aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/common
AgeCommit message (Collapse)AuthorFilesLines
2021-10-04Merge "[COMMON] Update root certificates"Krzysztof Opasiak1-2172/+2719
2021-10-04Merge "[COMMON] Add and run pre-commit linters via tox"Sylvain Desbureaux1-3/+3
2021-10-01[COMMON] Update root certificatesSylvain Desbureaux1-2172/+2719
ONAP truststore is outdated so let's use one from Java 17 + add ONAP root CA. Issue-ID: OOM-1 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: If8a7dbf4c876ce89cf04080a97a7f67803d66c5f
2021-09-30[COMMON] Run timescale with postgres userBruno Sakoto2-2/+16
Timescale container is ran with postgres user and group which are defined with uid 70 and gid 70. Data volume owner is changed for postgres. See also: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ Issue-ID: CPS-667 Signed-off-by: Bruno Sakoto <bruno.sakoto@bell.ca> Change-Id: Ia87922ba68bb47a7a07aaf61f368143d970278b6
2021-09-26[COMMON] Add and run pre-commit linters via toxguillaume.lambert1-3/+3
- create a .pre-commit-config.yaml configuration file with * gitlint * trailing blanks linter * tabs removal linter - exclude .git folder from it - exclude Makefiles since tabs are mandatory by default in them - create a tox pre-commit profile to run it from tox note gitlint is not runnable at this pre-commit stage - create pre-commit-install and pre-commit-uninstall tox profiles to (un)install hooks locally and (un)perform tests at each "git commit" call (i.e. without calling manually the pre-commit tox profile) - precise pre-commit stages/types in the pre-commit configuration file so that hooks are installed correctly. This avoids messages about skipped tests when they are run at a wrong stage. Issue-ID: OOM-2643 Signed-off-by: guillaume.lambert <guillaume.lambert@orange.com> Change-Id: Ie95bb4f6f90be80b05a1398973caffeff7936881
2021-09-24Merge "[COMMON] Enforce checkbashisms tox profile"Krzysztof Opasiak3-4/+4
2021-09-22[COMMON] Fix genericKV cache generationKrzysztof Opasiak1-1/+10
Make sure that the envs sections gets tpl and cached properly. Issue-ID: OOM-1 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I4064bdf3204a61a30b7296503c99e7931bae8cd2
2021-09-22Merge "[SO] Add TLS configuration for SO API Ingress"Krzysztof Opasiak1-1/+3
2021-09-22[COMMON] Enforce checkbashisms tox profileGuillaume Lambert3-4/+4
- add checkbahims to tox.ini default profiles - remove -f options to unforce bashisms detection in explicit bash scripts and to differentiate treatments between bash and sh - migrate #!/bin/bash shebangs to #!/bin/sh for scripts without bashisms The following scripts have not been migrated since they still use bashisms difficult to migrate (mostly arrays - more details below) ./kubernetes/common/mariadb-init/resources/config/db_init.sh ./kubernetes/portal/components/portal-mariadb/resources/config/ \ mariadb/docker-entrypoint.sh ./kubernetes/helm/plugins/deploy/deploy.sh ./kubernetes/helm/plugins/undeploy/undeploy.sh ./kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh $ find . -not -path '*/\.*' -name *.sh -exec checkbashisms -f {} + 2>&1\ | grep line | cut -d' ' -f 7- | sort | uniq -c | sort -k1,1nr 18 (bash arrays, ${name[0|*|@]}): 2 (declare): 1 ($FUNCNAME): 1 (shopt): 1 (trap with ERR|DEBUG|RETURN): https://mywiki.wooledge.org/Bashism#Arrays https://mywiki.wooledge.org/Bashism#Special_Variables https://mywiki.wooledge.org/Bashism#Builtins https://www.oilshell.org/release/0.5.alpha2/test/spec.wwz/builtin-trap.html Issue-ID: OOM-2643 Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com> Change-Id: Id06ad1d45004321a293bdd26038d8da5f7b6b4ac
2021-09-21Merge "[COMMON] Replace tabs by 4 ws in shell scripts"Sylvain Desbureaux1-44/+44
