aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2020-03-09Merge "[DMaaP MR] Use HTTPS only for external traffic"Krzysztof Opasiak5-276/+228
2020-03-09Merge "[VFC] Use common secret template for DB root password"Sylvain Desbureaux17-42/+266
2020-03-09Merge "Use released version of ESR"Sylvain Desbureaux1-1/+1
2020-03-09Merge "[COMMON] Allow to attach annotations to secrets"Sylvain Desbureaux1-1/+8
2020-03-09Merge "[SO] Support LCM API of SDNC"Sylvain Desbureaux2-0/+16
2020-03-09Merge "DCAE R6 updates"Krzysztof Opasiak8-11/+15
2020-03-09[VFC] Use common secret template for DB root passwordKrzysztof Opasiak17-42/+266
Issue-ID: VFC-1600 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I9f83c6f6eaace60c3e974218810e5943c5758c06
2020-03-06Use released version of ESRForsyth, James (jf2512)1-1/+1
Issue-ID: AAI-2734 Change-Id: I9479f62bfc1baab2d3a72602f6c6fa704ef01962 Signed-off-by: Forsyth, James (jf2512) <jf2512@att.com>
2020-03-06Bump DMaaP DR versionefiacor2-2/+2
Change-Id: I7a37ab9a69fdb3232f68b908ea97a788fbab55a1 Signed-off-by: efiacor <fiachra.corcoran@est.tech> Issue-ID: DMAAP-1404
2020-03-06Merge "[SO] Use common secret template in so-catalog-db-adapter"Krzysztof Opasiak3-16/+46
2020-03-06[COMMON] Allow to attach annotations to secretsKrzysztof Opasiak1-1/+8
SO adds some annotations to one of its secres so let's extend the common secret template with the ability to add annotations. Issue-ID: OOM-2328 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I4c33d87724b2296852d62e2ddf9061ff4e235157
2020-03-06Update git submodulesefiacor1-0/+0
* Update kubernetes/robot from branch 'master' to c854b484ebbd5e0c1be1e6a032a79beeb4cab6ff - Removing http for DMaaP DR Signed-off-by: efiacor <fiachra.corcoran@est.tech> Issue-ID: DMAAP-1400 Change-Id: Ifd0502283d4efe0c14aeb1e77bfa85779596cfec
2020-03-06Merge "[COMMON] Handle TLS/Non-TLS for Service"Krzysztof Opasiak6-26/+782
2020-03-06Merge "Removed external access on unsecure port for ↵Sylvain Desbureaux1-2/+1
cds-blueprints-processor-http"
2020-03-06[DMaaP MR] Use HTTPS only for external trafficSylvain Desbureaux5-276/+228
Use the new template features to create two services for DMaaP Message Router: * One of ClusterIP type with HTTP AND HTTPS port, with the same name as before. * Another of NodePort type with HTTPS only port, with a new name (this one should be used only for external traffic) I've also replaced `tabs` iby spaces in two resources files so it's easier to read the configmap. Issue-ID: DMAAP-1400 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I394e0b5327ffe2605f0c4c8b134e49553b06232c
2020-03-06[COMMON] Handle TLS/Non-TLS for ServiceSylvain Desbureaux6-26/+782
Current service and headlessService templates doesn't handle the fact that out of cluster ports must be TLS encrypted only. With a new (backward compatible) DSL, this is now possible. In values.yaml, all ports in service part with port AND plain_port will have the ability to be HTTP or HTTPS depending on the context. Per default, they'll be HTTPS. TLS choice will be done according this table: | tlsOverride | global.tlsEnabled | global.serviceMesh.enabled | global.serviceMesh.tls | result | |-------------|-------------------|----------------------------|------------------------|--------| | not present | not present | not present | any | true | | not present | not present | false | any | true | | not present | not present | true | false | true | | not present | not present | true | true | false | | not present | true | any | any | true | | not present | false | any | any | false | | true | any | any | any | true | | false | any | any | any | false | Service template will create