summaryrefslogtreecommitdiffstats
path: root/kubernetes/contrib
AgeCommit message (Collapse)AuthorFilesLines
2021-09-06[CONTRIB] Introduce certificate update use case in CertServicePiotr Marcinkiewicz3-1/+28
1. Make changes in order to allow performing KUR/CR in EJBCA: - Add Certificate Update Admin role - Enable EndEntityAuthentication module - Create and set CA with constant UID - Add configuration for provider. 2. Update CertService, which provides with new certificate update endpoint. 3. Update release-notes. Issue-ID: OOM-2753 Issue-ID: OOM-2754 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: I9cb0cb4d6d6939ad229a4ea254f2bc35d45a3d52 Signed-off-by: Joanna Jeremicz <joanna.jeremicz@nokia.com>
2021-08-28[COMMON] Fix non-breaking spaces in shell scriptsguillaume.lambert1-1/+1
Non-breaking spaces (0xa0) are interpreted differently than spaces, what makes shell scripts debugging very tricky. Issue-ID: OOM-264 Signed-off-by: guillaume.lambert <guillaume.lambert@orange.com> Change-Id: Ica60bdc1274ae6f949c1df1cbef0836abd249654
2021-07-21Merge "[CONTRIB] Added imagePullSecrets to common template files"Sylvain Desbureaux1-0/+2
2021-07-20[CONTRIB] Added imagePullSecrets to common template filesandreas-geissler1-0/+2
Added the missing definition for imagePullSecrets in the deployment.yaml of ejbca to support the registryGenerator Issue-ID: OOM-2791 Signed-off-by: andreas-geissler <andreas-geissler@telekom.de> Change-Id: Ib5397889f7e1159c8cac472d2565065e90fcc83d
2021-06-29[COMMON] Fix read -s, echo -e and $'...' bashismsGuillaume Lambert1-2/+2
pointed out by checkbashisms. Issue-ID: OOM-2643 Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com> Change-Id: I527f9b8dcad98a5dd9eb30390d26c95c1d918c09
2021-06-23Merge "[OOM][DCAE] Chartmuseum deployment support"Sylvain Desbureaux1-0/+118
2021-06-21[OOM][DCAE] Chartmuseum deployment supportVijay Venkatesh Kumar1-0/+118
Introduction of chartmuseum as internal repo for ONAP components to push/pull charts post instantiation + Script to preload charts to this repo Change-Id: I4880900548dfe1d3e47a67b3822f82a15314b5b7 Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com> Issue-ID: DCAEGEN2-2630 Issue-ID: OOM-2734 Issue-ID: INT-1895 Issue-ID: DCAEGEN2-2694 Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com> Signed-off-by: vv770d <vv770d@att.com>
2021-06-16[COMMON] Fix $BASH_SOURCE and pushd/popd bashismsGuillaume Lambert1-3/+4
pointed out by checkbashisms. Issue-ID: OOM-2643 Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com> Change-Id: Ic9c4edc0fc6bd94a95bcb85d84379e868fb09930
2021-05-17[COMMON] Fix condition bracket bashisms - step 2Guillaume Lambert3-5/+9
pointed out by checkbashisms $ mycmd=$(tox -e checkbashisms | grep '(\[\[ foo \]\] should be \[ foo \])' | sed -e "s@^[^.]*\(.[^ ]*\) line \([0-9]*\) .*@sed -i '\2s/\\\[\\\[\\\( [^]]*\\\)\\\]\\\]/[\\\1]/g' \1;@") $ eval $mycmd plus fix manually quoting hells induced and bash specific regex and multi-conditions Issue-ID: OOM-2643 Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com> Change-Id: Ia9626256b5efc837ba12b25d351c8d8a0ba75fb4
2021-05-11[CONTRIB] Update ejbca to the newest versionPiotr Marcinkiewicz1-1/+1
Update ejbca version from 6.15.2.5 to 7.4.3.2 Issue-ID: OOM-2649 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: I31929f6444e5a57b295d0664b2b1757992da8b8e
2021-04-16[COMMON] Fix condition equality bashismsGuillaume Lambert4-9/+9
pointed out by checkbashisms. $ mycmd=$(tox -e checkbashisms | grep "(should be 'b = a')" | sed -e "s@^[^.]*\(.[^ ]*\) line \([0-9]*\) .*@sed -i -e '\2s/==/=/g' \1;@") $ eval $mycmd Issue-ID: OOM-2643 Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com> Change-Id: I9032130bc4717e111de11a73187c2f1052376e45
