summaryrefslogtreecommitdiffstats
path: root/kubernetes
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes')
-rw-r--r--kubernetes/cps/components/cps-core/values.yaml4
-rw-r--r--kubernetes/cps/components/cps-temporal/values.yaml4
-rw-r--r--kubernetes/cps/components/ncmp-dmi-plugin/values.yaml4
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml2
-rw-r--r--kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/job.yaml4
-rw-r--r--kubernetes/msb/components/kube2msb/requirements.yaml1
-rw-r--r--kubernetes/msb/components/msb-consul/requirements.yaml3
-rw-r--r--kubernetes/msb/components/msb-consul/templates/deployment.yaml2
-rw-r--r--kubernetes/msb/components/msb-consul/values.yaml6
-rw-r--r--kubernetes/msb/components/msb-discovery/requirements.yaml3
-rw-r--r--kubernetes/msb/components/msb-discovery/templates/deployment.yaml2
-rw-r--r--kubernetes/msb/components/msb-discovery/values.yaml6
-rw-r--r--kubernetes/msb/components/msb-eag/requirements.yaml3
-rw-r--r--kubernetes/msb/components/msb-eag/templates/deployment.yaml2
-rw-r--r--kubernetes/msb/components/msb-eag/values.yaml6
-rw-r--r--kubernetes/msb/components/msb-iag/requirements.yaml3
-rw-r--r--kubernetes/msb/components/msb-iag/templates/deployment.yaml2
-rw-r--r--kubernetes/msb/components/msb-iag/values.yaml6
-rw-r--r--kubernetes/multicloud/components/multicloud-k8s/values.yaml2
-rw-r--r--kubernetes/multicloud/components/multicloud-starlingx/values.yaml2
-rw-r--r--kubernetes/multicloud/components/multicloud-windriver/values.yaml2
-rw-r--r--kubernetes/multicloud/values.yaml2
-rw-r--r--kubernetes/nbi/requirements.yaml3
-rw-r--r--kubernetes/nbi/templates/deployment.yaml1
-rw-r--r--kubernetes/nbi/values.yaml6
-rw-r--r--kubernetes/onap/Chart.yaml2
-rw-r--r--kubernetes/oof/components/oof-has/components/oof-has-api/requirements.yaml3
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml1
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-api/values.yaml6
-rw-r--r--kubernetes/oof/components/oof-has/components/oof-has-controller/requirements.yaml3
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml1
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml6
-rw-r--r--kubernetes/oof/components/oof-has/components/oof-has-data/requirements.yaml3
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml1
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-data/values.yaml6
-rw-r--r--kubernetes/oof/components/oof-has/components/oof-has-reservation/requirements.yaml3
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml1
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml6
-rw-r--r--kubernetes/oof/components/oof-has/components/oof-has-solver/requirements.yaml3
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml1
-rwxr-xr-xkubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml6
-rwxr-xr-xkubernetes/oof/requirements.yaml3
-rw-r--r--kubernetes/oof/templates/deployment.yaml2
-rw-r--r--kubernetes/oof/values.yaml6
-rw-r--r--kubernetes/policy/components/policy-clamp-be/resources/config/application.properties6
-rw-r--r--kubernetes/policy/components/policy-clamp-be/resources/config/policy-clamp-create-tables.sql476
-rw-r--r--kubernetes/policy/components/policy-clamp-be/templates/deployment.yaml6
-rw-r--r--kubernetes/policy/components/policy-clamp-be/values.yaml11
-rwxr-xr-xkubernetes/so/components/so-cnf-adapter/values.yaml2
49 files changed, 394 insertions, 251 deletions
diff --git a/kubernetes/cps/components/cps-core/values.yaml b/kubernetes/cps/components/cps-core/values.yaml
index d41c44ddbc..eb7aa54130 100644
--- a/kubernetes/cps/components/cps-core/values.yaml
+++ b/kubernetes/cps/components/cps-core/values.yaml
@@ -73,7 +73,7 @@ service:
ports:
- name: &port http
port: *svc_port
- - name: management
+ - name: http-management
port: *mgt_port
targetPort: *mgt_port
@@ -83,7 +83,7 @@ prometheus:
metrics:
serviceMonitor:
enabled: true
- port: management
+ port: http-management
## specify target port if name is not given to the port in the service definition
##
# targetPort: 8080
diff --git a/kubernetes/cps/components/cps-temporal/values.yaml b/kubernetes/cps/components/cps-temporal/values.yaml
index da055d0242..f8311697f5 100644
--- a/kubernetes/cps/components/cps-temporal/values.yaml
+++ b/kubernetes/cps/components/cps-temporal/values.yaml
@@ -54,14 +54,14 @@ service:
- name: http
port: *svc_port
targetPort: *svc_port
- - name: management
+ - name: http-management
port: *mgt_port
targetPort: *mgt_port
metrics:
serviceMonitor:
enabled: true
- port: management
+ port: http-management
## specify target port if name is not given to the port in the service definition
##
# targetPort: 8080
diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml b/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml
index 3f40a79b84..234f9eb646 100644
--- a/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml
+++ b/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml
@@ -60,14 +60,14 @@ service:
ports:
- name: &port http
port: *svc_port
- - name: management
+ - name: http-management
port: *mgt_port
targetPort: *mgt_port
metrics:
serviceMonitor:
enabled: true
- port: management
+ port: http-management
## specify target port if name is not given to the port in the service definition
##
# targetPort: 8080
diff --git a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml
index 420814f6c2..1e60d24d7a 100644
--- a/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-son-handler/values.yaml
@@ -56,7 +56,7 @@ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.
