Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
Update cert service and cert service client to allow IPAddresses,
E-mails and URIs as SANs.
Update ejbca configuration with IPAddresses, E-mail and URIs.
Fix dcae bp inputs to use comma as SANs delimiter (from to allow
use of IPv6)
Issue-ID: OOM-2559
Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com>
Change-Id: I71bea7f63540eb5d345bce6867fa25e098353d6d
|
|
After renaming truststore-merger to cert-service-post-processor
it is neccesary to update k8s-plugin config value, bootstrap and cm-container versions.
Issue-ID: DCAEGEN2-2508
Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Change-Id: I7c52f79ba98102377712dce690cd8be176d19ce8
|
|
This commit makes DCAE chart to use the new generator for repositories and
images.
Issue-ID: OOM-2364
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ib0ba117864a95750ee5762636d94d22e9d029959
|
|
Service name change to avoid conflict with VES-TLS
Change-Id: I68cb87de1e1707fe8d7b37ae361baa95fd5e6f64
Signed-off-by: vv770d <vv770d@att.com>
Issue-ID: DCAEGEN2-2520
|
|
Signed-off-by: Jakub Latusek <j.latusek@samsung.com>
Change-Id: I91948802ecb1999fac4d0cc3cd70367844b07a8b
Issue-ID: OOM-2562
|
|
Bootstrapped components updates
VES version bump to 1.7.8
TCAGen2 version bump to 1.2.1
Holmes version bump to 1.2.8
Dynamic/Usecase driven component updates
DL-DES blueprint inclusion (1.1.0)
Slice-Analysis blueprint inclusion (1.0.0)
Heartbeat bp update for non-root PG access
DL-handlers logging and container optimization (1.1.0)
PMSH bug fix (1.1.2)
Change-Id: I4d48030ca0d74af4e158db6d05c035365988e5d4
Signed-off-by: vv770d <vv770d@att.com>
Issue-ID: DCAEGEN2-2491
Issue-ID: DCAEGEN2-2478
Issue-ID: DCAEGEN2-2469
Issue-ID: DCAEGEN2-2470
Issue-ID: DCAEGEN2-2255
Issue-ID: DCAEGEN2-2482
Issue-ID: DCAEGEN2-2329
Issue-ID: DCAEGEN2-2258
Issue-ID: DCAEGEN2-2371
Issue-ID: DCAEGEN2-2379
Issue-ID: DCAEGEN2-2486
Issue-ID: DCAEGEN2-2483
Signed-off-by: vv770d <vv770d@att.com>
|
|
|
|
Control loop output from TCAGen2 is expected on
DCAE_CL_OUTPUT topic by Policy (which is used triggering
further action)
Change-Id: I1f33b9e79b5101484ca74ce5b7e9054c7a19ff17
Signed-off-by: vv770d <vv770d@att.com>
Issue-ID: DCAEGEN2-2467
Signed-off-by: vv770d <vv770d@att.com>
|
|
|
|
Bump up Ves version in values to use 1.7.6, additionally added default urls for 3gpp to input parameters.
Issue-ID: DCAEGEN2-1771
Signed-off-by: Edyta Krukowska <edyta.krukowska@nokia.com>
Change-Id: I5551e5ad6bc7d8a013b28943f391473a173be577
|
|
Update bootstrap and cloudify-manager with k8splugin 3.4.2
which fixes healthcheck for components deployed by cloudify
Provide inputs for new VES and HV-VES blueprints
k8s-ves and k8s-hvves blueprints will use the inputs for
certificates from CMPv2 in case use_external_tls=true
Issue-ID: DCAEGEN2-1794
Issue-ID: DCAEGEN2-2195
Issue-ID: DCAEGEN2-2433
Signed-off-by: Joanna Jeremicz <joanna.jeremicz@nokia.com>
Change-Id: I1cba83a391292d82ec7bca661bdf34155da8c2d4
|
|
Top up certservice-api image
Update config for k8splugin 3.4.1:
- update images of certservice-client
- add certservice-client secret name to config
- add certservice-post-processor image to config
CertPostProcessor is an application which appends CMPv2
truststore entries to AAF CertMan truststore and allows
swapping AAF CertMan keystore for CMPv2 keystore.
Issue-ID: DCAEGEN2-2253
Signed-off-by: Jan Malkiewicz <jan.malkiewicz@nokia.com>
Change-Id: Icc7020d8e1431f4ba2f49206b84bf3930d3c2c23
|
|
aaf-cert-service has been renamed to oom-cert-service and moved from oom/kubernetes/aaf/components to oom/kubernetes/platform/components.
All aaf-cert-service references have been replaced with oom-cert-service.
