Age | Commit message (Collapse) | Author | Files | Lines |
|
It resulted in an error at runtime:
/root/import-custom-certs.sh: line 30: syntax error: unexpected "then"
Issue existed since change Ie9b5ac1c2edd9ddf3574f09c77ca8734f2311d1d
Change-Id: I8b9f771eaccc9f1cdbd45159f2199b33c9b5d826
Issue-ID: OOM-2919
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
|
|
Setting the "prometheus: kube-prometheus" label selector for mariadb-galera
ServiceMonitor object is invalid since mariadb-galera-metrics service has
common labels assigned.
Without this change Prometheus (in kube-prometheus-stack) does not select
the mariadb-galera-metrics service for scraping and relevant target is
not created.
Change-Id: I64dfe83ff7fb448125f8726cf3ca33048ced04a8
Issue-ID: OOM-2925
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
|
|
Top up cert service container to 2.4.1
Issue-ID: OOM-2903
Signed-off-by: Tomasz Wrobel <tomasz.wrobel@nokia.com>
Change-Id: Ic4280e33e0a9dd3684d33d2676a7ce6409041973
|
|
Added initContainer to fix the permissions of the to be
mounted volume and changed intent
Issue-ID: OOM-2864
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I188d7f6002405e810dd54d1043824979b4d83d42
(cherry picked from commit 7baf2dbf669abb383b895d4fa5bb624b19d9ea63)
|
|
Make the namespace parameter configurable for
CertInitializer and ReadinessCheck Chart
Issue-ID: OOM-2888
Signed-off-by: xuegao <xue.gao@intl.att.com>
Change-Id: I5bb4e86be935921af1d852d6d7666fb5c8eaf725
|
|
Some Kubernetes deployments needs the full fqdn and not just the first
part in order to make etcd statefulset to work.
Issue-ID: OPTFRA-981
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Idf384d2c65b13f64885429181c4fa2eba5ac4282
(cherry picked from commit c991f0bf4291c7b79207d98e51ca4c4cd2a3fe72)
|
|
into istanbul
|
|
Bump version of SDNC and CCSDK images for Istanbul.
Note: this was submitted as 2 separate reviews to master - one
at RC milestone, and a second at signoff which just had a version
bump for SDNC. These changes are combined in this single review.
Issue-ID: SDNC-1630
Issue-ID: SDNC-1615
Issue-ID: CCSDK-3483
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: Id3a3627765e5623aa6cd8bffbfad1679ae6afef6
(cherry picked from commit e126a43804b5d91e0ea930190149eff54bad61b9)
|
|
The naming service query to policy manager is failing host name
verification. While this issue is under investigation, it can be
worked around by configuring the naming service to disable host
name verification. This requires a new version of the network-name-gen
microservice (1.2.1), and a change to set a new env variable to
disable host name verification (enabled by default if this variable
is unset).
Issue-ID: CCSDK-3501
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: Ia471cd27ce16b6e79a3ce6708e08c7d5f239feb3
(cherry picked from commit 7ec6cb6b34221a9a2293fbc3c09a89940c8f18bd)
|
|
Use version 9.0.0 for Istanbul
Also update the doc.
Issue-ID: OOM-1
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I03e11799bf487226784c98b04116f005c89d1e70
|
|
|
|
|
|
- Added init-container to change mounted volume permission
Issue-ID: CPS-667
Signed-off-by: Renu Kumari <renu.kumari@bell.ca>
Change-Id: I3161400cbcf2de88580ea768c97212a2983f5fff
|
|
Add option for CPS to use common postgres
Issue-ID: OOM-2839
Signed-off-by: Abdelmuhaimen Seaudi <abdelmuhaimen.seaudi@orange.com>
Change-Id: Ida133999f26cf50d59103aa30a90c97fba3e66a0
|
|
|
|
|
|
Add service account to requirements.yaml,
values.yaml and deployment/statefulset.
Issue-ID: OOM-2726
Signed-off-by: farida azmy <farida.azmy.ext@orange.com>
Co-authored-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I6bafed3c621f4e7b1a307bc9338334586eb6795e
Signed-off-by: Abdelmuhaimen Seaudi <abdelmuhaimen.seaudi@orange.com>
|
|
- Added resources limit similar to postgres in the timescaledb
- Using common.podSecurityContext
- removed init-container and it is handled by kubernetes
if fsGroup is provided
Issue-ID: CPS-667
Signed-off-by: Renu Kumari <renu.kumari@bell.ca>
Change-Id: I944cc93526d0d89f32840450121c1ff608fdd4c5
|
|
Bump image versions for SDNC for Istanbul release
Issue-ID: SDNC-1609
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: Iecfb133ce8563ccfabf1a38af9d8c26d99d398f4
|
|
|
|
|
|
ONAP truststore is outdated so let's use one from Java 17 + add ONAP
root CA.
