Age | Commit message (Collapse) | Author | Files | Lines |
|
Some Kubernetes deployments needs the full fqdn and not just the first
part in order to make etcd statefulset to work.
Issue-ID: OPTFRA-981
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Idf384d2c65b13f64885429181c4fa2eba5ac4282
|
|
Use version 9.0.0 for Istanbul
Also update the doc.
Issue-ID: OOM-1
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I03e11799bf487226784c98b04116f005c89d1e70
|
|
|
|
|
|
- Added init-container to change mounted volume permission
Issue-ID: CPS-667
Signed-off-by: Renu Kumari <renu.kumari@bell.ca>
Change-Id: I3161400cbcf2de88580ea768c97212a2983f5fff
|
|
Add option for CPS to use common postgres
Issue-ID: OOM-2839
Signed-off-by: Abdelmuhaimen Seaudi <abdelmuhaimen.seaudi@orange.com>
Change-Id: Ida133999f26cf50d59103aa30a90c97fba3e66a0
|
|
|
|
|
|
Add service account to requirements.yaml,
values.yaml and deployment/statefulset.
Issue-ID: OOM-2726
Signed-off-by: farida azmy <farida.azmy.ext@orange.com>
Co-authored-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I6bafed3c621f4e7b1a307bc9338334586eb6795e
Signed-off-by: Abdelmuhaimen Seaudi <abdelmuhaimen.seaudi@orange.com>
|
|
- Added resources limit similar to postgres in the timescaledb
- Using common.podSecurityContext
- removed init-container and it is handled by kubernetes
if fsGroup is provided
Issue-ID: CPS-667
Signed-off-by: Renu Kumari <renu.kumari@bell.ca>
Change-Id: I944cc93526d0d89f32840450121c1ff608fdd4c5
|
|
Bump image versions for SDNC for Istanbul release
Issue-ID: SDNC-1609
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: Iecfb133ce8563ccfabf1a38af9d8c26d99d398f4
|
|
|
|
|
|
ONAP truststore is outdated so let's use one from Java 17 + add ONAP
root CA.
Issue-ID: OOM-1
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: If8a7dbf4c876ce89cf04080a97a7f67803d66c5f
|
|
Timescale container is ran with postgres user and group which are
defined with uid 70 and gid 70.
Data volume owner is changed for postgres.
See also:
https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
Issue-ID: CPS-667
Signed-off-by: Bruno Sakoto <bruno.sakoto@bell.ca>
Change-Id: Ia87922ba68bb47a7a07aaf61f368143d970278b6
|
|
- create a .pre-commit-config.yaml configuration file with
* gitlint
* trailing blanks linter
* tabs removal linter
- exclude .git folder from it
- exclude Makefiles since tabs are mandatory by default in them
- create a tox pre-commit profile to run it from tox
note gitlint is not runnable at this pre-commit stage
- create pre-commit-install and pre-commit-uninstall tox profiles to
(un)install hooks locally and (un)perform tests at each "git commit"
call (i.e. without calling manually the pre-commit tox profile)
- precise pre-commit stages/types in the pre-commit configuration file
so that hooks are installed correctly. This avoids messages about
skipped tests when they are run at a wrong stage.
Issue-ID: OOM-2643
Signed-off-by: guillaume.lambert <guillaume.lambert@orange.com>
Change-Id: Ie95bb4f6f90be80b05a1398973caffeff7936881
|
|
|
|
Make sure that the envs sections gets tpl and cached properly.
