Age | Commit message (Collapse) | Author | Files | Lines |
|
Helm 3.7.0 introduced a new .Chart variable named IsRoot.
In the same time they refactored the representation of .Chart and it
no longer is a dictionary but a structure which confuses
mergeOverride.
In order to keep our tricks working we need to skip .Chart while doing
a deepCopy of our current context.
Issue-ID: OOM-1
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I230e2ba460ddf09377d8de6c1366d4fd82f764cd
|
|
Move all Chart.yaml to use apiVersion: 2
Move dependencies from requirements.yaml to Chart.yaml
Changes to all makeFiles
Changes to helm deploy plugin
Signed-off-by: efiacor <fiachra.corcoran@est.tech>
Change-Id: I03c5290eee9e40f76eacbf171e774204cf5fb1c0
Issue-ID: OOM-2845
|
|
|
|
|
|
Use Certinitializer in order to retrieve needed certificates.
Change ModelLoader also as it needs valid certificate to communicate
with Babel.
Issue-ID: OOM-2693
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I64b8ede24643f942dc99956030c202c50d41ad1e
|
|
This reverts commit 0d9469d87c6173b20097499fea54013bd0f8169c.
Reason for revert: it seems to not work in a lot of environments
Issue-ID: OOM-2864
Change-Id: Ie7847f4522e3ac4ff7ef3e2de0021b7b2382aa33
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
|
|
|
|
|
|
Changed the volume mounted from /var/lib/mongo to /data/db,
which is the default storage location of mongo
Issue-ID: OOM-2864
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: Id054b36a9f8abea676e70511812d2aeb151d47e0
|
|
Filebeat sidecar containers in many cases has resources set. As a
result, in many components resources section is added manually, after
usage of log template. This commit solves this situation
Issue-ID: OOM-1
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
Change-Id: I725a38eb9d4dffcc017c24399436ddfccdb91123
|
|
The naming service query to policy manager is failing host name
verification. While this issue is under investigation, it can be
worked around by configuring the naming service to disable host
name verification. This requires a new version of the network-name-gen
microservice (1.2.1), and a change to set a new env variable to
disable host name verification (enabled by default if this variable
is unset).
Issue-ID: CCSDK-3501
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: Ia471cd27ce16b6e79a3ce6708e08c7d5f239feb3
|
|
|
|
Bump version of SDNC and CCSDK images for Istanbul RC milestone.
Issue-ID: SDNC-1615
Issue-ID: CCSDK-3483
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: Id3a3627765e5623aa6cd8bffbfad1679ae6afef6
|
|
In case where subchart uses ConfigMap that was defined in parent chart,
wrong chart name will be generated. This change allows to workaround
that issue by supplying own prefix instead of generated one.
Issue-ID: OOM-1
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
Change-Id: Ieed19d46e4205cd5b23b4c74af19c618a6e48466
|
|
Some Kubernetes deployments needs the full fqdn and not just the first
part in order to make etcd statefulset to work.
Issue-ID: OPTFRA-981
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Idf384d2c65b13f64885429181c4fa2eba5ac4282
|
|
Use version 9.0.0 for Istanbul
Also update the doc.
Issue-ID: OOM-1
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I03e11799bf487226784c98b04116f005c89d1e70
|
|
|
|
|
|
- Added init-container to change mounted volume permission
Issue-ID: CPS-667
Signed-off-by: Renu Kumari <renu.kumari@bell.ca>
Change-Id: I3161400cbcf2de88580ea768c97212a2983f5fff
|
|
Add option for CPS to use common postgres
Issue-ID: OOM-2839
Signed-off-by: Abdelmuhaimen Seaudi <abdelmuhaimen.seaudi@orange.com>
Change-Id: Ida133999f26cf50d59103aa30a90c97fba3e66a0
|
|
|
|
|
|
Add service account to requirements.yaml,
values.yaml and deployment/statefulset.
