summaryrefslogtreecommitdiffstats
path: root/kubernetes/common
AgeCommit message (Collapse)AuthorFilesLines
2022-02-22[COMMON] Fix typo in import-custom-certs.shBartek Grzybowski1-2/+2
It resulted in an error at runtime: /root/import-custom-certs.sh: line 30: syntax error: unexpected "then" Issue existed since change Ie9b5ac1c2edd9ddf3574f09c77ca8734f2311d1d Change-Id: I8b9f771eaccc9f1cdbd45159f2199b33c9b5d826 Issue-ID: OOM-2919 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2022-02-07[MARIADB] Use common labels for the metrics Service selectorBartek Grzybowski1-2/+2
Setting the "prometheus: kube-prometheus" label selector for mariadb-galera ServiceMonitor object is invalid since mariadb-galera-metrics service has common labels assigned. Without this change Prometheus (in kube-prometheus-stack) does not select the mariadb-galera-metrics service for scraping and relevant target is not created. Change-Id: I64dfe83ff7fb448125f8726cf3ca33048ced04a8 Issue-ID: OOM-2925 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2022-01-13[OOM-CERT-SERVICE][DCAE] Top up Cert Service containersTomasz Wrobel1-1/+1
Top up cert service container to 2.4.1 Issue-ID: OOM-2903 Signed-off-by: Tomasz Wrobel <tomasz.wrobel@nokia.com> Change-Id: Ic4280e33e0a9dd3684d33d2676a7ce6409041973
2022-01-04[COMMON] Changed mongo storage location to enable persistanceAndreas Geissler1-1/+18
Added initContainer to fix the permissions of the to be mounted volume and changed intent Issue-ID: OOM-2864 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: I188d7f6002405e810dd54d1043824979b4d83d42 (cherry picked from commit 7baf2dbf669abb383b895d4fa5bb624b19d9ea63)
2021-12-14[COMMON] Make namespace configurablexuegao2-3/+14
Make the namespace parameter configurable for CertInitializer and ReadinessCheck Chart Issue-ID: OOM-2888 Signed-off-by: xuegao <xue.gao@intl.att.com> Change-Id: I5bb4e86be935921af1d852d6d7666fb5c8eaf725
2021-11-08[ETCD] Give full FQDN name for etcdSylvain Desbureaux2-1/+2
Some Kubernetes deployments needs the full fqdn and not just the first part in order to make etcd statefulset to work. Issue-ID: OPTFRA-981 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Idf384d2c65b13f64885429181c4fa2eba5ac4282 (cherry picked from commit c991f0bf4291c7b79207d98e51ca4c4cd2a3fe72)
2021-11-06Merge "[CCSDK] Workaround for naming service host name verification issue" ↵Sylvain Desbureaux2-1/+4
into istanbul
2021-11-04[SDNC] Bump version for Istanbul RCDan Timoney1-1/+1
Bump version of SDNC and CCSDK images for Istanbul. Note: this was submitted as 2 separate reviews to master - one at RC milestone, and a second at signoff which just had a version bump for SDNC. These changes are combined in this single review. Issue-ID: SDNC-1630 Issue-ID: SDNC-1615 Issue-ID: CCSDK-3483 Signed-off-by: Dan Timoney <dtimoney@att.com> Change-Id: Id3a3627765e5623aa6cd8bffbfad1679ae6afef6 (cherry picked from commit e126a43804b5d91e0ea930190149eff54bad61b9)
2021-11-03[CCSDK] Workaround for naming service host name verification issueDan Timoney2-1/+4
The naming service query to policy manager is failing host name verification. While this issue is under investigation, it can be worked around by configuring the naming service to disable host name verification. This requires a new version of the network-name-gen microservice (1.2.1), and a change to set a new env variable to disable host name verification (enabled by default if this variable is unset). Issue-ID: CCSDK-3501 Signed-off-by: Dan Timoney <dtimoney@att.com> Change-Id: Ia471cd27ce16b6e79a3ce6708e08c7d5f239feb3 (cherry picked from commit 7ec6cb6b34221a9a2293fbc3c09a89940c8f18bd)
2021-10-15[COMMON] Bump ONAP versionSylvain Desbureaux54-93/+140
Use version 9.0.0 for Istanbul Also update the doc. Issue-ID: OOM-1 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I03e11799bf487226784c98b04116f005c89d1e70