2021-04-13[COMMON] Fix shell scripts missing shebangsGuillaume Lambert1-0/+2
pointed out by checkbashisms. $ tox -e checkbashisms |grep 'interpreter line' | cut -d' ' -f2 |xargs grep -lv '#!/bin/sh' | xargs sed -i -e '1i#!/bin/sh' -e '1i\\' plus manual fixes Issue-ID: OOM-2643 Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com> Change-Id: Ic41fec6ebadd162cecf889f2b119ac82551bd21d
2021-03-24[DOC][COMMON] Prepare Honolulu releaseSylvain Desbureaux16-37/+37
Updating the documentation and bumping version to 8.0.0 Issue-ID: OOM-1 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I6f942f1466fed64264c44fb8fc0e1ffc93a98f18
2021-03-21[CONTRIB][AWX] Fix Web InterfaceOthman Touijer3-1/+107
Add NGINX configuration so it can be run as non root. Issue-ID: INT-1858 Signed-off-by: Othman Touijer <othman.touijer@soprasteria.com> Change-Id: I8e313a49db0dfadf5c180c4415c7237ffd3635f9
2021-01-06[CMPV2] Add a template for Certificate (cert-manager)Jan Malkiewicz1-0/+1
This commit introduces a template for requesting a cert-manager certificate. See: https://cert-manager.io. It consist of the following parts: - a template for creating certificate in commons component - a definition of a certifcate object in sdnc component Issue-ID: OOM-2568 Signed-off-by: Jan Malkiewicz <jan.malkiewicz@nokia.com> Change-Id: If58b8f12eff075d058db5a0fee3b2db5c2c93a17
2020-12-14[COMMON][MARIADB] Upgrade Mariadb DB galera versionSylvain Desbureaux1-7/+9
Mariadb DB Galera containers version is outdated and unmaintained. We need them to move to a new image provider. As new image provider is not compatible with our old templates, we also update the templates (by reworking bitnami mariadb-galera chart). An update of global mariadb image is also done in order to match mariadb galera version. Issue-ID: OOM-1720 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ib9976227759e90022183d4f37fc655143be4d6ac
2020-12-09[CONTRIB] Remove list from serviceaccountJakub Latusek1-15/+12
Helm 3.4 checks if every object have not empty name. Created list have only one element and isn't described in k8s docs. List should be removed. Signed-off-by: Jakub Latusek <j.latusek@samsung.com> Change-Id: I60fa1920a347ca8061b9c644f992c53b0bc99514 Issue-ID: OOM-2562
2020-12-02[PLATFORM] Update cert service images to 2.3.1Remigiusz Janeczek1-4/+175
Update cert service and cert service client to allow IPAddresses, E-mails and URIs as SANs. Update ejbca configuration with IPAddresses, E-mail and URIs. Fix dcae bp inputs to use comma as SANs delimiter (from to allow use of IPv6) Issue-ID: OOM-2559 Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com> Change-Id: I71bea7f63540eb5d345bce6867fa25e098353d6d
2020-11-30[COMMON][DOC] Bump version GuilinSylvain Desbureaux16-35/+35
Update charts and requirements to 7.0.0. Create release notes for Guilin Update documentation Issue-ID: OOM-2638 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I965ed6b6ebb7d74bfddaff73edd3dd55a657841c
2020-11-29[CONTRIB] Uses new tpls for repos / imagesSylvain Desbureaux73-177/+456
This commit makes Contrib chart to use the new generator for repositories and images. As new templates doesn't work well with "sub charts", we move also subcharts to components folder. Issue-ID: OOM-2364 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I33ca36a2b25e67fd9f74ae408cd34f58405d6b80
2020-11-18Merge "[CONTRIB] Add requests/limits to EJBCA"Krzysztof Opasiak2-1/+22
2020-11-03Improve anti-staging checker.Jakub Latusek1-0/+46
Checking if images are in release repository. Signed-off-by: Jakub Latusek <j.latusek@samsung.com> Issue-ID: OOM-2616 Change-Id: Ibb4f7e51fb3a1afcebaecd04ca3e1a4bf62dd467
2020-11-02[CONTRIB] Add requests/limits to EJBCASylvain Desbureaux2-1/+22
