summaryrefslogtreecommitdiffstats
path: root/kubernetes
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes')
-rwxr-xr-xkubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml6
-rw-r--r--kubernetes/cds/charts/cds-blueprints-processor/templates/secrets.yaml3
-rw-r--r--kubernetes/cds/templates/secrets.yaml3
-rw-r--r--kubernetes/dcaemod/components/dcaemod-nifi-registry/templates/deployment.yaml4
-rw-r--r--kubernetes/dcaemod/components/dcaemod-nifi-registry/templates/secrets.yaml2
-rw-r--r--kubernetes/dcaemod/components/dcaemod-onboarding-api/templates/deployment.yaml2
-rw-r--r--kubernetes/dcaemod/components/dcaemod-onboarding-api/templates/secret.yaml2
-rw-r--r--kubernetes/dcaemod/components/dcaemod-runtime-api/templates/deployment.yaml4
-rw-r--r--kubernetes/dcaemod/components/dcaemod-runtime-api/templates/secrets.yaml3
-rw-r--r--kubernetes/nbi/templates/deployment.yaml4
-rw-r--r--kubernetes/nbi/templates/secret.yaml2
-rw-r--r--kubernetes/portal/charts/portal-sdk/templates/deployment.yaml4
-rw-r--r--kubernetes/portal/charts/portal-sdk/templates/secrets.yaml2
-rwxr-xr-xkubernetes/so/charts/so-sdc-controller/templates/deployment.yaml20
-rw-r--r--kubernetes/so/charts/so-sdc-controller/templates/secret.yaml15
-rwxr-xr-xkubernetes/so/charts/so-sdc-controller/values.yaml25
-rwxr-xr-xkubernetes/so/charts/so-sdnc-adapter/templates/deployment.yaml20
-rw-r--r--kubernetes/so/charts/so-sdnc-adapter/templates/secret.yaml15
-rwxr-xr-xkubernetes/so/charts/so-sdnc-adapter/values.yaml25
19 files changed, 110 insertions, 51 deletions
diff --git a/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml b/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml
index 3a887f193e..ab7245e56a 100755
--- a/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml
+++ b/kubernetes/cds/charts/cds-blueprints-processor/templates/deployment.yaml
@@ -51,11 +51,11 @@ spec:
- "cd /config-input && for PFILE in `ls -1 .`; do envsubst '${CDS_DB_USERNAME},${CDS_DB_PASSWORD},${CDS_DB_ROOT_PASSWORD}' <${PFILE} >/config/${PFILE}; done"
env:
- name: CDS_DB_USERNAME
- {{- include "common.secret.envFromSecret" (dict "global" . "uid" "cds-db-user-creds" "key" "login") | indent 10}}
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-db-user-creds" "key" "login") | indent 10}}
- name: CDS_DB_PASSWORD
- {{- include "common.secret.envFromSecret" (dict "global" . "uid" "cds-db-user-creds" "key" "password") | indent 10}}
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-db-user-creds" "key" "password") | indent 10}}
- name: CDS_DB_ROOT_PASSWORD
- {{- include "common.secret.envFromSecret" (dict "global" . "uid" "cds-db-root-pass" "key" "password") | indent 10}}
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-db-root-pass" "key" "password") | indent 10}}
volumeMounts:
- mountPath: /config-input/application.properties
diff --git a/kubernetes/cds/charts/cds-blueprints-processor/templates/secrets.yaml b/kubernetes/cds/charts/cds-blueprints-processor/templates/secrets.yaml
index 87edb92a4b..bd7eb8ea40 100644
--- a/kubernetes/cds/charts/cds-blueprints-processor/templates/secrets.yaml
+++ b/kubernetes/cds/charts/cds-blueprints-processor/templates/secrets.yaml
@@ -11,4 +11,5 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-{{ include "common.secret" . }}
+
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/cds/templates/secrets.yaml b/kubernetes/cds/templates/secrets.yaml
index 87edb92a4b..bd7eb8ea40 100644
--- a/kubernetes/cds/templates/secrets.yaml
+++ b/kubernetes/cds/templates/secrets.yaml
@@ -11,4 +11,5 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-{{ include "common.secret" . }}
+
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/dcaemod/components/dcaemod-nifi-registry/templates/deployment.yaml b/kubernetes/dcaemod/components/dcaemod-nifi-registry/templates/deployment.yaml
index 17ca948ade..7ba2a1202d 100644
