summaryrefslogtreecommitdiffstats
path: root/kubernetes/aai
AgeCommit message (Collapse)AuthorFilesLines
2022-03-01[AAI] Automatically select valid jetty-util jarRadoslaw Chmiel6-20/+26
jetty-util jar filename will be automatically generated from currently present instead of hardcoded value Change-Id: Iface1530739cc28d9f0823573c98852ae4a3b6d9 Signed-off-by: Radoslaw Chmiel <r.chmiel@partner.samsung.com> Issue-ID: OOM-2929
2022-02-25Merge "[AAI] Request blocking enhancement for AAI"Sylvain Desbureaux3-0/+24
2022-02-23[AAI] Updates for AAI Jakarta to release latest versionswr148d7-16/+16
Updates include security package updates and releasing v26 support for CCVPN requirements Upgrade Babel version to 1.9.3 Upgrade Model-loader version to 1.9.2 Upgrade GraphAdmin version to 1.9.3 Upgrade Resources version to 1.9.4 Upgrade Traversal version to 1.9.4 Upgrade Schema-service version to 1.9.4 Issue-ID: AAI-3435 Change-Id: I9a0685907c098d35f25f448cb0963977b33cbd65 Signed-off-by: wr148d <wr148d@att.com>
2022-02-23[AAI] Request blocking enhancement for AAISuresh Charan3-0/+24
Enable configuration of HAProxy ACL to block incoming requests Issue-ID: OOM-2920 Signed-off-by: Suresh Charan <suresh.charan@amdocs.com> Change-Id: Icacaa7642f018b76b6c738b325c3d2a12702495e
2022-02-17[GLOBAL] Upgrade Jetty ImageSylvain Desbureaux6-21/+20
Use latest Jetty image, change configuration and explain in code what needs to be done for next time. Issue-ID: AAI-3450 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I85c2f772b985e0f03654916a800c96e1dd345093
2022-02-01[AAI] Docker image updates for package upgrades for security reasonswr148d5-5/+5
Babel, schema-service, resources, traversal, and graphadmin docker images updated to get log4j version updates and other package updates based on security violations Issue-ID: AAI-3431 Signed-off-by: wr148d <wr148d@att.com> Change-Id: Iacd476bb2f70af1524878a887bfac669cc45f3fb
2022-01-07[AAI] Add serviceAccount override to local cassandra configAndreas Geissler1-0/+2
If localCluster is enabled, the serviceAccount name must match with the DB name Issue-ID: OOM-2905 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: Ia6860d995dc7f19890855bcf3a8e3e768966a43a
2021-12-07[GLOBAL] Migrate to helm v3efiacor18-311/+199
Move all Chart.yaml to use apiVersion: 2 Move dependencies from requirements.yaml to Chart.yaml Changes to all makeFiles Changes to helm deploy plugin Signed-off-by: efiacor <fiachra.corcoran@est.tech> Change-Id: I03c5290eee9e40f76eacbf171e774204cf5fb1c0 Issue-ID: OOM-2845
2021-12-06Merge "[AAI] Service Mesh related"9.0.0Sylvain Desbureaux1-0/+4
2021-12-03[AAI] Service Mesh relatedothman touijer1-0/+4
Define required env variable for babel keystore, even when AAF is not enabled. Component will not start otherwise. Issue-ID: OOM-2887 Signed-off-by: othman touijer <othman.touijer@soprasteria.com> Change-Id: I1bf155683ef04c211f75cb82dd4779f8b6375aac
2021-12-01[AAI] Service Mesh relatedothman touijer7-20/+32
Sets conditions on volumes that are not mounted when AAF is disabled. Issue-ID: OOM-2887 Signed-off-by: othman touijer <othman.touijer@soprasteria.com> Change-Id: If5613bf22d3dbfe527be77726cb1b14a538a2e04
2021-11-15Merge "[AAI][SCHEMA] Remove Hardcoded certificates"Krzysztof Opasiak19-271/+577
2021-11-12[AAI][SCHEMA] Remove Hardcoded certificatesSylvain Desbureaux19-271/+577
Use Certinitializer in order to retrieve needed certificates. It'll also do the retrieval for graphadmin as both microservices are working together. Issue-ID: OOM-2691 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Iad790cc14361cf15d5a6bf4fcad6fd9f4048a1a7
