| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Changed keycloak-init to "authentication"
and moved as root chart
Moved oauth2-proxy to onap-authentication and updated
to version 7.5.4
Use TCL proposal for REALM creation.
Update keycloak-config-cli version to 5.12.0.
Ingress AuthorizationPolicy creation for all defined accessRoles
in the configured realms
Issue-ID: OOM-3292
Issue-ID: OOM-3268
Change-Id: I0901cd416ca5da871931d7cf084cd35c55f804f1
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Use the new "service" feature of the readiness image to
resolve startup dependencies.
Issue-ID: OOM-3280
Change-Id: Ia331d51528676744e5e0479d1fd0ca02830c3499
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
|
|
Update the ReadinessCheck (13.1.0) to support the "services" feature
of readiness image version 6.0.2 and use the feature in the charts
under common (dgbuilder, etcd-init, mariadb-galera, mariadb-init,
postgres-init)
Additional exclude K8S API port (443) from Istio Sidecar communication
to allow CNI Plugin
Issue-ID: OOM-3280
Change-Id: Ibe030aa9debfc82e88f2ce5e309dd6fa2250f211
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Currently in ONAP the imagePullSecrets is hardcoded to
'onap-docker-registry-key' which is created by the
repository-wrapper component.
With this change the secrets can be configured via setting
global.imagePullSecrets and optionally per image if it is
configured as map (image.pullSecrets)
Issue-ID: OOM-3284
Change-Id: I8644f9b46043b6014219c42928e057b149df43a4
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
- upload ui and bff
- preferences and history services will be added later
- added portal-ng to ONAP chart and overrides
Issue-ID: PORTALNG-66
Change-Id: I9182234be3afbdcdc95b23f0799a11d41384184e
Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
|
|
Add template functions for the mariadb-operator resources
and update the mariadb-galera chart to support them
Change the flag to "useOperator" in cassandra to the global setup
and additional labels for cassandra resources
Changed Policy DB users to support the new mariadb User
and fixed db.sh script to wait for the DB user creation
Use the new readiness image 5.0.1 with the "app-name" option
Change the MariaDB-Galera Service to the "primary" to avoid Deadlocks
Fix previous SDNC patch (https://gerrit.onap.org/r/c/oom/+/135308) and
temporary disable MariaDB for SDNR, as it is not compatible to
MariaDB 11
Issue-ID: OOM-3236
Change-Id: Ie63fcc9c6d5fa802d38c592b449e7ff8553c2ab9
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
The dmaap bus controller is no longer used, so
the corresponding helm charts are being removed.
Issue-ID: OOM-3238
Signed-off-by: Jack Lucas <jflos@sonoris.net>
Change-Id: Ieb83b9a09b5ec804fb18f0c5e85f18f8c1317272
|
|
Remove common charts (cert-wrapper, certInitializer, music)
which are not needed anymore wor unsupported
Issue-ID: OOM-3114
Change-Id: Iec3a49fd4f08b207961ddc572e2de873ee1480d5
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
|
|
Add options to set the Ingress provider and enhanced
settings to provide different resource outputs for
Ingress resurces
Issue-ID: OOM-3184
Change-Id: I3a6ebf17191a558941d6e18fbfe676da0c78e487
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Adds an option "createDefaultRoles" to create roles instead
of using the roles-wrapper
Issue-ID: OOM-3233
Change-Id: I03eb95b641034637fa218010025b2c452aba09d1
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Fix failures in the OOM documentation and add missing
descriptions.
Issue-ID: OOM-3179
Issue-ID: OOM-3149
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: Ie88fc4ffc3888371690a4f39c47a6cc76451047b
|
|
Remove the following component charts:
- AAF
- CONSUL
- CONTRIB
- PORTAL
- LOG
- SNIRO-EMULATOR
correct the helm deploy plugin
Issue-ID: OOM-3074
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I93cd32d9a9dabbc4cdeda63d8c7b669a79cdea8a
|
|
As part of the ServiceMesh solution OAuth2-proxy will be used
to enable a central authentication and authorization for ONAP
Service Access.