--- a/kubernetes/dcaemod/components/dcaemod-nifi-registry/templates/deployment.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-nifi-registry/templates/deployment.yaml
@@ -64,9 +64,9 @@ spec:
- name: NIFI_REGISTRY_DB_URL
value: {{ .Values.config.dbURL }}
- name: NIFI_REGISTRY_DB_USER
- {{- include "common.secret.envFromSecret" (dict "global" . "uid" "dbsecret" "key" "login") | indent 12 }}
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dbsecret" "key" "login") | indent 12 }}
- name: NIFI_REGISTRY_DB_PASS
- {{- include "common.secret.envFromSecret" (dict "global" . "uid" "dbsecret" "key" "password") | indent 12 }}
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dbsecret" "key" "password") | indent 12 }}
volumes:
- name: flow-storage
persistentVolumeClaim:
diff --git a/kubernetes/dcaemod/components/dcaemod-nifi-registry/templates/secrets.yaml b/kubernetes/dcaemod/components/dcaemod-nifi-registry/templates/secrets.yaml
index 3c2bb3300f..45ac464cbe 100644
--- a/kubernetes/dcaemod/components/dcaemod-nifi-registry/templates/secrets.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-nifi-registry/templates/secrets.yaml
@@ -14,4 +14,4 @@
# See the License for the specific language governing permissions and
# limitations under the License.
# ============LICENSE_END=========================================================
-{{ include "common.secret" . }} \ No newline at end of file
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/dcaemod/components/dcaemod-onboarding-api/templates/deployment.yaml b/kubernetes/dcaemod/components/dcaemod-onboarding-api/templates/deployment.yaml
index 2a7a6c14ee..df531162bc 100644
--- a/kubernetes/dcaemod/components/dcaemod-onboarding-api/templates/deployment.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-onboarding-api/templates/deployment.yaml
@@ -71,7 +71,7 @@ spec:
- name: PG_USER
value: postgres
- name: PG_PASSWORD
- {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-root-pass" "key" "password") | indent 14 }}
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-root-pass" "key" "password") | indent 14 }}
- name: PG_PORT
value: "5432"
- name: PG_DB_NAME
diff --git a/kubernetes/dcaemod/components/dcaemod-onboarding-api/templates/secret.yaml b/kubernetes/dcaemod/components/dcaemod-onboarding-api/templates/secret.yaml
index dee311c336..bd7eb8ea40 100644
--- a/kubernetes/dcaemod/components/dcaemod-onboarding-api/templates/secret.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-onboarding-api/templates/secret.yaml
@@ -12,4 +12,4 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-{{ include "common.secret" . }}
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/templates/deployment.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/templates/deployment.yaml
index 8b885895e0..5a52e10d6e 100644
--- a/kubernetes/dcaemod/components/dcaemod-runtime-api/templates/deployment.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/templates/deployment.yaml
@@ -46,9 +46,9 @@ spec:
- name: DASHBOARD_URL
value: {{ .Values.config.dashboardURL }}
- name: DASHBOARD_USERNAME
- {{- include "common.secret.envFromSecret" (dict "global" . "uid" "dashsecret" "key" "login") | indent 14 }}
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dashsecret" "key" "login") | indent 14 }}
- name: DASHBOARD_PASSWORD
- {{- include "common.secret.envFromSecret" (dict "global" . "uid" "dashsecret" "key" "password") | indent 14 }}
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dashsecret" "key" "password") | indent 14 }}
- name: ONAP_TOPICURL
value: {{ .Values.config.mrTopicURL }}
- name: ONAP_IMPORT_CLOUDIFYPLUGIN
diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/templates/secrets.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/templates/secrets.yaml
index 3c2bb3300f..0a0475c889 100644
--- a/kubernetes/dcaemod/components/dcaemod-runtime-api/templates/secrets.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/templates/secrets.yaml
