From d12c16773174e0cdd1fcdd861c7b93ae05de1bc9 Mon Sep 17 00:00:00 2001 From: efiacor Date: Thu, 23 Mar 2023 12:10:50 +0000 Subject: [AAI] Remove AAF/TLS config from charts Remove aaf and tls config from aai charts Signed-off-by: efiacor Change-Id: Ibb26e7ae00eb6b5a65ec2263b8f57ad6fb345892 Issue-ID: OOM-3111 --- .../resources/config/aaf/bath_config.csv | 27 ---------------------- .../resources/config/aaf/cadi.properties | 8 ------- .../resources/config/aaf/org.onap.aai.props | 15 ------------ .../resources/config/aaf/org.osaaf.location.props | 24 ------------------- .../resources/config/aaf/permissions.properties | 2 -- .../resources/config/aaiconfig.properties | 14 +---------- .../resources/config/application.properties | 26 ++++----------------- 7 files changed, 6 insertions(+), 110 deletions(-) delete mode 100644 kubernetes/aai/components/aai-resources/resources/config/aaf/bath_config.csv delete mode 100644 kubernetes/aai/components/aai-resources/resources/config/aaf/cadi.properties delete mode 100644 kubernetes/aai/components/aai-resources/resources/config/aaf/org.onap.aai.props delete mode 100644 kubernetes/aai/components/aai-resources/resources/config/aaf/org.osaaf.location.props delete mode 100644 kubernetes/aai/components/aai-resources/resources/config/aaf/permissions.properties (limited to 'kubernetes/aai/components/aai-resources/resources') diff --git a/kubernetes/aai/components/aai-resources/resources/config/aaf/bath_config.csv b/kubernetes/aai/components/aai-resources/resources/config/aaf/bath_config.csv deleted file mode 100644 index ec60ef7e53..0000000000 --- a/kubernetes/aai/components/aai-resources/resources/config/aaf/bath_config.csv +++ /dev/null @@ -1,27 +0,0 @@ -# AAI -> aai@aai.onap.org -Basic QUFJOkFBSQ==,Basic YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03 - -# ModelLoader -> aai@aai.onap.org -Basic TW9kZWxMb2FkZXI6TW9kZWxMb2FkZXI=,Basic YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03 - -# AaiUI -> aai@aai.onap.org, -Basic QWFpVUk6QWFpVUk=,Basic YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03 - -# MSO -> so@so.onap.org -Basic TVNPOk1TTw==,Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1NiE=,2050-03-03 - -# SDNC -> sdnc@sdnc.onap.org -Basic U0ROQzpTRE5D,Basic c2RuY0BzZG5jLm9uYXAub3JnOmRlbW8xMjM0NTYh,2050-03-03 - -# DCAE -> dcae@dcae.onap.org -Basic RENBRTpEQ0FF,Basic ZGNhZUBkY2FlLm9uYXAub3JnOmRlbW8xMjM0NTYh,2050-03-03 - -# POLICY -> policy@policy.onap.org -Basic UE9MSUNZOlBPTElDWQ==,Basic cG9saWN5QHBvbGljeS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03 - -# ASDC -> sdc@sdc.onap.org -Basic QVNEQzpBU0RD,Basic c2RjQHNkYy5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==,2050-03-03 - -# OOF -> oof@oof.onap.org -Basic T09GOk9PRg==,Basic b29mQG9vZi5vbmFwLm9yZzpkZW1vMTIzNDQ2IQ==,2050-03-03 - diff --git a/kubernetes/aai/components/aai-resources/resources/config/aaf/cadi.properties b/kubernetes/aai/components/aai-resources/resources/config/aaf/cadi.properties deleted file mode 100644 index ec5fd55e06..0000000000 --- a/kubernetes/aai/components/aai-resources/resources/config/aaf/cadi.properties +++ /dev/null @@ -1,8 +0,0 @@ - -cadi_loglevel=INFO -cadi_prop_files=/opt/app/aai-resources/resources/aaf/org.osaaf.location.props:/opt/app/aai-resources/resources/aaf/org.onap.aai.props - -# OAuth2 -aaf_oauth2_token_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.token:2.1/token -aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.introspect:2.1/introspect - diff --git a/kubernetes/aai/components/aai-resources/resources/config/aaf/org.onap.aai.props b/kubernetes/aai/components/aai-resources/resources/config/aaf/org.onap.aai.props deleted file mode 100644 index f4bb9ee89c..0000000000 --- a/kubernetes/aai/components/aai-resources/resources/config/aaf/org.onap.aai.props +++ /dev/null @@ -1,15 +0,0 @@ -############################################################ -# Properties Generated by AT&T Certificate Manager -# @copyright 2016, AT&T -# Modifications Copyright © 2020 Orange -############################################################ -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US -cadi_keyfile={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.keyfile -cadi_keystore={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12 -cadi_keystore_password=${KEYSTORE_PASSWORD} - -cadi_alias=aai@aai.onap.org -cadi_truststore={{ .Values.certInitializer.credsPath }}/truststoreONAPall.jks -cadi_truststore_password=${TRUSTSTORE_ALL_PASSWORD} -cadi_loglevel=INFO -cadi_bath_convert=/opt/app/aai-resources/resources/aaf/bath_config.csv diff --git a/kubernetes/aai/components/aai-resources/resources/config/aaf/org.osaaf.location.props b/kubernetes/aai/components/aai-resources/resources/config/aaf/org.osaaf.location.props deleted file mode 100644 index 8ae66aaf79..0000000000 --- a/kubernetes/aai/components/aai-resources/resources/config/aaf/org.osaaf.location.props +++ /dev/null @@ -1,24 +0,0 @@ -## -## org.osaaf.location.props -## -## Localized Machine Information -## -# Almeda California ? -cadi_latitude=37.78187 -cadi_longitude=-122.26147 - -# Locate URL (which AAF Env) -aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095 - - -# AAF URL -aaf_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.service:2.1 - -# AAF Environment Designation -aaf_env=DEV - -# OAuth2 Endpoints -aaf_oauth2_token_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.token:2.1/token -aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.introspect:2.1/introspect - - diff --git a/kubernetes/aai/components/aai-resources/resources/config/aaf/permissions.properties b/kubernetes/aai/components/aai-resources/resources/config/aaf/permissions.properties deleted file mode 100644 index 4234121a2d..0000000000 --- a/kubernetes/aai/components/aai-resources/resources/config/aaf/permissions.properties +++ /dev/null @@ -1,2 +0,0 @@ -permission.type=org.onap.aai.resources -permission.instance=* \ No newline at end of file diff --git a/kubernetes/aai/components/aai-resources/resources/config/aaiconfig.properties b/kubernetes/aai/components/aai-resources/resources/config/aaiconfig.properties index a569b5366b..adabae3ac7 100644 --- a/kubernetes/aai/components/aai-resources/resources/config/aaiconfig.properties +++ b/kubernetes/aai/components/aai-resources/resources/config/aaiconfig.properties @@ -5,6 +5,7 @@ # ================================================================================ # Copyright © 2017 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2020 Orange +# Modifications Copyright © 2023 Nordix Foundation # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -38,15 +39,9 @@ aai.config.checktime=1000 # this could come from siteconfig.pl? aai.config.nodename=AutomaticallyOverwritten -{{ if ( include "common.needTLS" .) }} -aai.server.url.base=https://aai.{{ include "common.namespace" . }}:8443/aai/ -aai.server.url=https://aai.{{ include "common.namespace" . }}:8443/aai/{{ .Values.global.config.schema.version.api.default }}/ -aai.global.callback.url=https://aai.{{ include "common.namespace" . }}:8443/aai/ -{{ else }} aai.server.url.base=http://aai.{{ include "common.namespace" . }}/aai/ aai.server.url=http://aai.{{ include "common.namespace" . }}/aai/{{ .Values.global.config.schema.version.api.default }}/ aai.global.callback.url=http://aai.