Merge "[DOC] Update documentation for Frankfurt"

diff --git a/docs/index.rst b/docs/index.rst
index 340b43b..c8048d1 100644 (file)
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -1,6 +1,7 @@
 .. This work is licensed under a Creative Commons Attribution 4.0 International License.
 .. http://creativecommons.org/licenses/by/4.0
 .. Copyright 2018 Amdocs, Bell Canada
+.. _master_index:
 
 
 OOM Documentation Repository

diff --git a/docs/oom_cloud_setup_guide.rst b/docs/oom_cloud_setup_guide.rst
index e3790f8..9b3e534 100644 (file)
--- a/docs/oom_cloud_setup_guide.rst
+++ b/docs/oom_cloud_setup_guide.rst
@@ -2,6 +2,7 @@
 .. International License.
 .. http://creativecommons.org/licenses/by/4.0
 .. Copyright 2019 Amdocs, Bell Canada
+.. _oom_cloud_setup_guide:
 
 .. Links
 .. _Microsoft Azure: https://wiki.onap.org/display/DW/Cloud+Native+Deployment#CloudNativeDeployment-MicrosoftAzure

diff --git a/docs/oom_hardcoded_certificates.rst b/docs/oom_hardcoded_certificates.rst
index 0745ec0..b1de67b 100644 (file)
--- a/docs/oom_hardcoded_certificates.rst
+++ b/docs/oom_hardcoded_certificates.rst
@@ -24,6 +24,10 @@ Here's the list of these certificates:
  +------------------+------------------+------------------+--------------------------------------------------------------------------------------------+
  | AAI/MODEL-LOADER | Yes              | Yes              | No              | aai/oom/components/aai-model-loaderresources/config/auth/tomcat_keystore |
  +------------------+------------------+------------------+--------------------------------------------------------------------------------------------+
+ | APPC             | Yes              | No               | No              | kubernetes/appc/resources/config/certs/org.onap.appc.keyfile             |
+ +------------------+------------------+------------------+--------------------------------------------------------------------------------------------+
+ | APPC             | Yes              | No               | No              | kubernetes/appc/resources/config/certs/org.onap.appc.p12                 |
+ +------------------+------------------+------------------+--------------------------------------------------------------------------------------------+
  | SDC              | Yes              | No?              | No?             | kubernetes/sdc/resources/cert                                            |
  +------------------+------------------+------------------+--------------------------------------------------------------------------------------------+
  | SO               | Yes              | No?              | Yes             | kubernetes/so/resources/config/certificates                              |
@@ -48,5 +52,13 @@ Here's the list of these certificates:
  +------------------+------------------+------------------+--------------------------------------------------------------------------------------------+
  | SO/VNFM          | Yes              | No?              | Yes             | kubernetes/so/resources/config/certificates                              |
  +------------------+------------------+------------------+--------------------------------------------------------------------------------------------+
+ | SO/VNFM          | No               | Yes?             | Yes             | kubernetes/so/charts/so-secrets/resources/certs/org.onap.so.trust.jks    |
+ +------------------+------------------+------------------+--------------------------------------------------------------------------------------------+
  | VID              | No               | Yes              | No              | kubernetes/vid/resources/cert                                            |
  +------------------+------------------+------------------+--------------------------------------------------------------------------------------------+
+ | OOF/OOF-CMSO     | Yes              | No               | No              | kubernetes/oof/charts/oof-cmso/resources/certs                           |
+ +------------------+------------------+------------------+--------------------------------------------------------------------------------------------+
+ | OOF/OOF-HAS      | Yes              | No               | No              | kubernetes/oof/charts/oof-has/resources/config                           |
+ +------------------+------------------+------------------+--------------------------------------------------------------------------------------------+
+ | OOF/OOF-OSDF     | Yes              | No               | No              | kubernetes/oof/resources/config                                          |
+ +------------------+------------------+------------------+--------------------------------------------------------------------------------------------+

diff --git a/docs/oom_project_description.rst b/docs/oom_project_description.rst
index 7903b70..b8c18dc 100644 (file)
--- a/docs/oom_project_description.rst
+++ b/docs/oom_project_description.rst
@@ -1,6 +1,7 @@
 .. This work is licensed under a Creative Commons Attribution 4.0 International License.
 .. http://creativecommons.org/licenses/by/4.0
 .. Copyright 2018 Amdocs, Bell Canada
+.. _oom_project_description:
 
 ONAP Operations Manager Project
 ###############################

diff --git a/docs/oom_quickstart_guide.rst b/docs/oom_quickstart_guide.rst
index a0b4088..565c43f 100644 (file)
--- a/docs/oom_quickstart_guide.rst
+++ b/docs/oom_quickstart_guide.rst
@@ -2,7 +2,7 @@
 .. Creative Commons Attribution 4.0 International License.
 .. http://creativecommons.org/licenses/by/4.0
 .. Copyright 2019 Amdocs, Bell Canada
-
+.. _oom_quickstart_guide:
 .. _quick-start-label:
 
 OOM Quick Start Guide

diff --git a/docs/oom_user_guide.rst b/docs/oom_user_guide.rst
index 4cc1ab6..b0c5d6e 100644 (file)
--- a/docs/oom_user_guide.rst
+++ b/docs/oom_user_guide.rst
@@ -1,6 +1,7 @@
 .. This work is licensed under a Creative Commons Attribution 4.0 International License.
 .. http://creativecommons.org/licenses/by/4.0
 .. Copyright 2018 Amdocs, Bell Canada
+.. _oom_user_guide:
 
 .. Links
 .. _Curated applications for Kubernetes: https://github.com/kubernetes/charts

diff --git a/docs/release-notes.rst b/docs/release-notes.rst
index 154c6ab..899ad2c 100644 (file)
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -3,6 +3,7 @@
 .. http://creativecommons.org/licenses/by/4.0
 .. Copyright 2017 Bell Canada & Amdocs Intellectual Property.  All rights
 .. reserved.
+.. _release_notes:
 
 .. Links
 .. _release-notes-label:
@@ -120,7 +121,7 @@ Summary
   * Automated rolling upgrades for applications
   * In-place schema and data migrations
   * Blue-Green deployment environment migration (e.g. Pre-prod to Prod)
-  * Upgrades from embedded database instance into shared database instance
+  * Upgrades from embedded database instance into shared database instance
 
 * Release-to-release upgrade support delivered for the following projects
 
@@ -268,7 +269,7 @@ Story
 * [`OOM-52 <https://jira.onap.org/browse/OOM-52>`_] - OOM ONAP Configuration Management - Parameterization of docker images
 * [`OOM-53 <https://jira.onap.org/browse/OOM-53>`_] - OOM ONAP Configuration Management - Parameterization for Sizing
 * [`OOM-63 <https://jira.onap.org/browse/OOM-63>`_] - Kubernetes cluster created by TOSCA description
-* [`OOM-85 <https://jira.onap.org/browse/OOM-85>`_] - Test the code in the “Lab” project environment
+* [`OOM-85 <https://jira.onap.org/browse/OOM-85>`_] - Test the code in the "Lab" project environment
 * [`OOM-86 <https://jira.onap.org/browse/OOM-86>`_] - Monitoring the health status of ONAP components
 * [`OOM-87 <https://jira.onap.org/browse/OOM-87>`_] - Configure TOSCA description via dashboard
 * [`OOM-88 <https://jira.onap.org/browse/OOM-88>`_] - Deploy Holmes on K8S cluster by TOSCA description

diff --git a/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml
index b326aaf..eb785e2 100644 (file)
--- a/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml
+++ b/kubernetes/aaf/charts/aaf-cass/templates/deployment.yaml
@@ -30,6 +30,24 @@ spec:
         app: {{ include "common.name" . }}
         release: {{ include "common.release" . }}
     spec:
+      initContainers:
+      - name: fix-permission
+        command:
+        - /bin/sh
+        args:
+        - -c
+        - |
+          chmod -R 775 /opt/app/aaf/status
+          chown -R 1000:1000 /opt/app/aaf/status
+          chmod -R 775 /var/lib/cassandra
+          chown -R 1000:1000 /var/lib/cassandra
+        image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        volumeMounts:
+          - mountPath: /opt/app/aaf/status
+            name: aaf-status-vol
+          - mountPath: /var/lib/cassandra
+            name: aaf-cass-vol
       containers:
       - name: {{ include "common.name" . }}
         image: {{ .Values.global.repository }}/{{.Values.global.aaf.cass.image}}
@@ -54,6 +72,8 @@ spec:
           value: {{.Values.global.aaf.cass.cluster_name}}
         - name: CASSANDRA_DC
           value: {{.Values.global.aaf.cass.dc}}
+        - name: CQLSH
+          value: "/opt/cassandra/bin/cqlsh"
         - name: HEAP_NEWSIZE
           value: {{.Values.global.aaf.cass.heap_new_size}}
         - name: MAX_HEAP_SIZE

diff --git a/kubernetes/aaf/charts/aaf-cass/values.yaml b/kubernetes/aaf/charts/aaf-cass/values.yaml
index ea8da6e..9f6ec56 100644 (file)
--- a/kubernetes/aaf/charts/aaf-cass/values.yaml
+++ b/kubernetes/aaf/charts/aaf-cass/values.yaml
@@ -1,4 +1,5 @@
 # Copyright © 2017 Amdocs, Bell Canada
+# Modifications © 2020 AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -12,11 +13,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
-  nodePortPrefix: 302
 flavor: small
 
 #################################################################

diff --git a/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml
index 120bc62..b823acd 100644 (file)
--- a/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml
+++ b/kubernetes/aaf/charts/aaf-cm/templates/deployment.yaml
@@ -31,10 +31,27 @@ spec:
         release: {{ include "common.release" . }}
     spec:
       initContainers:
+      - name: fix-permission
+        command:
+        - /bin/sh
+        args:
+        - -c
+        - |
+          chmod -R 775 /opt/app/aaf/status
+          chown -R 1000:1000 /opt/app/aaf/status
+          chmod -R 775 /opt/app/osaaf
+          chown -R 1000:1000 /opt/app/osaaf
+        image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        volumeMounts:
+          - mountPath: /opt/app/aaf/status
+            name: aaf-status-vol
+          - mountPath: /opt/app/osaaf
+            name: aaf-config-vol
       - name: {{ include "common.name" . }}-config-container
         image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}}
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"]
+        command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service aaf-locate remove && bin/agent.sh"]
         volumeMounts:
           - mountPath: "/opt/app/osaaf"
             name: aaf-config-vol

diff --git a/kubernetes/aaf/charts/aaf-cm/values.yaml b/kubernetes/aaf/charts/aaf-cm/values.yaml
index 4078fb3..befbdc1 100644 (file)
--- a/kubernetes/aaf/charts/aaf-cm/values.yaml
+++ b/kubernetes/aaf/charts/aaf-cm/values.yaml
@@ -1,4 +1,5 @@
 # Copyright © 2017 Amdocs, Bell Canada
+# Modifications © 2020 AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -12,14 +13,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
-  nodePortPrefix: 302
-  readinessRepository: oomk8s
-  readinessImage: readiness-check:2.0.0
 flavor: small
+
 #################################################################
 # Application configuration defaults.
 #################################################################

diff --git a/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml
index 0e0ace1..2e8e41e 100644 (file)
--- a/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml
+++ b/kubernetes/aaf/charts/aaf-fs/templates/deployment.yaml
@@ -31,10 +31,27 @@ spec:
         release: {{ include "common.release" . }}
     spec:
       initContainers:
+      - name: fix-permission
+        command:
+        - /bin/sh
+        args:
+        - -c
+        - |
+          chmod -R 775 /opt/app/aaf/status
+          chown -R 1000:1000 /opt/app/aaf/status
+          chmod -R 775 /opt/app/osaaf
+          chown -R 1000:1000 /opt/app/osaaf
+        image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        volumeMounts:
+          - mountPath: /opt/app/osaaf
+            name: aaf-config-vol
+          - mountPath: /opt/app/aaf/status
+            name: aaf-status-vol
       - name: {{ include "common.name" . }}-config-container
         image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}}
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"]
+        command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service aaf-locate remove && bin/agent.sh"]
         volumeMounts:
           - mountPath: "/opt/app/osaaf"
             name: aaf-config-vol

diff --git a/kubernetes/aaf/charts/aaf-fs/values.yaml b/kubernetes/aaf/charts/aaf-fs/values.yaml
index d1a35a7..4b12bd0 100644 (file)
--- a/kubernetes/aaf/charts/aaf-fs/values.yaml
+++ b/kubernetes/aaf/charts/aaf-fs/values.yaml
@@ -1,4 +1,5 @@
 # Copyright © 2017 Amdocs, Bell Canada
+# Modifications © 2020 AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -12,14 +13,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
-  nodePortPrefix: 302
-  readinessRepository: oomk8s
-  readinessImage: readiness-check:2.0.0
 flavor: small
+
 #################################################################
 # Application configuration defaults.
 #################################################################

diff --git a/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml
index 0fbd601..cbf68aa 100644 (file)
--- a/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml
+++ b/kubernetes/aaf/charts/aaf-gui/templates/deployment.yaml
@@ -31,10 +31,27 @@ spec:
         release: {{ include "common.release" . }}
     spec:
       initContainers:
+      - name: fix-permission
+        command:
+        - /bin/sh
+        args:
+        - -c
+        - |
+          chmod -R 775 /opt/app/aaf/status
+          chown -R 1000:1000 /opt/app/aaf/status
+          chmod -R 775 /opt/app/osaaf
+          chown -R 1000:1000 /opt/app/osaaf
+        image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        volumeMounts:
+          - mountPath: /opt/app/osaaf
+            name: aaf-config-vol
+          - mountPath: /opt/app/aaf/status
+            name: aaf-status-vol
       - name: {{ include "common.name" . }}-config-container
         image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}}
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"]
+        command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service aaf-locate remove && bin/agent.sh"]
         volumeMounts:
           - mountPath: "/opt/app/osaaf"
             name: aaf-config-vol

diff --git a/kubernetes/aaf/charts/aaf-gui/values.yaml b/kubernetes/aaf/charts/aaf-gui/values.yaml
index a603322..bc013d0 100644 (file)
--- a/kubernetes/aaf/charts/aaf-gui/values.yaml
+++ b/kubernetes/aaf/charts/aaf-gui/values.yaml
@@ -1,5 +1,5 @@
-
 # Copyright © 2017 Amdocs, Bell Canada
+# Modifications © 2020 AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -13,13 +13,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
-  nodePortPrefix: 302
-  readinessRepository: oomk8s
-  readinessImage: readiness-check:2.0.0
 flavor: small
 #################################################################
 # Application configuration defaults.

diff --git a/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pv.yaml b/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pv.yaml
index 7fa7407..d2b4f0c 100644 (file)
--- a/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pv.yaml
+++ b/kubernetes/aaf/charts/aaf-hello/templates/aaf-hello-pv.yaml
@@ -34,10 +34,10 @@ metadata:
     name: {{ include "common.fullname" . }}
 spec:
   capacity:
-    storage: {{ .Values.persistence.config.size}}
+    storage: {{ .Values.persistence.size}}
   accessModes:
-    - {{ .Values.persistence.config.accessMode }}
-  persistentVolumeReclaimPolicy: {{ .Values.persistence.config.volumeReclaimPolicy }}
+    - {{ .Values.persistence.accessMode }}
+  persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
   hostPath:
     path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }}
   storageClassName: "{{ include "common.fullname" . }}-data"

diff --git a/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml
index 92afc5a..1e120bd 100644 (file)
--- a/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml
+++ b/kubernetes/aaf/charts/aaf-hello/templates/deployment.yaml
@@ -30,60 +30,70 @@ spec:
         release: {{ include "common.release" . }}
     spec:
       volumes:
-      - name: localtime
-        hostPath:
-          path: /etc/localtime
-      - name: aaf-hello-vol
+        - name: localtime
+          hostPath:
+            path: /etc/localtime
+        - name: aaf-hello-vol
       {{- if and .Values.persistence.enabled }}
-        persistentVolumeClaim:
-          claimName: {{ include "common.release" . }}-aaf-hello-pvc
+          persistentVolumeClaim:
+            claimName: {{ include "common.release" . }}-aaf-hello-pvc
       {{- else }}
-        emptyDir: {}
+          emptyDir: {}
       {{- end }}
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"
       initContainers:
-      - name: {{ include "common.name" . }}-config
+      - name: fix-permission
+        command: ["/bin/sh","-c","chmod -R 775 /opt/app/osaaf/local && chown -R 1000:1000 /opt/app/osaaf"]
+        image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        volumeMounts:
+        - mountPath: "/opt/app/osaaf/local"
+          name: aaf-hello-vol
+      - name: {{ include "common.name" . }}-config-container
         image: {{ .Values.global.repository }}/{{.Values.aaf_init.image}}
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        command: ["bash","-c","cd /opt/app/aaf_config && bin/agent.sh"]
+#        command: ["bash","-c","cd /opt/app/aaf_config && echo Sleeping && sleep 480"]
+#        command: ["bash","-c","chown 1000:1000 /opt/app/osaaf && cd /opt/app/aaf_config && sleep 480"]
         volumeMounts:
-        - mountPath: "/opt/app/osaaf"
+        - mountPath: "/opt/app/osaaf/local"
           name: aaf-hello-vol
-# NOTE: Before this, need Liveness Attached to aaf-certman
-        command: ["bash","-c","exec /opt/app/aaf_config/bin/agent.sh"]
         env:
           - name: APP_FQI
             value: "{{ .Values.aaf_init.fqi }}"
           - name: aaf_locate_url
-            value: "https://aaf-locate.{{ .Release.Namespace}}:8095"
+            value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}"
           - name: aaf_locator_container
             value: "oom"
           - name: aaf_locator_container_ns
             value: "{{ .Release.Namespace }}"
+# This should the APP's FQDN to be put in Locator
+# This MUST match what is entered for AAF Certificate Artifacts
           - name: aaf_locator_fqdn
-            value: "{{ .Values.aaf_init.fqdn }}"
-          - name: aaf_locator_app_ns
-            value: "{{ .Values.aaf_init.app_ns }}"
-          - name: DEPLOY_FQI
-            value: "deployer@people.osaaf.org"
-# Note: We want to put this in Secrets or at LEAST ConfigMaps
-          - name: DEPLOY_PASSWORD
-            value: "demo123456!"
-# Note: want to put this on Nodes, evenutally
-          - name: cadi_longitude
-            value: "{{ .Values.aaf_init.cadi_longitude }}"
-          - name: cadi_latitude
-            value: "{{ .Values.aaf_init.cadi_latitude }}"
+            value: "{{.Values.aaf_init.fqdn}}"
 # Hello specific.  Clients don't don't need this, unless Registering with AAF Locator
+# This should be the APP's PUBLIC FQDN, if applicable
           - name: aaf_locator_public_fqdn
-            value: "{{.Values.global.aaf.public_fqdn}}"
+            value: "{{.Values.aaf_init.locator_public_fqdn}}"
+          - name: LATITUDE
+            value: "{{ .Values.aaf_init.cadi_latitude }}"
+          - name: LONGITUDE
+            value: "{{ .Values.aaf_init.cadi_longitude }}"
+# Note: We want to put this in Secrets or at LEAST ConfigMaps
+          - name: "DEPLOY_FQI"
+            value: "deployer@people.osaaf.org"
+# Note: want to put this on Nodes, evenutally
+          - name: "DEPLOY_PASSWORD"
+            value: "demo123456!"
+# CONTAINER Definition
       containers:
       - name: {{ include "common.name" . }}
         command: ["bash","-c","cd /opt/app/aaf && if [ ! -d /opt/app/osaaf/etc ]; then cp -Rf etc logs /opt/app/osaaf; fi && exec bin/hello"]
         image: {{ .Values.global.repository }}/{{.Values.service.image }}
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
         volumeMounts:
-        - mountPath: "/opt/app/osaaf"
+        - mountPath: "/opt/app/osaaf/local"
           name: aaf-hello-vol
         - mountPath: /etc/localtime
           name: localtime

