diff options
Diffstat (limited to 'kubernetes')
125 files changed, 464 insertions, 4971 deletions
diff --git a/kubernetes/aai/charts/aai-champ/resources/fproxy/config/auth/tomcat_keystore b/kubernetes/aai/charts/aai-champ/resources/fproxy/config/auth/tomcat_keystore Binary files differdeleted file mode 100644 index f3ac0701a2..0000000000 --- a/kubernetes/aai/charts/aai-champ/resources/fproxy/config/auth/tomcat_keystore +++ /dev/null diff --git a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/client-cert.p12 b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/client-cert.p12 Binary files differdeleted file mode 100644 index dbf4fcacec..0000000000 --- a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/client-cert.p12 +++ /dev/null diff --git a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/uri-authorization.json b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/uri-authorization.json index 2865e01cd6..ca34049ec2 100644 --- a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/uri-authorization.json +++ b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/uri-authorization.json @@ -82,18 +82,18 @@ "permissions": [ "test\\.auth\\.access\\|services\\|GET,PUT", "\\|services\\|GET" - ] + ] }, { "uri": "\/services\/inventory\/.*", "permissions": [ - "org\\.access\\|\\*\\|\\*" - ] + "org\\.onap\\.aai\\.resources\\|\\*\\|.*" + ] }, { - "uri": "\/services\/champ-service\/.*", - "permissions": [ - "org\\.access\\|\\*\\|\\*" - ] - } + "uri": "\/services\/champ-service\/.*", + "permissions": [ + "org\\.onap\\.aai\\.resources\\|\\*\\|.*" + ] + } ] diff --git a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/cadi.properties b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/cadi.properties index 33daa73b67..1878a4de70 100644 --- a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/cadi.properties +++ b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/cadi.properties @@ -9,13 +9,27 @@ #hostname=test.aic.cip.att.com cadi_loglevel=DEBUG -cadi_keyfile=/opt/app/rproxy/config/security/keyfile +# OAuth2 +aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token +aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect + +cadi_latitude=37.78187 +cadi_longitude=-122.26147 + +# Locate URL (which AAF Env) +aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095 + +# AAF URL +aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0 + +cadi_keyfile=/opt/app/rproxy/config/security/keyfile +cadi_keystore=/opt/app/rproxy/config/auth/org.onap.aai.p12 +cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV +cadi_alias=aai@aai.onap.org cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 -# Configure AAF -aaf_url=https://{{.Values.global.aaf.serverHostname}}:{{.Values.global.aaf.serverPort}} aaf_env=DEV aaf_id=demo@people.osaaf.org diff --git a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/security/keyfile b/kubernetes/aai/charts/aai-champ/resources/rproxy/config/security/keyfile deleted file mode 100644 index 6cd12fcfb4..0000000000 --- a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/security/keyfile +++ /dev/null @@ -1,27 +0,0 @@ -bZNOXiGDJ2_eiKBKWYLIFx27URvb-SWfmOl2d-QKetcVKIupOrsG-ScS_VXOtKN3Yxfb2cR6t7oM -1RNpDnhsKAxDLM6A62IkS_h_Rp3Q9c2JeyomVmyiuHR7a2ARbelaMrX8WDrxXI_t9ce4pIHDVE29 -xiQm3Bdp7d7IiKkgg-ipvOU7Y6NEzeQbvHlHvRTJ3ZZMSwHxBOA5M8DhKN-AF1sqwozEVaNAuJxK -BVdh72A6KTW7ieb_GvVQQp8h32BuOz8oJhZV7KaGXsWTEvXg9ImboY0h7Sl9hufgn1ZtDK1jxzGm -6O6LBg1qezzZaFGTXRmHvaeYmEeYSu0bGsU4x-JCU0RyhNTzFhkhjNoccaqPXBdcJymLf096mD99 -QLS8nyji_KtLQJL1fqr500c8p6SOURLPgG6Gzkn4ghgFYlfgve92xs1R3ggHKhNTLV4HJ4O6iSDm -zCoHeRbsZR1JER9yxT-v8NtcHOMAZe1oDQeY6jVyxb-bhaonN6eZPI4nyF6MHJQtWKhGARC_kOs6 -x9E0ZdAEp5TrX7F7J5PwkXzbCOuSiTVftOBum43iUB4q9He8tn2tJ0X4LtLHT3bPl16wWnZm9RPf -8wBtTJh4QP_cTStPq1ftSaLIAuqVFpbiC2DxGemXZn3QvykuYqa-rKeYPoIJ5dtWd5rNb_hhcSIz -FakKTELb0HWYGji98TBF6PaStea2f2m-wGX_uQGD7_Dijl6AgnV9koKVs1bN1XljLtNMPbLdD8sz -UCvc5lwvCFyyeunljI7os1fgwBmaMyckflq5VfZv9kFxom6jFLbcozylQ_uBg4j7oCP79IXVUI-r -banZltOSmm8zHGc2R9UlUyxJWBi01yxwi1hUtn9g1H4RtncQpu3BY0Qvu5YLAmS5imivUnGVZWbv -6wcqnJt5HwaVatE9NHONSLNTViQPsUOutWZBZxhJtAncdZuWOYZSh4TPzUJWvt6zT0E3YMBc_UuG -yPmdLyqo7qGHR8YWRqq_vq6ISJqENMnVD6X9-BeI6KM4GPEAlDWyhgENXxQFjG45ufg3UpP8LBTB -xDntlfkphRumsd13-8IlvwVtlpgnbuCMbwP_-lNVeNJcdA1InPt79oY-SEVZ-RVM1881ZASCnFeB -lh3BTc_bGQ8YoC9s6iHtcCK_1SdbwzBfQBJUqqcYsa8hJLe-j8di7KCaFzI3a-UXWKuuWljpbKbq -ibd48UFJt_34_GxkD6bmLxycuNH-og2Sd2VcYU0o5UarcrY4-2sgFPE7Mzxovrl98uayfgNF9DqE -fJ4MwFGqLRtEHlm4zfuMxQ5Rh_giMUHDJApc1DYRkxdGbNUd4bC4aRBln2IhN-rNKbSVtiW_uT6v -1KTMGmElvktjPWybJd2SvhT5qOLUM81-cmZzAsNa04jxZLBlQn_1fel3IroVos4Ohbdhar2NG6T5 -liten9RZ9P4Cg9RWhgeQonAD5kqLWXAHnCfffb5CVcAU5PHqkCgCbdThvD0-zIGETLO9AE0jKISc -0o67CUZn3MzJ9pP_3gh-ALr2w-KAwqasqCf0igf1wmEDijv9wEDcgDm39ERIElTpGKgfyuVl4F8u -PrpK5ZfpUYySUB6CZFQVVz0MvH6E7orQk4dCKFIimV_XwEtGijBttrTvyV6xYNScAEw_olt-0mdm -8UEKSsuqSyDMxUWLjKJT19rNedahYJNtI87WR9Fhhjsrai9Or3a-srOYa56wcvSj2ZHbkevbO9Xv -dQ2wzWCGEAMQSpSr83n0XEpR2pZT19Z19Svbhr08mnt2JNykCk60FLCeDTUOylJtYw6YOjqBizQZ --85B51BCbSEaAKJkgT9-8n_-LGW5aPBrBB_9FT7UIYczNEt3B1Lqr2s4ipPI_36JecEfqaS2cNLn -c0ObAtNGAONkhO5LYLneMR3fZPMFuOX1-rMObPgE0i9dYqWDZ_30w9rpRsmiWyxYi5lvWDxU5L1J -uJxwREz3oa_VgpSC3Y2oxCufdQwzBk57iVLDOb1qs_Hwj1SWd1nukWyAo2-g5sR1folAEcao
\ No newline at end of file diff --git a/kubernetes/aai/charts/aai-champ/templates/deployment.yaml b/kubernetes/aai/charts/aai-champ/templates/deployment.yaml index aa9157fe47..537763a6db 100644 --- a/kubernetes/aai/charts/aai-champ/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-champ/templates/deployment.yaml @@ -31,12 +31,6 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} spec: - {{ if .Values.global.installSidecarSecurity }} - hostAliases: - - ip: {{ .Values.global.aaf.serverIp }} - hostnames: - - {{ .Values.global.aaf.serverHostname }} - {{ end }} initContainers: - command: - /root/ready.py @@ -163,18 +157,18 @@ spec: - name: {{ include "common.fullname" . }}-rproxy-log-config mountPath: /opt/app/rproxy/config/logback-spring.xml subPath: logback-spring.xml - - name: {{ include "common.fullname" . }}-rproxy-auth-config + - name: {{ include "common.fullname" . }}-rproxy-auth-certs mountPath: /opt/app/rproxy/config/auth/tomcat_keystore subPath: tomcat_keystore - - name: {{ include "common.fullname" . }}-rproxy-auth-config + - name: {{ include "common.fullname" . }}-rproxy-auth-certs mountPath: /opt/app/rproxy/config/auth/client-cert.p12 subPath: client-cert.p12 + - name: {{ include "common.fullname" . }}-rproxy-auth-certs + mountPath: /opt/app/rproxy/config/auth/org.onap.aai.p12 + subPath: org.onap.aai.p12 - name: {{ include "common.fullname" . }}-rproxy-auth-config mountPath: /opt/app/rproxy/config/auth/uri-authorization.json subPath: uri-authorization.json - #- name: {{ include "common.fullname" . }}-rproxy-auth-config - # mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks - # subPath: aaf_truststore.jks - name: {{ include "common.fullname" . }}-rproxy-security-config mountPath: /opt/app/rproxy/config/security/keyfile subPath: keyfile @@ -189,7 +183,9 @@ spec: - name: CONFIG_HOME value: "/opt/app/fproxy/config" - name: KEY_STORE_PASSWORD - value: {{ .Values.config.keyStorePassword }} + value: {{ .Values.config.keyStorePassword }} + - name: TRUST_STORE_PASSWORD + value: {{ .Values.config.trustStorePassword }} - name: spring_profiles_active value: {{ .Values.global.fproxy.activeSpringProfiles }} volumeMounts: @@ -199,10 +195,13 @@ spec: - name: {{ include "common.fullname" . }}-fproxy-log-config mountPath: /opt/app/fproxy/config/logback-spring.xml subPath: logback-spring.xml - - name: {{ include "common.fullname" . }}-fproxy-auth-config + - name: {{ include "common.fullname" . }}-fproxy-auth-certs mountPath: /opt/app/fproxy/config/auth/tomcat_keystore subPath: tomcat_keystore - - name: {{ include "common.fullname" . }}-fproxy-auth-config + - name: {{ include "common.fullname" . }}-fproxy-auth-certs + mountPath: /opt/app/fproxy/config/auth/fproxy_truststore + subPath: fproxy_truststore + - name: {{ include "common.fullname" . }}-fproxy-auth-certs mountPath: /opt/app/fproxy/config/auth/client-cert.p12 subPath: client-cert.p12 ports: @@ -251,18 +250,21 @@ spec: - name: {{ include "common.fullname" . }}-rproxy-auth-config secret: secretName: {{ include "common.fullname" . }}-rproxy-auth-config + - name: {{ include "common.fullname" . }}-rproxy-auth-certs + secret: + secretName: aai-rproxy-auth-certs - name: {{ include "common.fullname" . }}-rproxy-security-config secret: - secretName: {{ include "common.fullname" . }}-rproxy-security-config + secretName: aai-rproxy-security-config - name: {{ include "common.fullname" . }}-fproxy-config configMap: name: {{ include "common.fullname" . }}-fproxy-config - name: {{ include "common.fullname" . }}-fproxy-log-config configMap: name: {{ include "common.fullname" . }}-fproxy-log-config - - name: {{ include "common.fullname" . }}-fproxy-auth-config + - name: {{ include "common.fullname" . }}-fproxy-auth-certs secret: - secretName: {{ include "common.fullname" . }}-fproxy-auth-config + secretName: aai-fproxy-auth-certs {{ end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/aai/charts/aai-champ/templates/secrets.yaml b/kubernetes/aai/charts/aai-champ/templates/secrets.yaml index a0a1519c26..b0a62f63f6 100644 --- a/kubernetes/aai/charts/aai-champ/templates/secrets.yaml +++ b/kubernetes/aai/charts/aai-champ/templates/secrets.yaml @@ -42,27 +42,9 @@ data: apiVersion: v1 kind: Secret metadata: - name: {{ include "common.fullname" . }}-fproxy-auth-config - namespace: {{ include "common.namespace" . }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/fproxy/config/auth/*").AsSecrets . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: name: {{ include "common.fullname" . }}-rproxy-auth-config namespace: {{ include "common.namespace" . }} type: Opaque data: {{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-rproxy-security-config - namespace: {{ include "common.namespace" . }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/rproxy/config/security/*").AsSecrets . | indent 2 }} {{ end }}
\ No newline at end of file diff --git a/kubernetes/aai/charts/aai-champ/values.yaml b/kubernetes/aai/charts/aai-champ/values.yaml index b865b0050e..b1ce34dd1d 100644 --- a/kubernetes/aai/charts/aai-champ/values.yaml +++ b/kubernetes/aai/charts/aai-champ/values.yaml @@ -33,6 +33,7 @@ flavor: small config: keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 + trustStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 # default number of instances replicaCount: 1 diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/client-cert.p12 b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/client-cert.p12 Binary files differdeleted file mode 100644 index dbf4fcacec..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/client-cert.p12 +++ /dev/null diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/tomcat_keystore b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/tomcat_keystore Binary files differdeleted file mode 100644 index 99129c145f..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/tomcat_keystore +++ /dev/null diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json index e468b3d7bd..54d5de2721 100644 --- a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json +++ b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/auth/uri-authorization.json @@ -82,18 +82,18 @@ "permissions": [ "test\\.auth\\.access\\|services\\|GET,PUT", "\\|services\\|GET" - ] + ] }, { "uri": "\/services\/inventory\/.*", "permissions": [ - "org\\.access\\|\\*\\|\\*" - ] + "org\\.onap\\.aai\\.resources\\|\\*\\|.*" + ] }, { "uri": "\/services\/gizmo\/.*", "permissions": [ - "org\\.access\\|\\*\\|\\*" - ] + "org\\.onap\\.aai\\.resources\\|\\*\\|.*" + ] } ] diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties index a82e38caf6..51ac56a88d 100644 --- a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties +++ b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/cadi.properties @@ -9,17 +9,31 @@ #hostname=test.aic.cip.att.com cadi_loglevel=DEBUG -cadi_keyfile=/opt/app/rproxy/config/security/keyfile +# OAuth2 +aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token +aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect + +cadi_latitude=37.78187 +cadi_longitude=-122.26147 + +# Locate URL (which AAF Env) +aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095 + +# AAF URL +aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0 + +cadi_keyfile=/opt/app/rproxy/config/security/keyfile +cadi_keystore=/opt/app/rproxy/config/auth/org.onap.aai.p12 +cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV +cadi_alias=aai@aai.onap.org cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 -# Configure AAF -aaf_url=https://{{.Values.global.aaf.serverHostname}}:{{.Values.global.aaf.serverPort}} aaf_env=DEV aaf_id=demo@people.osaaf.org aaf_password=enc:92w4px0y_rrm265LXLpw58QnNPgDXykyA1YTrflbAKz # This is a colon separated list of client cert issuers -cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA +cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA
\ No newline at end of file diff --git a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/security/keyfile b/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/security/keyfile deleted file mode 100644 index 6cd12fcfb4..0000000000 --- a/kubernetes/aai/charts/aai-gizmo/resources/rproxy/config/security/keyfile +++ /dev/null @@ -1,27 +0,0 @@ -bZNOXiGDJ2_eiKBKWYLIFx27URvb-SWfmOl2d-QKetcVKIupOrsG-ScS_VXOtKN3Yxfb2cR6t7oM -1RNpDnhsKAxDLM6A62IkS_h_Rp3Q9c2JeyomVmyiuHR7a2ARbelaMrX8WDrxXI_t9ce4pIHDVE29 -xiQm3Bdp7d7IiKkgg-ipvOU7Y6NEzeQbvHlHvRTJ3ZZMSwHxBOA5M8DhKN-AF1sqwozEVaNAuJxK -BVdh72A6KTW7ieb_GvVQQp8h32BuOz8oJhZV7KaGXsWTEvXg9ImboY0h7Sl9hufgn1ZtDK1jxzGm -6O6LBg1qezzZaFGTXRmHvaeYmEeYSu0bGsU4x-JCU0RyhNTzFhkhjNoccaqPXBdcJymLf096mD99 -QLS8nyji_KtLQJL1fqr500c8p6SOURLPgG6Gzkn4ghgFYlfgve92xs1R3ggHKhNTLV4HJ4O6iSDm -zCoHeRbsZR1JER9yxT-v8NtcHOMAZe1oDQeY6jVyxb-bhaonN6eZPI4nyF6MHJQtWKhGARC_kOs6 -x9E0ZdAEp5TrX7F7J5PwkXzbCOuSiTVftOBum43iUB4q9He8tn2tJ0X4LtLHT3bPl16wWnZm9RPf -8wBtTJh4QP_cTStPq1ftSaLIAuqVFpbiC2DxGemXZn3QvykuYqa-rKeYPoIJ5dtWd5rNb_hhcSIz -FakKTELb0HWYGji98TBF6PaStea2f2m-wGX_uQGD7_Dijl6AgnV9koKVs1bN1XljLtNMPbLdD8sz -UCvc5lwvCFyyeunljI7os1fgwBmaMyckflq5VfZv9kFxom6jFLbcozylQ_uBg4j7oCP79IXVUI-r -banZltOSmm8zHGc2R9UlUyxJWBi01yxwi1hUtn9g1H4RtncQpu3BY0Qvu5YLAmS5imivUnGVZWbv -6wcqnJt5HwaVatE9NHONSLNTViQPsUOutWZBZxhJtAncdZuWOYZSh4TPzUJWvt6zT0E3YMBc_UuG -yPmdLyqo7qGHR8YWRqq_vq6ISJqENMnVD6X9-BeI6KM4GPEAlDWyhgENXxQFjG45ufg3UpP8LBTB -xDntlfkphRumsd13-8IlvwVtlpgnbuCMbwP_-lNVeNJcdA1InPt79oY-SEVZ-RVM1881ZASCnFeB -lh3BTc_bGQ8YoC9s6iHtcCK_1SdbwzBfQBJUqqcYsa8hJLe-j8di7KCaFzI3a-UXWKuuWljpbKbq -ibd48UFJt_34_GxkD6bmLxycuNH-og2Sd2VcYU0o5UarcrY4-2sgFPE7Mzxovrl98uayfgNF9DqE -fJ4MwFGqLRtEHlm4zfuMxQ5Rh_giMUHDJApc1DYRkxdGbNUd4bC4aRBln2IhN-rNKbSVtiW_uT6v -1KTMGmElvktjPWybJd2SvhT5qOLUM81-cmZzAsNa04jxZLBlQn_1fel3IroVos4Ohbdhar2NG6T5 -liten9RZ9P4Cg9RWhgeQonAD5kqLWXAHnCfffb5CVcAU5PHqkCgCbdThvD0-zIGETLO9AE0jKISc -0o67CUZn3MzJ9pP_3gh-ALr2w-KAwqasqCf0igf1wmEDijv9wEDcgDm39ERIElTpGKgfyuVl4F8u -PrpK5ZfpUYySUB6CZFQVVz0MvH6E7orQk4dCKFIimV_XwEtGijBttrTvyV6xYNScAEw_olt-0mdm -8UEKSsuqSyDMxUWLjKJT19rNedahYJNtI87WR9Fhhjsrai9Or3a-srOYa56wcvSj2ZHbkevbO9Xv -dQ2wzWCGEAMQSpSr83n0XEpR2pZT19Z19Svbhr08mnt2JNykCk60FLCeDTUOylJtYw6YOjqBizQZ --85B51BCbSEaAKJkgT9-8n_-LGW5aPBrBB_9FT7UIYczNEt3B1Lqr2s4ipPI_36JecEfqaS2cNLn -c0ObAtNGAONkhO5LYLneMR3fZPMFuOX1-rMObPgE0i9dYqWDZ_30w9rpRsmiWyxYi5lvWDxU5L1J -uJxwREz3oa_VgpSC3Y2oxCufdQwzBk57iVLDOb1qs_Hwj1SWd1nukWyAo2-g5sR1folAEcao
\ No newline at end of file diff --git a/kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml b/kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml index 0a30388279..ba90fdc76b 100644 --- a/kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-gizmo/templates/deployment.yaml @@ -32,11 +32,6 @@ spec: release: {{ .Release.Name }} spec: {{ if .Values.global.installSidecarSecurity }} - hostAliases: - - ip: {{ .Values.global.aaf.serverIp }} - hostnames: - - {{ .Values.global.aaf.serverHostname }} - initContainers: - name: {{ .Values.global.tproxyConfig.name }} image: "{{ include "common.repository" . }}/{{ .Values.global.tproxyConfig.image }}" @@ -154,18 +149,18 @@ spec: - name: {{ include "common.fullname" . }}-rproxy-log-config mountPath: /opt/app/rproxy/config/logback-spring.xml subPath: logback-spring.xml - - name: {{ include "common.fullname" . }}-rproxy-auth-config + - name: {{ include "common.fullname" . }}-rproxy-auth-certs mountPath: /opt/app/rproxy/config/auth/tomcat_keystore subPath: tomcat_keystore - - name: {{ include "common.fullname" . }}-rproxy-auth-config + - name: {{ include "common.fullname" . }}-rproxy-auth-certs mountPath: /opt/app/rproxy/config/auth/client-cert.p12 subPath: client-cert.p12 + - name: {{ include "common.fullname" . }}-rproxy-auth-certs + mountPath: /opt/app/rproxy/config/auth/org.onap.aai.p12 + subPath: org.onap.aai.p12 - name: {{ include "common.fullname" . }}-rproxy-auth-config mountPath: /opt/app/rproxy/config/auth/uri-authorization.json subPath: uri-authorization.json - - name: {{ include "common.fullname" . }}-rproxy-auth-config - mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks - subPath: aaf_truststore.jks - name: {{ include "common.fullname" . }}-rproxy-security-config mountPath: /opt/app/rproxy/config/security/keyfile subPath: keyfile @@ -181,6 +176,8 @@ spec: value: "/opt/app/fproxy/config" - name: KEY_STORE_PASSWORD value: {{ .Values.config.keyStorePassword }} + - name: TRUST_STORE_PASSWORD + value: {{ .Values.config.trustStorePassword }} - name: spring_profiles_active value: {{ .Values.global.fproxy.activeSpringProfiles }} volumeMounts: @@ -190,10 +187,13 @@ spec: - name: {{ include "common.fullname" . }}-fproxy-log-config mountPath: /opt/app/fproxy/config/logback-spring.xml subPath: logback-spring.xml - - name: {{ include "common.fullname" . }}-fproxy-auth-config + - name: {{ include "common.fullname" . }}-fproxy-auth-certs mountPath: /opt/app/fproxy/config/auth/tomcat_keystore subPath: tomcat_keystore - - name: {{ include "common.fullname" . }}-fproxy-auth-config + - name: {{ include "common.fullname" . }}-fproxy-auth-certs + mountPath: /opt/app/fproxy/config/auth/fproxy_truststore + subPath: fproxy_truststore + - name: {{ include "common.fullname" . }}-fproxy-auth-certs mountPath: /opt/app/fproxy/config/auth/client-cert.p12 subPath: client-cert.p12 ports: @@ -245,18 +245,21 @@ spec: - name: {{ include "common.fullname" . }}-rproxy-auth-config secret: secretName: {{ include "common.fullname" . }}-rproxy-auth-config + - name: {{ include "common.fullname" . }}-rproxy-auth-certs + secret: + secretName: aai-rproxy-auth-certs - name: {{ include "common.fullname" . }}-rproxy-security-config secret: - secretName: {{ include "common.fullname" . }}-rproxy-security-config + secretName: aai-rproxy-security-config - name: {{ include "common.fullname" . }}-fproxy-config configMap: name: {{ include "common.fullname" . }}-fproxy-config - name: {{ include "common.fullname" . }}-fproxy-log-config configMap: name: {{ include "common.fullname" . }}-fproxy-log-config - - name: {{ include "common.fullname" . }}-fproxy-auth-config + - name: {{ include "common.fullname" . }}-fproxy-auth-certs secret: - secretName: {{ include "common.fullname" . }}-fproxy-auth-config + secretName: aai-fproxy-auth-certs {{ end }} imagePullSecrets: diff --git a/kubernetes/aai/charts/aai-gizmo/templates/secrets.yaml b/kubernetes/aai/charts/aai-gizmo/templates/secrets.yaml index 7db76055d1..96c3424476 100644 --- a/kubernetes/aai/charts/aai-gizmo/templates/secrets.yaml +++ b/kubernetes/aai/charts/aai-gizmo/templates/secrets.yaml @@ -46,27 +46,9 @@ data: apiVersion: v1 kind: Secret metadata: - name: {{ include "common.fullname" . }}-fproxy-auth-config - namespace: {{ include "common.namespace" . }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/fproxy/config/auth/*").AsSecrets . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: name: {{ include "common.fullname" . }}-rproxy-auth-config namespace: {{ include "common.namespace" . }} type: Opaque data: {{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-rproxy-security-config - namespace: {{ include "common.namespace" . }} -type: Opaque -data: -{{ tpl (.Files.Glob "resources/rproxy/config/security/*").AsSecrets . | indent 2 }} {{ end }} diff --git a/kubernetes/aai/charts/aai-gizmo/values.yaml b/kubernetes/aai/charts/aai-gizmo/values.yaml index 599bc5548f..420e59879e 100644 --- a/kubernetes/aai/charts/aai-gizmo/values.yaml +++ b/kubernetes/aai/charts/aai-gizmo/values.yaml @@ -29,6 +29,7 @@ flavor: small config: keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 + trustStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 # default number of instances replicaCount: 1 diff --git a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/client-cert.p12 b/kubernetes/aai/resources/config/fproxy/auth/client-cert.p12 Binary files differindex 7a4979a7a3..7a4979a7a3 100644 --- a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/client-cert.p12 +++ b/kubernetes/aai/resources/config/fproxy/auth/client-cert.p12 diff --git a/kubernetes/aai/resources/config/fproxy/auth/fproxy_truststore b/kubernetes/aai/resources/config/fproxy/auth/fproxy_truststore Binary files differnew file mode 100644 index 0000000000..f6ebc75ed8 --- /dev/null +++ b/kubernetes/aai/resources/config/fproxy/auth/fproxy_truststore diff --git a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/tomcat_keystore b/kubernetes/aai/resources/config/fproxy/auth/tomcat_keystore Binary files differindex 9eec841aa2..9eec841aa2 100644 --- a/kubernetes/aai/charts/aai-gizmo/resources/fproxy/config/auth/tomcat_keystore +++ b/kubernetes/aai/resources/config/fproxy/auth/tomcat_keystore diff --git a/kubernetes/aai/charts/aai-champ/resources/fproxy/config/auth/client-cert.p12 b/kubernetes/aai/resources/config/rproxy/auth/client-cert.p12 Binary files differindex dbf4fcacec..dbf4fcacec 100644 --- a/kubernetes/aai/charts/aai-champ/resources/fproxy/config/auth/client-cert.p12 +++ b/kubernetes/aai/resources/config/rproxy/auth/client-cert.p12 diff --git a/kubernetes/aai/resources/config/rproxy/auth/org.onap.aai.p12 b/kubernetes/aai/resources/config/rproxy/auth/org.onap.aai.p12 Binary files differnew file mode 100644 index 0000000000..023e2eaac6 --- /dev/null +++ b/kubernetes/aai/resources/config/rproxy/auth/org.onap.aai.p12 diff --git a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/tomcat_keystore b/kubernetes/aai/resources/config/rproxy/auth/tomcat_keystore Binary files differindex 99129c145f..99129c145f 100644 --- a/kubernetes/aai/charts/aai-champ/resources/rproxy/config/auth/tomcat_keystore +++ b/kubernetes/aai/resources/config/rproxy/auth/tomcat_keystore diff --git a/kubernetes/aai/resources/config/rproxy/security/keyfile b/kubernetes/aai/resources/config/rproxy/security/keyfile new file mode 100644 index 0000000000..3416d4a737 --- /dev/null +++ b/kubernetes/aai/resources/config/rproxy/security/keyfile @@ -0,0 +1,27 @@ +2otP92kNFHdexroZxvgYY7ffslFiwCD3CiVYMIfUF2edqZK7972NwkvE_mbaBo6jh8lByLIqrWAf +jyzoiVsvQ_kCa0cS1xaRLpcxv3bx1b7o3hGPBqpd6vmSG4y2JLzNlCBZWuTJz827wr8p_fWrYuUm +4L1WoaEe8W5PRnXjl4hDqbJBAlEoRIBXugUDt_7O5wgx2Rl3HVoOczZtf0RzONZ1F0BmKf3QlAUe +moSbARitYRgIPt5sLbT7qPyoEpGDhQ1XBowR744-wsjBc-14yO62Ajp5xWKTp15uWn3_HHuw1SAf +GWSBRGlSlEVkXQqi9Hw5jDttKVzHX1ckwR0SQOirbtHPHplxPX3WKjKhSdSeMzw6LOAHIQYRMKBT +74oGnULAfPtV7TaGwOKriT3P49CoPdt9On89-LGyCZSxDWKH0K-rgB6I2_hPT2Uzr3jmXiMa-sfh +iMvyQ7ABBVx0OFsUuNb5mcU2O6dWiQreL5RerrloV_X3ZtnNjxENXKjQ5KBR1A5ISPjFFK-kf4Rb +p6FSII8LcsiqgdWuZ4GX_C6x8HX4A-vD0x3Uc9CfoXY-k23cNIy-R-W-oB-P2OgdWDNgZ7VaOLNt +3L-NwWpNblfYvs93cNmkbVAwCZ3r0OP7RFeuON84TRaynK_Fh2S3rypRyJcUmM1pvpZqJ5_-umSW +hUs1OqkdLv3xjlVzzK-3nMr0q3Zcyp4XdyLYtcX5I3Xqk9ZcsyAT7ghmHhV8KjUjue7OcfAWg0m7 +RJLGq6VC8HeK4HEMa4lF677Qh7DRufghIDEmQSIDfGA790WGSA8HqcOvAL4hURCHyCWiPa5i8ksX +xX4HyqF8PCVCLJ_ZhzcuIlc0jStAexWbJU_vcyX7XgUaHCkF-M-zv1FP6Z3DHBMD2QqSWjmyNCCk +8sIuwzs62P_j2o9jG33kssedCrUWOwZancU107-5H0Zw-UWvtCqUfmRZ7TsEbWY7lk_SKfLfAN5q +ncOQgU_VxDXUFDST4LN_WVECRafK3UtwWomxWSji25Lbf6NVni3ok-yLMDZR-wrE-54jLPES9j0i +5N0xrk9CfsvGUpUZ1_XQcgaxI6m27DtCCJXb5ywenPBiUIJCMCTq88CqNZxGpju2i4BJcUH2hUHe +GKhO8pgslwhtEVot9EDwdzSrJkWFCfb6ud4zMxrqdi7-mLWMOydg6lhpEFEX5wu2BLIujGsZlEGE +_K9jGfBypjXuJCKDZIuPfEnf_7idjKis_JcFB7x4Hx2HHDcBjlWWFZN_VIEnPkQSyZEC26RTFP3k +zkY3GwUfA36a4XW2pu3gE9wz-W6fkONfzOZ6YiyCm_dRFUVuGSdJG02Hh5iXYlMOGJltPzWH2jVf +S-QTOmXQTKSOheXoJO6O-9uQbsRf-kq-6w1pvIOp4ms35w4_0Xj0Xr2a9y-L9PdBZvrUsa-jxsZU +LyA-YY4Ej6QwDBDTD2MGjF1E5_ekYgjoNlltM9rJjofruM4ym0n7LPHC7YXXQSEFOZYeTKi6wUDw +hQ1DoWHgu4PQ2lexada8sxQdConbPe2iW16h-PrO5D12E4XbT00fqaMlBmjQwzdNRdCC2NRPIQ5W +nwaO8dZ9yjxsjT7ZVHb9-DRblb3XDocponzxVXqUGtJAie4WXQnerX0ApTWGaHEr5y56JJVS_3LP +bKrbXBXcs4jTUX4ECXRrOs8JQDQNysXhvTPCu0XUxNZpjx6KLxDs93k2OcESHjl5J6n6OKKJqqoN +JEyFO5LGXpnmUJbn0-CaHHPRI1mHwEu4brY8wDZd9A0PD1KGXDoCHMfEk1lGblQdyOcVrXZ6uSBk +Z6zHDnwSCHO1mPYqtelJQehZoFuPSv9PIgKLxs_qJOtZFnXII5YO1mGXgiIBWBjUFDR5HG4ENS6y +J4MCF-JLMp-PVMAkOaCIQRRDpRnMm_fT1sc_P562Diu_pcdt-r55pMFQYGoGfjRmxQBKk0-SsdnP +mlZIiis9DfQEN0q3QQdNRYBJD7tmhUwhAPZdLgXqJA8sZf8UyFQhhpsky79NT343YL9smUlF
\ No newline at end of file diff --git a/kubernetes/aai/templates/configmap.yaml b/kubernetes/aai/templates/configmap.yaml index a23ed5fdc7..651bf8dbba 100644 --- a/kubernetes/aai/templates/configmap.yaml +++ b/kubernetes/aai/templates/configmap.yaml @@ -72,4 +72,32 @@ type: Opaque data: {{ tpl (.Files.Glob "resources/config/aai/*").AsSecrets . | indent 2 }} - +{{ if .Values.global.installSidecarSecurity }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: aai-fproxy-auth-certs + namespace: {{ include "common.namespace" . }} +type: Opaque +data: +{{ tpl (.Files.Glob "resources/config/fproxy/auth/*").AsSecrets . | indent 2 }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: aai-rproxy-auth-certs + namespace: {{ include "common.namespace" . }} +type: Opaque +data: +{{ tpl (.Files.Glob "resources/config/rproxy/auth/*").AsSecrets . | indent 2 }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: aai-rproxy-security-config + namespace: {{ include "common.namespace" . }} +type: Opaque +data: +{{ tpl (.Files.Glob "resources/config/rproxy/security/*").AsSecrets . | indent 2 }} +{{ end }}
\ No newline at end of file diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/Chart.yaml b/kubernetes/common/blueprints-processor/Chart.yaml index 9e4a05d3b8..a10c688fb2 100644..100755 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/Chart.yaml +++ b/kubernetes/common/blueprints-processor/Chart.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright (c) 2019 IBM, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,6 +13,6 @@ # limitations under the License. apiVersion: v1 -description: DMaaP Data Router MariaDB Instance -name: dmaap-dr-db -version: 1.0 +description: Blueprints Processor Micro Service +name: blueprints-processor +version: 3.0.0
\ No newline at end of file diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/requirements.yaml b/kubernetes/common/blueprints-processor/requirements.yaml index 9f44c6df28..6f520322f5 100644..100755 --- a/kubernetes/vvp/charts/vvp-em-uwsgi/requirements.yaml +++ b/kubernetes/common/blueprints-processor/requirements.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada +# Copyright (c) 2019 IBM, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,6 +13,9 @@ # limitations under the License. dependencies: + - name: mariadb-galera + version: ~3.0.0 + repository: file://../mariadb-galera/ - name: common version: ~3.0.0 - repository: '@local' + repository: '@local'
\ No newline at end of file diff --git a/kubernetes/common/blueprints-processor/resources/config/application.properties b/kubernetes/common/blueprints-processor/resources/config/application.properties new file mode 100755 index 0000000000..9d1c957b8f --- /dev/null +++ b/kubernetes/common/blueprints-processor/resources/config/application.properties @@ -0,0 +1,34 @@ +# Copyright (c) 2019 IBM, Bell Canada.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#logging.level.web=DEBUG
+appName={{.Values.config.applicationName}}
+ms_name={{.Values.config.msName}}
+appVersion={{.Values.config.bundleVersion}}
+blueprintsprocessor.grpcEnable={{.Values.config.grpcEnabled}}
+blueprintsprocessor.httpPort={{.Values.service.http.internalPort}}
+blueprintsprocessor.grpcPort={{.Values.service.grpc.internalPort}}
+#Blueprint Processor File Execution and Handling Properties
+blueprintsprocessor.blueprintDeployPath=/opt/app/onap/blueprints/deploy
+blueprintsprocessor.blueprintArchivePath=/opt/app/onap/blueprints/archive
+#Primary Database Configuration
+blueprintsprocessor.db.primary.url=jdbc:mysql://blueprints-processor-db:3306/sdnctl
+blueprintsprocessor.db.primary.username=sdnctl
+blueprintsprocessor.db.primary.password=sdnctl
+blueprintsprocessor.db.primary.driverClassName=org.mariadb.jdbc.Driver
+blueprintsprocessor.db.primary.hibernateHbm2ddlAuto=update
+blueprintsprocessor.db.primary.hibernateDDLAuto=update
+blueprintsprocessor.db.primary.hibernateNamingStrategy=org.hibernate.cfg.ImprovedNamingStrategy
+blueprintsprocessor.db.primary.hibernateDialect=org.hibernate.dialect.MySQL5InnoDBDialect
+# Web server config
+server.port=8080
\ No newline at end of file diff --git a/kubernetes/common/blueprints-processor/resources/config/logback.xml b/kubernetes/common/blueprints-processor/resources/config/logback.xml new file mode 100755 index 0000000000..b73db7145f --- /dev/null +++ b/kubernetes/common/blueprints-processor/resources/config/logback.xml @@ -0,0 +1,44 @@ +<!-- + ~ Copyright (c) 2017-2018 AT&T Intellectual Property. + ~ + ~ Licensed under the Apache License, Version 2.0 (the "License"); + ~ you may not use this file except in compliance with the License. + ~ You may obtain a copy of the License at + ~ + ~ http://www.apache.org/licenses/LICENSE-2.0 + ~ + ~ Unless required by applicable law or agreed to in writing, software + ~ distributed under the License is distributed on an "AS IS" BASIS, + ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + ~ See the License for the specific language governing permissions and + ~ limitations under the License. + --> + +<configuration> + + <property name="localPattern" value="%d{HH:mm:ss.SSS} %-5level %logger{100} - %msg%n" /> + + <property name="defaultPattern" value="%date{ISO8601,UTC}|%X{RequestID}|%X{ServiceInstanceId}|%thread|%X{VirtualServerName}|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Timer}| %msg%n" /> + + <property name="debugLoggerPattern" value="%date{ISO8601,UTC}|%X{RequestID}|%X{ServiceInstanceId}|%thread|%X{VirtualServerName}|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Timer}|[%caller{3}]| %msg%n" /> + + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <!-- encoders are assigned the type + ch.qos.logback.classic.encoder.PatternLayoutEncoder by default --> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + + + <logger name="org.springframework" level="info"/> + <logger name="org.springframework.web" level="info"/> + <logger name="org.springframework.security.web.authentication" level="warn"/> + <logger name="org.hibernate" level="error"/> + <logger name="org.onap.ccsdk.apps" level="info"/> + + <root level="warn"> + <appender-ref ref="STDOUT"/> + </root> + +</configuration> diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/templates/configmap.yaml b/kubernetes/common/blueprints-processor/templates/configmap.yaml index 1163973c28..873acee237 100644..100755 --- a/kubernetes/vvp/charts/vvp-em-uwsgi/templates/configmap.yaml +++ b/kubernetes/common/blueprints-processor/templates/configmap.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada +# Copyright (c) 2019 IBM, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-settings + name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} data: -{{ tpl (.Files.Glob "resources/config/em/*").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/deployment.yaml b/kubernetes/common/blueprints-processor/templates/deployment.yaml index bf544916ef..5629913826 100644..100755 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/deployment.yaml +++ b/kubernetes/common/blueprints-processor/templates/deployment.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright (c) 2019 IBM, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -30,52 +30,59 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - {{ index .Values "mariadb-galera" "nameOverride" }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: APP_CONFIG_HOME + value: {{ .Values.config.appConfigDir }} ports: - - containerPort: {{.Values.global.config.mariadb.internalPort}} + - containerPort: {{ .Values.service.http.internalPort }} + {{ if .Values.config.grpcEnabled }} + - containerPort: {{ .Values.service.grpc.internalPort }} + {{ end }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - args: - - --lower-case-table-names=1 - - --wait_timeout=28800 + {{ if .Values.liveness.enabled }} livenessProbe: - tcpSocket: - port: {{.Values.global.config.mariadb.internalPort}} + httpGet: + path: /api/v1/execution-service/ping + port: {{ .Values.service.http.internalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} + {{ end }} readinessProbe: - tcpSocket: - port: {{.Values.global.config.mariadb.internalPort}} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - env: - - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-secret - key: db-root-password - - name: MYSQL_USER - value: {{.Values.global.config.mariadb.userName}} - - name: MYSQL_DATABASE - value: {{.Values.global.config.mariadb.mysqlDatabase}} - - name: MYSQL_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "common.fullname" . }}-secret - key: db-user-password + httpGet: + path: /api/v1/execution-service/ping + port: {{ .Values.service.http.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} volumeMounts: - - mountPath: /docker-entrypoint-initdb.d/sql_init_01.sql - name: docker-entrypoint-initdb - subPath: sql_init_01.sql - - mountPath: /etc/mysql/conf.d - name: mariadb-conf - - mountPath: /var/lib/mysql - name: mariadb-data + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: {{ .Values.config.appConfigDir }}/application.properties + name: {{ include "common.fullname" . }}-config + subPath: application.properties + - mountPath: {{ .Values.config.appConfigDir }}/logback.xml + name: {{ include "common.fullname" . }}-config + subPath: logback.xml resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -90,18 +97,13 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: docker-entrypoint-initdb - configMap: - name: {{ include "common.fullname" . }}-mdb-initd-configmap - - name: mariadb-conf + - name: {{ include "common.fullname" . }}-config configMap: - name: {{ include "common.fullname" . }}-mdb-configmap - - name: mariadb-data - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }} - {{- else }} - emptyDir: {} - {{- end }} + name: {{ include "common.fullname" . }}-configmap + items: + - key: application.properties + path: application.properties + - key: logback.xml + path: logback.xml imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/secrets.yaml b/kubernetes/common/blueprints-processor/templates/secrets.yaml index bc93b9ecc9..f21363d087 100644..100755 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/secrets.yaml +++ b/kubernetes/common/blueprints-processor/templates/secrets.yaml @@ -1,4 +1,4 @@ -# Copyright © 2017 Amdocs, Bell Canada +# Copyright (c) 2019 IBM, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,14 +15,13 @@ apiVersion: v1 kind: Secret metadata: - name: {{ include "common.fullname" . }}-secret + name: {{ include "common.fullname" . }} namespace: {{ include "common.namespace" . }} labels: - app: {{ include "common.name" . }} + app: {{ include "common.fullname" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} type: Opaque data: - db-root-password: {{ .Values.global.config.mariadb.mariadbRootPassword | b64enc | quote }} - db-user-password: {{ .Values.global.config.mariadb.userPassword | b64enc | quote }} + db-root-password: {{ index .Values "mariadb-galera" "config" "mariadbRootPassword" | b64enc | quote }} diff --git a/kubernetes/vvp/charts/vvp-redis/templates/service.yaml b/kubernetes/common/blueprints-processor/templates/service.yaml index e46ab4b030..4c1c32c1ed 100644..100755 --- a/kubernetes/vvp/charts/vvp-redis/templates/service.yaml +++ b/kubernetes/common/blueprints-processor/templates/service.yaml @@ -1,4 +1,4 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada +# Copyright (c) 2019 IBM, Bell Canada # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,16 +19,27 @@ metadata: namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: spec: type: {{ .Values.service.type }} ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - {{- end}} + - port: {{ .Values.service.http.externalPort }} + targetPort: {{ .Values.service.http.internalPort }} + {{- if eq .Values.service.type "NodePort"}} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + {{- end}} + name: {{ .Values.service.portName | default "http" }} + {{- if .Values.config.grpcEnabled}} + - port: {{ .Values.service.grpc.externalPort }} + targetPort: {{ .Values.service.grpc.internalPort }} + {{- if eq .Values.service.type "NodePort"}} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + {{- end}} name: {{ .Values.service.portName | default "http" }} + {{- end}} selector: app: {{ include "common.name" . }} + release: {{ .Release.Name }}
\ No newline at end of file diff --git a/kubernetes/common/blueprints-processor/values.yaml b/kubernetes/common/blueprints-processor/values.yaml new file mode 100755 index 0000000000..2edcc8a4ec --- /dev/null +++ b/kubernetes/common/blueprints-processor/values.yaml @@ -0,0 +1,126 @@ +# Copyright (c) 2019 IBM, Bell Canada +# +# Modifications Copyright (c) 2019 Bell Canada. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + # Change to an unused port prefix range to prevent port conflicts + # with other instances running within the same k8s cluster + nodePortPrefix: 302 + + # image repositories + repository: nexus3.onap.org:10001 + + # readiness check + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + + # image pull policy + pullPolicy: Always + + persistence: + mountPath: /dockerdata-nfs + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/ccsdk-blueprintsprocessor:0.4.1 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +config: + applicationName: BlueprintsProcessor + msName: "org.onap.ccsdk.apps.blueprintsprocessor" + bundleVersion: "1.0.0" + appConfigDir: /opt/app/onap/config + grpcEnabled: false + stickySelectorKey: + envContext: DEV + +mariadb-galera: + config: + userName: sdnctl + userPassword: sdnctl + mariadbRootPassword: sdnctl + mysqlDatabase: sdnctl + nameOverride: blueprints-processor-db + service: + name: blueprints-processor-db + portName: bp-db + replicaCount: 1 + persistence: + enabled: true + mountSubPath: blueprints-processor/data + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: ClusterIP + portName: blueprints-processor + http: + internalPort: 8080 + externalPort: 8080 + grpc: + internalPort: 9111 + externalPort: 9111 + +persistence: + enabled: true + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml b/kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml index 6d7b7c363d..47a6f8ddb9 100644 --- a/kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml +++ b/kubernetes/dmaap/charts/dmaap-bus-controller/values.yaml @@ -31,7 +31,7 @@ pullPolicy: Always # application images repository: nexus3.onap.org:10001 -image: onap/dmaap/buscontroller:1.0.25 +image: onap/dmaap/buscontroller:1.0.26 # application configuration diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/.helmignore b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/.helmignore deleted file mode 100644 index f0c1319444..0000000000 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/resources/config/mariadb/conf.d/mariadb1.cnf b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/resources/config/mariadb/conf.d/mariadb1.cnf deleted file mode 100644 index ff2c63740b..0000000000 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/resources/config/mariadb/conf.d/mariadb1.cnf +++ /dev/null @@ -1,193 +0,0 @@ -# Example MySQL config file for medium systems. -# -# This is for a system with memory 8G where MySQL plays -# an important part, or systems up to 128M where MySQL is used together with -# other programs (such as a web server) -# -# In this file, you can use all long options that a program supports. -# If you want to know which options a program supports, run the program -# with the "--help" option. - -# The following options will be passed to all MySQL clients -##[client] -##user = root -##port = 3306 -##socket = //opt/app/mysql/mysql.sock - -# Here follows entries for some specific programs - -# The MySQL server -[mysqld] -##performance_schema - -slow_query_log =ON -long_query_time =2 -slow_query_log_file =//var/lib/mysql/slow_query.log - -skip-external-locking -explicit_defaults_for_timestamp = true -skip-symbolic-links -local-infile = 0 -key_buffer_size = 16M -max_allowed_packet = 4M -table_open_cache = 100 -sort_buffer_size = 512K -net_buffer_length = 8K -read_buffer_size = 256K -read_rnd_buffer_size = 512K -myisam_sort_buffer_size = 8M -max_connections = 300 -lower_case_table_names = 1 -thread_stack = 256K -thread_cache_size = 25 -query_cache_size = 8M -query_cache_type = 0 -query_prealloc_size = 512K -query_cache_limit = 1M - -# Password validation -##plugin-load-add=simple_password_check.so -##simple_password_check_other_characters=0 - -# Audit Log settings -plugin-load-add=server_audit.so -server_audit=FORCE_PLUS_PERMANENT -server_audit_file_path=//var/lib/mysql/audit.log -server_audit_file_rotate_size=50M -server_audit_events=CONNECT,QUERY,TABLE -server_audit_logging=on - -# Don't listen on a TCP/IP port at all. This can be a security enhancement, -# if all processes that need to connect to mysqld run on the same host. -# All interaction with mysqld must be made via Unix sockets or named pipes. -# Note that using this option without enabling named pipes on Windows -# (via the "enable-named-pipe" option) will render mysqld useless! -# -#skip-networking - -# Replication Master Server (default) -# binary logging is required for replication -##log-bin=//var/lib/mysql/mysql-bin - -# binary logging format - mixed recommended -binlog_format=row - -# required unique id between 1 and 2^32 - 1 -# defaults to 1 if master-host is not set -# but will not function as a master if omitted - -# Replication Slave (comment out master section to use this) -# -# To configure this host as a replication slave, you can choose between -# two methods : -# -# 1) Use the CHANGE MASTER TO command (fully described in our manual) - -# the syntax is: -# -# CHANGE MASTER TO MASTER_HOST=<host>, MASTER_PORT=<port>, -# MASTER_USER=<user>, MASTER_PASSWORD=<password> ; -# -# where you replace <host>, <user>, <password> by quoted strings and -# <port> by the master's port number (3306 by default). -# -# Example: -# -# CHANGE MASTER TO MASTER_HOST='125.564.12.1', MASTER_PORT=3306, -# MASTER_USER='joe', MASTER_PASSWORD='secret'; -# -# OR -# -# 2) Set the variables below. However, in case you choose this method, then -# start replication for the first time (even unsuccessfully, for example -# if you mistyped the password in master-password and the slave fails to -# connect), the slave will create a master.info file, and any later -# change in this file to the variables' values below will be ignored and -# overridden by the content of the master.info file, unless you shutdown -# the slave server, delete master.info and restart the slaver server. -# For that reason, you may want to leave the lines below untouched -# (commented) and instead use CHANGE MASTER TO (see above) -# -# required unique id between 2 and 2^32 - 1 -# (and different from the master) -# defaults to 2 if master-host is set -# but will not function as a slave if omitted -#server-id = 2 -# -# The replication master for this slave - required -#master-host = <hostname> -# -# The username the slave will use for authentication when connecting -# to the master - required -#master-user = <username> -# -# The password the slave will authenticate with when connecting to -# the master - required -#master-password = <password> -# -# The port the master is listening on. -# optional - defaults to 3306 -#master-port = <port> -# -# binary logging - not required for slaves, but recommended -#log-bin=mysql-bin - -# Uncomment the following if you are using InnoDB tables -##innodb_data_home_dir = //opt/app/mysql/data -##innodb_data_file_path = ibdata1:20M:autoextend:max:32G -##innodb_log_group_home_dir = //opt/app/mysql/iblogs -# You can set .._buffer_pool_size up to 50 - 80 % -# of RAM but beware of setting memory usage too high -#innodb_buffer_pool_size = 6380M -#innodb_additional_mem_pool_size = 2M -# Set .._log_file_size to 25 % of buffer pool size -innodb_log_file_size = 150M -innodb_log_files_in_group = 3 -innodb_log_buffer_size = 8M -#innodb_flush_log_at_trx_commit = 1 -innodb_lock_wait_timeout = 50 -innodb_autoextend_increment = 100 -expire_logs_days = 8 -open_files_limit = 2000 -transaction-isolation=READ-COMMITTED -####### Galera parameters ####### -## Galera Provider configuration -wsrep_provider=/usr/lib/galera/libgalera_smm.so -wsrep_provider_options="gcache.size=1G; gcache.page_size=1G" -## Galera Cluster configuration -wsrep_cluster_name="MSO-automated-tests-cluster" -wsrep_cluster_address="gcomm://" -#wsrep_cluster_address="gcomm://mariadb1,mariadb2,mariadb3" -##wsrep_cluster_address="gcomm://192.169.3.184,192.169.3.185,192.169.3.186" -## Galera Synchronization configuration -wsrep_sst_method=rsync -#wsrep_sst_method=xtrabackup-v2 -#wsrep_sst_auth="sstuser:Mon#2o!6" -## Galera Node configuration -wsrep_node_name="mariadb1" -##wsrep_node_address="192.169.3.184" -wsrep_on=ON -## Status notification -#wsrep_notify_cmd=/opt/app/mysql/bin/wsrep_notify -####### - - -[mysqldump] -quick -max_allowed_packet = 16M - -[mysql] -no-auto-rehash -# Remove the next comment character if you are not familiar with SQL -#safe-updates - -[myisamchk] -key_buffer_size = 20971520 - -##[mysqlhotcopy] -##interactive-timeout -##[mysqld_safe] -##malloc-lib=//opt/app/mysql/local/lib/libjemalloc.so.1 -##log-error=//opt/app/mysql/log/mysqld.log - -general_log_file = /var/log/mysql/mysql.log -general_log = 1 diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/resources/config/mariadb/docker-entrypoint-initdb.d/sql_init_01.sql b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/resources/config/mariadb/docker-entrypoint-initdb.d/sql_init_01.sql deleted file mode 100644 index e7fade9eb8..0000000000 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/resources/config/mariadb/docker-entrypoint-initdb.d/sql_init_01.sql +++ /dev/null @@ -1,144 +0,0 @@ -USE `datarouter`; - -CREATE TABLE FEEDS ( - FEEDID INT UNSIGNED NOT NULL PRIMARY KEY, - GROUPID INT(10) UNSIGNED NOT NULL DEFAULT 0, - NAME VARCHAR(255) NOT NULL, - VERSION VARCHAR(20) NOT NULL, - DESCRIPTION VARCHAR(1000), - BUSINESS_DESCRIPTION VARCHAR(1000) DEFAULT NULL, - AUTH_CLASS VARCHAR(32) NOT NULL, - PUBLISHER VARCHAR(8) NOT NULL, - SELF_LINK VARCHAR(256), - PUBLISH_LINK VARCHAR(256), - SUBSCRIBE_LINK VARCHAR(256), - LOG_LINK VARCHAR(256), - DELETED BOOLEAN DEFAULT FALSE, - LAST_MOD TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - SUSPENDED BOOLEAN DEFAULT FALSE, - CREATED_DATE TIMESTAMP DEFAULT CURRENT_TIMESTAMP -); - -CREATE TABLE FEED_ENDPOINT_IDS ( - FEEDID INT UNSIGNED NOT NULL, - USERID VARCHAR(20) NOT NULL, - PASSWORD VARCHAR(32) NOT NULL -); - -CREATE TABLE FEED_ENDPOINT_ADDRS ( - FEEDID INT UNSIGNED NOT NULL, - ADDR VARCHAR(44) NOT NULL -); - -CREATE TABLE SUBSCRIPTIONS ( - SUBID INT UNSIGNED NOT NULL PRIMARY KEY, - FEEDID INT UNSIGNED NOT NULL, - GROUPID INT(10) UNSIGNED NOT NULL DEFAULT 0, - DELIVERY_URL VARCHAR(256), - DELIVERY_USER VARCHAR(20), - DELIVERY_PASSWORD VARCHAR(32), - DELIVERY_USE100 BOOLEAN DEFAULT FALSE, - METADATA_ONLY BOOLEAN DEFAULT FALSE, - SUBSCRIBER VARCHAR(8) NOT NULL, - SELF_LINK VARCHAR(256), - LOG_LINK VARCHAR(256), - LAST_MOD TIMESTAMP DEFAULT CURRENT_TIMESTAMP, - SUSPENDED BOOLEAN DEFAULT FALSE, - CREATED_DATE TIMESTAMP DEFAULT CURRENT_TIMESTAMP - -); - -CREATE TABLE PARAMETERS ( - KEYNAME VARCHAR(32) NOT NULL PRIMARY KEY, - VALUE VARCHAR(4096) NOT NULL -); - -CREATE TABLE LOG_RECORDS ( - TYPE ENUM('pub', 'del', 'exp', 'pbf', 'dlx') NOT NULL, - EVENT_TIME BIGINT NOT NULL, /* time of the publish request */ - PUBLISH_ID VARCHAR(64) NOT NULL, /* unique ID assigned to this publish attempt */ - FEEDID INT UNSIGNED NOT NULL, /* pointer to feed in FEEDS */ - REQURI VARCHAR(256) NOT NULL, /* request URI */ - METHOD ENUM('DELETE', 'GET', 'HEAD', 'OPTIONS', 'PUT', 'POST', 'TRACE') NOT NULL, /* HTTP method */ - CONTENT_TYPE VARCHAR(256) NOT NULL, /* content type of published file */ - CONTENT_LENGTH BIGINT NOT NULL, /* content length of published file */ - - FEED_FILEID VARCHAR(256), /* file ID of published file */ - REMOTE_ADDR VARCHAR(40), /* IP address of publishing endpoint */ - USER VARCHAR(50), /* user name of publishing endpoint */ - STATUS SMALLINT, /* status code returned to delivering agent */ - - DELIVERY_SUBID INT UNSIGNED, /* pointer to subscription in SUBSCRIPTIONS */ - DELIVERY_FILEID VARCHAR(256), /* file ID of file being delivered */ - RESULT SMALLINT, /* result received from subscribing agent */ - - ATTEMPTS INT, /* deliveries attempted */ - REASON ENUM('notRetryable', 'retriesExhausted', 'diskFull', 'other'), - - RECORD_ID BIGINT UNSIGNED NOT NULL PRIMARY KEY, /* unique ID for this record */ - CONTENT_LENGTH_2 BIGINT, - - INDEX (FEEDID) USING BTREE, - INDEX (DELIVERY_SUBID) USING BTREE, - INDEX (RECORD_ID) USING BTREE -) ENGINE = MyISAM; - -CREATE TABLE INGRESS_ROUTES ( - SEQUENCE INT UNSIGNED NOT NULL, - FEEDID INT UNSIGNED NOT NULL, - USERID VARCHAR(20), - SUBNET VARCHAR(44), - NODESET INT UNSIGNED NOT NULL -); - -CREATE TABLE EGRESS_ROUTES ( - SUBID INT UNSIGNED NOT NULL PRIMARY KEY, - NODEID INT UNSIGNED NOT NULL -); - -CREATE TABLE NETWORK_ROUTES ( - FROMNODE INT UNSIGNED NOT NULL, - TONODE INT UNSIGNED NOT NULL, - VIANODE INT UNSIGNED NOT NULL -); - -CREATE TABLE NODESETS ( - SETID INT UNSIGNED NOT NULL, - NODEID INT UNSIGNED NOT NULL -); - -CREATE TABLE NODES ( - NODEID INT UNSIGNED NOT NULL PRIMARY KEY, - NAME VARCHAR(255) NOT NULL, - ACTIVE BOOLEAN DEFAULT TRUE -); - -CREATE TABLE GROUPS ( - GROUPID INT UNSIGNED NOT NULL PRIMARY KEY, - AUTHID VARCHAR(100) NOT NULL, - NAME VARCHAR(50) NOT NULL, - DESCRIPTION VARCHAR(255), - CLASSIFICATION VARCHAR(20) NOT NULL, - MEMBERS TINYTEXT, - LAST_MOD TIMESTAMP DEFAULT CURRENT_TIMESTAMP -); - -INSERT INTO PARAMETERS VALUES - ('ACTIVE_POD', '{{.Values.global.config.dmaapDrProv.name}}'), - ('PROV_ACTIVE_NAME', '{{.Values.global.config.dmaapDrProv.name}}'), - ('STANDBY_POD', ''), - ('PROV_NAME', '{{.Values.global.config.dmaapDrProv.name}}'), - ('NODES', '{{.Values.global.config.dmaapDrNode.name}}'), - ('PROV_DOMAIN', '{{ include "common.namespace" . }}'), - ('DELIVERY_INIT_RETRY_INTERVAL', '10'), - ('DELIVERY_MAX_AGE', '86400'), - ('DELIVERY_MAX_RETRY_INTERVAL', '3600'), - ('DELIVERY_RETRY_RATIO', '2'), - ('LOGROLL_INTERVAL', '300'), - ('PROV_AUTH_ADDRESSES', '{{.Values.global.config.dmaapDrProv.name}}|{{.Values.global.config.dmaapDrNode.name}}'), - ('PROV_AUTH_SUBJECTS', ''), - ('PROV_MAXFEED_COUNT', '10000'), - ('PROV_MAXSUB_COUNT', '100000'), - ('PROV_REQUIRE_CERT', 'false'), - ('PROV_REQUIRE_SECURE', 'false'), - ('_INT_VALUES', 'LOGROLL_INTERVAL|PROV_MAXFEED_COUNT|PROV_MAXSUB_COUNT|DELIVERY_INIT_RETRY_INTERVAL|DELIVERY_MAX_RETRY_INTERVAL|DELIVERY_RETRY_RATIO|DELIVERY_MAX_AGE'); diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/NOTES.txt b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/NOTES.txt deleted file mode 100644 index 71879412d0..0000000000 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/NOTES.txt +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.global.config.mariadb.servicetype }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.global.config.mariadb.servicetype }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{.Values.global.config.mariadb.externalPort}} -{{- else if contains "ClusterIP" .Values.global.config.mariadb.servicetype }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{.Values.global.config.mariadb.internalPort}} -{{- end }} diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/configmap.yaml b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/configmap.yaml deleted file mode 100644 index dd75846932..0000000000 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/configmap.yaml +++ /dev/null @@ -1,39 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-mdb-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/mariadb/conf.d/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-mdb-initd-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/mariadb/docker-entrypoint-initdb.d/sql_init_01.sql").AsConfig . | indent 2 }} diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/pv.yaml b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/pv.yaml deleted file mode 100644 index da117f4919..0000000000 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/pv.yaml +++ /dev/null @@ -1,37 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - name: {{ include "common.fullname" . }} -spec: - capacity: - storage: {{ .Values.persistence.size }} - accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- end -}} diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/pvc.yaml b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/pvc.yaml deleted file mode 100644 index e27c3311e9..0000000000 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/pvc.yaml +++ /dev/null @@ -1,48 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} - accessModes: - - {{ .Values.persistence.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.size }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/service.yaml b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/service.yaml deleted file mode 100644 index 53fed469f9..0000000000 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/templates/service.yaml +++ /dev/null @@ -1,38 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{.Values.global.config.mariadb.name}} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - type: {{.Values.global.config.mariadb.servicetype}} - ports: - {{if eq .Values.global.config.mariadb.servicetype "NodePort" -}} - - port: {{.Values.global.config.mariadb.internalPort}} - nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }} - {{- else -}} - - port: {{.Values.global.config.mariadb.externalPort}} - targetPort: {{.Values.global.config.mariadb.internalPort}} - {{- end}} - name: {{.Values.global.config.mariadb.name}} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }}
\ No newline at end of file diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/values.yaml b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/values.yaml deleted file mode 100644 index 03a46acdc6..0000000000 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-db/values.yaml +++ /dev/null @@ -1,80 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Default values for mariadb. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -global: # global defaults - persistence: {} - -# application image -repository: nexus3.onap.org:10001 -image: mariadb:10.2.14 -pullPolicy: Always - -# application configuration - see parent values chart - -# flag to enable debugging - application support required -debugEnabled: false - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 30 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 30 - periodSeconds: 10 - -## Persist data to a persitent volume -persistence: - enabled: true - volumeReclaimPolicy: Retain - accessMode: ReadWriteMany - size: 1Gi - mountPath: /dockerdata-nfs - mountSubPath: dmaap/dr-db/data - -ingress: - enabled: false - -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 2000m - memory: 4Gi - requests: - cpu: 500m - memory: 1Gi - large: - limits: - cpu: 4000m - memory: 8Gi - requests: - cpu: 1000m - memory: 2Gi - unlimited: {} diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/resources/config/provserver.properties b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/resources/config/provserver.properties index 6bde746d66..dea4862acd 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/resources/config/provserver.properties +++ b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/resources/config/provserver.properties @@ -44,6 +44,6 @@ org.onap.dmaap.datarouter.provserver.isaddressauthenabled = false # Database access org.onap.dmaap.datarouter.db.driver = org.mariadb.jdbc.Driver -org.onap.dmaap.datarouter.db.url = jdbc:mariadb://{{.Values.global.config.mariadb.name}}:{{.Values.global.config.mariadb.externalPort}}/datarouter +org.onap.dmaap.datarouter.db.url = jdbc:mariadb://{{.Values.global.config.dmaapDrDb.mariadbServiceName}}:{{.Values.global.config.dmaapDrDb.mariadbServicePort}}/datarouter org.onap.dmaap.datarouter.db.login = datarouter org.onap.dmaap.datarouter.db.password = datarouter diff --git a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/templates/deployment.yaml b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/templates/deployment.yaml index 7fd60ea501..b223872a3c 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/templates/deployment.yaml +++ b/kubernetes/dmaap/charts/dmaap-data-router/charts/dmaap-dr-prov/templates/deployment.yaml @@ -35,7 +35,7 @@ spec: - /root/ready.py args: - --container-name - - {{.Values.global.config.mariadb.name}} + - {{.Values.global.config.dmaapDrDb.mariadbContName}} env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/dmaap/charts/dmaap-data-router/requirements.yaml b/kubernetes/dmaap/charts/dmaap-data-router/requirements.yaml index 5da3738b55..506aa83aa2 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/requirements.yaml +++ b/kubernetes/dmaap/charts/dmaap-data-router/requirements.yaml @@ -16,4 +16,8 @@ dependencies: - name: common version: ~3.0.0 repository: '@local' + - name: mariadb-galera + alias: mariadb + version: ~3.0.0 + repository: '@local' diff --git a/kubernetes/dmaap/charts/dmaap-data-router/values.yaml b/kubernetes/dmaap/charts/dmaap-data-router/values.yaml index 7f29f931fb..1a4feec659 100644 --- a/kubernetes/dmaap/charts/dmaap-data-router/values.yaml +++ b/kubernetes/dmaap/charts/dmaap-data-router/values.yaml @@ -16,24 +16,12 @@ # DMaap Data Router Global config defaults. ################################################################# global: - persistence: {} env: name: AUTO ubuntuInitRepository: oomk8s ubuntuInitImage: ubuntu-init:1.0.0 config: -# dr db configuration - mariadb: - servicetype: ClusterIP - name: dmaap-dr-db - portName: dr-db-port - internalPort: 3306 - externalPort: 3306 - mariadbRootPassword: datarouter - userName: datarouter - userPassword: datarouter - mysqlDatabase: datarouter # dr provisioning server configuration dmaapDrProv: servicetype: NodePort @@ -51,8 +39,32 @@ global: servicetype: ClusterIP name: dmaap-dr-node externalPort: 8080 - internalPort: 8080 externalPort2: 8443 + internalPort: 8080 internalPort2: 8443 portName: dr-node-port portName2: dr-node-port2 +# dr-prov db configuration + dmaapDrDb: + mariadbServiceName: dmaap-dr-db-svc + mariadbServicePort: 3306 + mariadbContName: dmaap-dr-db + +# mariadb-galera configuration +mariadb: + name: dmaap-dr-db + nameOverride: dmaap-dr-db + replicaCount: 2 + config: + mariadbRootPassword: datarouter + userName: datarouter + userPassword: datarouter + mysqlDatabase: datarouter + service: + name: dmaap-dr-db-svc + portName: dmaap-dr-db-svc + nfsprovisionerPrefix: dmaap-dr-db + persistence: + size: 1Gi + mountSubPath: data-router/dr-db-data + disableNfsProvisioner: true
\ No newline at end of file diff --git a/kubernetes/onap/requirements.yaml b/kubernetes/onap/requirements.yaml index 4e18dc95a3..51b1a8f8f9 100644 --- a/kubernetes/onap/requirements.yaml +++ b/kubernetes/onap/requirements.yaml @@ -132,7 +132,3 @@ dependencies: version: ~3.0.0 repository: '@local' condition: vnfsdk.enabled - - name: vvp - version: ~3.0.0 - repository: '@local' - condition: vvp.enabled diff --git a/kubernetes/onap/resources/environments/disable-allcharts.yaml b/kubernetes/onap/resources/environments/disable-allcharts.yaml index d45111427e..dd30e1d87e 100644 --- a/kubernetes/onap/resources/environments/disable-allcharts.yaml +++ b/kubernetes/onap/resources/environments/disable-allcharts.yaml @@ -79,5 +79,3 @@ vid: enabled: false vnfsdk: enabled: false -vvp: - enabled: false diff --git a/kubernetes/onap/resources/environments/minimal-onap.yaml b/kubernetes/onap/resources/environments/minimal-onap.yaml index e5cb97193f..30aab4408c 100644 --- a/kubernetes/onap/resources/environments/minimal-onap.yaml +++ b/kubernetes/onap/resources/environments/minimal-onap.yaml @@ -170,6 +170,4 @@ vid: vfc: enabled: false vnfsdk: - enabled: false -vvp: - enabled: false + enabled: false