@@ -14,4 +14,5 @@
# See the License for the specific language governing permissions and
# limitations under the License.
# ============LICENSE_END=========================================================
-{{ include "common.secret" . }} \ No newline at end of file
+
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/nbi/templates/deployment.yaml b/kubernetes/nbi/templates/deployment.yaml
index 1fad1fc5aa..528a3f7e76 100644
--- a/kubernetes/nbi/templates/deployment.yaml
+++ b/kubernetes/nbi/templates/deployment.yaml
@@ -56,9 +56,9 @@ spec:
- name: SPRING_DATASOURCE_URL
value: jdbc:mariadb://{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}/{{ index .Values "mariadb-galera" "config" "mysqlDatabase" }}
- name: SPRING_DATASOURCE_USERNAME
- {{- include "common.secret.envFromSecret" (dict "global" . "uid" "nbi-db-secret" "key" "login") | indent 14 }}
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "nbi-db-secret" "key" "login") | indent 14 }}
- name: SPRING_DATASOURCE_PASSWORD
- {{- include "common.secret.envFromSecret" (dict "global" . "uid" "nbi-db-secret" "key" "password") | indent 14 }}
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "nbi-db-secret" "key" "password") | indent 14 }}
- name: SPRING_DATA_MONGODB_HOST
value: {{ .Values.mongo.service.name }}.{{ include "common.namespace" . }}
- name: SPRING_DATA_MONGODB_PORT
diff --git a/kubernetes/nbi/templates/secret.yaml b/kubernetes/nbi/templates/secret.yaml
index dee311c336..bd7eb8ea40 100644
--- a/kubernetes/nbi/templates/secret.yaml
+++ b/kubernetes/nbi/templates/secret.yaml
@@ -12,4 +12,4 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-{{ include "common.secret" . }}
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/portal/charts/portal-sdk/templates/deployment.yaml b/kubernetes/portal/charts/portal-sdk/templates/deployment.yaml
index 09080fca94..8465d06ad8 100644
--- a/kubernetes/portal/charts/portal-sdk/templates/deployment.yaml
+++ b/kubernetes/portal/charts/portal-sdk/templates/deployment.yaml
@@ -88,9 +88,9 @@ spec:
- name: aaf_locator_app_ns
value: "{{ .Values.global.aafAppNs }}"
- name: DEPLOY_FQI
- {{- include "common.secret.envFromSecret" (dict "global" . "uid" "aaf-deploy-creds" "key" "login") | indent 12 }}
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aaf-deploy-creds" "key" "login") | indent 12 }}
- name: DEPLOY_PASSWORD
- {{- include "common.secret.envFromSecret" (dict "global" . "uid" "aaf-deploy-creds" "key" "password") | indent 12 }}
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aaf-deploy-creds" "key" "password") | indent 12 }}
- name: cadi_longitude
value: "{{ .Values.aafConfig.cadiLongitude }}"
- name: cadi_latitude
diff --git a/kubernetes/portal/charts/portal-sdk/templates/secrets.yaml b/kubernetes/portal/charts/portal-sdk/templates/secrets.yaml
index b79179bc6b..61fc2f8037 100644
--- a/kubernetes/portal/charts/portal-sdk/templates/secrets.yaml
+++ b/kubernetes/portal/charts/portal-sdk/templates/secrets.yaml
@@ -12,4 +12,4 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-{{ include "common.secret" . }}
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/so/charts/so-sdc-controller/templates/deployment.yaml b/kubernetes/so/charts/so-sdc-controller/templates/deployment.yaml
index c0ac078039..ca6be72273 100755
--- a/kubernetes/so/charts/so-sdc-controller/templates/deployment.yaml
+++ b/kubernetes/so/charts/so-sdc-controller/templates/deployment.yaml
@@ -66,25 +66,13 @@ spec:
name: {{ include "common.release" . }}-so-db-secrets
key: mariadb.readwrite.port
- name: DB_USERNAME
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.rolename
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }}
- name: DB_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.password
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "password") | indent 10 }}
- name: DB_ADMIN_USERNAME
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.admin.rolename
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 10 }}
- name: DB_ADMIN_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.admin.password
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 10 }}
{{- if eq .Values.global.security.aaf.enabled true }}
- name: TRUSTSTORE
value: /app/org.onap.so.trust.jks