Having limits is important in order to have safe deployment. EJBCA didn't had one so let's add them. Issue-ID: OOM-2230 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I435afa6b0f065a66e180379b267227f4b8766478
2020-10-22Merge "[Tree-wide] Add helmignore to ignore components"Sylvain Desbureaux1-0/+1
2020-10-21[CONTRIB] change comment styleJakub Latusek7-0/+14
Signed-off-by: Jakub Latusek <j.latusek@samsung.com> Change-Id: I56a2ed47aedadcbce02e4e41f246e1e4183a4235 Issue-ID: OOM-2562
2020-10-21[Tree-wide] Add helmignore to ignore componentsKrzysztof Opasiak1-0/+1
components directory takes up a lot of space and is included during helm package Lets remove it using .helmignore This is just a copy of idea showed in: "[OOF] Add helmignore to ignore components" by krishnaa96 <krishna.moorthy6@wipro.com> Issue-ID: OOM-2534 Suggested-by: krishnaa96 <krishna.moorthy6@wipro.com> Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I25c82e79ba2c472b7761a63365573188ab8db56b
2020-10-20Merge "Update makefiles to use specific helm version"Krzysztof Opasiak3-6/+9
2020-10-16Update makefiles to use specific helm versionJakub Latusek3-6/+9
Helm is now called by HELM_BIN variable which by default is set to helm and makefiles use helm from path. HELM_BIN can be overwritten so user can have two version of helm in system and choose which one to use. Signed-off-by: Jakub Latusek <j.latusek@samsung.com> Issue-ID: OOM-2562 Change-Id: I0917796aafe234e87afa0ac3c4c15720296276d5
2020-10-14[CONTRIB] Fix EJBCA configurationRemigiusz Janeczek1-3/+3
Set CSR Subject Organizational Unit and Locality to be optional Issue-ID: OOM-2598 Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com> Change-Id: Ibb5f0fe7f75a1191906d26521eb96a6b991a295c
2020-10-13[CONTRIB] Make netbox nginx service work againSylvain Desbureaux1-1/+1
Moving from NodePort to ClusterIP has made a regression. This patch solves it. Issue-ID: OOM-2556 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I6e2d87bf22bb8f25e6b25653f2954f04c1011800
2020-10-13Merge "[CONTRIB] Move Netbox service to ClusterIP"Krzysztof Opasiak1-1/+1
2020-10-05[CONTRIB] Fix chart subcomponent's readiness image name patternBartek Grzybowski6-5/+8
This aims to fix the changes done in https://gerrit.onap.org/r/c/oom/+/111509 which broke ejbca/netbox/awx readiness image name pattern. Change-Id: I65d2f19a96d43c61167d63eb047e960dc213c985 Issue-ID: OOM-2584 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-10-01[CONTRIB] Move Netbox service to ClusterIPSylvain Desbureaux1-1/+1
netbox is only used for testing purpose. moving the service to ClusterIP is sufficient for that. Issue-ID: REQ-364 Issue-ID: OOM-2556 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Id8d005a9bcb3fbb29cbf7e82d03a92e245deaaff
2020-09-15[CONTRIB] Adjust EJBCA to issue certificates usable by servers.Remigiusz Janeczek5-0/+1551
Add configuration to EJBCA that allows to create keystores with extendedKeyUsage containing serverAuth. Issue-ID: AAF-1121 Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com> Change-Id: I6fc1d228acb4edc089be11d66186cfb5006e9ad1
2020-09-04[GENERAL] Use readiness container v3.0.1Sylvain Desbureaux7-14/+11
Readiness container v3.x and up are now present in ONAP main repository. They're also not using root user anymore and then script path has changed. Finally, "job_complete" script has been integrated in main "ready" script. As those changes are significant, we must upgrade all the components at once. Depends-On: I5afa83892043f4844afe12e61724a8d368a9f2e0 Issue-ID: OOM-2545 Signed-off-by: Grzegorz Lis <grzegorz.lis@nokia.com> Change-Id: I0b4eb5dd86390273532d67d0a9696e1cfcadf110
2020-07-10Make CONTRIB compatible with Kubernetes v1.17Grzegorz-Lis5-5/+17
Issue-ID: OOM-2452 Signed-off-by: Grzegorz Lis <grzegorz.lis@nokia.com> Change-Id: I82aa47855716bb2647aea6aac29484b325d80ef0