one or two service templates according to this table: | serviceType | both_tls_and_plain | result | |---------------|--------------------|--------------| | ClusterIP | any | one Service | | Not ClusterIP | not present | one Service | | Not ClusterIP | false | one Service | | Not ClusterIP | true | two Services | If two services are created, one is ClusterIP with both crypted and plain ports and the other one is NodePort (or LoadBalancer) with crypted port only. Issue-ID: OOM-1936 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: If766dd73132022d1a6e578fd36113c461bb91ea5
2020-03-05Merge "Disabling http ports on DMaaP"Krzysztof Opasiak2-3/+1
2020-03-05Removed external access on unsecure port for cds-blueprints-processor-httpgummar1-2/+1
Issue-ID: CCSDK-2147 Signed-off-by: gummar <raj.gumma@est.tech> Change-Id: I7701616ec9732225cf2be07d67dad7af0953bccb
2020-03-05Merge "[SDNC] Use common secret template in sdnc"Krzysztof Opasiak15-196/+322
2020-03-05DCAE R6 updatesJack Lucas8-11/+15
Helm chart updates to pull in latest version of components: bootstrap loads blueprints into DCAE inventory bootstrap configures k8splugin for JKS CA store inventory uses generated CA cert cloudify manager loads type file to synch clamp and dcae policy plugins dashboard skips bad blueprints from inventory bootstrap loads latest pgaas and sshkeyshare plugins bootstrap runs as non-root user Issue-ID: DCAEGEN2-2049 Issue-ID: DCAEGEN2-1938 Issue-ID: DCAEGEN2-2097 Issue-ID: DCAEGEN2-2120 Issue-ID: DCAEGEN2-2072 Signed-off-by: Jack Lucas <jflucas@research.att.com> Change-Id: I12f37ccc85ebfefba10e7ec1113da6474927ba57
2020-03-05Merge "HTTPS/AAF auto cert gen for Portal SDK"Krzysztof Opasiak6-10/+298
2020-03-05Merge "[UUI] UUI Server is a core eater"Krzysztof Opasiak1-6/+6
2020-03-05Update git submodulesVenkata Harish Kajur1-0/+0
* Update kubernetes/aai from branch 'master' to 4f4d14ab45a2225953961136220041189d566015 - Merge "Update logback.xml" - Update logback.xml Issue-ID: AAI-2824 Signed-off-by: Jimmy Forsyth <jf2512@att.com> Change-Id: I9034b283a2cd47770a30db9e1eecf3ef5ad58d47
2020-03-05Merge "readd so filebeat sidecar ELK endpoint"Sylvain Desbureaux11-0/+187
2020-03-05Merge "[SO] Use common secret template in so-bpmn-infra"Sylvain Desbureaux3-17/+47
2020-03-05Merge "Add parameter http scheme for multicloud adapter"Sylvain Desbureaux1-1/+2
2020-03-05[UUI] UUI Server is a core eaterSylvain Desbureaux1-6/+6
And thus needs bigger limits/requests Issue-ID: USECASEUI-403 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ide23f95af16f9ed9615bcb26e67e40cd1145670f
2020-03-05Update git submodulesHarish Venkata Kajur1-0/+0
* Update kubernetes/aai from branch 'master' to c9fad710ea31ae6695c3914429266621d37ce8b8 - Fix the graphadmin logback issue Issue-ID: AAI-2751 Change-Id: Icce232aab798c2c1d2a072a5cbf040403879a48b Signed-off-by: Harish Venkata Kajur <vk250x@att.com>
2020-03-05[SO] Support LCM API of SDNCEnbo Wang2-0/+16
Issue-ID: SO-2588 Signed-off-by: Enbo Wang <wangenbo@huawei.com> Change-Id: I809336bcc7528e4196ddb59a9c25939fd891b502
2020-03-05HTTPS/AAF auto cert gen for Portal SDKChrisC6-10/+298
integrate portal-sdk with AAF agent init container. add pv to store init-container certs generated at startup. add aafEnabled flag to switch on/off aaf integration. modify tomcat startup to load p12 and enable HTTPS based on flag. Issue-ID: PORTAL-261 Signed-off-by: ChrisC <christophe.closset@intl.att.com> Change-Id: Ia2b05b8661bf9e0c03a60467212e80d1c9d02bac
2020-03-05Merge "Use Frankfurt release of dmaap-bc"Sylvain Desbureaux1-1/+1
2020-03-04[SO] Use common secret template in so-catalog-db-adapterKrzysztof Opasiak3-16/+46