diff --git a/kubernetes/aaf/charts/aaf-hello/values.yaml b/kubernetes/aaf/charts/aaf-hello/values.yaml
index 36bed9d..0400dcc 100644 (file)
--- a/kubernetes/aaf/charts/aaf-hello/values.yaml
+++ b/kubernetes/aaf/charts/aaf-hello/values.yaml
@@ -1,4 +1,5 @@
 # Copyright © 2017 Amdocs, Bell Canada
+# Modifications © 2020 AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -12,14 +13,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
-  nodePortPrefix: 302
-  readinessRepository: oomk8s
-  readinessImage: readiness-check:2.0.2
 flavor: small
+
 #################################################################
 # Application configuration defaults.
 #################################################################
@@ -27,23 +22,24 @@ flavor: small
 aaf_init:
   # You might want this in your own app.  For AAF, we store in global
   # replicas: 1
-  fqdn: "aaf-hello"
-  image: onap/aaf/aaf_agent:2.1.15
-  app_ns: "org.osaaf.aaf"
+  image: onap/aaf/aaf_agent:2.1.20
   fqi: "aaf@aaf.osaaf.org"
+# This MUST match what is put in AAF's "Artifact" for Certificates
   fqdn: "aaf-hello"
-  public_fqdn: "aaf.osaaf.org"
+# What is put in Locator for External Access
+  locator_public_fqdn: "aaf.osaaf.org"
+  app_ns: "org.osaaf.aaf"
   deploy_fqi: "deployer@people.osaaf.org"
   cadi_latitude: "38.0"
   cadi_longitude: "-72.0"
 
 service:
-  image: onap/aaf/aaf_hello:2.1.15
+  image: onap/aaf/aaf_hello:2.1.20
   port: "8130"
   public_port: "31119"
 
 persistence:
-  enabled: true
+  enabled: false
     #existingClaim:
     # You will want "Reatan" in non-Hello Example.
   volumeReclaimPolicy: Delete

diff --git a/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml
index d6adc27..cc7f191 100644 (file)
--- a/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml
+++ b/kubernetes/aaf/charts/aaf-locate/templates/deployment.yaml
@@ -31,6 +31,23 @@ spec:
         release: {{ include "common.release" . }}
     spec:
       initContainers:
+      - name: fix-permission
+        command:
+        - /bin/sh
+        args:
+        - -c
+        - |
+          chmod -R 775 /opt/app/aaf/status
+          chown -R 1000:1000 /opt/app/aaf/status
+          chmod -R 775 /opt/app/osaaf
+          chown -R 1000:1000 /opt/app/osaaf
+        image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        volumeMounts:
+          - mountPath: /opt/app/aaf/status
+            name: aaf-status-vol
+          - mountPath: /opt/app/osaaf
+            name: aaf-config-vol
       - name: {{ include "common.name" . }}-config-container
         image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}}
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}

diff --git a/kubernetes/aaf/charts/aaf-locate/values.yaml b/kubernetes/aaf/charts/aaf-locate/values.yaml
index 74638d1..2083f1a 100644 (file)
--- a/kubernetes/aaf/charts/aaf-locate/values.yaml
+++ b/kubernetes/aaf/charts/aaf-locate/values.yaml
@@ -1,4 +1,5 @@
 # Copyright © 2017 Amdocs, Bell Canada
+# Modifications © 2020 AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -12,13 +13,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
-  nodePortPrefix: 302
-  readinessRepository: oomk8s
-  readinessImage: readiness-check:2.0.0
 flavor: small
 #################################################################
 # Application configuration defaults.

diff --git a/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml
index 5006475..6ce3abd 100644 (file)
--- a/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml
+++ b/kubernetes/aaf/charts/aaf-oauth/templates/deployment.yaml
@@ -31,6 +31,23 @@ spec:
         release: {{ include "common.release" . }}
     spec:
       initContainers:
+      - name: fix-permission
+        command:
+        - /bin/sh
+        args:
+        - -c
+        - |
+          chmod -R 775 /opt/app/aaf/status
+          chown -R 1000:1000 /opt/app/aaf/status
+          chmod -R 775 /opt/app/osaaf
+          chown -R 1000:1000 /opt/app/osaaf
+        image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        volumeMounts:
+          - mountPath: /opt/app/aaf/status
+            name: aaf-status-vol
+          - mountPath: /opt/app/osaaf
+            name: aaf-config-vol
       - name: {{ include "common.name" . }}-config-container
         image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}}
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}

diff --git a/kubernetes/aaf/charts/aaf-oauth/values.yaml b/kubernetes/aaf/charts/aaf-oauth/values.yaml
index ef00a46..deadf29 100644 (file)
--- a/kubernetes/aaf/charts/aaf-oauth/values.yaml
+++ b/kubernetes/aaf/charts/aaf-oauth/values.yaml
@@ -1,4 +1,5 @@
 # Copyright © 2017 Amdocs, Bell Canada
+# Modifications © 2020 AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -12,14 +13,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
-  nodePortPrefix: 302
-  readinessRepository: oomk8s
-  readinessImage: readiness-check:2.0.2
 flavor: small
+
 #################################################################
 # Application configuration defaults.
 #################################################################

diff --git a/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml
index 9b1386b..555f4ac 100644 (file)
--- a/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml
+++ b/kubernetes/aaf/charts/aaf-service/templates/deployment.yaml
@@ -31,6 +31,23 @@ spec:
         release: {{ include "common.release" . }}
     spec:
       initContainers:
+      - name: fix-permission
+        command:
+        - /bin/sh
+        args:
+        - -c
+        - |
+          chmod -R 775 /opt/app/aaf/status
+          chown -R 1000:1000 /opt/app/aaf/status
+          chmod -R 775 /opt/app/osaaf
+          chown -R 1000:1000 /opt/app/osaaf
+        image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        volumeMounts:
+          - mountPath: /opt/app/aaf/status
+            name: aaf-status-vol
+          - mountPath: /opt/app/osaaf
+            name: aaf-config-vol
       - name: {{ include "common.name" . }}-config-container
         image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}}
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}

diff --git a/kubernetes/aaf/charts/aaf-service/values.yaml b/kubernetes/aaf/charts/aaf-service/values.yaml
index 190b284..5f3c187 100644 (file)
--- a/kubernetes/aaf/charts/aaf-service/values.yaml
+++ b/kubernetes/aaf/charts/aaf-service/values.yaml
@@ -1,4 +1,5 @@
 # Copyright © 2017 Amdocs, Bell Canada
+# Modifications © 2020 AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -12,14 +13,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
-  nodePortPrefix: 302
-  readinessRepository: oomk8s
-  readinessImage: readiness-check:2.0.0
 flavor: small
+
 #################################################################
 # Application configuration defaults.
 #################################################################

diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml
index 4a1ac52..1c6cc93 100644 (file)
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml
+++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml
@@ -1,4 +1,5 @@
 # Copyright 2018 Intel Corporation, Inc
+# Modifications © 2020 AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -33,6 +34,22 @@ spec:
     spec:
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"
+{{- if .Values.persistence.enabled }}
+      initContainers:
+        - name: fix-permission
+          command:
+            - /bin/sh
+          args:
+            - -c
+            - |
+              chmod -R 775 /quorumclient/auth
+              chown -R 100:1000 /quorumclient/auth
+          image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}"
+          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          volumeMounts:
+            - mountPath: /quorumclient/auth
+              name: {{ include "common.fullname" . }}-data
+{{- end }}
       containers:
       - image: "{{ include "common.repository" . }}/{{ .Values.image }}"
         name: {{ include "common.name" . }}

diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml
index 142fbb5..1459624 100644 (file)
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml
+++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml
@@ -1,4 +1,5 @@
 # Copyright 2018 Intel Corporation, Inc
+# Modifications © 2020 AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -16,11 +17,6 @@
 # Global configuration defaults.
 #################################################################
 global:
-  nodePortPrefix: 302
-  readinessRepository: oomk8s
-  readinessImage: readiness-check:2.0.0
-  loggingRepository: docker.elastic.co
-  loggingImage: beats/filebeat:5.5.0
   persistence: {}
 
 #################################################################
@@ -28,7 +24,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/aaf/smsquorumclient:4.0.0
+image: onap/aaf/smsquorumclient:4.0.2
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml
index b9070a1..4023106 100644 (file)
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml
+++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml
@@ -1,4 +1,5 @@
 # Copyright 2018 Intel Corporation, Inc
+# Modifications © 2020 AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -31,11 +32,27 @@ spec:
         app: {{ include "common.name" . }}
         release: {{ include "common.release" . }}
     spec:
+{{- if .Values.persistence.enabled }}
+      initContainers:
+        - name: fix-permission
+          command:
+            - /bin/sh
+          args:
+            - -c
+            - |
+              chmod -R 775 /consul/data
+              chown -R 100:1000 /consul/data
+          image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}"
+          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          volumeMounts:
+            - mountPath: /consul/data
+              name: {{ include "common.fullname" . }}-data
+{{- end }}
       containers:
       - image: "{{ include "common.repository" . }}/{{ .Values.image.vault }}"
         name: {{ include "common.name" . }}
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        command: ["vault","server","-config","/vault/config/config.json"]
+        args: ["server"]
         ports:
         - containerPort: {{ .Values.service.internalPort }}
         volumeMounts:
@@ -50,7 +67,7 @@ spec:
       - image: "{{ include "common.repository" . }}/{{ .Values.image.consul }}"
         name: {{ include "common.name" . }}-backend
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        command: ["consul","agent","-server","-client","0.0.0.0","-bootstrap-expect=1","-config-file","/consul/config/config.json"]
+        args: ["agent","-server","-bind","0.0.0.0","-bootstrap-expect=1","-config-file","/consul/config/config.json"]
         ports:
         - name: http
           containerPort: 8500

diff --git a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml
index 192d33d..7787f0b 100644 (file)
--- a/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml
+++ b/kubernetes/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml
@@ -1,4 +1,5 @@
 # Copyright 2018 Intel Corporation, Inc
+# Modifications © 2020 AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -16,14 +17,13 @@
 # Global configuration defaults.
 #################################################################
 global:
-  nodePortPrefix: 302
   persistence: {}
 
 # application image
 repository: nexus3.onap.org:10001
 image:
-  consul: library/consul:1.0.6
-  vault: library/vault:0.10.0
+  consul: library/consul:1.7.1
+  vault: library/vault:1.3.3
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/aaf/charts/aaf-sms/templates/deployment.yaml b/kubernetes/aaf/charts/aaf-sms/templates/deployment.yaml
index 0e8038a..6113c0d 100644 (file)
--- a/kubernetes/aaf/charts/aaf-sms/templates/deployment.yaml
+++ b/kubernetes/aaf/charts/aaf-sms/templates/deployment.yaml
@@ -1,4 +1,5 @@
 # Copyright 2018 Intel Corporation, Inc
+# Modifications © 2020 AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -31,22 +32,35 @@ spec:
         release: {{ include "common.release" . }}
     spec:
       initContainers:
-      - image:  "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
-        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        name: {{ include "common.name" . }}-readiness
-        command:
-        - /root/ready.py
-        args:
-        - --container-name
-        - "aaf-sms-vault"
-        - --container-name
-        - "aaf-sms-vault-backend"
-        env:
-        - name: NAMESPACE
-          valueFrom:
-            fieldRef:
-              apiVersion: v1
-              fieldPath: metadata.namespace
+        - name: fix-permission
+          command:
+            - /bin/sh
+          args:
+            - -c
+            - |
+              chmod -R 775 /sms/auth
+              chown -R 1000:1000 /sms/auth
+          image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}"
+          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          volumeMounts:
+            - mountPath: /sms/auth
+              name: {{ include "common.fullname" . }}-auth
+        - name: {{ include "common.name" . }}-readiness
+          image:  "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          command:
+          - /root/ready.py
+          args:
+          - --container-name
+          - "aaf-sms-vault"
+          - --container-name
+          - "aaf-sms-vault-backend"
+          env:
+          - name: NAMESPACE
+            valueFrom:
+              fieldRef:
+                apiVersion: v1
+                fieldPath: metadata.namespace
       containers:
       - image: "{{ include "common.repository" . }}/{{ .Values.image }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}

diff --git a/kubernetes/aaf/charts/aaf-sms/values.yaml b/kubernetes/aaf/charts/aaf-sms/values.yaml
index c0d43b8..b246051 100644 (file)
--- a/kubernetes/aaf/charts/aaf-sms/values.yaml
+++ b/kubernetes/aaf/charts/aaf-sms/values.yaml
@@ -1,4 +1,5 @@
 # Copyright 2018 Intel Corporation, Inc
+# Modifications © 2020 AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -17,18 +18,17 @@
 #################################################################
 global:
   nodePortPrefix: 302
-  readinessRepository: oomk8s
-  readinessImage: readiness-check:2.0.0
   loggingRepository: docker.elastic.co
   loggingImage: beats/filebeat:5.5.0
   persistence: {}
+
 flavor: small
 #################################################################
 # Application configuration defaults.
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/aaf/sms:4.0.1
+image: onap/aaf/sms:4.0.2
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/aaf/charts/aaf-sshsm/values.yaml b/kubernetes/aaf/charts/aaf-sshsm/values.yaml
index 6d4fbec..55d38a0 100644 (file)
--- a/kubernetes/aaf/charts/aaf-sshsm/values.yaml
+++ b/kubernetes/aaf/charts/aaf-sshsm/values.yaml
@@ -16,13 +16,6 @@
 # Global configuration defaults.
 #################################################################
 global:
-  nodePortPrefix: 302
-  readinessRepository: oomk8s
-  readinessImage: readiness-check:2.0.0
-  loggingRepository: docker.elastic.co
-  loggingImage: beats/filebeat:5.5.0
-  ubuntuInitRepository: oomk8s
-  ubuntuInitImage: ubuntu-init:1.0.0
   tpm:
     enabled: false
     # if enabled, nodeselector will use the below

diff --git a/kubernetes/aaf/values.yaml b/kubernetes/aaf/values.yaml
index a19f102..8eaead5 100644 (file)
--- a/kubernetes/aaf/values.yaml
+++ b/kubernetes/aaf/values.yaml
@@ -1,4 +1,5 @@
 # Copyright © 2017 Amdocs, Bell Canada
+# Modifications © 2020 AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -17,10 +18,18 @@
 #################################################################
 global:
   nodePortPrefix: 302
+  # Readiness image
   readinessRepository: oomk8s
   readinessImage: readiness-check:2.0.2
+  # Ubuntu Init image
   ubuntuInitRepository: registry.hub.docker.com
   ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
+  # Logging image
+  loggingRepository: docker.elastic.co
+  loggingImage: beats/filebeat:5.5.0
+  # BusyBox image
+  busyboxRepository: registry.hub.docker.com
+  busyboxImage: library/busybox:latest
   persistence:
     enabled: true
   # Standard OOM
@@ -33,7 +42,7 @@ global:
 
   aaf:
     readiness: false
-    image: onap/aaf/aaf_core:2.1.15
+    image: onap/aaf/aaf_core:2.1.20
     aaf_env: "DEV"
     public_fqdn: "aaf.osaaf.org"
     aaf_release: "El Alto"
@@ -48,10 +57,10 @@ global:
     cadi_x509_issuers: "CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US"
 
     config:
-      image: onap/aaf/aaf_config:2.1.15
+      image: onap/aaf/aaf_config:2.1.20
     cass:
       replicas: 1
-      image: onap/aaf/aaf_cass:2.1.15
+      image: onap/aaf/aaf_cass:2.1.20
       fqdn: "aaf-cass"
       cluster_name: "osaaf"
       heap_new_size: "512M"
@@ -93,6 +102,8 @@ global:
       public_port: 31115
     hello:
       replicas: 0
+#     Note: as hello is a sample app, find values in charts/aaf-hello/values.yaml
+
 
 #################################################################
 # Application configuration defaults.
@@ -151,4 +162,5 @@ persistence:
     mountPath: /dockerdata-nfs
     mountSubPath: "cass"
 
+
 resources: {}

diff --git a/kubernetes/aai b/kubernetes/aai
index ab137ca..0c4cd89 160000 (submodule)
--- a/kubernetes/aai
+++ b/kubernetes/aai
@@ -1 +1 @@
-Subproject commit ab137ca81f5d4f9eb3d442f37f8e7ea52d7757f0
+Subproject commit 0c4cd899d53538202c23030ab278984897aede94

diff --git a/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties b/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties
index d36f0bc..eee61e7 100755 (executable)
--- a/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties
+++ b/kubernetes/cds/charts/cds-blueprints-processor/resources/config/application.properties
@@ -72,7 +72,7 @@ error.catalog.errorDefinitionFileDirectory=/opt/app/onap/config
 # SDN-C's ODL Restconf Connection Details
 blueprintsprocessor.restconfEnabled=true
 blueprintsprocessor.restclient.sdncodl.type=basic-auth
-blueprintsprocessor.restclient.sdncodl.url=http://sdnc:8282/
+blueprintsprocessor.restclient.sdncodl.url=http://{{ .Values.global.sdncOamService }}:{{ .Values.global.sdncOamPort }}/
 blueprintsprocessor.restclient.sdncodl.username=admin
 blueprintsprocessor.restclient.sdncodl.password=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
 
@@ -92,7 +92,7 @@ blueprintsprocessor.grpcclient.py-executor.trustCertCollection=/opt/app/onap/con
 blueprintsprocessor.grpcclient.py-executor.type=tls-auth
 # Config Data REST client settings
 blueprintsprocessor.restclient.sdnc.type=basic-auth
-blueprintsprocessor.restclient.sdnc.url=http://sdnc:8282
+blueprintsprocessor.restclient.sdnc.url=http://{{ .Values.global.sdncOamService }}:{{ .Values.global.sdncOamPort }}
 blueprintsprocessor.restclient.sdnc.username=admin
 blueprintsprocessor.restclient.sdnc.password=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
 

diff --git a/kubernetes/cds/charts/cds-blueprints-processor/values.yaml b/kubernetes/cds/charts/cds-blueprints-processor/values.yaml
index 29047a7..6cd3c2b 100755 (executable)
--- a/kubernetes/cds/charts/cds-blueprints-processor/values.yaml
+++ b/kubernetes/cds/charts/cds-blueprints-processor/values.yaml
@@ -37,6 +37,10 @@ global:
   # envsusbt
   envsubstImage: dibi/envsubst
 
