aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/policy/components/policy-clamp-ac-k8s-ppnt
AgeCommit message (Collapse)AuthorFilesLines
2024-08-02[POLICY] Fix Kyverno Policy violationsAndreas Geissler6-5/+34
- Add "archive" folder for removed policy-gui charts - Update all deployments/jobs to fix policies - Correct KafkaUser definition to avoid deprecated attribute - update xacml-pdp deployment to work with readOnlyFilesystem setting Issue-ID: OOM-3307 Change-Id: I579062c1c49923666c1d836f7324c8bbd7b88695 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-05-21[POLICY] Update docker images to latest versionssaul.gill1-1/+1
The image versions in policy values.yaml files have been updated *** This commit is generated by a PF release script *** Issue-ID: POLICY-4997 Change-Id: Ia874c6a050f9a0253628247519541e17d86d08cf Signed-off-by: saul.gill <saul.gill@est.tech>
2024-04-26[POLICY] Update docker images to latest versionssaul.gill1-1/+1
The image versions in policy values.yaml files have been updated *** This commit is generated by a PF release script *** Issue-ID: POLICY-4970 Change-Id: Ib431ebb448205fb79808dab8e1edc2c6aaaaf13c Signed-off-by: saul.gill <saul.gill@est.tech>
2024-04-13[COMMON] Remove hostPath entriesAndreas Geissler1-6/+0
As hostPath volumes violate Cluster policies, they are not allowed within pod definitions. In our case only the "etc/localtime" is mounted to get the timezone of the host, which is not required. Issue-ID: OOM-3287 Change-Id: I6c8c8ea4e982d7e95e73f5fed7fc07ed47ceaab7 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-04-11[COMMON] Update all ReadinessChecksAndreas Geissler1-3/+0
Use the new "service" feature of the readiness image to resolve startup dependencies. Issue-ID: OOM-3280 Change-Id: Ia331d51528676744e5e0479d1fd0ca02830c3499 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-04-08[POLICY] Add kafka support in policy chartsrameshiyer274-26/+3
Added kafka support in all policy charts. Dmaap option is removed Issue-ID: POLICY-4941 Change-Id: I015d303c11c04a64d815fe2f054919eca2252250 Signed-off-by: rameshiyer27 <ramesh.murugan.iyer@est.tech>
2024-03-20[COMMON] Make imagePullSecrets configurableAndreas Geissler1-2/+1
Currently in ONAP the imagePullSecrets is hardcoded to 'onap-docker-registry-key' which is created by the repository-wrapper component. With this change the secrets can be configured via setting global.imagePullSecrets and optionally per image if it is configured as map (image.pullSecrets) Issue-ID: OOM-3284 Change-Id: I8644f9b46043b6014219c42928e057b149df43a4 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2024-03-06[POLICY] Update docker images to latest versionssaul.gill2-3/+3
The image versions in policy values.yaml files have been updated *** This commit is generated by a PF release script *** Issue-ID: POLICY-4907 Change-Id: I2a03efe9e39db70fd60e0790f206ad92cd8fe42b Signed-off-by: Saul Gill <saul.gill@est.tech>
2024-02-28[COMMON] Harmonize resource settingsAndreas Geissler1-8/+8
Update all resource settings to the kubernetes recommended normalized form. Fix ReadinessCheck resource limits. Issue-ID: OOM-3273 Change-Id: Ie10903b801e4dc1689bcec092162d711a431a7a6 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
2023-11-14[POLICY] Update docker images to latest versionsliamfallon1-1/+1
The image versions in policy values.yaml files have been updated *** This commit is generated by a PF release script *** Issue-ID: POLICY-4854 Signed-off-by: liamfallon <liam.fallon@est.tech> Change-Id: I4a28d35bbdda2497faaa5c91baa42aaa9d398437
2023-10-18[OOM] Fixing k8s cpu limitsvladimir turok1-2/+2
Adding specific cpu limits for all oom components Issue-ID: OOM-3241 Change-Id: I0bbd973d91d11dbb0ffa5848f7c1ed5ebb5f54ba Signed-off-by: vladimir turok <vladimir.turok@t-systems.com>
2023-07-14[OOM] Fixing k8s resources and limitsAndreas Geissler1-6/+6
This fix is adjusting OOM helm charts components resources limits and requests Issue-ID: OOM-3199 Signed-off-by: Vladimir Turok <vladimir.turok@t-systems.com> Change-Id: I56aeba925cda4984277ac7bbf23cfd158263d30f
2023-06-29[COMMON] Bump ONAP versionAndreas Geissler1-5/+5