# Application Configuration Defaults.
#################################################################
# Application Image
-image: onap/org.onap.dcaegen2.services.son-handler:2.1.4
+image: onap/org.onap.dcaegen2.services.son-handler:2.1.5
pullPolicy: Always
# Log directory where logging sidecar should look for log files
diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/job.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/job.yaml
index 2e8b4cd4e8..f01edd240b 100644
--- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/job.yaml
+++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/job.yaml
@@ -37,8 +37,10 @@ spec:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
spec:
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
restartPolicy: Never
containers:
- name: dcae-cleanup
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.cleanupImage }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} \ No newline at end of file
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
diff --git a/kubernetes/msb/components/kube2msb/requirements.yaml b/kubernetes/msb/components/kube2msb/requirements.yaml
index dbb7638914..dfda28d9c9 100644
--- a/kubernetes/msb/components/kube2msb/requirements.yaml
+++ b/kubernetes/msb/components/kube2msb/requirements.yaml
@@ -19,3 +19,4 @@ dependencies:
- name: repositoryGenerator
version: ~9.x-0
repository: '@local'
+
diff --git a/kubernetes/msb/components/msb-consul/requirements.yaml b/kubernetes/msb/components/msb-consul/requirements.yaml
index dbb7638914..ca01ea6e9d 100644
--- a/kubernetes/msb/components/msb-consul/requirements.yaml
+++ b/kubernetes/msb/components/msb-consul/requirements.yaml
@@ -19,3 +19,6 @@ dependencies:
- name: repositoryGenerator
version: ~9.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~9.x-0
+ repository: '@local'
diff --git a/kubernetes/msb/components/msb-consul/templates/deployment.yaml b/kubernetes/msb/components/msb-consul/templates/deployment.yaml
index 97dd1781f2..d03829d89d 100644
--- a/kubernetes/msb/components/msb-consul/templates/deployment.yaml
+++ b/kubernetes/msb/components/msb-consul/templates/deployment.yaml
@@ -36,7 +36,6 @@ spec:
annotations:
sidecar.istio.io/inject: "{{.Values.istioSidecar}}"
spec:
- serviceAccountName: msb
containers:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }}
@@ -85,6 +84,7 @@ spec:
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- name: localtime
hostPath:
diff --git a/kubernetes/msb/components/msb-consul/values.yaml b/kubernetes/msb/components/msb-consul/values.yaml
index 1c7fa38171..258d49e30b 100644
--- a/kubernetes/msb/components/msb-consul/values.yaml
+++ b/kubernetes/msb/components/msb-consul/values.yaml
@@ -87,3 +87,9 @@ securityContext:
fsGroup: 1000
runAsUser: 100
runAsGroup: 1000
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: msb-consul
+ roles:
+ - read
diff --git a/kubernetes/msb/components/msb-discovery/requirements.yaml b/kubernetes/msb/components/msb-discovery/requirements.yaml
index dbb7638914..ca01ea6e9d 100644
--- a/kubernetes/msb/components/msb-discovery/requirements.yaml
+++ b/kubernetes/msb/components/msb-discovery/requirements.yaml
@@ -19,3 +19,6 @@ dependencies:
- name: repositoryGenerator
version: ~9.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~9.x-0
+ repository: '@local'
diff --git a/kubernetes/msb/components/msb-discovery/templates/deployment.yaml b/kubernetes/msb/components/msb-discovery/templates/deployment.yaml
index e5e5f9eb0f..00d91fe646 100644
--- a/kubernetes/msb/components/msb-discovery/templates/deployment.yaml
+++ b/kubernetes/msb/components/msb-discovery/templates/deployment.yaml
@@ -36,7 +36,6 @@ spec:
annotations:
sidecar.istio.io/inject: "{{.Values.istioSidecar}}"
spec:
- serviceAccountName: msb
initContainers:
- command:
- /app/ready.py
@@ -107,6 +106,7 @@ spec:
- mountPath: /opt/ajsc/etc/config/logback.xml
name: {{ include "common.fullname" . }}-log-conf
subPath: logback.xml
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- name: {{ include "common.fullname" . }}-log-conf
configMap:
diff --git a/kubernetes/msb/components/msb-discovery/values.yaml b/kubernetes/msb/components/msb-discovery/values.yaml
index f0eabde79f..e9800233e3 100644
--- a/kubernetes/msb/components/msb-discovery/values.yaml
+++ b/kubernetes/msb/components/msb-discovery/values.yaml
@@ -82,3 +82,9 @@ resources:
cpu: 400m
memory: 400Mi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: msb-discovery
+ roles:
+ - read
diff --git a/kubernetes/msb/components/msb-eag/requirements.yaml b/kubernetes/msb/components/msb-eag/requirements.yaml
index 3fea5d0f52..a4fb34c5a6 100644
--- a/kubernetes/msb/components/msb-eag/requirements.yaml
+++ b/kubernetes/msb/components/msb-eag/requirements.yaml
@@ -22,3 +22,6 @@ dependencies:
- name: certInitializer
version: ~9.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~9.x-0
+ repository: '@local'
diff --git a/kubernetes/msb/components/msb-eag/templates/deployment.yaml b/kubernetes/msb/components/msb-eag/templates/deployment.yaml
index 113a174eb6..c30fc343de 100644
--- a/kubernetes/msb/components/msb-eag/templates/deployment.yaml
+++ b/kubernetes/msb/components/msb-eag/templates/deployment.yaml
@@ -37,7 +37,6 @@ spec:
annotations:
sidecar.istio.io/inject: "{{.Values.istioSidecar}}"
spec:
- serviceAccountName: msb
initContainers:
{{ include "common.certInitializer.initContainer" . | indent 6 | trim }}
- command:
@@ -119,6 +118,7 @@ spec:
- mountPath: /opt/ajsc/etc/config/logback.xml
name: {{ include "common.fullname" . }}-log-conf
subPath: logback.xml
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