+  #This configuration specifies Service and port for SDNC OAM interface
+  sdncOamService: sdnc-oam
+  sdncOamPort: 8282
+
 #################################################################
 # Secrets metaconfig
 #################################################################

diff --git a/kubernetes/clamp/charts/clamp-backend/values.yaml b/kubernetes/clamp/charts/clamp-backend/values.yaml
index ce86ec2..1888854 100644 (file)
--- a/kubernetes/clamp/charts/clamp-backend/values.yaml
+++ b/kubernetes/clamp/charts/clamp-backend/values.yaml
@@ -27,7 +27,7 @@ flavor: small
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/clamp-backend:5.0.2
+image: onap/clamp-backend:5.0.3
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/clamp/values.yaml b/kubernetes/clamp/values.yaml
index cf6c572..47eca67 100644 (file)
--- a/kubernetes/clamp/values.yaml
+++ b/kubernetes/clamp/values.yaml
@@ -30,7 +30,7 @@ flavor: small
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/clamp-frontend:5.0.2
+image: onap/clamp-frontend:5.0.3
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/common/common/templates/_service.tpl b/kubernetes/common/common/templates/_service.tpl
index 0c7660e..98b8d67 100644 (file)
--- a/kubernetes/common/common/templates/_service.tpl
+++ b/kubernetes/common/common/templates/_service.tpl
@@ -30,6 +30,37 @@
   {{- default $name .Values.service.name | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 
+{{/*
+  Resolve the prefix node port to use. We look at these different values in
+  order of priority (first found, first chosen)
+  - .Values.service.nodePortPrefixOverride: override value for nodePort which
+                                            will be use locally;
+  - .Values.global.nodePortPrefix         : global value for nodePort which will
+                                            be used for all charts (unless
+                                            previous one is used);
+  - .Values.global.nodePortPrefixExt      : global value for nodePort which will
+                                            be used for all charts (unless
+                                            previous one is used) if
+                                            useNodePortExt is set to true in
+                                            service or on port;
+  - .Values.service.nodePortPrefix        : value used on a pert chart basis if
+                                            no other version exists.
+
+  The function takes two arguments (inside a dictionary):
+     - .dot : environment (.)
+     - .useNodePortExt : does the port use the "extended" nodeport part or the
+                         normal one?
+*/}}
+{{- define "common.nodePortPrefix" -}}
+{{-   $dot := default . .dot -}}
+{{-   $useNodePortExt := default false .useNodePortExt -}}
+{{-   if or $useNodePortExt $dot.Values.service.useNodePortExt -}}
+{{      $dot.Values.service.nodePortPrefixOverride | default $dot.Values.global.nodePortPrefixExt | default $dot.Values.nodePortPrefix }}
+{{-   else -}}
+{{      $dot.Values.service.nodePortPrefixOverride | default $dot.Values.global.nodePortPrefix | default $dot.Values.nodePortPrefix }}
+{{-   end -}}
+{{- end -}}
+
 {{/* Define the metadata of Service
      The function takes from one to four arguments (inside a dictionary):
      - .dot : environment (.)
@@ -96,7 +127,7 @@ labels: {{- include "common.labels" (dict "labels" $labels "dot" $dot) | nindent
   name: {{ $port.name }}
 {{-       end }}
 {{-       if (eq $serviceType "NodePort") }}
-  nodePort: {{ $dot.Values.global.nodePortPrefix | default $dot.Values.nodePortPrefix }}{{ $port.nodePort }}
+  nodePort: {{ include "common.nodePortPrefix" (dict "dot" $dot "portNodePortExt" $port.useNodePortExt) }}{{ $port.nodePort }}
 {{-       end }}
 {{-     else }}
 - port: {{ default $port.port $port.plain_port }}

diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml
index dabf21d..6decff2 100644 (file)
--- a/kubernetes/common/mariadb-galera/values.yaml
+++ b/kubernetes/common/mariadb-galera/values.yaml
@@ -58,7 +58,7 @@ pullPolicy: IfNotPresent
 # application configuration
 config:
   # .mariadbRootPasswordExternalSecret: 'some-external-secret'
-  mariadbRootPassword: secretpassword
+  # mariadbRootPassword: secretpassword
   # .userCredentialsExternalSecret: 'some-external-secret'
   userName: my-user
   # userPassword: my-password

diff --git a/kubernetes/contrib/Makefile b/kubernetes/contrib/Makefile
new file mode 100644 (file)
index 0000000..3e9d7a7
--- /dev/null
+++ b/kubernetes/contrib/Makefile
@@ -0,0 +1,28 @@
+# Copyright © 2018  AT&T Intellectual Property.  All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+make-contrib: make-contrib-awx make-contrib-netbox make-contrib-core
+
+make-contrib-awx:
+       cd components && helm dep up awx && helm lint awx
+
+make-contrib-netbox:
+       cd components && helm dep up netbox && helm lint netbox
+
+make-contrib-core:
+       helm dep up . && helm lint .
+
+clean:
+       @find . -type f -name '*.tgz' -delete
+       @find . -type f -name '*.lock' -delete

diff --git a/kubernetes/contrib/charts/awx/Chart.yaml b/kubernetes/contrib/components/awx/Chart.yaml
similarity index 100%
rename from kubernetes/contrib/charts/awx/Chart.yaml
rename to kubernetes/contrib/components/awx/Chart.yaml

diff --git a/kubernetes/contrib/charts/awx/Makefile b/kubernetes/contrib/components/awx/Makefile
similarity index 100%
rename from kubernetes/contrib/charts/awx/Makefile
rename to kubernetes/contrib/components/awx/Makefile

diff --git a/kubernetes/contrib/charts/awx/charts/awx-postgres/Chart.yaml b/kubernetes/contrib/components/awx/charts/awx-postgres/Chart.yaml
similarity index 100%
rename from kubernetes/contrib/charts/awx/charts/awx-postgres/Chart.yaml
rename to kubernetes/contrib/components/awx/charts/awx-postgres/Chart.yaml

diff --git a/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/NOTES.txt b/kubernetes/contrib/components/awx/charts/awx-postgres/templates/NOTES.txt
similarity index 100%
rename from kubernetes/contrib/charts/awx/charts/awx-postgres/templates/NOTES.txt
rename to kubernetes/contrib/components/awx/charts/awx-postgres/templates/NOTES.txt

diff --git a/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/deployment.yaml b/kubernetes/contrib/components/awx/charts/awx-postgres/templates/deployment.yaml
similarity index 100%
rename from kubernetes/contrib/charts/awx/charts/awx-postgres/templates/deployment.yaml
rename to kubernetes/contrib/components/awx/charts/awx-postgres/templates/deployment.yaml

diff --git a/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pv.yaml b/kubernetes/contrib/components/awx/charts/awx-postgres/templates/pv.yaml
similarity index 100%
rename from kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pv.yaml
rename to kubernetes/contrib/components/awx/charts/awx-postgres/templates/pv.yaml

diff --git a/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pvc.yaml b/kubernetes/contrib/components/awx/charts/awx-postgres/templates/pvc.yaml
similarity index 100%
rename from kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pvc.yaml
rename to kubernetes/contrib/components/awx/charts/awx-postgres/templates/pvc.yaml

diff --git a/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/service.yaml b/kubernetes/contrib/components/awx/charts/awx-postgres/templates/service.yaml
similarity index 100%
rename from kubernetes/contrib/charts/awx/charts/awx-postgres/templates/service.yaml
rename to kubernetes/contrib/components/awx/charts/awx-postgres/templates/service.yaml

diff --git a/kubernetes/contrib/charts/awx/charts/awx-postgres/values.yaml b/kubernetes/contrib/components/awx/charts/awx-postgres/values.yaml
similarity index 100%
rename from kubernetes/contrib/charts/awx/charts/awx-postgres/values.yaml
rename to kubernetes/contrib/components/awx/charts/awx-postgres/values.yaml

diff --git a/kubernetes/contrib/charts/awx/charts/awx/Chart.yaml b/kubernetes/contrib/components/awx/charts/awx/Chart.yaml
similarity index 100%
rename from kubernetes/contrib/charts/awx/charts/awx/Chart.yaml
rename to kubernetes/contrib/components/awx/charts/awx/Chart.yaml

diff --git a/kubernetes/contrib/charts/awx/charts/awx/resources/config/credentials.py b/kubernetes/contrib/components/awx/charts/awx/resources/config/credentials.py
similarity index 100%
rename from kubernetes/contrib/charts/awx/charts/awx/resources/config/credentials.py
rename to kubernetes/contrib/components/awx/charts/awx/resources/config/credentials.py

diff --git a/kubernetes/contrib/charts/awx/charts/awx/resources/config/environment.sh b/kubernetes/contrib/components/awx/charts/awx/resources/config/environment.sh
similarity index 100%
rename from kubernetes/contrib/charts/awx/charts/awx/resources/config/environment.sh
rename to kubernetes/contrib/components/awx/charts/awx/resources/config/environment.sh

diff --git a/kubernetes/contrib/charts/awx/charts/awx/templates/configmap.yaml b/kubernetes/contrib/components/awx/charts/awx/templates/configmap.yaml
similarity index 100%
rename from kubernetes/contrib/charts/awx/charts/awx/templates/configmap.yaml
rename to kubernetes/contrib/components/awx/charts/awx/templates/configmap.yaml

diff --git a/kubernetes/contrib/charts/awx/charts/awx/templates/job.yaml b/kubernetes/contrib/components/awx/charts/awx/templates/job.yaml
similarity index 100%
rename from kubernetes/contrib/charts/awx/charts/awx/templates/job.yaml
rename to kubernetes/contrib/components/awx/charts/awx/templates/job.yaml

diff --git a/kubernetes/contrib/charts/awx/charts/awx/templates/secret.yaml b/kubernetes/contrib/components/awx/charts/awx/templates/secret.yaml
similarity index 100%
rename from kubernetes/contrib/charts/awx/charts/awx/templates/secret.yaml
rename to kubernetes/contrib/components/awx/charts/awx/templates/secret.yaml

diff --git a/kubernetes/contrib/charts/awx/charts/awx/templates/service.yaml b/kubernetes/contrib/components/awx/charts/awx/templates/service.yaml
similarity index 100%
rename from kubernetes/contrib/charts/awx/charts/awx/templates/service.yaml
rename to kubernetes/contrib/components/awx/charts/awx/templates/service.yaml

diff --git a/kubernetes/contrib/charts/awx/charts/awx/templates/serviceaccout.yaml b/kubernetes/contrib/components/awx/charts/awx/templates/serviceaccout.yaml
similarity index 100%
rename from kubernetes/contrib/charts/awx/charts/awx/templates/serviceaccout.yaml
rename to kubernetes/contrib/components/awx/charts/awx/templates/serviceaccout.yaml

diff --git a/kubernetes/contrib/charts/awx/charts/awx/templates/statefulset.yaml b/kubernetes/contrib/components/awx/charts/awx/templates/statefulset.yaml
similarity index 100%
rename from kubernetes/contrib/charts/awx/charts/awx/templates/statefulset.yaml
rename to kubernetes/contrib/components/awx/charts/awx/templates/statefulset.yaml

diff --git a/kubernetes/contrib/charts/awx/charts/awx/values.yaml b/kubernetes/contrib/components/awx/charts/awx/values.yaml
similarity index 100%
rename from kubernetes/contrib/charts/awx/charts/awx/values.yaml
rename to kubernetes/contrib/components/awx/charts/awx/values.yaml

diff --git a/kubernetes/contrib/charts/awx/requirements.yaml b/kubernetes/contrib/components/awx/requirements.yaml
similarity index 100%
rename from kubernetes/contrib/charts/awx/requirements.yaml
rename to kubernetes/contrib/components/awx/requirements.yaml

diff --git a/kubernetes/contrib/charts/awx/values.yaml b/kubernetes/contrib/components/awx/values.yaml
similarity index 100%
rename from kubernetes/contrib/charts/awx/values.yaml
rename to kubernetes/contrib/components/awx/values.yaml

diff --git a/kubernetes/contrib/charts/netbox/.helmignore b/kubernetes/contrib/components/netbox/.helmignore
similarity index 100%
rename from kubernetes/contrib/charts/netbox/.helmignore
rename to kubernetes/contrib/components/netbox/.helmignore

diff --git a/kubernetes/contrib/charts/netbox/Chart.yaml b/kubernetes/contrib/components/netbox/Chart.yaml
similarity index 100%
rename from kubernetes/contrib/charts/netbox/Chart.yaml
rename to kubernetes/contrib/components/netbox/Chart.yaml

diff --git a/kubernetes/contrib/charts/netbox/Makefile b/kubernetes/contrib/components/netbox/Makefile
similarity index 100%
rename from kubernetes/contrib/charts/netbox/Makefile
rename to kubernetes/contrib/components/netbox/Makefile

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/.helmignore b/kubernetes/contrib/components/netbox/charts/netbox-app/.helmignore
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-app/.helmignore
rename to kubernetes/contrib/components/netbox/charts/netbox-app/.helmignore

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/Chart.yaml b/kubernetes/contrib/components/netbox/charts/netbox-app/Chart.yaml
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-app/Chart.yaml
rename to kubernetes/contrib/components/netbox/charts/netbox-app/Chart.yaml

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/configuration/configuration.py b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/configuration.py
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/configuration/configuration.py
rename to kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/configuration.py

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/configuration/gunicorn_config.py b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/gunicorn_config.py
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/configuration/gunicorn_config.py
rename to kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/gunicorn_config.py

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/configuration/ldap_config.py b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/ldap_config.py
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/configuration/ldap_config.py
rename to kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/ldap_config.py

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/initializers/custom_fields.yml b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/custom_fields.yml
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/initializers/custom_fields.yml
rename to kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/custom_fields.yml

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/initializers/groups.yml b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/groups.yml
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/initializers/groups.yml
rename to kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/groups.yml

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/initializers/users.yml b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/users.yml
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/initializers/users.yml
rename to kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/users.yml

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/provisioning/provision.sh b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/provisioning/provision.sh
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/provisioning/provision.sh
rename to kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/provisioning/provision.sh

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/startup_scripts/00_users.py b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/00_users.py
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/startup_scripts/00_users.py
rename to kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/00_users.py

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/startup_scripts/10_groups.py b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/10_groups.py
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/startup_scripts/10_groups.py
rename to kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/10_groups.py

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/startup_scripts/20_custom_fields.py b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/20_custom_fields.py
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/startup_scripts/20_custom_fields.py
rename to kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/20_custom_fields.py

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/NOTES.txt b/kubernetes/contrib/components/netbox/charts/netbox-app/templates/NOTES.txt
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-app/templates/NOTES.txt
rename to kubernetes/contrib/components/netbox/charts/netbox-app/templates/NOTES.txt

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/configmap.yaml b/kubernetes/contrib/components/netbox/charts/netbox-app/templates/configmap.yaml
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-app/templates/configmap.yaml
rename to kubernetes/contrib/components/netbox/charts/netbox-app/templates/configmap.yaml

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/deployment.yaml b/kubernetes/contrib/components/netbox/charts/netbox-app/templates/deployment.yaml
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-app/templates/deployment.yaml
rename to kubernetes/contrib/components/netbox/charts/netbox-app/templates/deployment.yaml

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/job.yaml b/kubernetes/contrib/components/netbox/charts/netbox-app/templates/job.yaml
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-app/templates/job.yaml
rename to kubernetes/contrib/components/netbox/charts/netbox-app/templates/job.yaml

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/pv.yaml b/kubernetes/contrib/components/netbox/charts/netbox-app/templates/pv.yaml
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-app/templates/pv.yaml
rename to kubernetes/contrib/components/netbox/charts/netbox-app/templates/pv.yaml

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/pvc.yaml b/kubernetes/contrib/components/netbox/charts/netbox-app/templates/pvc.yaml
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-app/templates/pvc.yaml
rename to kubernetes/contrib/components/netbox/charts/netbox-app/templates/pvc.yaml

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/secrets.yaml b/kubernetes/contrib/components/netbox/charts/netbox-app/templates/secrets.yaml
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-app/templates/secrets.yaml
rename to kubernetes/contrib/components/netbox/charts/netbox-app/templates/secrets.yaml

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/service.yaml b/kubernetes/contrib/components/netbox/charts/netbox-app/templates/service.yaml
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-app/templates/service.yaml
rename to kubernetes/contrib/components/netbox/charts/netbox-app/templates/service.yaml

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/values.yaml b/kubernetes/contrib/components/netbox/charts/netbox-app/values.yaml
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-app/values.yaml
rename to kubernetes/contrib/components/netbox/charts/netbox-app/values.yaml

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-nginx/.helmignore b/kubernetes/contrib/components/netbox/charts/netbox-nginx/.helmignore
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-nginx/.helmignore
rename to kubernetes/contrib/components/netbox/charts/netbox-nginx/.helmignore

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-nginx/Chart.yaml b/kubernetes/contrib/components/netbox/charts/netbox-nginx/Chart.yaml
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-nginx/Chart.yaml
rename to kubernetes/contrib/components/netbox/charts/netbox-nginx/Chart.yaml

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-nginx/resources/config/nginx.conf b/kubernetes/contrib/components/netbox/charts/netbox-nginx/resources/config/nginx.conf
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-nginx/resources/config/nginx.conf
rename to kubernetes/contrib/components/netbox/charts/netbox-nginx/resources/config/nginx.conf

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-nginx/templates/NOTES.txt b/kubernetes/contrib/components/netbox/charts/netbox-nginx/templates/NOTES.txt
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-nginx/templates/NOTES.txt
rename to kubernetes/contrib/components/netbox/charts/netbox-nginx/templates/NOTES.txt

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-nginx/templates/configmap.yaml b/kubernetes/contrib/components/netbox/charts/netbox-nginx/templates/configmap.yaml
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-nginx/templates/configmap.yaml
rename to kubernetes/contrib/components/netbox/charts/netbox-nginx/templates/configmap.yaml

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-nginx/templates/deployment.yaml b/kubernetes/contrib/components/netbox/charts/netbox-nginx/templates/deployment.yaml
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-nginx/templates/deployment.yaml
rename to kubernetes/contrib/components/netbox/charts/netbox-nginx/templates/deployment.yaml

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-nginx/templates/service.yaml b/kubernetes/contrib/components/netbox/charts/netbox-nginx/templates/service.yaml
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-nginx/templates/service.yaml
rename to kubernetes/contrib/components/netbox/charts/netbox-nginx/templates/service.yaml

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-nginx/values.yaml b/kubernetes/contrib/components/netbox/charts/netbox-nginx/values.yaml
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-nginx/values.yaml
rename to kubernetes/contrib/components/netbox/charts/netbox-nginx/values.yaml

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/.helmignore b/kubernetes/contrib/components/netbox/charts/netbox-postgres/.helmignore
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-postgres/.helmignore
rename to kubernetes/contrib/components/netbox/charts/netbox-postgres/.helmignore

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/Chart.yaml b/kubernetes/contrib/components/netbox/charts/netbox-postgres/Chart.yaml
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-postgres/Chart.yaml
rename to kubernetes/contrib/components/netbox/charts/netbox-postgres/Chart.yaml

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/NOTES.txt b/kubernetes/contrib/components/netbox/charts/netbox-postgres/templates/NOTES.txt
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/NOTES.txt
rename to kubernetes/contrib/components/netbox/charts/netbox-postgres/templates/NOTES.txt

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/configmap.yaml b/kubernetes/contrib/components/netbox/charts/netbox-postgres/templates/configmap.yaml
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/configmap.yaml
rename to kubernetes/contrib/components/netbox/charts/netbox-postgres/templates/configmap.yaml

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/deployment.yaml b/kubernetes/contrib/components/netbox/charts/netbox-postgres/templates/deployment.yaml
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/deployment.yaml
rename to kubernetes/contrib/components/netbox/charts/netbox-postgres/templates/deployment.yaml

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pv.yaml b/kubernetes/contrib/components/netbox/charts/netbox-postgres/templates/pv.yaml
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pv.yaml
rename to kubernetes/contrib/components/netbox/charts/netbox-postgres/templates/pv.yaml

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pvc.yaml b/kubernetes/contrib/components/netbox/charts/netbox-postgres/templates/pvc.yaml
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pvc.yaml
rename to kubernetes/contrib/components/netbox/charts/netbox-postgres/templates/pvc.yaml