2021-10-15Merge "[COMMON] Fix timescaledb volume permission issue"Sylvain Desbureaux1-0/+16
2021-10-15Merge "[CPS] Use common postgres for CPS"Sylvain Desbureaux9-2/+339
2021-10-13[COMMON] Fix timescaledb volume permission issueRenu Kumari1-0/+16
- Added init-container to change mounted volume permission Issue-ID: CPS-667 Signed-off-by: Renu Kumari <renu.kumari@bell.ca> Change-Id: I3161400cbcf2de88580ea768c97212a2983f5fff
2021-10-12[CPS] Use common postgres for CPSAbdelmuhaimen Seaudi9-2/+339
Add option for CPS to use common postgres Issue-ID: OOM-2839 Signed-off-by: Abdelmuhaimen Seaudi <abdelmuhaimen.seaudi@orange.com> Change-Id: Ida133999f26cf50d59103aa30a90c97fba3e66a0
2021-10-12Merge "[COMMON] Add limits to timescale db"Sylvain Desbureaux2-31/+31
2021-10-11Merge "[DCAEGEN2] Update chart with service account"Krzysztof Opasiak1-1/+15
2021-10-10[DCAEGEN2] Update chart with service accountfarida azmy1-1/+15
Add service account to requirements.yaml, values.yaml and deployment/statefulset. Issue-ID: OOM-2726 Signed-off-by: farida azmy <farida.azmy.ext@orange.com> Co-authored-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I6bafed3c621f4e7b1a307bc9338334586eb6795e Signed-off-by: Abdelmuhaimen Seaudi <abdelmuhaimen.seaudi@orange.com>
2021-10-10[COMMON] Add limits to timescale dbRenu Kumari2-31/+31
- Added resources limit similar to postgres in the timescaledb - Using common.podSecurityContext - removed init-container and it is handled by kubernetes if fsGroup is provided Issue-ID: CPS-667 Signed-off-by: Renu Kumari <renu.kumari@bell.ca> Change-Id: I944cc93526d0d89f32840450121c1ff608fdd4c5
2021-10-10[SDNC] Bump versions for IstanbulDan Timoney2-2/+2
Bump image versions for SDNC for Istanbul release Issue-ID: SDNC-1609 Signed-off-by: Dan Timoney <dtimoney@att.com> Change-Id: Iecfb133ce8563ccfabf1a38af9d8c26d99d398f4
2021-10-04Merge "[COMMON] Update root certificates"Krzysztof Opasiak1-2172/+2719
2021-10-04Merge "[COMMON] Add and run pre-commit linters via tox"Sylvain Desbureaux1-3/+3
2021-10-01[COMMON] Update root certificatesSylvain Desbureaux1-2172/+2719
ONAP truststore is outdated so let's use one from Java 17 + add ONAP root CA. Issue-ID: OOM-1 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: If8a7dbf4c876ce89cf04080a97a7f67803d66c5f
2021-09-30[COMMON] Run timescale with postgres userBruno Sakoto2-2/+16
Timescale container is ran with postgres user and group which are defined with uid 70 and gid 70. Data volume owner is changed for postgres. See also: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ Issue-ID: CPS-667 Signed-off-by: Bruno Sakoto <bruno.sakoto@bell.ca> Change-Id: Ia87922ba68bb47a7a07aaf61f368143d970278b6
2021-09-26[COMMON] Add and run pre-commit linters via toxguillaume.lambert1-3/+3
- create a .pre-commit-config.yaml configuration file with * gitlint * trailing blanks linter * tabs removal linter - exclude .git folder from it - exclude Makefiles since tabs are mandatory by default in them - create a tox pre-commit profile to run it from tox note gitlint is not runnable at this pre-commit stage - create pre-commit-install and pre-commit-uninstall tox profiles to (un)install hooks locally and (un)perform tests at each "git commit" call (i.e. without calling manually the pre-commit tox profile) - precise pre-commit stages/types in the pre-commit configuration file so that hooks are installed correctly. This avoids messages about skipped tests when they are run at a wrong stage. Issue-ID: OOM-2643 Signed-off-by: guillaume.lambert <guillaume.lambert@orange.com> Change-Id: Ie95bb4f6f90be80b05a1398973caffeff7936881
2021-09-24Merge "[COMMON] Enforce checkbashisms tox profile"Krzysztof Opasiak3-4/+4
2021-09-22[COMMON] Fix genericKV cache generationKrzysztof Opasiak1-1/+10
Make sure that the envs sections gets tpl and cached properly. Issue-ID: OOM-1 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I4064bdf3204a61a30b7296503c99e7931bae8cd2