This patch delivers the function based on oauth2-proxy helmcharts:
https://github.com/oauth2-proxy/manifests/tree/main/helm/oauth2-proxy
Issue-ID: OOM-2489
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: Iafa82813a7b9494cf13d77d47a39fc6030cb919b
|
|
Create template for istio authorization policies
Issue-ID: OOM-3148
Change-Id: I081288e8e9b0e8347ee6fd0d656398126826c273
Signed-off-by: AndrewLamb <andrew.a.lamb@est.tech>
|
|
In case of non-TLS service the nodePort was not reserved
and missed to disable tls for the services (tlsEnabled)
Issue-ID: OOM-3094
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I7f5102a499f4b262556787b5db682e28a9ebcf81
|
|
Disable the AAF in the values.yaml and in the default helm deployment
Issue-ID: OOM-3094
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I1b0030dabacafe53261eefcdb8956508cc73163b
|
|
Add new options for the created Ingress URLs (preaddr, postaddr)
and allow to create Ingress configurations using customized ports
Correction added to the installation of the Ingress Gateway.
Issue-ID: OOM-3084
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: Ib31050c169799409c6e968adce7ff41e215e3ff9
|
|
|
|
DCAEMOD deprecatrion in London
https://lists.onap.org/g/onap-tsc/topic/dcae_mod_eol_with_london/92490689
Change-Id: I0a7b5774e408bd2fcefa46c34077ef59be9eae52
Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com>
Issue-ID: DCAEGEN2-3278
Issue-ID: DCAEGEN2-3290
|
|
Remove VID charts and all refs
Signed-off-by: efiacor <fiachra.corcoran@est.tech>
Change-Id: I167090a7d037e90484e42c6d12ec56ac329e1553
Issue-ID: OOM-3070
|
|
Removing appc chart
Removing most appc refs
Some SO data may need to be followed up with SO team
Signed-off-by: efiacor <fiachra.corcoran@est.tech>
Change-Id: I183e3dfb7e33a3ada1ac9925ee96b9f32d89bd5a
Issue-ID: OOM-3069
|
|
|
|
Move kafka bridge to strimzi chart.
Update the onap overrides.
Clean up some config in strimzi kafka.
Add override options to kafka chart.
Signed-off-by: efiacor <fiachra.corcoran@est.tech>
Change-Id: Iaaac143f22cae1dbfa50e89b1838a00e37eebdaf
Issue-ID: DMAAP-1834
|
|
The template should create for each Ingress service a single
Gateway/VirtualService Resource, small update of service template
Issue-ID: OOM-3000
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I480f8c7b6b9ca3a84813a9e96c4d796d332facc7
|
|
All platform components has been disabled/deprecated
since Jakarta release
Change-Id: I8837ad4e6b9ef20cd7c94fefd6ec4b9cb7b20b08
Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com>
Issue-ID: DCAEGEN2-3002
Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com>
|
|
We have stability issues with MariaDB (which didn't occur on istanbul).
Issue-ID: OOM-2963
Signed-off-by: Michal Jagiello <michal.jagiello@t-mobile.pl>
Change-Id: I23b31db06dd87a45a47c8b2741b36e6387e5d1ec
|
|
Deploy a 2 node replica strimzi kafka cluster
Reduce MR kafka to 1 replica
Add kafka ready check to cps-temporal
Update readthedocs with strimzi prerequisite
Modify deploy.sh to deploy the strimzi kafka in advance
Signed-off-by: efiacor <fiachra.corcoran@est.tech>
Change-Id: I87e54ad69a174174cb86f096c07d58878e3ab14e
Issue-ID: DMAAP-1621
|
|
OOF HAS controller uses Python oslo library to manage config files.
In Python configuration files dollar sign ($) is used to reference other values.
If that sign is in generated password container can't parse configuration file
and exits with error.
Basic password strength means it will use only alphanumberic characters.