Update chart versions to 13.0.0 for Montreal Issue-ID: OOM-3173 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: Ie53fd021f01e459c464e44f4459a73ba0b00c172
2023-06-26[COMMON] Fix various helm errorsAndreas Geissler1-3/+2
Fixes in helmcharts which are not detected by helm, but kustomize in common, CDS, POLICY, SDC, SO Issue-ID: OOM-3200 Issue-ID: OOM-3201 Issue-ID: OOM-3202 Issue-ID: OOM-3203 Issue-ID: OOM-3204 Issue-ID: OOM-3205 Issue-ID: OOM-3206 Issue-ID: OOM-3207 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: I8416726693d6606d936aaf4cfe2c097752689c29
2023-06-14[POLICY] Correct clamp timeouts and enable sidecars in jobs againAndreas Geissler1-2/+2
Clamp pods take longer to start in "small" flavor case and require 60 seconds to startup. Revert the Istio Sidecar removal in MariaDB jobs, as they are not the root cause of the startup issue. Issue-ID: OOM-3186 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: I0f3fd6a55e851640617bc3b0de8f96a0fe33d765
2023-05-24[POLICY] Update docker images to latest versionsliamfallon1-1/+1
The image versions in policy values.yaml files have been updated *** This commit is generated by a PF release script *** Issue-ID: POLICY-4662 Signed-off-by: liamfallon <liam.fallon@est.tech> Change-Id: Id4904916026969730830441a17d1442d1c690004
2023-05-05Merge "[POLICY] Update docker images to latest versions"Andreas Geissler1-1/+1
2023-05-04[POLICY] Update docker images to latest versionssaul.gill1-1/+1
The image versions in policy values.yaml files have been updated Added native configurable support in pap and api for strimzi Added configurable support in api and pap for postgres *** This commit is generated by a PF release script *** Issue-ID: POLICY-4648 Change-Id: Ia91ea4a8babc850d0854e299eb80541c1d38285d Signed-off-by: saul.gill <saul.gill@est.tech>
2023-04-21[POLICY][COMMON] Create Authorization Policies for PolicyAndrewLamb2-0/+22
Policy- Add initial authorized serviceaccounts for each sub component service Common- Change authorizationpolicy to match on the label app Issue-ID: OOM-3139 Change-Id: I411877b933d6dfcbdee633f1440d16c9658438e5 Signed-off-by: AndrewLamb <andrew.a.lamb@est.tech>
2023-03-23[POLICY] Cleanup of Helmcharts from AAF/TLS optionsAndreas Geissler4-54/+1
Remove AAF options and Certificate settings Disable Istio Sidecar injection for DB jobs due to problems during DB Migration Extended the timeouts for clamp-runtime-acm Issue-ID: OOM-3120 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: I802fa2038535524f4696513acd5aa7772e0a3f35
2023-03-10[POLICY-PPNT] Move policy-clamp-ppnt use case to use strimzi kafkaefiacor5-93/+87
Move acm to use strimzi common templates Enabled kafka by default for acm ppnts Update relevant config params Signed-off-by: efiacor <fiachra.corcoran@est.tech> Change-Id: Ia23970e59f4ddaa83a07d224293b0155e28d0ab2 Issue-ID: DMAAP-1857
2023-03-05Merge "[COMMON] Fix resources indent"Andreas Geissler1-2/+1
2023-03-03[POLICY] Update docker images to latest versionssaul.gill3-7/+22
The image versions in policy values.yaml files have been updated Chart config update to match new images *** This commit is generated by a PF release script *** Issue-ID: POLICY-4570 Signed-off-by: saul.gill <saul.gill@est.tech> Change-Id: I347f3601c4a0d3c09cf5eaec6e8ed51878c1a02d Signed-off-by: saul.gill <saul.gill@est.tech>
2023-03-03[COMMON] Fix resources indentmiroslavmasaryk1-2/+1
Fix of resources template indent and therefore resources in components Issue-ID: OOM-3104 Signed-off-by: miroslavmasaryk <miroslav.masaryk@telekom.com> Change-Id: I825a3860db00cae4bb80b2aa2d82ac1a42b33124
2023-01-31[DMAAP] Remove AAF dependencyefiacor1-2/+2
Remove DMaaP NodePorts Update dmaap-bc postgres setup and dbc-client image used by DCAE Use the http port of the dbcClient in the dmaapProvisioning job Signed-off-by: efiacor <fiachra.corcoran@est.tech> Change-Id: Ie4888b58b6f7e1405ed67625900da89e58b5cb79 Issue-ID: DMAAP-1573
2022-12-01[POLICY] Update docker images to latest versionsliamfallon1-1/+1
The image versions in policy values.yaml files have been updated *** This commit is generated by a PF release script *** Issue-ID: POLICY-4462 Signed-off-by: liamfallon <liam.fallon@est.tech> Change-Id: I6154e8409900eca422f6b9392883d50232d1f573
