summaryrefslogtreecommitdiffstats
path: root/patches/casablanca.patch
diff options
context:
space:
mode:
Diffstat (limited to 'patches/casablanca.patch')
-rw-r--r--patches/casablanca.patch428
1 files changed, 0 insertions, 428 deletions
diff --git a/patches/casablanca.patch b/patches/casablanca.patch
deleted file mode 100644
index 7f9d2068..00000000
--- a/patches/casablanca.patch
+++ /dev/null
@@ -1,428 +0,0 @@
-From 10656e7f8089e3c3a718a947fd10b1a728eeb8c6 Mon Sep 17 00:00:00 2001
-From: Milan Verespej <m.verespej@partner.samsung.com>
-Date: Wed, 6 Feb 2019 10:24:09 +0100
-Subject: [PATCH] Casablanca 3.0.0 offline patch
-
----
- .../templates/deployment.yaml | 12 ++-
- .../common/common/templates/_cacert.tpl | 80 +++++++++++++++++++
- .../dgbuilder/templates/deployment.yaml | 10 ++-
- .../templates/deployment.yaml | 7 ++
- kubernetes/onap/templates/configmap.yaml | 33 ++++++++
- .../charts/brmsgw/templates/deployment.yaml | 5 ++
- .../charts/drools/templates/statefulset.yaml | 8 ++
- .../charts/pdp/templates/statefulset.yaml | 5 ++
- .../policy-common/templates/_keystore.tpl | 61 ++++++++++++++
- .../templates/deployment.yaml | 12 ++-
- .../sdnc-portal/templates/deployment.yaml | 9 ++-
- 11 files changed, 234 insertions(+), 8 deletions(-)
- create mode 100644 kubernetes/common/common/templates/_cacert.tpl
- create mode 100644 kubernetes/onap/templates/configmap.yaml
- create mode 100644 kubernetes/policy/charts/policy-common/templates/_keystore.tpl
-
-diff --git a/kubernetes/appc/charts/appc-ansible-server/templates/deployment.yaml b/kubernetes/appc/charts/appc-ansible-server/templates/deployment.yaml
-index a7daa051..b7cdd9e6 100644
---- a/kubernetes/appc/charts/appc-ansible-server/templates/deployment.yaml
-+++ b/kubernetes/appc/charts/appc-ansible-server/templates/deployment.yaml
-@@ -47,8 +47,16 @@ spec:
- name: {{ include "common.name" . }}-readiness
- containers:
- - name: {{ include "common.name" . }}
-- command: ["/bin/bash"]
-- args: ["-c", "cd /opt/onap/ccsdk && ./startAnsibleServer.sh"]
-+ command:
-+ - /bin/bash
-+ - -c
-+ - >
-+ pip install -i http://nexus3.onap.org/repository/pypi-private/simple/
-+ --trusted-host nexus3.onap.org
-+ PyMySQL cherrypy requests;
-+ curl -s repo.infra-server/ubuntu/xenial/onap.list > /etc/apt/sources.list;
-+ apt-get update;
-+ cd /opt/onap/ccsdk && ./startAnsibleServer.sh
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
-diff --git a/kubernetes/common/common/templates/_cacert.tpl b/kubernetes/common/common/templates/_cacert.tpl
-new file mode 100644
-index 00000000..4fb80964
---- /dev/null
-+++ b/kubernetes/common/common/templates/_cacert.tpl
-@@ -0,0 +1,80 @@
-+# COPYRIGHT NOTICE STARTS HERE
-+#
-+# Copyright 2018 © Samsung Electronics Co., Ltd.
-+#
-+# Licensed under the Apache License, Version 2.0 (the "License");
-+# you may not use this file except in compliance with the License.
-+# You may obtain a copy of the License at
-+#
-+# http://www.apache.org/licenses/LICENSE-2.0
-+#
-+# Unless required by applicable law or agreed to in writing, software
-+# distributed under the License is distributed on an "AS IS" BASIS,
-+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-+# See the License for the specific language governing permissions and
-+# limitations under the License.
-+#
-+# COPYRIGHT NOTICE ENDS HERE
-+
-+#This template adds volume for access to ca certificate.
-+#Template is ignored when cacert not set.
-+{{- define "common.cacert-volume" }}
-+{{- if .Values.global.cacert }}
-+- name: cacert
-+ configMap:
-+ name: {{ include "common.namespace" . }}-root-ca-cert
-+{{- end }}
-+{{- end }}
-+
-+#This template mounts the CA certificate in an ubuntu compatible way.
-+#It is mounted to /usr/local/share/ca-certificates/cacert.crt.
-+#Template is ignored if cacert not set.