2021-09-21Merge "[COMMON] Fix db-metrics readiness timeout issue"Sylvain Desbureaux2-6/+31
2021-09-20[COMMON] Replace tabs by 4 ws in shell scriptsguillaume.lambert1-44/+44
with the following command $ find . -not -path '*/\.*' -name *.sh -exec sed -i 's/\t/ /g' {} + then realign manually what deserves it and in particular, unindent some EOF scripting tags so they do not trigger errors. Issue-ID: OOM-2643 Signed-off-by: guillaume.lambert <guillaume.lambert@orange.com> Change-Id: Ibfa463ec8083d5a39de18a54d9c1d8746710fe03
2021-09-16Merge "[OOM] Fix Feed Provisioning for DFC"Sylvain Desbureaux1-1/+1
2021-09-16[COMMON] Fix db-metrics readiness timeout issuea.sreekumar2-6/+31
DB connection from Policy Framework components fail intermittently with Connection refused error. Upon investigation, identified that mariadb-metrics readiness is failing with timeout, and thereby affecting the db connectivity intermittently. So, changing readiness timeout from 1 second to 5 seconds so that there is enough time to get back the /metrics response and readiness can pass. Also making the properties configurable. Similar issue could happen in other components too. Change-Id: I8dfbfeb0fe791c1bce373dd9d7124d26457c4919 Issue-ID: POLICY-3637 Signed-off-by: a.sreekumar <ajith.sreekumar@bell.ca>
2021-09-14Merge "[AAI] Service Mesh compatibility"Sylvain Desbureaux2-0/+22
2021-09-13[AAI] Service Mesh compatibilityosk114612-0/+22
This patch makes AAI to work on service mesh by removing https calls from everywhere. It allows also to use AAI on an environment without need of TLS. Issue-ID: OOM-2670 Signed-off-by: Ondrej Frindrich <ondrej1.frindrich@orange.com> Change-Id: I19adabc7b33c1ada243ec16f77dbf8fde19b1386
2021-09-13[CPS] Charts added for repo cps-cps-temporalputhuparambil.aditya10-0/+398
cps-temporal component added for cps-temporal-db and cps-temporal(application) Issue-ID: CPS-482 Signed-off-by: puthuparambil.aditya <aditya.puthuparambil@bell.ca> Change-Id: I91998e0d2e9f953f8579ee40d1670199155d3396
2021-09-10[OOM] Fix Feed Provisioning for DFCajay_dp0011-1/+1
Cmd :"grep -o '"logURL":"[^"]*' "$file" | cut -d '"' -f4" filters more then one logURL like below from feedConfig response log, If both subs/pubs are present, which corrupts application config. https://dmaap-dr-prov/feedlog/1 https://dmaap-dr-prov/sublog/1 Requirement is to filter only feedlog URL, with changes script should correctly filter URL: https://dmaap-dr-prov/feedlog/1. Issue-ID: DCAEGEN2-2910 Signed-off-by: ajay_dp001 <ajay.deep.singh@est.tech> Change-Id: I2a67aad5c533f1b623737f56feeefb3a05f6373a
2021-09-09Merge "[OOM] Update Linux SSL Truststore /etc/ssl"Sylvain Desbureaux2-0/+16
2021-09-09Merge "[CONTRIB] Introduce certificate update use case in CertService"Sylvain Desbureaux1-1/+1
2021-09-08[SO] Add TLS configuration for SO API IngressSylvain Desbureaux1-1/+3
Instead of terminating TLS on SO POD, let's terminate it on its Ingress. This patch uses certInitializer to create the right certificates and put them in a secret. This secret is then referenced on SO Ingress. Issue-ID: SO-3078 Issue-ID: SO-3237 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Icdc8cf6fc84cb3b3c337b4f4e5320980eee06337
2021-09-07[COMMON] Fix bashisms in import-custom-certguillaume.lambert1-5/+4
Bashisms of type (should be 'b = a') were all fixed previously but a new one was reintroduced during the fixes of other types. Also commit f79b6676cfdc380e004f184a21bb969b2824c06e moved import-custom-cert shebang from bash to sh but substring syntaxes similar to ${f: -4} and only supported by bash were not migrated. Let's fix that alltogether before enforcing the checkbashisms tox profile. Issue-ID: OOM-2643 Issue-ID: POLICY-3232 Signed-off-by: guillaume.lambert <guillaume.lambert@orange.com> Change-Id: Ie9b5ac1c2edd9ddf3574f09c77ca8734f2311d1d