2022-11-10[COMMON] Bump ONAP versionAndreas Geissler1-5/+5
Update chart versions 12.0.0 for London Issue-ID: OOM-3046 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: Ic196235ff4f6ae14a7ecad799bd75a9666b2594a
2022-10-21[POLICY] Update docker images to latest versionsliamfallon1-1/+1
The image versions in policy values.yaml files have been updated *** This commit is generated by a PF release script *** Issue-ID: POLICY-4408 Signed-off-by: liamfallon <liam.fallon@est.tech> Change-Id: I668a2acadccf8d36ccd3b7c1fb21bcfbe59d80da Signed-off-by: liamfallon <liam.fallon@est.tech>
2022-10-20[POLICY] Exclude JDBC from CLAMP ACM participantsliamfallon1-0/+5
CLAMP ACM participants do not use a databsae. However, Spring looks for a JDBC driver when it comes up unless the driver lookup is disabled. Issue-ID: POLICY-4375 Change-Id: I0cd22cea3972857b669031de0bfc04a07321ae92 Signed-off-by: liamfallon <liam.fallon@est.tech>
2022-10-12[POLICY] Service Mesh Compliance for Policyamatthews1-2/+5
Updating the basic requirements for Service Mesh Compliance within Policy. Changing the DB jobs and updating the configuration files to use HTTP Issue-ID: OOM-2253 Change-Id: If1aed68f0ed2f00d6a5cf06e5f95837f9405f65b Signed-off-by: amatthews <adrian.matthews@est.tech> Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
2022-09-23[POLICY] Update docker images to latest versionsliamfallon1-1/+1
The image versions in policy values.yaml files have been updated *** This commit is generated by a PF release script *** Issue-ID: POLICY-4343 Signed-off-by: liamfallon <liam.fallon@est.tech> Change-Id: I96f9d8d2857976f22f503810ba1d9bb42133cd6b
2022-09-21[POLICY] Update strimzi config in policy helm chartsSirisha_Manchikanti1-5/+30
Added strimzi kafka user and topics for policy apex-pdp in relevant helm charts. Updated kafka configuration for policy component helm charts. Corrected policy-group configuration in PAP Issue-ID: POLICY-4134 Signed-off-by: Sirisha_Manchikanti <sirisha.manchikanti@est.tech> Change-Id: I0f38f4919898c04e4f4dadc820a7627eee6e022a
2022-07-25[POLICY] Add strimzi kafka config from helm chartsSirisha_Manchikanti3-2/+50
Add strimzi kafka user and topics for policy components in relevant helm charts. Issue-ID: POLICY-4133 Signed-off-by: Sirisha_Manchikanti <sirisha.manchikanti@est.tech> Change-Id: If0e1107c03acdfed83bfc359a45ad546d134bd30
2022-07-18[POLICY] Add overridable helm paramaters for k8s ppntrameshiyer273-7/+22
Make permitted repository list overridable from values.yaml CofigMap populates the application properties file with required values. Issue-ID: POLICY-4237 Signed-off-by: zrrmmua <ramesh.murugan.iyer@est.tech> Change-Id: Ib48716f12bc5f4d22fbda8e22fd2077e0e982ec3
2022-06-24[COMMON] Bump ONAP versionAndreas Geissler1-5/+5
Use version 11.0.0 for Kohn Issue-ID: OOM-2971 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: Icc0e0839fc6def2035383b5fa4c9153fc15fafda
2022-05-13[POLICY] Fix cluster role binding name in k8s ppntrameshiyer271-8/+2
Updated cluster role binding name and service account name to acm terminology Issue-ID: POLICY-4170 Signed-off-by: zrrmmua <ramesh.murugan.iyer@est.tech> Change-Id: I1b52d6a5d01921d70fce53884558a3ce58f98e19
2022-05-04[POLICY] Upgrade image versionsjhh1-1/+1
These images tackle security issues in libraries. Issue-ID: POLICY-4071 Signed-off-by: jhh <jorge.hernandez-herrero@att.com> Change-Id: I88297b05f05e0a847d10333e60e665f89ccb424d
2022-04-22[POLICY] Update components to latest releasejhh1-1/+1
The exceptions are policy-drools-pdp, policy-xacml-pdp, and policy-gui that are handled in different reviews. Issue-ID: POLICY-4089 Signed-off-by: jhh <jorge.hernandez-herrero@att.com> Change-Id: I5d03ce22d9c69380c6f76b24383555cf71803ea4 Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
2022-04-13[POLICY] Rename from TOSCA Control Loop to ACMFrancescoFioraEst8-0/+579
Update CLAMP OOM Configuration for rename from TOSCA Control Loop to ACM Issue-ID: POLICY-3942 Change-Id: I2044dfb68f22dc27d701c7bea1e2a2eab69cb28d Signed-off-by: FrancescoFioraEst <francesco.fiora@est.tech>