From d12c16773174e0cdd1fcdd861c7b93ae05de1bc9 Mon Sep 17 00:00:00 2001 From: efiacor Date: Thu, 23 Mar 2023 12:10:50 +0000 Subject: [AAI] Remove AAF/TLS config from charts Remove aaf and tls config from aai charts Signed-off-by: efiacor Change-Id: Ibb26e7ae00eb6b5a65ec2263b8f57ad6fb345892 Issue-ID: OOM-3111 --- .../resources/config/aaiconfig.properties | 15 +--------- .../resources/config/application.properties | 33 ++++------------------ 2 files changed, 7 insertions(+), 41 deletions(-) (limited to 'kubernetes/aai/components/aai-graphadmin/resources/config') diff --git a/kubernetes/aai/components/aai-graphadmin/resources/config/aaiconfig.properties b/kubernetes/aai/components/aai-graphadmin/resources/config/aaiconfig.properties index f768338d99..8f63ac85ab 100644 --- a/kubernetes/aai/components/aai-graphadmin/resources/config/aaiconfig.properties +++ b/kubernetes/aai/components/aai-graphadmin/resources/config/aaiconfig.properties @@ -5,6 +5,7 @@ # ================================================================================ # Copyright © 2018 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2021 Orange +# Modifications Copyright © 2023 Nordix Foundation # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -24,16 +25,9 @@ aai.config.checktime=1000 # this could come from siteconfig.pl? aai.config.nodename=AutomaticallyOverwritten - -{{ if ( include "common.needTLS" .) }} -aai.server.url.base=https://aai.{{ include "common.namespace" . }}:8443/aai/ -aai.server.url=https://aai.{{ include "common.namespace" . }}:8443/aai/{{ .Values.global.config.schema.version.api.default }}/ -aai.global.callback.url=https://aai.{{ include "common.namespace" . }}:8443/aai/ -{{ else }} aai.server.url.base=http://aai.{{ include "common.namespace" . }}/aai/ aai.server.url=http://aai.{{ include "common.namespace" . }}/aai/{{ .Values.global.config.schema.version.api.default }}/ aai.global.callback.url=http://aai.{{ include "common.namespace" . }}/aai/ -{{ end }} {{ if or (.Values.global.config.basic.auth.enabled) ( include "common.onServiceMesh" .) }} aai.tools.enableBasicAuth=true @@ -41,13 +35,6 @@ aai.tools.username={{ .Values.global.config.basic.auth.username }} aai.tools.password={{ .Values.global.config.basic.auth.passwd }} {{ end }} -{{ if ( include "common.needTLS" .) }} -aai.truststore.filename={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks -aai.truststore.passwd.x=${TRUSTSTORE_PASSWORD} -aai.keystore.filename={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12 -aai.keystore.passwd.x=${KEYSTORE_PASSWORD} -{{ end }} - aai.notification.current.version={{ .Values.global.config.schema.version.api.default }} aai.notificationEvent.default.status=UNPROCESSED aai.notificationEvent.default.eventType={{ .Values.global.config.notification.eventType }} diff --git a/kubernetes/aai/components/aai-graphadmin/resources/config/application.properties b/kubernetes/aai/components/aai-graphadmin/resources/config/application.properties index 6e64fd8400..37d02a0629 100644 --- a/kubernetes/aai/components/aai-graphadmin/resources/config/application.properties +++ b/kubernetes/aai/components/aai-graphadmin/resources/config/application.properties @@ -5,6 +5,7 @@ # ================================================================================ # Copyright � 2018 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2021 Orange +# Modifications Copyright © 2023 Nordix Foundation # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -34,7 +35,7 @@ server.servlet.context-path=/ spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration -spring.profiles.active={{ .Values.config.profiles.active }}{{ (eq "true" (include "common.needTLS" .)) | ternary ",one-way-ssl" "" }} +spring.profiles.active={{ .Values.config.profiles.active }} spring.jersey.application-path=${schema.uri.base.path} #The max number of active threads in this pool server.tomcat.max-threads=200 @@ -49,23 +50,13 @@ server.local.startpath=/opt/app/aai-graphadmin/resources/ server.basic.auth.location=${server.local.startpath}etc/auth/realm.properties server.port=8449 -{{ if ( include "common.needTLS" .) }} -server.ssl.enabled-protocols=TLSv1.1,TLSv1.2 -server.ssl.key-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.jks -server.ssl.key-store-password=password(${KEYSTORE_JKS_PASSWORD}) -server.ssl.trust-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks -server.ssl.trust-store-password=password(${TRUSTSTORE_PASSWORD}) -server.ssl.client-auth=want -server.ssl.key-store-type=JKS -{{ else }} security.require-ssl=false server.ssl.enabled=false -{{ end }} # JMS bind address host port jms.bind.address=tcp://localhost:61649 -dmaap.ribbon.listOfServers=message-router.{{.Release.Namespace}}:{{ (eq "true" (include "common.needTLS" .)) | ternary 3905 3904 }} -dmaap.ribbon.transportType={{ include "common.scheme" . }} +dmaap.ribbon.listOfServers=message-router.{{ include "common.namespace" . }}:3904 +dmaap.ribbon.transportType=http # Schema related attributes for the oxm and edges # Any additional schema related attributes should start with prefix schema @@ -101,26 +92,14 @@ schema.service.base.url={{ include "common.scheme" . }}://aai-schema-service.{{ schema.service.nodes.endpoint=nodes?version= schema.service.edges.endpoint=edgerules?version= schema.service.versions.endpoint=versions -schema.service.client={{ (eq "true" (include "common.needTLS" .)) | ternary .Values.global.config.schema.service.client "no-auth" }} +schema.service.client=no-auth -{{ if ( include "common.needTLS" .) }} -schema.service.ssl.key-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.jks -schema.service.ssl.trust-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks -schema.service.ssl.key-store-password=password(${KEYSTORE_JKS_PASSWORD}) -schema.service.ssl.trust-store-password=password(${TRUSTSTORE_PASSWORD}) -{{ end }} aperture.rdbmsname=aai_relational -aperture.service.client={{ (eq "true" (include "common.needTLS" .)) | ternary .Values.global.config.schema.service.client "no-auth" }} +aperture.service.client=no-auth aperture.service.base.url=http://localhost:8457/aai/aperture -{{ if ( include "common.needTLS" .) }} -aperture.service.ssl.key-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.jks -aperture.service.ssl.trust-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks -aperture.service.ssl.key-store-password=password(${KEYSTORE_JKS_PASSWORD}) -aperture.service.ssl.trust-store-password=password(${TRUSTSTORE_PASSWORD}) -{{ end }} aperture.service.timeout-in-milliseconds=300000 #To Expose the Prometheus scraping endpoint -- cgit 1.2.3-korg