aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/onap
AgeCommit message (Collapse)AuthorFilesLines
2021-06-08[COMMON] Remove CertService client mechanismPiotr Marcinkiewicz3-26/+15
- Remove cmpv2Certificate chart in order to deprecate CertService client mechanism. - Remove CertServiceClient init containers in SDNC. - Replace CMPv2CertManagerIntegration with cmpv2Enabled flag Issue-ID: OOM-2744 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: I8c818fcf64a029552c8833f68b6ae95fad379c8d
2021-05-11[COMMON][ROLES] Create default roles onceSylvain Desbureaux2-0/+6
Instead of creating all roles every time with service account chart, let's just create the specific ones for a chart and point to default one for the three default roles. In order to lighten serviceAccount chart, whole logic for default role creation is in `roles-wrapper`. Issue-ID: OOM-2729 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ib4d6a2669ca7d747320a4bccb65aac863eb60956
2021-04-22[PLATFORM] Generate Cert-Service certs with Cert-ManagerPiotr Marcinkiewicz1-13/+10
Utilize Cert-Manager to secure communication between Cert-Service and its clients, adjust templates and configs. Issue-ID: OOM-2712 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: I96426b1a184b4d254575e76d29214d9deda08cce Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com>
2021-03-26[HOLMES] Migrate Holmes from Cloudify to HelmGuangrongFu13-0/+46
Instead of using cloudify, use helm directly in order to deploy the charts. Change-Id: I6c97862898ab34b63a15b942b1396c0d19179e46 Issue-ID: HOLMES-396 Signed-off-by: GuangrongFu <fu.guangrong@zte.com.cn> [Adding AAF part and change nodeports] Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
2021-03-25Merge "[DOC][COMMON] Prepare Honolulu release"Krzysztof Opasiak2-38/+38
2021-03-24[ONAP] Upgrade crunchy imageTomasz Pietruszkiewicz1-1/+1
Set the newest version of crunchy-postgres image. In this image python 2.x was replaced by python 3.x. The crunchy-postgres image is used in few projects in the ONAP, not only in vnfsdk. Change-Id: I1799b6be66312d2418878533775c741b286bec61 Issue-ID: VNFSDK-647 Signed-off-by: Tomasz Pietruszkiewicz <tomasz.pietruszkiewicz@nokia.com>
2021-03-24[DOC][COMMON] Prepare Honolulu releaseSylvain Desbureaux2-38/+38
Updating the documentation and bumping version to 8.0.0 Issue-ID: OOM-1 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I6f942f1466fed64264c44fb8fc0e1ffc93a98f18
2021-03-21[DCAEGEN2] Deploy DCAE microservices via HelmJack Lucas11-0/+24
Deploy DCAE microservices using Helm instead of having the DCAE bootstrap container deploy them using Cloudify. Charts for the microservices are found under oom/kubernetes/dcaegen2-services. Issue-ID: DCAEGEN2-2615 Issue-ID: DCAEGEN2-2617 Signed-off-by: Jack Lucas <jflos@sonoris.net> Change-Id: I22d88987ae8e21b3c08f31f13ffda98967d13297 [Use common secret template for secrets] Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2021-03-03[CPS] Configuration Persistence Service Chartsputhuparambil.aditya10-2/+22
CPS Helm charts added Issue-ID: CPS-7 Co-authored-by: puthuparambil.aditya <aditya.puthuparambil@bell.ca> Co-authored-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Co-authored-by: Bruno Sakoto <bruno.sakoto@bell.ca> Signed-off-by: Claudio David Gasparini <claudio.gasparini@pantheon.tech> Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Signed-off-by: puthuparambil.aditya <aditya.puthuparambil@bell.ca> Signed-off-by: Bruno Sakoto <bruno.sakoto@bell.ca> Change-Id: I027e5e4b3eec78ce889168f8796d55e6f9fd9be6 Signed-off-by: puthuparambil.aditya <aditya.puthuparambil@bell.ca>
2021-02-11Merge "[POLICY] Migration of clamp to policy area"Krzysztof Opasiak1-4/+0
2021-02-11[POLICY] Migration of clamp to policy areasebdet1-4/+0