Issue-ID: OOM-2726
Signed-off-by: farida azmy <farida.azmy.ext@orange.com>
Co-authored-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I6bafed3c621f4e7b1a307bc9338334586eb6795e
Signed-off-by: Abdelmuhaimen Seaudi <abdelmuhaimen.seaudi@orange.com>
|
|
- Added resources limit similar to postgres in the timescaledb
- Using common.podSecurityContext
- removed init-container and it is handled by kubernetes
if fsGroup is provided
Issue-ID: CPS-667
Signed-off-by: Renu Kumari <renu.kumari@bell.ca>
Change-Id: I944cc93526d0d89f32840450121c1ff608fdd4c5
|
|
Bump image versions for SDNC for Istanbul release
Issue-ID: SDNC-1609
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: Iecfb133ce8563ccfabf1a38af9d8c26d99d398f4
|
|
|
|
|
|
ONAP truststore is outdated so let's use one from Java 17 + add ONAP
root CA.
Issue-ID: OOM-1
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: If8a7dbf4c876ce89cf04080a97a7f67803d66c5f
|
|
Timescale container is ran with postgres user and group which are
defined with uid 70 and gid 70.
Data volume owner is changed for postgres.
See also:
https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
Issue-ID: CPS-667
Signed-off-by: Bruno Sakoto <bruno.sakoto@bell.ca>
Change-Id: Ia87922ba68bb47a7a07aaf61f368143d970278b6
|
|
- create a .pre-commit-config.yaml configuration file with
* gitlint
* trailing blanks linter
* tabs removal linter
- exclude .git folder from it
- exclude Makefiles since tabs are mandatory by default in them
- create a tox pre-commit profile to run it from tox
note gitlint is not runnable at this pre-commit stage
- create pre-commit-install and pre-commit-uninstall tox profiles to
(un)install hooks locally and (un)perform tests at each "git commit"
call (i.e. without calling manually the pre-commit tox profile)
- precise pre-commit stages/types in the pre-commit configuration file
so that hooks are installed correctly. This avoids messages about
skipped tests when they are run at a wrong stage.
Issue-ID: OOM-2643
Signed-off-by: guillaume.lambert <guillaume.lambert@orange.com>
Change-Id: Ie95bb4f6f90be80b05a1398973caffeff7936881
|
|
|
|
Make sure that the envs sections gets tpl and cached properly.
Issue-ID: OOM-1
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I4064bdf3204a61a30b7296503c99e7931bae8cd2
|
|
|
|
- add checkbahims to tox.ini default profiles
- remove -f options to unforce bashisms detection in explicit bash
scripts and to differentiate treatments between bash and sh
- migrate #!/bin/bash shebangs to #!/bin/sh for scripts without bashisms
The following scripts have not been migrated since they still use
bashisms difficult to migrate (mostly arrays - more details below)
./kubernetes/common/mariadb-init/resources/config/db_init.sh
./kubernetes/portal/components/portal-mariadb/resources/config/ \
mariadb/docker-entrypoint.sh
./kubernetes/helm/plugins/deploy/deploy.sh
./kubernetes/helm/plugins/undeploy/undeploy.sh
./kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh
$ find . -not -path '*/\.*' -name *.sh -exec checkbashisms -f {} + 2>&1\
| grep line | cut -d' ' -f 7- | sort | uniq -c | sort -k1,1nr
18 (bash arrays, ${name[0|*|@]}):
2 (declare):
1 ($FUNCNAME):
1 (shopt):
1 (trap with ERR|DEBUG|RETURN):
https://mywiki.wooledge.org/Bashism#Arrays
https://mywiki.wooledge.org/Bashism#Special_Variables
https://mywiki.wooledge.org/Bashism#Builtins
https://www.oilshell.org/release/0.5.alpha2/test/spec.wwz/builtin-trap.html
Issue-ID: OOM-2643
Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com>
Change-Id: Id06ad1d45004321a293bdd26038d8da5f7b6b4ac
|
|
|
|
|
|
with the following command
$ find . -not -path '*/\.*' -name *.sh -exec sed -i 's/\t/ /g' {} +
then realign manually what deserves it and in particular,
unindent some EOF scripting tags so they do not trigger errors.