Issue-ID: OOM-1
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I4064bdf3204a61a30b7296503c99e7931bae8cd2
|
|
|
|
- add checkbahims to tox.ini default profiles
- remove -f options to unforce bashisms detection in explicit bash
scripts and to differentiate treatments between bash and sh
- migrate #!/bin/bash shebangs to #!/bin/sh for scripts without bashisms
The following scripts have not been migrated since they still use
bashisms difficult to migrate (mostly arrays - more details below)
./kubernetes/common/mariadb-init/resources/config/db_init.sh
./kubernetes/portal/components/portal-mariadb/resources/config/ \
mariadb/docker-entrypoint.sh
./kubernetes/helm/plugins/deploy/deploy.sh
./kubernetes/helm/plugins/undeploy/undeploy.sh
./kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh
$ find . -not -path '*/\.*' -name *.sh -exec checkbashisms -f {} + 2>&1\
| grep line | cut -d' ' -f 7- | sort | uniq -c | sort -k1,1nr
18 (bash arrays, ${name[0|*|@]}):
2 (declare):
1 ($FUNCNAME):
1 (shopt):
1 (trap with ERR|DEBUG|RETURN):
https://mywiki.wooledge.org/Bashism#Arrays
https://mywiki.wooledge.org/Bashism#Special_Variables
https://mywiki.wooledge.org/Bashism#Builtins
https://www.oilshell.org/release/0.5.alpha2/test/spec.wwz/builtin-trap.html
Issue-ID: OOM-2643
Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com>
Change-Id: Id06ad1d45004321a293bdd26038d8da5f7b6b4ac
|
|
|
|
|
|
with the following command
$ find . -not -path '*/\.*' -name *.sh -exec sed -i 's/\t/ /g' {} +
then realign manually what deserves it and in particular,
unindent some EOF scripting tags so they do not trigger errors.
Issue-ID: OOM-2643
Signed-off-by: guillaume.lambert <guillaume.lambert@orange.com>
Change-Id: Ibfa463ec8083d5a39de18a54d9c1d8746710fe03
|
|
|
|
DB connection from Policy Framework components fail intermittently with
Connection refused error. Upon investigation, identified that
mariadb-metrics readiness is failing with timeout, and thereby affecting
the db connectivity intermittently.
So, changing readiness timeout from 1 second to 5 seconds so that
there is enough time to get back the /metrics response
and readiness can pass. Also making the properties configurable.
Similar issue could happen in other components too.
Change-Id: I8dfbfeb0fe791c1bce373dd9d7124d26457c4919
Issue-ID: POLICY-3637
Signed-off-by: a.sreekumar <ajith.sreekumar@bell.ca>
|
|
|
|
This patch makes AAI to work on service mesh by removing https calls
from everywhere.
It allows also to use AAI on an environment without need of TLS.
Issue-ID: OOM-2670
Signed-off-by: Ondrej Frindrich <ondrej1.frindrich@orange.com>
Change-Id: I19adabc7b33c1ada243ec16f77dbf8fde19b1386
|
|
cps-temporal component added for cps-temporal-db and cps-temporal(application)
Issue-ID: CPS-482
Signed-off-by: puthuparambil.aditya <aditya.puthuparambil@bell.ca>
Change-Id: I91998e0d2e9f953f8579ee40d1670199155d3396
|
|
Cmd :"grep -o '"logURL":"[^"]*' "$file" | cut -d '"' -f4"
filters more then one logURL like below from feedConfig response log,
If both subs/pubs are present, which corrupts application config.
https://dmaap-dr-prov/feedlog/1
https://dmaap-dr-prov/sublog/1
Requirement is to filter only feedlog URL, with changes script
should correctly filter URL: https://dmaap-dr-prov/feedlog/1.
Issue-ID: DCAEGEN2-2910
Signed-off-by: ajay_dp001 <ajay.deep.singh@est.tech>
Change-Id: I2a67aad5c533f1b623737f56feeefb3a05f6373a
|
|
|
|
|
|
Instead of terminating TLS on SO POD, let's terminate it on its Ingress.
This patch uses certInitializer to create the right certificates and put them in
a secret.
This secret is then referenced on SO Ingress.
Issue-ID: SO-3078
Issue-ID: SO-3237
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Icdc8cf6fc84cb3b3c337b4f4e5320980eee06337
|
|
Bashisms of type (should be 'b = a') were all fixed previously
but a new one was reintroduced during the fixes of other types.