{{ include "common.certInitializer.volumes" . | indent 8 | trim }}
- name: {{ include "common.fullname" . }}-log-conf
diff --git a/kubernetes/msb/components/msb-eag/values.yaml b/kubernetes/msb/components/msb-eag/values.yaml
index 5faae36fb0..9345341437 100644
--- a/kubernetes/msb/components/msb-eag/values.yaml
+++ b/kubernetes/msb/components/msb-eag/values.yaml
@@ -116,3 +116,9 @@ resources:
cpu: 200m
memory: 400Mi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: msb-eag
+ roles:
+ - read
diff --git a/kubernetes/msb/components/msb-iag/requirements.yaml b/kubernetes/msb/components/msb-iag/requirements.yaml
index 3fea5d0f52..a4fb34c5a6 100644
--- a/kubernetes/msb/components/msb-iag/requirements.yaml
+++ b/kubernetes/msb/components/msb-iag/requirements.yaml
@@ -22,3 +22,6 @@ dependencies:
- name: certInitializer
version: ~9.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~9.x-0
+ repository: '@local'
diff --git a/kubernetes/msb/components/msb-iag/templates/deployment.yaml b/kubernetes/msb/components/msb-iag/templates/deployment.yaml
index 7bae325b1e..2a855c713f 100644
--- a/kubernetes/msb/components/msb-iag/templates/deployment.yaml
+++ b/kubernetes/msb/components/msb-iag/templates/deployment.yaml
@@ -37,7 +37,6 @@ spec:
annotations:
sidecar.istio.io/inject: "{{.Values.istioSidecar}}"
spec:
- serviceAccountName: msb
initContainers:
{{ include "common.certInitializer.initContainer" . | indent 6 | trim }}
- command:
@@ -119,6 +118,7 @@ spec:
- mountPath: /opt/ajsc/etc/config/logback.xml
name: {{ include "common.fullname" . }}-log-conf
subPath: logback.xml
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
{{ include "common.certInitializer.volumes" . | indent 8 | trim }}
- name: {{ include "common.fullname" . }}-log-conf
diff --git a/kubernetes/msb/components/msb-iag/values.yaml b/kubernetes/msb/components/msb-iag/values.yaml
index 9b9f805802..21f22dd3ac 100644
--- a/kubernetes/msb/components/msb-iag/values.yaml
+++ b/kubernetes/msb/components/msb-iag/values.yaml
@@ -117,3 +117,9 @@ resources:
cpu: 100m
memory: 400Mi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: msb-iag
+ roles:
+ - read
diff --git a/kubernetes/multicloud/components/multicloud-k8s/values.yaml b/kubernetes/multicloud/components/multicloud-k8s/values.yaml
index 30319683a2..9cf505d473 100644
--- a/kubernetes/multicloud/components/multicloud-k8s/values.yaml
+++ b/kubernetes/multicloud/components/multicloud-k8s/values.yaml
@@ -18,7 +18,7 @@
global:
nodePortPrefixExt: 304
persistence: {}
- artifactImage: onap/multicloud/framework-artifactbroker:1.7.0
+ artifactImage: onap/multicloud/framework-artifactbroker:1.7.1
#################################################################
# Application configuration defaults.
diff --git a/kubernetes/multicloud/components/multicloud-starlingx/values.yaml b/kubernetes/multicloud/components/multicloud-starlingx/values.yaml
index cde6f67cc5..fb6f3b3592 100644
--- a/kubernetes/multicloud/components/multicloud-starlingx/values.yaml
+++ b/kubernetes/multicloud/components/multicloud-starlingx/values.yaml
@@ -17,7 +17,7 @@
#################################################################
global:
nodePortPrefixExt: 304
- artifactImage: onap/multicloud/framework-artifactbroker:1.6.0
+ artifactImage: onap/multicloud/framework-artifactbroker:1.7.1
#################################################################
# Application configuration defaults.
diff --git a/kubernetes/multicloud/components/multicloud-windriver/values.yaml b/kubernetes/multicloud/components/multicloud-windriver/values.yaml
index e25a96ba05..dee6ba7a87 100644
--- a/kubernetes/multicloud/components/multicloud-windriver/values.yaml
+++ b/kubernetes/multicloud/components/multicloud-windriver/values.yaml
@@ -18,7 +18,7 @@
#################################################################
global:
nodePortPrefix: 302
- artifactImage: onap/multicloud/framework-artifactbroker:1.6.0
+ artifactImage: onap/multicloud/framework-artifactbroker:1.7.1
persistence: {}
#################################################################
diff --git a/kubernetes/multicloud/values.yaml b/kubernetes/multicloud/values.yaml
index 93d299e16f..d378ec2b1f 100644
--- a/kubernetes/multicloud/values.yaml
+++ b/kubernetes/multicloud/values.yaml
@@ -18,7 +18,7 @@
#################################################################
global:
nodePortPrefix: 302
- artifactImage: onap/multicloud/framework-artifactbroker:1.7.0
+ artifactImage: onap/multicloud/framework-artifactbroker:1.7.1
prometheus:
enabled: false
persistence: {}
diff --git a/kubernetes/nbi/requirements.yaml b/kubernetes/nbi/requirements.yaml
index f54b915d77..69d6f51433 100644
--- a/kubernetes/nbi/requirements.yaml
+++ b/kubernetes/nbi/requirements.yaml
@@ -37,3 +37,6 @@ dependencies:
- name: repositoryGenerator
version: ~9.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~9.x-0
+ repository: '@local'
diff --git a/kubernetes/nbi/templates/deployment.yaml b/kubernetes/nbi/templates/deployment.yaml
index d5f209e94a..b9ed35b0f7 100644
--- a/kubernetes/nbi/templates/deployment.yaml
+++ b/kubernetes/nbi/templates/deployment.yaml
@@ -146,6 +146,7 @@ spec:
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: localtime
hostPath:
diff --git a/kubernetes/nbi/values.yaml b/kubernetes/nbi/values.yaml
index a3dc897718..92788e430f 100644
--- a/kubernetes/nbi/values.yaml
+++ b/kubernetes/nbi/values.yaml
@@ -181,3 +181,9 @@ resources:
cpu: 200m
memory: 2Gi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: nbi
+ roles:
+ - read
diff --git a/kubernetes/onap/Chart.yaml b/kubernetes/onap/Chart.yaml