-+{{- define "common.cacert-mount-ubuntu" }}
-+{{- if .Values.global.cacert }}
-+- mountPath: "/usr/local/share/ca-certificates/cacert.crt"
-+ name: cacert
-+ subPath: certificate
-+{{- end }}
-+{{- end }}
-+
-+#This template creates an empty volume used to store system certificates (includes java keystore).
-+{{- define "common.system-ca-store-volume" }}
-+{{- if .Values.global.cacert }}
-+- name: system-ca-store
-+ emptyDir:
-+{{- end }}
-+{{- end }}
-+
-+#This template mounts system ca store volume to /etc/ssl/certs (ubuntu specific).
-+#Template is ignored in case cacert is not given.
-+{{- define "common.system-ca-store-mount-ubuntu" }}
-+{{- if .Values.global.cacert }}
-+- mountPath: "/etc/ssl/certs"
-+ name: system-ca-store
-+{{- end }}
-+{{- end }}
-+
-+#This template is a template for an init container.
-+#This init container can be declared to update system's ca store for ubuntu containers.
-+#It runs as root using the same image as the main one.
-+#It expects /etc/ssl/certs to be mounted as a volume.
-+#It has to be shared with the main container.
-+#This template is ignored if cacert is not given as helm value.
-+{{- define "common.update-system-ca-store-ubuntu" }}
-+{{- if .Values.global.cacert }}
-+- command:
-+ - "/bin/bash"
-+ - "-c"
-+ - |
-+ mkdir -p /etc/ssl/certs/java
-+ update-ca-certificates
-+ name: update-system-ca-store
-+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-+ image: {{ include "common.repository" . }}/{{ .Values.image }}
-+ securityContext:
-+ runAsUser: 0
-+ volumeMounts:
-+{{ include "common.cacert-mount-ubuntu" . | indent 2 }}
-+{{ include "common.system-ca-store-mount-ubuntu" . | indent 2 }}
-+{{- end }}
-+{{- end }}
-diff --git a/kubernetes/common/dgbuilder/templates/deployment.yaml b/kubernetes/common/dgbuilder/templates/deployment.yaml
-index 353c2314..2cb02d62 100644
---- a/kubernetes/common/dgbuilder/templates/deployment.yaml
-+++ b/kubernetes/common/dgbuilder/templates/deployment.yaml
-@@ -49,8 +49,14 @@ spec:
- - name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-- command: ["/bin/bash"]
-- args: ["-c", "cd /opt/onap/ccsdk/dgbuilder/ && ./start.sh sdnc1.0 && wait"]
-+ command:
-+ - /bin/bash
-+ - -c
-+ - >
-+ HOSTS_FILE_RECORD >> /etc/hosts;
-+ NPM_REGISTRY_RECORD;
-+ cd /opt/onap/ccsdk/dgbuilder/;
-+ ./start.sh sdnc1.0 && wait
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- readinessProbe:
-diff --git a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/deployment.yaml b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/deployment.yaml
-index 79bd8962..8e807a9b 100644
---- a/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/deployment.yaml
-+++ b/kubernetes/dcaegen2/charts/dcae-cloudify-manager/templates/deployment.yaml
-@@ -70,6 +70,8 @@ spec:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
-+ - mountPath: /etc/pki/ca-trust/source/anchors
-+ name: root-ca
- securityContext:
- privileged: True
- lifecycle:
-@@ -82,6 +84,8 @@ spec:
- set -ex
- mkdir -p /var/run/secrets/kubernetes.io/
- ln -s /secret /var/run/secrets/kubernetes.io/serviceaccount
-+ echo -e '\nREQUESTS_CA_BUNDLE="/etc/ssl/certs/ca-bundle.crt"' >> /etc/sysconfig/cloudify-restservice
-+ update-ca-trust extract
- volumes:
- - name: {{ include "common.fullname" . }}-config
- configMap:
-@@ -95,5 +99,8 @@ spec:
- - name: localtime
- hostPath:
- path: /etc/localtime
-+ - name: root-ca
-+ hostPath:
-+ path: /etc/pki/ca-trust/source/anchors
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
-diff --git a/kubernetes/onap/templates/configmap.yaml b/kubernetes/onap/templates/configmap.yaml
-new file mode 100644
-index 00000000..b1804a36
---- /dev/null
-+++ b/kubernetes/onap/templates/configmap.yaml
-@@ -0,0 +1,33 @@
-+# COPYRIGHT NOTICE STARTS HERE
-+#
-+# Copyright 2018 © Samsung Electronics Co., Ltd.
-+#
-+# Licensed under the Apache License, Version 2.0 (the "License");
-+# you may not use this file except in compliance with the License.
-+# You may obtain a copy of the License at
-+#
-+# http://www.apache.org/licenses/LICENSE-2.0
-+#
-+# Unless required by applicable law or agreed to in writing, software
-+# distributed under the License is distributed on an "AS IS" BASIS,
-+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-+# See the License for the specific language governing permissions and
-+# limitations under the License.