2021-11-12Merge "[AAI] Update the aai keystore with the newly generated cert"Sylvain Desbureaux1-0/+0
2021-11-10[AAI][BABEL] Remove Hardcoded certificatesSylvain Desbureaux20-201/+255
Use Certinitializer in order to retrieve needed certificates. Change ModelLoader also as it needs valid certificate to communicate with Babel. Issue-ID: OOM-2693 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I64b8ede24643f942dc99956030c202c50d41ad1e
2021-11-09[AAI] Update the aai keystore with the newly generated certHarish Venkata Kajur1-0/+0
aai keystore is expiring in 70 days so updating the keystore manually with the new certificate that will expire in November 2022 Issue-ID: AAI-3406 Change-Id: Idb63a4b52cdd7171af4fad83d2d4c700d6e76691 Signed-off-by: Harish Venkata Kajur <vk250x@att.com>
2021-11-02[AAI] Use log templateMaciej Wereski19-159/+84
Ability to turn off filebeat is needed as it is being deprecated. To achieve that existing log helper template is used. Issue-ID: OOM-1 Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com> Change-Id: I730b5463fea750594a23ce391c352959d166195e
2021-10-21Merge "[COMMON] Fix trailing blanks found by pre-commit"Sylvain Desbureaux1-1/+1
2021-10-20[COMMON] Fix trailing blanks found by pre-commitguillaume.lambert1-1/+1
pre-commit is now enforced by the CI chain. Meanwhile, trailing blanks were introduced in the code base and must be fixed so that gate pass. Issue-ID: OOM-2643 Signed-off-by: guillaume.lambert <guillaume.lambert@orange.com> Change-Id: I54daa27a1fdf019a6777e9b90274d0ef4f1ba08e
2021-10-15[COMMON] Bump ONAP versionSylvain Desbureaux16-51/+60
Use version 9.0.0 for Istanbul Also update the doc. Issue-ID: OOM-1 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I03e11799bf487226784c98b04116f005c89d1e70
2021-10-04Merge "[COMMON] Add and run pre-commit linters via tox"Sylvain Desbureaux7-274/+262
2021-09-26[COMMON] Add and run pre-commit linters via toxguillaume.lambert7-274/+262
- create a .pre-commit-config.yaml configuration file with * gitlint * trailing blanks linter * tabs removal linter - exclude .git folder from it - exclude Makefiles since tabs are mandatory by default in them - create a tox pre-commit profile to run it from tox note gitlint is not runnable at this pre-commit stage - create pre-commit-install and pre-commit-uninstall tox profiles to (un)install hooks locally and (un)perform tests at each "git commit" call (i.e. without calling manually the pre-commit tox profile) - precise pre-commit stages/types in the pre-commit configuration file so that hooks are installed correctly. This avoids messages about skipped tests when they are run at a wrong stage. Issue-ID: OOM-2643 Signed-off-by: guillaume.lambert <guillaume.lambert@orange.com> Change-Id: Ie95bb4f6f90be80b05a1398973caffeff7936881
2021-09-22[AAI] Updating AAI for CNF Updateswr148d1-1/+1
The 1.9.2 schema-service docker with cnf updates is being used Issue-ID: AAI-3385 Signed-off-by: wr148d <wr148d@att.com> Change-Id: Id5b585883433549aae3ce43f394862e158c5632b
2021-09-20[AAI] Releasing the Istanbul AAI Docker Imageswr148d9-20/+20
Included changes are global requirement, schema, and security updates Issue-ID: AAI-3375 Change-Id: I3e064fef882dc2593e85f1cef75320404338a626 Signed-off-by: wr148d <wr148d@att.com>
2021-09-14Merge "[AAI] Service Mesh compatibility"Sylvain Desbureaux38-94/+258
2021-09-13[AAI] Service Mesh compatibilityosk1146138-94/+258
This patch makes AAI to work on service mesh by removing https calls from everywhere. It allows also to use AAI on an environment without need of TLS. Issue-ID: OOM-2670 Signed-off-by: Ondrej Frindrich <ondrej1.frindrich@orange.com> Change-Id: I19adabc7b33c1ada243ec16f77dbf8fde19b1386