Issue-ID: OOM-1
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: If8a7dbf4c876ce89cf04080a97a7f67803d66c5f
|
|
Timescale container is ran with postgres user and group which are
defined with uid 70 and gid 70.
Data volume owner is changed for postgres.
See also:
https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
Issue-ID: CPS-667
Signed-off-by: Bruno Sakoto <bruno.sakoto@bell.ca>
Change-Id: Ia87922ba68bb47a7a07aaf61f368143d970278b6
|
|
- create a .pre-commit-config.yaml configuration file with
* gitlint
* trailing blanks linter
* tabs removal linter
- exclude .git folder from it
- exclude Makefiles since tabs are mandatory by default in them
- create a tox pre-commit profile to run it from tox
note gitlint is not runnable at this pre-commit stage
- create pre-commit-install and pre-commit-uninstall tox profiles to
(un)install hooks locally and (un)perform tests at each "git commit"
call (i.e. without calling manually the pre-commit tox profile)
- precise pre-commit stages/types in the pre-commit configuration file
so that hooks are installed correctly. This avoids messages about
skipped tests when they are run at a wrong stage.
Issue-ID: OOM-2643
Signed-off-by: guillaume.lambert <guillaume.lambert@orange.com>
Change-Id: Ie95bb4f6f90be80b05a1398973caffeff7936881
|
|
|
|
Make sure that the envs sections gets tpl and cached properly.
Issue-ID: OOM-1
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I4064bdf3204a61a30b7296503c99e7931bae8cd2
|
|
|
|
- add checkbahims to tox.ini default profiles
- remove -f options to unforce bashisms detection in explicit bash
scripts and to differentiate treatments between bash and sh
- migrate #!/bin/bash shebangs to #!/bin/sh for scripts without bashisms
The following scripts have not been migrated since they still use
bashisms difficult to migrate (mostly arrays - more details below)
./kubernetes/common/mariadb-init/resources/config/db_init.sh
./kubernetes/portal/components/portal-mariadb/resources/config/ \
mariadb/docker-entrypoint.sh
./kubernetes/helm/plugins/deploy/deploy.sh
./kubernetes/helm/plugins/undeploy/undeploy.sh
./kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh
$ find . -not -path '*/\.*' -name *.sh -exec checkbashisms -f {} + 2>&1\
| grep line | cut -d' ' -f 7- | sort | uniq -c | sort -k1,1nr
18 (bash arrays, ${name[0|*|@]}):
2 (declare):
1 ($FUNCNAME):
1 (shopt):
1 (trap with ERR|DEBUG|RETURN):
https://mywiki.wooledge.org/Bashism#Arrays
https://mywiki.wooledge.org/Bashism#Special_Variables
https://mywiki.wooledge.org/Bashism#Builtins
https://www.oilshell.org/release/0.5.alpha2/test/spec.wwz/builtin-trap.html
Issue-ID: OOM-2643
Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com>
Change-Id: Id06ad1d45004321a293bdd26038d8da5f7b6b4ac
|
|
|
|
|
|
with the following command
$ find . -not -path '*/\.*' -name *.sh -exec sed -i 's/\t/ /g' {} +
then realign manually what deserves it and in particular,
unindent some EOF scripting tags so they do not trigger errors.
Issue-ID: OOM-2643
Signed-off-by: guillaume.lambert <guillaume.lambert@orange.com>
Change-Id: Ibfa463ec8083d5a39de18a54d9c1d8746710fe03
|
|
|
|
DB connection from Policy Framework components fail intermittently with
Connection refused error. Upon investigation, identified that
mariadb-metrics readiness is failing with timeout, and thereby affecting
the db connectivity intermittently.
So, changing readiness timeout from 1 second to 5 seconds so that
there is enough time to get back the /metrics response
and readiness can pass. Also making the properties configurable.
Similar issue could happen in other components too.
Change-Id: I8dfbfeb0fe791c1bce373dd9d7124d26457c4919
Issue-ID: POLICY-3637
Signed-off-by: a.sreekumar <ajith.sreekumar@bell.ca>
|
|
|
|
This patch makes AAI to work on service mesh by removing https calls
from everywhere.
