From dd34eadb816e1089a7121dda9810e902caf3e6c4 Mon Sep 17 00:00:00 2001
From: Andreas Geissler <andreas-geissler@telekom.de>
Date: Mon, 20 Mar 2023 17:16:45 +0100
Subject: [SDC] Chart cleanup for AAF/TLS removal

Use latest helm templates and remove TLS/AAF related parts

Issue-ID: OOM-3121

Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I453d9bfb471462a3c2f4825a3a542c61df353cf5
---
 kubernetes/sdc/components/sdc-be/Chart.yaml        |  3 --
 .../components/sdc-be/templates/deployment.yaml    | 63 ++--------------------
 .../sdc/components/sdc-be/templates/ingress.yaml   | 17 ++++++
 .../sdc/components/sdc-be/templates/job.yaml       |  5 +-
 kubernetes/sdc/components/sdc-be/values.yaml       | 55 ++++++-------------
 5 files changed, 37 insertions(+), 106 deletions(-)

(limited to 'kubernetes/sdc/components/sdc-be')

diff --git a/kubernetes/sdc/components/sdc-be/Chart.yaml b/kubernetes/sdc/components/sdc-be/Chart.yaml
index fe9f39108b..044d725fef 100644
--- a/kubernetes/sdc/components/sdc-be/Chart.yaml
+++ b/kubernetes/sdc/components/sdc-be/Chart.yaml
@@ -24,9 +24,6 @@ dependencies:
   - name: common
     version: ~12.x-0
     repository: '@local'
-  - name: certInitializer
-    version: ~12.x-0
-    repository: '@local'
   - name: repositoryGenerator
     version: ~12.x-0
     repository: '@local'
diff --git a/kubernetes/sdc/components/sdc-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-be/templates/deployment.yaml
index d50a83b2fd..d6ea50e84e 100644
--- a/kubernetes/sdc/components/sdc-be/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-be/templates/deployment.yaml
@@ -24,7 +24,7 @@ spec:
   template:
     metadata: {{- include "common.templateMetadata" . | nindent 6 }}
     spec:
-      initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
+      initContainers:
       - name: {{ include "common.name" . }}-readiness
         command:
         - /app/ready.py
@@ -57,7 +57,7 @@ spec:
         - /app/ready.py
         args:
         - --job-name
-        - {{ include "common.release" . }}-sdc-onboarding-be-cassandra-init
+        - {{ include "common.release" . }}-sdc-onboarding-be
         env:
         - name: NAMESPACE
           valueFrom:
@@ -71,54 +71,11 @@ spec:
           requests:
             cpu: 3m
             memory: 20Mi
-      {{- if .Values.global.aafEnabled }}
-      - name: {{ include "common.name" . }}-update-config
-        image: {{ include "repositoryGenerator.image.envsubst" . }}
-        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        command:
-        - sh
-        args:
-        - "-c"
-        - |
-          export $(grep '^c' {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
-          export KEYSTORE_PASS=$cadi_keystore_password_p12
-          export KEYMANAGER_PASS=$cadi_keystore_password_p12
-          export TRUSTSTORE_PASS=$cadi_truststore_password
-          cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }} /config-output
-          cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }} /config-output
-          cd /config-input && \
-          for PFILE in `find . -not -type d | grep -v -F ..`
-          do
-            envsubst <${PFILE} >/config-output/${PFILE}
-            chmod 0755 /config-output/${PFILE}
-          done
-        resources:
-          limits:
-            cpu: 100m
-            memory: 100Mi
-          requests:
-            cpu: 3m
-            memory: 20Mi
-        volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
-        - name: sdc-environments-input
-          mountPath: /config-input/
-        - name: sdc-environments
-          mountPath: /config-output/
-      {{- end }}
       containers:
         - name: {{ include "common.name" . }}
           image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-          {{- if .Values.global.aafEnabled }}
-          command:
-          - sh
-          args:
-          - "-c"
-          - |
-            sed -i '/trustStorePassword/d' ${JETTY_BASE}/startup.sh
-            ${JETTY_BASE}/startup.sh
-          {{- end }}
-          ports: {{ include "common.containerPorts" . | nindent 10  }}
+          ports: {{ include "common.containerPorts" . | nindent 12  }}
           {{ if eq .Values.liveness.enabled true }}
           livenessProbe:
             httpGet:
@@ -173,14 +130,6 @@ spec:
           volumeMounts:
           - name: sdc-environments
             mountPath: /app/jetty/chef-solo/environments/
-          {{- if .Values.global.aafEnabled }}
-          - name: sdc-environments
-            mountPath: /app/jetty/chef-solo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.p12
-            subPath: org.onap.sdc.p12
-          - name: sdc-environments
-            mountPath: /app/jetty/chef-solo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.trust.jks
-            subPath: org.onap.sdc.trust.jks
-          {{- end }}
           - name: localtime
             mountPath: /etc/localtime
             readOnly: true
@@ -196,7 +145,7 @@ spec:
         # side car containers
         {{ include "common.log.sidecar" . | nindent 8 }}
       serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
-      volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
+      volumes:
       - name: localtime
         hostPath:
           path: /etc/localtime
@@ -205,10 +154,6 @@ spec:
         configMap:
           name : {{ include "common.fullname" . }}-logging-configmap
       - name: sdc-environments
-      {{- if .Values.global.aafEnabled }}
-        emptyDir: { medium: "Memory" }
-      - name: sdc-environments-input
-      {{- end }}
         configMap:
           name: {{ include "common.release" . }}-sdc-environments-configmap
           defaultMode: 0755
diff --git a/kubernetes/sdc/components/sdc-be/templates/ingress.yaml b/kubernetes/sdc/components/sdc-be/templates/ingress.yaml
index 8f87c68f1e..90875ab5cc 100644
--- a/kubernetes/sdc/components/sdc-be/templates/ingress.yaml
+++ b/kubernetes/sdc/components/sdc-be/templates/ingress.yaml
@@ -1 +1,18 @@
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2023 Deutsche Telekom
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
 {{ include "common.ingress" . }}
diff --git a/kubernetes/sdc/components/sdc-be/templates/job.yaml b/kubernetes/sdc/components/sdc-be/templates/job.yaml
index 5f70991e6f..fc7e108024 100644
--- a/kubernetes/sdc/components/sdc-be/templates/job.yaml
+++ b/kubernetes/sdc/components/sdc-be/templates/job.yaml
@@ -17,10 +17,7 @@
 
