From cc97c73108f8b3e2f1f58ab0463fce2fb99d79c2 Mon Sep 17 00:00:00 2001 From: Krzysztof Opasiak Date: Tue, 25 Feb 2020 23:31:20 +0100 Subject: [SDNC] Use common secret template in sdnc Some passwords are still hardcoded but with this commit all components should be using passwords provided via secrets not directly as strings. A follow-up patch will remove hardcoded passwords where feasible. Issue-ID: OOM-2309 Change-Id: I047974506430cbb277200d0103bcc57a6fd8a83b Signed-off-by: Krzysztof Opasiak --- kubernetes/sdnc/resources/config/conf/aaiclient.properties | 7 +++---- .../config/conf/blueprints-processor-adaptor.properties | 8 ++++---- kubernetes/sdnc/resources/config/conf/dblib.properties | 11 +++++------ kubernetes/sdnc/resources/config/conf/lcm-dg.properties | 12 ++++++------ kubernetes/sdnc/resources/config/conf/netbox.properties | 2 +- kubernetes/sdnc/resources/config/conf/svclogic.properties | 12 +++++------- 6 files changed, 24 insertions(+), 28 deletions(-) (limited to 'kubernetes/sdnc/resources/config/conf') diff --git a/kubernetes/sdnc/resources/config/conf/aaiclient.properties b/kubernetes/sdnc/resources/config/conf/aaiclient.properties index 035942b304..5d4473c978 100755 --- a/kubernetes/sdnc/resources/config/conf/aaiclient.properties +++ b/kubernetes/sdnc/resources/config/conf/aaiclient.properties @@ -2,8 +2,7 @@ # ============LICENSE_START======================================================= # openECOMP : SDN-C # ================================================================================ -# Copyright (C) 2018 ONAP Intellectual Property. All rights -# reserved. +# Copyright (C) 2018 ONAP Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -30,8 +29,8 @@ org.onap.ccsdk.sli.adaptors.aai.ssl.trust=/opt/onap/sdnc/data/stores/truststoreO org.onap.ccsdk.sli.adaptors.aai.ssl.trust.psswd=changeit org.onap.ccsdk.sli.adaptors.aai.host.certificate.ignore=true -org.onap.ccsdk.sli.adaptors.aai.client.name=sdnc@sdnc.onap.org -org.onap.ccsdk.sli.adaptors.aai.client.psswd=demo123456! +org.onap.ccsdk.sli.adaptors.aai.client.name=${AAI_CLIENT_NAME} +org.onap.ccsdk.sli.adaptors.aai.client.psswd=${AAI_CLIENT_PASSWORD} org.onap.ccsdk.sli.adaptors.aai.application=openECOMP # diff --git a/kubernetes/sdnc/resources/config/conf/blueprints-processor-adaptor.properties b/kubernetes/sdnc/resources/config/conf/blueprints-processor-adaptor.properties index 3a6b5a08f0..224e84b3a7 100644 --- a/kubernetes/sdnc/resources/config/conf/blueprints-processor-adaptor.properties +++ b/kubernetes/sdnc/resources/config/conf/blueprints-processor-adaptor.properties @@ -24,12 +24,12 @@ org.onap.ccsdk.features.blueprints.adaptors.envtype=solo org.onap.ccsdk.features.blueprints.adaptors.modelservice.type=generic org.onap.ccsdk.features.blueprints.adaptors.modelservice.enable=true org.onap.ccsdk.features.blueprints.adaptors.modelservice.url=http://controller-blueprints:8080/api/v1/ -org.onap.ccsdk.features.blueprints.adaptors.modelservice.user=ccsdkapps -org.onap.ccsdk.features.blueprints.adaptors.modelservice.passwd=ccsdkapps +org.onap.ccsdk.features.blueprints.adaptors.modelservice.user=${MODELSERVICE_USER} +org.onap.ccsdk.features.blueprints.adaptors.modelservice.passwd=${MODELSERVICE_PASSWORD} # Generic RESTCONF Adaptor org.onap.ccsdk.features.blueprints.adaptors.restconf.type=generic org.onap.ccsdk.features.blueprints.adaptors.restconf.enable=true -org.onap.ccsdk.features.blueprints.adaptors.restconf.user=admin -org.onap.ccsdk.features.blueprints.adaptors.restconf.passwd={{ .Values.config.odlPassword}} +org.onap.ccsdk.features.blueprints.adaptors.restconf.user=${RESTCONF_USER} +org.onap.ccsdk.features.blueprints.adaptors.restconf.passwd=${RESTCONF_PASSWORD} org.onap.ccsdk.features.blueprints.adaptors.restconf.url=http://sdnc:8282/restconf/ diff --git a/kubernetes/sdnc/resources/config/conf/dblib.properties b/kubernetes/sdnc/resources/config/conf/dblib.properties index 1849053411..1fb6fb8732 100644 --- a/kubernetes/sdnc/resources/config/conf/dblib.properties +++ b/kubernetes/sdnc/resources/config/conf/dblib.properties @@ -1,7 +1,6 @@ ### # ============LICENSE_START======================================================= -# Copyright (C) 2018 AT&T Intellectual Property. All rights -# reserved. +# Copyright (C) 2018 AT&T Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -18,11 +17,11 @@ ### org.onap.ccsdk.sli.dbtype=jdbc org.onap.ccsdk.sli.jdbc.hosts=sdnctldb01 -org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{.Values.config.mariadbGalera.serviceName}}.