summaryrefslogtreecommitdiffstats
path: root/kubernetes/aai
AgeCommit message (Collapse)AuthorFilesLines
2022-02-16[AAI] Docker image updates for package upgrades for security reasonswr148d5-5/+5
Babel, schema-service, resources, traversal, and graphadmin docker images updated to get log4j version updates and other package updates based on security violations Issue-ID: AAI-3431 Signed-off-by: wr148d <wr148d@att.com> Change-Id: Iacd476bb2f70af1524878a887bfac669cc45f3fb
2021-11-09[AAI] Update the aai keystore with the newly generated certHarish Venkata Kajur1-0/+0
aai keystore is expiring in 70 days so updating the keystore manually with the new certificate that will expire in November 2022 Issue-ID: AAI-3406 Change-Id: Idb63a4b52cdd7171af4fad83d2d4c700d6e76691 Signed-off-by: Harish Venkata Kajur <vk250x@att.com>
2021-10-21Merge "[COMMON] Fix trailing blanks found by pre-commit"Sylvain Desbureaux1-1/+1
2021-10-20[COMMON] Fix trailing blanks found by pre-commitguillaume.lambert1-1/+1
pre-commit is now enforced by the CI chain. Meanwhile, trailing blanks were introduced in the code base and must be fixed so that gate pass. Issue-ID: OOM-2643 Signed-off-by: guillaume.lambert <guillaume.lambert@orange.com> Change-Id: I54daa27a1fdf019a6777e9b90274d0ef4f1ba08e
2021-10-15[COMMON] Bump ONAP versionSylvain Desbureaux16-51/+60
Use version 9.0.0 for Istanbul Also update the doc. Issue-ID: OOM-1 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I03e11799bf487226784c98b04116f005c89d1e70
2021-10-04Merge "[COMMON] Add and run pre-commit linters via tox"Sylvain Desbureaux7-274/+262
2021-09-26[COMMON] Add and run pre-commit linters via toxguillaume.lambert7-274/+262
- create a .pre-commit-config.yaml configuration file with * gitlint * trailing blanks linter * tabs removal linter - exclude .git folder from it - exclude Makefiles since tabs are mandatory by default in them - create a tox pre-commit profile to run it from tox note gitlint is not runnable at this pre-commit stage - create pre-commit-install and pre-commit-uninstall tox profiles to (un)install hooks locally and (un)perform tests at each "git commit" call (i.e. without calling manually the pre-commit tox profile) - precise pre-commit stages/types in the pre-commit configuration file so that hooks are installed correctly. This avoids messages about skipped tests when they are run at a wrong stage. Issue-ID: OOM-2643 Signed-off-by: guillaume.lambert <guillaume.lambert@orange.com> Change-Id: Ie95bb4f6f90be80b05a1398973caffeff7936881
2021-09-22[AAI] Updating AAI for CNF Updateswr148d1-1/+1
The 1.9.2 schema-service docker with cnf updates is being used Issue-ID: AAI-3385 Signed-off-by: wr148d <wr148d@att.com> Change-Id: Id5b585883433549aae3ce43f394862e158c5632b
2021-09-20[AAI] Releasing the Istanbul AAI Docker Imageswr148d9-20/+20
Included changes are global requirement, schema, and security updates Issue-ID: AAI-3375 Change-Id: I3e064fef882dc2593e85f1cef75320404338a626 Signed-off-by: wr148d <wr148d@att.com>
2021-09-14Merge "[AAI] Service Mesh compatibility"Sylvain Desbureaux38-94/+258
2021-09-13[AAI] Service Mesh compatibilityosk1146138-94/+258
This patch makes AAI to work on service mesh by removing https calls from everywhere. It allows also to use AAI on an environment without need of TLS. Issue-ID: OOM-2670 Signed-off-by: Ondrej Frindrich <ondrej1.frindrich@orange.com> Change-Id: I19adabc7b33c1ada243ec16f77dbf8fde19b1386
2021-09-06Merge "[AAI] Added Rolling Update Strategy to traversal"Sylvain Desbureaux2-0/+32
