Age | Commit message (Collapse) | Author | Files | Lines |
|
This patch remove hardcoded healthcheck credentials from policy-xacml-pdp
Issue-ID: OOM-2342
Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
Change-Id: I49db16a852412bad79f092232bcd2ba97eac7170
|
|
|
|
|
|
Use common secret template in pdp module instead of hardcoding them
For now creds are hardcoded but this will be remove in further commits.
Issue-ID: OOM-2342
Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
Change-Id: I091e5390c1ef7d98f0c4fb1cb5f6ca2d099e387f
|
|
It may be causing some flakiness with some healthchecks
passing in OOM builds. Not sure the root cause, as the
problem happens occassionally, may be a race condition or
something else (legacy PDP and dependent components may
take some time to initialize).
Issue-ID: POLICY-2471
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Change-Id: I8ab7c8c563c1db13b2a99aa8cb6f3c022c625642
|
|
This patch remove hardcoded healthcheck credentials from pap.
Issue-ID: OOM-2342
Change-Id: I8dc2a1b0a84a18215403aabc8ae9b2a25387c3d7
Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
|
|
Double volumeMounts in brmsgw template fix
Issue-ID: OOM-2342
Change-Id: Ia855d18a636b19ee9aafcc8739b8c52260f611c2
Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
|
|
Use common secret template in brmsgw module instead of hardcoding them in
config map.
For now creds are hardcoded but this will be remove in further commits.
Issue-ID: OOM-2342
Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
Change-Id: Ic6ea25004d87d993b40df838dd30a71e25386b2c
|
|
Issue-ID: POLICY-2471
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Change-Id: Ia05d2c52e99757dafff4ac8bbcc7ef4269734707
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
|
|
All subcharts are ready so now we can remove hardcoded mariadb
credentials in policy module and depend on common secret chart to
generate them for us at the deployment time.
Issue-ID: OOM-2342
Change-Id: I84bfc30511312be0b2e614ddff4676f36d85619b
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
|
|
|
|
Issue-ID: POLICY-2473
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Change-Id: Ib6c129b2cc9e9c81335da66df6d6d178de0cbc61
|
|
Use common secret template in pap module instead of hardcoding them in
config map.
For now db creds are hardcoded but this will be remove in further commits.
Issue-ID: OOM-2342
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Ic4a4c175579fdc89de216fc09edd562530ad10cc
|
|
Use common secret template in policy-api module instead of hardcoding db
credentials in config map.
For now db creds are hardcoded but will be remove in further commits.
Issue-ID: OOM-2342
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I6219a06ef466e214756302974589fcc27fa0a4cd
|
|
Use 6.0.0 in preparation for Frankfurt release
Issue-ID: OOM-2320
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I8ad82dfdf48b56c38c0e85d640b18cc13c8d9e67
|
|
|
|
|
|
|
|
Use common secret template in pdp module to override DB credentials
comming from policy-common.
For now db creds are hardcoded but will be remove in further commits.
Issue-ID: OOM-2342
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I7e2304a79e0c92b5e7e32170135fd59769a21899
|
|
Use common secret template in brmsgw module to override DB credentials
comming from policy-common
For now db creds are hardcoded but will be remove in further commits.
Issue-ID: OOM-2342
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Ic15afa9d65982d0ae3a535094f1e4b5f21758c82
|
|
To avoid hardcoding password in base.conf let's allow to override DB
username and password from the environment variable.
Issue-ID: OOM-2342
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I9fc9506b3908da06d0ad221f63d0a56c783788db
|
|
Use common secret template in policy-xacml module instead of hardcoding db
credentials in config map.
For now db creds are hardcoded but will be remove in further commits.
Issue-ID: OOM-2342
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I3c78373d1b6cf6cdd94af03645e3d5af8704b942
|
|
|
|
Use common secret template in drools module instead of putting db
credentials in a single secret file to allow usage of external secret
mechanism.
For now db creds are hardcoded but will be remove in further commits.
Issue-ID: OOM-2342
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I377b71d76b0b37e919ea841586bb6d5c22107952
|
|
Miscellenous changes to keep up with all necessary oom
modifications to support first set of released deliveries.
PS1,PS6: PDP-D offline support.
PS2: PDP-D PDP Group support. When PDPs register with PAP,
they now have to specify their PDP group. Added the default
group to the config file.
PS3: PDP-A config file changes to add PDP group and
native policy type.
PS4, PS6: API add new preloaded policy types.
PS5: Set snapshot versions for current release testing.
PS[7-9]: https dmaap support for pap,pdp-x,distribution,pdp-a.
PS10: PAP healthcheck configuration.
PS11: Update LICENSE headers.
PS12: Preload onap.policies.controlloop.operational.Common
operational type.
PS13: PDP-D drools base.conf remove JAVA_HOME
PS14: add preloaded operational policies for apex in api component,
and JDK 11 for legacy engine components.
PS15: apex updated supported policy types, and remove duplicate
preloaded policy type from api (operational Common).
PS16: added api preloaded policy.
PS17: distribution + more api preloaded policies
PS18: amsterdam.pre.sh point to pdpd-cl-entrypoint.sh
PS19: rebase and remove references to amsterdam in drools (deprecated)
PS21: replace url with host/port for new actor design
PS22: add trailing "/" to context URIs
PS23: restore SO_URL as it may be needed for old actors/rules
PS24: update to released images
PS25: updated brmsgw.conf to latest images
Issue-ID: POLICY-2296
Change-Id: I52232f65db19a50dd3c9baf052242c6d79675264
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Signed-off-by: Jim Hahn <jrh3@att.com>
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
|
|
To fix the bug with connecting to the pap by pdp.