{{.Release.Namespace}}:{{.Values.config.mariadbGalera.internalPort}}/sdnctl +org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://{{include "common.mariadbService" $}}:{{include "common.mariadbPort" $}}/{{$.Values.config.dbSdnctlDatabase}} org.onap.ccsdk.sli.jdbc.driver=org.mariadb.jdbc.Driver -org.onap.ccsdk.sli.jdbc.database=sdnctl -org.onap.ccsdk.sli.jdbc.user=sdnctl -org.onap.ccsdk.sli.jdbc.password={{.Values.config.dbSdnctlPassword}} +org.onap.ccsdk.sli.jdbc.database={{$.Values.config.dbSdnctlDatabase}} +org.onap.ccsdk.sli.jdbc.user=${SDNC_DB_USER} +org.onap.ccsdk.sli.jdbc.password=${SDNC_DB_PASSWORD} org.onap.ccsdk.sli.jdbc.connection.name=sdnctldb01 org.onap.ccsdk.sli.jdbc.connection.timeout=50 org.onap.ccsdk.sli.jdbc.request.timeout=100 diff --git a/kubernetes/sdnc/resources/config/conf/lcm-dg.properties b/kubernetes/sdnc/resources/config/conf/lcm-dg.properties index f91c62c98b..44ee0b998f 100644 --- a/kubernetes/sdnc/resources/config/conf/lcm-dg.properties +++ b/kubernetes/sdnc/resources/config/conf/lcm-dg.properties @@ -1,7 +1,7 @@ #ANSIBLE ansible.agenturl=http://{{.Values.config.ansibleServiceName}}:{{.Values.config.ansiblePort}}/Dispatch -ansible.user=sdnc -ansible.password=sdnc +ansible.user=${ANSIBLE_USER} +ansible.password=${ANSIBLE_PASSWORD} ansible.lcm.localparameters= ansible.nodelist= ansible.timeout=60 @@ -23,10 +23,10 @@ restapi.templateDir=/opt/onap/sdnc/restapi/templates lcm.restconf.configscaleout.templatefile=lcm-restconf-configscaleout.json lcm.restconf.configscaleout.urlpath=/restconf/config/vlb-business-vnf-onap-plugin:vlb-business-vnf-onap-plugin/vdns-instances/vdns-instance/ lcm.restconf.configscaleout.geturlpath=/restconf/operational/health-vnf-onap-plugin:health-vnf-onap-plugin-state/health-check -lcm.restconf.configscaleout.user=admin -lcm.restconf.configscaleout.password=admin -lcm.restconf.user=admin -lcm.restconf.password=admin +lcm.restconf.configscaleout.user=${SCALEOUT_USER} +lcm.restconf.configscaleout.password=${SCALEOUT_PASSWORD} +lcm.restconf.user=${RESTCONF_USER} +lcm.restconf.password=${RESTCONF_PASSWORD} lcm.restconf.port=8183 #DMAAP diff --git a/kubernetes/sdnc/resources/config/conf/netbox.properties b/kubernetes/sdnc/resources/config/conf/netbox.properties index 9cd3880614..a768041945 100755 --- a/kubernetes/sdnc/resources/config/conf/netbox.properties +++ b/kubernetes/sdnc/resources/config/conf/netbox.properties @@ -16,4 +16,4 @@ # Configuration file for Netbox client org.onap.ccsdk.sli.adaptors.netbox.url=http://netbox-app.{{.Release.Namespace}}:8001 -org.onap.ccsdk.sli.adaptors.netbox.apikey=onceuponatimeiplayedwithnetbox20180814 \ No newline at end of file +org.onap.ccsdk.sli.adaptors.netbox.apikey=${NETBOX_API_KEY} \ No newline at end of file diff --git a/kubernetes/sdnc/resources/config/conf/svclogic.properties b/kubernetes/sdnc/resources/config/conf/svclogic.properties index 55ef8e7e85..adbba660c5 100644 --- a/kubernetes/sdnc/resources/config/conf/svclogic.properties +++ b/kubernetes/sdnc/resources/config/conf/svclogic.properties @@ -2,8 +2,7 @@ # ============LICENSE_START======================================================= # openECOMP : SDN-C # ================================================================================ -# Copyright (C) 2017 AT&T Intellectual Property. All rights -# reserved. +# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -20,8 +19,7 @@ ### org.onap.ccsdk.sli.dbtype = jdbc -org.onap.ccsdk.sli.jdbc.url = jdbc:mysql://{{.Values.config.mariadbGalera.serviceName}}.{{.Release.Namespace}}:{{.Values.config.mariadbGalera.internalPort}}/sdnctl -org.onap.ccsdk.sli.jdbc.database = sdnctl -org.onap.ccsdk.sli.jdbc.user = sdnctl -org.onap.ccsdk.sli.jdbc.password = {{.Values.config.dbSdnctlPassword}} - +org.onap.ccsdk.sli.jdbc.url = jdbc:mysql://{{include "common.mariadbService" $}}:{{include "common.mariadbPort" $}}/{{$.Values.config.dbSdnctlDatabase}} +org.onap.ccsdk.sli.jdbc.database = {{$.Values.config.dbSdnctlDatabase}} +org.onap.ccsdk.sli.jdbc.user = ${SDNC_DB_USER} +org.onap.ccsdk.sli.jdbc.password = ${SDNC_DB_PASSWORD} -- cgit 1.2.3-korg