2021-09-06Merge "[AAI] Added Rolling Update Strategy to graphAdmin"Sylvain Desbureaux2-0/+32
2021-09-03[AAI] Added Rolling Update Strategy to graphAdminM.Hosnidokht2-0/+32
Addded preStop hook to let long-running tasks be finished before the SIGTERM is invoked Issue-ID: AAI-3368 Signed-off-by: Mohammad Hosnidokht <mohammad.hosnidokht@yoppworks.com> Change-Id: Ie5d0c5b454bd99022e5a2307e5813a92a8713ebd
2021-09-03[AAI] Added Rolling Update Strategy to traversalM.Hosnidokht2-0/+32
Addded preStop hook to let long-running tasks be finished before the SIGTERM is invoked Issue-ID: AAI-3368 Signed-off-by: Mohammad Hosnidokht <mohammad.hosnidokht@yoppworks.com> Change-Id: I7925c622f29b800c19cc7931a951f29083561cc1
2021-09-03[AAI] Added Rolling Update StrategyM.Hosnidokht2-0/+32
Addded preStop hook to let long-running tasks be finished before the SIGTERM is invoked Issue-ID: AAI-3368 Signed-off-by: Mohammad Hosnidokht <mohammad.hosnidokht@yoppworks.com> Change-Id: I02cc0068a3588d94b3da9414685e6cd798e9976f
2021-07-20[AAI] Update chart with service accountfarida azmy24-4/+80
Add service account to requirements.yaml, values.yaml and deployment/statefulset Issue-ID: OOM-2704 Signed-off-by: farida azmy <farida.azmy.ext@orange.com> Co-authored-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Id03799f7a7ed1a031c7d819999496b18bac80881
2021-06-22Merge "[COMMON] Add missing .helmignore files and "components/" entries"Sylvain Desbureaux1-0/+22
2021-06-21[COMMON] Add missing .helmignore files and "components/" entriesandreasgeissler1-0/+22
In order to save some space Issue-ID: OOM-2763 Signed-off-by: andreasgeissler <andreas-geissler@telekom.de> Change-Id: Ibbd8d5f713307ada76a0d04ede57d3c7696bcfe5
2021-06-16[AAI] Update truststore path to generated certificate locationHarish Venkata Kajur1-1/+1
After the change to use the generated certificate the path to where the truststoreONAPAll.jks is changed so updating location to match that Issue-ID: AAI-3350 Change-Id: Ic20cd2c87eb66ca098dcc232d8629fd7d25d8413 Signed-off-by: Harish Venkata Kajur <vk250x@att.com>
2021-05-06[AAI] Keycloak integration into aai-traversalSam Huang4-1/+32
In order to support multi-tenancy, keycloak(https://www.keycloak.org/) as Identity and Access Management has been integrated into aai-traversal and needs to be configured accordignly based on created instance Issue-ID: AAI-3300 Signed-off-by: Sam Huang <sam.huang@yoppworks.com> Change-Id: I393fb98ef6ac9cc6f4bf9d476cd682531d15011e
2021-04-22[AAI] Keycloak integration into aai-resources updatesroger yuan2-5/+15
fix Keycloak integration into aai-resources PR by replacing all hard coded values with reference values in values.yaml file. Issue-ID: AAI-3326 Signed-off-by: Roger Yuan <roger.yuan@yoppworks.com> Change-Id: Ie8bd900d6512ad171ed3a5977a2f7e9e1c1da5ab
2021-04-08[GLOBAL] Don't try to set keypassword when storetype is PKCS12Krzysztof Opasiak2-10/+0
It seems that for PKCS12 stores there is no keypassword so we are getting this error in our logs: keytool error: java.lang.UnsupportedOperationException: -keypasswd commands not supported if -storetype is PKCS12 Let's fix this by just not trying to set key password for PKCS12 stores. Issue-ID: OOM-1 Change-Id: I8f4cc5a0b54029b3c1baa83b61092942e34ffab2 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2021-04-08Merge "[AAI] Fix truststore password to avoid exceptions"Sylvain Desbureaux2-6/+36
2021-04-06[AAI] Fix truststore password to avoid exceptionsKrzysztof Opasiak2-6/+36