Change-Id: I21fb90f151ecace5c10e4def190ed15b15d7c4e5
Issue-ID: OOM-2333
Signed-off-by: Krystian Kedron <k.kedron@partner.samsung.com>
|
|
ONAP is too big to be deployed using helm install so we need to
use a custom helm plugin helm deploy. This script deloys onap
component by component instead of deploying evrything at
once. Unfortunately this script also modifies the helm release by
appending component name to it.
As a result of this behavior our objects are called for example:
onap-mariadb-galera-mariadb-galera-0
instead of just being called onap-mariadb-galera-0.
This patch simplifies this naming convention by replacing all direct
usages of .Release.Name with common.release macro which strips the
component specific part from the release name.
Issue-ID: OOM-2275
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Ia8cead50d305adb00eef666d0a1ace74479b5183
|
|
Change-Id: Ic73ad605ac3aca689221afed258eb3673398e425
Issue-ID: POLICY-2308
Signed-off-by: a.sreekumar <ajith.sreekumar@est.tech>
|
|
For compatibility reasons with the legacy pap, console, brmsgw
and pdp-x.
Issue-ID: POLICY-2320
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Change-Id: I4fa05e1862acccecb468045a5ff58a84d92b1c26
|
|
OOM has now templates in order to create the needed PVC, using:
* a PV with a specific class when using a common nfs mount path between
nodes (sames as today use) --> is the default behavior today
* or a storage class if we want to use dynamic PV.
On this case, we use (in order of priority):
- persistence.storageClassOverride if set on the chart
- global.persistence.storageClass if set globally
- persistence.storageClass if set on the chart
Change-Id: Iabd5d12196459bb1fce9021857aeab57a757ee12
Issue-ID: OOM-1227
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
|
|
|
|
Instead of using "own" galera chart, reuse chart placed in common part
of OOM installation.
Will ease move to common galera cluster (which is not done by this
commit).
Change-Id: I2d7c1e5cdc9289cfb55e288b1697373239ef96e3
Issue-ID: POLICY-1467
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
|
|
Issue-ID: POLICY-2229
Change-Id: Iffb9f40b174eae1e3b714e4ec5e8997c58d01a35
Signed-off-by: HOCKLA <ah999m@att.com>
|
|
Issue-ID: POLICY-1841
Signed-off-by: Jim Hahn <jrh3@att.com>
Change-Id: I2ab0b7f40a9b60531dccd6175c76d0a18726816e
|
|
|
|
|
|
Issue-ID: POLICY-2064
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Change-Id: I5d9c6b8ea7e13b43b900f07d394b0bc5fb4b0c9f
|
|
Issue-ID: POLICY-2088
Signed-off-by: Rashmi Pujar <rashmi.pujar@bell.ca>
Change-Id: Iefcf1ea50cb2d096ff38a0ecf461a2caa6718f22
|
|
Issue-ID: POLICY-2171
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Change-Id: Iaff0090a25990612c04d58147d4f9dfd20e4111f
|
|
Issue-ID: POLICY-2156
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Change-Id: Idde12043286d715a1de27d581701a41f7a72739d
|
|
As AAF cadi libraries and Aether libraries (transitively
brought in by drools kie-ci functionality seem
to interfere with each other, AAF is disabled.
There is no side effects to disable AAF for this API
as it is not an external API (it is used for diagnostics
only).
The nexus value change is cosmetic, not really used.
Issue-ID: POLICY-2109
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Change-Id: I2ccb3b0f08a4d3020e58ca83bd89d2f614a51dca
|
|
Issue-ID: POLICY-1892
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Change-Id: I9fa307bac87fd59156dba7af17a7a8e3c18c4b13
|
|
|
|
Updating the config file of distribution chart as per the new code
changes done in El Alto release.
Adding changes for policy-engine as well.
Issue-ID: POLICY-1892
Change-Id: I21d971ff76f06dd1d74884481c81801422a3971c
Signed-off-by: ramverma <ram.krishna.verma@est.tech>
|
|
|
|
|
|
Issue-ID: POLICY-2045
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Change-Id: Idb074c7d4239be1c225f9e89f6672288fd658227
|
|
- move some values out of .conf files to values to avoid
building the chart when deploying policy (drools).
- move credentials to a single secret file, this is precursor
work to deal with confidential info in a better way in
future releases.
- delete unused files.
- generify mounting of configmaps/secrets as volumes to
avoid explicitly having to modify statefulset.yaml.
- update amsterdam controller with latest version in nexus
at container instantiation.
- update to the latest released drools image.
Issue-ID: POLICY-1371
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Change-Id: I1497b61cd210ac4c00b957c2832de5acd01ea4d2
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
|
|
Updated xacml-pdp config to add parameters so that it can connect to
policy-api to retrieve policy types.
Change-Id: Ib2fbd1523936a5b7c080e806b66eb0d31cb50365
Issue-ID: POLICY-2021
Signed-off-by: Jim Hahn <jrh3@att.com>
|
|
Today when deploying Policy with OOM, the PersistentVolumeClaim needs the
"ReadWriteMany" (or "RWX") capability.
According to Kubernetes Documentation (https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes),
ReadWriteMany stands for "the volume can be mounted as read-write by many nodes".
That means that a particular PVC needs to be read and written from many pods.
That also means that your code takes that into account and do the work to avoid
write at the same place at the same time.
An issue on RWX mode is that most "official" storage driver from Kubernetes doesn't
support it (13 over the 19 drivers doesn't support it, espacially OpenStack, Amazon
and Google storage classes).
Policy PVC for Nexus and Policy PVC for mariadb are used only for one POD.
Thus we don't need RWX.
Change-Id: Idf8a6ba8ef14ce7ca397438c2200c11517d0458e
Issue-ID: POLICY-2019
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
|