From ba7fe94b93e4da611d179f09cf307aff97f2224f Mon Sep 17 00:00:00 2001 From: Dileep Ranganathan Date: Wed, 31 Oct 2018 09:52:31 -0700 Subject: AAF Integration for OOF-HAS Change-Id: Ice9e2665c110e0c04c4774d8b7dcfb91beae2110 Issue-ID: OPTFRA-331 Signed-off-by: Dileep Ranganathan --- .../charts/oof-has-api/templates/deployment.yaml | 2 ++ .../charts/oof-has/resources/config/conductor.conf | 21 +++++++++++++++------ 2 files changed, 17 insertions(+), 6 deletions(-) diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-api/templates/deployment.yaml b/kubernetes/oof/charts/oof-has/charts/oof-has-api/templates/deployment.yaml index 7589a0a3b4..9940305659 100755 --- a/kubernetes/oof/charts/oof-has/charts/oof-has-api/templates/deployment.yaml +++ b/kubernetes/oof/charts/oof-has/charts/oof-has-api/templates/deployment.yaml @@ -37,6 +37,8 @@ spec: args: - --container-name - oof-has-controller + - --container-name + - aaf-service env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/oof/charts/oof-has/resources/config/conductor.conf b/kubernetes/oof/charts/oof-has/resources/config/conductor.conf index 32213319a7..4db857a898 100755 --- a/kubernetes/oof/charts/oof-has/resources/config/conductor.conf +++ b/kubernetes/oof/charts/oof-has/resources/config/conductor.conf @@ -148,21 +148,30 @@ log_config_append = /usr/local/bin/log.conf #fatal_deprecations = false -[aaf_authentication] +[aaf_api] # # From conductor # # is_aaf_enabled. (boolean value) -is_aaf_enabled = false +is_aaf_enabled = true # aaf_cache_expiry_hrs. (integer value) -#aaf_cache_expiry_hrs = 3 +aaf_cache_expiry_hrs = 3 # aaf_url. (string value) -#aaf_url = http://aaf-service:8100/authz/perms/user/ -aaf_url = http://{{.Values.config.aaf.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.aaf.port}}/authz/perms/user/ +aaf_url = https://{{.Values.config.aaf.serviceName}}:{{.Values.config.aaf.port}}/authz/perms/user/ + +# aaf_cert_file. (string value) +#aaf_cert_file = + +# aaf_cert_key_file. (string value) +#aaf_cert_key_file = + +# aaf_ca_bundle_file. (string value) +#aaf_ca_bundle_file = +aaf_ca_bundle_file = /usr/local/bin/AAF_RootCA.cer # aaf_retries. (integer value) #aaf_retries = 3 @@ -171,7 +180,7 @@ aaf_url = http://{{.Values.config.aaf.serviceName}}.{{ include "common.namespace #aaf_timeout = 100 # aaf_user_roles. (list value) -#aaf_user_roles = {"type": "org.onap.oof","instance": "plans","action": "GET"},{"type": "org.onap.oof","instance": "plans","action": "POST"} +#aaf_permissions = {"type": "org.onap.oof.access","instance": "*","action": "*"} [aaf_sms] -- cgit 1.2.3-korg