index 21ff5a5c89..d9525c5750 100644
--- a/kubernetes/onap/Chart.yaml
+++ b/kubernetes/onap/Chart.yaml
@@ -21,4 +21,4 @@ home: https://www.onap.org/
sources:
- https://gerrit.onap.org/r/#/admin/projects/
icon: https://wiki.onap.org/download/thumbnails/1015829/onap_704x271%20copy.png?version=1&modificationDate=1488326334000&api=v2
-kubeVersion: ">=1.19"
+kubeVersion: ">=1.19.0-0"
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/requirements.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/requirements.yaml
index 15694713a0..3e9b0a1c91 100644
--- a/kubernetes/oof/components/oof-has/components/oof-has-api/requirements.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-api/requirements.yaml
@@ -26,3 +26,6 @@ dependencies:
- name: repositoryGenerator
version: ~9.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~9.x-0
+ repository: '@local'
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml
index ba4a657c1a..3ed20ba8a6 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/deployment.yaml
@@ -162,6 +162,7 @@ spec:
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
{{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: localtime
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml
index fb402143c6..72c5ddc9c2 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-api/values.yaml
@@ -111,3 +111,9 @@ ingress:
port: 8091
config:
ssl: "redirect"
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: oof-has-api
+ roles:
+ - read
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-controller/requirements.yaml b/kubernetes/oof/components/oof-has/components/oof-has-controller/requirements.yaml
index a199ea899d..03f20196b5 100644
--- a/kubernetes/oof/components/oof-has/components/oof-has-controller/requirements.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-controller/requirements.yaml
@@ -23,3 +23,6 @@ dependencies:
- name: repositoryGenerator
version: ~9.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~9.x-0
+ repository: '@local'
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml
index 895a305b53..55bb4f620d 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-controller/templates/deployment.yaml
@@ -126,6 +126,7 @@ spec:
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- name: localtime
hostPath:
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml
index aa5b8fca2e..0157c569a0 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-controller/values.yaml
@@ -71,3 +71,9 @@ liveness:
readiness:
initialDelaySeconds: 10
periodSeconds: 10
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: oof-has-controller
+ roles:
+ - read
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-data/requirements.yaml b/kubernetes/oof/components/oof-has/components/oof-has-data/requirements.yaml
index a199ea899d..03f20196b5 100644
--- a/kubernetes/oof/components/oof-has/components/oof-has-data/requirements.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-data/requirements.yaml
@@ -23,3 +23,6 @@ dependencies:
- name: repositoryGenerator
version: ~9.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~9.x-0
+ repository: '@local'
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml
index cc4eaf08b9..4f58ec3b94 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-data/templates/deployment.yaml
@@ -131,6 +131,7 @@ spec:
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- name: localtime
hostPath:
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml
index 666818da73..5623cde904 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-data/values.yaml
@@ -71,3 +71,9 @@ liveness:
readiness:
initialDelaySeconds: 10
periodSeconds: 10
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: oof-has-data
+ roles:
+ - read
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-reservation/requirements.yaml b/kubernetes/oof/components/oof-has/components/oof-has-reservation/requirements.yaml
index a199ea899d..03f20196b5 100644
--- a/kubernetes/oof/components/oof-has/components/oof-has-reservation/requirements.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-reservation/requirements.yaml
@@ -23,3 +23,6 @@ dependencies:
- name: repositoryGenerator
version: ~9.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~9.x-0
+ repository: '@local'
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml
index 095162bea2..f8755ea66b 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-reservation/templates/deployment.yaml
@@ -125,6 +125,7 @@ spec:
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- name: localtime
hostPath:
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml
index 666818da73..fa8bdd97ed 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-reservation/values.yaml
@@ -71,3 +71,9 @@ liveness:
readiness:
initialDelaySeconds: 10
periodSeconds: 10
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: oof-has-reservation
+ roles:
+ - read
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-solver/requirements.yaml b/kubernetes/oof/components/oof-has/components/oof-has-solver/requirements.yaml
index a199ea899d..03f20196b5 100644
--- a/kubernetes/oof/components/oof-has/components/oof-has-solver/requirements.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-solver/requirements.yaml
@@ -23,3 +23,6 @@ dependencies:
- name: repositoryGenerator
version: ~9.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~9.x-0
+ repository: '@local'
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml b/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml
index d664ca0875..154bc78e41 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-solver/templates/deployment.yaml
@@ -125,6 +125,7 @@ spec:
