aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2024-12-12[POLICY] Fix default settings in values.yamlAndreas Geissler1-4/+4
Enable local Postgres instance as default DB. Issue-ID: POLICY-5166 Change-Id: I5ba458548e3bee5cd6d3df2cf9b334af9b8da78f Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-12-12Merge "[POLICY] Fix DB related issues"Micha? Jagie??o9-32/+67
2024-12-12Merge "[AAI] Fix Kyverno Policy violations"Andreas Geissler53-612/+413
2024-12-12Merge "[AUTHENTICATION] New Oslo version"Micha? Jagie??o24-268/+581
2024-12-09[AUTHENTICATION] New Oslo versionAndreas Geissler24-268/+581
Update for the latest Keycloak version (26.0.x) Additional support for REALM options. Add Authorization support Update keycloak-config-cli and oauth2-proxy charts Issue-ID: OOM-3306 Change-Id: I1e1d4b7afbaf52bc33904a1589efc25cf578d7a6 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-12-09[AAI] Fix Kyverno Policy violationsAndreas Seelinger53-612/+413
- Refactored code for readiness check and use library readinessCheck - Fixed securityContext settings - Limit emptyVolume size and make it configurable - Important: Need to use aai-haproxy docker image version >= 1.15.2 - Refactore meta labels and use common.labels instead Issue-ID: AAI-4044 Change-Id: I346316e64cb67222836951cf12b3772bbf509c6a Signed-off-by: Andreas Seelinger <andreas.seelinger@accenture.com>
2024-12-06[POLICY] Fix DB related issuesAndreas Geissler9-32/+67
- fix MariaDB configuration in PolicyAPI - fix Postgres/MariaDB selection handling - fix Secret definitions for DBs - fix Postgres init script to be compliant to PG version 15+ - smaller linter fixes Issue-ID: POLICY-5166 Change-Id: I7d95d50133eb1e9e1d91991d9fea05331442dea0 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-12-03Adjust default role mapping of the common serviceAccount chartFiete Ostkamp3-90/+122
- make roles in serviceAccount chart configurable via role.read and role.create - change declaration of roles to work in environments with more restrictive RBAC rules Issue-ID: OOM-3323 Change-Id: I25ddd1a7cf26047b9098de03bbb8598dfd367133 Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
2024-11-28Fix Kyverno policy violations for DCAE PRH & VES-COLLECTORAditi Shukla8-18/+166
Issue-ID: OOM-3315 Change-Id: I1d6251e7c6724addca81167f9f4d184c291340c3 Signed-off-by: Aditi Shukla <aditi.shukla@t-systems.com>
2024-11-28Merge "[POLICY] Update docker images to latest versions"Andreas Geissler34-92/+215
2024-11-27Merge "[COMMON] Synchronize the charts"Lukasz Rajewski11-57/+39
2024-11-27[MULTICLOUD] Add /tmp volumes in K8SAndreas Geissler4-5/+17
Add temporary volumes to overcome read-only filesystem restrictions Issue-ID: OOM-3318 Change-Id: Ie09c952d8d0a850bfbc6c1e6f17341face9d946a Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-11-26[POLICY] Update docker images to latest versionsrameshiyer2734-92/+215
The image versions in policy values.yaml files have been updated *** This commit is generated by a PF release script *** Issue-ID: POLICY-5166 Change-Id: I1e81d5bbee812f584cd8ee769f95f9534a5cef9d Signed-off-by: rameshiyer27 <ramesh.murugan.iyer@est.tech>
2024-11-25Merge "[Multicloud] Fix Kyverno Policy violations"Andreas Geissler8-16/+99
2024-11-23Merge "[AAI] 15.0.0 chart release"Andreas Geissler55-620/+547
2024-11-21[COMMON] Synchronize the chartsAndreas Geissler11-57/+39
Correct the security settings and improve templates. Issue-ID: OOM-3288 Change-Id: Idf1d59b33bea4d27a523d990b218b2e36ffb0348 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-11-04[AAI] 15.0.0 chart releaseFiete Ostkamp55-620/+547
- update graphadmin image (1.14.7 -> 1.15.1) - update babel image (1.13.3 -> 1.13.4) - update resources image (1.14.7 -> 1.15.1) - make logging partially configurable and less verbose Issue-ID: AAI-4047 Change-Id: I78695dfccab88244bf119a4fc8877c1b9ddf90c2 Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
2024-10-24[CPS][COMMON] Update latest cps-and-ncmp image versionrajesh.kumar1-1/+1
Update latest cps-and-ncmp image version - it will fix cps rolling upgrade issue Issue-ID: OOM-3321 Change-Id: I56c34400dc73c71b936a51260efd241024abbeaa Signed-off-by: rajesh.kumar <rk00747546@techmahindra.com>