Also commit f79b6676cfdc380e004f184a21bb969b2824c06e moved
import-custom-cert shebang from bash to sh but substring syntaxes
similar to ${f: -4} and only supported by bash were not migrated.
Let's fix that alltogether
before enforcing the checkbashisms tox profile.
Issue-ID: OOM-2643
Issue-ID: POLICY-3232
Signed-off-by: guillaume.lambert <guillaume.lambert@orange.com>
Change-Id: Ie9b5ac1c2edd9ddf3574f09c77ca8734f2311d1d
|
|
1. Make changes in order to allow performing KUR/CR in EJBCA:
- Add Certificate Update Admin role
- Enable EndEntityAuthentication module
- Create and set CA with constant UID
- Add configuration for provider.
2. Update CertService, which provides with new certificate update
endpoint.
3. Update release-notes.
Issue-ID: OOM-2753
Issue-ID: OOM-2754
Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Change-Id: I9cb0cb4d6d6939ad229a4ea254f2bc35d45a3d52
Signed-off-by: Joanna Jeremicz <joanna.jeremicz@nokia.com>
|
|
Add prometheus service monitor template to common charts so that components
can reuse it to enable scraping of their metrics by prometheus.
Issue-ID: OOM-2710
Signed-off-by: Marat Salakhutdinov <marat.salakhutdinov@bell.ca>
Change-Id: Ifa8da676dec05192c518ba97208df60e5ec46f55
|
|
Add update for /etc/ssl/cacerts/ca-certificates.crt
Issue-ID: CCSDK-3356
Change-Id: I797aea054bb80db805f4791a288e89b102e1d662
Signed-off-by: Abdelmuhaimen Seaudi <abdelmuhaimen.seaudi@orange.com>
|
|
|
|
|
|
pointed out by checkbashisms
Issue-ID: OOM-2643
Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com>
Change-Id: I34d828ac4ab27b5ce6547a20aecc610cdcecf00e
|
|
Helm deployment support for DCAE transformation
common/svc template support for UDP protocol.
Added readiness configuration.
Change-Id: Idc40c60d95ddd5eb0ef43ba0b11b7b163970a5b1
Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com>
Issue-ID: DCAEGEN2-2708
Issue-ID: OOM-2751
Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com>
|
|
fix matchExpressions under nodeSelectorTerms to indicating
array construct.
there is no helm tpl defined with common.tplvalues, fixing
it to use common.tplValue
Issue-ID: OOM-2800
Signed-off-by: Prabhjot Singh Sethi <prabhjot@aarnanetworks.com>
Change-Id: I572ee30af745aa7f10c8438ea9516534e71d5acd
|
|
|
|
- DCAE Helm Transformation (Phase-2)
- Charts for the microservices are found under
- oom/kubernetes/dcaegen2-services/dcae-datafile-collector
Issue-ID: DCAEGEN2-2715
Signed-off-by: ajay_dp001 <ajay.deep.singh@est.tech>
Change-Id: I6efa2d4cd9e838a7befaf16576f8e94ad0a3ef0f
|
|
|
|
|
|
Added the missing definition for imagePullSecrets in the
statefulsets.yaml
deployment.yaml
to support the registryGenerator
Issue-ID: OOM-2789
Signed-off-by: andreas-geissler <andreas-geissler@telekom.de>
Change-Id: I013ba52c9c49f95cd3d53fcaa9eb084adcbfe662
|
|
Add service account to requirements.yaml, values.yaml and
deployment/statefulset
Issue-ID: OOM-2703
Signed-off-by: farida azmy <farida.azmy.ext@orange.com>
Co-authored-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I226584b16b2cd1c22a4e71eb48ad95d974640006
|
|
|
|
|
|
With istio >= 1.10, cassandra doesn't need anymore to listen on
127.0.0.1.
Issue-ID: OOM-2252
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ib3817f5404a21a96a6fadc76b5cd501b01e9ab25
|