Deployment of aai-resources sometimes fails with exception: org.springframework.expression.ParseException: Expression [BH#{XS@*#xoUULIO)eQkxaBA] @2: No ending suffix '}' for expression starting at character 2: #{XS@*#xoUULIO)eQkxaBA which basically means that aai-resources (and probably aai-traversal) are unable to handle special characters that AAF is putting into cert passwords. To avoid random AAI failures let's use a know method proposed by Sylvain Desbureaux and just set passwords that contains only alphanumeric characters. Issue-ID: OOM-1 Change-Id: I248c2de6e59e4fc073b5a06f6409802634b254cf Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2021-04-04[AAI][SPARKY] Automatically retrieve certsSylvain Desbureaux18-105/+316
Instead of using hardcoded certificates, use certInitializer in order to retrieve them automatically. Issue-ID: OOM-2683 Change-Id: I1bd3fe575c1d3450905bdc5876b442fdb43660a9 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
2021-03-29[AAI] Simplify cert retrieval scriptSylvain Desbureaux5-37/+13
As retrieving values is now done via a generic script, let's clean a little bit cert retrieval in order to be faster. Issue-ID: OOM-2688 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I98dc2add27f39f615f34b319ea88edeeac987334
2021-03-24[DOC][COMMON] Prepare Honolulu releaseSylvain Desbureaux16-42/+42
Updating the documentation and bumping version to 8.0.0 Issue-ID: OOM-1 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I6f942f1466fed64264c44fb8fc0e1ffc93a98f18
2021-03-20[AAI] Update babel sparky and model loader for java 11Harish Venkata Kajur3-3/+3
Updating the oom repo to use the java 11 docker images for the above microservices listed Issue-ID: AAI-2996 Issue-ID: AAI-3011 Issue-ID: AAI-3004 Change-Id: I1f575922e9107195da51d648cd1b733c82498bad Signed-off-by: Harish Venkata Kajur <vk250x@att.com>
2021-03-18Merge "[AAI] Update certs to be valid until Jan 2022"Sylvain Desbureaux5-6/+2
2021-03-18[AAI] Update certs to be valid until Jan 2022Sylvain Desbureaux5-6/+2
Currently updating the sparky and generic certificates to be valid until jan 2022 Issue-ID: AAI-2841 Change-Id: I2591c8c7c629e5642c9e6c28070c2666542ad4f3 Signed-off-by: Kajur, Harish (vk250x) <vk250x@att.com> Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
2021-03-05[AAI][SPARKY] Disable Portal Spring Profilewr148d1-1/+1
In order for the aai ui to work properly in honolulu the portal profile is being turned off. Portal does not have the support needed and the future of the component in ONAP is uncertain. The AAI UI will still work in the portal with the profile turned off. It will just not use its authentication integration due to numerous issues dating back to Frankfurt. Issue-ID: AAI-2905 Signed-off-by: wr148d <wr148d@att.com> Change-Id: I7e120a16ced18b174c20bd9098883cd0e0e5d717
2021-03-04Revert "[AAI][SPARKY] Automatically retrieve certs"Krzysztof Opasiak18-316/+105
This reverts commit a9a41d84026f059aae70f9042c0b99af5b72e619. aai-sparky-be with this patch fails often in the gate. I expect this to be related to this patch as the stack trace contains below error message: java.io.IOException: keystore password was incorrect Issue-ID: OOM-2683 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I53650671eae700ef553b2f9158744ab72d881820
2021-03-03Merge "[AAI][SPARKY] Automatically retrieve certs"Krzysztof Opasiak18-105/+316
2021-03-02[AAI][SPARKY] Automatically retrieve certsSylvain Desbureaux18-105/+316
Instead of using hardcoded certificates, use certInitializer in order to retrieve them automatically. Issue-ID: OOM-2683 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I63ce5d1bb2e9c287729425f2fd7146e7b69c33f7