diff --git a/kubernetes/so/charts/so-sdc-controller/templates/secret.yaml b/kubernetes/so/charts/so-sdc-controller/templates/secret.yaml
new file mode 100644
index 0000000000..bd7eb8ea40
--- /dev/null
+++ b/kubernetes/so/charts/so-sdc-controller/templates/secret.yaml
@@ -0,0 +1,15 @@
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/so/charts/so-sdc-controller/values.yaml b/kubernetes/so/charts/so-sdc-controller/values.yaml
index 2cce8bb2dd..0e3bdf4084 100755
--- a/kubernetes/so/charts/so-sdc-controller/values.yaml
+++ b/kubernetes/so/charts/so-sdc-controller/values.yaml
@@ -24,12 +24,37 @@ global:
mountPath: /dockerdata-nfs
#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+ - uid: db-user-creds
+ type: basicAuth
+ externalSecret: '{{ .Values.db.userCredsExternalSecret }}'
+ login: '{{ .Values.db.userName }}'
+ password: '{{ .Values.db.userPassword }}'
+ passwordPolicy: required
+ - uid: db-admin-creds
+ type: basicAuth
+ externalSecret: '{{ .Values.db.adminCredsExternalSecret }}'
+ login: '{{ .Values.db.adminName }}'
+ password: '{{ .Values.db.adminPassword }}'
+ passwordPolicy: required
+
+#################################################################
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
image: onap/so/sdc-controller:1.5.3
pullPolicy: Always
+db:
+ userName: so_user
+ userPassword: so_User123
+ # userCredsExternalSecret: some secret
+ adminName: so_admin
+ adminPassword: so_Admin123
+ # adminCredsExternalSecret: some secret
+
replicaCount: 1
minReadySeconds: 10
containerPort: 8085
diff --git a/kubernetes/so/charts/so-sdnc-adapter/templates/deployment.yaml b/kubernetes/so/charts/so-sdnc-adapter/templates/deployment.yaml
index 3b3d189190..c5336cff3f 100755
--- a/kubernetes/so/charts/so-sdnc-adapter/templates/deployment.yaml
+++ b/kubernetes/so/charts/so-sdnc-adapter/templates/deployment.yaml
@@ -51,25 +51,13 @@ spec:
name: {{ include "common.release" . }}-so-db-secrets
key: mariadb.readwrite.port
- name: DB_USERNAME
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.rolename
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }}
- name: DB_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.readwrite.password
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "password") | indent 10 }}
- name: DB_ADMIN_USERNAME
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.admin.rolename
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 10 }}
- name: DB_ADMIN_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-so-db-secrets
- key: mariadb.admin.password
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 10 }}
{{- if eq .Values.global.security.aaf.enabled true }}
- name: TRUSTSTORE
value: /app/org.onap.so.trust.jks
diff --git a/kubernetes/so/charts/so-sdnc-adapter/templates/secret.yaml b/kubernetes/so/charts/so-sdnc-adapter/templates/secret.yaml
new file mode 100644
index 0000000000..bd7eb8ea40
--- /dev/null
+++ b/kubernetes/so/charts/so-sdnc-adapter/templates/secret.yaml
@@ -0,0 +1,15 @@
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/so/charts/so-sdnc-adapter/values.yaml b/kubernetes/so/charts/so-sdnc-adapter/values.yaml
index d1be03b541..b6724aaa98 100755
--- a/kubernetes/so/charts/so-sdnc-adapter/values.yaml
+++ b/kubernetes/so/charts/so-sdnc-adapter/values.yaml
@@ -24,12 +24,37 @@ global:
mountPath: /dockerdata-nfs
#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+ - uid: db-user-creds
+ type: basicAuth
+ externalSecret: '{{ .Values.db.userCredsExternalSecret }}'
+ login: '{{ .Values.db.userName }}'
+ password: '{{ .Values.db.userPassword }}'
+ passwordPolicy: required
+ - uid: db-admin-creds
+ type: basicAuth
+ externalSecret: '{{ .Values.db.adminCredsExternalSecret }}'
+ login: '{{ .Values.db.adminName }}'
+ password: '{{ .Values.db.adminPassword }}'
+ passwordPolicy: required
+
+#################################################################
# Application configuration defaults.
#################################################################
repository: nexus3.onap.org:10001
image: onap/so/sdnc-adapter:1.5.3
pullPolicy: Always
+db:
+ userName: so_user
+ userPassword: so_User123
+ # userCredsExternalSecret: some secret
+ adminName: so_admin
+ adminPassword: so_Admin123
+ # adminCredsExternalSecret: some secret
+
replicaCount: 1
minReadySeconds: 10
containerPort: 8086