Creation of the clamp subcharts + fusion of the clamp database to policy mariadb Issue-ID: POLICY-2951 Signed-off-by: sebdet <sebastien.determe@intl.att.com> Change-Id: I8192f82bc393e3fc8d5884d6ab73912a0466edcd Signed-off-by: sebdet <sebastien.determe@intl.att.com>
2021-02-05[COMMON] Create certManagerCertificate chartPiotr Marcinkiewicz1-11/+2
- Create certManagerCertificate chart for Certificate template - Change default values for duration and renewBefore - Add creation Secret with keystore password - Use template in SDNC (add volumes and volumesMounts) Issue-ID: OOM-2568 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: Ib70d91b599fa6813ed0a6d5b96206508f2fdafcf
2021-02-04Merge "[AAI] Templatize MSB services"Krzysztof Opasiak1-1/+5
2021-01-27[PLATFORM] Update cert service images to 2.3.3Joanna Jeremicz1-1/+1
Enhance CertServiceAPI response (include CMP server error messages) Fix KeyUsage extension sent to CMPv2 server Issue-ID: OOM-2658 Signed-off-by: Joanna Jeremicz <joanna.jeremicz@nokia.com> Change-Id: Ic2c68b85fce08d20e423b316a3234e6f00799a42
2021-01-20[COMMON] Add template for CertServiceClientRemigiusz Janeczek1-1/+2
Create generic template to simplify CertServiceClient use Issue-ID: OOM-2568 Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com> Change-Id: I4fb9829b27b1dd13a9e7a098f807710cc5648438
2021-01-19[AAI] Templatize MSB servicesSylvain Desbureaux1-1/+5
Instead of "hardcoding" all services, let's generate them with two values and shrink a little bit template. It also simplify the reading of the template. Issue-ID: OOM-2664 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I2a5f181fac93f34e074998aeaf82489f8305de1f
2021-01-08Merge "[CMPV2] Add a template for Certificate (cert-manager)"Sylvain Desbureaux1-0/+26
2021-01-06[PLATFORM] Update cert service images to 2.3.2Remigiusz Janeczek1-1/+1
Align Cert Service Api to RFC4210. Fix Cert Service Client CA_NAME validation. Fix Cert Service External Provider logging. Issue-ID: OOM-2656 Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com> Change-Id: I644946b139bd4879e44cdf705eadcc4c2c81a0e2
2021-01-06[CMPV2] Add a template for Certificate (cert-manager)Jan Malkiewicz1-0/+26
This commit introduces a template for requesting a cert-manager certificate. See: https://cert-manager.io. It consist of the following parts: - a template for creating certificate in commons component - a definition of a certifcate object in sdnc component Issue-ID: OOM-2568 Signed-off-by: Jan Malkiewicz <jan.malkiewicz@nokia.com> Change-Id: If58b8f12eff075d058db5a0fee3b2db5c2c93a17
2020-12-18Merge "[COMMON][CertInit] Uses new tpls for repos / images"Krzysztof Opasiak1-0/+3
2020-12-17[CMPV2] Set flag CMPv2CertManagerIntegrationJan Malkiewicz2-1/+3
Default value for onap is 'false'. Default value for cert-service environment is 'true'. Issue-ID: OOM-2560 Signed-off-by: Jan Malkiewicz <jan.malkiewicz@nokia.com> Change-Id: I4e390f875b88f3684f82b9f8bbb3c5462c719c9e
2020-12-17[COMMON][CertInit] Uses new tpls for repos / imagesSylvain Desbureaux1-0/+3
This commit makes CertInitializer template to use the new generator for repositories and images. Issue-ID: OOM-2364 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I5efa37225bfe05e2c7be7b8d2420ccaeb10afe62
2020-12-17Merge "[COMMON][MARIADB] Upgrade Mariadb DB galera version"Krzysztof Opasiak1-8/+13
2020-12-14[COMMON][MARIADB] Upgrade Mariadb DB galera versionSylvain Desbureaux1-8/+13
Mariadb DB Galera containers version is outdated and unmaintained. We need them to move to a new image provider. As new image provider is not compatible with our old templates, we also update the templates (by reworking bitnami mariadb-galera chart). An update of global mariadb image is also done in order to match mariadb galera version. Issue-ID: OOM-1720 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ib9976227759e90022183d4f37fc655143be4d6ac
