/components/oom-cert-service/templates/secret.yaml
@@ -53,4 +53,17 @@ data:
{{ (.Files.Glob "resources/truststore.jks").AsSecrets }}
root.crt:
{{ (.Files.Glob "resources/root.crt").AsSecrets }}
-{{ end -}} \ No newline at end of file
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ .Values.tls.provider.secret.name }}
+type: Opaque
+data:
+ certServiceServer-key.pem:
+ {{ (.Files.Glob "resources/certServiceServer-key.pem").AsSecrets }}
+ certServiceServer-cert.pem:
+ {{ (.Files.Glob "resources/certServiceServer-cert.pem").AsSecrets }}
+ truststore.pem:
+ {{ (.Files.Glob "resources/truststore.pem").AsSecrets }}
+{{ end -}}
diff --git a/kubernetes/platform/components/oom-cert-service/values.yaml b/kubernetes/platform/components/oom-cert-service/values.yaml
index ee51ec7a7d..bd415c06b1 100644
--- a/kubernetes/platform/components/oom-cert-service/values.yaml
+++ b/kubernetes/platform/components/oom-cert-service/values.yaml
@@ -34,11 +34,11 @@ service:
port_protocol: http
# Certificates generation configuration
-certificateGenerationImage: onap/integration-java11:7.1.0
+certificateGenerationImage: onap/integration-java11:7.2.0
# Deployment configuration
repository: "nexus3.onap.org:10001"
-image: onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.1.0
+image: onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.3.1
pullPolicy: Always
replicaCount: 1
@@ -88,14 +88,19 @@ tls:
client:
secret:
defaultName: oom-cert-service-client-tls-secret
+ provider:
+ secret:
+ name: cmpv2-issuer-secret
envs:
keystore:
jksName: certServiceServer-keystore.jks
p12Name: certServiceServer-keystore.p12
+ pemName: certServiceServer-keystore.pem
truststore:
jksName: truststore.jks
crtName: root.crt
+ pemName: truststore.pem
httpsPort: 8443
# External secrets with credentials can be provided to override default credentials defined below,
diff --git a/kubernetes/platform/requirements.yaml b/kubernetes/platform/requirements.yaml
index a7ff4de4e1..7ddef473db 100644
--- a/kubernetes/platform/requirements.yaml
+++ b/kubernetes/platform/requirements.yaml
@@ -18,4 +18,7 @@
dependencies:
- name: oom-cert-service
version: ~7.x-0
- repository: 'file://components/oom-cert-service' \ No newline at end of file
+ repository: 'file://components/oom-cert-service'
+ - name: cmpv2-cert-provider
+ version: ~7.x-0
+ repository: 'file://components/cmpv2-cert-provider'
diff --git a/kubernetes/robot b/kubernetes/robot
-Subproject 4b76d896522b113eff620a732a6ce7b363529f7
+Subproject 85b5af5058bbda19b557add185d917f60c2188e
diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml
index edac61b24e..7282f305c5 100644
--- a/kubernetes/sdnc/values.yaml
+++ b/kubernetes/sdnc/values.yaml
@@ -33,7 +33,7 @@ global:
cmpv2Enabled: true
platform:
certServiceClient:
- image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.1.0
+ image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.1
secret:
name: oom-cert-service-client-tls-secret
mountPath: /etc/onap/oom/certservice/certs/
diff --git a/kubernetes/so/components/soHelpers/templates/_certificates.tpl b/kubernetes/so/components/soHelpers/templates/_certificates.tpl
index 66497e1afa..cc22dc97c3 100644
--- a/kubernetes/so/components/soHelpers/templates/_certificates.tpl
+++ b/kubernetes/so/components/soHelpers/templates/_certificates.tpl
@@ -17,10 +17,19 @@
/certificates/msb-ca.crt -keystore \
"{{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }}" \
-storepass $cadi_truststore_password -noprompt
- keytool -importkeystore -srckeystore "{{ $subchartDot.Values.certInitializer.credsPath }}/truststoreONAPall.jks" \
- -srcstorepass {{ $subchartDot.Values.certInitializer.trustStoreAllPass }} \
- -destkeystore "{{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }}" \
- -deststorepass $cadi_truststore_password -noprompt
+ export EXIT_VALUE=$?
