Age | Commit message (Collapse) | Author | Files | Lines |
|
MSB is currently using an hardcoded certificate. In order to follow
SECOMMON requirements, let's use a freshly generated certificate instead
Issue-ID: MSB-521
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I157e44a6e30391c36c0142acfa08604c37b79cc4
|
|
Today, `identities.dat` is put on cassandra deployment. But this file is
actually needed by "working" deployments (at least certman and service)
and not by cassandra.
This patch removes it from cassandra deployments and add it to the other
ones form "authz" family.
Issue-ID: OOM-2678
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I2a4b68f73797cd6c369060481e169525829a4217
|
|
|
|
|
|
|
|
|
|
Creation of the clamp subcharts + fusion of the clamp database to policy mariadb
Issue-ID: POLICY-2951
Signed-off-by: sebdet <sebastien.determe@intl.att.com>
Change-Id: I8192f82bc393e3fc8d5884d6ab73912a0466edcd
Signed-off-by: sebdet <sebastien.determe@intl.att.com>
|
|
|
|
cm-container 4.2.0 fixes a restart issue
consul-loader-container 1.1.0 adds functionality
needed for deploying DCAE microservices with Helm
Issue-ID: DCAEGEN2-2581
Issue-ID: DCAEGEN2-2616
Signed-off-by: Jack Lucas <jflos@sonoris.net>
Change-Id: I3999767d51ce7135c2783a7eee6dadd0b3270d4f
|
|
When on small flavor, limits set are too small to allow a smooth start
of cassandra with usual Heap configurations.
This patch adds heap configuration when on small.
Issue-ID: PORTAL-1037
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Icdbc4fd5892c3f350642ffdd924e4c36f0135019
|
|
Make music to use cert manager to generate
and load the certificates
Issue-ID: OOM-2673
Signed-off-by: Krishna Moorthy <krishna.moorthy6@wipro.com>
Change-Id: I3c655107bebb969f317bcbe87cfc6a55a1821533
|
|
- Create certManagerCertificate chart for Certificate template
- Change default values for duration and renewBefore
- Add creation Secret with keystore password
- Use template in SDNC (add volumes and volumesMounts)
Issue-ID: OOM-2568
Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Change-Id: Ib70d91b599fa6813ed0a6d5b96206508f2fdafcf
|
|
|
|
|
|
|
|
|
|
|
|
In DR deployments, use of `{{- end -}}` at the of affinity makes the
next line to "glue" to resources information.
And it seems that in recent kubernetes, it makes it break.
Issue-ID: OOM-2671
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ief6fcdf18b9bea1bff728924d7c9a25465ac8a47
|
|
|
|
Instead of using an harcoded certificate for AAI Haproxy, let's use
certInitializer in order to have a fresh one.
Issue-ID: OOM-2654
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Id07af4084ae714bc7ba7132b218434229a0ba866
|
|
|
|
|
|
|
|
Updating the resources microservice to
trust the onap certificates to fix the
issue where the A&AI is unable to publish
to AAI-EVENT topic because A&AI is not trusting
the message router certificate
Issue-ID: AAI-3219
Change-Id: I33d52a1f4593154ce123e7c67aee6dcdeedaf889
Signed-off-by: Harish Venkata Kajur <vk250x@att.com>
|
|
|
|
- runtime-api to 1.2.1
- onboarding-api to 2.12.4
Issue-ID: DCAEGEN2-1179
Issue-ID: DCAEGEN2-2441
Issue-ID: DCAEGEN2-2546
Signed-off-by: Tomasz Wrobel <tomasz.wrobel@nokia.com>
Change-Id: I04dfb7c9dd9c797bf48f1fb507b84719f3f3b171
|
|
Update cm-container to 4.1.0
Update bootstrap to 3.0.0
Move plugin configuration from bootstrap to cm-container
Remove unneeded inputs files
Issue-ID: DCAEGEN2-2542
Issue-ID: DCAEGEN2-2582
Issue-ID: DCAEGEN2-2543
Issue-ID: DCAEGEN2-2383
Signed-off-by: Jack Lucas <jflos@sonoris.net>
Change-Id: I30a3f549d9811adedc8472fd410038eaa068e771
|
|
Enhance CertServiceAPI response (include CMP server error messages)
Fix KeyUsage extension sent to CMPv2 server
Issue-ID: OOM-2658
Signed-off-by: Joanna Jeremicz <joanna.jeremicz@nokia.com>
Change-Id: Ic2c68b85fce08d20e423b316a3234e6f00799a42
|
|
|
|
New TLS part of Ingress templating was broken. This commit fixes it.