-+#
-+# COPYRIGHT NOTICE ENDS HERE
-+
-+{{ if .Values.global.cacert -}}
-+apiVersion: v1
-+kind: ConfigMap
-+metadata:
-+ name: {{ include "common.namespace" . }}-root-ca-cert
-+ namespace: {{ include "common.namespace" . }}
-+ labels:
-+ app: {{ include "common.name" . }}
-+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-+ release: {{ .Release.Name }}
-+ heritage: {{ .Release.Service }}
-+data:
-+ certificate: |
-+{{ .Values.global.cacert | indent 4 }}
-+{{- end }}
-diff --git a/kubernetes/policy/charts/brmsgw/templates/deployment.yaml b/kubernetes/policy/charts/brmsgw/templates/deployment.yaml
-index 7535d541..bbd63c13 100644
---- a/kubernetes/policy/charts/brmsgw/templates/deployment.yaml
-+++ b/kubernetes/policy/charts/brmsgw/templates/deployment.yaml
-@@ -46,6 +46,7 @@ spec:
- image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
-+{{ include "common.update-system-ca-store-ubuntu" . | indent 6 }}
- containers:
- - command:
- - /bin/bash
-@@ -69,6 +70,8 @@ spec:
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- volumeMounts:
-+{{ include "common.cacert-mount-ubuntu" . | indent 8 }}
-+{{ include "common.system-ca-store-mount-ubuntu" . | indent 8 }}
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
-@@ -95,6 +98,8 @@ spec:
- {{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- volumes:
-+{{ include "common.cacert-volume" . | indent 8 }}
-+{{ include "common.system-ca-store-volume" . | indent 8 }}
- - name: localtime
- hostPath:
- path: /etc/localtime
-diff --git a/kubernetes/policy/charts/drools/templates/statefulset.yaml b/kubernetes/policy/charts/drools/templates/statefulset.yaml
-index 6564e798..53c8b600 100644
---- a/kubernetes/policy/charts/drools/templates/statefulset.yaml
-+++ b/kubernetes/policy/charts/drools/templates/statefulset.yaml
-@@ -52,6 +52,8 @@ spec:
- image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
-+{{ include "common.update-system-ca-store-ubuntu" . | indent 6 }}
-+{{ include "policy.update-policy-truststore" . | indent 6 }}
- containers:
- - name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
-@@ -79,6 +81,9 @@ spec:
- - name: REPLICAS
- value: "{{ .Values.replicaCount }}"
- volumeMounts:
-+{{ include "common.cacert-mount-ubuntu" . | indent 10 }}
-+{{ include "common.system-ca-store-mount-ubuntu" . | indent 10 }}
-+{{ include "policy.truststore-mount" . | indent 10 }}
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
-@@ -137,6 +142,9 @@ spec:
- {{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- volumes:
-+{{ include "common.cacert-volume" . | indent 8 }}
-+{{ include "common.system-ca-store-volume" . | indent 8 }}
-+{{ include "policy.truststore-storage-volume" . | indent 8 }}
- - name: localtime
- hostPath:
- path: /etc/localtime
-diff --git a/kubernetes/policy/charts/pdp/templates/statefulset.yaml b/kubernetes/policy/charts/pdp/templates/statefulset.yaml
-index a3a8f6a9..4ae0ead5 100644
---- a/kubernetes/policy/charts/pdp/templates/statefulset.yaml
-+++ b/kubernetes/policy/charts/pdp/templates/statefulset.yaml
-@@ -50,6 +50,7 @@ spec:
- image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
-+{{ include "common.update-system-ca-store-ubuntu" . | indent 6 }}
- containers:
- - command:
- - /bin/bash
-@@ -75,6 +76,8 @@ spec:
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- volumeMounts:
-+{{ include "common.cacert-mount-ubuntu" . | indent 8 }}
-+{{ include "common.system-ca-store-mount-ubuntu" . | indent 8 }}
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
-@@ -114,6 +117,8 @@ spec:
- - mountPath: /usr/share/filebeat/data
- name: policy-data-filebeat
- volumes:
-+{{ include "common.cacert-volume" . | indent 6 }}
-+{{ include "common.system-ca-store-volume" . | indent 6 }}
- - name: localtime
- hostPath:
- path: /etc/localtime
-diff --git a/kubernetes/policy/charts/policy-common/templates/_keystore.tpl b/kubernetes/policy/charts/policy-common/templates/_keystore.tpl
-new file mode 100644
-index 00000000..81ba09bc
---- /dev/null
-+++ b/kubernetes/policy/charts/policy-common/templates/_keystore.tpl
-@@ -0,0 +1,61 @@
-+# COPYRIGHT NOTICE STARTS HERE
-+#
-+# Copyright 2018 © Samsung Electronics Co., Ltd.
