| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
1. Make changes in order to allow performing KUR/CR in EJBCA:
- Add Certificate Update Admin role
- Enable EndEntityAuthentication module
- Create and set CA with constant UID
- Add configuration for provider.
2. Update CertService, which provides with new certificate update
endpoint.
3. Update release-notes.
Issue-ID: OOM-2753
Issue-ID: OOM-2754
Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Change-Id: I9cb0cb4d6d6939ad229a4ea254f2bc35d45a3d52
Signed-off-by: Joanna Jeremicz <joanna.jeremicz@nokia.com>
|
|
Added the missing definition for imagePullSecrets in the
deployment.yaml of ejbca
to support the registryGenerator
Issue-ID: OOM-2791
Signed-off-by: andreas-geissler <andreas-geissler@telekom.de>
Change-Id: Ib5397889f7e1159c8cac472d2565065e90fcc83d
|
|
Update ejbca version from 6.15.2.5 to 7.4.3.2
Issue-ID: OOM-2649
Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Change-Id: I31929f6444e5a57b295d0664b2b1757992da8b8e
|
|
pointed out by checkbashisms.
$ tox -e checkbashisms |grep 'interpreter line' | cut -d' ' -f2
|xargs grep -lv '#!/bin/sh' | xargs sed -i -e '1i#!/bin/sh' -e '1i\\'
plus manual fixes
Issue-ID: OOM-2643
Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com>
Change-Id: Ic41fec6ebadd162cecf889f2b119ac82551bd21d
|
|
Updating the documentation and bumping version to 8.0.0
Issue-ID: OOM-1
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I6f942f1466fed64264c44fb8fc0e1ffc93a98f18
|
|
Add NGINX configuration so it can be run as non root.
Issue-ID: INT-1858
Signed-off-by: Othman Touijer <othman.touijer@soprasteria.com>
Change-Id: I8e313a49db0dfadf5c180c4415c7237ffd3635f9
|
|
Mariadb DB Galera containers version is outdated and unmaintained. We
need them to move to a new image provider.
As new image provider is not compatible with our old templates, we
also update the templates (by reworking bitnami mariadb-galera chart).
An update of global mariadb image is also done in order to match mariadb
galera version.
Issue-ID: OOM-1720
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ib9976227759e90022183d4f37fc655143be4d6ac
|
|
Helm 3.4 checks if every object have not empty name.
Created list have only one element and isn't described in k8s docs.
List should be removed.
Signed-off-by: Jakub Latusek <j.latusek@samsung.com>
Change-Id: I60fa1920a347ca8061b9c644f992c53b0bc99514
Issue-ID: OOM-2562
|
|
Update cert service and cert service client to allow IPAddresses,
E-mails and URIs as SANs.
Update ejbca configuration with IPAddresses, E-mail and URIs.
Fix dcae bp inputs to use comma as SANs delimiter (from to allow
use of IPv6)
Issue-ID: OOM-2559
Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com>
Change-Id: I71bea7f63540eb5d345bce6867fa25e098353d6d
|
|
Update charts and requirements to 7.0.0.
Create release notes for Guilin
Update documentation
Issue-ID: OOM-2638
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I965ed6b6ebb7d74bfddaff73edd3dd55a657841c
|
|
This commit makes Contrib chart to use the new generator for repositories and
images.
As new templates doesn't work well with "sub charts", we move also
subcharts to components folder.
Issue-ID: OOM-2364
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I33ca36a2b25e67fd9f74ae408cd34f58405d6b80
|
|
Having limits is important in order to have safe deployment.
EJBCA didn't had one so let's add them.
Issue-ID: OOM-2230
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I435afa6b0f065a66e180379b267227f4b8766478
|
|
Signed-off-by: Jakub Latusek <j.latusek@samsung.com>
Change-Id: I56a2ed47aedadcbce02e4e41f246e1e4183a4235
Issue-ID: OOM-2562
|
|
|
|
Helm is now called by HELM_BIN variable which by default is set to helm
and makefiles use helm from path. HELM_BIN can be overwritten so user
can have two version of helm in system and choose which one to use.