2021-09-06Merge "[AAI] Added Rolling Update Strategy to traversal"Sylvain Desbureaux2-0/+32
2021-09-06Merge "[AAI] Added Rolling Update Strategy to graphAdmin"Sylvain Desbureaux2-0/+32
2021-09-03[AAI] Added Rolling Update Strategy to graphAdminM.Hosnidokht2-0/+32
Addded preStop hook to let long-running tasks be finished before the SIGTERM is invoked Issue-ID: AAI-3368 Signed-off-by: Mohammad Hosnidokht <mohammad.hosnidokht@yoppworks.com> Change-Id: Ie5d0c5b454bd99022e5a2307e5813a92a8713ebd
2021-09-03[AAI] Added Rolling Update Strategy to traversalM.Hosnidokht2-0/+32
Addded preStop hook to let long-running tasks be finished before the SIGTERM is invoked Issue-ID: AAI-3368 Signed-off-by: Mohammad Hosnidokht <mohammad.hosnidokht@yoppworks.com> Change-Id: I7925c622f29b800c19cc7931a951f29083561cc1
2021-09-03[AAI] Added Rolling Update StrategyM.Hosnidokht2-0/+32
Addded preStop hook to let long-running tasks be finished before the SIGTERM is invoked Issue-ID: AAI-3368 Signed-off-by: Mohammad Hosnidokht <mohammad.hosnidokht@yoppworks.com> Change-Id: I02cc0068a3588d94b3da9414685e6cd798e9976f
2021-07-20[AAI] Update chart with service accountfarida azmy24-4/+80
Add service account to requirements.yaml, values.yaml and deployment/statefulset Issue-ID: OOM-2704 Signed-off-by: farida azmy <farida.azmy.ext@orange.com> Co-authored-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Id03799f7a7ed1a031c7d819999496b18bac80881
2021-06-22Merge "[COMMON] Add missing .helmignore files and "components/" entries"Sylvain Desbureaux1-0/+22
2021-06-21[COMMON] Add missing .helmignore files and "components/" entriesandreasgeissler1-0/+22
In order to save some space Issue-ID: OOM-2763 Signed-off-by: andreasgeissler <andreas-geissler@telekom.de> Change-Id: Ibbd8d5f713307ada76a0d04ede57d3c7696bcfe5
2021-06-16[AAI] Update truststore path to generated certificate locationHarish Venkata Kajur1-1/+1
After the change to use the generated certificate the path to where the truststoreONAPAll.jks is changed so updating location to match that Issue-ID: AAI-3350 Change-Id: Ic20cd2c87eb66ca098dcc232d8629fd7d25d8413 Signed-off-by: Harish Venkata Kajur <vk250x@att.com>
2021-05-06[AAI] Keycloak integration into aai-traversalSam Huang4-1/+32
In order to support multi-tenancy, keycloak(https://www.keycloak.org/) as Identity and Access Management has been integrated into aai-traversal and needs to be configured accordignly based on created instance Issue-ID: AAI-3300 Signed-off-by: Sam Huang <sam.huang@yoppworks.com> Change-Id: I393fb98ef6ac9cc6f4bf9d476cd682531d15011e
2021-04-22[AAI] Keycloak integration into aai-resources updatesroger yuan2-5/+15
fix Keycloak integration into aai-resources PR by replacing all hard coded values with reference values in values.yaml file. Issue-ID: AAI-3326 Signed-off-by: Roger Yuan <roger.yuan@yoppworks.com> Change-Id: Ie8bd900d6512ad171ed3a5977a2f7e9e1c1da5ab
2021-04-08[GLOBAL] Don't try to set keypassword when storetype is PKCS12Krzysztof Opasiak2-10/+0
It seems that for PKCS12 stores there is no keypassword so we are getting this error in our logs: keytool error: java.lang.UnsupportedOperationException: -keypasswd commands not supported if -storetype is PKCS12 Let's fix this by just not trying to set key password for PKCS12 stores. Issue-ID: OOM-1 Change-Id: I8f4cc5a0b54029b3c1baa83b61092942e34ffab2 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2021-04-08Merge "[AAI] Fix truststore password to avoid exceptions"Sylvain Desbureaux2-6/+36
2021-04-06[AAI] Fix truststore password to avoid exceptionsKrzysztof Opasiak2-6/+36