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- name: localtime
hostPath:
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml b/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml
index 666818da73..e7ceddd9a4 100755
--- a/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-solver/values.yaml
@@ -71,3 +71,9 @@ liveness:
readiness:
initialDelaySeconds: 10
periodSeconds: 10
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: oof-has-solver
+ roles:
+ - read
diff --git a/kubernetes/oof/requirements.yaml b/kubernetes/oof/requirements.yaml
index 16ecadb956..fbfb868bb0 100755
--- a/kubernetes/oof/requirements.yaml
+++ b/kubernetes/oof/requirements.yaml
@@ -31,3 +31,6 @@ dependencies:
- name: repositoryGenerator
version: ~9.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~9.x-0
+ repository: '@local'
diff --git a/kubernetes/oof/templates/deployment.yaml b/kubernetes/oof/templates/deployment.yaml
index 6f1022ba63..58ff39e1e5 100644
--- a/kubernetes/oof/templates/deployment.yaml
+++ b/kubernetes/oof/templates/deployment.yaml
@@ -133,7 +133,7 @@ spec:
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
-
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
{{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: localtime
diff --git a/kubernetes/oof/values.yaml b/kubernetes/oof/values.yaml
index 64c3e0ad29..f5873b404e 100644
--- a/kubernetes/oof/values.yaml
+++ b/kubernetes/oof/values.yaml
@@ -177,3 +177,9 @@ ingress:
oof-has:
enabled: true
certSecret: *oof-certs
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: oof
+ roles:
+ - read
diff --git a/kubernetes/policy/components/policy-clamp-be/resources/config/application.properties b/kubernetes/policy/components/policy-clamp-be/resources/config/application.properties
index a6334668b1..aa9870ae41 100644
--- a/kubernetes/policy/components/policy-clamp-be/resources/config/application.properties
+++ b/kubernetes/policy/components/policy-clamp-be/resources/config/application.properties
@@ -69,3 +69,9 @@ clamp.config.dcae.deployment.password=none
#AAF related parameters
clamp.config.cadi.aafLocateUrl=https://aaf-locate.{{ include "common.namespace" . }}:8095
+
+# Configuration settings for ControlLoop Runtime Rest API
+clamp.config.controlloop.runtime.url=http://policy-clamp-cl-runtime.{{ include "common.namespace" . }}:6969
+clamp.config.controlloop.runtime.userName=${RUNTIME_USER}
+clamp.config.controlloop.runtime.password=${RUNTIME_PASSWORD}
+
diff --git a/kubernetes/policy/components/policy-clamp-be/resources/config/policy-clamp-create-tables.sql b/kubernetes/policy/components/policy-clamp-be/resources/config/policy-clamp-create-tables.sql
index 1f153bce04..1652dc18c3 100644
--- a/kubernetes/policy/components/policy-clamp-be/resources/config/policy-clamp-create-tables.sql
+++ b/kubernetes/policy/components/policy-clamp-be/resources/config/policy-clamp-create-tables.sql
@@ -1,257 +1,275 @@
-
- create table dictionary (
- name varchar(255) not null,
- created_by varchar(255),
- created_timestamp datetime(6) not null,
- updated_by varchar(255),
- updated_timestamp datetime(6) not null,
- dictionary_second_level integer,
- dictionary_type varchar(255),
- primary key (name)
- ) engine=InnoDB;
-
- create table dictionary_elements (
- short_name varchar(255) not null,
- created_by varchar(255),
- created_timestamp datetime(6) not null,
- updated_by varchar(255),
- updated_timestamp datetime(6) not null,
- description varchar(255) not null,
- name varchar(255) not null,
- subdictionary_name varchar(255),
- type varchar(255) not null,
- primary key (short_name)
+/*
+ * ============LICENSE_START=======================================================
+ * Copyright (C) 2021 Nordix Foundation
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ============LICENSE_END=========================================================
+ */
+
+create table if not exists dictionary (
+ name varchar(255) not null,
+ created_by varchar(255),
+ created_timestamp datetime(6) not null,
+ updated_by varchar(255),
+ updated_timestamp datetime(6) not null,
+ dictionary_second_level integer,
+ dictionary_type varchar(255),
+ primary key (name)
) engine=InnoDB;
- create table dictionary_to_dictionaryelements (
- dictionary_name varchar(255) not null,
- dictionary_element_short_name varchar(255) not null,
- primary key (dictionary_name, dictionary_element_short_name)
+create table if not exists dictionary_elements (
+ short_name varchar(255) not null,
+ created_by varchar(255),
+ created_timestamp datetime(6) not null,
+ updated_by varchar(255),
+ updated_timestamp datetime(6) not null,
+ description varchar(255) not null,
+ name varchar(255) not null,
+ subdictionary_name varchar(255),
+ type varchar(255) not null,
+ primary key (short_name)
) engine=InnoDB;
- create table hibernate_sequence (
- next_val bigint
+create table if not exists dictionary_to_dictionaryelements (
+ dictionary_name varchar(255) not null,
+ dictionary_element_short_name varchar(255) not null,
+ primary key (dictionary_name, dictionary_element_short_name)
) engine=InnoDB;
- insert into hibernate_sequence values ( 1 );
-
- create table loop_element_models (
- name varchar(255) not null,
- created_by varchar(255),
- created_timestamp datetime(6) not null,
- updated_by varchar(255),
- updated_timestamp datetime(6) not null,
- blueprint_yaml MEDIUMTEXT,
- dcae_blueprint_id varchar(255),
- loop_element_type varchar(255) not null,
- short_name varchar(255),
- primary key (name)
+create table if not exists hibernate_sequence (
+ next_val bigint
+) engine=InnoDB;
+
+insert into hibernate_sequence values ( 1 );