-+#
-+# Licensed under the Apache License, Version 2.0 (the "License");
-+# you may not use this file except in compliance with the License.
-+# You may obtain a copy of the License at
-+#
-+# http://www.apache.org/licenses/LICENSE-2.0
-+#
-+# Unless required by applicable law or agreed to in writing, software
-+# distributed under the License is distributed on an "AS IS" BASIS,
-+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-+# See the License for the specific language governing permissions and
-+# limitations under the License.
-+#
-+# COPYRIGHT NOTICE ENDS HERE
-+
-+#This template creates a volume for storing policy-truststore with imported ca.
-+#It is ignored if cacert was not given.
-+{{- define "policy.truststore-storage-volume" }}
-+{{- if .Values.global.cacert }}
-+- name: truststore-storage
-+ emptyDir:
-+{{- end }}
-+{{- end }}
-+
-+#This template mounts policy-truststore in appropriate place for policy components to take it.
-+#It is ignored if cacert is not given.
-+{{- define "policy.truststore-mount" }}
-+{{- if .Values.global.cacert }}
-+- mountPath: "/tmp/policy-install/config/policy-truststore"
-+ name: truststore-storage
-+ subPath: policy-truststore
-+{{- end }}
-+{{- end }}
-+
-+#This will extract a policy truststore and then import
-+#the root cacert of offline nexus into it.
-+#This template expects a volume named truststore-storage where policy-truststore will be put.
-+#It also expects volume named cacert where the file "certificate" will contain the cert to import.
-+#Template is ignored if ca certificate not given.
-+{{- define "policy.update-policy-truststore" }}
-+{{- if .Values.global.cacert }}
-+- command:
-+ - "/bin/bash"
-+ - "-c"
-+ - |
-+ set -e
-+ tar -xzf base-*.tar.gz etc/ssl/policy-truststore
-+ cp etc/ssl/policy-truststore truststore-storage/
-+ keytool -import -keystore truststore-storage/policy-truststore -storepass "Pol1cy_0nap" -noprompt -file /usr/local/share/ca-certificates/cacert.crt
-+ name: update-policy-truststore
-+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-+ image: {{ include "common.repository" . }}/{{ .Values.image }}
-+ volumeMounts:
-+ - mountPath: "/tmp/policy-install/truststore-storage"
-+ name: truststore-storage
-+{{ include "common.cacert-mount-ubuntu" . | indent 2 }}
-+{{- end }}
-+{{- end }}
-diff --git a/kubernetes/sdnc/charts/sdnc-ansible-server/templates/deployment.yaml b/kubernetes/sdnc/charts/sdnc-ansible-server/templates/deployment.yaml
-index 1f14dd31..18b579dd 100644
---- a/kubernetes/sdnc/charts/sdnc-ansible-server/templates/deployment.yaml
-+++ b/kubernetes/sdnc/charts/sdnc-ansible-server/templates/deployment.yaml
-@@ -47,8 +47,16 @@ spec:
- name: {{ include "common.name" . }}-readiness
- containers:
- - name: {{ include "common.name" . }}
-- command: ["/bin/bash"]
-- args: ["-c", "cd /opt/onap/ccsdk && ./startAnsibleServer.sh"]
-+ command:
-+ - /bin/bash
-+ - -c
-+ - >
-+ pip install -i http://nexus3.onap.org/repository/pypi-private/simple/
-+ --trusted-host nexus3.onap.org
-+ PyMySQL cherrypy requests;
-+ curl -s repo.infra-server/ubuntu/xenial/onap.list > /etc/apt/sources.list;
-+ apt-get update;
-+ cd /opt/onap/ccsdk && ./startAnsibleServer.sh
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
-diff --git a/kubernetes/sdnc/charts/sdnc-portal/templates/deployment.yaml b/kubernetes/sdnc/charts/sdnc-portal/templates/deployment.yaml
-index 35dffee5..18dd7cd4 100644
---- a/kubernetes/sdnc/charts/sdnc-portal/templates/deployment.yaml
-+++ b/kubernetes/sdnc/charts/sdnc-portal/templates/deployment.yaml
-@@ -49,8 +49,13 @@ spec:
- name: {{ include "common.name" . }}-readiness
- containers:
- - name: {{ include "common.name" . }}
-- command: ["/bin/bash"]
-- args: ["-c", "cd /opt/onap/sdnc/admportal/shell && ./start_portal.sh"]
-+ command:
-+ - /bin/bash
-+ - -c
-+ - >
-+ HOSTS_FILE_RECORD >> /etc/hosts;
-+ NPM_REGISTRY_RECORD;
-+ cd /opt/onap/sdnc/admportal/shell && ./start_portal.sh
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
---
-2.20.1
-