Deployment of aai-resources sometimes fails with exception: org.springframework.expression.ParseException: Expression [BH#{XS@*#xoUULIO)eQkxaBA] @2: No ending suffix '}' for expression starting at character 2: #{XS@*#xoUULIO)eQkxaBA which basically means that aai-resources (and probably aai-traversal) are unable to handle special characters that AAF is putting into cert passwords. To avoid random AAI failures let's use a know method proposed by Sylvain Desbureaux and just set passwords that contains only alphanumeric characters. Issue-ID: OOM-1 Change-Id: I248c2de6e59e4fc073b5a06f6409802634b254cf Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2021-04-04[AAI][SPARKY] Automatically retrieve certsSylvain Desbureaux18-105/+316
Instead of using hardcoded certificates, use certInitializer in order to retrieve them automatically. Issue-ID: OOM-2683 Change-Id: I1bd3fe575c1d3450905bdc5876b442fdb43660a9 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
2021-03-29[AAI] Simplify cert retrieval scriptSylvain Desbureaux5-37/+13
As retrieving values is now done via a generic script, let's clean a little bit cert retrieval in order to be faster. Issue-ID: OOM-2688 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I98dc2add27f39f615f34b319ea88edeeac987334
2021-03-24[DOC][COMMON] Prepare Honolulu releaseSylvain Desbureaux16-42/+42
Updating the documentation and bumping version to 8.0.0 Issue-ID: OOM-1 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I6f942f1466fed64264c44fb8fc0e1ffc93a98f18
2021-03-20[AAI] Update babel sparky and model loader for java 11Harish Venkata Kajur3-3/+3
Updating the oom repo to use the java 11 docker images for the above microservices listed Issue-ID: AAI-2996 Issue-ID: AAI-3011 Issue-ID: AAI-3004 Change-Id: I1f575922e9107195da51d648cd1b733c82498bad Signed-off-by: Harish Venkata Kajur <vk250x@att.com>
2021-03-18Merge "[AAI] Update certs to be valid until Jan 2022"Sylvain Desbureaux5-6/+2
2021-03-18[AAI] Update certs to be valid until Jan 2022Sylvain Desbureaux5-6/+2
Currently updating the sparky and generic certificates to be valid until jan 2022 Issue-ID: AAI-2841 Change-Id: I2591c8c7c629e5642c9e6c28070c2666542ad4f3 Signed-off-by: Kajur, Harish (vk250x) <vk250x@att.com> Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
2021-03-05[AAI][SPARKY] Disable Portal Spring Profilewr148d1-1/+1
In order for the aai ui to work properly in honolulu the portal profile is being turned off. Portal does not have the support needed and the future of the component in ONAP is uncertain. The AAI UI will still work in the portal with the profile turned off. It will just not use its authentication integration due to numerous issues dating back to Frankfurt. Issue-ID: AAI-2905 Signed-off-by: wr148d <wr148d@att.com> Change-Id: I7e120a16ced18b174c20bd9098883cd0e0e5d717
2021-03-04Revert "[AAI][SPARKY] Automatically retrieve certs"Krzysztof Opasiak18-316/+105
This reverts commit a9a41d84026f059aae70f9042c0b99af5b72e619. aai-sparky-be with this patch fails often in the gate. I expect this to be related to this patch as the stack trace contains below error message: java.io.IOException: keystore password was incorrect Issue-ID: OOM-2683 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I53650671eae700ef553b2f9158744ab72d881820
2021-03-03Merge "[AAI][SPARKY] Automatically retrieve certs"Krzysztof Opasiak18-105/+316
2021-03-02[AAI][SPARKY] Automatically retrieve certsSylvain Desbureaux18-105/+316
Instead of using hardcoded certificates, use certInitializer in order to retrieve them automatically. Issue-ID: OOM-2683 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I63ce5d1bb2e9c287729425f2fd7146e7b69c33f7