+
+create table if not exists loop_element_models (
+ name varchar(255) not null,
+ created_by varchar(255),
+ created_timestamp datetime(6) not null,
+ updated_by varchar(255),
+ updated_timestamp datetime(6) not null,
+ blueprint_yaml MEDIUMTEXT,
+ dcae_blueprint_id varchar(255),
+ loop_element_type varchar(255) not null,
+ short_name varchar(255),
+ primary key (name)
) engine=InnoDB;
- create table loop_logs (
- id bigint not null,
- log_component varchar(255) not null,
- log_instant datetime(6) not null,
- log_type varchar(255) not null,
- message MEDIUMTEXT not null,
- loop_id varchar(255) not null,
- primary key (id)
+create table if not exists loop_logs (
+ id bigint not null,
+ log_component varchar(255) not null,
+ log_instant datetime(6) not null,
+ log_type varchar(255) not null,
+ message MEDIUMTEXT not null,
+ loop_id varchar(255) not null,
+ primary key (id)
) engine=InnoDB;
- create table loop_templates (
- name varchar(255) not null,
- created_by varchar(255),
- created_timestamp datetime(6) not null,
- updated_by varchar(255),
- updated_timestamp datetime(6) not null,
- allowed_loop_type varchar(255),
- blueprint_yaml MEDIUMTEXT,
- dcae_blueprint_id varchar(255),
- maximum_instances_allowed integer,
- svg_representation MEDIUMTEXT,
- unique_blueprint boolean default false,
- service_uuid varchar(255),
- primary key (name)
+create table if not exists loop_templates (
+ name varchar(255) not null,
+ created_by varchar(255),
+ created_timestamp datetime(6) not null,
+ updated_by varchar(255),
+ updated_timestamp datetime(6) not null,
+ allowed_loop_type varchar(255),
+ blueprint_yaml MEDIUMTEXT,
+ dcae_blueprint_id varchar(255),
+ maximum_instances_allowed integer,
+ svg_representation MEDIUMTEXT,
+ unique_blueprint boolean default false,
+ service_uuid varchar(255),
+ primary key (name)
) engine=InnoDB;
- create table loopelementmodels_to_policymodels (
- loop_element_name varchar(255) not null,
- policy_model_type varchar(255) not null,
- policy_model_version varchar(255) not null,
- primary key (loop_element_name, policy_model_type, policy_model_version)
+create table if not exists loopelementmodels_to_policymodels (
+ loop_element_name varchar(255) not null,
+ policy_model_type varchar(255) not null,
+ policy_model_version varchar(255) not null,
+ primary key (loop_element_name, policy_model_type, policy_model_version)
) engine=InnoDB;
- create table loops (
- name varchar(255) not null,
- created_by varchar(255),
- created_timestamp datetime(6) not null,
- updated_by varchar(255),
- updated_timestamp datetime(6) not null,
- dcae_deployment_id varchar(255),
- dcae_deployment_status_url varchar(255),
- global_properties_json json,
- last_computed_state varchar(255) not null,
- svg_representation MEDIUMTEXT,
- loop_template_name varchar(255) not null,
- service_uuid varchar(255),
- primary key (name)
+create table if not exists loops (
+ name varchar(255) not null,
+ created_by varchar(255),
+ created_timestamp datetime(6) not null,
+ updated_by varchar(255),
+ updated_timestamp datetime(6) not null,
+ dcae_deployment_id varchar(255),
+ dcae_deployment_status_url varchar(255),
+ global_properties_json json,
+ last_computed_state varchar(255) not null,
+ svg_representation MEDIUMTEXT,
+ loop_template_name varchar(255) not null,
+ service_uuid varchar(255),
+ primary key (name)
) engine=InnoDB;
- create table loops_to_microservicepolicies (
- loop_name varchar(255) not null,
- microservicepolicy_name varchar(255) not null,
- primary key (loop_name, microservicepolicy_name)
+create table if not exists loops_to_microservicepolicies (
+ loop_name varchar(255) not null,
+ microservicepolicy_name varchar(255) not null,
+ primary key (loop_name, microservicepolicy_name)
) engine=InnoDB;
- create table looptemplates_to_loopelementmodels (
- loop_element_model_name varchar(255) not null,
- loop_template_name varchar(255) not null,
- flow_order integer not null,
- primary key (loop_element_model_name, loop_template_name)
+create table if not exists looptemplates_to_loopelementmodels (
+ loop_element_model_name varchar(255) not null,
+ loop_template_name varchar(255) not null,
+ flow_order integer not null,
+ primary key (loop_element_model_name, loop_template_name)
) engine=InnoDB;
- create table micro_service_policies (
- name varchar(255) not null,
- created_by varchar(255),
- created_timestamp datetime(6) not null,
- updated_by varchar(255),
- updated_timestamp datetime(6) not null,
- configurations_json json,
- json_representation json not null,
- pdp_group varchar(255),
- pdp_sub_group varchar(255),
- context varchar(255),
- dcae_blueprint_id varchar(255),
- dcae_deployment_id varchar(255),
- dcae_deployment_status_url varchar(255),
- device_type_scope varchar(255),
- shared bit not null,
- loop_element_model_id varchar(255),
- policy_model_type varchar(255),
- policy_model_version varchar(255),
- primary key (name)
+create table if not exists micro_service_policies (
+ name varchar(255) not null,
+ created_by varchar(255),
+ created_timestamp datetime(6) not null,
+ updated_by varchar(255),
+ updated_timestamp datetime(6) not null,
+ configurations_json json,
+ json_representation json not null,
+ pdp_group varchar(255),
+ pdp_sub_group varchar(255),
+ context varchar(255),
+ dcae_blueprint_id varchar(255),
+ dcae_deployment_id varchar(255),
+ dcae_deployment_status_url varchar(255),
+ device_type_scope varchar(255),
+ shared bit not null,
+ loop_element_model_id varchar(255),
+ policy_model_type varchar(255),
+ policy_model_version varchar(255),
+ primary key (name)
) engine=InnoDB;