2020-05-28[CONTRIB] Change EJBCA to work on HTTP 8080egernug1-0/+1
Issue-ID: SDNC-1136 Change-Id: I863bd7b280701c503ba45af6ba8e85f48ea18cfb Signed-off-by: egernug <gerard.nugent@est.tech>
2020-05-26[CONTRIB] Use proper image for netbox provision jobKrzysztof Opasiak3-3/+6
netbox was using readiness image to run its job. This is not the proper usage of this image and recently it started failing because bash is no longer available in this image. As the script does not containt bash-specific construcitons let's change the image to curl one and just use whatever shell is there. Issue-ID: OOM-2406 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I0cc99c6d8fe0dbe59ee982d255753d149fcdd3eb
2020-04-23[Contrib] Make Postgres work when using dynamic PVSylvain Desbureaux2-2/+2
postgres was not working with dynamic PV because of lost+found folder. We changed the mount path to make it work. Issue-ID: OOM-1227 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Id15fd089c56e339dbc5939cd28207b535e8ab86b
2020-04-15[Contrib] Add EJBCA ServerSylvain Desbureaux11-6/+334
EJBCA Server is used to test that CMPv2 Certificate handling is well done in ONAP. Issue-ID: AAF-1083 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I5e2d25b68b5cd80d3c7bf282ce871dd81e711ff6
2020-04-08[Contrib] Authorize choice of subcomponentsSylvain Desbureaux67-1/+37
Instead of forcing installation of all contrib components, make the installation of these components enabled with a toggle, so each person can choose to install a subset, all or none. Issue-ID: OOM-2352 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ie112fe1f1864587b9ac69f18967a3c28d16bdbbe
2020-04-02Bump chart versionSylvain Desbureaux11-11/+11
Use 6.0.0 in preparation for Frankfurt release Issue-ID: OOM-2320 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I8ad82dfdf48b56c38c0e85d640b18cc13c8d9e67
2020-04-01Merge "MetalLB install script for bare metal cluster"Krzysztof Opasiak1-0/+85
2020-04-01Merge "Remove unneded LoadBalancer annotation"Krzysztof Opasiak1-2/+0
2020-04-01Merge "Remove redundant Ingress service config"Krzysztof Opasiak1-23/+0
2020-04-01Add support for metal LB in DNS deploy scriptLucjan Bryndza1-4/+33
Extract ingress controller IP address which is same as node where the metalLB is deployed Signed-off-by: Lucjan Bryndza <l.bryndza@samsung.com> Issue-ID: OOM-2289 Change-Id: I16e6d1704e54b679cb39caa3c720538a5ff60a60
2020-03-31MetalLB install script for bare metal clusterLucjan Bryndza1-0/+85
If Ingress controller is exposed via NodePort it listens on non standard port, so it can be quite problematic. Exposing via LoadBalancer doesn't work properly on bare metal Kubernetes cluster, so external LB solution is needed. Signed-off-by: Lucjan Bryndza <l.bryndza@samsung.com> Change-Id: I9a2032e8501caca7c3a564f6bbcf969fdde31da2 Issue-ID: OOM-2346
2020-03-30Remove unneded LoadBalancer annotationLucjan Bryndza1-2/+0
Remove unneeded NLB annotation, because NLB doesn't work correctly in the current version of kurnetes switch to Metallb Change-Id: I1111a39a639627892a74f12b428a2daa5ff5ff09 Signed-off-by: Lucjan Bryndza <l.bryndza@samsung.com> Issue-ID: OOM-2341 Signed-off-by: Lucjan Bryndza <l.bryndza@samsung.com>
2020-03-30Remove redundant Ingress service configLucjan Bryndza1-23/+0
Initial version of the script configures ingress controller service as LoadBalancer and switches it immediately to NodePort Signed-off-by: Lucjan Bryndza <l.bryndza@samsung.com> Issue-ID: OOM-2341 Change-Id: If741fd2413978ed76bf0678a83c42ac2905042ca
2020-03-24Fix wrong underscore configurationLucjan Bryndza1-1/+1
Underscore configuration should be true Signed-off-by: Lucjan Bryndza <l.bryndza@samsung.com> Issue-ID: PORTAL-806 Change-Id: I88b840e4b8ccd6c635c835ded6e783843aabc10c