2024-10-22[Multicloud] Fix Kyverno Policy violationsAndreas Geissler8-16/+99
Add SecurityContext to deployments Issue-ID: OOM-3318 Change-Id: Ie4cfa869628d030c2047f3dd954d77786ab88c53 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-10-17[DOC] Update OOM DocumentationAndreas Geissler19-173/+19
Replace wiki.onap.org links with altassian ones. Issue-ID: OOM-3317 Change-Id: I09227ca0ac1d536b7e0507b60d15df6f0ff00480 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-10-15[ETCD] Add kyverno policy fixesAndreas Geissler18-463/+472
Add securityContext settings to resolve kyverno policy violations Fix Jira Links in all release notes. Issue-ID: OOM-3314 Change-Id: Ief20d42f2e4825754bf8d1a142665c7dd176a1d9 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-10-01portal-ng chart updateFiete Ostkamp21-85/+251
- Kyverno fixes - make Keycloak settings configurable via `global` Issue-ID: PORTALNG-125 Change-Id: I827527d4fe2dcadf79ed79591c81dbe83169b2cb Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
2024-09-19[AAI] 14.0.3 Oslo release with Java 11Fiete Ostkamp25-266/+297
- [resources,traversal,graphadmin] use 1.14.7 release images that are based on Java 11 - [babel] add metrics and tracing - [babel] allow remote profiling and debugging - [graphadmin] make graphadmin chart Kyverno compliant - [graphadmin] replace fixed initialDelaySeconds wait invertal with dynamic startup probe - [graphadmin] use actuator endpoint for liveness and readiness probe. Actuator still uses the old echo probe in the background - [graphadmin] remove janusgraph-cached.properties since it effectively cannot be used - [graphadmin] clean up janusgraph-realtime.properties - [graphadmin] use common functions for readiness probe - [graphadmin] remove LOCAL_USER_ID and LOCAL_GROUP_ID environment variables since they are not used (anymore) - [modelloader] add metrics monitoring via prometheus - [modelloader] allow remote profiling and debugging - [sparky-be] use latest release image (2.0.5) Other - [sdc-be] declare ServiceMonitor to enable metrics monitoring via Prometheus Issue-ID: AAI-3986 Change-Id: Ifbd52d0d019d34596f6f824aa940e9b7993336ab Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
2024-09-12Merge "[STRIMZI] Solve Security Policy violations"Lukasz Rajewski11-17/+250
2024-09-11[STRIMZI] Solve Security Policy violationsAndreas Geissler11-17/+250
- add securityContext settings to Operator and strimzi resources - add resources settings - update documents to use a new strimzi-kafka operator version in Oslo Issue-ID: OOM-3311 Change-Id: Ie6e4c30495e500781d898aed31bd74f2f4f3c708 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-09-10Merge "[CPS][COMMON] Sync newly added cps configurations"Andreas Geissler2-2/+76
2024-09-10Merge "[POLICY] Fix postgres support and SASL"Andreas Geissler31-320/+634
2024-09-04[CPS][COMMON] Sync newly added cps configurationsrajesh.kumar2-2/+76
Update CPS helm charts for newly added configurations. Issue-ID: OOM-3313 Change-Id: I56c34400dc73c71b936a51260efd240904bdaeae Signed-off-by: rajesh.kumar <rk00747546@techmahindra.com>
2024-09-02[POLICY] Fix postgres support and SASLsaul.gill31-320/+634
Charts will allow mariadb or postgres Allow configuration of db choice globally Deleted jobs that aren't needed Altered db migrator script Allow SASL config in drools Drools chart fixed Removed readiness jobs for kafka Exposed more config for drools Issue-ID: POLICY-4943 Change-Id: I26c4a7c1adc2d615602e3e6495ecedfb017ef39e Signed-off-by: saul.gill <saul.gill@est.tech>
2024-09-01[DCAEGEN2] define emptyDir volume for /tmp dirFiete Ostkamp1-0/+5
- this improves support for making the pod filesystem read-only (of ves-collector) Issue-ID: DCAEGEN2-3415 Change-Id: Ic7413b2fd589d095b69eec0c88693b2db4e3c13c Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
2024-08-22Merge "[AAI] Release 14.0.1 chart with Janusgraph update to 0.6.0"Andreas Geissler24-134/+140
2024-08-21[CASSANDRA] Add option to set the resource limitsAndreas Geissler4-5/+23
add resources entry to the _cassOp template add resources setting to the cassandra instance add additional settings to improve the performance Issue-ID: OOM-3312 Change-Id: Iaa18e7c55a933f2403eff2dd93cb36f9786b3a41 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-08-20Merge "[COMMON] Cleanup charts"Thomas Kulik458-514/+8