Issue-ID: OOM-2526
Change-Id: I70ef4bf3ee7085a5ef7075bde68eb0ea0a95ebf7
Signed-off-by: Maciej Malewski <maciej.malewski@nokia.com>
|
|
Redis installation removed (was used by tca/cdap)
SCH java11 upgraded
Tca-gen2 (java 11, sec vul, policy reconfig)
Change-Id: Ia6801d789d675136755cd217cb79f532a625685c
Signed-off-by: vv770d <vv770d@att.com>
Issue-ID: DCAEGEN2-2342
Issue-ID: DCAEGEN2-2330
Issue-ID: DCAEGEN2-2198
Issue-ID: DCAEGEN2-2266
Issue-ID: DCAEGEN2-2285
Signed-off-by: vv770d <vv770d@att.com>
|
|
Add configuration supporting dealing with CMPv2 certs in K8s plugin.
Remove outputType from global values to allow it be specific for service.
Issue-ID: DCAEGEN2-2252
Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Change-Id: Iedb9c3f63a539a386b9abd5d257c54f5ce023662
|
|
Even through we use common secret template both passwords are still
hardcoded in common postgres chart but this will be removed as a final
step just like we did for mariadb-galera.
Issue-ID: OOM-2250
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Icaa5334d6ebad4fbce23ed4f59b74448c02783cf
|
|
In R6, the DMaaP provisioning server (DMaaP BC) exposes its
API via HTTPS only. The DMaaP plugin must be configured to
use HTTPS to access DMaaP BC.
Issue-ID: DCAEGEN2-2193
Signed-off-by: Jack Lucas <jflucas@research.att.com>
Change-Id: Ic80b1d05fe8666a5df87af647c66b2d2bca31def
|
|
dcae-bootstrap (1.12.4)
PMSH 1.0.2 bp update
Disable VES/HTTP (OJSI-116)
dcae-healthcheck 1.3.1
Change-Id: Ib594d5787783876997ccd6559a58f16f6354524d
Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com>
Issue-ID: DCAEGEN2-2172
Issue-ID: OJSI-116
Issue-ID: DCAEGEN2-2129
Issue-ID: DCAEGEN2-2174
Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com>
|
|
From security reasons disable of plain http.
Change-Id: I1374fc5f0b34f5b938c692e2bbcd2689f4efee88
Issue-ID: DCAEGEN2-2143
Signed-off-by: kjaniak <kornel.janiak@nokia.com>
|
|
Helm chart updates to pull in latest version of components:
bootstrap loads blueprints into DCAE inventory
bootstrap configures k8splugin for JKS CA store
inventory uses generated CA cert
cloudify manager loads type file to synch clamp and dcae
policy plugins
dashboard skips bad blueprints from inventory
bootstrap loads latest pgaas and sshkeyshare plugins
bootstrap runs as non-root user
Issue-ID: DCAEGEN2-2049
Issue-ID: DCAEGEN2-1938
Issue-ID: DCAEGEN2-2097
Issue-ID: DCAEGEN2-2120
Issue-ID: DCAEGEN2-2072
Signed-off-by: Jack Lucas <jflucas@research.att.com>
Change-Id: I12f37ccc85ebfefba10e7ec1113da6474927ba57
|
|
The issue related to HV-VES occurs due to a lack of
certificates. There are provided by TLS_INT_CONTAINER.
Therefore use-tls must be set on true.
Issue-ID: OOM-2281
Signed-off-by: Piotr Wielebski <piotr.wielebski@nokia.com>
Change-Id: Ib5c82d5955c0a7b32a4fc5c9797734f930ae7885
|
|
|
|
common mongo chart and input template for tca-gen2
VEScollector rls version for 7.1.1 support
Heartbeat rls version for non root support
Change-Id: Iea9c640411841553d79cee2b21447b87e2cd2a90
Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com>
Issue-ID: DCAEGEN2-1891
Issue-ID: DCAEGEN2-1907
Issue-ID: DCAEGEN2-2071
Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com>
|
|
Added blueprint (for ves secure) and update blueprint (for ves insecure)
Issue-ID: DCAEGEN2-1777
Signed-off-by: Pawel <pawel.kasperkiewicz@nokia.com>
Change-Id: Iaf78187b8196944ecafcef19b1efec855a4d8922
|
|
Remove unneeded dashboard inputs file
Prepend release name to filebeat configmap name
Issue-ID: DCAEGEN2-917
Issue-ID: DCAEGEN2-1923
Issue-ID: DCAEGEN2-1805
Signed-off-by: Jack Lucas <jflucas@research.att.com>
Change-Id: I53ef20046d7e16c4e0a2defd41c846d91af4ec09
|
|
Helm value override file now supports component-specific settings:
dcae-bootstrap:
enabled: true
dcae-cloudify-manager:
enabled: true
dcae-config-binding-service:
enabled: true
dcae-healthcheck:
enabled: true
dcae-redis:
enabled: true
dcae-servicechange-handler:
enabled: true
dcae-inventory-api:
enabled: true
dcae-deployment-handler:
enabled: true
dcae-policy-handler:
enabled: true
dcae-dashboard:
enabled: true
Issue-ID: OOM-1574
Signed-off-by: Ubuntu <dgl@research.att.com>
Change-Id: I85e0fe6ae19e176d954611549ec954a5fe662307
Signed-off-by: Ubuntu <dgl@research.att.com>
|