Use common secret template in so-catalog-db-adapter component. For now passwords are stil hardcoded but this will be removed in further commits. Issue-ID: OOM-2328 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I2ac98729b47d15ab4c360c3bb8c759370d6ec7d2
2020-03-04Use Frankfurt release of dmaap-bcDominic Lunanuova1-1/+1
Issue-ID: DMAAP-1363 Signed-off-by: Dominic Lunanuova <dgl@research.att.com> Change-Id: I198b19a24f2b413f489376eb101efa75a4513ba0
2020-03-04Merge "VID: Update to version 6.0.3 (Frankfurt RC2)"Krzysztof Opasiak1-1/+1
2020-03-04Disabling http ports on DMaaPefiacor2-3/+1
Change-Id: I8cf5a6ac58d38c6e5c818259baf7d69615eb9803 Signed-off-by: efiacor <fiachra.corcoran@est.tech> Issue-ID: DMAAP-1400
2020-03-04[SDNC] Use common secret template in sdncKrzysztof Opasiak15-196/+322
Some passwords are still hardcoded but with this commit all components should be using passwords provided via secrets not directly as strings. A follow-up patch will remove hardcoded passwords where feasible. Issue-ID: OOM-2309 Change-Id: I047974506430cbb277200d0103bcc57a6fd8a83b Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2020-03-04Merge "Update HV-VES version to 1.4.0"Sylvain Desbureaux2-2/+3
2020-03-04Merge "[AAF] Give more CPU limit for AAF-GUI"Krzysztof Opasiak1-1/+1
2020-03-04VID: Update to version 6.0.3 (Frankfurt RC2)Ittay Stern1-1/+1
Issue-ID: VID-761 Change-Id: Ie3127f62a9b059020b047ae09bf13bdf77923833 Signed-off-by: Ittay Stern <ittay.stern@att.com>
2020-03-04Add parameter http scheme for multicloud adapterEric Multanen1-1/+2
Add support to build endpoint from SO to multicloud via msb using http or https scheme. Change-Id: I474fdd7c885e437c1c8136bffe3e40e41c86dab5 Issue-ID: SO-1450 Signed-off-by: Eric Multanen <eric.w.multanen@intel.com>
2020-03-04[AAF] Give more CPU limit for AAF-GUISylvain Desbureaux1-1/+1
It should make the POD to start again Issue-ID: AAF-1106 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I934a904ba7310e49bf2cfd3f372c402af3878efa
2020-03-04Update HV-VES version to 1.4.0pwielebs2-2/+3
The issue related to HV-VES occurs due to a lack of certificates. There are provided by TLS_INT_CONTAINER. Therefore use-tls must be set on true. Issue-ID: OOM-2281 Signed-off-by: Piotr Wielebski <piotr.wielebski@nokia.com> Change-Id: Ib5c82d5955c0a7b32a4fc5c9797734f930ae7885
2020-03-04[AAF] more memory for SMSSylvain Desbureaux1-2/+2
SMS requests/limits were set too low and thus it prevents start when on small flavors Issue-ID: AAF-1105 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ib591c972ceaa4186dd16ca5cebd86b58c0288718
2020-03-04Merge "Replaced URLs from the configuration file with test values"Sylvain Desbureaux1-3/+1
2020-03-04Merge "ES non-root"Sylvain Desbureaux3-3/+3
2020-03-03ES non-rootosgn422w3-3/+3
ElasticSearch run as non-root user Issue-ID: CLAMP-668 Change-Id: I786e2ff8babf4b78fa6dfdf63ff9cd486099fbac Signed-off-by: osgn422w <gervais-martial.ngueko@intl.att.com>
2020-03-03Merge "[Consul] Remove nodeport on UI"Krzysztof Opasiak1-1/+1
2020-03-02Merge "[DOC] Remove references to old versions"Krzysztof Opasiak3-16/+17
2020-03-02[SO] Use common secret template in so-bpmn-infraKrzysztof Opasiak3-17/+47
Use common secrete template in so-bpmn-infra component. For now passwords are stil hardcoded but this will be removed in further commits. Issue-ID: OOM-2328 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I828d6a5713cf023d72ab22ea758e78e91d1944b9
2020-03-02[DOC] Remove references to old versionsSylvain Desbureaux3-16/+17
Also add requirements for Frankfurt release Issue-ID: OOM-1960 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Idaa4925515737221c90c4bf9141406fa1d428f15