2021-09-06[CONTRIB] Introduce certificate update use case in CertServicePiotr Marcinkiewicz1-1/+1
1. Make changes in order to allow performing KUR/CR in EJBCA: - Add Certificate Update Admin role - Enable EndEntityAuthentication module - Create and set CA with constant UID - Add configuration for provider. 2. Update CertService, which provides with new certificate update endpoint. 3. Update release-notes. Issue-ID: OOM-2753 Issue-ID: OOM-2754 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: I9cb0cb4d6d6939ad229a4ea254f2bc35d45a3d52 Signed-off-by: Joanna Jeremicz <joanna.jeremicz@nokia.com>
2021-09-06[COMMON] Add prometheus service monitor templateMarat Salakhutdinov2-35/+169
Add prometheus service monitor template to common charts so that components can reuse it to enable scraping of their metrics by prometheus. Issue-ID: OOM-2710 Signed-off-by: Marat Salakhutdinov <marat.salakhutdinov@bell.ca> Change-Id: Ifa8da676dec05192c518ba97208df60e5ec46f55
2021-09-05[OOM] Update Linux SSL Truststore /etc/sslAbdelmuhaimen Seaudi2-0/+16
Add update for /etc/ssl/cacerts/ca-certificates.crt Issue-ID: CCSDK-3356 Change-Id: I797aea054bb80db805f4791a288e89b102e1d662 Signed-off-by: Abdelmuhaimen Seaudi <abdelmuhaimen.seaudi@orange.com>
2021-09-01Merge "[DCAE] Helm charts for SNMPTrap collector"Sylvain Desbureaux1-1/+15
2021-08-31Merge "[COMMON] Fix ${p^^} bashisms"Krzysztof Opasiak2-4/+4
2021-08-28[COMMON] Fix ${p^^} bashismsGuillaume Lambert2-4/+4
pointed out by checkbashisms Issue-ID: OOM-2643 Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com> Change-Id: I34d828ac4ab27b5ce6547a20aecc610cdcecf00e
2021-08-27[DCAE] Helm charts for SNMPTrap collectorVijay Venkatesh Kumar1-1/+15
Helm deployment support for DCAE transformation common/svc template support for UDP protocol. Added readiness configuration. Change-Id: Idc40c60d95ddd5eb0ef43ba0b11b7b163970a5b1 Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com> Issue-ID: DCAEGEN2-2708 Issue-ID: OOM-2751 Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com>
2021-08-27[COMMON] Fix handling affinity block for mariadb-galeraPrabhjot Singh Sethi2-5/+5
fix matchExpressions under nodeSelectorTerms to indicating array construct. there is no helm tpl defined with common.tplvalues, fixing it to use common.tplValue Issue-ID: OOM-2800 Signed-off-by: Prabhjot Singh Sethi <prabhjot@aarnanetworks.com> Change-Id: I572ee30af745aa7f10c8438ea9516534e71d5acd
2021-07-20Merge "[COMMON] Fix a docker-entrypoint function name"Krzysztof Opasiak1-4/+4
2021-07-13[DCAEGEN2] Deploy DCAEGEN2-DFC Microservices to Helmajay_dp0013-1/+195
- DCAE Helm Transformation (Phase-2) - Charts for the microservices are found under - oom/kubernetes/dcaegen2-services/dcae-datafile-collector Issue-ID: DCAEGEN2-2715 Signed-off-by: ajay_dp001 <ajay.deep.singh@est.tech> Change-Id: I6efa2d4cd9e838a7befaf16576f8e94ad0a3ef0f
2021-07-13Merge "[COMMON] Added imagePullSecrets to common template files with some fix"Sylvain Desbureaux6-0/+12
2021-07-13Merge "[OOM] Update Cassandra in common with service account"Sylvain Desbureaux3-0/+10
2021-07-12[COMMON] Added imagePullSecrets to common template files with some fixandreas-geissler6-0/+12
Added the missing definition for imagePullSecrets in the statefulsets.yaml deployment.yaml to support the registryGenerator Issue-ID: OOM-2789 Signed-off-by: andreas-geissler <andreas-geissler@telekom.de> Change-Id: I013ba52c9c49f95cd3d53fcaa9eb084adcbfe662
2021-07-12[OOM] Update Cassandra in common with service accountfarida azmy3-0/+10
