Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
Bashisms of type (should be 'b = a') were all fixed previously
but a new one was reintroduced during the fixes of other types.
Also commit f79b6676cfdc380e004f184a21bb969b2824c06e moved
import-custom-cert shebang from bash to sh but substring syntaxes
similar to ${f: -4} and only supported by bash were not migrated.
Let's fix that alltogether
before enforcing the checkbashisms tox profile.
Issue-ID: OOM-2643
Issue-ID: POLICY-3232
Signed-off-by: guillaume.lambert <guillaume.lambert@orange.com>
Change-Id: Ie9b5ac1c2edd9ddf3574f09c77ca8734f2311d1d
|
|
1. Make changes in order to allow performing KUR/CR in EJBCA:
- Add Certificate Update Admin role
- Enable EndEntityAuthentication module
- Create and set CA with constant UID
- Add configuration for provider.
2. Update CertService, which provides with new certificate update
endpoint.
3. Update release-notes.
Issue-ID: OOM-2753
Issue-ID: OOM-2754
Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Change-Id: I9cb0cb4d6d6939ad229a4ea254f2bc35d45a3d52
Signed-off-by: Joanna Jeremicz <joanna.jeremicz@nokia.com>
|
|
Add prometheus service monitor template to common charts so that components
can reuse it to enable scraping of their metrics by prometheus.
Issue-ID: OOM-2710
Signed-off-by: Marat Salakhutdinov <marat.salakhutdinov@bell.ca>
Change-Id: Ifa8da676dec05192c518ba97208df60e5ec46f55
|
|
Add update for /etc/ssl/cacerts/ca-certificates.crt
Issue-ID: CCSDK-3356
Change-Id: I797aea054bb80db805f4791a288e89b102e1d662
Signed-off-by: Abdelmuhaimen Seaudi <abdelmuhaimen.seaudi@orange.com>
|
|
|
|
|
|
pointed out by checkbashisms
Issue-ID: OOM-2643
Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com>
Change-Id: I34d828ac4ab27b5ce6547a20aecc610cdcecf00e
|
|
Helm deployment support for DCAE transformation
common/svc template support for UDP protocol.
Added readiness configuration.
Change-Id: Idc40c60d95ddd5eb0ef43ba0b11b7b163970a5b1
Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com>
Issue-ID: DCAEGEN2-2708
Issue-ID: OOM-2751
Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com>
|
|
fix matchExpressions under nodeSelectorTerms to indicating
array construct.
there is no helm tpl defined with common.tplvalues, fixing
it to use common.tplValue
Issue-ID: OOM-2800
Signed-off-by: Prabhjot Singh Sethi <prabhjot@aarnanetworks.com>
Change-Id: I572ee30af745aa7f10c8438ea9516534e71d5acd
|
|
|
|
- DCAE Helm Transformation (Phase-2)
- Charts for the microservices are found under
- oom/kubernetes/dcaegen2-services/dcae-datafile-collector
Issue-ID: DCAEGEN2-2715
Signed-off-by: ajay_dp001 <ajay.deep.singh@est.tech>
Change-Id: I6efa2d4cd9e838a7befaf16576f8e94ad0a3ef0f
|
|
|
|
|
|
Added the missing definition for imagePullSecrets in the
statefulsets.yaml
deployment.yaml
to support the registryGenerator
Issue-ID: OOM-2789
Signed-off-by: andreas-geissler <andreas-geissler@telekom.de>
Change-Id: I013ba52c9c49f95cd3d53fcaa9eb084adcbfe662
|
|
Add service account to requirements.yaml, values.yaml and
deployment/statefulset
Issue-ID: OOM-2703
Signed-off-by: farida azmy <farida.azmy.ext@orange.com>
Co-authored-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I226584b16b2cd1c22a4e71eb48ad95d974640006
|
|
|
|
|
|
With istio >= 1.10, cassandra doesn't need anymore to listen on
127.0.0.1.
Issue-ID: OOM-2252
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ib3817f5404a21a96a6fadc76b5cd501b01e9ab25
|
|
|
|
Two changes are intended with this commit:
- (for proper name mapping) Update VolumeMounts names to be:
(mariadb-init for mountPath /db-init/)
(mariadb-conf for mountPath /db-conf/)
originally it was reversed.
- Make use of (common.mariadbService) and (common.mariadbPort) defined
in (common/templates/_mariadb.tpl) into job.yaml. This will reflect the
proper values for mariadb service name and port in case of local
installation.
Issue-ID: OOM-2737
Signed-off-by: Mahmoud Abdelhamid <mahmoud.abdelhamid@orange.com>
Change-Id: I303f8d5f56632289d8dfd2f2ba8c35819a4f871c
|
|
pointed out by checkbashisms.
Issue-ID: OOM-2643
Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com>
Change-Id: I1915d4fcbf38b32180d5a7caa36531ad2fc798a9
|
|
|
|
* changes:
[OOF] Use the common mariadb-galera instance
[COMMON] Add port under mariadb-galera chart
|
|
Introduction of chartmuseum as internal repo for
ONAP components to push/pull charts post instantiation
+ Script to preload charts to this repo
Change-Id: I4880900548dfe1d3e47a67b3822f82a15314b5b7
Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com>
Issue-ID: DCAEGEN2-2630
Issue-ID: OOM-2734
Issue-ID: INT-1895
Issue-ID: DCAEGEN2-2694
Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com>
Signed-off-by: vv770d <vv770d@att.com>
|
|
|
|
pointed out by checkbashisms.