+ if [ "${EXIT_VALUE}" != "0" ]
+ then
+ echo "issue with password: $cadi_truststore_password"
+ exit $EXIT_VALUE
+ else
+ keytool -importkeystore -srckeystore "{{ $subchartDot.Values.certInitializer.credsPath }}/truststoreONAPall.jks" \
+ -srcstorepass {{ $subchartDot.Values.certInitializer.trustStoreAllPass }} \
+ -destkeystore "{{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }}" \
+ -deststorepass $cadi_truststore_password -noprompt
+ export EXIT_VALUE=$?
+ fi
+ exit $EXIT_VALUE
volumeMounts:
{{ include "common.certInitializer.volumeMount" $subchartDot | indent 2 | trim }}
- name: {{ include "common.name" $dot }}-msb-certificate
diff --git a/kubernetes/vid/requirements.yaml b/kubernetes/vid/requirements.yaml
index a3b349dda8..c6554cada2 100644
--- a/kubernetes/vid/requirements.yaml
+++ b/kubernetes/vid/requirements.yaml
@@ -27,4 +27,7 @@ dependencies:
version: ~7.x-0
repository: '@local'
condition: not global.mariadbGalera.localCluster
+ - name: repositoryGenerator
+ version: ~7.x-0
+ repository: '@local'
diff --git a/kubernetes/vid/templates/deployment.yaml b/kubernetes/vid/templates/deployment.yaml
index 41b0019cbe..856a853960 100644
--- a/kubernetes/vid/templates/deployment.yaml
+++ b/kubernetes/vid/templates/deployment.yaml
@@ -48,12 +48,12 @@ spec:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
+ image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-readiness
containers:
- name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
- containerPort: {{ .Values.service.internalPort }}
@@ -139,7 +139,7 @@ spec:
{{- end }}
# side car containers
- name: filebeat-onap
- image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ image: {{ include "repositoryGenerator.image.logging" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
volumeMounts:
- mountPath: /usr/share/filebeat/filebeat.yml
diff --git a/kubernetes/vid/values.yaml b/kubernetes/vid/values.yaml
index 93de57e4b3..47cd73aff2 100644
--- a/kubernetes/vid/values.yaml
+++ b/kubernetes/vid/values.yaml
@@ -18,9 +18,6 @@
# Declare variables to be passed into your templates.
global:
nodePortPrefix: 302
- readinessImage: onap/oom/readiness:3.0.1
- loggingRepository: docker.elastic.co
- loggingImage: beats/filebeat:5.5.0
mariadbGalera: &mariadbGalera
#This flag allows VID to instantiate its own mariadb-galera cluster
localCluster: false
@@ -43,7 +40,6 @@ subChartsOnly:
enabled: true
# application image
-repository: nexus3.onap.org:10001
image: onap/vid:7.0.0
pullPolicy: Always
@@ -70,8 +66,8 @@ config:
roleaccesscentralized: remote
mariadb-galera:
- # '&mariadbConfig' means we "store" the values for later use in the file
- # with '*mariadbConfig' pointer.
+ # '&mariadbConfig' means we "store" the values for later use in the file
+ # with '*mariadbConfig' pointer.
config: &mariadbConfig
userCredentialsExternalSecret: '{{ include "common.release" . }}-vid-db-user-secret'
mysqlDatabase: vid_openecomp_epsdk
@@ -127,11 +123,11 @@ service:
ingress:
enabled: false
service:
- - baseaddr: "vid.api"
- name: "vid-http"
- port: 8443
+ - baseaddr: "vid.api"
+ name: "vid-http"
+ port: 8443
config:
- ssl: "redirect"
+ ssl: "redirect"
# Resource Limit flavor -By Default using small
flavor: small