It allows also to use AAI on an environment without need of TLS.
Issue-ID: OOM-2670
Signed-off-by: Ondrej Frindrich <ondrej1.frindrich@orange.com>
Change-Id: I19adabc7b33c1ada243ec16f77dbf8fde19b1386
|
|
cps-temporal component added for cps-temporal-db and cps-temporal(application)
Issue-ID: CPS-482
Signed-off-by: puthuparambil.aditya <aditya.puthuparambil@bell.ca>
Change-Id: I91998e0d2e9f953f8579ee40d1670199155d3396
|
|
Cmd :"grep -o '"logURL":"[^"]*' "$file" | cut -d '"' -f4"
filters more then one logURL like below from feedConfig response log,
If both subs/pubs are present, which corrupts application config.
https://dmaap-dr-prov/feedlog/1
https://dmaap-dr-prov/sublog/1
Requirement is to filter only feedlog URL, with changes script
should correctly filter URL: https://dmaap-dr-prov/feedlog/1.
Issue-ID: DCAEGEN2-2910
Signed-off-by: ajay_dp001 <ajay.deep.singh@est.tech>
Change-Id: I2a67aad5c533f1b623737f56feeefb3a05f6373a
|
|
|
|
|
|
Instead of terminating TLS on SO POD, let's terminate it on its Ingress.
This patch uses certInitializer to create the right certificates and put them in
a secret.
This secret is then referenced on SO Ingress.
Issue-ID: SO-3078
Issue-ID: SO-3237
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Icdc8cf6fc84cb3b3c337b4f4e5320980eee06337
|
|
Bashisms of type (should be 'b = a') were all fixed previously
but a new one was reintroduced during the fixes of other types.
Also commit f79b6676cfdc380e004f184a21bb969b2824c06e moved
import-custom-cert shebang from bash to sh but substring syntaxes
similar to ${f: -4} and only supported by bash were not migrated.
Let's fix that alltogether
before enforcing the checkbashisms tox profile.
Issue-ID: OOM-2643
Issue-ID: POLICY-3232
Signed-off-by: guillaume.lambert <guillaume.lambert@orange.com>
Change-Id: Ie9b5ac1c2edd9ddf3574f09c77ca8734f2311d1d
|
|
1. Make changes in order to allow performing KUR/CR in EJBCA:
- Add Certificate Update Admin role
- Enable EndEntityAuthentication module
- Create and set CA with constant UID
- Add configuration for provider.
2. Update CertService, which provides with new certificate update
endpoint.
3. Update release-notes.
Issue-ID: OOM-2753
Issue-ID: OOM-2754
Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Change-Id: I9cb0cb4d6d6939ad229a4ea254f2bc35d45a3d52
Signed-off-by: Joanna Jeremicz <joanna.jeremicz@nokia.com>
|
|
Add prometheus service monitor template to common charts so that components
can reuse it to enable scraping of their metrics by prometheus.
Issue-ID: OOM-2710
Signed-off-by: Marat Salakhutdinov <marat.salakhutdinov@bell.ca>
Change-Id: Ifa8da676dec05192c518ba97208df60e5ec46f55
|
|
Add update for /etc/ssl/cacerts/ca-certificates.crt
Issue-ID: CCSDK-3356
Change-Id: I797aea054bb80db805f4791a288e89b102e1d662
Signed-off-by: Abdelmuhaimen Seaudi <abdelmuhaimen.seaudi@orange.com>
|
|
|
|
|
|
pointed out by checkbashisms
Issue-ID: OOM-2643
Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com>
Change-Id: I34d828ac4ab27b5ce6547a20aecc610cdcecf00e
|
|
Helm deployment support for DCAE transformation
common/svc template support for UDP protocol.
Added readiness configuration.
Change-Id: Idc40c60d95ddd5eb0ef43ba0b11b7b163970a5b1
Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com>
Issue-ID: DCAEGEN2-2708
Issue-ID: OOM-2751
Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com>
|
|
fix matchExpressions under nodeSelectorTerms to indicating
array construct.
there is no helm tpl defined with common.tplvalues, fixing
it to use common.tplValue
Issue-ID: OOM-2800
Signed-off-by: Prabhjot Singh Sethi <prabhjot@aarnanetworks.com>
Change-Id: I572ee30af745aa7f10c8438ea9516534e71d5acd
|
|
|