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/service.yaml b/kubernetes/contrib/components/netbox/charts/netbox-postgres/templates/service.yaml
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/service.yaml
rename to kubernetes/contrib/components/netbox/charts/netbox-postgres/templates/service.yaml

diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/values.yaml b/kubernetes/contrib/components/netbox/charts/netbox-postgres/values.yaml
similarity index 100%
rename from kubernetes/contrib/charts/netbox/charts/netbox-postgres/values.yaml
rename to kubernetes/contrib/components/netbox/charts/netbox-postgres/values.yaml

diff --git a/kubernetes/contrib/charts/netbox/requirements.yaml b/kubernetes/contrib/components/netbox/requirements.yaml
similarity index 100%
rename from kubernetes/contrib/charts/netbox/requirements.yaml
rename to kubernetes/contrib/components/netbox/requirements.yaml

diff --git a/kubernetes/contrib/charts/netbox/templates/ingress.yaml b/kubernetes/contrib/components/netbox/templates/ingress.yaml
similarity index 100%
rename from kubernetes/contrib/charts/netbox/templates/ingress.yaml
rename to kubernetes/contrib/components/netbox/templates/ingress.yaml

diff --git a/kubernetes/contrib/charts/netbox/values.yaml b/kubernetes/contrib/components/netbox/values.yaml
similarity index 100%
rename from kubernetes/contrib/charts/netbox/values.yaml
rename to kubernetes/contrib/components/netbox/values.yaml

diff --git a/kubernetes/contrib/requirements.yaml b/kubernetes/contrib/requirements.yaml
index 6e0025e..2574cea 100644 (file)
--- a/kubernetes/contrib/requirements.yaml
+++ b/kubernetes/contrib/requirements.yaml
@@ -15,4 +15,12 @@
 dependencies:
   - name: common
     version: ~6.x-0
-    repository: '@local'
\ No newline at end of file
+    repository: '@local'
+  - name: netbox
+    version: ~6.x-0
+    repository: 'file://components/netbox'
+    condition: netbox.enabled
+  - name: awx
+    version: ~6.x-0
+    repository: 'file://components/awx'
+    condition: awx.enabled

diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/dmaap-plugin.json b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/dmaap-plugin.json
index 41404b0..c52a0a8 100644 (file)
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/dmaap-plugin.json
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/dmaap-plugin.json
@@ -2,7 +2,6 @@
     "dmaap": {
         "username": "notused",
         "password": "doesnotmatter",
-        "owner": "dcaecm",
-        "protocol": "http"
-    }
+        "owner": "dcaecm"
+     }
 }
\ No newline at end of file

diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
index 19b5972..a5bd69a 100644 (file)
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
@@ -109,7 +109,7 @@ mongo:
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.12.4
+image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.12.5
 default_k8s_location: central
 
 # DCAE component images to be deployed via Cloudify Manager

diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml
index d5da039..37f79a4 100644 (file)
--- a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml
@@ -72,7 +72,7 @@ readiness:
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.0.2
+image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.0.3
 
 # Resource Limit flavor -By Default using small
 flavor: small

diff --git a/kubernetes/msb/charts/msb-discovery/values.yaml b/kubernetes/msb/charts/msb-discovery/values.yaml
index abb1277..268385d 100644 (file)
--- a/kubernetes/msb/charts/msb-discovery/values.yaml
+++ b/kubernetes/msb/charts/msb-discovery/values.yaml
@@ -24,7 +24,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/msb/msb_discovery:1.2.5
+image: onap/msb/msb_discovery:1.2.6
 pullPolicy: Always
 istioSidecar: true
 

diff --git a/kubernetes/msb/charts/msb-eag/values.yaml b/kubernetes/msb/charts/msb-eag/values.yaml
index 535c135..c5820ae 100644 (file)
--- a/kubernetes/msb/charts/msb-eag/values.yaml
+++ b/kubernetes/msb/charts/msb-eag/values.yaml
@@ -24,7 +24,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/msb/msb_apigateway:1.2.5
+image: onap/msb/msb_apigateway:1.2.6
 pullPolicy: Always
 istioSidecar: true
 

diff --git a/kubernetes/msb/charts/msb-iag/values.yaml b/kubernetes/msb/charts/msb-iag/values.yaml
index 6d1f7ac..00adb83 100644 (file)
--- a/kubernetes/msb/charts/msb-iag/values.yaml
+++ b/kubernetes/msb/charts/msb-iag/values.yaml
@@ -24,7 +24,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/msb/msb_apigateway:1.2.5
+image: onap/msb/msb_apigateway:1.2.6
 pullPolicy: Always
 istioSidecar: true
 

diff --git a/kubernetes/nbi/templates/deployment.yaml b/kubernetes/nbi/templates/deployment.yaml
index 3283239..1b4195c 100644 (file)
--- a/kubernetes/nbi/templates/deployment.yaml
+++ b/kubernetes/nbi/templates/deployment.yaml
@@ -57,10 +57,7 @@ spec:
               -Dserver.ssl.key-store-password=$cadi_keystore_password_p12  \
               -Djavax.net.ssl.trustStoreType=jks\
               -Djava.security.egd=file:/dev/./urandom -Dserver.port=8443"
-            {{- if eq "DEBUG" .Values.config.loglevel }}
-            export JAVA_DEBUG="-Djavax.net.debug=all"
-            {{- end }}
-            exec java -XX:+UseContainerSupport $JAVA_DEBUG $JAVA_OPTS -jar /opt/onap/app.jar
+            exec java -XX:+UseContainerSupport $JAVA_OPTS -jar /opt/onap/app.jar
           {{- end }}
           {{ if .Values.liveness.enabled }}
           livenessProbe:
@@ -116,7 +113,7 @@ spec:
               value: {{ .Values.so_authorization }}
             {{- end }}
             - name: DMAAP_HOST
-              value: "http://message-router.{{ include "common.namespace" . }}:3904"
+              value: "https://message-router.{{ include "common.namespace" . }}:3905"
             - name: LOGGING_LEVEL_ORG_ONAP_NBI
               value: {{ .Values.config.loglevel }}
             - name: MSB_ENABLED

diff --git a/kubernetes/nbi/values.yaml b/kubernetes/nbi/values.yaml
index ceab7fa..dcf9573 100644 (file)
--- a/kubernetes/nbi/values.yaml
+++ b/kubernetes/nbi/values.yaml
@@ -75,7 +75,7 @@ subChartsOnly:
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/externalapi/nbi:6.0.1
+image: onap/externalapi/nbi:6.0.2
 pullPolicy: IfNotPresent
 sdc_authorization: Basic YWFpOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU=
 aai_authorization: Basic QUFJOkFBSQ==

diff --git a/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml b/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml
index 545359e..c9de7f9 100644 (file)
--- a/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml
+++ b/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml
@@ -114,7 +114,7 @@ msb:
 multicloud:
   enabled: false
 nbi:
-  enabled: false
+  enabled: true
   config:
     # openstack configuration
     openStackRegion: "Yolo"

diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml
index 40275a5..abbbdcd 100755 (executable)
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -121,7 +121,7 @@ global:
 # to customize the ONAP deployment.
 #################################################################
 aaf:
-  enabled: false
+  enabled: true
 aai:
   enabled: false
 appc:

diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/deployment.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/deployment.yaml
index c2d6f8c..6780847 100644 (file)
--- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/deployment.yaml
+++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/templates/deployment.yaml
@@ -45,6 +45,13 @@ spec:
         image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
         name: {{ include "common.name" . }}-readiness
+      - name: {{ include "common.name" . }}-chown
+        command: ["/bin/sh", "-c", "chown -Rf 1000:1000 /share/"]
+        image: "{{ .Values.global.busyBoxRepository }}/{{ .Values.global.busyBoxImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        volumeMounts:
+        - name: {{ include "common.fullname" . }}-logs
+          mountPath: /share/logs
       - name: db-init
         image: "{{ include "common.repository" . }}/{{ .Values.dbinit.image }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}

diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/values.yaml
index a9a89dd..f3f176f 100644 (file)
--- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/values.yaml
+++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-optimizer/values.yaml
@@ -25,12 +25,12 @@ subChartsOnly:
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/optf-cmso-optimizer:2.1.1
+image: onap/optf-cmso-optimizer:2.2.0
 pullPolicy: Always
 
 #init container image
 dbinit:
-  image: onap/optf-cmso-dbinit:2.1.1
+  image: onap/optf-cmso-dbinit:2.2.0
 
 # flag to enable debugging - application support required
 debugEnabled: false

diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml
index b41b840..ca45d7e 100644 (file)
--- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml
+++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/templates/deployment.yaml
@@ -45,6 +45,13 @@ spec:
         image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
         name: {{ include "common.name" . }}-readiness
+      - name: {{ include "common.name" . }}-chown
+        command: ["/bin/sh", "-c", "chown -Rf 1000:1000 /share/"]
+        image: "{{ .Values.global.busyBoxRepository }}/{{ .Values.global.busyBoxImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        volumeMounts:
+        - name: {{ include "common.fullname" . }}-logs
+          mountPath: /share/logs
       - name: db-init
         image: "{{ include "common.repository" . }}/{{ .Values.dbinit.image }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}

diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml
index 345f03d..90a74bd 100644 (file)
--- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml
+++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-service/values.yaml
@@ -25,13 +25,13 @@ subChartsOnly:
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/optf-cmso-service:2.1.1
-robotimage: onap/optf-cmso-robot:2.1.1
+image: onap/optf-cmso-service:2.2.0
+robotimage: onap/optf-cmso-robot:2.2.0
 pullPolicy: Always
 
 #init container image
 dbinit:
-  image: onap/optf-cmso-dbinit:2.1.1
+  image: onap/optf-cmso-dbinit:2.2.0
 
 # flag to enable debugging - application support required
 debugEnabled: false

diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/deployment.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/deployment.yaml
index 53d1b26..0b0b7e0 100644 (file)
--- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/deployment.yaml
+++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/templates/deployment.yaml
@@ -30,6 +30,14 @@ spec:
         app: {{ include "common.name" . }}
         release: {{ include "common.release" . }}
     spec:
+      initContainers:
+      - name: {{ include "common.name" . }}-chown
+        command: ["/bin/sh", "-c", "chown -Rf 1000:1000 /share/"]
+        image: "{{ .Values.global.busyBoxRepository }}/{{ .Values.global.busyBoxImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        volumeMounts:
+          - name: {{ include "common.fullname" . }}-logs
+            mountPath: /share/logs
       containers:
       - name: {{ include "common.name" . }}
         image: "{{ include "common.repository" . }}/{{ .Values.image }}"

diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml
index 300a72c..846245a 100644 (file)
--- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml
+++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-ticketmgt/values.yaml
@@ -20,13 +20,12 @@ global: # global defaults
   readinessRepository: oomk8s
   readinessImage: readiness-check:2.0.0
   authentication: proprietary-auth
-  
 subChartsOnly:
   enabled: true
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/optf-cmso-ticketmgt:2.1.1
+image: onap/optf-cmso-ticketmgt:2.2.0
 pullPolicy: Always
 
 

diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/deployment.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/deployment.yaml
index 8cc4a98..a23ac43 100644 (file)
--- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/deployment.yaml
+++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/templates/deployment.yaml
@@ -30,6 +30,14 @@ spec:
         app: {{ include "common.name" . }}
         release: {{ include "common.release" . }}
     spec:
+      initContainers:
+      - name: {{ include "common.name" . }}-chown
+        command: ["/bin/sh", "-c", "chown -Rf 1000:1000 /share/"]
+        image: "{{ .Values.global.busyBoxRepository }}/{{ .Values.global.busyBoxImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        volumeMounts:
+        - name: {{ include "common.fullname" . }}-logs
+          mountPath: /share/logs
       containers:
       - name: {{ include "common.name" . }}
         image: "{{ include "common.repository" . }}/{{ .Values.image }}"

diff --git a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/values.yaml b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/values.yaml
index c8ac5d7..775da43 100644 (file)
--- a/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/values.yaml
+++ b/kubernetes/oof/charts/oof-cmso/charts/oof-cmso-topology/values.yaml
@@ -25,7 +25,7 @@ subChartsOnly:
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/optf-cmso-topology:2.1.1
+image: onap/optf-cmso-topology:2.2.0
 pullPolicy: Always
 
 

diff --git a/kubernetes/oof/charts/oof-cmso/resources/certs/org.onap.oof.jks b/kubernetes/oof/charts/oof-cmso/resources/certs/org.onap.oof.jks
index 535abaa..f1e0108 100644 (file)
Binary files a/kubernetes/oof/charts/oof-cmso/resources/certs/org.onap.oof.jks and b/kubernetes/oof/charts/oof-cmso/resources/certs/org.onap.oof.jks differ

diff --git a/kubernetes/oof/charts/oof-cmso/resources/certs/org.onap.oof.keyfile b/kubernetes/oof/charts/oof-cmso/resources/certs/org.onap.oof.keyfile
index f85a567..78a6afb 100644 (file)
--- a/kubernetes/oof/charts/oof-cmso/resources/certs/org.onap.oof.keyfile
+++ b/kubernetes/oof/charts/oof-cmso/resources/certs/org.onap.oof.keyfile
@@ -1,27 +1,27 @@
-liD-IR8Y1MHqPDTUqq3AaTtqnWn5jCpfIRBlyi6xY4A0fbQz8ZPlTZPHkshRt0dHdST3R7TIvTyQ
-JpTCeBNBu2df3vBbUzsN0rIpPG9TGjzmE7cRu4V4kfefSqsIj-S7OTAaWaWpwGWJYLLCB2sQALkS
-f68VWdupUEw3g9jqCU1QzjKOnLGvhlp6Qrc1xG4Z5Ar8WERw-C3DqTWUKANoEvjWkvH2rAywzj93
-pmspvd5fQfH1rp1ACNvnPrRb_oYNfwPrNpE7Sb4LvM1muoiKMDF64IDO0TkxhjHZ9wpJgVsnowby
-qmokqf39dMRRk3S1IEpOiBGyLS_885JDj_XJKYRQsjvkTzjpFJ7wE2-HDZEVWCITvtS9-Xorm5TI
-3iU4rjMDew5fkBnjoKuSOS7Lksva4ouZOCiUkDos1jAJ5XMDEQm4BcPHtcW6PpC602-qRcgnNjjP
-wOPdF7hCm27ZTai3lAtNGByR7oBr9r5Uma-soORFvg8drV8Rgh0lax-poFVhoEH7RhKPIzYpSco9
-jnpURzi_epTjAhjjup-erTv2GAIllKsSEHZLbfsFWlNUZTOx58PSB0jBN5m_8HxTyNm0zsm0Cb7U
-KsjPduQ5ZblsfRIJwqpOBXoof7WerKReMZSOdgjZUNueiuEImVH9_SYOdKZhkluSi4yfEtme7CCP
-kZ2JhdiT5km3SeonalhU2MUsx60krxyQ1mnjI4jS9QagUME4mujdvM_L7mtjcPZVSfXUn49whakE
-J-NQV6q2iZgN2IxsT_uCnlZYwnE5i-IbQkQAEu13m6ETsMmf0cwPnKaSwRhb8G48EkJhTL-GP9Z0
--EsIKT7lQt7kfX-mmNoEirTg9gQAaN3uxLmdHvXpeJdlETnnaLYYJJ3h-SL0e_5Yz2SpdsEwZ3Bk
-PtR-QvlYKDhG1nhPOna65ctCzn81PZOUP3lsO6MSTOK6D6Taxfh1TYEBAvzCP0BfFBodw4lSglFP
-I5IfdiJmomTGARa36nC_O5YzH_jBWLQrgd2gxI5H5bB-5zqzu79SGX9o2_LRVY_LVV0BmI3xSYOI
-vziYYC1XyTY6blfdiOM5a5KjraErxSTEFZVFrsx4OQ_dLA0woVtixawrIy1rgfQr49U1oIRe8BgN
-j3eis_UQAbPbmdbEe1qtXnvi6T7trHskzt6K-vTgo5ITJkr-F2Sds_QgNdaFBGuES6X5RwRGlbHT
-Tl_M8Ja_1K-RMNKJRssoRTKstpwnrhk9IcoSwYcLykbDLgeC0mhSMHOOuWv1RGRaZdzObc5YA1eB
-idQmzy5xAHzNxPHHrB-fpjFJRYv_QZY9qZcGvP58d6bHO0upxbj-BBt9zfc7Qt0JLU6EAdYbW5TI
-2v4JImikrx6KvtoK8vcjJMTDAanTVB31J65tat0rq9wYKxUdjBJLzkT3psYs_DRtYQc0i02YTD7t
-dWya0-3p1Yrt0em3XGb8JAh2PA3BsQKmvKAOc054wf_B8n8saxSFw1WQL30vU5c4-Z_p53HfaUYd
-Qg7DZskzgwBRy48sLJNCrn81RtxXfQP1XtPEZs-AAlTUslHoUdoQ1cwrYEgkNT1cjk6sLI_oKSK-
-dDICBnlYLrZRBS3sH8K38WaIh1WRY6vbGVDs1tUectUpng_-Khavd0Crw7D_CE6T7Rnfcn0pnTV-
-HW1PIXejFsONQn-2c3a9HZ-v6Hg4JL6UWm-qgBPC5118ymO0LfmrviAFAC6Wt3WFiNzrvx9Jggus
-lE0qvLVfkQVZXAy-hSPHlYZmtxk5voVsf60qPoDN2-NdpWz62M9PrXd_A03YGxzt0G6J4VXExRES
-xqLeGNGB496AfX_vEub97sR8xcbbUXsyt12uVnygifGyND60coikaKrMktv2OLOLEl8AudLp0ZNA
-oOoYJZqfUnQqaLt0dNmNa5OtzYjf7f6bYX0V8XLTHlFqZ6QzqYGFMPNhDYjqtet6d--Q8t7_5S5C
-RfXP8Wh8CjbEh2_rsr9rvy1nhM_Cptxc0BFXcS5Dt_R4vjd2G4B_LEC4Hy1s_rZThzUVxRCl
\ No newline at end of file
+dX1X5XcwStbiOmKV2k-px6nukVP3Ucg3mB6Rx3IyAyAQOZx8nU-TBK9kOV635VI5559pLF6z7jGR
+BcBfEgQtiO93vGKsSfkiVjorFz5UDqqXvoW6kFz4yQHBYR8cfFIRQ4L6mitfrs6gsM0d7CBqBz29
+I5lyzeSzmaPmJDP92jw--y3cvGRYYNLGvl3U3IIeCFX9IkDY29OZazaQaihAZx2trjLZKEeuzLN1
+6JQGbKEqCCRzZ46TXnH1DKRPxxV2aNzb_3I8402XUmlGBPf0Ucyj2wlBWrSApVVaxKKIEgIjf7vs
+x2fEMD-ye--2MkalDZ6Tm_x75GFKiia7Uc2fBBb4xHGZZEmKTh4php1Gu3v1bVY8hjXXVTpF-WXm
+cm9T4uczm_CgnKE4PtqLnYQg87LI8ONbWIE5jkgu1D4lhWkzO8nMrQlnFT0HlB-CRGu_xRsIWvnc
+bTA8K4iKJMHm7IhRfrBFNRBSq8AH_9LoUfTQ62C-Nt8g6Wu7ox6fO_dus1S9H9ndNzos31IVrn1h
+5QHxuBCUORISWjGoEQSM6spz3pyvbNMgKpkkg2izwXzDwc3RbqOgiSY8WtpKXuWceU-Ltl_npFpO
+O1suykGF6fnuql87ERJ7mcEiNd8L2_GuxTr-0YbbWgCK2IBDyfNc6ayTcjN0huoF72umE0ODQ0aK
+0HUAWAV4W6cWXEj7iOpMx1jkDURbWEdPetlz-LZKv7aN3s65Cl4Nib7ltWrs9ilP5J-KUKTkUPpM
+poBWXVZf4IjNx3H2KFzdLeGSXO3kG46tQDeeloFuY2yk1FWeyS9xLS60H2komdIW6qRVVBzeJHRN
+7dYMK5AhAgOghhe5XBhH1yHVdjLJuOMXPRrXe8dTyNU6fD1rHuvGukwSLW9lXsQkJBENfsIxY-At
+-j6Gm54G_Dz5k7tu7ThpCREVxNoBDMOBC_RemS0P-pqHSEpxEc0OjLQbVSPBQRa3eaRiqLMz_dop
+FGJt56UE73Qn0HWQw16lSdKSDtuSlByEwbQ8fRFN6e2f6DCHwW81kPpfJBcoPgO4RcoazNfbLXGI
+c3q9SSpOy6r33lPT8ZigURWiNqgO2NgWswAhaN1lllbXooQxhmTnokTxi8lbQ45ZMI0n5TKFJVAB
+TtEpi4VESECsda-Rlt2w-SE9QMSSxbdYcoMutupHoj2EuRcEDAW9ghLcfBqBkGapS_Vk-E7VYBqT
+mCzuKx5WdvNj9RFCIHq7U6axpddRd7XGgKhQwyLo075DLlpULcXjHegh2Dv_U-CgwMc7J4NfCNYL
+atLIkKAhxiaHt7nkhSVKsJK89-7_NQd-OubYnUNMREoEBJautCFfyiL5fooEb2Vdu1S-27fAYk3f
+9Zv4j_lwldSGBkNZg8vKGsSLgl9acdXld_zyUI9iGe-cj5eibI7LLpaxRL9UyBJWvElyDdTQvTZL
+DdpWmy3QF9GUGx0AwZixPixXdIHmmu2yOu1kFqNAjHqfVfoyNETlGrQRM5IPQ6RmBhWC3Iv5mSNA
+FZ0J95bvy9_HS718wAhlEiw4B6FGnTR8KZozfOtr2ihh8QybBgvvJrs-68RIB56gWyavbn-aAnXi
+zTI1YYCVzBDVv4XPzqK4itVl5gPb3KCHPUSlrVhkPLXAUix3b4-nu4pk8veAE1CYZCIy_GqPNUOT
+LqLl4-WMHodF7SLNzvPSqgolCC1TjnuO1ysOHlK86W7nZPyrpnideiLbGs6G51cG0pIcDIyWNm6d
+9TXQTiRx87cZxRxEEFz57ftjqy3qhg_sw2ziFWOeItEO6OaOgwfH2OtMToeBWiJepyfG1eB4n7jH
+OsTQLSvCt2gHI1zXyCtYBZKeZI2dxO6cOdh5ljIuS0rABHe1BP2ZkKmJIXoEPFstJlAz4GPaghL4
+8rCndhdyoW7CayzBAAe5balYq63qjqUD_eOIp-pHcEe0Mfbmzu4CDSK8-40Qia6ApskFsRCkzu1V
+Pf1fH6-3rvQZFqt6irr_7HWUFhGRcXw9kBOy8h24nTawv-L6eydW5iX0pwRMz_QfHo_Krm6O
\ No newline at end of file

