Age | Commit message (Collapse) | Author | Files | Lines |
|
Policy- Add initial authorized serviceaccounts for each sub component service
Common- Change authorizationpolicy to match on the label app
Issue-ID: OOM-3139
Change-Id: I411877b933d6dfcbdee633f1440d16c9658438e5
Signed-off-by: AndrewLamb <andrew.a.lamb@est.tech>
|
|
|
|
|
|
- add an app label to all resources because this is picked up by Istio
Issue-ID: OOM-3164
Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
Change-Id: I71831b29c5c5b9ddc2bcafbc1567ed0dfa971e5c
|
|
Fix for: no matches for kind AuthorizationPolicy, when trying to
install on deployment with no istio.
Issue-ID: OOM-3163
Change-Id: I3e0be55d78e6c88655eeaf267c25b8e6747c5b3c
Signed-off-by: AndrewLamb <andrew.a.lamb@est.tech>
|
|
As part of the ServiceMesh solution OAuth2-proxy will be used
to enable a central authentication and authorization for ONAP
Service Access.
This patch delivers the function based on oauth2-proxy helmcharts:
https://github.com/oauth2-proxy/manifests/tree/main/helm/oauth2-proxy
Issue-ID: OOM-2489
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: Iafa82813a7b9494cf13d77d47a39fc6030cb919b
|
|
In case of local DB the "init" dependency is activated
as the "not" condition is not working
Issue-ID: OOM-3152
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I27dba69a644bbcc2b61245c22784976ba7c66173
|
|
|
|
Remove checks and add the usage of common templates
Add information about external access to SDNC-callhome
and add ingress setup for it
Issue-ID: OOM-3122
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I7b32832ee31d811c23b4eaa5d43f7aa9d767c353
|
|
|
|
VirtualService TCP route added in _ingress.tpl using
protocol option in onap-strimzi ingress configuration
Added support for multiple ports in _ingress.tpl added
Fixed port setting in onap-strimzi for external interface
Add information to the documents section
Issue-ID: OOM-3109
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: If8507278d952ee29ceaa3f134b99d18bd6f31cb7
|
|
Create template for istio authorization policies
Issue-ID: OOM-3148
Change-Id: I081288e8e9b0e8347ee6fd0d656398126826c273
Signed-off-by: AndrewLamb <andrew.a.lamb@est.tech>
|
|
Add Ingress configuration for Kafka brokers and bootstrap service
and add advertized host/port settings
Change the _service.tpl to modify a Nodeport to a ClusterIP depending
in the usage of Ingress
Issue-ID: OOM-3109
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I19a405b7fb9c06ce40322e7af824e1aad5baaa90
|
|
Move hv-ves to use strimzi kakfa tpl
Topic naming is invalid so adding overrides to tpl
Signed-off-by: efiacor <fiachra.corcoran@est.tech>
Change-Id: Ied93c6329f51c3219b09b4f67f174c9e15727188
Issue-ID: DMAAP-1854
|
|
Clean up some of the redundant AAF config etc
Signed-off-by: efiacor <fiachra.corcoran@est.tech>
Change-Id: I3066457a5e45f2cbe75c4f12ab6137e234c77fc1
Issue-ID: DMAAP-1853
|
|
Fix of resources template indent and therefore resources in components
Issue-ID: OOM-3104
Signed-off-by: miroslavmasaryk <miroslav.masaryk@telekom.com>
Change-Id: I825a3860db00cae4bb80b2aa2d82ac1a42b33124
|
|
Move policy dist to use strimzi templates
Signed-off-by: efiacor <fiachra.corcoran@est.tech>
Change-Id: I4a03812a7545ce7a4fcd5443a2c0af89933b1a63
Issue-ID: DMAAP-1857
|
|
As we have problems to send binary data to the HVVES collector
the support for service appProtocol attribute is required to
fix the hvves service protocol to "tcp" and to disable the
port for sidecar usage
Issue-ID: OOM-3076
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: Ied6ca4d4d8cd088c8ec0e0ee13068dfdbfb38461
|
|
In case of non-TLS service the nodePort was not reserved
and missed to disable tls for the services (tlsEnabled)
Issue-ID: OOM-3094
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I7f5102a499f4b262556787b5db682e28a9ebcf81
|
|
|
|
|
|
Remove DMaaP NodePorts
Update dmaap-bc postgres setup and dbc-client image used by DCAE
Use the http port of the dbcClient in the dmaapProvisioning job
Signed-off-by: efiacor <fiachra.corcoran@est.tech>
Change-Id: Ie4888b58b6f7e1405ed67625900da89e58b5cb79
Issue-ID: DMAAP-1573
|
|
fix the AAI/Policy urls for network-name-gen in case of
ServiceMesh (http interfaces)
Issue-ID: OOM-3091
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I8bea8de53643f8c09a25b83985047d56c940f99a
|
|
Add new options for the created Ingress URLs (preaddr, postaddr)
and allow to create Ingress configurations using customized ports
Correction added to the installation of the Ingress Gateway.