Issue-ID: OOM-2643
Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com>
Change-Id: Ic9c4edc0fc6bd94a95bcb85d84379e868fb09930
|
|
Update mariadb-galera chart to add internalport value under (.Values.
service) to resolve the port settings needed for the template (common.
mariadbPort) under (common/_mariadb.tpl).
This parameter will use the default value of mariadb 3306 which can be
changed in component charts.
Issue-ID: OOM-2773
Signed-off-by: Mahmoud Abdelhamid <mahmoud.abdelhamid@orange.com>
Change-Id: I0d59ba42f07426b14ec7bc7f157392b5f10b9006
|
|
When image repository does not allow anonymous pull, image pull
failed due to empty credentials in docker-registry-key secret.
This change fixes _repository.tpl repository generator to refer to
.global.repositoryCred in override.yaml .
Issue-ID: OOM-2767
Signed-off-by: Satoshi Fujii <fujii-satoshi@jp.fujitsu.com>
Change-Id: I3cd7eabcdda547e99e0461767a0451dc1e51132b
|
|
|
|
Add service account to requirements.yaml, values.yaml and deployment/statefulset
Issue-ID: OOM-2720
Signed-off-by: farida azmy <farida.azmy.ext@orange.com>
Change-Id: Iefe02cad5b2069879d043d17465f248f1f731519
|
|
- Remove cmpv2Certificate chart in order to deprecate CertService
client mechanism.
- Remove CertServiceClient init containers in SDNC.
- Replace CMPv2CertManagerIntegration with cmpv2Enabled flag
Issue-ID: OOM-2744
Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Change-Id: I8c818fcf64a029552c8833f68b6ae95fad379c8d
|
|
- etcd-init chart will provision the users
and roles in a running etcd instance
- Change etcd container name for readiness
init container to work
Issue-ID: OOM-2746
Signed-off-by: krishnaa96 <krishna.moorthy6@wipro.com>
Change-Id: I0cb6d3830b0048c4d70f381815bd3f858ec31ae7
|
|
|
|
pointed out by checkbashisms.
Note this kind of indirections can only be replaced directly in POSIX
by commands using eval.
Security risks must be evaluated for each context where eval is called.
For a safe use, the context must ensure that only a limited number of
possible constrainted values are passed to eval.
https://mywiki.wooledge.org/Bashism#Parameter_Expansions
https://mywiki.wooledge.org/BashFAQ/006#Indirection
Issue-ID: OOM-264
Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com>
Change-Id: Id27f3ffd1ddb092a9c038d3a45d9e3278720eb62
|
|
|
|
As part of removing GPLv3 license, policy components have moved from
bash to sh. This change is required in import-custom-certs script so
that custom certificates can be imported into components that try to
import them. Without this change, the init containers of the
components will just fail.
Change-Id: I6c5028428d4cd7c8baf3e96cb16a3cd91db57f9e
Issue-ID: POLICY-3232
Signed-off-by: a.sreekumar <ajith.sreekumar@bell.ca>
|
|
Generic change for all common services by adding ipFamilyPolicy field.
Dual Stack service exposure will be provided depending on k8s version (v1.20+).
Signed-off-by: Magdalena Biernacka <magdalena.1.biernacka@nokia.com>
Issue-ID: OOM-2749
Change-Id: Ia7236705010e625c19a22e42ec9a02c9f75a0ec5
|
|
pointed out by checkbashisms
$ mycmd=$(tox -e checkbashisms
| grep '(\[\[ foo \]\] should be \[ foo \])'
| sed -e "s@^[^.]*\(.[^ ]*\) line \([0-9]*\) .*@sed -i '\2s/\\\[\\\[\\\(
[^]]*\\\)\\\]\\\]/[\\\1]/g' \1;@")
$ eval $mycmd
plus fix manually quoting hells induced and bash specific regex
and multi-conditions
Issue-ID: OOM-2643
Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com>
Change-Id: Ie7ca5b71938fae22c200b7fead418618160fbe19
|
|
As retrieving values is now done via a generic script, let's clean a
little bit cert retrieval in order to remove unneeded part.
Issue-ID: OOM-2688
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I919772a458028b86a8d2db1a90261805a93104ac
|
|
Instead of long initial delay on readiness and liveness probes, use
startup probes and be more aggressive on readiness and liveness.
Also, decrease number of replicas from 3 to 1
Issue-ID: OOM-2742
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ideb0ede251332e182b975ff18ca5a75bcbff2351
|
|
|
|
|
|
Instead of creating all roles every time with service account chart,
let's just create the specific ones for a chart and point to default one
for the three default roles.
In order to lighten serviceAccount chart, whole logic for default role
creation is in `roles-wrapper`.
Issue-ID: OOM-2729
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ib4d6a2669ca7d747320a4bccb65aac863eb60956
|
|
|
|
|
|
- Add mounting certificates in pem format.
- Add comment description to certificates in dcae values
Issue-ID: DCAEGEN2-2688
Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Change-Id: I546292c33e25e36376b98d42e08a3c4ffa95de64
|
|
|
|
|