Issue-ID: OPTFRA-1028
Signed-off-by: Michal Jagiello <michal.jagiello@t-mobile.pl>
Change-Id: Id31d6f21f22dab93386ea36e2aa026f70367c2e0
|
|
|
|
|
|
|
|
Use busybox 1.34.1 image for Jakarta
Issue-ID: SECCOM-271
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I9c03855a610577fe396095ae7e631d22c75d22f8
|
|
Use kubectl 1.22.4 image for Jakarta
Issue-ID: SECCOM-271
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I4501f5a91f0fe7d9b75abf7fdaaaf7405433fb16
|
|
Use nginx 1.21.4 image for Jakarta
Issue-ID: SECCOM-271
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I2a391697c066a45845a45f605db1c578684e1feb
|
|
AAF SMS is importing secrets in vault. CPS secret can be retrieved only
if cps is enabled.
this patch allows to disable CPS import in AAF SMS
Issue-ID: OOM-1
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ib33d2fe05bb6e13fb6322138161a13cdfd2cf522
|
|
Adding basic requirements for Service Mesh Compliance within SDC.
Change-Id: Ib9104ef2e8b6daf0b9b529288cee158b297ce9e4
Issue-ID: OOM-2253
Signed-off-by: rope252 <gareth.roper@est.tech>
Signed-off-by: othman touijer <othman.touijer@soprasteria.com>
|
|
Use version 10.6.5-debian-10-r28 instead of 10.6.5.
Also align clamp and so to use the same version as the other ones
Issue-ID: OOM-1
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ie1db09b03daa1bb7792ee0ff6a73bd3483213e75
|
|
|
|
|
|
Use onap/integration-java11 11.0.0 image for Jakarta
Issue-ID: SECCOM-271
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Id5aab493eebae3787d636c6a771c58d0b9d98558
|
|
Use curl 7.80.0 image for Jakarta
Issue-ID: SECCOM-271
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ieb288a29acd36bacec9a36e06717514adce04bd3
|
|
Bump version to the one asked by SECCOM.
Issue-ID: OOM-1
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I99a4c1e412a2288b595d78470dc433466586529b
|
|
Integration team believes that it will have no impact
assuming that ESR is not used directly.
Some AAI API mentions ESR but no direct call to ESR in the tests.
This gate shall prove it or not...
Issue-ID: INT-1972
Signed-off-by: morganrol <morgan.richomme@orange.com>
Change-Id: If37199dc25fa9c268baa1dc88921aa22d6cb7277
|
|
|
|
Introduction of chartmuseum as internal repo for
ONAP components to push/pull charts post instantiation
+ Script to preload charts to this repo
Change-Id: I4880900548dfe1d3e47a67b3822f82a15314b5b7
Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com>
Issue-ID: DCAEGEN2-2630
Issue-ID: OOM-2734
Issue-ID: INT-1895
Issue-ID: DCAEGEN2-2694
Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com>
Signed-off-by: vv770d <vv770d@att.com>
|
|
- Remove cmpv2Certificate chart in order to deprecate CertService
client mechanism.
- Remove CertServiceClient init containers in SDNC.
- Replace CMPv2CertManagerIntegration with cmpv2Enabled flag
Issue-ID: OOM-2744
Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Change-Id: I8c818fcf64a029552c8833f68b6ae95fad379c8d
|
|
Instead of creating all roles every time with service account chart,
let's just create the specific ones for a chart and point to default one
for the three default roles.
In order to lighten serviceAccount chart, whole logic for default role
creation is in `roles-wrapper`.
Issue-ID: OOM-2729
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ib4d6a2669ca7d747320a4bccb65aac863eb60956
|
|
Utilize Cert-Manager to secure communication between
Cert-Service and its clients, adjust templates and
configs.
Issue-ID: OOM-2712
Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Change-Id: I96426b1a184b4d254575e76d29214d9deda08cce
Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com>
|
Andreas Geissler
Lukasz Rajewski
Fiete Ostkamp
Jack Lucas
Micha? Jagie??o
AndrewLamb
Vijay Venkatesh Kumar
efiacor
Sylvain Desbureaux
othman touijer
Krzysztof Opasiak
morganrol
Piotr Marcinkiewicz