Issue-ID: OOM-2643
Signed-off-by: guillaume.lambert <guillaume.lambert@orange.com>
Change-Id: Ibfa463ec8083d5a39de18a54d9c1d8746710fe03
|
|
|
|
DB connection from Policy Framework components fail intermittently with
Connection refused error. Upon investigation, identified that
mariadb-metrics readiness is failing with timeout, and thereby affecting
the db connectivity intermittently.
So, changing readiness timeout from 1 second to 5 seconds so that
there is enough time to get back the /metrics response
and readiness can pass. Also making the properties configurable.
Similar issue could happen in other components too.
Change-Id: I8dfbfeb0fe791c1bce373dd9d7124d26457c4919
Issue-ID: POLICY-3637
Signed-off-by: a.sreekumar <ajith.sreekumar@bell.ca>
|
|
|
|
This patch makes AAI to work on service mesh by removing https calls
from everywhere.
It allows also to use AAI on an environment without need of TLS.
Issue-ID: OOM-2670
Signed-off-by: Ondrej Frindrich <ondrej1.frindrich@orange.com>
Change-Id: I19adabc7b33c1ada243ec16f77dbf8fde19b1386
|
|
cps-temporal component added for cps-temporal-db and cps-temporal(application)
Issue-ID: CPS-482
Signed-off-by: puthuparambil.aditya <aditya.puthuparambil@bell.ca>
Change-Id: I91998e0d2e9f953f8579ee40d1670199155d3396
|
|
Cmd :"grep -o '"logURL":"[^"]*' "$file" | cut -d '"' -f4"
filters more then one logURL like below from feedConfig response log,
If both subs/pubs are present, which corrupts application config.
https://dmaap-dr-prov/feedlog/1
https://dmaap-dr-prov/sublog/1
Requirement is to filter only feedlog URL, with changes script
should correctly filter URL: https://dmaap-dr-prov/feedlog/1.
Issue-ID: DCAEGEN2-2910
Signed-off-by: ajay_dp001 <ajay.deep.singh@est.tech>
Change-Id: I2a67aad5c533f1b623737f56feeefb3a05f6373a
|
|
|
|
|
|
Instead of terminating TLS on SO POD, let's terminate it on its Ingress.
This patch uses certInitializer to create the right certificates and put them in
a secret.
This secret is then referenced on SO Ingress.
Issue-ID: SO-3078
Issue-ID: SO-3237
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Icdc8cf6fc84cb3b3c337b4f4e5320980eee06337
|
|
Bashisms of type (should be 'b = a') were all fixed previously
but a new one was reintroduced during the fixes of other types.
Also commit f79b6676cfdc380e004f184a21bb969b2824c06e moved
import-custom-cert shebang from bash to sh but substring syntaxes
similar to ${f: -4} and only supported by bash were not migrated.
Let's fix that alltogether
before enforcing the checkbashisms tox profile.
Issue-ID: OOM-2643
Issue-ID: POLICY-3232
Signed-off-by: guillaume.lambert <guillaume.lambert@orange.com>
Change-Id: Ie9b5ac1c2edd9ddf3574f09c77ca8734f2311d1d
|
|
1. Make changes in order to allow performing KUR/CR in EJBCA:
- Add Certificate Update Admin role
- Enable EndEntityAuthentication module
- Create and set CA with constant UID
- Add configuration for provider.
2. Update CertService, which provides with new certificate update
endpoint.
3. Update release-notes.
Issue-ID: OOM-2753
Issue-ID: OOM-2754
Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Change-Id: I9cb0cb4d6d6939ad229a4ea254f2bc35d45a3d52
Signed-off-by: Joanna Jeremicz <joanna.jeremicz@nokia.com>
|
|
Add prometheus service monitor template to common charts so that components
can reuse it to enable scraping of their metrics by prometheus.
Issue-ID: OOM-2710
Signed-off-by: Marat Salakhutdinov <marat.salakhutdinov@bell.ca>
Change-Id: Ifa8da676dec05192c518ba97208df60e5ec46f55
|
|
Add update for /etc/ssl/cacerts/ca-certificates.crt
Issue-ID: CCSDK-3356
Change-Id: I797aea054bb80db805f4791a288e89b102e1d662
Signed-off-by: Abdelmuhaimen Seaudi <abdelmuhaimen.seaudi@orange.com>
|