 apiVersion: batch/v1
 kind: Job
-metadata:
-  name: {{ include "common.fullname" . }}-config-backend
-  namespace: {{ include "common.namespace" . }}
-  labels: {{- include "common.labels" . | nindent 4 }}
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
 spec:
   backoffLimit: 20
   template:
diff --git a/kubernetes/sdc/components/sdc-be/values.yaml b/kubernetes/sdc/components/sdc-be/values.yaml
index e0493c6d7d..7b5b2b0efc 100644
--- a/kubernetes/sdc/components/sdc-be/values.yaml
+++ b/kubernetes/sdc/components/sdc-be/values.yaml
@@ -19,7 +19,6 @@
 #################################################################
 global:
   nodePortPrefix: 302
-  aafEnabled: true
   sdc_cassandra:
     #This flag allows SDC to instantiate its own cluster, serviceName
     #should be sdc-cs if this flag is enabled
@@ -52,26 +51,6 @@ debugEnabled: false
 env:
   name: &env AUTO
 
-certInitializer:
-  nameOverride: sdc-be-cert-init
-  aafDeployFqi: deployer@people.osaaf.org
-  aafDeployPass: demo123456!
-  fqdn: sdc
-  fqi: sdc@sdc.onap.org
-  public_fqdn: sdc.onap.org
-  cadi_longitude: "0.0"
-  cadi_latitude: "0.0"
-  app_ns: org.osaaf.aaf
-  credsPath: /opt/app/osaaf/local
-  addconfig: true
-  keystoreFile: "org.onap.sdc.p12"
-  truststoreFile: "org.onap.sdc.trust.jks"
-  permission_user: 352070
-  permission_group: 35953
-  aaf_add_config: |
-    echo "cadi_keystore_password_p12=$cadi_keystore_password_p12" > {{ .Values.credsPath }}/mycreds.prop
-    echo "cadi_truststore_password=$cadi_truststore_password" >> {{ .Values.credsPath }}/mycreds.prop
-
 #################################################################
 # SDC Config part
 #################################################################
@@ -126,36 +105,32 @@ startup:
 service:
   type: NodePort
   name: sdc-be
-  both_tls_and_plain: true
   internalPort: 8080
-  msb:
-    - port: 8443
-      url: "/sdc/v1"
-      version: "v1"
-      protocol: "REST"
-      visualRange: "1"
-      serviceName: sdc
-      enable_ssl: true
-    - port: 8080
-      url: "/sdc/v1"
-      version: "v1"
-      protocol: "REST"
-      visualRange: "1"
-      serviceName: sdc-deprecated
   ports:
     - name: tcp-api
-      port: 8443
-      plain_port: 8080
+      port: 8080
       port_protocol: http
       nodePort: '04'
+  annotations:
+    msb.onap.org/service-info: |
+      {{ if .Values.global.msbEnabled -}}[
+        {
+          "serviceName": "sdc-be",
+          "version": "v1",
+          "url": "/sdc/v1",
+          "path":"/sdc/v1",
+          "protocol": "REST",
+          "visualRange":"1",
+          "port": "{{ .Values.service.internalPort }}",
+        }
+      ]{{ end }}
 
 ingress:
   enabled: false
   service:
     - baseaddr: "sdc-be-api"
       name: "sdc-be"
-      port: 8443
-      plain_port: 8080
+      port: 8080
   config:
     ssl: "redirect"
 
-- 
cgit 1.2.3-korg