Signed-off-by: Jakub Latusek <j.latusek@samsung.com>
Issue-ID: OOM-2562
Change-Id: I0917796aafe234e87afa0ac3c4c15720296276d5
|
|
Set CSR Subject Organizational Unit and Locality to be optional
Issue-ID: OOM-2598
Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com>
Change-Id: Ibb5f0fe7f75a1191906d26521eb96a6b991a295c
|
|
Moving from NodePort to ClusterIP has made a regression.
This patch solves it.
Issue-ID: OOM-2556
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I6e2d87bf22bb8f25e6b25653f2954f04c1011800
|
|
|
|
This aims to fix the changes done in
https://gerrit.onap.org/r/c/oom/+/111509 which broke ejbca/netbox/awx
readiness image name pattern.
Change-Id: I65d2f19a96d43c61167d63eb047e960dc213c985
Issue-ID: OOM-2584
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
|
|
netbox is only used for testing purpose.
moving the service to ClusterIP is sufficient for that.
Issue-ID: REQ-364
Issue-ID: OOM-2556
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Id8d005a9bcb3fbb29cbf7e82d03a92e245deaaff
|
|
Add configuration to EJBCA that allows to create keystores with
extendedKeyUsage containing serverAuth.
Issue-ID: AAF-1121
Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com>
Change-Id: I6fc1d228acb4edc089be11d66186cfb5006e9ad1
|
|
Readiness container v3.x and up are now present in ONAP main repository.
They're also not using root user anymore and then script path has
changed.
Finally, "job_complete" script has been integrated in main "ready"
script.
As those changes are significant, we must upgrade all the components at
once.
Depends-On: I5afa83892043f4844afe12e61724a8d368a9f2e0
Issue-ID: OOM-2545
Signed-off-by: Grzegorz Lis <grzegorz.lis@nokia.com>
Change-Id: I0b4eb5dd86390273532d67d0a9696e1cfcadf110
|
|
Issue-ID: OOM-2452
Signed-off-by: Grzegorz Lis <grzegorz.lis@nokia.com>
Change-Id: I82aa47855716bb2647aea6aac29484b325d80ef0
|
|
Issue-ID: SDNC-1136
Change-Id: I863bd7b280701c503ba45af6ba8e85f48ea18cfb
Signed-off-by: egernug <gerard.nugent@est.tech>
|
|
netbox was using readiness image to run its job. This is not the
proper usage of this image and recently it started failing because
bash is no longer available in this image.
As the script does not containt bash-specific construcitons let's
change the image to curl one and just use whatever shell is there.
Issue-ID: OOM-2406
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I0cc99c6d8fe0dbe59ee982d255753d149fcdd3eb
|
|
postgres was not working with dynamic PV because of lost+found folder.
We changed the mount path to make it work.
Issue-ID: OOM-1227
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Id15fd089c56e339dbc5939cd28207b535e8ab86b
|
|
EJBCA Server is used to test that CMPv2 Certificate handling is well
done in ONAP.
Issue-ID: AAF-1083
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I5e2d25b68b5cd80d3c7bf282ce871dd81e711ff6
|
|
Instead of forcing installation of all contrib components, make the
installation of these components enabled with a toggle, so each person
can choose to install a subset, all or none.
Issue-ID: OOM-2352
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ie112fe1f1864587b9ac69f18967a3c28d16bdbbe
|
Piotr Marcinkiewicz
andreas-geissler
Guillaume Lambert
Sylvain Desbureaux
Othman Touijer
Jakub Latusek
Remigiusz Janeczek
Jakub Latusek
Krzysztof Opasiak
Bartek Grzybowski
Grzegorz-Lis
egernug