Issue-ID: OOM-3084
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: Ib31050c169799409c6e968adce7ff41e215e3ff9
|
|
The compilation of the job fails, as default values for
mariadb-galera are missing in the values.yaml
Issue-ID: OOM-3077
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: Iafd7f8ecb2d3b2d3ae8b252e82a5b494516dfb43
|
|
Add template for strimzi KafkaUser and topic
Move sdc-be to use given templates
Signed-off-by: efiacor <fiachra.corcoran@est.tech>
Change-Id: Idc3c5af7f4945466f8419fed7d2f43de36aacd13
Issue-ID: DMAAP-1836
|
|
The template should create for each Ingress service a single
Gateway/VirtualService Resource, small update of service template
Issue-ID: OOM-3000
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I480f8c7b6b9ca3a84813a9e96c4d796d332facc7
|
|
Update chart versions 12.0.0 for London
Issue-ID: OOM-3046
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: Ic196235ff4f6ae14a7ecad799bd75a9666b2594a
|
|
aafConfig is obsolete now so let's remove it from the source code to
be sure that people use the new one.
Issue-ID: AAF-1134
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Ie1e05cf0fbe82474edcb3c35ca0df011f4e3a449
|
|
|
|
Bump image version for kohn release
Signed-off-by: efiacor <fiachra.corcoran@est.tech>
Change-Id: I34e6714797e88c0cf6131022696b537aa36ff505
Issue-ID: DMAAP-1769
|
|
Version bump of CCSDK artifacts for Kohn release.
Reverted cds-ui version to Jakarta (1.3.0) due to startup
issue.
Issue-ID: CCSDK-3754
Signed-off-by: Timoney, Dan (dt5972) <dtimoney@att.com>
Change-Id: Ib832f3634e97eb7b80856ffc71d3b39f56e1f276
|
|
Update libraries to fix vulnerabilities
Issue-ID: OOM-2985
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I8ac4a769a791ffb90dfd57358dd839c7a631c403
|
|
|
|
When using the _service template in case of ServiceMesh a NodePort
is changed to a ClusterIP
Issue-ID: OOM-2013
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I42fa1af57dc393356990bedc3ec52babb4f6c09a
|
|
In the _ingress.tpl create Gateway and VirtualService
resources when SM is enabled, add ssl redirect and use
plain_port, if it is defined in ingress config
Issue-ID: OOM-3000
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I20c9f88573547fbad631df3c5e0fa17fbdeed80b
|
|
Based on Cassandra documentation enlarge limits of Cassandra pods
and the heap size
Issue-ID: AAI-3492
Signed-off-by: Michal Jagiello <michal.jagiello@t-mobile.pl>
Change-Id: I43e6eeb043b75e5bf5333a3fbdb66f832f01c867
(cherry picked from commit 56b8db227af43c0698eb877dc723f93ad5a0d812)
|
|
|
|
All Makefiles are updated to support SKIP_LINT option,
have a defined order of compilation (common -> components)
to support the parallel compilation of charts using:
make all -j8 (for 8 Jobs). Additionally use cm-push instead
of push to use the new K8S/Helm version
Issue-ID: OOM-3011
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: If9903c9d5bc646b5ce54075acc616e98c4b6706e
|
|
Change chart to mount application configuration configMap
directly on the application container and rely on the
DCAE SDK to do environment variable substitution on the
configMap content. This allows changing configuration
by editing the configMap without restarting the application.
Remove message router authenticated topic provisioning from
DCAE.
Issue-ID: DCAEGEN2-2935
Signed-off-by: Jack Lucas <jflos@sonoris.net>
Change-Id: I85139e64f8cb7e1b88f8fca8d5d84cc71f946290
|
|
Disable inter-cluster ports from the Sidecar communication
Issue-ID: OOM-2820
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: Ie9b523e881a6dd5bef62debdf208994d03a08f29
|
|
Update the pod annotations to exclude the cluster communication
ports from the SM sidecars.
Fix mysql protocol setup fodddr istio and update mariadb-init job
to support istio sidecar communication.
This is separated from a patch for CDS SM compatibility
Issue-ID: OOM-2820
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I9e839e019c948614fea7d4b3b5930270f7e7a7c6
|
|
Use version 11.0.0 for Kohn
Issue-ID: OOM-2971
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: Icc0e0839fc6def2035383b5fa4c9153fc15fafda
|
|
|
|
|
|
|
|
|
|
|
|
Update versions for SDNC images to install final Jakarta fixes.
Issue-ID: SDNC-1706
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: Ic0c7ddf9f61f020889aa814d7031f6f76a473a8f
|
|
Network-name-gen and dgbuilder charts changes to make it work with servicemesh
Issue-ID: OOM-2982
Signed-off-by: Radoslaw Chmiel <r.chmiel@partner.samsung.com>
Change-Id: I23bffe3f2de6196dbad1bbb03ea0c2fc46313865
|