Age | Commit message (Collapse) | Author | Files | Lines |
|
Clamp pods take longer to start in "small" flavor case and require
60 seconds to startup.
Revert the Istio Sidecar removal in MariaDB jobs, as they are not
the root cause of the startup issue.
Issue-ID: OOM-3186
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I0f3fd6a55e851640617bc3b0de8f96a0fe33d765
|
|
The image versions in policy values.yaml files have been updated
*** This commit is generated by a PF release script ***
Issue-ID: POLICY-4662
Signed-off-by: liamfallon <liam.fallon@est.tech>
Change-Id: Id4904916026969730830441a17d1442d1c690004
|
|
|
|
The image versions in policy values.yaml files have been updated
Added native configurable support in pap and api for strimzi
Added configurable support in api and pap for postgres
*** This commit is generated by a PF release script ***
Issue-ID: POLICY-4648
Change-Id: Ia91ea4a8babc850d0854e299eb80541c1d38285d
Signed-off-by: saul.gill <saul.gill@est.tech>
|
|
Policy- Add initial authorized serviceaccounts for each sub component service
Common- Change authorizationpolicy to match on the label app
Issue-ID: OOM-3139
Change-Id: I411877b933d6dfcbdee633f1440d16c9658438e5
Signed-off-by: AndrewLamb <andrew.a.lamb@est.tech>
|
|
|
|
- change portNames to have a protocol prefix
Issue-ID: OOM-3166
Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
Change-Id: I3013ba629c951c12dfb7594aadc34dd0c47afab9
|
|
Change the target service for the policy-gui
Issue-ID: OOM-3165
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I803e32b2be0e35f9670b4a241e06c77009104325
|
|
Wrong port definition leads to missing Service selection
Issue-ID: OOM-3120
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I0d843f6cff494e9062ee18321c5525499b868dcd
|
|
Remove AAF options and Certificate settings
Disable Istio Sidecar injection for DB jobs due to
problems during DB Migration
Extended the timeouts for clamp-runtime-acm
Issue-ID: OOM-3120
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I802fa2038535524f4696513acd5aa7772e0a3f35
|
|
Add kserve participant helm charts.
Issue-ID: POLICY-4525
Signed-off-by: aravind.est <aravindhan.a@est.tech>
Change-Id: I51f1ddb91302fd54c6e926f9f5c80e648b9a4a07
|
|
Move acm to use strimzi common templates
Enabled kafka by default for acm ppnts
Update relevant config params
Signed-off-by: efiacor <fiachra.corcoran@est.tech>
Change-Id: Ia23970e59f4ddaa83a07d224293b0155e28d0ab2
Issue-ID: DMAAP-1857
|
|
|
|
The image versions in policy values.yaml files have been updated
Chart config update to match new images
*** This commit is generated by a PF release script ***
Issue-ID: POLICY-4570
Signed-off-by: saul.gill <saul.gill@est.tech>
Change-Id: I347f3601c4a0d3c09cf5eaec6e8ed51878c1a02d
Signed-off-by: saul.gill <saul.gill@est.tech>
|
|
Fix of resources template indent and therefore resources in components
Issue-ID: OOM-3104
Signed-off-by: miroslavmasaryk <miroslav.masaryk@telekom.com>
Change-Id: I825a3860db00cae4bb80b2aa2d82ac1a42b33124
|
|
Move policy dist to use strimzi templates
Signed-off-by: efiacor <fiachra.corcoran@est.tech>
Change-Id: I4a03812a7545ce7a4fcd5443a2c0af89933b1a63
Issue-ID: DMAAP-1857
|
|
Remove DMaaP NodePorts
Update dmaap-bc postgres setup and dbc-client image used by DCAE
Use the http port of the dbcClient in the dmaapProvisioning job
Signed-off-by: efiacor <fiachra.corcoran@est.tech>
Change-Id: Ie4888b58b6f7e1405ed67625900da89e58b5cb79
Issue-ID: DMAAP-1573
|
|
Policy dist to use kafka native
Signed-off-by: efiacor <fiachra.corcoran@est.tech>
Change-Id: Id83dcd6c4af0bff37689178330827ce96246b5ae
Issue-ID: DMAAP-1816
|
|
Add A1pms participant helm charts
Issue-ID: CCSDK-3816
Signed-off-by: aravind.est <aravindhan.a@est.tech>
Change-Id: I4153f070e6f3394667b8ce4a714d0f8e91be4738
|
|
The image versions in policy values.yaml files have been updated
*** This commit is generated by a PF release script ***
Issue-ID: POLICY-4462
Signed-off-by: liamfallon <liam.fallon@est.tech>
Change-Id: I6154e8409900eca422f6b9392883d50232d1f573
|
|
Update chart versions 12.0.0 for London
Issue-ID: OOM-3046
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: Ic196235ff4f6ae14a7ecad799bd75a9666b2594a
|
|
|
|
The image versions in policy values.yaml files have been updated
*** This commit is generated by a PF release script ***
Issue-ID: POLICY-4408
Signed-off-by: liamfallon <liam.fallon@est.tech>
Change-Id: I668a2acadccf8d36ccd3b7c1fb21bcfbe59d80da
Signed-off-by: liamfallon <liam.fallon@est.tech>
|
|
Harmonize all ingress definitions using schema:
<component>-<application>-<api|ui>
and adding plain_port attributes to support SM
Issue-ID: OOM-3000
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I8212774ba194758d7cf23bc2085edcc4eacd2539
|
|
CLAMP ACM participants do not use a databsae. However, Spring looks for
a JDBC driver when it comes up unless the driver lookup is disabled.
Issue-ID: POLICY-4375
Change-Id: I0cd22cea3972857b669031de0bfc04a07321ae92
Signed-off-by: liamfallon <liam.fallon@est.tech>
|
|
On non-TLS setup the MR port is 3904 instead of 3905,
which needs to be set in the papParameters file
Issue-ID: OOM-3003
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: Ie5ee14209660f00e69b6e4b1df5a992731f500f6
|
|
Updating the basic requirements for Service Mesh Compliance within Policy.
Changing the DB jobs and updating the configuration files to use HTTP
Issue-ID: OOM-2253
Change-Id: If1aed68f0ed2f00d6a5cf06e5f95837f9405f65b
Signed-off-by: amatthews <adrian.matthews@est.tech>
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
|
|
The db-migrator image is upgraded to the
latest release. Additionally, config changes
to allow DB customization are included.
Issue-ID: POLICY-4343
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Change-Id: I9e531d3baf218a30a885bc4258f9fdeb36eaab99
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
|
|
The image versions in policy values.yaml files have been updated
*** This commit is generated by a PF release script ***
Issue-ID: POLICY-4343
Signed-off-by: liamfallon <liam.fallon@est.tech>
Change-Id: I96f9d8d2857976f22f503810ba1d9bb42133cd6b
|
|
Added strimzi kafka user and topics for policy apex-pdp in
relevant helm charts.
Updated kafka configuration for policy component helm charts.
Corrected policy-group configuration in PAP
Issue-ID: POLICY-4134
Signed-off-by: Sirisha_Manchikanti <sirisha.manchikanti@est.tech>
Change-Id: I0f38f4919898c04e4f4dadc820a7627eee6e022a
|
|
Issue-ID: POLICY-4341
Signed-off-by: Sirisha_Manchikanti <sirisha.manchikanti@est.tech>
Change-Id: I642e7df1c12f59c78d49a494857652bb5f9dd974
|
|
|
|
All Makefiles are updated to support SKIP_LINT option,
have a defined order of compilation (common -> components)
to support the parallel compilation of charts using:
make all -j8 (for 8 Jobs). Additionally use cm-push instead
of push to use the new K8S/Helm version
Issue-ID: OOM-3011
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: If9903c9d5bc646b5ce54075acc616e98c4b6706e
|
|
Add strimzi kafka user and topics for policy components in
relevant helm charts.
Issue-ID: POLICY-4133
Signed-off-by: Sirisha_Manchikanti <sirisha.manchikanti@est.tech>
Change-Id: If0e1107c03acdfed83bfc359a45ad546d134bd30
|
|
Make permitted repository list overridable from values.yaml
CofigMap populates the application properties file with required values.
Issue-ID: POLICY-4237
Signed-off-by: zrrmmua <ramesh.murugan.iyer@est.tech>
Change-Id: Ib48716f12bc5f4d22fbda8e22fd2077e0e982ec3
|
|
Use version 11.0.0 for Kohn
Issue-ID: OOM-2971
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: Icc0e0839fc6def2035383b5fa4c9153fc15fafda
|
|
Updated cluster role binding name and service account name to acm
terminology
Issue-ID: POLICY-4170
Signed-off-by: zrrmmua <ramesh.murugan.iyer@est.tech>
Change-Id: I1b52d6a5d01921d70fce53884558a3ce58f98e19
|
|
These images tackle security issues in libraries.
Issue-ID: POLICY-4071
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Change-Id: I88297b05f05e0a847d10333e60e665f89ccb424d
|
|
Update chart to run Spring Boot version of policy-gui
Remove obsolete nginx config
Issue-ID: POLICY-3980
Signed-off-by: danielhanrahan <daniel.hanrahan@est.tech>
Change-Id: I34ff95be09a416e07d2f4ad8bdaea71c1a1e7111
|
|
The exceptions are policy-drools-pdp, policy-xacml-pdp,
and policy-gui that are handled in different reviews.
Issue-ID: POLICY-4089
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Change-Id: I5d03ce22d9c69380c6f76b24383555cf71803ea4
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
|
|
ServiceMonitor resource not part of native Kubernetes,
it is a custom resource defined via Prometheus operator.
Prometheus operator deployment is a pre-requisite
to enable creating a ServiceMonitor objects.
Issue-ID: POLICY-4096
Signed-off-by: Rashmi Pujar <rashmi.pujar1@bell.ca>
Change-Id: Ia672d5d5982e61c00f8effccad0929240f54efb2
|
|
We saw some bottlenecks during S3P testing of API component due
to the default connection pool size of 10. Setting it to 20 based
on the number of parallel threads used for performance tests.
The change is required because prior to spring boot migration
(Istanbul and earlier), the default connection size was 32 so
it was never a problem for running load tests.
Issue-ID: POLICY-4007
Change-Id: Iaaa573d5fce0298e3aff05a27c2e845840a6cb06
Signed-off-by: Prakhar Pandey <prakhar.pandey@bell.ca>
|
|
- added logback prometheus support for xacml and drools.
- enabled enhanced healthchecks.
- enabled enhanced liveness probes for drools pdp to detect stuck PDP
application and restart it.
- add prometheus servicemonitor for drools.
- set latest docker image versions for drools-applications and xacml
Issue-ID: POLICY-3386
Issue-ID: POLICY-4089
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Change-Id: I0ffd9bf93452f8a7a63deb33f2103f9b80476d07
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
|
|
Update CLAMP OOM Configuration
for rename from TOSCA Control Loop to ACM
Issue-ID: POLICY-3942
Change-Id: I2044dfb68f22dc27d701c7bea1e2a2eab69cb28d
Signed-off-by: FrancescoFioraEst <francesco.fiora@est.tech>
|
|
Cluster role is required for the k8s-ppnt to perform helm deployments
on the cluster
Issue-ID: POLICY-3748
Signed-off-by: zrrmmua <ramesh.murugan.iyer@est.tech>
Change-Id: Ib916803d22f6ecf0ed16e8c75fe52b4e567069ca
|
|
Remove clamp-frontend code,
as this is moved to policy-gui
Issue-ID: POLICY-3358
Change-Id: Id6402815ead572e8cec9f1743709d6de6f28b79c
Signed-off-by: FrancescoFioraEst <francesco.fiora@est.tech>
|
|
This review contains the below changes:
1) PAP config changes for spring boot migration
2) savePdpStatistics flag is disabled by default
3) DMaaP connectivity added to PAP consolidated healthcheck
4) Improve PAP & API readiness probe from TCP to HTTP GET based healthcheck api
5) API config changes for springboot migration
6) Update the docker image versions for Jakarta.
Change-Id: I8dfc821b1245cd4ef6bdedad7802deb4ac3297e3
Issue-ID: POLICY-3750
Signed-off-by: a.sreekumar <ajith.sreekumar@bell.ca>
|
|
|
|
1. Define serviceMonitor for policy components
2. Changes to common serviceMonitor tpl file to include
tls params in authentication config, and to provide ability
to overrride labels.
Issue-ID: POLICY-3779
Signed-off-by: Rashmi Pujar <rashmi.pujar1@bell.ca>
Change-Id: I79441958698271d9118efb78cfd121433e201ebd
|
|
- K8s participant to accept only permitted and secured repositories
Issue-ID: POLICY-3894
Change-Id: If602ecc35384d66990a81fd470d24d76e95725fd
Signed-off-by: Lathish <lathishbabu.ganesan@est.tech>
|