2021-09-22Merge "[SO] Add TLS configuration for SO API Ingress"Krzysztof Opasiak1-1/+3
2021-09-22[COMMON] Enforce checkbashisms tox profileGuillaume Lambert3-4/+4
- add checkbahims to tox.ini default profiles - remove -f options to unforce bashisms detection in explicit bash scripts and to differentiate treatments between bash and sh - migrate #!/bin/bash shebangs to #!/bin/sh for scripts without bashisms The following scripts have not been migrated since they still use bashisms difficult to migrate (mostly arrays - more details below) ./kubernetes/common/mariadb-init/resources/config/db_init.sh ./kubernetes/portal/components/portal-mariadb/resources/config/ \ mariadb/docker-entrypoint.sh ./kubernetes/helm/plugins/deploy/deploy.sh ./kubernetes/helm/plugins/undeploy/undeploy.sh ./kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh $ find . -not -path '*/\.*' -name *.sh -exec checkbashisms -f {} + 2>&1\ | grep line | cut -d' ' -f 7- | sort | uniq -c | sort -k1,1nr 18 (bash arrays, ${name[0|*|@]}): 2 (declare): 1 ($FUNCNAME): 1 (shopt): 1 (trap with ERR|DEBUG|RETURN): https://mywiki.wooledge.org/Bashism#Arrays https://mywiki.wooledge.org/Bashism#Special_Variables https://mywiki.wooledge.org/Bashism#Builtins https://www.oilshell.org/release/0.5.alpha2/test/spec.wwz/builtin-trap.html Issue-ID: OOM-2643 Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com> Change-Id: Id06ad1d45004321a293bdd26038d8da5f7b6b4ac
2021-09-21Merge "[COMMON] Replace tabs by 4 ws in shell scripts"Sylvain Desbureaux1-44/+44
2021-09-21Merge "[COMMON] Fix db-metrics readiness timeout issue"Sylvain Desbureaux2-6/+31
2021-09-20[COMMON] Replace tabs by 4 ws in shell scriptsguillaume.lambert1-44/+44
with the following command $ find . -not -path '*/\.*' -name *.sh -exec sed -i 's/\t/ /g' {} + then realign manually what deserves it and in particular, unindent some EOF scripting tags so they do not trigger errors. Issue-ID: OOM-2643 Signed-off-by: guillaume.lambert <guillaume.lambert@orange.com> Change-Id: Ibfa463ec8083d5a39de18a54d9c1d8746710fe03
2021-09-16Merge "[OOM] Fix Feed Provisioning for DFC"Sylvain Desbureaux1-1/+1
2021-09-16[COMMON] Fix db-metrics readiness timeout issuea.sreekumar2-6/+31
DB connection from Policy Framework components fail intermittently with Connection refused error. Upon investigation, identified that mariadb-metrics readiness is failing with timeout, and thereby affecting the db connectivity intermittently. So, changing readiness timeout from 1 second to 5 seconds so that there is enough time to get back the /metrics response and readiness can pass. Also making the properties configurable. Similar issue could happen in other components too. Change-Id: I8dfbfeb0fe791c1bce373dd9d7124d26457c4919 Issue-ID: POLICY-3637 Signed-off-by: a.sreekumar <ajith.sreekumar@bell.ca>
2021-09-14Merge "[AAI] Service Mesh compatibility"Sylvain Desbureaux2-0/+22
2021-09-13[AAI] Service Mesh compatibilityosk114612-0/+22
This patch makes AAI to work on service mesh by removing https calls from everywhere. It allows also to use AAI on an environment without need of TLS. Issue-ID: OOM-2670 Signed-off-by: Ondrej Frindrich <ondrej1.frindrich@orange.com> Change-Id: I19adabc7b33c1ada243ec16f77dbf8fde19b1386
2021-09-13[CPS] Charts added for repo cps-cps-temporalputhuparambil.aditya10-0/+398
cps-temporal component added for cps-temporal-db and cps-temporal(application) Issue-ID: CPS-482 Signed-off-by: puthuparambil.aditya <aditya.puthuparambil@bell.ca> Change-Id: I91998e0d2e9f953f8579ee40d1670199155d3396
2021-09-10[OOM] Fix Feed Provisioning for DFCajay_dp0011-1/+1
Cmd :"grep -o '"logURL":"[^"]*' "$file" | cut -d '"' -f4" filters more then one logURL like below from feedConfig response log, If both subs/pubs are present, which corrupts application config. https://dmaap-dr-prov/feedlog/1 https://dmaap-dr-prov/sublog/1 Requirement is to filter only feedlog URL, with changes script should correctly filter URL: https://dmaap-dr-prov/feedlog/1. Issue-ID: DCAEGEN2-2910 Signed-off-by: ajay_dp001 <ajay.deep.singh@est.tech> Change-Id: I2a67aad5c533f1b623737f56feeefb3a05f6373a