diff --git a/kubernetes/oof/charts/oof-cmso/values.yaml b/kubernetes/oof/charts/oof-cmso/values.yaml
index 2b8ad94..b1c3561 100644 (file)
--- a/kubernetes/oof/charts/oof-cmso/values.yaml
+++ b/kubernetes/oof/charts/oof-cmso/values.yaml
@@ -56,9 +56,11 @@ global:
   keystoreFile: "org.onap.oof.jks"
   loggingRepository: docker.elastic.co
   loggingImage: beats/filebeat:5.5.0
-  keystorePassword: N{$tSp*U)RQzjqE;)%4z;Pv[
+  keystorePassword: OA7*y0PEGTma?$be2z#0$:L]
   truststorePassword:
   authentication: aaf-auth
+  busyBoxImage: busybox:1.30
+  busyBoxRepository: docker.io
 
 flavor: small
 

diff --git a/kubernetes/oof/charts/oof-has/charts/oof-has-api/templates/deployment.yaml b/kubernetes/oof/charts/oof-has/charts/oof-has-api/templates/deployment.yaml
index 782160b..ae859cf 100755 (executable)
--- a/kubernetes/oof/charts/oof-has/charts/oof-has-api/templates/deployment.yaml
+++ b/kubernetes/oof/charts/oof-has/charts/oof-has-api/templates/deployment.yaml
@@ -85,7 +85,7 @@ spec:
           image: "{{ include "common.repository" . }}/{{ .Values.global.image.optf_has }}"
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
           command: ["/bin/bash","-c"]
-          args: ["nginx && /usr/local/bin/uwsgi -s /run/conductor/uwsgi.sock --chmod-socket=777 --wsgi-file /etc/nginx/conductor.wsgi --callable application --set port=80 --die-on-term --exit-on-reload --logto /opt/conductor-uwsgi.log --pidfile /run/conductor/conductor-uwsgi.pid --enable-threads --workers 6 --master --vacuum --single-interpreter --socket-timeout 10 --max-worker-lifetime 300 --max-requests 100 --no-defer-accept --logfile-chown --logfile-chmod 664 --protocol=uwsgi --socket 0.0.0.0:80"]
+          args: ["nginx && /usr/local/bin/uwsgi -s /run/conductor/uwsgi.sock --chmod-socket=777 --wsgi-file /etc/nginx/conductor.wsgi --callable application --set port=80 --die-on-term --exit-on-reload --logto /var/log/conductor-uwsgi.log --pidfile /run/conductor/conductor-uwsgi.pid --enable-threads --workers 6 --master --vacuum --single-interpreter --socket-timeout 10 --max-worker-lifetime 300 --max-requests 100 --no-defer-accept --logfile-chown --logfile-chmod 664 --protocol=uwsgi --socket 0.0.0.0:80"]
           ports:
           - containerPort: {{ .Values.liveness.periodSeconds }}
           # disable liveness probe when breakpoints set in debugger

diff --git a/kubernetes/oof/charts/oof-has/resources/config/log.conf b/kubernetes/oof/charts/oof-has/resources/config/log.conf
index 0fb963e..9e4e29a 100755 (executable)
--- a/kubernetes/oof/charts/oof-has/resources/config/log.conf
+++ b/kubernetes/oof/charts/oof-has/resources/config/log.conf
@@ -33,31 +33,31 @@ args=(sys.stdout,)
 class=handlers.TimedRotatingFileHandler
 level=NOTSET
 formatter=generic
-args=('application.log','midnight', 1, 10)
+args=('/var/log/application.log','midnight', 1, 10)
 
 [handler_audithand]
 class=handlers.TimedRotatingFileHandler
 level=INFO
 formatter=audit
-args=('audit.log', 'midnight', 1, 10)
+args=('/var/log/audit.log', 'midnight', 1, 10)
 
 [handler_metrichand]
 class=handlers.TimedRotatingFileHandler
 level=INFO
 formatter=metric
-args=('metric.log','midnight', 1, 10)
+args=('/var/log/metric.log','midnight', 1, 10)
 
 [handler_errhand]
 class=handlers.TimedRotatingFileHandler
 level=ERROR
 formatter=error
-args=('error.log','midnight', 1, 10)
+args=('/var/log/error.log','midnight', 1, 10)
 
 [handler_debughand]
 class=handlers.TimedRotatingFileHandler
 level=DEBUG
 formatter=generic
-args=('debug.log','midnight', 1, 10)
+args=('/var/log/debug.log','midnight', 1, 10)
 
 [formatters]
 keys=generic,audit,metric,error

diff --git a/kubernetes/policy/charts/brmsgw/templates/deployment.yaml b/kubernetes/policy/charts/brmsgw/templates/deployment.yaml
index 6ff76dd..5bbffb5 100644 (file)
--- a/kubernetes/policy/charts/brmsgw/templates/deployment.yaml
+++ b/kubernetes/policy/charts/brmsgw/templates/deployment.yaml
@@ -32,6 +32,24 @@ spec:
         release: {{ include "common.release" . }}
     spec:
       initContainers:
+      - command:
+        - sh
+        args:
+        - -c
+        - "cd /config-input && for PFILE in `ls -1 *.conf`; do envsubst <${PFILE} >/config/${PFILE}; done"
+        env:
+        - name: JDBC_USER
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
+        - name: JDBC_PASSWORD
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }}
+        volumeMounts:
+        - mountPath: /config-input
+          name: pe
+        - mountPath: /config
+          name: pe-processed
+        image: "{{ .Values.global.envsubstImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        name: {{ include "common.name" . }}-update-config
       - command:
         - /root/ready.py
         args:
@@ -84,7 +102,7 @@ spec:
           name: pe-brmsgw
           subPath: brmsgw.conf
         - mountPath: /tmp/policy-install/config/base.conf
-          name: pe
+          name: pe-processed
           subPath: base.conf
         - mountPath: /tmp/policy-install/do-start.sh
           name: pe-scripts
@@ -115,5 +133,8 @@ spec:
           configMap:
             name: {{ include "common.fullname" . }}-pe-configmap
             defaultMode: 0755
+        - name: pe-processed
+          emptyDir:
+            medium: Memory
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"

diff --git a/kubernetes/policy/charts/brmsgw/values.yaml b/kubernetes/policy/charts/brmsgw/values.yaml
index 08afdee..f578f09 100644 (file)
--- a/kubernetes/policy/charts/brmsgw/values.yaml
+++ b/kubernetes/policy/charts/brmsgw/values.yaml
@@ -20,6 +20,7 @@ global:
   nodePortPrefix: 302
   readinessRepository: oomk8s
   readinessImage: readiness-check:2.0.2
+  envsubstImage: dibi/envsubst
 
 #################################################################
 # Secrets metaconfig

diff --git a/kubernetes/policy/charts/drools/resources/configmaps/feature-healthcheck.properties b/kubernetes/policy/charts/drools/resources/configmaps/feature-healthcheck.properties
new file mode 100644 (file)
index 0000000..189248f
--- /dev/null
+++ b/kubernetes/policy/charts/drools/resources/configmaps/feature-healthcheck.properties
@@ -0,0 +1,47 @@
+###
+# ============LICENSE_START=======================================================
+# feature-healthcheck
+# ================================================================================
+# Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+###
+
+http.server.services=HEALTHCHECK
+http.server.services.HEALTHCHECK.host=0.0.0.0
+http.server.services.HEALTHCHECK.port=6969
+http.server.services.HEALTHCHECK.restClasses=org.onap.policy.drools.healthcheck.RestHealthCheck
+http.server.services.HEALTHCHECK.managed=false
+http.server.services.HEALTHCHECK.swagger=true
+http.server.services.HEALTHCHECK.userName=${envd:HEALTHCHECK_USER}
+http.server.services.HEALTHCHECK.password=${envd:HEALTHCHECK_PASSWORD}
+http.server.services.HEALTHCHECK.https=true
+http.server.services.HEALTHCHECK.aaf=${envd:AAF:false}
+http.server.services.HEALTHCHECK.serialization.provider=org.onap.policy.common.gson.JacksonHandler,org.onap.policy.common.endpoints.http.server.YamlJacksonHandler
+
+http.client.services=PAP
+
+http.client.services.PAP.host={{ .Values.global.pap.nameOverride }}
+http.client.services.PAP.port=9091
+http.client.services.PAP.contextUriPath=pap/test
+http.client.services.PAP.https=true
+http.client.services.PAP.userName=${envd:PAP_LEGACY_USERNAME}
+http.client.services.PAP.password=${envd:PAP_LEGACY_PASSWORD}
+
+http.client.services.PDP.host={{ .Values.global.pdp.nameOverride }}
+http.client.services.PDP.port=8081
+http.client.services.PDP.contextUriPath=pdp/test
+http.client.services.PDP.https=true
+http.client.services.PDP.userName=${envd:PDP_LEGACY_USERNAME}
+http.client.services.PDP.password=${envd:PDP_LEGACY_PASSWORD}

diff --git a/kubernetes/policy/charts/drools/resources/secrets/credentials.conf b/kubernetes/policy/charts/drools/resources/secrets/credentials.conf
index ee2acc4..bb2b90c 100644 (file)
--- a/kubernetes/policy/charts/drools/resources/secrets/credentials.conf
+++ b/kubernetes/policy/charts/drools/resources/secrets/credentials.conf
@@ -34,9 +34,15 @@ POLICY_PDP_PAP_API_SECRET={{.Values.dmaap.pap.secret}}
 PAP_USERNAME={{.Values.pap.user}}
 PAP_PASSWORD={{.Values.pap.password}}
 
+PAP_LEGACY_USERNAME={{.Values.papl.user}}
+PAP_LEGACY_PASSWORD={{.Values.papl.password}}
+
 PDP_USERNAME={{.Values.pdp.user}}
 PDP_PASSWORD={{.Values.pdp.password}}
 
+PDP_LEGACY_USERNAME={{.Values.pdpl.user}}
+PDP_LEGACY_PASSWORD={{.Values.pdpl.password}}
+
 AAI_USERNAME={{.Values.aai.user}}
 AAI_PASSWORD={{.Values.aai.password}}
 

diff --git a/kubernetes/policy/charts/drools/values.yaml b/kubernetes/policy/charts/drools/values.yaml
index b62772d..58ce2d0 100644 (file)
--- a/kubernetes/policy/charts/drools/values.yaml
+++ b/kubernetes/policy/charts/drools/values.yaml
@@ -115,6 +115,14 @@ pdp:
   user: healthcheck
   password: zb!XztG34
 
+papl:
+  user: testpap
+  password: alpha123
+
+pdpl:
+  user: testpdp
+  password: alpha123
+
 aai:
   user: policy@policy.onap.org
   password: demo123456!

diff --git a/kubernetes/policy/charts/pap/resources/config/config.json b/kubernetes/policy/charts/pap/resources/config/config.json
index e4517c7..544ecdf 100644 (file)
--- a/kubernetes/policy/charts/pap/resources/config/config.json
+++ b/kubernetes/policy/charts/pap/resources/config/config.json
@@ -41,8 +41,8 @@
         "implementation": "org.onap.policy.models.provider.impl.DatabasePolicyModelsProviderImpl",
         "databaseDriver": "org.mariadb.jdbc.Driver",
         "databaseUrl": "jdbc:mariadb://{{ .Values.global.mariadb.service.name }}:{{ .Values.global.mariadb.service.internalPort }}/{{ .Values.global.mariadb.config.mysqlDatabase }}",
-        "databaseUser": "{{ .Values.global.mariadb.config.userName }}",
-        "databasePassword": "{{ .Values.global.mariadb.config.userPassword | b64enc }}",
+        "databaseUser": "${SQL_USER}",
+        "databasePassword": "${SQL_PASSWORD_BASE64}",
         "persistenceUnit": "PolicyMariaDb"
     },
     "topicParameterGroup": {

diff --git a/kubernetes/policy/charts/pap/templates/deployment.yaml b/kubernetes/policy/charts/pap/templates/deployment.yaml
index caef521..85ca9c1 100644 (file)
--- a/kubernetes/policy/charts/pap/templates/deployment.yaml
+++ b/kubernetes/policy/charts/pap/templates/deployment.yaml
@@ -31,6 +31,25 @@ spec:
         image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
         name: {{ include "common.name" . }}-readiness
+
+      - command:
+        - sh
+        args:
+        - -c
+        - "export SQL_PASSWORD_BASE64=`echo -n ${SQL_PASSWORD} | base64`; cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done"
+        env:
+        - name: SQL_USER
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
+        - name: SQL_PASSWORD
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }}
+        volumeMounts:
+        - mountPath: /config-input
+          name: papconfig
+        - mountPath: /config
+          name: papconfig-processed
+        image: "{{ .Values.global.envsubstImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        name: {{ include "common.name" . }}-update-config
       containers:
         - name: {{ include "common.name" . }}
           image: "{{ include "common.repository" . }}/{{ .Values.image }}"
@@ -58,7 +77,7 @@ spec:
             name: localtime
             readOnly: true
           - mountPath: /opt/app/policy/pap/etc/mounted
-            name: papconfig
+            name: papconfig-processed
           resources:
 {{ include "common.resources" . | indent 12 }}
         {{- if .Values.nodeSelector }}
@@ -77,5 +96,8 @@ spec:
           configMap:
             name: {{ include "common.fullname" . }}-configmap
             defaultMode: 0755
+        - name: papconfig-processed
+          emptyDir:
+            medium: Memory
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"

diff --git a/kubernetes/policy/charts/pap/templates/secrets.yaml b/kubernetes/policy/charts/pap/templates/secrets.yaml
new file mode 100644 (file)
index 0000000..bd7eb8e
--- /dev/null
+++ b/kubernetes/policy/charts/pap/templates/secrets.yaml
@@ -0,0 +1,15 @@
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{ include "common.secretFast" . }}

diff --git a/kubernetes/policy/charts/pap/values.yaml b/kubernetes/policy/charts/pap/values.yaml
index 05f43d6..7edb3ab 100644 (file)
--- a/kubernetes/policy/charts/pap/values.yaml
+++ b/kubernetes/policy/charts/pap/values.yaml
@@ -22,6 +22,18 @@
 #################################################################
 global:
   persistence: {}
+  envsubstImage: dibi/envsubst
+
+#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+  - uid: db-secret
+    type: basicAuth
+    externalSecret: '{{ tpl (default "" .Values.db.credsExternalSecret) . }}'
+    login: '{{ .Values.db.user }}'
+    password: '{{ .Values.db.password }}'
+    passwordPolicy: required
 
 #################################################################
 # Application configuration defaults.
@@ -36,6 +48,10 @@ debugEnabled: false
 
 # application configuration
 
+db:
+  user: policy_user
+  password: policy_user
+
 # default number of instances
 replicaCount: 1
 

diff --git a/kubernetes/policy/charts/pdp/templates/statefulset.yaml b/kubernetes/policy/charts/pdp/templates/statefulset.yaml
index 16d5fb5..e55f9d0 100644 (file)
--- a/kubernetes/policy/charts/pdp/templates/statefulset.yaml
+++ b/kubernetes/policy/charts/pdp/templates/statefulset.yaml
@@ -36,6 +36,24 @@ spec:
         release: {{ include "common.release" . }}
     spec:
       initContainers:
+      - command:
+        - sh
+        args:
+        - -c
+        - "cd /config-input && for PFILE in `ls -1 *.conf`; do envsubst <${PFILE} >/config/${PFILE}; done"
+        env:
+        - name: JDBC_USER
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
+        - name: JDBC_PASSWORD
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }}
+        volumeMounts:
+        - mountPath: /config-input
+          name: pe
+        - mountPath: /config
+          name: pe-processed
+        image: "{{ .Values.global.envsubstImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        name: {{ include "common.name" . }}-update-config
       - command:
         - /root/ready.py
         args:
@@ -84,7 +102,7 @@ spec:
           name: localtime
           readOnly: true
         - mountPath: /tmp/policy-install/config/base.conf
-          name: pe
+          name: pe-processed
           subPath: base.conf
         - mountPath: /tmp/policy-install/config/pdp-tweaks.sh
           name: pe-pdp
@@ -144,5 +162,8 @@ spec:
         configMap:
           name: {{ include "common.fullname" . }}-pe-configmap
           defaultMode: 0755
+      - name: pe-processed
+        emptyDir:
+          medium: Memory
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"

diff --git a/kubernetes/policy/charts/policy-api/resources/config/config.json b/kubernetes/policy/charts/policy-api/resources/config/config.json
index ccfc07a..2e46cca 100644 (file)
--- a/kubernetes/policy/charts/policy-api/resources/config/config.json
+++ b/kubernetes/policy/charts/policy-api/resources/config/config.json
@@ -30,8 +30,8 @@
         "implementation": "org.onap.policy.models.provider.impl.DatabasePolicyModelsProviderImpl",
         "databaseDriver": "org.mariadb.jdbc.Driver",
         "databaseUrl": "jdbc:mariadb://{{ .Values.global.mariadb.service.name }}:{{ .Values.global.mariadb.service.internalPort }}/policyadmin",
-        "databaseUser": "{{ .Values.global.mariadb.config.userName }}",
-        "databasePassword": "{{ .Values.global.mariadb.config.userPassword | b64enc }}",
+        "databaseUser": "${SQL_USER}",
+        "databasePassword": "${SQL_PASSWORD_BASE64}",
         "persistenceUnit": "PolicyMariaDb"
     },
     "preloadPolicyTypes": [

diff --git a/kubernetes/policy/charts/policy-api/templates/deployment.yaml b/kubernetes/policy/charts/policy-api/templates/deployment.yaml
index 25e80d0..777cc49 100644 (file)
--- a/kubernetes/policy/charts/policy-api/templates/deployment.yaml
+++ b/kubernetes/policy/charts/policy-api/templates/deployment.yaml
@@ -31,6 +31,26 @@ spec:
           image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
           name: {{ include "common.name" . }}-readiness
+
+        - command:
+          - sh
+          args:
+          - -c
+          - "export SQL_PASSWORD_BASE64=`echo -n ${SQL_PASSWORD} | base64`; cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done"
+          env:
+          - name: SQL_USER
+            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }}
+          - name: SQL_PASSWORD
+            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }}
+          volumeMounts:
+          - mountPath: /config-input
+            name: apiconfig
+          - mountPath: /config
+            name: apiconfig-processed
+          image: "{{ .Values.global.envsubstImage }}"
+          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          name: {{ include "common.name" . }}-update-config
+
       containers:
         - name: {{ include "common.name" . }}
           image: "{{ include "common.repository" . }}/{{ .Values.image }}"
@@ -58,7 +78,7 @@ spec:
             name: localtime
             readOnly: true
           - mountPath: /opt/app/policy/api/etc/mounted
-            name: apiconfig
+            name: apiconfig-processed
           resources:
 {{ include "common.resources" . | indent 12 }}
         {{- if .Values.nodeSelector }}
@@ -77,5 +97,8 @@ spec:
           configMap:
             name: {{ include "common.fullname" . }}-configmap
             defaultMode: 0755
+        - name: apiconfig-processed
+          emptyDir:
+            medium: Memory
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"

diff --git a/kubernetes/policy/charts/policy-api/templates/secrets.yaml b/kubernetes/policy/charts/policy-api/templates/secrets.yaml
new file mode 100644 (file)
index 0000000..bd7eb8e
--- /dev/null
+++ b/kubernetes/policy/charts/policy-api/templates/secrets.yaml
@@ -0,0 +1,15 @@
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{ include "common.secretFast" . }}

diff --git a/kubernetes/policy/charts/policy-api/values.yaml b/kubernetes/policy/charts/policy-api/values.yaml
index b5e1049..fd66b69 100644 (file)
--- a/kubernetes/policy/charts/policy-api/values.yaml
+++ b/kubernetes/policy/charts/policy-api/values.yaml
@@ -22,6 +22,18 @@
 global:
   nodePortPrefix: 304
   persistence: {}
+  envsubstImage: dibi/envsubst
+
+#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+  - uid: db-secret
+    type: basicAuth
+    externalSecret: '{{ tpl (default "" .Values.db.credsExternalSecret) . }}'
+    login: '{{ .Values.db.user }}'
+    password: '{{ .Values.db.password }}'
+    passwordPolicy: required
 