\ No newline at end of file diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index 1ca2b8470a..d944e2e829 100644 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -156,5 +156,3 @@ vid: enabled: true vnfsdk: enabled: true -vvp: - enabled: false diff --git a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py index a37692f4b6..d8179e1ba1 100644 --- a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py +++ b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py @@ -69,18 +69,6 @@ GLOBAL_POMBA_SERVER_PROTOCOL = "http" GLOBAL_POMBA_AAICONTEXTBUILDER_PORT = "9530" GLOBAL_POMBA_SDCCONTEXTBUILDER_PORT = "9530" GLOBAL_POMBA_NETWORKDISCCONTEXTBUILDER_PORT = "9530" -# vvp info -GLOBAL_VVP_SERVER_PROTOCOL = "http" -GLOBAL_VVP_CI_UWSGI_PORT = "8282" -GLOBAL_VVP_CMS_UWSGI_PORT1 = "80" -GLOBAL_VVP_EM_UWSGI_PORT = "80" -GLOBAL_VVP_EXT_HAPROXY_PORT1 = "80" -GLOBAL_VVP_GITLAB_PORT1 = "80" -GLOBAL_VVP_IMAGESCANNER_PORT = "80" -GLOBAL_VVP_INT_HAPROXY_PORT1 = "80" -GLOBAL_VVP_JENKINS_PORT = "8080" -GLOBAL_VVP_POSTGRES_PORT = "5432" -GLOBAL_VVP_REDIS_PORT = "6379" # microservice bus info - everything is from the private oam network (also called onap private network) GLOBAL_MSB_SERVER_PROTOCOL = "http" GLOBAL_MSB_SERVER_PORT = "80" diff --git a/kubernetes/robot/resources/config/eteshare/config/vm_properties.py b/kubernetes/robot/resources/config/eteshare/config/vm_properties.py index 28f1f20141..faa890d642 100644 --- a/kubernetes/robot/resources/config/eteshare/config/vm_properties.py +++ b/kubernetes/robot/resources/config/eteshare/config/vm_properties.py @@ -35,16 +35,6 @@ GLOBAL_INJECTED_LOG_LOGSTASH_IP_ADDR = "log-ls-http.{{include "common.namespace" GLOBAL_INJECTED_POMBA_AAI_CONTEXT_BUILDER_IP_ADDR = "pomba-aaictxbuilder.{{include "common.namespace" .}}" GLOBAL_INJECTED_POMBA_SDC_CONTEXT_BUILDER_IP_ADDR = "pomba-sdcctxbuilder.{{include "common.namespace" .}}" GLOBAL_INJECTED_POMBA_NETWORK_DISC_CONTEXT_BUILDER_IP_ADDR = "pomba-networkdiscoveryctxbuilder.{{include "common.namespace" .}}" -GLOBAL_INJECTED_VVP_CI_UWSGI_IP_ADDR = "vvp-ci-uwsgi.{{include "common.namespace" .}}" -GLOBAL_INJECTED_VVP_CMS_UWSGI_IP_ADDR = "vvp-cms-uwsgi.{{include "common.namespace" .}}" -GLOBAL_INJECTED_VVP_EM_UWSGI_IP_ADDR = "vvp-em-uwsgi.{{include "common.namespace" .}}" -GLOBAL_INJECTED_VVP_EXT_HAPROXY_IP_ADDR = "vvp-ext-haproxy.{{include "common.namespace" .}}" -GLOBAL_INJECTED_VVP_GITLAB_IP_ADDR = "vvp-gitlab.{{include "common.namespace" .}}" -GLOBAL_INJECTED_VVP_IMAGESCANNER_IP_ADDR = "vvp-imagescanner.{{include "common.namespace" .}}" -GLOBAL_INJECTED_VVP_INT_HAPROXY_IP_ADDR = "vvp-int-haproxy.{{include "common.namespace" .}}" -GLOBAL_INJECTED_VVP_JENKINS_IP_ADDR = "vvp-jenkins.{{include "common.namespace" .}}" -GLOBAL_INJECTED_VVP_POSTGRES_IP_ADDR = "vvp-postgres.{{include "common.namespace" .}}" -GLOBAL_INJECTED_VVP_REDIS_IP_ADDR = "vvp-redis.{{include "common.namespace" .}}" GLOBAL_INJECTED_KEYSTONE = "{{ .Values.openStackKeyStoneUrl }}" GLOBAL_INJECTED_MR_IP_ADDR = "message-router.{{include "common.namespace" .}}" GLOBAL_INJECTED_MUSIC_IP_ADDR = "music.{{include "common.namespace" .}}" @@ -118,16 +108,6 @@ GLOBAL_INJECTED_PROPERTIES = { "GLOBAL_INJECTED_POMBA_AAI_CONTEXT_BUILDER_IP_ADDR" : "pomba-aaictxbuilder.{{include "common.namespace" .}}", "GLOBAL_INJECTED_POMBA_SDC_CONTEXT_BUILDER_IP_ADDR" : "pomba-sdcctxbuilder.{{include "common.namespace" .}}", "GLOBAL_INJECTED_POMBA_NETWORK_DISC_CONTEXT_BUILDER_IP_ADDR" : "pomba-networkdiscovery.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_VVP_CI_UWSGI_IP_ADDR" : "vvp-ci-uwsgi.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_VVP_CMS_UWSGI_IP_ADDR" : "vvp-cms-uwsgi.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_VVP_EM_UWSGI_IP_ADDR" : "vvp-em-uwsgi.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_VVP_EXT_HAPROXY_IP_ADDR" : "vvp-ext-haproxy.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_VVP_GITLAB_IP_ADDR" : "vvp-gitlab.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_VVP_IMAGESCANNER_IP_ADDR" : "vvp-imagescanner.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_VVP_INT_HAPROXY_IP_ADDR" : "vvp-int-haproxy.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_VVP_JENKINS_IP_ADDR" : "vvp-jenkins.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_VVP_POSTGRES_IP_ADDR" : "vvp-postgres.{{include "common.namespace" .}}", - "GLOBAL_INJECTED_VVP_REDIS_IP_ADDR" : "vvp-redis.{{include "common.namespace" .}}", "GLOBAL_INJECTED_MUSIC_IP_ADDR" : "music.{{include "common.namespace" .}}", "GLOBAL_INJECTED_NBI_IP_ADDR" : "nbi.{{include "common.namespace" .}}", "GLOBAL_INJECTED_NETWORK" : "{{ .Values.openStackPrivateNetId }}", diff --git a/kubernetes/vvp/Chart.yaml b/kubernetes/vvp/Chart.yaml deleted file mode 100644 index 61b8ed1edc..0000000000 --- a/kubernetes/vvp/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: ONAP VNF Validation Platform -name: vvp -version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-ci-uwsgi/Chart.yaml b/kubernetes/vvp/charts/vvp-ci-uwsgi/Chart.yaml deleted file mode 100644 index 5304ccb55f..0000000000 --- a/kubernetes/vvp/charts/vvp-ci-uwsgi/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: end-to-end flow tests based on Seleniunm -name: vvp-ci-uwsgi -version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-ci-uwsgi/resources/config/ci/__init__.py b/kubernetes/vvp/charts/vvp-ci-uwsgi/resources/config/ci/__init__.py deleted file mode 100644 index 8b70506f6c..0000000000 --- a/kubernetes/vvp/charts/vvp-ci-uwsgi/resources/config/ci/__init__.py +++ /dev/null @@ -1,278 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import os -from datetime import datetime - -# With this file at web/settings/__init__.py, we need three applications of -# dirname() to find the project root. -PROJECT_PATH = os.path.realpath(os.path.dirname(os.path.dirname(os.path.dirname(__file__)))) -LOGS_PATH = os.path.join(PROJECT_PATH, "logs") - -ICE_ENVIRONMENT = os.environ['ICE_ENVIRONMENT'] -PROGRAM_NAME_URL_PREFIX = os.environ['PROGRAM_NAME_URL_PREFIX'] -SERVICE_PROVIDER = os.environ['SERVICE_PROVIDER'] -PROGRAM_NAME = os.environ['PROGRAM_NAME'] -SERVICE_PROVIDER_DOMAIN = os.environ['SERVICE_PROVIDER_DOMAIN'] - -# See https://docs.djangoproject.com/en/1.9/howto/deployment/checklist/ -SECRET_KEY = os.environ["SECRET_KEY"] - -# https://docs.djangoproject.com/en/1.10/ref/settings/#allowed-hosts -# Anything in the Host header that does not match our expected domain should -# raise SuspiciousOperation exception. -ALLOWED_HOSTS = ['*'] - -if ICE_ENVIRONMENT == 'production': - DEBUG = False - - EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend' - EMAIL_HOST = os.environ.get('ICE_EMAIL_HOST') - EMAIL_HOST_PASSWORD = os.environ['EMAIL_HOST_PASSWORD'] - EMAIL_HOST_USER = os.environ['EMAIL_HOST_USER'] - EMAIL_PORT = os.environ['EMAIL_PORT'] -else: - DEBUG = True - EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' - - -# Note: Only SSL email backends are allowed -EMAIL_USE_SSL = True - -REST_FRAMEWORK = { - 'DEFAULT_AUTHENTICATION_CLASSES': ( - 'rest_framework_jwt.authentication.JSONWebTokenAuthentication', - ), - 'PAGE_SIZE': 10, - # Use Django's standard `django.contrib.auth` permissions, - # or allow read-only access for unauthenticated users. - 'DEFAULT_PERMISSION_CLASSES': ('rest_framework.permissions.IsAdminUser',), -} -APPEND_SLASH = False - -# Application definition - -INSTALLED_APPS = [ - - 'django.contrib.auth', - 'django.contrib.contenttypes', # required by d.c.admin - 'django.contrib.sessions', # required by d.c.admin - 'django.contrib.messages', # required by d.c.admin - 'django.contrib.staticfiles', - 'django.contrib.admin', # django admin site - 'rest_framework', - 'iceci.apps.IceCiConfig', -] - -MIDDLEWARE_CLASSES = [ - 'django.middleware.security.SecurityMiddleware', - 'django.contrib.sessions.middleware.SessionMiddleware', - 'django.middleware.common.CommonMiddleware', - 'django.middleware.csrf.CsrfViewMiddleware', - 'django.contrib.auth.middleware.AuthenticationMiddleware', - 'django.contrib.auth.middleware.SessionAuthenticationMiddleware', - 'django.contrib.messages.middleware.MessageMiddleware', - 'django.middleware.clickjacking.XFrameOptionsMiddleware', -] - -ROOT_URLCONF = 'web.urls' - -TEMPLATES = [ - { - 'BACKEND': 'django.template.backends.django.DjangoTemplates', - 'DIRS': [PROJECT_PATH + '/web/templates'], - 'APP_DIRS': True, - 'OPTIONS': { - 'context_processors': [ - 'django.template.context_processors.debug', - 'django.template.context_processors.request', - 'django.contrib.auth.context_processors.auth', # required by d.c.admin - 'django.contrib.messages.context_processors.messages', # required by d.c.admin - ], - }, - }, -] - -WSGI_APPLICATION = 'web.wsgi.application' - -# Database -# https://docs.djangoproject.com/en/1.9/ref/settings/#databases - -DATABASES = { - 'default': { # CI DB details. - 'NAME': '/app/ice_ci_db.db' , - 'ENGINE': 'django.db.backends.sqlite3', - 'TEST_NAME': '/app/ice_ci_db.db', - }, -} -SINGLETONE_DB = { - 'default': { # CI DB details. - 'ENGINE': 'django.db.backends.postgresql', - 'NAME': os.environ.get('CI_DB_NAME', 'ice_ci_db'), - 'USER': os.environ.get('CI_DB_USER', 'iceci'), - 'PASSWORD': os.environ.get('CI_DB_PASSWORD', 'Aa123456'), - 'HOST': os.environ.get('CI_DB_HOST', 'localhost'), - 'PORT': os.environ.get('CI_DB_PORT', '5433'), - }, - 'em_db': { # ICE DB details. - 'ENGINE': 'django.db.backends.postgresql', - 'NAME': os.environ.get('EM_DB_NAME', 'icedb'), - 'USER': os.environ.get('EM_DB_USER', 'iceuser'), - 'PASSWORD': os.environ.get('EM_DB_PASSWORD', 'Aa123456'), - 'HOST': os.environ.get('EM_DB_HOST', 'localhost'), - 'PORT': os.environ.get('EM_DB_PORT', '5433'), - }, - 'cms_db': { # ICE CMS details. - 'ENGINE': 'django.db.backends.postgresql', - 'NAME': os.environ.get('CMS_DB_NAME', 'icecmsdb'), - 'USER': os.environ.get('CMS_DB_USER', 'icecmsuser'), - 'PASSWORD': os.environ.get('CMS_DB_PASSWORD', 'Aa123456'), - 'HOST': os.environ.get('CMS_DB_HOST', 'localhost'), - 'PORT': os.environ.get('CMS_DB_PORT', '5433'), - } -} - -# Password validation -# https://docs.djangoproject.com/en/1.9/ref/settings/#auth-password-validators - -AUTH_PASSWORD_VALIDATORS = [ - { - 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator', - }, - { - 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator', - }, - { - 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator', - }, - { - 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator', - }, -] - - -# Internationalization -# https://docs.djangoproject.com/en/1.9/topics/i18n/ - -LANGUAGE_CODE = 'en-us' - -TIME_ZONE = 'UTC' - -USE_I18N = True - -USE_L10N = True - -USE_TZ = False - - -# Static files (CSS, JavaScript, Images) -# https://docs.djangoproject.com/en/1.9/howto/static-files/ -STATIC_ROOT = os.environ['STATIC_ROOT'] -STATIC_URL = '/static/' - -LOGGING = { - 'version': 1, - 'disable_existing_loggers': False, - 'formatters': { # All possible attributes are: https://docs.python.org/3/library/logging.html#logrecord-attributes - 'verbose': { - 'format': '%(asctime)s %(levelname)s %(module)s %(filename)s:%(lineno)d %(process)d %(thread)d %(message)s' - }, - 'simple': { - 'format': '%(asctime)s %(levelname)s %(filename)s:%(lineno)d %(message)s' - }, - }, - 'handlers': { - 'console': { - 'class': 'logging.StreamHandler', - 'formatter': 'simple' - }, - 'file1': { - 'level': 'INFO', # handler will ignore DEBUG (only process INFO, WARN, ERROR, CRITICAL, FATAL) - 'class': 'logging.FileHandler', - 'filename': os.environ.get('ICE_ICE_LOGGER_PATH', LOGS_PATH) + 'vvp-info.log', - 'formatter': 'verbose' - }, - 'file2': { - 'level': 'DEBUG', - 'class': 'logging.FileHandler', - 'filename': os.environ.get('ICE_ICE_LOGGER_PATH', LOGS_PATH) + 'vvp-debug.log', - 'formatter': 'verbose' - }, - 'file3': { - 'level': 'ERROR', - 'class': 'logging.FileHandler', - 'filename': os.environ.get('ICE_ICE_LOGGER_PATH', LOGS_PATH) + 'vvp-requests.log', - 'formatter': 'verbose' - }, - 'file4': { - 'level': 'ERROR', - 'class': 'logging.FileHandler', - 'filename': os.environ.get('ICE_ICE_LOGGER_PATH', LOGS_PATH) + 'vvp-db.log', - 'formatter': 'verbose' - } - }, - 'loggers': { - 'vvp-ci.logger': { - 'handlers': ['file1', 'file2', 'file3', 'file4','console'], - 'level': os.getenv('ICE_ICE_LOGGER_LEVEL', 'DEBUG'), - }, - 'django': { - 'handlers': ['console'], - 'level': os.getenv('ICE_DJANGO_LOGGER_LEVEL', 'DEBUG'), - }, - 'django.request': { - 'handlers': ['file3'], - 'level': os.getenv('ICE_ICE_REQUESTS_LOGGER_LEVEL', 'ERROR'), - }, - 'django.db.backends': { - 'handlers': ['file4'], - 'level': os.getenv('ICE_ICE_DB_LOGGER_LEVEL', 'ERROR'), - } - } -} - - -############################# -# ICE-CI Related Configuration -############################# -ICE_CONTACT_FROM_ADDRESS = os.getenv('ICE_CONTACT_FROM_ADDRESS') -ICE_CONTACT_EMAILS = list(os.getenv('ICE_CONTACT_EMAILS','user@example.com').split(',')) -ICE_CI_ENVIRONMENT_NAME = os.getenv('ICE_CI_ENVIRONMENT_NAME', 'Dev') # Dev / Docker / Staging -ICE_EM_URL = "{domain}/{prefix}".format(domain=os.environ['ICE_EM_DOMAIN_NAME'], prefix=PROGRAM_NAME_URL_PREFIX) -ICE_PORTAL_URL = os.environ['ICE_DOMAIN'] -EM_REST_URL = ICE_EM_URL + '/v1/engmgr/' - -#Number of test results presented in admin page. Illegal values: '0' or 'Null' -NUMBER_OF_TEST_RESULTS = int(os.getenv('NUMBER_OF_TEST_RESULTS', '30')) -ICE_BUILD_REPORT_NUM = os.getenv('ICE_BUILD_REPORT_NUM',"{:%Y-%m-%d-%H-%M-%S}".format(datetime.now())) -IS_JUMP_STATE=os.getenv('IS_JUMP_STATE', "True") -DATABASE_TYPE = 'sqlite' - -# FIXME: Does this authentication scheme actually gain us anything? What's the -# threat model -WEBHOOK_TOKEN = os.environ['SECRET_WEBHOOK_TOKEN'] - -# The authentication token and URL needed for us to issue requests to the GitLab API. -GITLAB_TOKEN = os.environ['SECRET_GITLAB_AUTH_TOKEN'] -GITLAB_URL = "http://vvp-gitlab/" - -JENKINS_URL = "http://vvp-jenkins:8080/" -JENKINS_USERNAME = "admin" -JENKINS_PASSWORD = os.environ['SECRET_JENKINS_PASSWORD'] - -AWS_S3_HOST = os.environ['S3_HOST'] -AWS_S3_PORT = int(os.environ['S3_PORT']) -AWS_S3_CUSTOM_DOMAIN = os.environ['S3_HOST'] -AWS_ACCESS_KEY_ID = os.environ['AWS_ACCESS_KEY_ID'] -AWS_SECRET_ACCESS_KEY = os.environ['AWS_SECRET_ACCESS_KEY'] diff --git a/kubernetes/vvp/charts/vvp-ci-uwsgi/resources/config/ci/gunicorn.ini b/kubernetes/vvp/charts/vvp-ci-uwsgi/resources/config/ci/gunicorn.ini deleted file mode 100644 index 556fd55713..0000000000 --- a/kubernetes/vvp/charts/vvp-ci-uwsgi/resources/config/ci/gunicorn.ini +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -bind = ":8282" -chdir = '/app' -pidfile = '/tmp/ice-project-master.pid' -backlog = '5000' -errorlog = '-' -loglevel = 'info' diff --git a/kubernetes/vvp/charts/vvp-ci-uwsgi/templates/configmap.yaml b/kubernetes/vvp/charts/vvp-ci-uwsgi/templates/configmap.yaml deleted file mode 100644 index 1d340532a4..0000000000 --- a/kubernetes/vvp/charts/vvp-ci-uwsgi/templates/configmap.yaml +++ /dev/null @@ -1,30 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-settings - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/ci/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-secret - namespace: {{ include "common.namespace" . }} -type: Opaque -data: - admin_password: "Y2lhZG1pbnBhc3M=" diff --git a/kubernetes/vvp/charts/vvp-ci-uwsgi/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-ci-uwsgi/templates/deployment.yaml deleted file mode 100644 index e62199862b..0000000000 --- a/kubernetes/vvp/charts/vvp-ci-uwsgi/templates/deployment.yaml +++ /dev/null @@ -1,135 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - name: {{ .Release.Name }} - spec: - imagePullSecrets: - - name: onapkey - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: 80 - - containerPort: 8282 - - containerPort: 9000 - volumeMounts: - - name: ci-settings - mountPath: /opt/configmaps/settings/ - - name: site-crt - mountPath: /opt/secrets/site-crt/ - env: - - name: ICE_ENVIRONMENT - value: "development" - - name: PROGRAM_NAME_URL_PREFIX - value: "vvp" - - name: SERVICE_PROVIDER - value: "NA" - - name: PROGRAM_NAME - value: "VVP" - - name: SERVICE_PROVIDER_DOMAIN - value: "na.com" - - name: SECRET_KEY - valueFrom: - secretKeyRef: {name: em-secret, key: key} - - name: EM_DB_HOST - value: postgresql - - name: EM_DB_PORT - value: "5432" - - name: EM_DB_NAME - value: icedb - - name: EM_DB_USER - value: "em_postgresuser" - - name: EM_DB_PASSWORD - valueFrom: - secretKeyRef: {name: postgresql-passwords, key: emPassword} - - name: CMS_DB_HOST - value: postgresql - - name: CMS_DB_PORT - value: "5432" - - name: CMS_DB_NAME - value: "icecmsdb" - - name: CMS_DB_USER - value: "cms_postgresuser" - - name: CMS_DB_PASSWORD - valueFrom: - secretKeyRef: {name: postgresql-passwords, key: cmsPassword} - - name: CI_DB_HOST - value: postgresql - - name: CI_DB_PORT - value: "5432" - - name: CI_DB_NAME - value: icedb - - name: CI_DB_USER - value: "em_postgresuser" - - name: CI_DB_PASSWORD - valueFrom: - secretKeyRef: {name: postgresql-passwords, key: ciPassword} - - name: STATIC_ROOT - value: "/app/htdocs" - - name: ICE_CONTACT_FROM_ADDRESS - value: "example" - - name: SECRET_WEBHOOK_TOKEN - valueFrom: - secretKeyRef: {name: em-secret, key: em_webhook_token} - - name: SECRET_GITLAB_AUTH_TOKEN - valueFrom: - secretKeyRef: {name: gitlab-password, key: auth-token} - - name: SECRET_JENKINS_PASSWORD - valueFrom: - secretKeyRef: {name: em-secret, key: jenkins_admin_password} - - name: ICE_DOMAIN - value: https://development.vvp.example.com - - name: ICE_EM_DOMAIN_NAME - value: https://development.vvp.example.com - - name: OAUTHLIB_INSECURE_TRANSPORT - value: "1" - - name: CI_ADMIN_USER - value: "ciadminuser" - - name: CI_ADMIN_MAIL - value: "ciadminmail@example.com" - - name: CI_ADMIN_PASSWORD - valueFrom: - secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: admin_password} - - name: S3_HOST - value: "dev-s3.vvp.example.com" - - name: S3_PORT - value: "443" - - name: AWS_ACCESS_KEY_ID - valueFrom: - secretKeyRef: {name: em-secret, key: aws_access_key_id} - - name: AWS_SECRET_ACCESS_KEY - valueFrom: - secretKeyRef: {name: em-secret, key: aws_secret_access_key} - command: ["/app/docker-entrypoint.sh", "/usr/local/bin/gunicorn", "-c", "/opt/configmaps/settings/gunicorn.ini", "web.wsgi:application", ] - volumes: - - name: ci-settings - configMap: - name: {{ include "common.fullname" . }}-settings - - name: site-crt - secret: - secretName: site-crt diff --git a/kubernetes/vvp/charts/vvp-ci-uwsgi/templates/service.yaml b/kubernetes/vvp/charts/vvp-ci-uwsgi/templates/service.yaml deleted file mode 100644 index a4260013a4..0000000000 --- a/kubernetes/vvp/charts/vvp-ci-uwsgi/templates/service.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName | default "http" }} - selector: - app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/charts/vvp-ci-uwsgi/values.yaml b/kubernetes/vvp/charts/vvp-ci-uwsgi/values.yaml deleted file mode 100644 index 1b58dd52aa..0000000000 --- a/kubernetes/vvp/charts/vvp-ci-uwsgi/values.yaml +++ /dev/null @@ -1,60 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - repository: nexus3.onap.org:10001 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: onap/vvp/test-engine:1.0.0 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: ClusterIP - internalPort: 8282 - -ingress: - enabled: false diff --git a/kubernetes/vvp/charts/vvp-cms-uwsgi/Chart.yaml b/kubernetes/vvp/charts/vvp-cms-uwsgi/Chart.yaml deleted file mode 100644 index 3adf9a2514..0000000000 --- a/kubernetes/vvp/charts/vvp-cms-uwsgi/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: backend uwsgi server which hosts django application -name: vvp-cms-uwsgi -version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-cms-uwsgi/resources/config/cms/__init__.py b/kubernetes/vvp/charts/vvp-cms-uwsgi/resources/config/cms/__init__.py deleted file mode 100644 index b583985739..0000000000 --- a/kubernetes/vvp/charts/vvp-cms-uwsgi/resources/config/cms/__init__.py +++ /dev/null @@ -1,395 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -from __future__ import absolute_import, unicode_literals -import os -from cms.envbool import envbool - -from django import VERSION as DJANGO_VERSION -from django.utils.translation import ugettext_lazy as _ -from boto.s3.connection import OrdinaryCallingFormat - - -###################### -# MEZZANINE SETTINGS # -###################### - -# The following settings are already defined with default values in -# the ``defaults.py`` module within each of Mezzanine's apps, but are -# common enough to be put here, commented out, for conveniently -# overriding. Please consult the settings documentation for a full list -# of settings Mezzanine implements: -# http://mezzanine.jupo.org/docs/configuration.html#default-settings - -# Controls the ordering and grouping of the admin menu. -# -# ADMIN_MENU_ORDER = ( -# ("Content", ("pages.Page", "blog.BlogPost", -# "generic.ThreadedComment", (_("Media Library"), "media-library"),)), -# ("Site", ("sites.Site", "redirects.Redirect", "conf.Setting")), -# ("Users", ("auth.User", "auth.Group",)), -# ) - -# A three item sequence, each containing a sequence of template tags -# used to render the admin dashboard. -# -# DASHBOARD_TAGS = ( -# ("blog_tags.quick_blog", "mezzanine_tags.app_list"), -# ("comment_tags.recent_comments",), -# ("mezzanine_tags.recent_actions",), -# ) - -# A sequence of templates used by the ``page_menu`` template tag. Each -# item in the sequence is a three item sequence, containing a unique ID -# for the template, a label for the template, and the template path. -# These templates are then available for selection when editing which -# menus a page should appear in. Note that if a menu template is used -# that doesn't appear in this setting, all pages will appear in it. - -# PAGE_MENU_TEMPLATES = ( -# (1, _("Top navigation bar"), "pages/menus/dropdown.html"), -# (2, _("Left-hand tree"), "pages/menus/tree.html"), -# (3, _("Footer"), "pages/menus/footer.html"), -# ) - -# A sequence of fields that will be injected into Mezzanine's (or any -# library's) models. Each item in the sequence is a four item sequence. -# The first two items are the dotted path to the model and its field -# name to be added, and the dotted path to the field class to use for -# the field. The third and fourth items are a sequence of positional -# args and a dictionary of keyword args, to use when creating the -# field instance. When specifying the field class, the path -# ``django.models.db.`` can be omitted for regular Django model fields. -# -# EXTRA_MODEL_FIELDS = ( -# ( -# # Dotted path to field. -# "mezzanine.blog.models.BlogPost.image", -# # Dotted path to field class. -# "somelib.fields.ImageField", -# # Positional args for field class. -# (_("Image"),), -# # Keyword args for field class. -# {"blank": True, "upload_to": "blog"}, -# ), -# # Example of adding a field to *all* of Mezzanine's content types: -# ( -# "mezzanine.pages.models.Page.another_field", -# "IntegerField", # 'django.db.models.' is implied if path is omitted. -# (_("Another name"),), -# {"blank": True, "default": 1}, -# ), -# ) - -# Setting to turn on featured images for blog posts. Defaults to False. -# -# BLOG_USE_FEATURED_IMAGE = True - -# If True, the django-modeltranslation will be added to the -# INSTALLED_APPS setting. -USE_MODELTRANSLATION = False - - -######################## -# MAIN DJANGO SETTINGS # -######################## - -# Hosts/domain names that are valid for this site; required if DEBUG is False -# See https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts -ALLOWED_HOSTS = ['*'] - -# Set UTC time zone: -TIME_ZONE = 'UTC' -USE_TZ = True - -# Local time zone for this installation. Choices can be found here: -# http://en.wikipedia.org/wiki/List_of_tz_zones_by_name -# although not all choices may be available on all operating systems. -# On Unix systems, a value of None will cause Django to use the same -# timezone as the operating system. -# If running in a Windows environment this must be set to the same as your -# system time zone. -TIME_ZONE = 'UTC' - -# If you set this to True, Django will use timezone-aware datetimes. -USE_TZ = True - -# Language code for this installation. All choices can be found here: -# http://www.i18nguy.com/unicode/language-identifiers.html -LANGUAGE_CODE = "en" - -# Supported languages -LANGUAGES = ( - ('en', _('English')), -) - -ENVIRONMENT = os.environ['ENVIRONMENT'] - -# See https://docs.djangoproject.com/en/1.9/howto/deployment/checklist/ -SECRET_KEY = os.environ["SECRET_KEY"] - -# A boolean that turns on/off debug mode. When set to ``True``, stack traces -# are displayed for error pages. Should always be set to ``False`` in -# production. Best set to ``True`` in local_settings.py -DEBUG = envbool('DJANGO_DEBUG_MODE', False) - -# Note: Only SSL email backends are allowed -EMAIL_USE_SSL = True - -# Whether a user's session cookie expires when the Web browser is closed. -SESSION_EXPIRE_AT_BROWSER_CLOSE = True - -SITE_ID = 1 - -# If you set this to False, Django will make some optimizations so as not -# to load the internationalization machinery. -USE_I18N = False - -AUTHENTICATION_BACKENDS = ("mezzanine.core.auth_backends.MezzanineBackend",) - -# The numeric mode to set newly-uploaded files to. The value should be -# a mode you'd pass directly to os.chmod. -FILE_UPLOAD_PERMISSIONS = 0o644 - - -############# -# DATABASES # -############# - -DATABASES = { - 'default': { - 'ENGINE': 'django.db.backends.postgresql', - 'NAME': os.environ['PGDATABASE'], - 'USER': os.environ['PGUSER'], - 'PASSWORD': os.environ['PGPASSWORD'], - 'HOST': os.environ['PGHOST'], - 'PORT': os.environ['PGPORT'], - } -} - - -######### -# PATHS # -######### - -# Full filesystem path to the project. -PROJECT_APP_PATH = os.path.dirname(os.path.abspath(__file__)) -PROJECT_APP = os.path.basename(PROJECT_APP_PATH) -PROJECT_ROOT = BASE_DIR = os.path.dirname(PROJECT_APP_PATH) - -# Every cache key will get prefixed with this value - here we set it to -# the name of the directory the project is in to try and use something -# project specific. -CACHE_MIDDLEWARE_KEY_PREFIX = PROJECT_APP - -# Package/module name to import the root urlpatterns from for the project. -ROOT_URLCONF = 'cms.urls' - -TEMPLATES = [ - { - "BACKEND": "django.template.backends.django.DjangoTemplates", - "DIRS": [ - os.path.join(PROJECT_ROOT, "templates") - ], - "APP_DIRS": True, - "OPTIONS": { - "context_processors": [ - "django.contrib.auth.context_processors.auth", - "django.contrib.messages.context_processors.messages", - "django.template.context_processors.debug", - "django.template.context_processors.i18n", - "django.template.context_processors.static", - "django.template.context_processors.media", - "django.template.context_processors.request", - "django.template.context_processors.tz", - "mezzanine.conf.context_processors.settings", - "mezzanine.pages.context_processors.page", - ], - "builtins": [ - "mezzanine.template.loader_tags", - ], - }, - }, -] - -if DJANGO_VERSION < (1, 9): - del TEMPLATES[0]["OPTIONS"]["builtins"] - - -################ -# APPLICATIONS # -################ - -INSTALLED_APPS = ( - "mezzanine_api", - "rest_framework", - "rest_framework_swagger", - "oauth2_provider", - "django.contrib.admin", - "django.contrib.auth", - "django.contrib.contenttypes", - "django.contrib.redirects", - "django.contrib.sessions", - "django.contrib.sites", - "django.contrib.sitemaps", - "django.contrib.staticfiles", - "mezzanine.boot", - "mezzanine.conf", - "mezzanine.core", - "mezzanine.generic", - "mezzanine.pages", - "mezzanine.blog", - "mezzanine.forms", - "mezzanine.galleries", - "mezzanine.twitter", - # "mezzanine.accounts", - # "mezzanine.mobile", - "cms" , - "storages", -) - -# List of middleware classes to use. Order is important; in the request phase, -# these middleware classes will be applied in the order given, and in the -# response phase the middleware will be applied in reverse order. -MIDDLEWARE_CLASSES = ( - "mezzanine.core.middleware.UpdateCacheMiddleware", - "mezzanine_api.middleware.ApiMiddleware", - 'django.contrib.sessions.middleware.SessionMiddleware', - # Uncomment if using internationalisation or localisation - # 'django.middleware.locale.LocaleMiddleware', - 'django.middleware.common.CommonMiddleware', - 'django.middleware.csrf.CsrfViewMiddleware', - 'django.contrib.auth.middleware.AuthenticationMiddleware', - 'django.contrib.auth.middleware.SessionAuthenticationMiddleware', - 'django.contrib.messages.middleware.MessageMiddleware', - 'django.middleware.clickjacking.XFrameOptionsMiddleware', - - "mezzanine.core.request.CurrentRequestMiddleware", - "mezzanine.core.middleware.RedirectFallbackMiddleware", - "mezzanine.core.middleware.TemplateForDeviceMiddleware", - "mezzanine.core.middleware.TemplateForHostMiddleware", - "mezzanine.core.middleware.AdminLoginInterfaceSelectorMiddleware", - "mezzanine.core.middleware.SitePermissionMiddleware", - "mezzanine.pages.middleware.PageMiddleware", - "mezzanine.core.middleware.FetchFromCacheMiddleware", -) - -# Store these package names here as they may change in the future since -# at the moment we are using custom forks of them. -PACKAGE_NAME_FILEBROWSER = "filebrowser_safe" -PACKAGE_NAME_GRAPPELLI = "grappelli_safe" - -######################### -# OPTIONAL APPLICATIONS # -######################### - -# These will be added to ``INSTALLED_APPS``, only if available. -OPTIONAL_APPS = ( - "debug_toolbar", - "django_extensions", - "compressor", - PACKAGE_NAME_FILEBROWSER, - PACKAGE_NAME_GRAPPELLI, -) - -##################### -# REST API SETTINGS # -##################### -try: - from mezzanine_api.settings import * -except ImportError: - pass - - -################## -# LOCAL SETTINGS # -################## - -# Allow any settings to be defined in local_settings.py which should be -# ignored in your version control system allowing for settings to be -# defined per ma chine. - -# Instead of doing "from .local_settings import *", we use exec so that -# local_settings has full access to everything defined in this module. -# Also force into sys.modules so it's visible to Django's autoreload. - -f = os.path.join(PROJECT_APP_PATH, "local_settings/__init__.py") -if os.path.exists(f): - import sys - import imp - module_name = "%s.local_settings" % PROJECT_APP - module = imp.new_module(module_name) - module.__file__ = f - sys.modules[module_name] = module - exec(open(f, "rb").read()) - - -#################### -# DYNAMIC SETTINGS # -#################### - -# set_dynamic_settings() will rewrite globals based on what has been -# defined so far, in order to provide some better defaults where -# applicable. We also allow this settings module to be imported -# without Mezzanine installed, as the case may be when using the -# fabfile, where setting the dynamic settings below isn't strictly -# required. -try: - from mezzanine.utils.conf import set_dynamic_settings -except ImportError: - pass -else: - set_dynamic_settings(globals()) - -# default settings for mezzanine -NEVERCACHE_KEY = os.getenv('CMS_NEVERCACHE_KEY', ''), -# Application User -CMS_APP_USER = os.getenv('CMS_APP_USER') -CMS_APP_USER_PASSWORD = os.getenv('CMS_APP_USER_PASSWORD') -CMS_APP_USER_MAIL = os.getenv('CMS_APP_USER_MAIL') -# Client App (EM) -CMS_APP_CLIENT_ID = os.getenv('CMS_APP_CLIENT_ID') -CMS_APP_CLIENT_SECRET = os.getenv('CMS_APP_CLIENT_SECRET') -CMS_APP_NAME = 'Engagement_Manager_App' -REST_FRAMEWORK['DEFAULT_RENDERER_CLASSES'] = ( - 'rest_framework.renderers.JSONRenderer', -) - -# S3 configuration for static resources storage and media upload - -# used by our custom storage.py -MEDIA_BUCKET = "cms-media" -STATIC_BUCKET = "cms-static" - -# django-storages configuration -AWS_S3_HOST = os.environ['S3_HOST'] -AWS_S3_PORT = int(os.environ['S3_PORT']) -AWS_S3_CUSTOM_DOMAIN = os.environ['S3_HOST'] -AWS_ACCESS_KEY_ID = os.environ['AWS_ACCESS_KEY_ID'] -AWS_SECRET_ACCESS_KEY = os.environ['AWS_SECRET_ACCESS_KEY'] -AWS_AUTO_CREATE_BUCKET = True -AWS_PRELOAD_METADATA = True - -# Set by custom subclass. -# AWS_STORAGE_BUCKET_NAME = "em-static" -AWS_S3_CALLING_FORMAT = OrdinaryCallingFormat() -DEFAULT_FILE_STORAGE = 'cms.settings.storage.S3MediaStorage' -STATICFILES_STORAGE = 'cms.settings.storage.S3StaticStorage' - -# These seem to have no effect even when we don't override with custom_domain? -STATIC_URL = 'https://%s/%s/' % (AWS_S3_CUSTOM_DOMAIN, STATIC_BUCKET) -MEDIA_URL = 'https://%s/%s/' % (AWS_S3_CUSTOM_DOMAIN, MEDIA_BUCKET) - -STATIC_ROOT = os.environ['STATIC_ROOT'] - diff --git a/kubernetes/vvp/charts/vvp-cms-uwsgi/resources/config/cms/gunicorn.ini b/kubernetes/vvp/charts/vvp-cms-uwsgi/resources/config/cms/gunicorn.ini deleted file mode 100644 index 29cca7db93..0000000000 --- a/kubernetes/vvp/charts/vvp-cms-uwsgi/resources/config/cms/gunicorn.ini +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -bind = ":80" -chdir = '/srv' -pidfile = '/tmp/ice-project-master.pid' -backlog = '5000' -errorlog = '-' -loglevel = 'info' diff --git a/kubernetes/vvp/charts/vvp-cms-uwsgi/resources/config/cms/storage.py b/kubernetes/vvp/charts/vvp-cms-uwsgi/resources/config/cms/storage.py deleted file mode 100644 index 0abfae9035..0000000000 --- a/kubernetes/vvp/charts/vvp-cms-uwsgi/resources/config/cms/storage.py +++ /dev/null @@ -1,50 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -""" -storage.py - -In order to make Django store trusted static files and untrusted media -(user-uploaded) files in separate s3 buckets, we must create two different -storage classes. - -https://www.caktusgroup.com/blog/2014/11/10/Using-Amazon-S3-to-store-your-Django-sites-static-and-media-files/ -http://www.leehodgkinson.com/blog/my-mezzanine-s3-setup/ - -""" - -# FIXME this module never changes so might not need not be kept in a -# configmap. Also it is (almost) the same as what we use in em; that does -# not use S3BotoStorageMixin. - -# There is a newer storage based on boto3 but that doesn't support changing -# the HOST, as we need to for non-amazon s3 services. It does support an -# "endpoint"; setting AWS_S3_ENDPOINT_URL may cause it to work. -from storages.backends.s3boto import S3BotoStorage -from filebrowser_safe.storage import S3BotoStorageMixin -from django.conf import settings - - -# NOTE for some reason, collectstatic uploads to bucket/location but the -# urls constructed are domain/location -class S3StaticStorage(S3BotoStorage, S3BotoStorageMixin): - custom_domain = '%s/%s' % (settings.AWS_S3_HOST, settings.STATIC_BUCKET) - bucket_name = settings.STATIC_BUCKET - # location = ... - - -class S3MediaStorage(S3BotoStorage, S3BotoStorageMixin): - custom_domain = '%s/%s' % (settings.AWS_S3_HOST, settings.MEDIA_BUCKET) - bucket_name = settings.MEDIA_BUCKET - # location = ... diff --git a/kubernetes/vvp/charts/vvp-cms-uwsgi/templates/configmap.yaml b/kubernetes/vvp/charts/vvp-cms-uwsgi/templates/configmap.yaml deleted file mode 100644 index d8b2bbbbbc..0000000000 --- a/kubernetes/vvp/charts/vvp-cms-uwsgi/templates/configmap.yaml +++ /dev/null @@ -1,37 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-settings - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/cms/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.fullname" . }}-secret - namespace: {{ include "common.namespace" . }} -type: Opaque -data: - key: "KCtkbV9yaigwMDU9XmV2emVzZDMjeHB5JC0kY15qI2NsemlsYngmXz0wbGg3by0zNCM=" - app_user: "Y21zYXBwdXNlcg==" - app_user_mail: "Y21zYXBwdXNlckBleGFtcGxlLmNvbQ==" - app_user_password: "Y21zYXBwdXNlcnBhc3N3b3Jk" - app_client_id: "RWVCNFhlaW1vb2M2eGllU2VlS2FoOGRhZTFlaXBhZTRvdGFlc2hlZQ==" - app_client_secret: "aGFpTW9vcGllWmVlMXdlaTNsZWY0Z2FleWlhMnZhaHdvaHRoMG1haWQ5aXRoMnBoZWVzaGFpdGh1VG9vcjJKb2hzaGVpNWJhZXk3RWlxdWFldGhlaWI4cXVhaXF1ZWU3cGhpYXRoN2V1YjJhaU5haWMzb3U5dmFpemViZWlGNXU=" - nevercache_key: "YV9qLWc1aCszKW9AMndpYXNtYmcoaHV4cHVqaD05NShwLSR2ejF4aiZ0K20pKy11ODQ=" ---- diff --git a/kubernetes/vvp/charts/vvp-cms-uwsgi/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-cms-uwsgi/templates/deployment.yaml deleted file mode 100644 index bb31b82ce7..0000000000 --- a/kubernetes/vvp/charts/vvp-cms-uwsgi/templates/deployment.yaml +++ /dev/null @@ -1,111 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - name: {{ .Release.Name }} - spec: - imagePullSecrets: - - name: onapkey - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort1 }} - - containerPort: {{ .Values.service.internalPort2 }} - env: - - name: ENVIRONMENT - value: "development" - - name: SECRET_KEY - valueFrom: - secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: key} - - name: EMAIL_HOST - value: "localhost" - - name: EMAIL_HOST_USER - value: "example" - - name: EMAIL_PORT - value: "25" - - name: EMAIL_HOST_PASSWORD - valueFrom: - secretKeyRef: {name: email-secret, key: password} - - name: PGHOST - value: vvp-postgres - - name: PGPORT - value: "5432" - - name: PGDATABASE - value: "icecmsdb" - - name: PGUSER - value: "cms_postgresuser" - - name: PGPASSWORD - valueFrom: - secretKeyRef: {name: postgresql-passwords, key: cmsPassword} - - name: ICE_CONTACT_FROM_ADDRESS - value: "example" - - name: CMS_NEVERCACHE_KEY - valueFrom: - secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: nevercache_key} - - name: CMS_APP_USER - valueFrom: - secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: app_user} - - name: CMS_APP_USER_MAIL - valueFrom: - secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: app_user_mail} - - name: CMS_APP_USER_PASSWORD - valueFrom: - secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: app_user_password} - - name: CMS_APP_CLIENT_ID - valueFrom: - secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: app_client_id} - - name: CMS_APP_CLIENT_SECRET - valueFrom: - secretKeyRef: {name: {{ include "common.fullname" . }}-secret, key: app_client_secret} - - name: STATIC_ROOT - value: "/app/htdocs" - - name: DJANGO_DEBUG_MODE - value: "True" - - name: S3_HOST - value: "dev-s3.vvp.example.com" - - name: S3_PORT - value: "443" - - name: AWS_ACCESS_KEY_ID - valueFrom: - secretKeyRef: {name: em-secret, key: aws_access_key_id} - - name: AWS_SECRET_ACCESS_KEY - valueFrom: - secretKeyRef: {name: em-secret, key: aws_secret_access_key} - command: ["/docker-entrypoint.sh", "/usr/local/bin/gunicorn", "-c", "/opt/configmaps/settings/gunicorn.ini", "cms.wsgi:application", ] - volumeMounts: - - name: settings - mountPath: /opt/configmaps/settings/ - - name: site-crt - mountPath: /opt/secrets/site-crt/ - volumes: - - name: settings - configMap: - name: {{ include "common.fullname" . }}-settings - - name: site-crt - secret: - secretName: site-crt diff --git a/kubernetes/vvp/charts/vvp-cms-uwsgi/templates/service.yaml b/kubernetes/vvp/charts/vvp-cms-uwsgi/templates/service.yaml deleted file mode 100644 index 0c6c30da78..0000000000 --- a/kubernetes/vvp/charts/vvp-cms-uwsgi/templates/service.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.internalPort1 }} - name: {{ .Values.service.portName | default "http" }} - selector: - app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/charts/vvp-cms-uwsgi/values.yaml b/kubernetes/vvp/charts/vvp-cms-uwsgi/values.yaml deleted file mode 100644 index e57b1730c3..0000000000 --- a/kubernetes/vvp/charts/vvp-cms-uwsgi/values.yaml +++ /dev/null @@ -1,61 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - repository: nexus3.onap.org:10001 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: onap/vvp/cms:1.0.0 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: ClusterIP - internalPort1: 80 - internalPort2: 9000 - -ingress: - enabled: false diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/Chart.yaml b/kubernetes/vvp/charts/vvp-em-uwsgi/Chart.yaml deleted file mode 100644 index 4393322261..0000000000 --- a/kubernetes/vvp/charts/vvp-em-uwsgi/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: backend uwsgi server which hosts django application -name: vvp-em-uwsgi -version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/__init__.py b/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/__init__.py deleted file mode 100644 index ed57ca604d..0000000000 --- a/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/__init__.py +++ /dev/null @@ -1,332 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -""" -Django settings for VVP project. - -Environment variables that must exist: - - ENVIRONMENT - SECRET_KEY - SECRET_WEBHOOK_TOKEN - SECRET_GITLAB_AUTH_TOKEN - SECRET_JENKINS_PASSWORD - SECRET_CMS_APP_CLIENT_ID - SECRET_CMS_APP_CLIENT_SECRET - -Environment variables that must exist in production: - - EMAIL_HOST - EMAIL_HOST_PASSWORD - EMAIL_HOST_USER - EMAIL_PORT - -""" - -import os -from vvp.settings.envbool import envbool -from corsheaders.defaults import default_headers -from boto.s3.connection import OrdinaryCallingFormat -import datetime - -# With this file at ice/settings/__init__.py, we need three applications of -# dirname() to find the project root. -import engagementmanager -PROJECT_PATH = os.path.dirname(os.path.dirname(engagementmanager.__file__)) -LOGS_PATH = os.path.join(PROJECT_PATH, "logs") - -ENVIRONMENT = os.environ['ENVIRONMENT'] -PROGRAM_NAME_URL_PREFIX = os.environ['PROGRAM_NAME_URL_PREFIX'] -SERVICE_PROVIDER = os.environ['SERVICE_PROVIDER'] -PROGRAM_NAME = os.environ['PROGRAM_NAME'] -SERVICE_PROVIDER_DOMAIN = os.environ['SERVICE_PROVIDER_DOMAIN'] - -# See https://docs.djangoproject.com/en/1.9/howto/deployment/checklist/ -SECRET_KEY = os.environ["SECRET_KEY"] - -# https://docs.djangoproject.com/en/1.10/ref/settings/#allowed-hosts -# Anything in the Host header that does not match our expected domain should -# raise SuspiciousOperation exception. -ALLOWED_HOSTS = ['*'] - -DEBUG = envbool('DJANGO_DEBUG_MODE', False) - -if ENVIRONMENT == 'production': - EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend' - EMAIL_HOST = os.environ['EMAIL_HOST'] - EMAIL_HOST_PASSWORD = os.environ['EMAIL_HOST_PASSWORD'] - EMAIL_HOST_USER = os.environ['EMAIL_HOST_USER'] - EMAIL_PORT = os.environ['EMAIL_PORT'] -else: - EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' - -# Note: Only SSL email backends are allowed -EMAIL_USE_SSL = True - -REST_FRAMEWORK = { - # Use Django's standard `django.contrib.auth` permissions, - # or allow read-only access for unauthenticated users. - 'EXCEPTION_HANDLER': 'engagementmanager.utils.exception_handler.ice_exception_handler', - 'PAGE_SIZE': 10, - 'DEFAULT_PERMISSION_CLASSES': ( - 'rest_framework.permissions.IsAuthenticated', - ), - 'DEFAULT_AUTHENTICATION_CLASSES': ( - 'rest_framework.authentication.SessionAuthentication', - 'rest_framework.authentication.BasicAuthentication', - 'rest_framework_jwt.authentication.JSONWebTokenAuthentication', - ), - 'DEFAULT_PARSER_CLASSES': ( - 'engagementmanager.rest.parsers.XSSJSONParser', - 'engagementmanager.rest.parsers.XSSFormParser', - 'engagementmanager.rest.parsers.XSSMultiPartParser', - ) -} - -JWT_AUTH = { - 'JWT_AUTH_HEADER_PREFIX': 'token', - 'JWT_ALGORITHM': 'HS256', - 'JWT_EXPIRATION_DELTA': datetime.timedelta(days=1), - 'JWT_DECODE_HANDLER': 'engagementmanager.utils.authentication.ice_jwt_decode_handler', -} - -APPEND_SLASH = False - -# Application definition -INSTALLED_APPS = [ - 'django.contrib.auth', # required by d.c.admin - 'corsheaders', - 'django.contrib.contenttypes', # required by d.c.admin - 'django.contrib.sessions', # required by d.c.admin - 'django.contrib.messages', # required by d.c.admin - 'django.contrib.staticfiles', - 'django.contrib.admin', # django admin site - 'rest_framework', - 'engagementmanager.apps.EngagementmanagerConfig', - 'validationmanager.apps.ValidationmanagerConfig', -] - -MIDDLEWARE_CLASSES = [ - 'django.middleware.security.SecurityMiddleware', - 'django.contrib.sessions.middleware.SessionMiddleware', - 'django.middleware.common.CommonMiddleware', - 'django.contrib.auth.middleware.AuthenticationMiddleware', # required by d.c.admin - 'django.contrib.auth.middleware.SessionAuthenticationMiddleware', - 'django.contrib.messages.middleware.MessageMiddleware', - 'django.middleware.clickjacking.XFrameOptionsMiddleware', - 'corsheaders.middleware.CorsMiddleware', -] - -ROOT_URLCONF = 'vvp.urls' - -TEMPLATES = [ - { - 'BACKEND': 'django.template.backends.django.DjangoTemplates', - 'DIRS': [PROJECT_PATH + '/web/templates'], - 'APP_DIRS': True, - 'OPTIONS': { - 'context_processors': [ - 'django.template.context_processors.debug', - 'django.template.context_processors.request', - 'django.contrib.auth.context_processors.auth', # required by d.c.admin - 'django.contrib.messages.context_processors.messages', # required by d.c.admin - ], - }, - }, -] - -WSGI_APPLICATION = 'vvp.wsgi.application' - - -# Database -# https://docs.djangoproject.com/en/1.9/ref/settings/#databases -DATABASES = { - 'default': { - 'ENGINE': 'django.db.backends.postgresql', - 'NAME': os.environ['PGDATABASE'], - 'USER': os.environ['PGUSER'], - 'PASSWORD': os.environ['PGPASSWORD'], - 'HOST': os.environ['PGHOST'], - 'PORT': os.environ['PGPORT'], - } -} - - -# Password validation -# https://docs.djangoproject.com/en/1.9/ref/settings/#auth-password-validators -AUTH_PASSWORD_VALIDATORS = [ - {'NAME': 'django.contrib.auth.password_validation.%s' % s} for s in [ - 'UserAttributeSimilarityValidator', - 'MinimumLengthValidator', - 'CommonPasswordValidator', - 'NumericPasswordValidator', - ]] - - -# Internationalization -# https://docs.djangoproject.com/en/1.9/topics/i18n/ -LANGUAGE_CODE = 'en-us' -TIME_ZONE = 'UTC' -USE_I18N = True -USE_L10N = True -USE_TZ = True - -CORS_ALLOW_HEADERS = default_headers + ('ICE-USER-ID',) - -# Static files (CSS, JavaScript, Images) -# https://docs.djangoproject.com/en/1.9/howto/static-files/ -STATIC_ROOT = os.environ['STATIC_ROOT'] - - -LOGGING = { - 'version': 1, - 'disable_existing_loggers': False, - 'formatters': { # All possible attributes are: https://docs.python.org/3/library/logging.html#logrecord-attributes - 'verbose': { - 'format': '%(asctime)s %(levelname)s %(name)s %(module)s %(lineno)d %(process)d %(thread)d %(message)s' - }, - 'simple': { - 'format': '%(asctime)s %(levelname)s %(name)s %(message)s' - }, - }, - 'handlers': { - 'console': { - 'class': 'logging.StreamHandler', - 'formatter': 'simple' - }, - 'vvp-info.log': { - 'level': 'INFO', # handler will ignore DEBUG (only process INFO, WARN, ERROR, CRITICAL, FATAL) - 'class': 'logging.FileHandler', - 'filename': os.path.join(LOGS_PATH, 'vvp-info.log'), - 'formatter': 'verbose' - }, - 'vvp-debug.log': { - 'level': 'DEBUG', - 'class': 'logging.FileHandler', - 'filename': os.path.join(LOGS_PATH, 'vvp-debug.log'), - 'formatter': 'verbose' - }, - 'vvp-requests.log': { - 'level': 'ERROR', - 'class': 'logging.FileHandler', - 'filename': os.path.join(LOGS_PATH, 'vvp-requests.log'), - 'formatter': 'verbose' - }, - 'vvp-db.log': { - 'level': 'ERROR', - 'class': 'logging.FileHandler', - 'filename': os.path.join(LOGS_PATH, 'vvp-db.log'), - 'formatter': 'verbose', - }, - }, - 'loggers': { - 'vvp.logger': { - 'handlers': ['vvp-info.log', 'vvp-debug.log', 'vvp-requests.log', 'vvp-db.log', 'console'], - 'level': 'DEBUG' if DEBUG else 'INFO', - }, - 'django': { - 'handlers': ['console'], - 'level': 'INFO' if DEBUG else 'ERROR', - }, - 'django.request': { - 'handlers': ['vvp-requests.log', 'console'], - 'level': 'INFO' if DEBUG else 'ERROR', - }, - 'django.db.backends': { - 'handlers': ['vvp-db.log', 'console'], - 'level': 'DEBUG' if DEBUG else 'ERROR', - 'propagate': False, - }, - # silence the hundred lines of useless "missing variable in template" - # complaints per admin pageview. - 'django.template': { - 'level': 'DEBUG', - 'handlers': ['vvp-info.log', 'vvp-debug.log', 'console'], - 'propagate': False, - }, - } -} - - -############################# -# VVP Related Configuration -############################# -CONTACT_FROM_ADDRESS = os.getenv('CONTACT_FROM_ADDRESS', 'dummy@example.com') -CONTACT_EMAILS = [s.strip() for s in os.getenv('CONTACT_EMAILS', 'user@example.com').split(',') if s] -DOMAIN = os.getenv('EM_DOMAIN_NAME') -TOKEN_EXPIRATION_IN_HOURS = 48 -DAILY_SCHEDULED_JOB_HOUR = 20 -NUMBER_OF_POLLED_ACTIVITIES = 5 -TEMP_PASSWORD_EXPIRATION_IN_HOURS = 48 -# This is the DNS name pointing to the private-network ip of the host machine -# running (a haproxy that points to) (an nginx frontend for) this app -API_DOMAIN = 'em' - -# The authentication token needed by Jenkins or Gitlab to issue webhook updates -# to us. This is a "secret" shared by Jenkins and Django. It must be part of -# the URL path component for the Jenkins webhook in ValidationManager to accept -# a notification. It should be a set of random URL-path-safe characters, with -# no slash '/'. -# FIXME: Does this authentication scheme actually gain us anything? What's the -# threat model -WEBHOOK_TOKEN = os.environ['SECRET_WEBHOOK_TOKEN'] - -# The authentication token and URL needed for us to issue requests to the GitLab API. -GITLAB_TOKEN = os.environ['SECRET_GITLAB_AUTH_TOKEN'] -GITLAB_URL = "http://vvp-gitlab/" - -JENKINS_URL = "http://vvp-jenkins:8080/" -JENKINS_USERNAME = "admin" -JENKINS_PASSWORD = os.environ['SECRET_JENKINS_PASSWORD'] - -IS_CL_CREATED_ON_REVIEW_STATE = envbool('IS_CL_CREATED_ON_REVIEW_STATE', False) # Options: True, False -IS_SIGNAL_ENABLED = envbool('IS_SIGNAL_ENABLED', True) -RECENT_ENG_TTL = 3 # In days -CMS_URL = "http://vvp-cms-uwsgi/api/" -CMS_APP_CLIENT_ID = os.environ['SECRET_CMS_APP_CLIENT_ID'] -CMS_APP_CLIENT_SECRET = os.environ['SECRET_CMS_APP_CLIENT_SECRET'] - -# slack integration -SLACK_API_TOKEN = os.environ['SLACK_API_TOKEN'] -ENGAGEMENTS_CHANNEL = os.getenv('ENGAGEMENTS_CHANNEL', '') -ENGAGEMENTS_NOTIFICATIONS_CHANNEL = os.getenv('ENGAGEMENTS_NOTIFICATIONS_CHANNEL:', '') -DEVOPS_CHANNEL = os.getenv('DEVOPS_CHANNEL', '') -DEVOPS_NOTIFICATIONS_CHANNEL = os.getenv('DEVOPS_NOTIFICATIONS_CHANNEL', '') - -# S3 configuration for static resources storage and media upload - -# used by our custom storage.py -MEDIA_BUCKET = "em-media" -STATIC_BUCKET = "em-static" - -# django-storages configuration -AWS_S3_HOST = os.environ['S3_HOST'] -AWS_S3_PORT = int(os.environ['S3_PORT']) -AWS_S3_CUSTOM_DOMAIN = os.environ['S3_HOST'] -AWS_ACCESS_KEY_ID = os.environ['AWS_ACCESS_KEY_ID'] -AWS_SECRET_ACCESS_KEY = os.environ['AWS_SECRET_ACCESS_KEY'] -AWS_AUTO_CREATE_BUCKET = True -AWS_PRELOAD_METADATA = True - -# Set by custom subclass. -# AWS_STORAGE_BUCKET_NAME = "em-static" -AWS_S3_CALLING_FORMAT = OrdinaryCallingFormat() -DEFAULT_FILE_STORAGE = 'vvp.settings.storage.S3MediaStorage' -STATICFILES_STORAGE = 'vvp.settings.storage.S3StaticStorage' - -# These seem to have no effect even when we don't override with custom_domain? -STATIC_URL = 'https://%s/%s/' % (AWS_S3_CUSTOM_DOMAIN, STATIC_BUCKET) -MEDIA_URL = 'https://%s/%s/' % (AWS_S3_CUSTOM_DOMAIN, MEDIA_BUCKET) - -STATIC_ROOT = os.environ['STATIC_ROOT'] diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/envbool.py b/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/envbool.py deleted file mode 100644 index 31f4385d16..0000000000 --- a/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/envbool.py +++ /dev/null @@ -1,44 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -""" -envbool.py - -Return which environment is currently running on (to setting.py). - -""" -import os - - -def envbool(key, default=False, unknown=True): - """Return a boolean value based on that of an environment variable. - - Environment variables have no native boolean type. They are always strings, and may be empty or - unset (which differs from empty.) Furthermore, notions of what is "truthy" in shell script - differ from that of python. - - This function converts environment variables to python boolean True or False in - case-insensitive, expected ways to avoid pitfalls: - - "True", "true", and "1" become True - "False", "false", and "0" become False - unset or empty becomes False by default (toggle with 'default' parameter.) - any other value becomes True by default (toggle with 'unknown' parameter.) - - """ - return { - 'true': True, '1': True, # 't': True, - 'false': False, '0': False, # 'f': False. - '': default, - }.get(os.getenv(key, '').lower(), unknown) diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/gunicorn.ini b/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/gunicorn.ini deleted file mode 100644 index 29cca7db93..0000000000 --- a/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/gunicorn.ini +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -bind = ":80" -chdir = '/srv' -pidfile = '/tmp/ice-project-master.pid' -backlog = '5000' -errorlog = '-' -loglevel = 'info' diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/storage.py b/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/storage.py deleted file mode 100644 index c76046a329..0000000000 --- a/kubernetes/vvp/charts/vvp-em-uwsgi/resources/config/em/storage.py +++ /dev/null @@ -1,48 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -""" -storage.py - -In order to make Django store trusted static files and untrusted media -(user-uploaded) files in separate s3 buckets, we must create two different -storage classes. - -https://www.caktusgroup.com/blog/2014/11/10/Using-Amazon-S3-to-store-your-Django-sites-static-and-media-files/ -http://www.leehodgkinson.com/blog/my-mezzanine-s3-setup/ - -""" - -# FIXME this module never changes so might not need not be kept in a -# configmap. Also it is (almost) the same as what we use in cms. - -# There is a newer storage based on boto3 but that doesn't support changing -# the HOST, as we need to for non-amazon s3 services. It does support an -# "endpoint"; setting AWS_S3_ENDPOINT_URL may cause it to work. -from storages.backends.s3boto import S3BotoStorage -from django.conf import settings - - -# NOTE for some reason, collectstatic uploads to bucket/location but the -# urls constructed are domain/location -class S3StaticStorage(S3BotoStorage): - custom_domain = '%s/%s' % (settings.AWS_S3_HOST, settings.STATIC_BUCKET) - bucket_name = settings.STATIC_BUCKET - # location = ... - - -class S3MediaStorage(S3BotoStorage): - custom_domain = '%s/%s' % (settings.AWS_S3_HOST, settings.MEDIA_BUCKET) - bucket_name = settings.MEDIA_BUCKET - # location = ... diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-em-uwsgi/templates/deployment.yaml deleted file mode 100644 index 744115b15e..0000000000 --- a/kubernetes/vvp/charts/vvp-em-uwsgi/templates/deployment.yaml +++ /dev/null @@ -1,133 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - name: {{ .Release.Name }} - spec: - imagePullSecrets: - - name: onapkey - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: 80 - - containerPort: 9000 - volumeMounts: - - name: em-settings - mountPath: /opt/configmaps/settings/ - - name: site-crt - mountPath: /opt/secrets/site-crt/ - env: - - name: ENVIRONMENT - value: "development" - - name: PROGRAM_NAME_URL_PREFIX - value: "vvp" - - name: SERVICE_PROVIDER - value: "NA" - - name: PROGRAM_NAME - value: "VVP" - - name: SERVICE_PROVIDER_DOMAIN - value: "na.com" - - name: SECRET_KEY - valueFrom: - secretKeyRef: {name: em-secret, key: key} - - name: EMAIL_HOST - value: "localhost" - - name: EMAIL_HOST_USER - value: "example" - - name: EMAIL_PORT - value: "25" - - name: EMAIL_HOST_PASSWORD - valueFrom: - secretKeyRef: {name: email-secret, key: password} - - name: PGHOST - value: vvp-postgres - - name: PGPORT - value: "5432" - - name: PGDATABASE - value: icedb - - name: PGUSER - value: "em_postgresuser" - - name: PGPASSWORD - valueFrom: - secretKeyRef: {name: postgresql-passwords, key: emPassword} - - name: DOMAIN - value: https://development.vvp.example.com - - name: ICE_EM_DOMAIN_NAME - value: https://development.vvp.example.com - - name: CONTACT_FROM_ADDRESS - value: "example" - - name: OAUTHLIB_INSECURE_TRANSPORT - value: "1" - - name: SECRET_WEBHOOK_TOKEN - valueFrom: - secretKeyRef: {name: em-secret, key: em_webhook_token} - - name: SECRET_GITLAB_AUTH_TOKEN - valueFrom: - secretKeyRef: {name: gitlab-password, key: auth-token} - - name: SECRET_JENKINS_PASSWORD - valueFrom: - secretKeyRef: {name: em-secret, key: jenkins_admin_password} - - name: SECRET_CMS_APP_CLIENT_ID - valueFrom: - secretKeyRef: {name: em-secret, key: cms_app_client_id} - - name: SECRET_CMS_APP_CLIENT_SECRET - valueFrom: - secretKeyRef: {name: em-secret, key: cms_app_client_secret} - - name: STATIC_ROOT - value: "/app/htdocs" - - name: DJANGO_DEBUG_MODE - value: "True" - - name: SLACK_API_TOKEN - valueFrom: - secretKeyRef: {name: em-secret, key: slack_api_token} - - name: ENGAGEMENTS_CHANNEL - value: "" - - name: ENGAGEMENTS_NOTIFICATIONS_CHANNEL - value: "" - - name: DEVOPS_CHANNEL - value: "" - - name: DEVOPS_NOTIFICATIONS_CHANNEL - value: "" - - name: S3_HOST - value: "dev-s3.vvp.example.com" - - name: S3_PORT - value: "443" - - name: AWS_ACCESS_KEY_ID - valueFrom: - secretKeyRef: {name: em-secret, key: aws_access_key_id} - - name: AWS_SECRET_ACCESS_KEY - valueFrom: - secretKeyRef: {name: em-secret, key: aws_secret_access_key} - command: ["/docker-entrypoint.sh", "/usr/local/bin/gunicorn", "-c", "/opt/configmaps/settings/gunicorn.ini", "vvp.wsgi:application", ] - volumes: - - name: site-crt - secret: - secretName: site-crt - - name: em-settings - configMap: - name: {{ include "common.fullname" . }}-settings diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/templates/service.yaml b/kubernetes/vvp/charts/vvp-em-uwsgi/templates/service.yaml deleted file mode 100644 index a4260013a4..0000000000 --- a/kubernetes/vvp/charts/vvp-em-uwsgi/templates/service.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName | default "http" }} - selector: - app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/charts/vvp-em-uwsgi/values.yaml b/kubernetes/vvp/charts/vvp-em-uwsgi/values.yaml deleted file mode 100644 index a96ca26119..0000000000 --- a/kubernetes/vvp/charts/vvp-em-uwsgi/values.yaml +++ /dev/null @@ -1,61 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - repository: nexus3.onap.org:10001 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: onap/vvp/engagementmgr:1.0.0 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: ClusterIP - internalPort: 80 - portName: em - -ingress: - enabled: false diff --git a/kubernetes/vvp/charts/vvp-ext-haproxy/Chart.yaml b/kubernetes/vvp/charts/vvp-ext-haproxy/Chart.yaml deleted file mode 100644 index 721912d3c9..0000000000 --- a/kubernetes/vvp/charts/vvp-ext-haproxy/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: load balancer for external transport -name: vvp-ext-haproxy -version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-ext-haproxy/resources/config/ext-haproxy-cfg/file b/kubernetes/vvp/charts/vvp-ext-haproxy/resources/config/ext-haproxy-cfg/file deleted file mode 100644 index ca7b40a7bc..0000000000 --- a/kubernetes/vvp/charts/vvp-ext-haproxy/resources/config/ext-haproxy-cfg/file +++ /dev/null @@ -1,79 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -resolvers dns - nameserver pod_dns "10.3.0.10:53" - resolve_retries 3 - timeout retry 1s - hold valid 30s - -defaults - mode http - timeout connect 5000ms - timeout client 50000ms - timeout server 50000ms - option httpclose - option redispatch - option abortonclose - option httplog - option dontlognull - default-server init-addr last,libc,none - -backend gitlab_ssh - mode tcp - option tcplog - timeout server 2h - server gitlabssh vvp-gitlab:22 resolvers dns - -frontend gitlab_ssh_frontend - mode tcp - option tcplog - timeout client 2h - bind 0.0.0.0:22 - acl is_ssh dst_port 22 - use_backend gitlab_ssh if is_ssh - -backend portal_backend - mode http - server ice_portal vvp:8181 resolvers dns - -backend api - mode http - server engagement_manager vvp-em-uwsgi:80 resolvers dns - -backend s3 - mode http - balance roundrobin - option httpchk HEAD / - server ceph-01 10.252.0.21:8080 check inter 10000ms - -frontend portal - mode http - acl is_api_call path_beg -i /vvp - acl is_s3 hdr_beg(host) s3. staging-s3. dev-s3. - use_backend api if is_api_call - use_backend s3 if is_s3 - bind 0.0.0.0:80 - bind 0.0.0.0:443 ssl crt /etc/haproxy/site.pem force-tlsv12 - default_backend portal_backend - -listen stats - bind 0.0.0.0:9001 - mode http - stats enable # Enable stats page - stats realm Haproxy\ Statistics - stats uri /haproxy_stats - stats auth "${HAPROXY_USER}:${HAPROXY_PASS}" - acl network_allowed src 10.252.0.0/16 127.0.0.1/32 10.2.0.0/16 - http-request deny if !network_allowed diff --git a/kubernetes/vvp/charts/vvp-ext-haproxy/templates/configmap.yaml b/kubernetes/vvp/charts/vvp-ext-haproxy/templates/configmap.yaml deleted file mode 100644 index 0bb0e264cb..0000000000 --- a/kubernetes/vvp/charts/vvp-ext-haproxy/templates/configmap.yaml +++ /dev/null @@ -1,21 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-cfg - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/ext-haproxy-cfg/*").AsConfig . | indent 2 }} diff --git a/kubernetes/vvp/charts/vvp-ext-haproxy/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-ext-haproxy/templates/deployment.yaml deleted file mode 100644 index 74a0ad2702..0000000000 --- a/kubernetes/vvp/charts/vvp-ext-haproxy/templates/deployment.yaml +++ /dev/null @@ -1,66 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - name: {{ .Release.Name }} - spec: - imagePullSecrets: - - name: onapkey - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: 80 - - containerPort: 22 - - containerPort: 443 - - containerPort: 9001 - env: - - name: HAPROXY_USER - valueFrom: - secretKeyRef: - name: haproxy-auth - key: user - - name: HAPROXY_PASS - valueFrom: - secretKeyRef: - name: haproxy-auth - key: pass - volumeMounts: - - mountPath: /usr/local/etc/haproxy/ - name: ext-haproxy-cfg - - mountPath: /etc/haproxy/ - name: site-pem - volumes: - - name: ext-haproxy-cfg - configMap: - name: {{ include "common.fullname" . }}-cfg - items: - - key: file - path: haproxy.cfg - - name: site-pem - secret: - secretName: site-pem diff --git a/kubernetes/vvp/charts/vvp-ext-haproxy/templates/service.yaml b/kubernetes/vvp/charts/vvp-ext-haproxy/templates/service.yaml deleted file mode 100644 index bcc41c1671..0000000000 --- a/kubernetes/vvp/charts/vvp-ext-haproxy/templates/service.yaml +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.internalPort1 }} - name: {{ .Values.service.portName1 }} - - port: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName2 }} - - port: {{ .Values.service.internalPort3 }} - name: {{ .Values.service.portName3 }} - - port: {{ .Values.service.internalPort4 }} - name: {{ .Values.service.portName4 }} - selector: - app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/charts/vvp-ext-haproxy/values.yaml b/kubernetes/vvp/charts/vvp-ext-haproxy/values.yaml deleted file mode 100644 index 88b32d7d77..0000000000 --- a/kubernetes/vvp/charts/vvp-ext-haproxy/values.yaml +++ /dev/null @@ -1,63 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - repository: nexus3.onap.org:10001 - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: docker.io -image: haproxy:1.7.2-alpine -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: NodePort - portName1: web - internalPort1: 80 - portName2: ssl - internalPort2: 443 - portName3: ssh - internalPort3: 22 - portName4: stats - internalPort4: 9000 - -ingress: - enabled: false diff --git a/kubernetes/vvp/charts/vvp-gitlab/Chart.yaml b/kubernetes/vvp/charts/vvp-gitlab/Chart.yaml deleted file mode 100644 index 4598d6754a..0000000000 --- a/kubernetes/vvp/charts/vvp-gitlab/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: holds all customers files in repos -name: vvp-gitlab -version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-gitlab/templates/configmap.yaml b/kubernetes/vvp/charts/vvp-gitlab/templates/configmap.yaml deleted file mode 100644 index 821b5b7dc9..0000000000 --- a/kubernetes/vvp/charts/vvp-gitlab/templates/configmap.yaml +++ /dev/null @@ -1,32 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: gitlab-password - namespace: {{ include "common.namespace" . }} -type: Opaque -data: - password: "YW82aWo2d29oV2VpcXU0ZQ==" - auth-token: "amFkdTZ5b2hqYWl5OFdvYjBJZUs=" ---- -kind: Secret -apiVersion: v1 -metadata: - name: jenkins-deploykey - namespace: {{ include "common.namespace" . }} -type: Opaque -data: - deploykey.pub: "c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUlQWFNQT2ppSkYvWEdicmNpVXNja1hMbFA0Q0ZHNS9POHErQ0xRZW1CTlE=" diff --git a/kubernetes/vvp/charts/vvp-gitlab/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-gitlab/templates/deployment.yaml deleted file mode 100644 index 788724140c..0000000000 --- a/kubernetes/vvp/charts/vvp-gitlab/templates/deployment.yaml +++ /dev/null @@ -1,71 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - name: {{ .Release.Name }} - spec: - containers: - - name: {{ include "common.name" . }} - image: {{ include "common.repository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: {{ .Values.service.internalPort1 }} - - containerPort: {{ .Values.service.internalPort2 }} - securityContext: - privileged: true - volumeMounts: - - mountPath: /var/opt/gitlab - name: gitlab - subPath: var/opt/gitlab - - mountPath: /etc/gitlab - name: gitlab - subPath: etc/gitlab - - mountPath: /var/log/gitlab - name: gitlab - subPath: var/log/gitlab - - mountPath: /tmp/deploykey - name: jenkins-deploykey - env: - - name: ADMIN_PASSWORD - valueFrom: - secretKeyRef: - name: gitlab-password - key: password - - name: AUTHENTICATION_TOKEN - valueFrom: - secretKeyRef: - name: gitlab-password - key: auth-token - - name: EXTERNAL_URL - value: "http://vvp-gitlab" - volumes: - - name: gitlab - emptyDir: {} - - name: jenkins-deploykey - secret: - secretName: jenkins-deploykey - imagePullSecrets: - - name: onapkey diff --git a/kubernetes/vvp/charts/vvp-gitlab/templates/service.yaml b/kubernetes/vvp/charts/vvp-gitlab/templates/service.yaml deleted file mode 100644 index dd4a9cd33b..0000000000 --- a/kubernetes/vvp/charts/vvp-gitlab/templates/service.yaml +++ /dev/null @@ -1,30 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.internalPort1 }} - name: {{ .Values.service.portName1 }} - - port: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName2 }} - selector: - app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/charts/vvp-gitlab/values.yaml b/kubernetes/vvp/charts/vvp-gitlab/values.yaml deleted file mode 100644 index 4855c8873e..0000000000 --- a/kubernetes/vvp/charts/vvp-gitlab/values.yaml +++ /dev/null @@ -1,63 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - repository: nexus3.onap.org:10001 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: onap/vvp/gitlab:1.0.0 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: NodePort - internalPort1: 80 - internalPort2: 22 - portName1: web - portName2: ssh - -ingress: - enabled: false diff --git a/kubernetes/vvp/charts/vvp-imagescanner/Chart.yaml b/kubernetes/vvp/charts/vvp-imagescanner/Chart.yaml deleted file mode 100644 index f0b00dcf98..0000000000 --- a/kubernetes/vvp/charts/vvp-imagescanner/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: scan for validity and viruses on users files -name: vvp-imagescanner -version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-imagescanner/requirements.yaml b/kubernetes/vvp/charts/vvp-imagescanner/requirements.yaml deleted file mode 100644 index 9f44c6df28..0000000000 --- a/kubernetes/vvp/charts/vvp-imagescanner/requirements.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -dependencies: - - name: common - version: ~3.0.0 - repository: '@local' diff --git a/kubernetes/vvp/charts/vvp-imagescanner/resources/config/imagescanner/imagescannerconfig.py b/kubernetes/vvp/charts/vvp-imagescanner/resources/config/imagescanner/imagescannerconfig.py deleted file mode 100644 index 1777b13ae0..0000000000 --- a/kubernetes/vvp/charts/vvp-imagescanner/resources/config/imagescanner/imagescannerconfig.py +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import os -from pathlib import Path -from awsauth import S3Auth -# A mapping from host names to Requests Authentication Objects; see -# http://docs.python-requests.org/en/master/user/authentication/ -AUTHS = {} -if 'S3_HOST' in os.environ: - AUTHS[os.environ['S3_HOST']] = S3Auth( - os.environ['AWS_ACCESS_KEY_ID'], - os.environ['AWS_SECRET_ACCESS_KEY'], - service_url='https://%s/' % os.environ['S3_HOST'] - ) -LOGS_PATH = Path(os.environ['IMAGESCANNER_LOGS_PATH']) -STATUSFILE = LOGS_PATH/'status.txt' -# A dict passed as kwargs to jenkins.Jenkins constructor. -JENKINS = { - 'url': 'http://jenkins:8080', - 'username': 'admin', - 'password': os.environ['SECRET_JENKINS_PASSWORD'], - } diff --git a/kubernetes/vvp/charts/vvp-imagescanner/templates/configmap.yaml b/kubernetes/vvp/charts/vvp-imagescanner/templates/configmap.yaml deleted file mode 100644 index 59d60666ef..0000000000 --- a/kubernetes/vvp/charts/vvp-imagescanner/templates/configmap.yaml +++ /dev/null @@ -1,91 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: imagescanner-settings - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/imagescanner/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: slack-tokens - namespace: {{ include "common.namespace" . }} -type: Opaque -data: - notifications: "" ---- -kind: Secret -apiVersion: v1 -metadata: - name: imagescanner-ssh - namespace: {{ include "common.namespace" . }} -type: Opaque -data: - # FIXME the imagescanner really should have its own private key, but then we - # have to adjust the gitlab wrapper script to set two public keys as - # deploykeys. - id_ed25519: "LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFNd0FBQUF0emMyZ3RaVwpReU5UVXhPUUFBQUNDRDEwanpvNGlSZjF4bTYzSWxMSEpGeTVUK0FoUnVmenZLdmdpMEhwZ1RVQUFBQUpqV3dKZDkxc0NYCmZRQUFBQXR6YzJndFpXUXlOVFV4T1FBQUFDQ0QxMGp6bzRpUmYxeG02M0lsTEhKRnk1VCtBaFJ1Znp2S3ZnaTBIcGdUVUEKQUFBRUFXRktNV0xsNkZnRUJ1Zzk3MSthdE5ZQnQ4R2R1V3pDWWd0L2o5VHU0U2g0UFhTUE9qaUpGL1hHYnJjaVVzY2tYTApsUDRDRkc1L084cStDTFFlbUJOUUFBQUFFM0JoZFd4QVVHRjFiQ2R6SUUxaFl5QlFjbThCQWc9PQotLS0tLUVORCBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0K" ---- -kind: ConfigMap -apiVersion: v1 -metadata: - name: site-certificate - namespace: {{ include "common.namespace" . }} -data: - site.crt: | - -----BEGIN CERTIFICATE----- - MIIDEDCCAfgCCQDhahVKE9/eUjANBgkqhkiG9w0BAQsFADBKMRAwDgYDVQQKDAdF - eGFtcGxlMRAwDgYDVQQLDAdleGFtcGxlMSQwIgYDVQQDDBtkZXZlbG9wbWVudC52 - dnAuZXhhbXBsZS5jb20wHhcNMTcxMjI0MTUzOTA3WhcNMTgxMjI0MTUzOTA3WjBK - MRAwDgYDVQQKDAdFeGFtcGxlMRAwDgYDVQQLDAdleGFtcGxlMSQwIgYDVQQDDBtk - ZXZlbG9wbWVudC52dnAuZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB - DwAwggEKAoIBAQCkvNGXe+bdvL2kvrP2L3WABt2WCFoZ2Pn8Px0eEsRiJHVD0eWz - rgJYHFJu0C0cK9NYSKxVVI8LnKH7Ny5MFfM4Tqyr3UEOLs+fSwaAqM5tSyZU/tEK - ractA7bi9fDk2lkcs+LLuZMqGPZ37UZcZwsUQ0BONHP668LqkWqT9hNLIN4ejInr - 32WA3Y7hPNd8Cj+AaLt1x2cXYzi9hrE5l3h9ofkOpXsgDzeIHlp4jJ6kXXQf8UM5 - 1viqa2CWXHBHEG+5eftLSaeE6LAlNt5IJ6LcWEZgNtXr2es4LJC3FjXrv0gc04Cp - U2OfizpbhT11cLGaeXOq1cUCXNIb4FcJApoXAgMBAAEwDQYJKoZIhvcNAQELBQAD - ggEBAFGPDG9iurAhUKbFkY97xLA443U01bdwi7eAT5T9qo/RzOwcbuKWXVm1k5HK - CQO81nlLqLQwhI1+uTTmR41epuJxyGIaDgUySB+8fLzyRSIFaxKD+UeVPgipDNZs - h0sKSKrO6MoWzMLUYvdZRw6VIc+UpSCqPY+FKUBUHZtMpSFLnhHjRvVkiP4VvFXj - b7jQzHughzeITygws42fKK/MK7wQ6byaMVRbPbQKPAXNxd/UrSPeX+RzKRWOZ6R8 - Ulyp7dezXCP77UaTZTsxwlurPQIZNMshDxE/SbWt0Q1g28rj5KfAjoZs5Tg/gmQ8 - LLKI/b1OvKohaANGZ6We5U+ceeU= - -----END CERTIFICATE----- - wrapper.sh: | - #!/bin/sh - # This script is meant to be used as a wrapper, so that it can be easily - # used with docker or kubernetes' container command specification. - # - # Kubernetes' volumeMount creates symlinks for configMapped files at the - # target directory. - # Alpine's update-ca-certificates ignores symlinks. - # So we must contrive to copy the contents of the mounted cert (a symlink) - # into place as a normal file. - dev_cert="${0%/*}/site.crt" - echo >&2 "$0: Checking for site CA certificate at $dev_cert..." - if [ -s "$dev_cert" ]; then - echo >&2 "$0: Updating container CA certificate bundle with site certificate..." - cp -L "$dev_cert" /usr/local/share/ca-certificates/ - update-ca-certificates - else - echo >&2 "$0: No site CA certificate found." - fi - echo >&2 "$0: Launching command: $@" - exec "$@" - diff --git a/kubernetes/vvp/charts/vvp-imagescanner/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-imagescanner/templates/deployment.yaml deleted file mode 100644 index d01a7d6960..0000000000 --- a/kubernetes/vvp/charts/vvp-imagescanner/templates/deployment.yaml +++ /dev/null @@ -1,123 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - name: {{ .Release.Name }} - spec: - imagePullSecrets: - - name: onapkey - containers: - - name: imagescanner-worker - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - command: - - "sh" - - "/opt/site-certificate/wrapper.sh" - - "/usr/local/bin/imagescanner-worker" - securityContext: - privileged: true - volumeMounts: - - name: imagescanner-ssh - mountPath: /root/.ssh - - name: dev - mountPath: /dev - - name: logs - mountPath: /var/log/imagescanner - - name: imagescanner-settings - mountPath: /opt/imagescanner-settings - - name: site-certificate - mountPath: /opt/site-certificate - env: - - name: PYTHONPATH - value: /opt/imagescanner-settings - - name: S3_HOST - value: "dev-s3.vvp.example.com" - - name: S3_PORT - value: "443" - - name: AWS_ACCESS_KEY_ID - valueFrom: - secretKeyRef: {name: em-secret, key: aws_access_key_id} - - name: AWS_SECRET_ACCESS_KEY - valueFrom: - secretKeyRef: {name: em-secret, key: aws_secret_access_key} - - name: SECRET_JENKINS_PASSWORD - value: '' - - name: REQUESTS_CA_BUNDLE - value: /etc/ssl/certs/ca-certificates.crt - - - name: notifications-worker - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - command: ["/usr/local/bin/notifications-worker"] - securityContext: - privileged: true - env: - - name: SLACK_TOKEN - valueFrom: - secretKeyRef: {name: slack-tokens, key: notifications} - - name: DOMAIN - value: "dev-em.vvp.example.com" - - name: PYTHONPATH - value: /opt/imagescanner-settings - - name: SECRET_JENKINS_PASSWORD - valueFrom: - secretKeyRef: {name: em-secret, key: jenkins_admin_password} - volumeMounts: - - name: imagescanner-settings - mountPath: /opt/imagescanner-settings - - - name: imagescanner-frontend - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - command: ["/usr/local/bin/imagescanner-frontend"] - securityContext: - privileged: true - ports: - - containerPort: 80 - volumeMounts: - - name: logs - mountPath: /var/log/imagescanner - - name: imagescanner-settings - mountPath: /opt/imagescanner-settings - env: - - name: DEFAULT_SLACK_CHANNEL - value: "#notifications" - - name: SECRET_JENKINS_PASSWORD - value: '' - - volumes: - - name: imagescanner-ssh - secret: - secretName: imagescanner-ssh - defaultMode: 0600 - - name: dev - hostPath: - path: /dev - - name: logs - emptyDir: {} - - name: imagescanner-settings - configMap: - name: imagescanner-settings - - name: site-certificate - configMap: - name: site-certificate diff --git a/kubernetes/vvp/charts/vvp-imagescanner/templates/service.yaml b/kubernetes/vvp/charts/vvp-imagescanner/templates/service.yaml deleted file mode 100644 index a4260013a4..0000000000 --- a/kubernetes/vvp/charts/vvp-imagescanner/templates/service.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName | default "http" }} - selector: - app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/charts/vvp-imagescanner/values.yaml b/kubernetes/vvp/charts/vvp-imagescanner/values.yaml deleted file mode 100644 index ed62413c4f..0000000000 --- a/kubernetes/vvp/charts/vvp-imagescanner/values.yaml +++ /dev/null @@ -1,61 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - repository: nexus3.onap.org:10001 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: onap/vvp/image-scanner:1.0.0 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: ClusterIP - internalPort: 80 - portName: web - -ingress: - enabled: false diff --git a/kubernetes/vvp/charts/vvp-int-haproxy/Chart.yaml b/kubernetes/vvp/charts/vvp-int-haproxy/Chart.yaml deleted file mode 100644 index b2a1de80ad..0000000000 --- a/kubernetes/vvp/charts/vvp-int-haproxy/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: load balancer for internal (container to container) transport -name: vvp-int-haproxy -version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-int-haproxy/resources/config/int-haproxy-cfg/file b/kubernetes/vvp/charts/vvp-int-haproxy/resources/config/int-haproxy-cfg/file deleted file mode 100644 index d497ba48b6..0000000000 --- a/kubernetes/vvp/charts/vvp-int-haproxy/resources/config/int-haproxy-cfg/file +++ /dev/null @@ -1,88 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -resolvers dns - nameserver pod_dns "10.3.0.10:53" - resolve_retries 3 - timeout retry 1s - hold valid 30s - -defaults - mode http - timeout connect 5000ms - timeout client 50000ms - timeout server 50000ms - option httpclose - option redispatch - option abortonclose - option httplog - option dontlognull - default-server init-addr last,libc,none - -backend gitlab_web_backend - mode http - server gitlab_web_1 vvp-gitlab:80 resolvers dns - -frontend gitlab_web - mode http - bind 0.0.0.0:80 - - acl is_scanner path_beg /imagescanner - acl is_em_admin hdr_beg(host) em. staging-em. dev-em. - acl is_cms hdr_beg(host) cms. staging-cms. dev-cms. - acl is_ci_admin hdr_beg(host) staging-ci. dev-ci. - acl is_s3 hdr_beg(host) s3. staging-s3. dev-s3. - - use_backend imagescanner if is_em_admin is_scanner - use_backend cms if is_cms - use_backend api if is_em_admin - use_backend ci if is_ci_admin - use_backend s3 if is_s3 - - default_backend gitlab_web_backend - -backend s3 - mode http - balance roundrobin - server ceph-01 10.252.0.21:8080 - -backend cms - mode http - server cms_server vvp-cms-uwsgi:80 resolvers dns - -backend api - mode http - server engagement_manager vvp-em-uwsgi:80 resolvers dns - -backend ci - mode http - server ci_test vvp-ci-uwsgi:8282 resolvers dns - -listen jenkins - bind 0.0.0.0:8080 - server jenkins vvp-jenkins:8080 resolvers dns - -backend imagescanner - mode http - server imagescanner vvp-imagescanner:80 resolvers dns - -listen stats - bind 0.0.0.0:9000 - mode http - stats enable # Enable stats page - stats realm Haproxy\ Statistics - stats uri /haproxy_stats - stats auth "${HAPROXY_USER}:${HAPROXY_PASS}" - acl network_allowed src 10.252.0.0/16 127.0.0.1/32 10.2.0.0/16 - block if !network_allowed diff --git a/kubernetes/vvp/charts/vvp-int-haproxy/templates/configmap.yaml b/kubernetes/vvp/charts/vvp-int-haproxy/templates/configmap.yaml deleted file mode 100644 index 255f8f9e78..0000000000 --- a/kubernetes/vvp/charts/vvp-int-haproxy/templates/configmap.yaml +++ /dev/null @@ -1,21 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-cfg - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/int-haproxy-cfg/*").AsConfig . | indent 2 }} diff --git a/kubernetes/vvp/charts/vvp-int-haproxy/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-int-haproxy/templates/deployment.yaml deleted file mode 100644 index 7c7db4ccbb..0000000000 --- a/kubernetes/vvp/charts/vvp-int-haproxy/templates/deployment.yaml +++ /dev/null @@ -1,60 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - name: {{ .Release.Name }} - spec: - imagePullSecrets: - - name: onapkey - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: 80 - - containerPort: 8080 - - containerPort: 9000 - env: - - name: HAPROXY_USER - valueFrom: - secretKeyRef: - name: haproxy-auth - key: user - - name: HAPROXY_PASS - valueFrom: - secretKeyRef: - name: haproxy-auth - key: pass - volumeMounts: - - mountPath: /usr/local/etc/haproxy/ - name: int-haproxy-cfg - volumes: - - name: int-haproxy-cfg - configMap: - name: {{ include "common.fullname" . }}-cfg - items: - - key: file - path: haproxy.cfg diff --git a/kubernetes/vvp/charts/vvp-int-haproxy/templates/service.yaml b/kubernetes/vvp/charts/vvp-int-haproxy/templates/service.yaml deleted file mode 100644 index 1f8fa2cd64..0000000000 --- a/kubernetes/vvp/charts/vvp-int-haproxy/templates/service.yaml +++ /dev/null @@ -1,32 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.internalPort1 }} - name: {{ .Values.service.portName1 }} - - port: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName2 }} - - port: {{ .Values.service.internalPort3 }} - name: {{ .Values.service.portName3 }} - selector: - app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/charts/vvp-int-haproxy/values.yaml b/kubernetes/vvp/charts/vvp-int-haproxy/values.yaml deleted file mode 100644 index 8a304b4cf5..0000000000 --- a/kubernetes/vvp/charts/vvp-int-haproxy/values.yaml +++ /dev/null @@ -1,61 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - repository: nexus3.onap.org:10001 - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: docker.io -image: haproxy:1.7.2-alpine -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: NodePort - portName1: web - internalPort1: 80 - portName2: jenkins - internalPort2: 8080 - portName3: stats - internalPort3: 9000 - -ingress: - enabled: false diff --git a/kubernetes/vvp/charts/vvp-jenkins/Chart.yaml b/kubernetes/vvp/charts/vvp-jenkins/Chart.yaml deleted file mode 100644 index 190312fcb0..0000000000 --- a/kubernetes/vvp/charts/vvp-jenkins/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: run validation tasks -name: vvp-jenkins -version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-jenkins/requirements.yaml b/kubernetes/vvp/charts/vvp-jenkins/requirements.yaml deleted file mode 100644 index 9f44c6df28..0000000000 --- a/kubernetes/vvp/charts/vvp-jenkins/requirements.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -dependencies: - - name: common - version: ~3.0.0 - repository: '@local' diff --git a/kubernetes/vvp/charts/vvp-jenkins/templates/configmap.yaml b/kubernetes/vvp/charts/vvp-jenkins/templates/configmap.yaml deleted file mode 100644 index ba58c32eab..0000000000 --- a/kubernetes/vvp/charts/vvp-jenkins/templates/configmap.yaml +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: Secret -apiVersion: v1 -metadata: - name: jenkins-users-admin - namespace: {{ include "common.namespace" . }} -type: Opaque -data: - config.xml: "PD94bWwgdmVyc2lvbj0nMS4wJyBlbmNvZGluZz0nVVRGLTgnPz4KPHVzZXI+CiAgPGZ1bGxOYW1lPmFkbWluPC9mdWxsTmFtZT4KICA8ZGVzY3JpcHRpb24+PC9kZXNjcmlwdGlvbj4KICA8cHJvcGVydGllcz4KICAgIDxodWRzb24uc2VjdXJpdHkuSHVkc29uUHJpdmF0ZVNlY3VyaXR5UmVhbG1fLURldGFpbHM+CiAgICAgIDxwYXNzd29yZEhhc2g+I2piY3J5cHQ6JDJhJDEwJERyaXVLdThPcTdpaWhtdi80bzlKOHV6cmg2QlVBaUtuejMuM21EMXBDb2dzUHJnOW42M1pXPC9wYXNzd29yZEhhc2g+CiAgICA8L2h1ZHNvbi5zZWN1cml0eS5IdWRzb25Qcml2YXRlU2VjdXJpdHlSZWFsbV8tRGV0YWlscz4KICA8L3Byb3BlcnRpZXM+CjwvdXNlcj4K" ---- -kind: Secret -apiVersion: v1 -metadata: - name: jenkins-ssh - namespace: {{ include "common.namespace" . }} -type: Opaque -data: - # .ssh/config isn't really a secret, but it's the easiest way to get it into - # the same directory as the key - config: "SG9zdCAqClVzZXJLbm93bkhvc3RzRmlsZSAvZGV2L251bGwKU3RyaWN0SG9zdEtleUNoZWNraW5nIG5vCklkZW50aXR5RmlsZSAiL3Zhci9qZW5raW5zX2hvbWUvLnNzaC9pZF9lZDI1NTE5Igo=" - id_ed25519: "LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFNd0FBQUF0emMyZ3RaVwpReU5UVXhPUUFBQUNDRDEwanpvNGlSZjF4bTYzSWxMSEpGeTVUK0FoUnVmenZLdmdpMEhwZ1RVQUFBQUpqV3dKZDkxc0NYCmZRQUFBQXR6YzJndFpXUXlOVFV4T1FBQUFDQ0QxMGp6bzRpUmYxeG02M0lsTEhKRnk1VCtBaFJ1Znp2S3ZnaTBIcGdUVUEKQUFBRUFXRktNV0xsNkZnRUJ1Zzk3MSthdE5ZQnQ4R2R1V3pDWWd0L2o5VHU0U2g0UFhTUE9qaUpGL1hHYnJjaVVzY2tYTApsUDRDRkc1L084cStDTFFlbUJOUUFBQUFFM0JoZFd4QVVHRjFiQ2R6SUUxaFl5QlFjbThCQWc9PQotLS0tLUVORCBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0K" diff --git a/kubernetes/vvp/charts/vvp-jenkins/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-jenkins/templates/deployment.yaml deleted file mode 100644 index e0b0a3c5fe..0000000000 --- a/kubernetes/vvp/charts/vvp-jenkins/templates/deployment.yaml +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - name: {{ .Release.Name }} - spec: - imagePullSecrets: - - name: onapkey - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - ports: - - containerPort: 8080 - volumeMounts: - - name: jenkins-home - mountPath: /var/jenkins_home - - name: jenkins-users-admin - mountPath: /var/jenkins_home/users/admin - - name: jenkins-ssh - mountPath: /var/jenkins_home/.ssh - volumes: - - name: jenkins-home - emptyDir: {} - - name: jenkins-users-admin - secret: - secretName: jenkins-users-admin - - name: jenkins-ssh - secret: - secretName: jenkins-ssh - diff --git a/kubernetes/vvp/charts/vvp-jenkins/templates/service.yaml b/kubernetes/vvp/charts/vvp-jenkins/templates/service.yaml deleted file mode 100644 index a4260013a4..0000000000 --- a/kubernetes/vvp/charts/vvp-jenkins/templates/service.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName | default "http" }} - selector: - app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/charts/vvp-jenkins/values.yaml b/kubernetes/vvp/charts/vvp-jenkins/values.yaml deleted file mode 100644 index 083f88a663..0000000000 --- a/kubernetes/vvp/charts/vvp-jenkins/values.yaml +++ /dev/null @@ -1,61 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - repository: nexus3.onap.org:10001 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: onap/vvp/jenkins:1.0.0 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: NodePort - internalPort: 8080 - portName: jenkins - -ingress: - enabled: false diff --git a/kubernetes/vvp/charts/vvp-postgres/Chart.yaml b/kubernetes/vvp/charts/vvp-postgres/Chart.yaml deleted file mode 100644 index 3f4811b7c4..0000000000 --- a/kubernetes/vvp/charts/vvp-postgres/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: store all data of engagement manager -name: vvp-postgres -version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-postgres/resources/config/postgres/conf/postgresql.conf b/kubernetes/vvp/charts/vvp-postgres/resources/config/postgres/conf/postgresql.conf deleted file mode 100644 index 46dec02e65..0000000000 --- a/kubernetes/vvp/charts/vvp-postgres/resources/config/postgres/conf/postgresql.conf +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# -# initdb defaults -# -listen_addresses = '*' # what IP address(es) to listen on; -max_connections = 100 # (change requires restart) -shared_buffers = 32MB # min 128kB -datestyle = 'iso, mdy' -lc_messages = 'en_US.UTF-8' # locale for system error message -lc_monetary = 'en_US.UTF-8' # locale for monetary formatting -lc_numeric = 'en_US.UTF-8' # locale for number formatting -lc_time = 'en_US.UTF-8' # locale for time formatting -default_text_search_config = 'pg_catalog.english' -log_line_prefix = 'user=%u,db=%d ' -# -# our customizations -# -dynamic_shared_memory_type = posix -log_timezone = 'UTC' -timezone = 'UTC' diff --git a/kubernetes/vvp/charts/vvp-postgres/resources/config/postgres/init/cms_db.sh b/kubernetes/vvp/charts/vvp-postgres/resources/config/postgres/init/cms_db.sh deleted file mode 100644 index c2a1f6b6f7..0000000000 --- a/kubernetes/vvp/charts/vvp-postgres/resources/config/postgres/init/cms_db.sh +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# sourced, not executed, by docker-entrypoint.sh (/bin/bash) - -# defaults -: ${ICE_CMS_DB_USER:="icecmsuser"} -: ${ICE_CMS_DB_NAME:="icecmsdb"} -: ${ICE_CMS_DB_PASSWORD:="na"} - -psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<- EOF - CREATE USER ${ICE_CMS_DB_USER} WITH CREATEDB PASSWORD '${ICE_CMS_DB_PASSWORD}'; - CREATE DATABASE ${ICE_CMS_DB_NAME} WITH OWNER ${ICE_CMS_DB_USER} ENCODING 'utf-8'; -EOF diff --git a/kubernetes/vvp/charts/vvp-postgres/resources/config/postgres/init/link_postgresql.sh b/kubernetes/vvp/charts/vvp-postgres/resources/config/postgres/init/link_postgresql.sh deleted file mode 100644 index 9ca36a141e..0000000000 --- a/kubernetes/vvp/charts/vvp-postgres/resources/config/postgres/init/link_postgresql.sh +++ /dev/null @@ -1,16 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# sourced, not executed, by docker-entrypoint.sh (/bin/bash) -ln -sf /etc/postgresql/conf.d/postgresql.conf "${PGDATA}"/postgresql.conf diff --git a/kubernetes/vvp/charts/vvp-postgres/templates/configmap.yaml b/kubernetes/vvp/charts/vvp-postgres/templates/configmap.yaml deleted file mode 100644 index e5773f6e3f..0000000000 --- a/kubernetes/vvp/charts/vvp-postgres/templates/configmap.yaml +++ /dev/null @@ -1,29 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: postgresql-conf - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/postgres/conf/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: postgresql-initdb - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/postgres/init/*").AsConfig . | indent 2 }} diff --git a/kubernetes/vvp/charts/vvp-postgres/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-postgres/templates/deployment.yaml deleted file mode 100644 index f02bcf0e44..0000000000 --- a/kubernetes/vvp/charts/vvp-postgres/templates/deployment.yaml +++ /dev/null @@ -1,72 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - name: {{ .Release.Name }} - spec: - imagePullSecrets: - - name: onapkey - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - ports: - - containerPort: 5432 - volumeMounts: - - mountPath: /var/lib/postgresql/data - name: postgresql-data - - mountPath: /etc/postgresql/conf.d/ - name: postgresql-conf - - mountPath: /docker-entrypoint-initdb.d/ - name: postgresql-initdb - env: - - name: POSTGRES_DB - value: icedb - - name: ICE_CMS_DB_NAME - value: icecmsdb - - name: POSTGRES_USER - value: em_postgresuser - - name: ICE_CMS_DB_USER - value: cms_postgresuser - - name: ICE_CMS_DB_PASSWORD - valueFrom: - secretKeyRef: - name: postgresql-passwords - key: cmsPassword - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: postgresql-passwords - key: emPassword - volumes: - - name: postgresql-data - emptyDir: {} - - name: postgresql-conf - configMap: - name: postgresql-conf - - name: postgresql-initdb - configMap: - name: postgresql-initdb diff --git a/kubernetes/vvp/charts/vvp-postgres/templates/service.yaml b/kubernetes/vvp/charts/vvp-postgres/templates/service.yaml deleted file mode 100644 index a4260013a4..0000000000 --- a/kubernetes/vvp/charts/vvp-postgres/templates/service.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName | default "http" }} - selector: - app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/charts/vvp-postgres/values.yaml b/kubernetes/vvp/charts/vvp-postgres/values.yaml deleted file mode 100644 index 000c049522..0000000000 --- a/kubernetes/vvp/charts/vvp-postgres/values.yaml +++ /dev/null @@ -1,63 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - repository: nexus3.onap.org:10001 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: onap/vvp/postgresql:1.0.0 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: ClusterIP - name: vvp-postgres - portName: vvp-postgres - internalPort: 5432 - externalPort: 5432 - -ingress: - enabled: false diff --git a/kubernetes/vvp/charts/vvp-redis/Chart.yaml b/kubernetes/vvp/charts/vvp-redis/Chart.yaml deleted file mode 100644 index 4147dd265f..0000000000 --- a/kubernetes/vvp/charts/vvp-redis/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: in memory key-value store for all project -name: vvp-redis -version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-redis/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-redis/templates/deployment.yaml deleted file mode 100644 index ee84c8b154..0000000000 --- a/kubernetes/vvp/charts/vvp-redis/templates/deployment.yaml +++ /dev/null @@ -1,41 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ include "common.name" . }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - name: {{ include "common.name" . }} - spec: - hostname: {{ include "common.name" . }} - containers: - - args: - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/vvp/charts/vvp-redis/values.yaml b/kubernetes/vvp/charts/vvp-redis/values.yaml deleted file mode 100644 index 2eddd512da..0000000000 --- a/kubernetes/vvp/charts/vvp-redis/values.yaml +++ /dev/null @@ -1,63 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - repository: nexus3.onap.org:10001 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: docker.io -image: redis:alpine -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: ClusterIP - name: vvp-redis - portName: vvp-redis - internalPort: 6379 - externalPort: 6379 - -ingress: - enabled: false diff --git a/kubernetes/vvp/requirements.yaml b/kubernetes/vvp/requirements.yaml deleted file mode 100644 index 9f44c6df28..0000000000 --- a/kubernetes/vvp/requirements.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -dependencies: - - name: common - version: ~3.0.0 - repository: '@local' diff --git a/kubernetes/vvp/resources/config/vvp/file b/kubernetes/vvp/resources/config/vvp/file deleted file mode 100644 index 3acdcd8673..0000000000 --- a/kubernetes/vvp/resources/config/vvp/file +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -pid /nginx.pid; -error_log /dev/stdout warn; - -http { - access_log /dev/stdout; - server { - listen 0.0.0.0:8181; - - location / { - include /etc/nginx/mime.types; - root /usr/share/nginx/html/; - } - - } -} - -events { - worker_connections 4096; -} diff --git a/kubernetes/vvp/resources/config/vvp/service_provider.json b/kubernetes/vvp/resources/config/vvp/service_provider.json deleted file mode 100644 index bcdbbc65fe..0000000000 --- a/kubernetes/vvp/resources/config/vvp/service_provider.json +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -{ - "serviceProvider": { - "name": "NA" - }, - "program": { - "name": "VVP" - } -} diff --git a/kubernetes/vvp/templates/configmap.yaml b/kubernetes/vvp/templates/configmap.yaml deleted file mode 100644 index 0c3eacdad2..0000000000 --- a/kubernetes/vvp/templates/configmap.yaml +++ /dev/null @@ -1,90 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: portal-nginx-config - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/vvp/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: onapkey -data: - .dockercfg: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOiB7InVzZXJuYW1lIjogImRvY2tlciIsICJwYXNzd29yZCI6ICJkb2NrZXIiLCAiZW1haWwiOiAiZW1haWxAZW1haWwuY29tIn19 -type: kubernetes.io/dockercfg ---- -apiVersion: v1 -kind: Secret -metadata: - name: em-secret -type: Opaque -data: - key: "IzkxZV9fdzNrPTc4MUB5KGVfIzZodTZ0JmgyNTQjdSkmYmorbTl0aHglayE2XiowNnI=" - em_webhook_token: "QWlwN29oeDFlaUhhZXNob2g5c2hhaWx1OWVleDd0aGE=" - gitlab_admin_password: "YW82aWo2d29oV2VpcXU0ZQ==" - jenkins_admin_password: "a29peWVCYWlUaDNrYWlOZw==" - cms_app_client_id: "RWVCNFhlaW1vb2M2eGllU2VlS2FoOGRhZTFlaXBhZTRvdGFlc2hlZQ==" - cms_app_client_secret: "aGFpTW9vcGllWmVlMXdlaTNsZWY0Z2FleWlhMnZhaHdvaHRoMG1haWQ5aXRoMnBoZWVzaGFpdGh1VG9vcjJKb2hzaGVpNWJhZXk3RWlxdWFldGhlaWI4cXVhaXF1ZWU3cGhpYXRoN2V1YjJhaU5haWMzb3U5dmFpemViZWlGNXU=" - slack_api_token: "" - aws_access_key_id: "MlpCMTlVOUQ4SzZYVkpHNzVWWDA=" - aws_secret_access_key: "N3hWV2Vxc0xJb3RLT3VhMHh2aGFwSXNDdDFWVTB4Nk0yRTRmVFJLTw==" ---- -kind: Secret -apiVersion: v1 -metadata: - name: email-secret -type: Opaque -data: - password: "RVhBTVBMRQ==" ---- -kind: Secret -apiVersion: v1 -metadata: - name: site-crt -type: Opaque -data: - # the public part of the certificate, not actually a secret. - site.crt: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURFRENDQWZnQ0NRRGhhaFZLRTkvZVVqQU5CZ2txaGtpRzl3MEJBUXNGQURCS01SQXdEZ1lEVlFRS0RBZEYKZUdGdGNHeGxNUkF3RGdZRFZRUUxEQWRsZUdGdGNHeGxNU1F3SWdZRFZRUUREQnRrWlhabGJHOXdiV1Z1ZEM1MgpkbkF1WlhoaGJYQnNaUzVqYjIwd0hoY05NVGN4TWpJME1UVXpPVEEzV2hjTk1UZ3hNakkwTVRVek9UQTNXakJLCk1SQXdEZ1lEVlFRS0RBZEZlR0Z0Y0d4bE1SQXdEZ1lEVlFRTERBZGxlR0Z0Y0d4bE1TUXdJZ1lEVlFRRERCdGsKWlhabGJHOXdiV1Z1ZEM1MmRuQXVaWGhoYlhCc1pTNWpiMjB3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQgpEd0F3Z2dFS0FvSUJBUUNrdk5HWGUrYmR2TDJrdnJQMkwzV0FCdDJXQ0ZvWjJQbjhQeDBlRXNSaUpIVkQwZVd6CnJnSllIRkp1MEMwY0s5TllTS3hWVkk4TG5LSDdOeTVNRmZNNFRxeXIzVUVPTHMrZlN3YUFxTTV0U3laVS90RUsKcmFjdEE3Ymk5ZkRrMmxrY3MrTEx1Wk1xR1BaMzdVWmNad3NVUTBCT05IUDY2OExxa1dxVDloTkxJTjRlaklucgozMldBM1k3aFBOZDhDaitBYUx0MXgyY1hZemk5aHJFNWwzaDlvZmtPcFhzZ0R6ZUlIbHA0ako2a1hYUWY4VU01CjF2aXFhMkNXWEhCSEVHKzVlZnRMU2FlRTZMQWxOdDVJSjZMY1dFWmdOdFhyMmVzNExKQzNGalhydjBnYzA0Q3AKVTJPZml6cGJoVDExY0xHYWVYT3ExY1VDWE5JYjRGY0pBcG9YQWdNQkFBRXdEUVlKS29aSWh2Y05BUUVMQlFBRApnZ0VCQUZHUERHOWl1ckFoVUtiRmtZOTd4TEE0NDNVMDFiZHdpN2VBVDVUOXFvL1J6T3djYnVLV1hWbTFrNUhLCkNRTzgxbmxMcUxRd2hJMSt1VFRtUjQxZXB1Snh5R0lhRGdVeVNCKzhmTHp5UlNJRmF4S0QrVWVWUGdpcEROWnMKaDBzS1NLck82TW9Xek1MVVl2ZFpSdzZWSWMrVXBTQ3FQWStGS1VCVUhadE1wU0ZMbmhIalJ2VmtpUDRWdkZYagpiN2pRekh1Z2h6ZUlUeWd3czQyZktLL01LN3dRNmJ5YU1WUmJQYlFLUEFYTnhkL1VyU1BlWCtSektSV09aNlI4ClVseXA3ZGV6WENQNzdVYVRaVHN4d2x1clBRSVpOTXNoRHhFL1NiV3QwUTFnMjhyajVLZkFqb1pzNVRnL2dtUTgKTExLSS9iMU92S29oYUFOR1o2V2U1VStjZWVVPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==" ---- -piVersion: v1 -kind: Secret -metadata: - name: postgresql-passwords -type: Opaque -data: - emPassword: "ZW1fcG9zdGdyZXNwYXNz" - cmsPassword: "Y21zX3Bvc3RncmVzcGFzcw==" - ciPassword: "Y2lkYnBhc3M=" ---- -kind: Secret -apiVersion: v1 -metadata: - name: site-pem -type: Opaque -data: - site.pem: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURFRENDQWZnQ0NRRGhhaFZLRTkvZVVqQU5CZ2txaGtpRzl3MEJBUXNGQURCS01SQXdEZ1lEVlFRS0RBZEYKZUdGdGNHeGxNUkF3RGdZRFZRUUxEQWRsZUdGdGNHeGxNU1F3SWdZRFZRUUREQnRrWlhabGJHOXdiV1Z1ZEM1MgpkbkF1WlhoaGJYQnNaUzVqYjIwd0hoY05NVGN4TWpJME1UVXpPVEEzV2hjTk1UZ3hNakkwTVRVek9UQTNXakJLCk1SQXdEZ1lEVlFRS0RBZEZlR0Z0Y0d4bE1SQXdEZ1lEVlFRTERBZGxlR0Z0Y0d4bE1TUXdJZ1lEVlFRRERCdGsKWlhabGJHOXdiV1Z1ZEM1MmRuQXVaWGhoYlhCc1pTNWpiMjB3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQgpEd0F3Z2dFS0FvSUJBUUNrdk5HWGUrYmR2TDJrdnJQMkwzV0FCdDJXQ0ZvWjJQbjhQeDBlRXNSaUpIVkQwZVd6CnJnSllIRkp1MEMwY0s5TllTS3hWVkk4TG5LSDdOeTVNRmZNNFRxeXIzVUVPTHMrZlN3YUFxTTV0U3laVS90RUsKcmFjdEE3Ymk5ZkRrMmxrY3MrTEx1Wk1xR1BaMzdVWmNad3NVUTBCT05IUDY2OExxa1dxVDloTkxJTjRlaklucgozMldBM1k3aFBOZDhDaitBYUx0MXgyY1hZemk5aHJFNWwzaDlvZmtPcFhzZ0R6ZUlIbHA0ako2a1hYUWY4VU01CjF2aXFhMkNXWEhCSEVHKzVlZnRMU2FlRTZMQWxOdDVJSjZMY1dFWmdOdFhyMmVzNExKQzNGalhydjBnYzA0Q3AKVTJPZml6cGJoVDExY0xHYWVYT3ExY1VDWE5JYjRGY0pBcG9YQWdNQkFBRXdEUVlKS29aSWh2Y05BUUVMQlFBRApnZ0VCQUZHUERHOWl1ckFoVUtiRmtZOTd4TEE0NDNVMDFiZHdpN2VBVDVUOXFvL1J6T3djYnVLV1hWbTFrNUhLCkNRTzgxbmxMcUxRd2hJMSt1VFRtUjQxZXB1Snh5R0lhRGdVeVNCKzhmTHp5UlNJRmF4S0QrVWVWUGdpcEROWnMKaDBzS1NLck82TW9Xek1MVVl2ZFpSdzZWSWMrVXBTQ3FQWStGS1VCVUhadE1wU0ZMbmhIalJ2VmtpUDRWdkZYagpiN2pRekh1Z2h6ZUlUeWd3czQyZktLL01LN3dRNmJ5YU1WUmJQYlFLUEFYTnhkL1VyU1BlWCtSektSV09aNlI4ClVseXA3ZGV6WENQNzdVYVRaVHN4d2x1clBRSVpOTXNoRHhFL1NiV3QwUTFnMjhyajVLZkFqb1pzNVRnL2dtUTgKTExLSS9iMU92S29oYUFOR1o2V2U1VStjZWVVPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCgotLS0tLUJFR0lOIFBSSVZBVEUgS0VZLS0tLS0KTUlJRXZRSUJBREFOQmdrcWhraUc5dzBCQVFFRkFBU0NCS2N3Z2dTakFnRUFBb0lCQVFDa3ZOR1hlK2Jkdkwyawp2clAyTDNXQUJ0MldDRm9aMlBuOFB4MGVFc1JpSkhWRDBlV3pyZ0pZSEZKdTBDMGNLOU5ZU0t4VlZJOExuS0g3Ck55NU1GZk00VHF5cjNVRU9McytmU3dhQXFNNXRTeVpVL3RFS3JhY3RBN2JpOWZEazJsa2NzK0xMdVpNcUdQWjMKN1VaY1p3c1VRMEJPTkhQNjY4THFrV3FUOWhOTElONGVqSW5yMzJXQTNZN2hQTmQ4Q2orQWFMdDF4MmNYWXppOQpockU1bDNoOW9ma09wWHNnRHplSUhscDRqSjZrWFhRZjhVTTUxdmlxYTJDV1hIQkhFRys1ZWZ0TFNhZUU2TEFsCk50NUlKNkxjV0VaZ050WHIyZXM0TEpDM0ZqWHJ2MGdjMDRDcFUyT2ZpenBiaFQxMWNMR2FlWE9xMWNVQ1hOSWIKNEZjSkFwb1hBZ01CQUFFQ2dnRUFmaXVua3cvd2FBK3daOGN2YWZRN1dBenFGWWpjQ1VQbllzeXI3bWFOUm1XSgo4cUdGL2pIZDFjSUxXSmZVbE9qeiszL2RqWlV2NGNMYlJONmtkTjJ5NUlOTk9HeEM4U3ZsRkttUGwyYXlnMzYxCkl3L3U1dkROUTJxKzNlRmoyTU5xME5MdGR2N3d1YU5ZMGMxR3dHcWpUNmVhVHN0WnNPcDA1TmJ1KzlmU093ejgKcHJFOUVxU2FpbHBjMFpIMDNUb0JDY1ZpTFBRN0RDeWkzd0QvTHFaWXlqbnNKdnBWVjFGV2paTWRNQjVCTHlQNQp2Wkg5Qk1iQ0Eva2YrUDVYVjBtUU9rcWk3OVN0bEhHc21id3A5YzVEUnZiUHZ3TWdsdUpqVDRRNXZldXNtY1ozClF4ZGpXVVpLeXZUU2w2QmFVV0tmSkxhMGhPWHR1UXB5VHhhMDY3S1RNUUtCZ1FEU2tTUXM4aGhnYVhMQVJDMWUKcWwxK29ZNVNjckxVb3dBbHJoNXYxRjlzcTAyNEkrRXRPa3dUZHZkbDNTQjg0bmhyRDVZQ2JhcXlWRi9uNFRaQQpoMnZkUHVsZ3pOT0FPQUh5bjQyanpuQm5kcWtqaXQrdUhOUVBWVjA3bzVwaDk1N05DT25XNFFPZ01IeFhrbDRzCllROTlVYkJmTmdwTC9PY0NUOWhFbnl3d3pRS0JnUURJU0QvV2poMFZ3Nmd0VXlUcjFUMlQ0S3FzS09HTXNIZ1gKbWVqRkJnQVpoeTNSQTRxSnBLWkdPOWUyK0VvMWRSN1ErVjIzOXhaVy9WdEZDcmdLYUNENm9EWFFQM0grcC93VgpvRXozbDJoMWRrSmxYSVd1Z1ZUY05uOGNHeU1TUi9BMUEycFVQNkMwRTJqSTFXWURpT2VQdnFSVTZpczE4dGYwCkNwMjdnNU5tY3dLQmdGSEUvMUZjNms1MlpKTjVaa3oreDdQbk5RZWJkd3JRQ2J5WU0wV21LVEJnRFp4V2dwazMKckZkYXVaUWJIUVNpUmJUOXBubG04UVN6YzFMdXlFeWl5aVp1eWQ1SGJGSzhiVFUwOUtJS0J1aUcwZ1AxYUF1TApNbWFKOWR5MUdieTFsanQxSEtuUFU4TWZVUW9JMHYxVTY5ajBvaE0zUHlSbkg2WnNMMFhtc2hoNUFvR0FZT0tLCmR5a0NLdUFlUCtiRHFvM2FIdW9FeGdsMHFwRkhWdXR1TGJrc1hTMEdYZURmcUp3TWoxY3RqK1ptUjV2amoyWEMKRDFjbzZHWGhPL0htZTZwSm9kUFVsR3ZNb2tyeTZDZEdkRk03QmU5eVNRUkw2dEhIa2t1T2k3TVk4U1A1c0R0NQp1VTJhV09JMncwaHY4Ky9MVEw4RlVjcUJvclJhQVVVTmJvTkV6NzhDZ1lFQXF0bXI0YmJYeWRnNFpFckY5c2ZWCkh4NUhZdDQweU1QajJrR3hSWm9uQXYvaXBwaHpCNFRXZmZFckdCNlgvdzNnUWpla2Z6S2pFNU5rSGVvMytEQisKbzFqc1BySXhrcFlYSzAydlNWN3RZdnlaczBBWGlGcm5sZFBkSzlhNHRtWHhhZEQwZm1OSkxmU0hwd0tVNXdQagpOR2UzUG5rT1pMUlQ4MHVPWkVpMUx4Zz0KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo=" ---- -apiVersion: v1 -kind: Secret -metadata: - name: haproxy-auth -type: Opaque -data: - user: "aGFwcm94eXVzZXI=" - pass: "aGFwcm94eXBhc3M=" - diff --git a/kubernetes/vvp/templates/deployment.yaml b/kubernetes/vvp/templates/deployment.yaml deleted file mode 100644 index c0b0f5882f..0000000000 --- a/kubernetes/vvp/templates/deployment.yaml +++ /dev/null @@ -1,50 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - name: {{ .Release.Name }} - spec: - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /tmp/ - name: portal-nginx-config - ports: - - containerPort: {{ .Values.service.internalPort }} - command: ["nginx", "-g", "daemon off;", "-c", "/tmp/nginx.conf"] - volumes: - - name: portal-nginx-config - configMap: - name: portal-nginx-config - items: - - key: file - path: nginx.conf - - key: service_provider.json - path: service_provider.json - imagePullSecrets: - - name: onapkey diff --git a/kubernetes/vvp/templates/service.yaml b/kubernetes/vvp/templates/service.yaml deleted file mode 100644 index 4f5287c608..0000000000 --- a/kubernetes/vvp/templates/service.yaml +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - targetPort: {{ .Values.service.internalPort }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - {{- end}} - name: {{ .Values.service.portName | default "http" }} - selector: - app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/values.yaml b/kubernetes/vvp/values.yaml deleted file mode 100644 index 740811e8c0..0000000000 --- a/kubernetes/vvp/values.yaml +++ /dev/null @@ -1,61 +0,0 @@ -# Copyright © 2018 Amdocs, AT&T, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - repository: nexus3.onap.org:10001 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: onap/vvp/portal:1.0.0 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: ClusterIP - internalPort: 8181 - externalPort: 8181 - -ingress: - enabled: false |