2021-02-25[AAI] Use honolulu m3 released artifactsHarish Venkata Kajur4-4/+4
Update schema service, resources, traversal and graphadmin to use the latest released artifacts for the honolulu release Issue-ID: AAI-3269 Change-Id: Iba9deb226586e751cdd1631b9cb9c4f4500a0ff9 Signed-off-by: Harish Venkata Kajur <vk250x@att.com>
2021-02-24[AAI][SPARKY] Remove Retired Componentswr148d46-2639/+0
Remove Elastic Search Remove Data Router Remove Search Data Remove Sparky dependencies on the above Issue-ID: AAI-3181 Signed-off-by: wr148d <wr148d@att.com> Change-Id: I9efb1c89d1f2196bc0cc82e394cd9a12098b14c7
2021-02-23[AAI][SPARKY] Updating the sparky configwr148d1-1/+1
Sparky config updated to 2.0.2 Issue-ID: AAI-3250 Signed-off-by: wr148d <wr148d@att.com> Change-Id: I677358720234e576234582267b65b3a377c8cd6f
2021-02-22[AAI][TRAVERSAL] Remove Hardcoded certificatesSylvain Desbureaux14-460/+411
Use Certinitializer in order to retrieve needed certificates. Issue-ID: OOM-2680 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I1ec295d863f8f6c0d11e64173b474e82f63e6b17
2021-02-22[AAI][RESOURCES] Remove Hardcoded certificatesSylvain Desbureaux13-426/+393
Use Certinitializer in order to retrieve needed certificates. Issue-ID: OOM-2655 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ie05936be0f513c76ea4dce31b8a460056b79a4b0
2021-02-20[AAI] Move schema service to use v23Harish Venkata Kajur2-5/+5
Update schema service to add v23 api Also use java 11 for schema service Issue-ID: AAI-3009 Change-Id: I44834fcbd900705dc3fb7707f8e3d5ddd8182284 Signed-off-by: Harish Venkata Kajur <vk250x@att.com>
2021-02-18Merge "[AAI][SPARKY] Updating the sparky config"Krzysztof Opasiak2-2/+2
2021-02-17[AAI][SPARKY] Updating the sparky configwr148d2-2/+2
Sparky config updated to no longer run a sync to elastic Sparky config updated to 2.0.0 Issue-ID: AAI-3250 Change-Id: Iccae63830032ca7454b8127a605236f208699a7b Signed-off-by: wr148d <wr148d@att.com>
2021-02-16[AAI] Add multi.tenancy.enabled flag to keycloak properties fileEric Santos1-1/+1
Issue-ID: AAI-3274 Signed-off-by: Santos, Eric <eric.santos@yoppworks.com> Change-Id: I783ad95fb44def2e0fb08c606e4b1728d1152d25
2021-02-11Merge "[AAI] Remove unused AAF proxies"Krzysztof Opasiak58-1370/+72
2021-02-04Merge "[AAI] Templatize MSB services"Krzysztof Opasiak4-1675/+79
2021-02-04Merge "[AAI] Use CertInitializer for AAI Proxy"Krzysztof Opasiak7-128/+46
2021-02-02[AAI] Use CertInitializer for AAI ProxySylvain Desbureaux7-128/+46
Instead of using an harcoded certificate for AAI Haproxy, let's use certInitializer in order to have a fresh one. Issue-ID: OOM-2654 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Id07af4084ae714bc7ba7132b218434229a0ba866
2021-02-01[AAI] AAI-EVENT publishing fix for httpsHarish Venkata Kajur1-0/+2
Updating the resources microservice to trust the onap certificates to fix the issue where the A&AI is unable to publish to AAI-EVENT topic because A&AI is not trusting the message router certificate Issue-ID: AAI-3219 Change-Id: I33d52a1f4593154ce123e7c67aee6dcdeedaf889 Signed-off-by: Harish Venkata Kajur <vk250x@att.com>
2021-01-22[AAI] Remove unused AAF proxiesSylvain Desbureaux58-1371/+72
Some AAI components have the ability of using AAF proxies for authentication. As AAF is deprecated and these proxies seems not to be used by anybody, let's remove them. Issue-ID: OOM-2663 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ie78740eb452f1b28f031a97fe272f86acce1f8be