 #################################################################
 # Application configuration defaults.
@@ -35,6 +47,9 @@ pullPolicy: Always
 debugEnabled: false
 
 # application configuration
+db:
+  user: policy_user
+  password: policy_user
 
 # default number of instances
 replicaCount: 1

diff --git a/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf b/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf
index 93b02e7..810b090 100644 (file)
--- a/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf
+++ b/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf
@@ -21,8 +21,9 @@ TRUSTSTORE_PASSWD=Pol1cy_0nap
 JDBC_DRIVER=org.mariadb.jdbc.Driver
 JDBC_URL=jdbc:mariadb://{{ .Values.global.mariadb.service.name }}:{{ .Values.global.mariadb.service.internalPort }}/onap_sdk?connectTimeout=30000&socketTimeout=60000&log=true&sessionVariables=max_statement_time=30
 JDBC_LOG_URL=jdbc:mariadb://{{ .Values.global.mariadb.service.name }}:{{ .Values.global.mariadb.service.internalPort }}/log?connectTimeout=30000&socketTimeout=60000&log=true&sessionVariables=max_statement_time=30
-JDBC_USER={{ .Values.global.mariadb.config.userName }}
-JDBC_PASSWORD={{ .Values.global.mariadb.config.userPassword }}
+
+JDBC_USER=${JDBC_USER}
+JDBC_PASSWORD=${JDBC_PASSWORD}
 
 site_name=site_1
 fp_monitor_interval=30

diff --git a/kubernetes/policy/templates/deployment.yaml b/kubernetes/policy/templates/deployment.yaml
index 8a0db8a..7f96888 100644 (file)
--- a/kubernetes/policy/templates/deployment.yaml
+++ b/kubernetes/policy/templates/deployment.yaml
@@ -32,6 +32,24 @@ spec:
         release: {{ include "common.release" . }}
     spec:
       initContainers:
+      - command:
+        - sh
+        args:
+        - -c
+        - "cd /config-input && for PFILE in `ls -1 *.conf`; do envsubst <${PFILE} >/config/${PFILE}; done"
+        env:
+        - name: JDBC_USER
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
+        - name: JDBC_PASSWORD
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }}
+        volumeMounts:
+        - mountPath: /config-input
+          name: pe
+        - mountPath: /config
+          name: pe-processed
+        image: "{{ .Values.global.envsubstImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        name: {{ include "common.name" . }}-update-config
       - command:
         - /root/ready.py
         args:
@@ -100,7 +118,7 @@ spec:
             name: pe-pap
             subPath: console.conf
           - mountPath: /tmp/policy-install/config/base.conf
-            name: pe
+            name: pe-processed
             subPath: base.conf
           - mountPath: /tmp/policy-install/do-start.sh
             name: pe-scripts
@@ -157,5 +175,8 @@ spec:
           configMap:
             name: {{ include "common.fullname" . }}-pe-configmap
             defaultMode: 0755
+        - name: pe-processed
+          emptyDir:
+            medium: Memory
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"

diff --git a/kubernetes/policy/templates/job.yaml b/kubernetes/policy/templates/job.yaml
index 8190414..f6a1ace 100644 (file)
--- a/kubernetes/policy/templates/job.yaml
+++ b/kubernetes/policy/templates/job.yaml
@@ -57,14 +57,11 @@ spec:
         - /dbcmd-config/db.sh
         env:
         - name: MYSQL_ROOT_PASSWORD
-          valueFrom:
-            secretKeyRef:
-              name: {{ template "common.fullname" . }}-secret
-              key: db-root-password
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-root-password" "key" "password") | indent 10 }}
         - name: MYSQL_HOST
           value: "{{ index .Values "mariadb-galera" "service" "name" }}"
         - name: MYSQL_USER
-          value: "{{ index .Values "mariadb-galera" "config" "userName" }}"
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
         - name: MYSQL_PORT
           value: "{{ index .Values "mariadb-galera" "service" "internalPort" }}"
       restartPolicy: Never

diff --git a/kubernetes/policy/templates/secrets.yaml b/kubernetes/policy/templates/secrets.yaml
index 6b8bc41..c1f98ba 100644 (file)
--- a/kubernetes/policy/templates/secrets.yaml
+++ b/kubernetes/policy/templates/secrets.yaml
@@ -13,17 +13,4 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ include "common.fullname" . }}-secret
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-type: Opaque
-data:
-  db-user-password: {{ index .Values "mariadb-galera" "config" "userPassword" | b64enc | quote }}
-  db-root-password: {{ index .Values "mariadb-galera" "config" "mariadbRootPassword" | b64enc | quote }}
+{{ include "common.secretFast" . }}

diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml
index 1ac00c7..524fe99 100644 (file)
--- a/kubernetes/policy/values.yaml
+++ b/kubernetes/policy/values.yaml
@@ -22,6 +22,7 @@ global:
   readinessImage: readiness-check:2.0.2
   loggingRepository: docker.elastic.co
   loggingImage: beats/filebeat:5.5.0
+  envsubstImage: dibi/envsubst
   ubuntuImage: ubuntu:16.04
   pdp:
     nameOverride: pdp
@@ -37,15 +38,30 @@ global:
     # '&mariadbConfig' means we "store" the values for  later use in the file
     # with '*mariadbConfig' pointer.
     config: &mariadbConfig
-      userName: policy_user
-      userPassword: policy_user
-      mariadbRootPassword: secret
       mysqlDatabase: policyadmin
     service: &mariadbService
       name: policy-mariadb
       portName: mysql-policy
       internalPort: 3306
 
+#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+  - uid: db-root-password
+    name: &dbRootPassSecretName '{{ include "common.release" . }}-policy-db-root-password'
+    type: password
+    externalSecret: '{{ ternary "" (tpl (default "" (index .Values "mariadb-galera" "config" "mariadbRootPasswordExternalSecret")) .) (hasSuffix "policy-db-root-password" (index .Values "mariadb-galera" "config" "mariadbRootPasswordExternalSecret"))}}'
+    password: '{{ (index .Values "mariadb-galera" "config" "mariadbRootPassword") }}'
+    policy: generate
+  - uid: db-secret
+    name: &dbSecretName '{{ include "common.release" . }}-policy-db-secret'
+    type: basicAuth
+    externalSecret: '{{ ternary "" (tpl (default "" (index .Values "mariadb-galera" "config" "userCredentialsExternalSecret")) .) (hasSuffix "policy-db-secret" (index .Values "mariadb-galera" "config" "userCredentialsExternalSecret"))}}'
+    login: '{{ index .Values "mariadb-galera" "config" "userName" }}'
+    password: '{{ index .Values "mariadb-galera" "config" "userPassword" }}'
+    passwordPolicy: generate
+
 #################################################################
 # Application configuration defaults.
 #################################################################
@@ -58,14 +74,26 @@ pullPolicy: Always
 subChartsOnly:
   enabled: true
 
+db: &dbSecretsHook
+  credsExternalSecret: *dbSecretName
+
 pap:
   nameOverride: pap
+  db: *dbSecretsHook
 pdp:
   nameOverride: pdp
+  db: *dbSecretsHook
 drools:
   nameOverride: drools
-brmwgw:
+  db: *dbSecretsHook
+brmsgw:
   nameOverride: brmsgw
+  db: *dbSecretsHook
+policy-api:
+  db: *dbSecretsHook
+policy-xacml-pdp:
+  db: *dbSecretsHook
+
 nexus:
   nameOverride: nexus
 
@@ -112,7 +140,11 @@ ingress:
 
 mariadb-galera:
   # mariadb-galera.config and global.mariadb.config must be equals
-  config: *mariadbConfig
+  config:
+    <<: *mariadbConfig
+    userName: policy_user
+    mariadbRootPasswordExternalSecret: *dbRootPassSecretName
+    userCredentialsExternalSecret: *dbSecretName
   nameOverride: policy-mariadb
   # mariadb-galera.service and global.mariadb.service must be equals
   service: *mariadbService

diff --git a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12
deleted file mode 100644 (file)
index 9f52189..0000000
Binary files a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 and /dev/null differ

diff --git a/kubernetes/portal/charts/portal-app/resources/certs/truststoreONAPall.jks b/kubernetes/portal/charts/portal-app/resources/certs/truststoreONAPall.jks
deleted file mode 100644 (file)
index ff844b1..0000000
Binary files a/kubernetes/portal/charts/portal-app/resources/certs/truststoreONAPall.jks and /dev/null differ

diff --git a/kubernetes/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties b/kubernetes/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties
index 8d21859..63348f0 100755 (executable)
--- a/kubernetes/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties
+++ b/kubernetes/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties
@@ -1,4 +1,5 @@
 # Copyright © 2018 Amdocs, Bell Canada, AT&T
+# Modifications Copyright © 2020 AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -111,14 +112,16 @@ auditlog_del_day_from = 365
 #External system notification URL
 external_system_notification_url= https://jira.onap.org/browse/
 
+#cookie domain
+cookie_domain = onap.org
+
+{{- if .Values.global.aafEnabled }}
 # External Access System Basic Auth Credentials & Rest endpoint(These credentials doesn't work as these are place holders for now)
 ext_central_access_user_name = aaf_admin@people.osaaf.org
-ext_central_access_password = VTCIC7wfMI0Zy61wkqKQC0bF0EK2YmL2JLl1fQU2YC4=
-ext_central_access_url = https://aaf-service:8100/authz/
+ext_central_access_password = thiswillbereplacedatruntime
+ext_central_access_url = {{ .Values.aafURL }}/authz/
 ext_central_access_user_domain = @people.osaaf.org
 
 # External Central Auth system access
 remote_centralized_system_access = true
-
-#cookie domain
-cookie_domain = onap.org
+{{- end }}

diff --git a/kubernetes/portal/charts/portal-app/resources/server/server.xml b/kubernetes/portal/charts/portal-app/resources/server/server.xml
index c9515c1..dec6837 100644 (file)
--- a/kubernetes/portal/charts/portal-app/resources/server/server.xml
+++ b/kubernetes/portal/charts/portal-app/resources/server/server.xml
@@ -14,7 +14,7 @@
   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   See the License for the specific language governing permissions and
   limitations under the License.
-  
+
   Modifications to this file for use in ONAP are also subject to the Apache-2.0 license.
 -->
 <!-- Note:  A "Server" is not itself a "Container", so you may not
@@ -22,7 +22,7 @@
      Documentation at /docs/config/server.html
  -->
 <Server port="8005" shutdown="SHUTDOWN">
-  <Listener className="org.apache.catalina.startup.VersionLoggerListener" />
+  <Listener className="org.apache.catalina.startup.VersionLoggerListener" logArgs="false"/>
   <!-- Security listener. Documentation at /docs/config/listeners.html
   <Listener className="org.apache.catalina.security.SecurityListener" />
   -->
@@ -70,7 +70,10 @@
     -->
     <Connector port="8080" protocol="HTTP/1.1"
                connectionTimeout="20000"
-               redirectPort="8443" />
+    {{ if .Values.global.aafEnabled }}
+               redirectPort="8443"
+    {{ end }}
+    />
     <!-- A "Connector" using the shared thread pool-->
     <!--
     <Connector executor="tomcatThreadPool"
@@ -88,14 +91,19 @@
                maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
                clientAuth="false" sslProtocol="TLS" />
     -->
-       
-        <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
+    {{ if .Values.global.aafEnabled }}
+    <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
                maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
-               keystoreFile="{{.Values.global.keystoreFile}}" keystorePass="{{.Values.global.keypass}}" 
+               keystoreFile="{{.Values.aafConfig.credsPath}}/{{.Values.aafConfig.keystoreFile}}"
+               keystorePass="${javax.net.ssl.keyStorePassword}"
                clientAuth="false" sslProtocol="TLS" />
-
+    {{ end }}
     <!-- Define an AJP 1.3 Connector on port 8009 -->
-    <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
+    <Connector port="8009" protocol="AJP/1.3"
+    {{ if .Values.global.aafEnabled }}
+              redirectPort="8443"
+    {{ end }}
+    />
 
 
     <!-- An Engine represents the entry point (within Catalina) that processes

diff --git a/kubernetes/portal/charts/portal-app/templates/configmap.yaml b/kubernetes/portal/charts/portal-app/templates/configmap.yaml
index d19ffeb..d514fe6 100644 (file)
--- a/kubernetes/portal/charts/portal-app/templates/configmap.yaml
+++ b/kubernetes/portal/charts/portal-app/templates/configmap.yaml
@@ -1,4 +1,5 @@
 # Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2020 AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -25,3 +26,17 @@ metadata:
 data:
 {{ tpl (.Files.Glob "resources/config/deliveries/properties/ONAPPORTAL/*").AsConfig . | indent 2 }}
 {{ tpl (.Files.Glob "resources/server/*").AsConfig . | indent 2 }}
+
+{{ if .Values.global.aafEnabled }}
+{{- if .Values.aafConfig.addconfig -}}
+---
+apiVersion: v1
+kind: ConfigMap
+{{- $suffix := "aaf-add-config" }}
+metadata: {{- include "common.resourceMetadata" (dict "suffix" $suffix "dot" . )| nindent 2 }}
+data:
+  aaf-add-config.sh: |-
+    /opt/app/aaf_config/bin/agent.sh;/opt/app/aaf_config/bin/agent.sh local showpass \
+    {{.Values.aafConfig.fqi}} {{ .Values.aafConfig.fqdn }} > {{ .Values.aafConfig.credsPath }}/mycreds.prop
+{{- end -}}
+{{- end -}}

diff --git a/kubernetes/portal/charts/portal-app/templates/deployment.yaml b/kubernetes/portal/charts/portal-app/templates/deployment.yaml
index eb0dee0..14bbd3c 100644 (file)
--- a/kubernetes/portal/charts/portal-app/templates/deployment.yaml
+++ b/kubernetes/portal/charts/portal-app/templates/deployment.yaml
@@ -1,4 +1,5 @@
 # Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2020 AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -45,33 +46,27 @@ spec:
             fieldRef:
               apiVersion: v1
               fieldPath: metadata.namespace
+      {{- if .Values.global.aafEnabled }}
+{{ include "common.aaf-config" . | indent 6 }}
+      {{- end }}
       containers:
       - name: {{ include "common.name" . }}
         image: "{{ include "common.repository" . }}/{{ .Values.image }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        command:
-          - /start-apache-tomcat.sh
-          - -i
-          - ""
-          - -n
-          - ""
-          - -b
-          - "{{ .Values.global.env.tomcatDir }}"
+        command: ["bash","-c"]
+        {{- if .Values.global.aafEnabled }}
+        args: ["export $(grep '^c' {{ .Values.aafConfig.credsPath }}/mycreds.prop | xargs -0);\
+               export _JAVA_OPTIONS=\"-Djavax.net.ssl.trustStorePassword=$cadi_truststore_password \
+              -Djavax.net.ssl.keyStorePassword=$cadi_keystore_password_p12\";\
+              /start-apache-tomcat.sh -i \"\" -n \"\" -b {{ .Values.global.env.tomcatDir }}"]
         env:
-          - name: CATALINA_OPTS
+          - name: _CATALINA_OPTS
             value: >
-              -Djavax.net.ssl.keyStore={{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}}
-              -Djavax.net.ssl.keyStorePassword={{ .Values.global.trustpass }}
-              -Djavax.net.ssl.trustStore={{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}}
-              -Djavax.net.ssl.trustStorePassword={{ .Values.global.trustpass }}
-          - name: javax.net.ssl.keyStore
-            value: {{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}} 
-          - name: javax.net.ssl.keyStorePassword
-            value: {{ .Values.global.trustpass }}
-          - name: javax.net.ssl.trustStore
-            value: {{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}}
-          - name: javax.net.ssl.trustStorePassword
-            value: {{ .Values.global.trustpass }}
+              -Djavax.net.ssl.keyStore="{{ .Values.aafConfig.credsPath }}/{{ .Values.aafConfig.keystoreFile }}"
+              -Djavax.net.ssl.trustStore="{{ .Values.aafConfig.credsPath }}/{{ .Values.aafConfig.truststoreFile }}"
+        {{- else }}
+        args: ["/start-apache-tomcat.sh -i "" -n "" -b {{ .Values.global.env.tomcatDir }}"]
+        {{- end }}
         ports:
         - containerPort: {{ .Values.service.internalPort }}
         - containerPort: {{ .Values.service.internalPort2 }}
@@ -90,6 +85,9 @@ spec:
           initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
           periodSeconds: {{ .Values.readiness.periodSeconds }}
         volumeMounts:
+        {{- if .Values.global.aafEnabled }}
+{{ include "common.aaf-config-volume-mountpath" . | indent 8 }}
+        {{- end }}
         - mountPath: /etc/localtime
           name: localtime
           readOnly: true
@@ -117,16 +115,10 @@ spec:
         - name: properties-onapportal
           mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTAL/WEB-INF/web.xml"
           subPath: web.xml
-        - name: authz-onapportal
-          mountPath: "{{ .Values.global.env.tomcatDir }}/{{ .Values.global.keystoreFile}}"
-          subPath: {{ .Values.global.keystoreFile}}
-        - name: authz-onapportal
-          mountPath: "{{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}}"
-          subPath: {{ .Values.global.truststoreFile}}          
         - name: var-log-onap
           mountPath: /var/log/onap
         resources:
-{{ include "common.resources" . | indent 12 }}
+{{ include "common.resources" . }}
       {{- if .Values.nodeSelector }}
       nodeSelector:
 {{ toYaml .Values.nodeSelector | indent 10 }}
@@ -147,6 +139,9 @@ spec:
         - name: var-log-onap
           mountPath: /var/log/onap
       volumes:
+        {{- if .Values.global.aafEnabled }}
+{{ include "common.aaf-config-volumes" . | indent 8 }}
+        {{- end }}
         - name: localtime
           hostPath:
             path: /etc/localtime
@@ -154,9 +149,6 @@ spec:
           configMap:
             name: {{ include "common.fullname" . }}-onapportal
             defaultMode: 0755
-        - name: authz-onapportal
-          secret:
-            secretName: {{ include "common.fullname" . }}-authz-onapportal
         - name: filebeat-conf
           configMap:
             name: portal-filebeat

diff --git a/kubernetes/portal/charts/portal-app/templates/secret.yaml b/kubernetes/portal/charts/portal-app/templates/secret.yaml
index 85b0f40..a4019ef 100644 (file)
--- a/kubernetes/portal/charts/portal-app/templates/secret.yaml
+++ b/kubernetes/portal/charts/portal-app/templates/secret.yaml
@@ -1,4 +1,5 @@
 # Copyright © 2018 Amdocs, Bell Canada, AT&T
+# Modifications Copyright © 2020 AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -12,16 +13,4 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ include "common.fullname" . }}-authz-onapportal
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }}
+{{ include "common.secretFast" . }}

diff --git a/kubernetes/portal/charts/portal-app/values.yaml b/kubernetes/portal/charts/portal-app/values.yaml
index 59a11ad..2438827 100644 (file)
--- a/kubernetes/portal/charts/portal-app/values.yaml
+++ b/kubernetes/portal/charts/portal-app/values.yaml
@@ -1,5 +1,5 @@
 # Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
+# Modifications Copyright © 2018,2020 AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -22,15 +22,47 @@ global:
   readinessImage: readiness-check:2.0.0
   loggingRepository: docker.elastic.co
   loggingImage: beats/filebeat:5.5.0
+  #AAF service
+  aafEnabled: true
+  aafAgentImage: onap/aaf/aaf_agent:2.1.20
 