2020-12-14Merge "[COMMON] Configure paths for Ingress"Krzysztof Opasiak1-1/+0
2020-12-09[OOM] Remove POMBA from OOM repositoryGrzegorz-Lis1-4/+0
Pomba is obsolete and not used anymore by ONAP Issue-ID: OOM-2642 Signed-off-by: Grzegorz Lis <grzegorz.lis@nokia.com> Change-Id: If6b2cc43d1cb088f5ea2ae05970b625fc1f5d425
2020-12-08[COMMON] Configure paths for IngressSylvain Desbureaux1-1/+0
Instead of globally choosing between virtualhosts and path based ingress, it's better to allow to choose it per component. Issue-ID: OOM-2641 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I952826d03722693ebae7c95a083b95bf83752d68
2020-12-04Merge "[PLATFORM] Update cert service images to 2.3.1"Sylvain Desbureaux1-1/+1
2020-12-02[PLATFORM] Update cert service images to 2.3.1Remigiusz Janeczek1-1/+1
Update cert service and cert service client to allow IPAddresses, E-mails and URIs as SANs. Update ejbca configuration with IPAddresses, E-mail and URIs. Fix dcae bp inputs to use comma as SANs delimiter (from to allow use of IPv6) Issue-ID: OOM-2559 Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com> Change-Id: I71bea7f63540eb5d345bce6867fa25e098353d6d
2020-12-02[GENERAL] Update chart version to GuilinSylvain Desbureaux1-1/+1
Issue-ID: OOM-2638 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I2738206390b07c4bb5d0fa191368d8297eb2ba5e
2020-11-30[COMMON][DOC] Bump version GuilinSylvain Desbureaux2-38/+38
Update charts and requirements to 7.0.0. Create release notes for Guilin Update documentation Issue-ID: OOM-2638 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I965ed6b6ebb7d74bfddaff73edd3dd55a657841c
2020-11-23[PLATFORM] Add new fake deployment to fix offline certificates generationAdam Wudzinski1-0/+5
Add new fake deployment to CertService, controlled by new global flag global.offlineDeployment, which is disabled as default. Change Makefile to use java image from ONAP Nexus for certificate generation. Signed-off-by: Adam Wudzinski <adam.wudzinski@nokia.com> Issue-ID: OOM-2588 Change-Id: I2f9fe4b626604c5bfd8512449d893015bdc6ca98
2020-11-20[COMMON] New templates to handle repositoriesSylvain Desbureaux3-47/+62
Current repository templates handles only ONAP "nexus" repository configuration. So, all images coming from another repository (currently, OOM is using 4 repository, including nexus one) cannot simply be retrieved from another one. This commit add new templates, in a specific chart, in order to change that. Now, each for repository can be overidden and all 4 can have a credentials. Also, in order to minimize global variables, templates aimed to retrieve usual utility images (busybox, envsubst, readiness, ...) are created. Issue-ID: OOM-2634 Change-Id: I27eb33d830d56ec28f9de68599f5108a262983b3 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> [Reduce code size, add missing busyboxRepository] Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2020-11-05Merge "[Tree-wide] Remove pnda charts from OOM"Sylvain Desbureaux3-8/+0
2020-11-04[ONAP] Remove helm comment from environment filesJakub Latusek4-8/+0
This files are never processed as helm's template, so comments should be in yaml style. Signed-off-by: Jakub Latusek <j.latusek@samsung.com> Issue-ID: OOM-2562 Change-Id: Id97f1b2640d7d96324f891b54780a12ec28e5d02
2020-11-03Remove unexepected chat in yaml filemrichomme1-2/+0
These parameters trigger an error when installing on windriver so if the file is used, installation will fail due to yaml issue Issue-ID: OOM-2620 Signed-off-by: mrichomme <morgan.richomme@orange.com> Change-Id: I572d7d26067f7b632aaec4fd88a19d28b80b9d68
2020-10-29[Tree-wide] Remove pnda charts from OOMKrzysztof Opasiak3-8/+0