{{ include "common.namespace" . }}/aai/ -{{ end }} {{ if .Values.global.config.basic.auth.enabled }} aai.tools.enableBasicAuth=true @@ -54,13 +49,6 @@ aai.tools.username={{ .Values.global.config.basic.auth.username }} aai.tools.password={{ .Values.global.config.basic.auth.passwd }} {{ end }} -{{ if ( include "common.needTLS" .) }} -aai.truststore.filename={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks -aai.truststore.passwd.x=${TRUSTSTORE_PASSWORD} -aai.keystore.filename={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12 -aai.keystore.passwd.x=${KEYSTORE_PASSWORD} -{{ end }} - aai.notification.current.version={{ .Values.global.config.schema.version.api.default }} aai.notificationEvent.default.status=UNPROCESSED aai.notificationEvent.default.eventType={{ .Values.global.config.notification.eventType }} diff --git a/kubernetes/aai/components/aai-resources/resources/config/application.properties b/kubernetes/aai/components/aai-resources/resources/config/application.properties index b5b64bec4b..40b89eabb4 100644 --- a/kubernetes/aai/components/aai-resources/resources/config/application.properties +++ b/kubernetes/aai/components/aai-resources/resources/config/application.properties @@ -1,6 +1,7 @@ {{/* # Copyright © 2018 Amdocs, Bell Canada, AT&T # Modifications Copyright © 2020 Orange +# Modifications Copyright © 2023 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -29,7 +30,7 @@ server.servlet.context-path=/ spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration,org.keycloak.adapters.springboot.KeycloakAutoConfiguration,org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration,org.springframework.boot.actuate.autoconfigure.security.servlet.ManagementWebSecurityAutoConfiguration -spring.profiles.active={{ .Values.global.config.profiles.active }}{{ .Values.global.aafEnabled | ternary ",aaf-auth" "" }} +spring.profiles.active={{ .Values.global.config.profiles.active }} spring.jersey.application-path=${schema.uri.base.path} #The max number of active threads in this pool server.tomcat.max-threads=200 @@ -44,23 +45,13 @@ server.local.startpath=aai-resources/src/main/resources/ server.basic.auth.location=${server.local.startpath}etc/auth/realm.properties server.port=8447 -{{ if ( include "common.needTLS" .) }} -server.ssl.enabled-protocols=TLSv1.1,TLSv1.2 -server.ssl.key-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12 -server.ssl.key-store-password=${KEYSTORE_PASSWORD} -server.ssl.trust-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks -server.ssl.trust-store-password=${TRUSTSTORE_PASSWORD} -server.ssl.client-auth=want -server.ssl.key-store-type=JKS -{{ else }} security.require-ssl=false server.ssl.enabled=false -{{ end }} # JMS bind address host port jms.bind.address=tcp://localhost:61647 -dmaap.ribbon.listOfServers=message-router.{{.Release.Namespace}}:{{ (eq "true" (include "common.needTLS" .)) | ternary 3905 3904 }} -dmaap.ribbon.transportType={{ include "common.scheme" . }} +dmaap.ribbon.listOfServers=message-router.{{ include "common.namespace" . }}:3904 +dmaap.ribbon.transportType=http # Schema related attributes for the oxm and edges # Any additional schema related attributes should start with prefix schema @@ -96,14 +87,7 @@ schema.service.base.url={{ include "common.scheme" . }}://aai-schema-service.{{ schema.service.nodes.endpoint=nodes?version= schema.service.edges.endpoint=edgerules?version= schema.service.versions.endpoint=versions -schema.service.client={{ (eq "true" ( include "common.needTLS" .)) | ternary .Values.global.config.schema.service.client "no-auth" }} - -{{ if ( include "common.needTLS" .) }} -schema.service.ssl.key-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12 -schema.service.ssl.trust-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks -schema.service.ssl.key-store-password=${KEYSTORE_PASSWORD} -schema.service.ssl.trust-store-password=${TRUSTSTORE_PASSWORD} -{{ end }} +schema.service.client=no-auth #to expose the Prometheus scraping endpoint management.port=8448 -- cgit 1.2.3-korg