Issue-ID: OOM-2609
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I0b9b41e052911ef0064696ac7cf6ca8a274ae1dd
|
|
|
|
proxyUser, ProxyPassowrd and proxyUrl for jersey.config.client.proxy settings
Issue-ID: OOM-2662
Signed-off-by: demskeq8 <alexander.dehn@highstreet-technologies.com>
Change-Id: I9136e71153ccce88b8bc8a6501ebdea2eb3a93cb
|
|
|
|
Current startup script of etcd checks whether all assumed other nodes
are already running, before proceeding. This check, however, also
includes checking localhost, but due to using headless service
statefulset pod DNS discovery, it doesnt succeed immediately.
In some deployments k8s DNS server may be laggy, thus failing startup
script to finish before liveness check. This patch fixes such failures
of 1 pod etcd clusters, and improves startup time for any size ones.
Signed-off-by: Konrad Bańka <k.banka@samsung.com>
Issue-ID: OOM-2668
Change-Id: I2f9263a0f4964b0a495631775d0cbbceef25e85b
|
|
Some AAI components have the ability of using AAF proxies for
authentication. As AAF is deprecated and these proxies seems not to be
used by anybody, let's remove them.
Issue-ID: OOM-2663
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ie78740eb452f1b28f031a97fe272f86acce1f8be
|
|
|
|
In order to make DMaaP Message Router to work, a change in Zookeeper has
to be done so it's listening on all Interfaces.
Also, rename service port names in order to follow istio best practices.
Issue-ID: OOM-2233
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I4ed3426c57439d40ff48c7fbbc6d2e970924b7f2
|
|
Create generic template to simplify CertServiceClient use
Issue-ID: OOM-2568
Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com>
Change-Id: I4fb9829b27b1dd13a9e7a098f807710cc5648438
|
|
|
|
|
|
Incorrect redirection to the login page.
Unlogged user after entering to
https://portal.api.simpledemo.onap.org:30225/ONAPPORTAL/app/applicationsHome
should be redirected to
https://portal.api.simpledemo.onap.org:30225/ONAPPORTAL/login.htm
instead of http://portal.api.simpledemo.onap.org:8989/ONAPPORTAL/login.htm
Issue-ID: PORTAL-1055
Signed-off-by: Marcin Rzepecki <marcin.rzepecki@nokia.com>
Change-Id: I48673fa45aea66f664e9c22107fcaef00305264a
|
|
|
|
|
|
Today, onboarding custom certificates relies on `bash`. But image used
for that doesn't have bash.
Therefore, we need to use `sh` in order to onboard the certs.
Issue-ID: OOM-2666
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ia8087bd9484a013ac76044681059f634a4e45eb8
|
|
|
|
Instead of "hardcoding" all services, let's generate them with two
values and shrink a little bit template.
It also simplify the reading of the template.
Issue-ID: OOM-2664
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I2a5f181fac93f34e074998aeaf82489f8305de1f
|
|
Bitnami init script can automatically choose the node address (which is
the IP address of the container).
Unfortunately, this doesn't work when on dual stack as both IP addresses
with a space are given (see
https://github.com/bitnami/charts/issues/4077).
This patch force the IP address so we can get rid of this issue
Issue-ID: OOM-2661
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I5dd2147df1932b1f0fdde7c2b55585cff45bab68
|
|
|
|
Issue-ID: OPTFRA-886
Signed-off-by: Krishna Moorthy <krishna.moorthy6@wipro.com>
Change-Id: I1e6475c90546a94051015732dc9730dc21cc591f
|
|
This commit makes common template to use the new generator for
repositories and images.
Issue-ID: OOM-2364
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I35123faf99ae3bffea68bc39776f320c4168b45f
|