 #################################################################
 # Application configuration defaults.
 #################################################################
+
 # application image
 repository: nexus3.onap.org:10001
-image: onap/portal-app:2.6.0
+image: onap/portal-app:3.2.0
 pullPolicy: Always
 
+#AAF local config
+
+aafURL: https://aaf-service:8100/
+aafConfig:
+  aafDeployFqi: deployer@people.osaaf.org
+  aafDeployPass: demo123456!
+  fqdn: portal
+  fqi: portal@portal.onap.org
+  publicFqdn: portal.onap.org
+  cadi_latitude: "38.0"
+  cadi_longitude: "-72.0"
+  credsPath: /opt/app/osaaf/local
+  app_ns: org.osaaf.aaf
+  permission_user: 1000
+  permission_group: 999
+  addconfig: true
+  secret_uid: &aaf_secret_uid portal-app-aaf-deploy-creds
+  keystoreFile: "org.onap.portal.p12"
+  truststoreFile: "org.onap.portal.trust.jks"
+
+secrets:
+  - uid: *aaf_secret_uid
+    type: basicAuth
+    externalSecret: '{{ ternary (tpl (default "" .Values.aafConfig.aafDeployCredsExternalSecret) .) "aafIsDiabled" .Values.global.aafEnabled }}'
+    login: '{{ .Values.aafConfig.aafDeployFqi }}'
+    password: '{{ .Values.aafConfig.aafDeployPass }}'
+    passwordPolicy: required
+
 # default number of instances
 replicaCount: 1
 

diff --git a/kubernetes/portal/charts/portal-mariadb/values.yaml b/kubernetes/portal/charts/portal-mariadb/values.yaml
index e6aab2a..26afa60 100644 (file)
--- a/kubernetes/portal/charts/portal-mariadb/values.yaml
+++ b/kubernetes/portal/charts/portal-mariadb/values.yaml
@@ -24,7 +24,7 @@ global: # global defaults
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/portal-db:2.6.0
+image: onap/portal-db:3.2.0
 pullPolicy: Always
 
 readinessImage: readiness-check:2.0.0

diff --git a/kubernetes/portal/charts/portal-sdk/resources/server/server.xml b/kubernetes/portal/charts/portal-sdk/resources/server/server.xml
index 506a1ca..dffcfbe 100644 (file)
--- a/kubernetes/portal/charts/portal-sdk/resources/server/server.xml
+++ b/kubernetes/portal/charts/portal-sdk/resources/server/server.xml
@@ -94,7 +94,7 @@
     {{ if .Values.global.aafEnabled }}
     <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
                maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
-               keystoreFile="{{.Values.persistence.aafCredsPath}}/{{.Values.aafConfig.keystoreFile}}"
+               keystoreFile="{{.Values.aafConfig.credsPath}}/{{.Values.aafConfig.keystoreFile}}"
                keystorePass="${javax.net.ssl.keyStorePassword}"
                clientAuth="false" sslProtocol="TLS" />
     {{ end }}

diff --git a/kubernetes/portal/charts/portal-sdk/templates/configmap.yaml b/kubernetes/portal/charts/portal-sdk/templates/configmap.yaml
index 154276e..1dbdeed 100644 (file)
--- a/kubernetes/portal/charts/portal-sdk/templates/configmap.yaml
+++ b/kubernetes/portal/charts/portal-sdk/templates/configmap.yaml
@@ -1,5 +1,5 @@
 # Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
+# Modifications Copyright © 2018, 2020 AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -25,4 +25,18 @@ metadata:
     heritage: {{ .Release.Service }}
 data:
 {{ tpl (.Files.Glob "resources/config/deliveries/properties/ONAPPORTALSDK/*").AsConfig . | indent 2 }}
-{{ tpl (.Files.Glob "resources/server/*").AsConfig . | indent 2 }}
\ No newline at end of file
+{{ tpl (.Files.Glob "resources/server/*").AsConfig . | indent 2 }}
+
+{{ if .Values.global.aafEnabled }}
+{{- if .Values.aafConfig.addconfig -}}
+---
+apiVersion: v1
+kind: ConfigMap
+{{- $suffix := "aaf-add-config" }}
+metadata: {{- include "common.resourceMetadata" (dict "suffix" $suffix "dot" . )| nindent 2 }}
+data:
+  aaf-add-config.sh: |-
+    /opt/app/aaf_config/bin/agent.sh;/opt/app/aaf_config/bin/agent.sh local showpass \
+    {{.Values.aafConfig.fqi}} {{ .Values.aafConfig.fqdn }} > {{ .Values.aafConfig.credsPath }}/mycreds.prop
+{{- end -}}
+{{- end -}}
\ No newline at end of file

diff --git a/kubernetes/portal/charts/portal-sdk/templates/deployment.yaml b/kubernetes/portal/charts/portal-sdk/templates/deployment.yaml
index 8465d06..2de9a1b 100644 (file)
--- a/kubernetes/portal/charts/portal-sdk/templates/deployment.yaml
+++ b/kubernetes/portal/charts/portal-sdk/templates/deployment.yaml
@@ -47,71 +47,23 @@ spec:
               apiVersion: v1
               fieldPath: metadata.namespace
       {{- if .Values.global.aafEnabled }}
-      - name: {{ include "common.name" . }}-aaf-readiness
-        image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
-        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        command:
-          - /root/ready.py
-        args:
-          - --container-name
-          - aaf-locate
-          - --container-name
-          - aaf-cm
-        env:
-          - name: NAMESPACE
-            valueFrom:
-              fieldRef:
-                apiVersion: v1
-                fieldPath: metadata.namespace
-      - name: {{ include "common.name" . }}-aaf-config
-        image: "{{ include "common.repository" . }}/{{ .Values.global.aafAgentImage }}"
-        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        command: ["bash","-c"]
-        args: ["/opt/app/aaf_config/bin/agent.sh;/opt/app/aaf_config/bin/agent.sh local showpass \
-        {{.Values.aafConfig.fqi}} {{ .Values.aafConfig.fqdn }} > {{ .Values.persistence.aafCredsPath }}/mycreds.prop"]
-        volumeMounts:
-          - mountPath: {{ .Values.persistence.aafCredsPath }}
-            name: {{ include "common.fullname" . }}-aaf-config-vol
-        env:
-          - name: APP_FQI
-            value: "{{ .Values.aafConfig.fqi }}"
-          - name: aaf_locate_url
-            value: "https://aaf-locate.{{ .Release.Namespace }}:8095"
-          - name: aaf_locator_container
-            value: "{{ .Values.global.aafLocatorContainer }}"
-          - name: aaf_locator_container_ns
-            value: "{{ .Release.Namespace }}"
-          - name: aaf_locator_fqdn
-            value: "{{ .Values.aafConfig.fqdn }}"
-          - name: aaf_locator_public_fqdn
-            value: "{{.Values.aafConfig.publicFqdn}}"
-          - name: aaf_locator_app_ns
-            value: "{{ .Values.global.aafAppNs }}"
-          - name: DEPLOY_FQI
-            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aaf-deploy-creds" "key" "login") | indent 12 }}
-          - name: DEPLOY_PASSWORD
-            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aaf-deploy-creds" "key" "password") | indent 12 }}
-          - name: cadi_longitude
-            value: "{{ .Values.aafConfig.cadiLongitude }}"
-          - name: cadi_latitude
-            value: "{{ .Values.aafConfig.cadiLatitude }}"
-      {{ end }}
+{{ include "common.aaf-config" . | indent 6 }}
+      {{- end }}
       containers:
       - name: {{ include "common.name" . }}
         image: "{{ include "common.repository" . }}/{{ .Values.image }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
         command: ["bash","-c"]
         {{- if .Values.global.aafEnabled }}
-        args: ["export $(grep '^c' {{ .Values.persistence.aafCredsPath }}/mycreds.prop | xargs -0);\
+        args: ["export $(grep '^c' {{ .Values.aafConfig.credsPath }}/mycreds.prop | xargs -0);\
         export _JAVA_OPTIONS=\"-Djavax.net.ssl.trustStorePassword=$cadi_truststore_password \
         -Djavax.net.ssl.keyStorePassword=$cadi_keystore_password_p12\";\
-        cat /dev/null > {{ .Values.persistence.aafCredsPath }}/mycreds.prop;\
         /start-apache-tomcat.sh -b {{ .Values.global.env.tomcatDir }}"]
         env:
           - name: _CATALINA_OPTS
             value: >
-              -Djavax.net.ssl.keyStore="{{ .Values.persistence.aafCredsPath }}/{{ .Values.aafConfig.keystoreFile }}"
-              -Djavax.net.ssl.trustStore="{{ .Values.persistence.aafCredsPath }}/{{ .Values.aafConfig.truststoreFile }}"
+              -Djavax.net.ssl.keyStore="{{ .Values.aafConfig.credsPath }}/{{ .Values.aafConfig.keystoreFile }}"
+              -Djavax.net.ssl.trustStore="{{ .Values.aafConfig.credsPath }}/{{ .Values.aafConfig.truststoreFile }}"
         {{- else }}
         args: ["/start-apache-tomcat.sh -b {{ .Values.global.env.tomcatDir }}"]
         {{- end }}
@@ -131,8 +83,7 @@ spec:
           periodSeconds: {{ .Values.readiness.periodSeconds }}
         volumeMounts:
         {{- if .Values.global.aafEnabled }}
-        - mountPath: {{ .Values.persistence.aafCredsPath }}
-          name: {{ include "common.fullname" . }}-aaf-config-vol
+{{ include "common.aaf-config-volume-mountpath" . | indent 8 }}
         {{- end }}
         - name: properties-onapportalsdk
           mountPath: "{{ .Values.global.env.tomcatDir }}/conf/server.xml"
@@ -160,7 +111,7 @@ spec:
         - name: var-log-onap
           mountPath: /var/log/onap
         resources:
-{{ include "common.resources" . | indent 12 }}
+{{ include "common.resources" . }}
       {{- if .Values.nodeSelector }}
       nodeSelector:
 {{ toYaml .Values.nodeSelector | indent 10 }}
@@ -198,9 +149,7 @@ spec:
         - name: portal-tomcat-logs
           emptyDir: {}
         {{- if .Values.global.aafEnabled }}
-        - name: {{ include "common.fullname" . }}-aaf-config-vol
-          emptyDir:
-            medium: Memory
+{{ include "common.aaf-config-volumes" . | indent 8 }}
         {{- end }}
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"

diff --git a/kubernetes/portal/charts/portal-sdk/values.yaml b/kubernetes/portal/charts/portal-sdk/values.yaml
index 34c29b5..45af55f 100644 (file)
--- a/kubernetes/portal/charts/portal-sdk/values.yaml
+++ b/kubernetes/portal/charts/portal-sdk/values.yaml
@@ -23,47 +23,46 @@ global:
   loggingRepository: docker.elastic.co
   loggingImage: beats/filebeat:5.5.0
   persistence: {}
-  #AAF global config overrides
+  #AAF service
   aafEnabled: true
-  aafAgentImage: onap/aaf/aaf_agent:2.1.15
-  aafAppNs: org.osaaf.aaf
-  aafLocatorContainer: oom
+  aafAgentImage: onap/aaf/aaf_agent:2.1.20
+
 #################################################################
 # Application configuration defaults.
 #################################################################
-secrets:
-  - uid: aaf-deploy-creds
-    type: basicAuth
-    externalSecret: '{{ ternary (tpl (default "" .Values.aafConfig.aafDeployCredsExternalSecret) .) "aafIsDiabled" .Values.global.aafEnabled }}'
-    login: '{{ .Values.aafConfig.aafDeployFqi }}'
-    password: '{{ .Values.aafConfig.aafDeployPass }}'
-    passwordPolicy: required
-
-## Persist cert data to a memory volume
-persistence:
-  aafCredsPath: /opt/app/osaaf/local
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/portal-sdk:2.6.0
+image: onap/portal-sdk:3.2.0
 pullPolicy: Always
 
-#AAF service
-aafURL: https://aaf-service:8100/
-aafLocateUrl: https://aaf-locate:8095
-
 #AAF local config
+aafURL: https://aaf-service:8100/
 aafConfig:
   aafDeployFqi: deployer@people.osaaf.org
   aafDeployPass: demo123456!
   fqdn: portal
   fqi: portal@portal.onap.org
   publicFqdn: portal.onap.org
-  cadiLatitude: 0.0
-  cadiLongitude: 0.0
+  cadi_latitude: "38.0"
+  cadi_longitude: "-72.0"
+  credsPath: /opt/app/osaaf/local
+  app_ns: org.osaaf.aaf
+  permission_user: 1000
+  permission_group: 999
+  addconfig:  true
+  secret_uid: &aaf_secret_uid portal-sdk-aaf-deploy-creds
   keystoreFile: "org.onap.portal.p12"
   truststoreFile: "org.onap.portal.trust.jks"
 
+secrets:
+  - uid: *aaf_secret_uid
+    type: basicAuth
+    externalSecret: '{{ ternary (tpl (default "" .Values.aafConfig.aafDeployCredsExternalSecret) .) "aafIsDiabled" .Values.global.aafEnabled }}'
+    login: '{{ .Values.aafConfig.aafDeployFqi }}'
+    password: '{{ .Values.aafConfig.aafDeployPass }}'
+    passwordPolicy: required
+
 # flag to enable debugging - application support required
 debugEnabled: false
 

diff --git a/kubernetes/portal/charts/portal-widget/values.yaml b/kubernetes/portal/charts/portal-widget/values.yaml
index 7a02509..3d63cd8 100644 (file)
--- a/kubernetes/portal/charts/portal-widget/values.yaml
+++ b/kubernetes/portal/charts/portal-widget/values.yaml
@@ -29,7 +29,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/portal-wms:2.6.0
+image: onap/portal-wms:3.2.0
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/portal/values.yaml b/kubernetes/portal/values.yaml
index 8c84cbd..1015c86 100644 (file)
--- a/kubernetes/portal/values.yaml
+++ b/kubernetes/portal/values.yaml
@@ -1,5 +1,5 @@
 # Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
+# Modifications Copyright © 2018, 2020 AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -21,18 +21,11 @@ global:
   portalFEPort: "30225"
   # application's front end hostname.  Must be resolvable on the client side environment
   portalHostName: "portal.api.simpledemo.onap.org"
-  keystoreFile: "keystoreONAPPortal.p12"
-  truststoreFile: "truststoreONAPall.jks"
-  keypass: ",@{9!OOv%HO@#c+0Z}axu!xV"
-  trustpass: "changeit"
-
 config:
   logstashServiceName: log-ls
   logstashPort: 5044
-  
 portal-mariadb:
   nameOverride: portal-db
-
 mariadb:
   service:
     name: portal-db
@@ -48,10 +41,8 @@ cassandra:
 zookeeper:
   service:
     name: portal-zookeeper
-
 messageRouter:
   service:
     name: message-router
-
 ingress:
   enabled: false
\ No newline at end of file

diff --git a/kubernetes/robot b/kubernetes/robot
index 7f37c3c..a995fce 160000 (submodule)
--- a/kubernetes/robot
+++ b/kubernetes/robot
@@ -1 +1 @@
-Subproject commit 7f37c3cd610edd911a8b68e2118212d9ec8149d6
+Subproject commit a995fce78ae63d33a0c48d825001ed7faea3b18f

diff --git a/kubernetes/sdnc/charts/dmaap-listener/resources/config/aai.properties b/kubernetes/sdnc/charts/dmaap-listener/resources/config/aai.properties
index f9640a9..6a4ca4c 100644 (file)
--- a/kubernetes/sdnc/charts/dmaap-listener/resources/config/aai.properties
+++ b/kubernetes/sdnc/charts/dmaap-listener/resources/config/aai.properties
@@ -32,4 +32,4 @@ sessionstickinessrequired=NO
 DME2preferredRouterFilePath=/opt/onap/sdnc/data/properties/dmaap-listener.preferredRoute.txt
 sdnc.odl.user=${ODL_USER}
 sdnc.odl.password=${ODL_PASSWORD}
-sdnc.odl.url-base=http://sdnc.{{.Release.Namespace}}:{{.Values.config.sdncPort}}/restconf/operations
\ No newline at end of file
+sdnc.odl.url-base=http://sdnc-oam.{{.Release.Namespace}}:{{.Values.config.sdncPort}}/restconf/operations
\ No newline at end of file

diff --git a/kubernetes/sdnc/charts/dmaap-listener/resources/config/dhcpalert.properties b/kubernetes/sdnc/charts/dmaap-listener/resources/config/dhcpalert.properties
index 96f4079..d2b55fb 100644 (file)
--- a/kubernetes/sdnc/charts/dmaap-listener/resources/config/dhcpalert.properties
+++ b/kubernetes/sdnc/charts/dmaap-listener/resources/config/dhcpalert.properties
@@ -32,4 +32,4 @@ sessionstickinessrequired=NO
 DME2preferredRouterFilePath=/opt/onap/sdnc/data/properties/dmaap-listener.preferredRoute.txt
 sdnc.odl.user=${ODL_USER}
 sdnc.odl.password=${ODL_PASSWORD}
-sdnc.odl.url-base=http://sdnc.{{.Release.Namespace}}:{{.Values.config.sdncPort}}/restconf/operations
+sdnc.odl.url-base=http://sdnc-oam.{{.Release.Namespace}}:{{.Values.config.sdncPort}}/restconf/operations