pnda was introduced in earlier release (R3) as POC however no longer supported. As we don't like unmaintained code and noone is using it let's remove it from oom helm charts. Issue-ID: DCAEGEN2-2503 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I717925acee3956ac7e5c6abda7a54e3a78f3ebf3
2020-10-29Merge "[SO] Enable SO-Monitoring - use HTTPS and certInitializer"Krzysztof Opasiak1-0/+6
2020-10-29[SO] Enable SO-Monitoring - use HTTPS and certInitializerKrzysztof Gajewski1-0/+6
- SO-Monitoring service exposed as NodePort - Certs are retrieved dynamically using certInitializer Issue-ID: SO-2920 Signed-off-by: Krzysztof Gajewski <krzysztof.gajewski@nokia.com> Change-Id: I04e6556bcddc3c67afc2a76c5b4fecb59a134911
2020-10-22Merge "[ONAP] change comment style"Sylvain Desbureaux7-0/+14
2020-10-21[ONAP] change comment styleJakub Latusek7-0/+14
Signed-off-by: Jakub Latusek <j.latusek@samsung.com> Change-Id: I9725eb1baf99f32d47f146dce2c61d3ae45ca0ab Issue-ID: OOM-2562
2020-10-20[COMMON] Make certInitializer share truststore among instancesKrzysztof Opasiak2-0/+7
Truststore is quite heavy. If it is included several times in the component it can easily cross helm chart size limit. To fix this issue let's make sure that the truststore is created only once and then shared among all certInitializer instances. Issue-ID: AAF-1134 Change-Id: I546a88fea3fe869748194682e7dcf3ad566282ab Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2020-10-14[CLAMP] Give times to mariadb to come upSylvain Desbureaux1-0/+5
On some environments, clamp database is restarted in the middle of the init script. The consequence is then a weird behavior, especially if the users are not set. This patch adds more time to the DB in the environment override file (which is supposed to be used in slow environnement). Issue-ID: OOM-2597 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ieb700afbb27610dbad18d860b7fb85ac95c2bb0d
2020-10-12[ONAP] update api versionJakub Latusek1-1/+1
Change-Id: I0f3278d513430ddf18abd3580a48f0d7a0bccc78 Signed-off-by: Jakub Latusek <j.latusek@samsung.com> Issue-ID: OOM-2562
2020-09-25Merge "[DCAEGEN2][OOM] Update k8splugin configs"Sylvain Desbureaux1-1/+1
2020-09-24[DCAEGEN2][OOM] Update k8splugin configsJan Malkiewicz1-1/+1
Top up certservice-api image Update config for k8splugin 3.4.1: - update images of certservice-client - add certservice-client secret name to config - add certservice-post-processor image to config CertPostProcessor is an application which appends CMPv2 truststore entries to AAF CertMan truststore and allows swapping AAF CertMan keystore for CMPv2 keystore. Issue-ID: DCAEGEN2-2253 Signed-off-by: Jan Malkiewicz <jan.malkiewicz@nokia.com> Change-Id: Icc7020d8e1431f4ba2f49206b84bf3930d3c2c23
2020-09-21[SDNC] Deploy external TLC cert in ODLegernug1-9/+9
Changes for 111973 Issue-ID: SDNC-1136 Signed-off-by: esobmar <mariusz.sobucki@est.tech> Change-Id: If185ee3658b8f51a969bb3505f8bfb163cfea2a3 Signed-off-by: egernug <gerard.nugent@est.tech> Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> [Access EJBCA secret from cert service] Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2020-09-18[OOM] Moving cert-service to platformMaciej Malewski4-8/+21
aaf-cert-service has been renamed to oom-cert-service and moved from oom/kubernetes/aaf/components to oom/kubernetes/platform/components. All aaf-cert-service references have been replaced with oom-cert-service. Issue-ID: OOM-2526 Change-Id: I70ef4bf3ee7085a5ef7075bde68eb0ea0a95ebf7 Signed-off-by: Maciej Malewski <maciej.malewski@nokia.com>
2020-09-17Merge "Add A1 Policy Management Service helm charts"Sylvain Desbureaux4-1/+19
2020-09-16Add A1 Policy Management Service helm chartsLathish4-1/+19
Issue-ID: CCSDK-2492 Change-Id: Ide809298d075471b457cfb93fee77658c7cb597c Signed-off-by: Lathish <lathishbabu.ganesan@est.tech>