- create table operational_policies (
- name varchar(255) not null,
- created_by varchar(255),
- created_timestamp datetime(6) not null,
- updated_by varchar(255),
- updated_timestamp datetime(6) not null,
- configurations_json json,
- json_representation json not null,
- pdp_group varchar(255),
- pdp_sub_group varchar(255),
- loop_element_model_id varchar(255),
- policy_model_type varchar(255),
- policy_model_version varchar(255),
- loop_id varchar(255) not null,
- primary key (name)
+create table if not exists operational_policies (
+ name varchar(255) not null,
+ created_by varchar(255),
+ created_timestamp datetime(6) not null,
+ updated_by varchar(255),
+ updated_timestamp datetime(6) not null,
+ configurations_json json,
+ json_representation json not null,
+ pdp_group varchar(255),
+ pdp_sub_group varchar(255),
+ loop_element_model_id varchar(255),
+ policy_model_type varchar(255),
+ policy_model_version varchar(255),
+ loop_id varchar(255) not null,
+ primary key (name)
) engine=InnoDB;
- create table policy_models (
- policy_model_type varchar(255) not null,
- version varchar(255) not null,
- created_by varchar(255),
- created_timestamp datetime(6) not null,
- updated_by varchar(255),
- updated_timestamp datetime(6) not null,
- policy_acronym varchar(255),
- policy_tosca MEDIUMTEXT,
- policy_pdp_group json,
- primary key (policy_model_type, version)
+create table if not exists policy_models (
+ policy_model_type varchar(255) not null,
+ version varchar(255) not null,
+ created_by varchar(255),
+ created_timestamp datetime(6) not null,
+ updated_by varchar(255),
+ updated_timestamp datetime(6) not null,
+ policy_acronym varchar(255),
+ policy_tosca MEDIUMTEXT,
+ policy_pdp_group json,
+ primary key (policy_model_type, version)
) engine=InnoDB;
- create table services (
- service_uuid varchar(255) not null,
- name varchar(255) not null,
- resource_details json,
- service_details json,
- version varchar(255),
- primary key (service_uuid)
+create table if not exists services (
+ service_uuid varchar(255) not null,
+ name varchar(255) not null,
+ resource_details json,
+ service_details json,
+ version varchar(255),
+ primary key (service_uuid)
) engine=InnoDB;
- alter table dictionary_to_dictionaryelements
- add constraint FK68hjjinnm8nte2owstd0xwp23
- foreign key (dictionary_element_short_name)
- references dictionary_elements (short_name);
-
- alter table dictionary_to_dictionaryelements
- add constraint FKtqfxg46gsxwlm2gkl6ne3cxfe
- foreign key (dictionary_name)
- references dictionary (name);
-
- alter table loop_logs
- add constraint FK1j0cda46aickcaoxqoo34khg2
- foreign key (loop_id)
- references loops (name);
-
- alter table loop_templates
- add constraint FKn692dk6281wvp1o95074uacn6
- foreign key (service_uuid)
- references services (service_uuid);
-
- alter table loopelementmodels_to_policymodels
- add constraint FK23j2q74v6kaexefy0tdabsnda
- foreign key (policy_model_type, policy_model_version)
- references policy_models (policy_model_type, version);
-
- alter table loopelementmodels_to_policymodels
- add constraint FKjag1iu0olojfwryfkvb5o0rk5
- foreign key (loop_element_name)
- references loop_element_models (name);
-
- alter table loops
- add constraint FK844uwy82wt0l66jljkjqembpj
- foreign key (loop_template_name)
- references loop_templates (name);
-
- alter table loops
- add constraint FK4b9wnqopxogwek014i1shqw7w
- foreign key (service_uuid)
- references services (service_uuid);
-
- alter table loops_to_microservicepolicies
- add constraint FKle255jmi7b065fwbvmwbiehtb
- foreign key (microservicepolicy_name)
- references micro_service_policies (name);
-
- alter table loops_to_microservicepolicies
- add constraint FK8avfqaf7xl71l7sn7a5eri68d
- foreign key (loop_name)
- references loops (name);
-
- alter table looptemplates_to_loopelementmodels
- add constraint FK1k7nbrbugvqa0xfxkq3cj1yn9
- foreign key (loop_element_model_name)
- references loop_element_models (name);
-
- alter table looptemplates_to_loopelementmodels
- add constraint FKj29yxyw0x7ue6mwgi6d3qg748
- foreign key (loop_template_name)
- references loop_templates (name);
-
- alter table micro_service_policies
- add constraint FKqvvdypacbww07fuv8xvlvdjgl
- foreign key (loop_element_model_id)
- references loop_element_models (name);
-
- alter table micro_service_policies
- add constraint FKn17j9ufmyhqicb6cvr1dbjvkt
- foreign key (policy_model_type, policy_model_version)
- references policy_models (policy_model_type, version);
-
- alter table operational_policies
- add constraint FKi9kh7my40737xeuaye9xwbnko
- foreign key (loop_element_model_id)
- references loop_element_models (name);
-
- alter table operational_policies
- add constraint FKlsyhfkoqvkwj78ofepxhoctip
- foreign key (policy_model_type, policy_model_version)
- references policy_models (policy_model_type, version);
-
- alter table operational_policies
- add constraint FK1ddoggk9ni2bnqighv6ecmuwu
- foreign key (loop_id)
- references loops (name);
+alter table dictionary_to_dictionaryelements
+ add constraint FK68hjjinnm8nte2owstd0xwp23
+ foreign key (dictionary_element_short_name)
+ references dictionary_elements (short_name);
+
+alter table dictionary_to_dictionaryelements
+ add constraint FKtqfxg46gsxwlm2gkl6ne3cxfe
+ foreign key (dictionary_name)
+ references dictionary (name);
+
+alter table loop_logs
+ add constraint FK1j0cda46aickcaoxqoo34khg2
+ foreign key (loop_id)
+ references loops (name);
+
+alter table loop_templates
+ add constraint FKn692dk6281wvp1o95074uacn6
+ foreign key (service_uuid)
+ references services (service_uuid);
+
+alter table loopelementmodels_to_policymodels