2021-09-09Merge "[OOM] Update Linux SSL Truststore /etc/ssl"Sylvain Desbureaux2-0/+16
2021-09-09Merge "[CONTRIB] Introduce certificate update use case in CertService"Sylvain Desbureaux1-1/+1
2021-09-08[SO] Add TLS configuration for SO API IngressSylvain Desbureaux1-1/+3
Instead of terminating TLS on SO POD, let's terminate it on its Ingress. This patch uses certInitializer to create the right certificates and put them in a secret. This secret is then referenced on SO Ingress. Issue-ID: SO-3078 Issue-ID: SO-3237 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Icdc8cf6fc84cb3b3c337b4f4e5320980eee06337
2021-09-07[COMMON] Fix bashisms in import-custom-certguillaume.lambert1-5/+4
Bashisms of type (should be 'b = a') were all fixed previously but a new one was reintroduced during the fixes of other types. Also commit f79b6676cfdc380e004f184a21bb969b2824c06e moved import-custom-cert shebang from bash to sh but substring syntaxes similar to ${f: -4} and only supported by bash were not migrated. Let's fix that alltogether before enforcing the checkbashisms tox profile. Issue-ID: OOM-2643 Issue-ID: POLICY-3232 Signed-off-by: guillaume.lambert <guillaume.lambert@orange.com> Change-Id: Ie9b5ac1c2edd9ddf3574f09c77ca8734f2311d1d
2021-09-06[CONTRIB] Introduce certificate update use case in CertServicePiotr Marcinkiewicz1-1/+1
1. Make changes in order to allow performing KUR/CR in EJBCA: - Add Certificate Update Admin role - Enable EndEntityAuthentication module - Create and set CA with constant UID - Add configuration for provider. 2. Update CertService, which provides with new certificate update endpoint. 3. Update release-notes. Issue-ID: OOM-2753 Issue-ID: OOM-2754 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: I9cb0cb4d6d6939ad229a4ea254f2bc35d45a3d52 Signed-off-by: Joanna Jeremicz <joanna.jeremicz@nokia.com>
2021-09-06[COMMON] Add prometheus service monitor templateMarat Salakhutdinov2-35/+169
Add prometheus service monitor template to common charts so that components can reuse it to enable scraping of their metrics by prometheus. Issue-ID: OOM-2710 Signed-off-by: Marat Salakhutdinov <marat.salakhutdinov@bell.ca> Change-Id: Ifa8da676dec05192c518ba97208df60e5ec46f55
2021-09-05[OOM] Update Linux SSL Truststore /etc/sslAbdelmuhaimen Seaudi2-0/+16
Add update for /etc/ssl/cacerts/ca-certificates.crt Issue-ID: CCSDK-3356 Change-Id: I797aea054bb80db805f4791a288e89b102e1d662 Signed-off-by: Abdelmuhaimen Seaudi <abdelmuhaimen.seaudi@orange.com>
2021-09-01Merge "[DCAE] Helm charts for SNMPTrap collector"Sylvain Desbureaux1-1/+15
2021-08-31Merge "[COMMON] Fix ${p^^} bashisms"Krzysztof Opasiak2-4/+4
2021-08-28[COMMON] Fix ${p^^} bashismsGuillaume Lambert2-4/+4
pointed out by checkbashisms Issue-ID: OOM-2643 Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com> Change-Id: I34d828ac4ab27b5ce6547a20aecc610cdcecf00e
2021-08-27[DCAE] Helm charts for SNMPTrap collectorVijay Venkatesh Kumar1-1/+15
Helm deployment support for DCAE transformation common/svc template support for UDP protocol. Added readiness configuration. Change-Id: Idc40c60d95ddd5eb0ef43ba0b11b7b163970a5b1 Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com> Issue-ID: DCAEGEN2-2708 Issue-ID: OOM-2751 Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com>
2021-08-27[COMMON] Fix handling affinity block for mariadb-galeraPrabhjot Singh Sethi2-5/+5
fix matchExpressions under nodeSelectorTerms to indicating array construct. there is no helm tpl defined with common.tplvalues, fixing it to use common.tplValue Issue-ID: OOM-2800 Signed-off-by: Prabhjot Singh Sethi <prabhjot@aarnanetworks.com> Change-Id: I572ee30af745aa7f10c8438ea9516534e71d5acd
2021-07-20Merge "[COMMON] Fix a docker-entrypoint function name"Krzysztof Opasiak1-4/+4