2024-08-19[AAI] Release 14.0.1 chart with Janusgraph update to 0.6.0Fiete Ostkamp24-134/+140
- 1.14.5 images for resources, traversal and graphadmin with Janusgraph update (0.5.3 -> 0.6.0) - cleanup janusgraph-realtime.properties file since the 'cassandra' storage.backend option is not supported anymore - use more descriptive port names for schema-service - reduce terminationGracePeriodSeconds of pods to enable quicker deployment - declare pod revisionHistoryLimit for all components - make root log level configurable for all components (via log.level.root) Issue-ID: AAI-3950 Change-Id: I6221963139fcf4b748167940b6e59367661ba1e5 Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
2024-08-16Merge "[UUI] Modify llm-adaptation port"Andreas Geissler1-1/+1
2024-08-16[UUI] Modify llm-adaptation portkaixiliu1-1/+1
Modify llm-adaptation port Issue-ID: USECASEUI-838 Change-Id: I5ee51936fe19563f7eec8fb1eae75247eea8a687 Signed-off-by: kaixiliu <liukaixi@chinamobile.com>
2024-08-15Merge "[COMMON][TIMESCALEDB] TemporalDB and securityContext settings"Thomas Kulik9-34/+59
2024-08-15[COMMON][TIMESCALEDB] TemporalDB and securityContext settingsAndreas Geissler9-34/+59
- make pod/containerSecurityContext settings more configurable in _pod.tpl - fix MariaDB statefulset - Fix temporal statefulset to comply with security rules - Set timescaleDB via RepositoryGenerator Issue-ID: OOM-3310 Change-Id: I870f1e835020c2b30225741e700d1a6abfba8ad3 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-08-14new onap logothmsdt2-1/+1
Issue-ID: DOC-826 Change-Id: Ifc4a02697760b228029363d9362cb12070efd198 Signed-off-by: thmsdt <thomas.kulik@telekom.de>
2024-08-13[authentication] Fix READMEAndreas Geissler1-6/+6
change default settings Issue-ID: OOM-3306 Change-Id: I5600dce6d4828323a0c00107a967cfdaf71c07b5 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-08-13[COMMON] Cleanup chartsAndreas Geissler458-514/+8
- archive charts, which are not maintained anymore - archive subcharts in SDNC, MSB, DCAEGEN2-SERVICES - Cleanup environment and override files Issue-ID: OOM-3309 Issue-ID: ONAPARC-805 Change-Id: If19a807fefa574ceb9b90ac1eb84d9642729323d Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-08-13Merge "[COMMON] Synchronize common charts"Lukasz Rajewski24-38/+97
2024-08-10Merge "[POLICY] Fix Kyverno Policy violations"Lukasz Rajewski84-186/+1293
2024-08-10Merge "[AUTHENTICATION] Fixes for REALM generation"Lukasz Rajewski6-89/+401
2024-08-09Merge "[UUI] Add configuration file for llm adaptation"Andreas Geissler11-1/+461
2024-08-09[UUI] Add configuration file for llm adaptationkaixiliu11-1/+461
Add configuration file for llm adaptation Issue-ID: USECASEUI-838 Change-Id: Ib25a7047712d753b4be8fa39733001f02bc196aa Signed-off-by: kaixiliu <liukaixi@chinamobile.com>
2024-08-08[AUTHENTICATION] Fixes for REALM generationAndreas Geissler6-89/+401
- Some fixes for the client creation within the REALM. - Addition function for SMTP server configuration - README additions - Kyverno policy violation fixes Issue-ID: OOM-3306 Change-Id: I6df34be566257f40795e454a6a81b4743cb8edb1 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-08-07[COMMON] Synchronize common chartsAndreas Geissler24-38/+97
- solve actual findings during tests with kyverno policies - synchronize headers Issue-ID: OOM-3288 Issue-ID: OOM-3296 Change-Id: Ia7e7daa8864069493e09dd6511825aa939c5eeaf Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-08-02[POLICY] Fix Kyverno Policy violationsAndreas Geissler84-186/+1293
- Add "archive" folder for removed policy-gui charts - Update all deployments/jobs to fix policies - Correct KafkaUser definition to avoid deprecated attribute - update xacml-pdp deployment to work with readOnlyFilesystem setting Issue-ID: OOM-3307 Change-Id: I579062c1c49923666c1d836f7324c8bbd7b88695 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-07-26[POLICY] Deprecation of policy-guiadheli.tavares15-650/+4
- policy-gui is going into unmaintained state. Issue-ID: POLICY-5049 Change-Id: Ic83ab19a37d1c3e7007975b27ca150c4794a86e9 Signed-off-by: adheli.tavares <adheli.tavares@est.tech>