Add service account to requirements.yaml, values.yaml and deployment/statefulset Issue-ID: OOM-2703 Signed-off-by: farida azmy <farida.azmy.ext@orange.com> Co-authored-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I226584b16b2cd1c22a4e71eb48ad95d974640006
2021-07-07Merge "[CASSANDRA] Don't listen on localhost when on mesh"Borislav Glozman1-8/+0
2021-06-30Merge "[COMMON] Apply changes for mariadb-init project"Sylvain Desbureaux1-6/+6
2021-06-30[CASSANDRA] Don't listen on localhost when on meshSylvain Desbureaux1-8/+0
With istio >= 1.10, cassandra doesn't need anymore to listen on 127.0.0.1. Issue-ID: OOM-2252 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ib3817f5404a21a96a6fadc76b5cd501b01e9ab25
2021-06-30Merge "[COMMON][ES] Simplify cert retrieval script"Borislav Glozman1-1/+0
2021-06-30[COMMON] Apply changes for mariadb-init projectMahmoud Abdelhamid1-6/+6
Two changes are intended with this commit: - (for proper name mapping) Update VolumeMounts names to be: (mariadb-init for mountPath /db-init/) (mariadb-conf for mountPath /db-conf/) originally it was reversed. - Make use of (common.mariadbService) and (common.mariadbPort) defined in (common/templates/_mariadb.tpl) into job.yaml. This will reflect the proper values for mariadb service name and port in case of local installation. Issue-ID: OOM-2737 Signed-off-by: Mahmoud Abdelhamid <mahmoud.abdelhamid@orange.com> Change-Id: I303f8d5f56632289d8dfd2f2ba8c35819a4f871c
2021-06-30[COMMON] Fix a docker-entrypoint function nameGuillaume Lambert1-4/+4
pointed out by checkbashisms. Issue-ID: OOM-2643 Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com> Change-Id: I1915d4fcbf38b32180d5a7caa36531ad2fc798a9
2021-06-23Merge "[OOM][DCAE] Chartmuseum deployment support"Sylvain Desbureaux2-0/+22
2021-06-22Merge changes from topic "appc-common-db"Sylvain Desbureaux1-1/+2
* changes: [OOF] Use the common mariadb-galera instance [COMMON] Add port under mariadb-galera chart
2021-06-21[OOM][DCAE] Chartmuseum deployment supportVijay Venkatesh Kumar2-0/+22
Introduction of chartmuseum as internal repo for ONAP components to push/pull charts post instantiation + Script to preload charts to this repo Change-Id: I4880900548dfe1d3e47a67b3822f82a15314b5b7 Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com> Issue-ID: DCAEGEN2-2630 Issue-ID: OOM-2734 Issue-ID: INT-1895 Issue-ID: DCAEGEN2-2694 Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com> Signed-off-by: vv770d <vv770d@att.com>
2021-06-21Merge "[COMMON] Fix ${!name} bashisms"Sylvain Desbureaux2-4/+15
2021-06-16[COMMON] Fix $BASH_SOURCE and pushd/popd bashismsGuillaume Lambert1-1/+1
pointed out by checkbashisms. Issue-ID: OOM-2643 Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com> Change-Id: Ic9c4edc0fc6bd94a95bcb85d84379e868fb09930
2021-06-16[COMMON] Add port under mariadb-galera chartMahmoud Abdelhamid1-1/+2
Update mariadb-galera chart to add internalport value under (.Values. service) to resolve the port settings needed for the template (common. mariadbPort) under (common/_mariadb.tpl). This parameter will use the default value of mariadb 3306 which can be changed in component charts. Issue-ID: OOM-2773 Signed-off-by: Mahmoud Abdelhamid <mahmoud.abdelhamid@orange.com> Change-Id: I0d59ba42f07426b14ec7bc7f157392b5f10b9006
2021-06-11[COMMON] Fix docker-registry-key empty credsSatoshi Fujii1-1/+1
When image repository does not allow anonymous pull, image pull failed due to empty credentials in docker-registry-key secret. This change fixes _repository.tpl repository generator to refer to .global.repositoryCred in override.yaml . Issue-ID: OOM-2767 Signed-off-by: Satoshi Fujii <fujii-satoshi@jp.fujitsu.com> Change-Id: I3cd7eabcdda547e99e0461767a0451dc1e51132b
2021-06-11Merge "[COMMON][DGBUILDER] Update chart with service account"Sylvain Desbureaux3-0/+9