Age | Commit message (Collapse) | Author | Files | Lines |
|
Use common secrete template in so-mariadb component.
For now passwords are stil hardcoded but this will be removed in
further commits.
Issue-ID: OOM-2328
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I70b13b14d0ddad8913f45c7cabed0c0d221d0005
|
|
|
|
|
|
|
|
Change-Id: I7a37ab9a69fdb3232f68b908ea97a788fbab55a1
Signed-off-by: efiacor <fiachra.corcoran@est.tech>
Issue-ID: DMAAP-1404
|
|
|
|
SO adds some annotations to one of its secres so let's extend the
common secret template with the ability to add annotations.
Issue-ID: OOM-2328
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I4c33d87724b2296852d62e2ddf9061ff4e235157
|
|
* Update kubernetes/robot from branch 'master'
to c854b484ebbd5e0c1be1e6a032a79beeb4cab6ff
- Removing http for DMaaP DR
Signed-off-by: efiacor <fiachra.corcoran@est.tech>
Issue-ID: DMAAP-1400
Change-Id: Ifd0502283d4efe0c14aeb1e77bfa85779596cfec
|
|
|
|
cds-blueprints-processor-http"
|
|
Current service and headlessService templates doesn't handle the fact
that out of cluster ports must be TLS encrypted only.
With a new (backward compatible) DSL, this is now possible.
In values.yaml, all ports in service part with port AND plain_port will
have the ability to be HTTP or HTTPS depending on the context.
Per default, they'll be HTTPS.
TLS choice will be done according this table:
| tlsOverride | global.tlsEnabled | global.serviceMesh.enabled | global.serviceMesh.tls | result |
|-------------|-------------------|----------------------------|------------------------|--------|
| not present | not present | not present | any | true |
| not present | not present | false | any | true |
| not present | not present | true | false | true |
| not present | not present | true | true | false |
| not present | true | any | any | true |
| not present | false | any | any | false |
| true | any | any | any | true |
| false | any | any | any | false |
Service template will create one or two service templates according to this table:
| serviceType | both_tls_and_plain | result |
|---------------|--------------------|--------------|
| ClusterIP | any | one Service |
| Not ClusterIP | not present | one Service |
| Not ClusterIP | false | one Service |
| Not ClusterIP | true | two Services |
If two services are created, one is ClusterIP with both crypted and plain
ports and the other one is NodePort (or LoadBalancer) with crypted port only.
Issue-ID: OOM-1936
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: If766dd73132022d1a6e578fd36113c461bb91ea5
|
|
|
|
Issue-ID: CCSDK-2147
Signed-off-by: gummar <raj.gumma@est.tech>
Change-Id: I7701616ec9732225cf2be07d67dad7af0953bccb
|
|
|
|
Helm chart updates to pull in latest version of components:
bootstrap loads blueprints into DCAE inventory
bootstrap configures k8splugin for JKS CA store
inventory uses generated CA cert
cloudify manager loads type file to synch clamp and dcae
policy plugins
dashboard skips bad blueprints from inventory
bootstrap loads latest pgaas and sshkeyshare plugins
bootstrap runs as non-root user
Issue-ID: DCAEGEN2-2049
Issue-ID: DCAEGEN2-1938
Issue-ID: DCAEGEN2-2097
Issue-ID: DCAEGEN2-2120
Issue-ID: DCAEGEN2-2072
Signed-off-by: Jack Lucas <jflucas@research.att.com>
Change-Id: I12f37ccc85ebfefba10e7ec1113da6474927ba57
|
|
|
|
|
|
* Update kubernetes/aai from branch 'master'
to 4f4d14ab45a2225953961136220041189d566015
- Merge "Update logback.xml"
- Update logback.xml
Issue-ID: AAI-2824
Signed-off-by: Jimmy Forsyth <jf2512@att.com>
Change-Id: I9034b283a2cd47770a30db9e1eecf3ef5ad58d47
|
|
|
|
|
|
|
|
And thus needs bigger limits/requests
Issue-ID: USECASEUI-403
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ide23f95af16f9ed9615bcb26e67e40cd1145670f
|
|
* Update kubernetes/aai from branch 'master'
to c9fad710ea31ae6695c3914429266621d37ce8b8
- Fix the graphadmin logback issue
Issue-ID: AAI-2751
Change-Id: Icce232aab798c2c1d2a072a5cbf040403879a48b
Signed-off-by: Harish Venkata Kajur <vk250x@att.com>
|
|
Issue-ID: SO-2588
Signed-off-by: Enbo Wang <wangenbo@huawei.com>
Change-Id: I809336bcc7528e4196ddb59a9c25939fd891b502
|
|
integrate portal-sdk with AAF agent init container.
add pv to store init-container certs generated at startup.
add aafEnabled flag to switch on/off aaf integration.
modify tomcat startup to load p12 and enable HTTPS based on flag.
Issue-ID: PORTAL-261
Signed-off-by: ChrisC <christophe.closset@intl.att.com>
Change-Id: Ia2b05b8661bf9e0c03a60467212e80d1c9d02bac
|
|
|
|
Use common secret template in so-catalog-db-adapter component.
For now passwords are stil hardcoded but this will be removed in
further commits.
Issue-ID: OOM-2328
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I2ac98729b47d15ab4c360c3bb8c759370d6ec7d2
|
|
Issue-ID: DMAAP-1363
Signed-off-by: Dominic Lunanuova <dgl@research.att.com>
Change-Id: I198b19a24f2b413f489376eb101efa75a4513ba0
|
|
|
|
Change-Id: I8cf5a6ac58d38c6e5c818259baf7d69615eb9803
Signed-off-by: efiacor <fiachra.corcoran@est.tech>
Issue-ID: DMAAP-1400
|
|
Some passwords are still hardcoded but with this commit all components
should be using passwords provided via secrets not directly as strings.
A follow-up patch will remove hardcoded passwords where feasible.
Issue-ID: OOM-2309
Change-Id: I047974506430cbb277200d0103bcc57a6fd8a83b
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
|
|
|
|
|
|
Issue-ID: VID-761
Change-Id: Ie3127f62a9b059020b047ae09bf13bdf77923833
Signed-off-by: Ittay Stern <ittay.stern@att.com>
|
|
Add support to build endpoint from SO to multicloud
via msb using http or https scheme.
Change-Id: I474fdd7c885e437c1c8136bffe3e40e41c86dab5
Issue-ID: SO-1450
Signed-off-by: Eric Multanen <eric.w.multanen@intel.com>
|
|
It should make the POD to start again
Issue-ID: AAF-1106
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I934a904ba7310e49bf2cfd3f372c402af3878efa
|
|
The issue related to HV-VES occurs due to a lack of
certificates. There are provided by TLS_INT_CONTAINER.
Therefore use-tls must be set on true.
Issue-ID: OOM-2281
Signed-off-by: Piotr Wielebski <piotr.wielebski@nokia.com>
Change-Id: Ib5c82d5955c0a7b32a4fc5c9797734f930ae7885
|
|
SMS requests/limits were set too low and thus it prevents start when on
small flavors
Issue-ID: AAF-1105
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ib591c972ceaa4186dd16ca5cebd86b58c0288718
|
|
|
|
|
|
ElasticSearch run as non-root user
Issue-ID: CLAMP-668
Change-Id: I786e2ff8babf4b78fa6dfdf63ff9cd486099fbac
Signed-off-by: osgn422w <gervais-martial.ngueko@intl.att.com>
|
|
|
|
|
|
Use common secrete template in so-bpmn-infra component.
For now passwords are stil hardcoded but this will be removed in
further commits.
Issue-ID: OOM-2328
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I828d6a5713cf023d72ab22ea758e78e91d1944b9
|
|
Also add requirements for Frankfurt release
Issue-ID: OOM-1960
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Idaa4925515737221c90c4bf9141406fa1d428f15
|
|
|
|
|
|
|
|
consul ui is on http mode.
As nobody really looks at it, let's remove the nodeport and set it as
ClusterIP.
Issue-ID: OJSI-168
Issue-ID: OJSI-202
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: If114dac59c4fc919a0ab879ef7c5c2478f6a16d2
|
|
|