+ add constraint FK23j2q74v6kaexefy0tdabsnda
+ foreign key (policy_model_type, policy_model_version)
+ references policy_models (policy_model_type, version);
+
+alter table loopelementmodels_to_policymodels
+ add constraint FKjag1iu0olojfwryfkvb5o0rk5
+ foreign key (loop_element_name)
+ references loop_element_models (name);
+
+alter table loops
+ add constraint FK844uwy82wt0l66jljkjqembpj
+ foreign key (loop_template_name)
+ references loop_templates (name);
+
+alter table loops
+ add constraint FK4b9wnqopxogwek014i1shqw7w
+ foreign key (service_uuid)
+ references services (service_uuid);
+
+alter table loops_to_microservicepolicies
+ add constraint FKle255jmi7b065fwbvmwbiehtb
+ foreign key (microservicepolicy_name)
+ references micro_service_policies (name);
+
+alter table loops_to_microservicepolicies
+ add constraint FK8avfqaf7xl71l7sn7a5eri68d
+ foreign key (loop_name)
+ references loops (name);
+
+alter table looptemplates_to_loopelementmodels
+ add constraint FK1k7nbrbugvqa0xfxkq3cj1yn9
+ foreign key (loop_element_model_name)
+ references loop_element_models (name);
+
+alter table looptemplates_to_loopelementmodels
+ add constraint FKj29yxyw0x7ue6mwgi6d3qg748
+ foreign key (loop_template_name)
+ references loop_templates (name);
+
+alter table micro_service_policies
+ add constraint FKqvvdypacbww07fuv8xvlvdjgl
+ foreign key (loop_element_model_id)
+ references loop_element_models (name);
+
+alter table micro_service_policies
+ add constraint FKn17j9ufmyhqicb6cvr1dbjvkt
+ foreign key (policy_model_type, policy_model_version)
+ references policy_models (policy_model_type, version);
+
+alter table operational_policies
+ add constraint FKi9kh7my40737xeuaye9xwbnko
+ foreign key (loop_element_model_id)
+ references loop_element_models (name);
+
+alter table operational_policies
+ add constraint FKlsyhfkoqvkwj78ofepxhoctip
+ foreign key (policy_model_type, policy_model_version)
+ references policy_models (policy_model_type, version);
+
+alter table operational_policies
+ add constraint FK1ddoggk9ni2bnqighv6ecmuwu
+ foreign key (loop_id)
+ references loops (name);
diff --git a/kubernetes/policy/components/policy-clamp-be/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-be/templates/deployment.yaml
index e61cca0e49..4354c00a30 100644
--- a/kubernetes/policy/components/policy-clamp-be/templates/deployment.yaml
+++ b/kubernetes/policy/components/policy-clamp-be/templates/deployment.yaml
@@ -70,7 +70,7 @@ spec:
export SDC_CLIENT_PASSWORD_ENC=`java -jar {{ .Values.certInitializer.credsPath }}/aaf-cadi-aaf-2.1.20-full.jar cadi digest ${SDC_CLIENT_PASSWORD} {{ .Values.certInitializer.credsPath }}/org.onap.clamp.keyfile`;
envsubst < "/opt/policy/clamp/sdc-controllers-config.json" > "/opt/policy/clamp/sdc-controllers-config-pass.json"
{{- end }}
- java -Djava.security.egd=file:/dev/./urandom ${JAVA_RAM_CONFIGURATION} -jar ./policy-clamp-backend.jar
+ java -Djava.security.egd=file:/dev/./urandom ${JAVA_RAM_CONFIGURATION} -jar ./policy-clamp-backend.jar --spring.config.location=optional:classpath:/,optional:classpath:/config/,optional:file:./,optional:file:./config/
ports:
- containerPort: {{ .Values.service.internalPort }}
# disable liveness probe when breakpoints set in debugger
@@ -97,6 +97,10 @@ spec:
name: {{ include "common.fullname" . }}-config
subPath: application.properties
env:
+ - name: RUNTIME_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "runtime-be-secret" "key" "login") | indent 12 }}
+ - name: RUNTIME_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "runtime-be-secret" "key" "password") | indent 12 }}
- name: MYSQL_USER
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-creds" "key" "login") | indent 12 }}
- name: MYSQL_PASSWORD
diff --git a/kubernetes/policy/components/policy-clamp-be/values.yaml b/kubernetes/policy/components/policy-clamp-be/values.yaml
index dcbe59c382..518e7b13a2 100644
--- a/kubernetes/policy/components/policy-clamp-be/values.yaml
+++ b/kubernetes/policy/components/policy-clamp-be/values.yaml
@@ -60,11 +60,17 @@ secrets:
externalSecret: '{{ tpl (default "" .Values.sdc.sdcClientExternalSecret) . }}'
password: '{{ .Values.sdc.clientPassword }}'
passwordPolicy: required
+ - uid: runtime-be-secret
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.config.appUserExternalSecret) . }}'
+ login: '{{ .Values.config.policyAppUserName }}'
+ password: '{{ .Values.config.policyAppUserPassword }}'
+ passwordPolicy: required
flavor: small
# application image
-image: onap/policy-clamp-backend:6.1.1
+image: onap/policy-clamp-backend:6.1.2
pullPolicy: Always
# flag to enable debugging - application support required
@@ -79,7 +85,6 @@ log:
#################################################################
#####dummy values for db user and password to pass lint!!!#######
-
sdc:
clientPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
@@ -92,6 +97,8 @@ db:
internalPort: 3306
config:
+ policyAppUserName: runtimeUser
+ policyAppUserPassword: none
log:
logstashServiceName: log-ls
logstashPort: 5044
diff --git a/kubernetes/so/components/so-cnf-adapter/values.yaml b/kubernetes/so/components/so-cnf-adapter/values.yaml
index b7e8dd9098..2b6fff63c8 100755
--- a/kubernetes/so/components/so-cnf-adapter/values.yaml
+++ b/kubernetes/so/components/so-cnf-adapter/values.yaml
@@ -76,7 +76,7 @@ secrets:
#################################################################
# Application configuration defaults.
#################################################################
-image: onap/so/so-cnf-adapter:1.9.1
+image: onap/so/so-cnf-adapter:1.9.2
pullPolicy: Always
readinessCheck: