summaryrefslogtreecommitdiffstats
path: root/kubernetes/policy
AgeCommit message (Collapse)AuthorFilesLines
2020-12-04[POLICY] send status to pap when types are readyjhh2-1/+2
this is a port from guilin functionality Issue-ID: POLICY-2901 Signed-off-by: jhh <jorge.hernandez-herrero@att.com> Change-Id: Ie045ca35ae8707b9043422c3c241a30300b0f4a9 Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
2020-11-17[POLICY] Add fetchTimeout to handle dmaap 503 errorRam Krishna Verma3-0/+3
Adding fetchTimeout in policy xacml-pdp, apex-pdp & pap to throttle the request for 15ms in case of getting 503 from dmaap and not flooding too many requests. Issue-ID: POLICY-2884 Change-Id: Ie03d5d7da5a6b7ac335eb9cc016c7b735faec3f0 Signed-off-by: Ram Krishna Verma <ram_krishna.verma@bell.ca>
2020-07-16[POLICY] tomcat security upgrade legacy componentsjhh6-75/+21
Cert stores password support for APEX component in frankfurt (POLICY-2633). Issue-ID: POLICY-2678 Signed-off-by: jhh <jorge.hernandez-herrero@att.com> Change-Id: Ic7bda77f0ecc59109bc0263eeb1d7c630d326128 Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
2020-07-02[POLICY] add env passwords to api/pap/xacml/distjhh8-0/+73
keystore and truststore passwords are now stored as secrets to be accessed by environment variables. Issue-ID: POLICY-2575 Signed-off-by: jhh <jorge.hernandez-herrero@att.com> Change-Id: I5831f5c7bc040d036c38c321b5cc87848e80ca48
2020-05-26[POLICY] frankfurt RC2 imagesjhh10-11/+11
Issue-ID: POLICY-2514 Signed-off-by: jhh <jorge.hernandez-herrero@att.com> Change-Id: Id2597d80cfd5c43992e8d0435a2aca4312a3c796 Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
2020-05-21Make Policy PAP exposition configurableBruno Sakoto2-0/+11
Policy PAP endpoint exposition is made configurable using helm override values when deploying. Available options for service type are: * Cluster IP (default value) * Node Port (by overriding policy.pap.service.type value with NodePort) Issue-ID: POLICY-2514 Signed-off-by: Bruno Sakoto <bruno.sakoto@bell.ca> Change-Id: Ifc3ac09aeb9e8836c0ef15a8b5b60bd8e31dca03 (cherry picked from commit 425d5be006c212b3c02fb79405282e6148250eb2)
2020-05-20Merge "[POLICY] Remove hardcoded credentials from policy-apex-pdp" into ↵Sylvain Desbureaux5-4/+64
frankfurt
2020-05-13[POLICY] Remove hardcoded credentials from policy-apex-pdpDominik Mizyn5-4/+64
This patch remove hardcoded healthcheck credentials and trustStorePassword from policy-apex-pdp. Issue-ID: OOM-2342 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com> Change-Id: Ie8800830919479b87d7a71dfafe934bb95839ede (cherry picked from commit b8c44b484f4dbe628ceef49b628163ade47101bc)
2020-05-13[POLICY] Remove hardcoded credentials from policy-distributionDominik Mizyn4-9/+101
This patch remove hardcoded healthcheck credentials from policy-distribution. Issue-ID: OOM-2342 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com> Change-Id: I7c71fcceab030bd7858e8de9fe3f58451ac505d6 [Fix init container] Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> (cherry picked from commit 4aa534fa3920335f1ec899331b435ac6b8c8521b)
2020-05-09[POLICY] put base64 password in xacml.propertiesjhh3-8/+7
In addition, remove heap mem sizing for drools too as it is properly sized according to container allocated resources. Issue-ID: POLICY-2547 Signed-off-by: jhh <jorge.hernandez-herrero@att.com> Change-Id: I4e1e5eaef1cad924ac4c86e5248230aef1fad7d8 Signed-off-by: jhh <jorge.hernandez-herrero@att.com> (cherry picked from commit ed6839f2fe2566741dcd49c8e59fdae519ce84b0)
2020-05-04Merge "Change ingress hosnames for exposed services"Sylvain Desbureaux1-0/+6
2020-04-30[POLICY] update images and fixesjhh11-516/+27
Issue-ID: POLICY-2510 Signed-off-by: jhh <jorge.hernandez-herrero@att.com> Change-Id: I1ac9698233d1b570ef3c5759742038c96015ba32 Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
2020-04-29Change ingress hosnames for exposed servicesLucjan Bryndza1-0/+6
Change ingress host to the required hostnames Change-Id: Ic78c8821e2e23e00943d8abdf7b2183b4d940c72 Signed-off-by: Lucjan Bryndza <l.bryndza@samsung.com> Issue-ID: OOM-2391 Signed-off-by: Lucjan Bryndza <l.bryndza@samsung.com>
2020-04-24[POLICY] fix: Process also content of pd-pdpKrzysztof Opasiak1-17/+16
By mistake we've been processing only pe volume but recently we removed hardcoded passwords also from other files in pe-pdp. To fix this let's improve our init container and process files in both volumes. Issue-ID: POLICY-2516 Change-Id: Id97a64708803b72ab88362ccc5b88970661146e6 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2020-04-23Merge "[POLICY] Remove hardcoded credentials from policy-xacml-pdp"Krzysztof Opasiak3-5/+51
2020-04-22[POLICY] Remove hardcoded credentials from policy-apiDominik Mizyn3-5/+18
This patch remove hardcoded healthcheck credentials from policy-api. Issue-ID: OOM-2342 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com> Change-Id: Ifc12d78fc1f7f00dd1466c32553453f0273661a3
2020-04-22[POLICY] Remove hardcoded credentials from policy-xacml-pdpDominik Mizyn3-5/+51
This patch remove hardcoded healthcheck credentials from policy-xacml-pdp Issue-ID: OOM-2342 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com> Change-Id: I49db16a852412bad79f092232bcd2ba97eac7170
2020-04-20Merge "[POLICY] Use common secret template in pdp"Krzysztof Opasiak3-4/+38
2020-04-20Merge "[Policy] Remove hardcoded credentials from pap"Krzysztof Opasiak3-6/+46
2020-04-20[POLICY] Use common secret template in pdpDominik Mizyn3-4/+38
Use common secret template in pdp module instead of hardcoding them For now creds are hardcoded but this will be remove in further commits. Issue-ID: OOM-2342 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com> Change-Id: I091e5390c1ef7d98f0c4fb1cb5f6ca2d099e387f
2020-04-17[POLICY] legacy PDP healtchcheck removedjhh1-1/+1
It may be causing some flakiness with some healthchecks passing in OOM builds. Not sure the root cause, as the problem happens occassionally, may be a race condition or something else (legacy PDP and dependent components may take some time to initialize). Issue-ID: POLICY-2471 Signed-off-by: jhh <jorge.hernandez-herrero@att.com> Change-Id: I8ab7c8c563c1db13b2a99aa8cb6f3c022c625642
2020-04-17[Policy] Remove hardcoded credentials from papDominik Mizyn3-6/+46
This patch remove hardcoded healthcheck credentials from pap. Issue-ID: OOM-2342 Change-Id: I8dc2a1b0a84a18215403aabc8ae9b2a25387c3d7 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2020-04-17[POLICY] Fix in brmsgw templateDominik Mizyn1-1/+0
Double volumeMounts in brmsgw template fix Issue-ID: OOM-2342 Change-Id: Ia855d18a636b19ee9aafcc8739b8c52260f611c2 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2020-04-16[POLICY] Use common secret template in brmsgwDominik Mizyn3-6/+59
Use common secret template in brmsgw module instead of hardcoding them in config map. For now creds are hardcoded but this will be remove in further commits. Issue-ID: OOM-2342 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com> Change-Id: Ic6ea25004d87d993b40df838dd30a71e25386b2c
2020-04-15[POLICY] legacy pdp health + new image versionsjhh10-10/+10
Issue-ID: POLICY-2471 Signed-off-by: jhh <jorge.hernandez-herrero@att.com> Change-Id: Ia05d2c52e99757dafff4ac8bbcc7ef4269734707 Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
2020-04-10[POLICY] Use common secret template in whole policy moduleKrzysztof Opasiak8-29/+110
All subcharts are ready so now we can remove hardcoded mariadb credentials in policy module and depend on common secret chart to generate them for us at the deployment time. Issue-ID: OOM-2342 Change-Id: I84bfc30511312be0b2e614ddff4676f36d85619b Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
2020-04-07Merge "Add healthcheck for legacy PAP"Krzysztof Opasiak3-0/+61
2020-04-06Add healthcheck for legacy PAPjhh3-0/+61
Issue-ID: POLICY-2473 Signed-off-by: jhh <jorge.hernandez-herrero@att.com> Change-Id: Ib6c129b2cc9e9c81335da66df6d6d178de0cbc61
2020-04-03[POLICY] Use common secret template in papKrzysztof Opasiak4-3/+56
Use common secret template in pap module instead of hardcoding them in config map. For now db creds are hardcoded but this will be remove in further commits. Issue-ID: OOM-2342 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Ic4a4c175579fdc89de216fc09edd562530ad10cc
2020-04-03[POLICY] Use common secret template in policy-apiKrzysztof Opasiak4-3/+56
Use common secret template in policy-api module instead of hardcoding db credentials in config map. For now db creds are hardcoded but will be remove in further commits. Issue-ID: OOM-2342 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I6219a06ef466e214756302974589fcc27fa0a4cd
2020-04-02Bump chart versionSylvain Desbureaux22-23/+23
Use 6.0.0 in preparation for Frankfurt release Issue-ID: OOM-2320 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I8ad82dfdf48b56c38c0e85d640b18cc13c8d9e67
2020-04-01Merge "[POLICY] Use common secret template in brmsgw"Krzysztof Opasiak3-0/+35
2020-04-01Merge "[POLICY] Use common secret template in pdp"Sylvain Desbureaux3-0/+36
2020-04-01Merge "[POLICY] Allow to override username and password from env"Sylvain Desbureaux1-2/+11
2020-04-01[POLICY] Use common secret template in pdpKrzysztof Opasiak3-0/+36
Use common secret template in pdp module to override DB credentials comming from policy-common. For now db creds are hardcoded but will be remove in further commits. Issue-ID: OOM-2342 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I7e2304a79e0c92b5e7e32170135fd59769a21899
2020-04-01[POLICY] Use common secret template in brmsgwKrzysztof Opasiak3-0/+35
Use common secret template in brmsgw module to override DB credentials comming from policy-common For now db creds are hardcoded but will be remove in further commits. Issue-ID: OOM-2342 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Ic15afa9d65982d0ae3a535094f1e4b5f21758c82
2020-04-01[POLICY] Allow to override username and password from envKrzysztof Opasiak1-2/+11
To avoid hardcoding password in base.conf let's allow to override DB username and password from the environment variable. Issue-ID: OOM-2342 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I9fc9506b3908da06d0ad221f63d0a56c783788db
2020-04-01[POLICY] Use common secret template in policy-xacmlKrzysztof Opasiak4-2/+37
Use common secret template in policy-xacml module instead of hardcoding db credentials in config map. For now db creds are hardcoded but will be remove in further commits. Issue-ID: OOM-2342 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I3c78373d1b6cf6cdd94af03645e3d5af8704b942
2020-03-27Merge "policy changes pre-1st policy release in frankfurt"Krzysztof Opasiak19-96/+280
2020-03-26[POLICY] Use common secret template in droolsKrzysztof Opasiak4-3/+17
Use common secret template in drools module instead of putting db credentials in a single secret file to allow usage of external secret mechanism. For now db creds are hardcoded but will be remove in further commits. Issue-ID: OOM-2342 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I377b71d76b0b37e919ea841586bb6d5c22107952
2020-03-26policy changes pre-1st policy release in frankfurtjhh19-96/+280
Miscellenous changes to keep up with all necessary oom modifications to support first set of released deliveries. PS1,PS6: PDP-D offline support. PS2: PDP-D PDP Group support. When PDPs register with PAP, they now have to specify their PDP group. Added the default group to the config file. PS3: PDP-A config file changes to add PDP group and native policy type. PS4, PS6: API add new preloaded policy types. PS5: Set snapshot versions for current release testing. PS[7-9]: https dmaap support for pap,pdp-x,distribution,pdp-a. PS10: PAP healthcheck configuration. PS11: Update LICENSE headers. PS12: Preload onap.policies.controlloop.operational.Common operational type. PS13: PDP-D drools base.conf remove JAVA_HOME PS14: add preloaded operational policies for apex in api component, and JDK 11 for legacy engine components. PS15: apex updated supported policy types, and remove duplicate preloaded policy type from api (operational Common). PS16: added api preloaded policy. PS17: distribution + more api preloaded policies PS18: amsterdam.pre.sh point to pdpd-cl-entrypoint.sh PS19: rebase and remove references to amsterdam in drools (deprecated) PS21: replace url with host/port for new actor design PS22: add trailing "/" to context URIs PS23: restore SO_URL as it may be needed for old actors/rules PS24: update to released images PS25: updated brmsgw.conf to latest images Issue-ID: POLICY-2296 Change-Id: I52232f65db19a50dd3c9baf052242c6d79675264 Signed-off-by: jhh <jorge.hernandez-herrero@att.com> Signed-off-by: Jim Hahn <jrh3@att.com> Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
2020-03-10Standardize the pap pod/service name.k.kedron9-2/+2
To fix the bug with connecting to the pap by pdp. Change-Id: I21fb90f151ecace5c10e4def190ed15b15d7c4e5 Issue-ID: OOM-2333 Signed-off-by: Krystian Kedron <k.kedron@partner.samsung.com>
2020-02-01[ONAP-wide] Replace .Release.Name with common.releaseKrzysztof Opasiak27-66/+66
ONAP is too big to be deployed using helm install so we need to use a custom helm plugin helm deploy. This script deloys onap component by component instead of deploying evrything at once. Unfortunately this script also modifies the helm release by appending component name to it. As a result of this behavior our objects are called for example: onap-mariadb-galera-mariadb-galera-0 instead of just being called onap-mariadb-galera-0. This patch simplifies this naming convention by replacing all direct usages of .Release.Name with common.release macro which strips the component specific part from the release name. Issue-ID: OOM-2275 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Ia8cead50d305adb00eef666d0a1ace74479b5183
2020-01-08Enabling logback file to be loaded using configmap for policy componentsa.sreekumar5-6/+10
Change-Id: Ic73ad605ac3aca689221afed258eb3673398e425 Issue-ID: POLICY-2308 Signed-off-by: a.sreekumar <ajith.sreekumar@est.tech>
2020-01-03ignore tables case in policy galera mariadbjhh1-0/+3
For compatibility reasons with the legacy pap, console, brmsgw and pdp-x. Issue-ID: POLICY-2320 Signed-off-by: jhh <jorge.hernandez-herrero@att.com> Change-Id: I4fa05e1862acccecb468045a5ff58a84d92b1c26
2019-12-09[POLICY] Use global storage templates for PVCSylvain Desbureaux2-10/+4
OOM has now templates in order to create the needed PVC, using: * a PV with a specific class when using a common nfs mount path between nodes (sames as today use) --> is the default behavior today * or a storage class if we want to use dynamic PV. On this case, we use (in order of priority): - persistence.storageClassOverride if set on the chart - global.persistence.storageClass if set globally - persistence.storageClass if set on the chart Change-Id: Iabd5d12196459bb1fce9021857aeab57a757ee12 Issue-ID: OOM-1227 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
2019-11-27Merge "[Policy] Use common mariadb galera chart"Borislav Glozman31-459/+148
2019-11-21[Policy] Use common mariadb galera chartSylvain Desbureaux31-459/+148
Instead of using "own" galera chart, reuse chart placed in common part of OOM installation. Will ease move to common galera cluster (which is not done by this commit). Change-Id: I2d7c1e5cdc9289cfb55e288b1697373239ef96e3 Issue-ID: POLICY-1467 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
2019-11-15Added 'pdpGroup' to policy-xacml-pdp parameters config fileHOCKLA1-1/+2
Issue-ID: POLICY-2229 Change-Id: Iffb9f40b174eae1e3b714e4ec5e8997c58d01a35 Signed-off-by: HOCKLA <ah999m@att.com>
2019-10-28Add policy update notification topic to OOMJim Hahn1-0/+5
Issue-ID: POLICY-1841 Signed-off-by: Jim Hahn <jrh3@att.com> Change-Id: I2ab0b7f40a9b60531dccd6175c76d0a18726816e