diff --git a/kubernetes/sdnc/charts/dmaap-listener/resources/config/dmaap-consumer-CMNotify.properties b/kubernetes/sdnc/charts/dmaap-listener/resources/config/dmaap-consumer-CMNotify.properties
new file mode 100644 (file)
index 0000000..eff236a
--- /dev/null
+++ b/kubernetes/sdnc/charts/dmaap-listener/resources/config/dmaap-consumer-CMNotify.properties
@@ -0,0 +1,35 @@
+TransportType=HTTPNOAUTH
+Latitude =50.000000
+Longitude =-100.000000
+Version =1.0
+ServiceName=message-router.{{.Release.Namespace}}:{{.Values.config.dmaapPort}}
+Environment =TEST
+Partner =
+routeOffer=MR1
+SubContextPath =/
+Protocol =http
+MethodType =GET
+username =UNUSED
+password =UNUSED
+contenttype =application/json
+authKey=UNUSED
+authDate=UNUSED
+host=message-router.{{.Release.Namespace}}:{{.Values.config.dmaapPort}}
+topic=CM-NOTIFICATION
+group=users
+id=sdnc1
+timeout=15000
+limit=1000
+filter=
+AFT_DME2_EXCHANGE_REQUEST_HANDLERS=com.att.nsa.test.PreferredRouteRequestHandler
+AFT_DME2_EXCHANGE_REPLY_HANDLERS=com.att.nsa.test.PreferredRouteReplyHandler
+AFT_DME2_REQ_TRACE_ON=true
+AFT_ENVIRONMENT=AFTUAT
+AFT_DME2_EP_CONN_TIMEOUT=15000
+AFT_DME2_ROUNDTRIP_TIMEOUT_MS=240000
+AFT_DME2_EP_READ_TIMEOUT_MS=50000
+sessionstickinessrequired=NO
+DME2preferredRouterFilePath=/opt/onap/sdnc/data/properties/dmaap-listener.preferredRoute.txt
+sdnc.odl.user=${ODL_USER}
+sdnc.odl.password=${ODL_PASSWORD}
+sdnc.odl.url-base=https://sdnc-oam.{{.Release.Namespace}}:{{.Values.config.sdncPort}}/restconf/operations

diff --git a/kubernetes/sdnc/charts/dmaap-listener/resources/config/dmaap-consumer-a1Adapter-policy.properties b/kubernetes/sdnc/charts/dmaap-listener/resources/config/dmaap-consumer-a1Adapter-policy.properties
new file mode 100644 (file)
index 0000000..944b63f
--- /dev/null
+++ b/kubernetes/sdnc/charts/dmaap-listener/resources/config/dmaap-consumer-a1Adapter-policy.properties
@@ -0,0 +1,35 @@
+TransportType=HTTPNOAUTH
+Latitude =50.000000
+Longitude =-100.000000
+Version =1.0
+ServiceName=message-router.{{.Release.Namespace}}:{{.Values.config.dmaapPort}}
+Environment =TEST
+Partner =
+routeOffer=MR1
+SubContextPath =/
+Protocol =http
+MethodType =GET
+username =UNUSED
+password =UNUSED
+contenttype =application/json
+authKey=UNUSED
+authDate=UNUSED
+host=message-router.{{.Release.Namespace}}:{{.Values.config.dmaapPort}}
+topic=A1-P
+group=users
+id=sdnc1
+timeout=15000
+limit=1000
+filter=
+AFT_DME2_EXCHANGE_REQUEST_HANDLERS=com.att.nsa.test.PreferredRouteRequestHandler
+AFT_DME2_EXCHANGE_REPLY_HANDLERS=com.att.nsa.test.PreferredRouteReplyHandler
+AFT_DME2_REQ_TRACE_ON=true
+AFT_ENVIRONMENT=AFTUAT
+AFT_DME2_EP_CONN_TIMEOUT=15000
+AFT_DME2_ROUNDTRIP_TIMEOUT_MS=240000
+AFT_DME2_EP_READ_TIMEOUT_MS=50000
+sessionstickinessrequired=NO
+DME2preferredRouterFilePath=/opt/onap/sdnc/data/properties/dmaap-listener.preferredRoute.txt
+sdnc.odl.user=${ODL_USER}
+sdnc.odl.password=${ODL_PASSWORD}
+sdnc.odl.url-base=https://sdnc-oam.{{.Release.Namespace}}:{{.Values.config.sdncPort}}/restconf/operations

diff --git a/kubernetes/sdnc/charts/dmaap-listener/resources/config/dmaap-consumer-oofpcipoc.properties b/kubernetes/sdnc/charts/dmaap-listener/resources/config/dmaap-consumer-oofpcipoc.properties
new file mode 100644 (file)
index 0000000..b670d43
--- /dev/null
+++ b/kubernetes/sdnc/charts/dmaap-listener/resources/config/dmaap-consumer-oofpcipoc.properties
@@ -0,0 +1,35 @@
+TransportType=HTTPNOAUTH
+Latitude =50.000000
+Longitude =-100.000000
+Version =1.0
+ServiceName=message-router.{{.Release.Namespace}}:{{.Values.config.dmaapPort}}
+Environment =TEST
+Partner =
+routeOffer=MR1
+SubContextPath =/
+Protocol =http
+MethodType =GET
+username =UNUSED
+password =UNUSED
+contenttype =application/json
+authKey=UNUSED
+authDate=UNUSED
+host=message-router.{{.Release.Namespace}}:{{.Values.config.dmaapPort}}
+topic=SDNR-CL
+group=users
+id=sdnc1
+timeout=15000
+limit=1000
+filter=
+AFT_DME2_EXCHANGE_REQUEST_HANDLERS=com.att.nsa.test.PreferredRouteRequestHandler
+AFT_DME2_EXCHANGE_REPLY_HANDLERS=com.att.nsa.test.PreferredRouteReplyHandler
+AFT_DME2_REQ_TRACE_ON=true
+AFT_ENVIRONMENT=AFTUAT
+AFT_DME2_EP_CONN_TIMEOUT=15000
+AFT_DME2_ROUNDTRIP_TIMEOUT_MS=240000
+AFT_DME2_EP_READ_TIMEOUT_MS=50000
+sessionstickinessrequired=NO
+DME2preferredRouterFilePath=/opt/onap/sdnc/data/properties/dmaap-listener.preferredRoute.txt
+sdnc.odl.user=$(ODL_USER}
+sdnc.odl.password=${ODL_PASSWORD}
+sdnc.odl.url-base=https://sdnc-oam.{{.Release.Namespace}}:{{.Values.config.sdncPort}}/restconf/operations

diff --git a/kubernetes/sdnc/charts/dmaap-listener/resources/config/lcm.properties b/kubernetes/sdnc/charts/dmaap-listener/resources/config/lcm.properties
index 0b52b3f..15f32c4 100644 (file)
--- a/kubernetes/sdnc/charts/dmaap-listener/resources/config/lcm.properties
+++ b/kubernetes/sdnc/charts/dmaap-listener/resources/config/lcm.properties
@@ -32,4 +32,4 @@ sessionstickinessrequired=NO
 DME2preferredRouterFilePath=/opt/onap/sdnc/data/properties/dmaap-listener.preferredRoute.txt
 sdnc.odl.user=${ODL_USER}
 sdnc.odl.password=${ODL_PASSWORD}
-sdnc.odl.url-base=http://sdnc.{{.Release.Namespace}}:{{.Values.config.sdncPort}}/restconf/operations
\ No newline at end of file
+sdnc.odl.url-base=http://sdnc-oam.{{.Release.Namespace}}:{{.Values.config.sdncPort}}/restconf/operations
\ No newline at end of file

diff --git a/kubernetes/sdnc/charts/dmaap-listener/templates/deployment.yaml b/kubernetes/sdnc/charts/dmaap-listener/templates/deployment.yaml
index af78a12..e7f06ff 100644 (file)
--- a/kubernetes/sdnc/charts/dmaap-listener/templates/deployment.yaml
+++ b/kubernetes/sdnc/charts/dmaap-listener/templates/deployment.yaml
@@ -101,6 +101,15 @@ spec:
         - mountPath: {{ .Values.config.configDir }}/aai.properties
           name: properties
           subPath: aai.properties
+        - mountPath: {{ .Values.config.configDir }}/dmaap-consumer-CMNotify.properties
+          name: properties
+          subPath: dmaap-consumer-CMNotify.properties
+        - mountPath: {{ .Values.config.configDir }}/dmaap-consumer-a1Adapter-policy.properties
+          name: properties
+          subPath: dmaap-consumer-a1Adapter-policy.properties
+        - mountPath: {{ .Values.config.configDir }}/dmaap-consumer-oofpcipoc.properties
+          name: properties
+          subPath: dmaap-consumer-oofpcipoc.properties
         resources:
 {{ include "common.resources" . | indent 12 }}
         {{- if .Values.nodeSelector }}

diff --git a/kubernetes/sdnc/charts/dmaap-listener/values.yaml b/kubernetes/sdnc/charts/dmaap-listener/values.yaml
index f5077cb..51f7afe 100644 (file)
--- a/kubernetes/sdnc/charts/dmaap-listener/values.yaml
+++ b/kubernetes/sdnc/charts/dmaap-listener/values.yaml
@@ -56,7 +56,7 @@ secrets:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/sdnc-dmaap-listener-image:1.8.0
+image: onap/sdnc-dmaap-listener-image:1.8.1
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml
index 621048a..c08e53a 100644 (file)
--- a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml
+++ b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml
@@ -56,7 +56,7 @@ secrets:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/sdnc-ansible-server-image:1.8.0
+image: onap/sdnc-ansible-server-image:1.8.1
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/sdnc/charts/sdnc-portal/values.yaml b/kubernetes/sdnc/charts/sdnc-portal/values.yaml
index faa9e6b..280a2af 100644 (file)
--- a/kubernetes/sdnc/charts/sdnc-portal/values.yaml
+++ b/kubernetes/sdnc/charts/sdnc-portal/values.yaml
@@ -73,7 +73,7 @@ secrets:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/admportal-sdnc-image:1.8.0
+image: onap/admportal-sdnc-image:1.8.1
 config:
   dbFabricDB: mysql
   dbFabricUser: admin

diff --git a/kubernetes/sdnc/charts/ueb-listener/values.yaml b/kubernetes/sdnc/charts/ueb-listener/values.yaml
index 1f6c9de..a02a385 100644 (file)
--- a/kubernetes/sdnc/charts/ueb-listener/values.yaml
+++ b/kubernetes/sdnc/charts/ueb-listener/values.yaml
@@ -62,7 +62,7 @@ secrets:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/sdnc-ueb-listener-image:1.8.0
+image: onap/sdnc-ueb-listener-image:1.8.1
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/sdnc/resources/config/bin/startODL.sh b/kubernetes/sdnc/resources/config/bin/startODL.sh
index af5c362..6aa796a 100755 (executable)
--- a/kubernetes/sdnc/resources/config/bin/startODL.sh
+++ b/kubernetes/sdnc/resources/config/bin/startODL.sh
@@ -4,6 +4,7 @@
 # ============LICENSE_START=======================================================
 # SDNC
 # ================================================================================
+# Copyright © 2020 Samsung Electronics
 # Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
 # ================================================================================
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -133,17 +134,17 @@ echo "  AAF_ENABLED=$SDNC_AAF_ENABLED"
 
 
 if $SDNC_AAF_ENABLED; then
-       export SDNC_STORE_DIR=/opt/app/osaaf/local
-       export SDNC_CONFIG_DIR=/opt/app/osaaf/local
+       export SDNC_AAF_STORE_DIR=/opt/app/osaaf/local
+       export SDNC_AAF_CONFIG_DIR=/opt/app/osaaf/local
        export SDNC_KEYPASS=`cat /opt/app/osaaf/local/.pass`
        export SDNC_KEYSTORE=org.onap.sdnc.p12
        sed -i '/cadi_prop_files/d' $ODL_HOME/etc/system.properties
-       echo "cadi_prop_files=$SDNC_CONFIG_DIR/org.onap.sdnc.props" >> $ODL_HOME/etc/system.properties
+       echo "cadi_prop_files=$SDNC_AAF_CONFIG_DIR/org.onap.sdnc.props" >> $ODL_HOME/etc/system.properties
 
        sed -i '/org.ops4j.pax.web.ssl.keystore/d' $ODL_HOME/etc/custom.properties
        sed -i '/org.ops4j.pax.web.ssl.password/d' $ODL_HOME/etc/custom.properties
        sed -i '/org.ops4j.pax.web.ssl.keypassword/d' $ODL_HOME/etc/custom.properties
-       echo org.ops4j.pax.web.ssl.keystore=$SDNC_STORE_DIR/$SDNC_KEYSTORE >> $ODL_HOME/etc/custom.properties
+       echo org.ops4j.pax.web.ssl.keystore=$SDNC_AAF_STORE_DIR/$SDNC_KEYSTORE >> $ODL_HOME/etc/custom.properties
        echo org.ops4j.pax.web.ssl.password=$SDNC_KEYPASS >> $ODL_HOME/etc/custom.properties
        echo org.ops4j.pax.web.ssl.keypassword=$SDNC_KEYPASS >> $ODL_HOME/etc/custom.properties
 fi

diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml
index da5d8f3..4511ca9 100644 (file)
--- a/kubernetes/sdnc/templates/statefulset.yaml
+++ b/kubernetes/sdnc/templates/statefulset.yaml
@@ -1,4 +1,5 @@
 {{/*
+# Copyright © 2020 Samsung Electronics
 # Copyright © 2017 Amdocs, Bell Canada
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -208,6 +209,9 @@ spec:
           - mountPath: {{ .Values.config.binDir }}/installSdncDb.sh
             name: bin
             subPath: installSdncDb.sh
+          - mountPath: {{ .Values.config.ccsdkConfigDir }}/aaiclient.properties
+            name: properties
+            subPath: aaiclient.properties
           - mountPath: {{ .Values.config.configDir }}/aaiclient.properties
             name: properties
             subPath: aaiclient.properties

diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml
index 8cb7c33..fda5617 100644 (file)
--- a/kubernetes/sdnc/values.yaml
+++ b/kubernetes/sdnc/values.yaml
@@ -1,3 +1,4 @@
+# Copyright © 2020 Samsung Electronics
 # Copyright © 2017 Amdocs, Bell Canada
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -117,7 +118,7 @@ secrets:
 # application images
 repository: nexus3.onap.org:10001
 pullPolicy: Always
-image: onap/sdnc-image:1.8.0
+image: onap/sdnc-image:1.8.1
 
 
 # flag to enable debugging - application support required
@@ -159,6 +160,7 @@ config:
   peerODLCluster: 127.0.0.1
   isPrimaryCluster: true
   configDir: /opt/onap/sdnc/data/properties
+  ccsdkConfigDir: /opt/onap/ccsdk/data/properties
   dmaapTopic: SUCCESS
   dmaapPort: 3904
   logstashServiceName: log-ls

diff --git a/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml
index 117d270..3ecf3f5 100755 (executable)
--- a/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/charts/so-openstack-adapter/resources/config/overrides/override.yaml
@@ -96,6 +96,10 @@ ecomp:
         pollTimeout: 7500
         pollInterval: 15
 mso:
+  adapters:
+    requestDb:
+      endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083
+      auth: {{ include "helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.db.auth )}}
   auth: {{ include "helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.aaf.auth.encrypted "value2" .Values.mso.auth )}}
   logPath: ./logs/openstack
   msb-ip: msb-iag.{{ include "common.namespace" . }}

diff --git a/kubernetes/so/charts/so-secrets/resources/certs/org.onap.so.trust.jks b/kubernetes/so/charts/so-secrets/resources/certs/org.onap.so.trust.jks
new file mode 100644 (file)
index 0000000..96931ce
Binary files /dev/null and b/kubernetes/so/charts/so-secrets/resources/certs/org.onap.so.trust.jks differ

diff --git a/kubernetes/so/charts/so-secrets/templates/secrets.yaml b/kubernetes/so/charts/so-secrets/templates/secrets.yaml
index 9a74963..5be2cc7 100644 (file)
--- a/kubernetes/so/charts/so-secrets/templates/secrets.yaml
+++ b/kubernetes/so/charts/so-secrets/templates/secrets.yaml
@@ -25,3 +25,16 @@ data:
   trustStorePassword: {{ .Values.global.client.certs.trustStorePassword }}
   keyStorePassword: {{ .Values.global.client.certs.keyStorePassword}}
 type: Opaque
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "common.release" . }}-so-truststore-secret
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }}

diff --git a/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml
index ebfbc44..10846cf 100755 (executable)
--- a/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/charts/so-vnfm-adapter/resources/config/overrides/override.yaml
@@ -54,8 +54,12 @@ vnfmadapter:
 etsi-catalog-manager:
   vnfpkgm:
   {{- if .Values.global.msbEnabled }}
-    endpoint: http://msb-iag.{{ include "common.namespace" . }}:80/api/vnfpkgm/v1
+    endpoint: https://msb-iag.{{ include "common.namespace" . }}:443/api/vnfpkgm/v1
+    http:
+      client:
+        ssl:
+          trust-store: ${TRUSTSTORE}
+          trust-store-password: ${TRUSTSTORE_PASSWORD}
   {{- else }}
     endpoint: http://modeling-etsicatalog.{{ include "common.namespace" . }}:8806/api/vnfpkgm/v1
   {{- end }}
-

diff --git a/kubernetes/so/charts/so-vnfm-adapter/templates/deployment.yaml b/kubernetes/so/charts/so-vnfm-adapter/templates/deployment.yaml
index 00b36a8..a720753 100755 (executable)
--- a/kubernetes/so/charts/so-vnfm-adapter/templates/deployment.yaml
+++ b/kubernetes/so/charts/so-vnfm-adapter/templates/deployment.yaml
@@ -40,17 +40,17 @@ spec:
         image: {{ include "common.repository" . }}/{{ .Values.image }}
         resources:
 {{ include "common.resources" . | indent 12 }}
-         {{- if eq .Values.global.security.aaf.enabled true }}
         env:
         - name: TRUSTSTORE
-          value: /app/org.onap.so.trust.jks
+          value: {{ .Values.global.client.certs.truststore }}
         - name: TRUSTSTORE_PASSWORD
           valueFrom:
             secretKeyRef:
               name: {{ .Release.Name}}-so-client-certs-secret
               key: trustStorePassword
+        {{ if eq .Values.global.security.aaf.enabled true }}
         - name: KEYSTORE
-          value: /app/org.onap.so.jks
+          value: {{ .Values.global.client.certs.keystore }}
         - name: KEYSTORE_PASSWORD
           valueFrom:
             secretKeyRef:
@@ -67,6 +67,9 @@ spec:
         - name: config
           mountPath: /app/config
           readOnly: true
+        - name: {{ include "common.fullname" . }}-truststore
+          mountPath: /app/client
+          readonly: true
         livenessProbe:
           tcpSocket:
             port: {{ index .Values.livenessProbe.port }}
@@ -84,5 +87,8 @@ spec:
       - name: config
         configMap:
             name: {{ include "common.fullname" . }}-app-configmap
+      - name:  {{ include "common.fullname" . }}-truststore
+        secret:
+          secretName: {{ include "common.release" . }}-so-truststore-secret
       imagePullSecrets:
         - name: "{{ include "common.namespace" . }}-docker-registry-key"

diff --git a/kubernetes/so/resources/config/overrides/override.yaml b/kubernetes/so/resources/config/overrides/override.yaml
index c57ed02..6bd930d 100755 (executable)
--- a/kubernetes/so/resources/config/overrides/override.yaml
+++ b/kubernetes/so/resources/config/overrides/override.yaml
@@ -1,3 +1,6 @@
+aai:
+  endpoint: https://aai.{{ include "common.namespace" . }}:8443
+  auth: {{ include "helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.encrypted "value2" .Values.mso.aai.auth )}}
 server:
     port: {{ index .Values.containerPort }}
     tomcat:

diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml
index 4cf991e..e9c5637 100755 (executable)
--- a/kubernetes/so/values.yaml
+++ b/kubernetes/so/values.yaml
@@ -60,8 +60,8 @@ global:
     defaultCloudOwner: onap
     cadi:
       cadiLoglevel: DEBUG
-      cadiKeyFile: /app/org.onap.so.keyfile
-      cadiTrustStore: /app/org.onap.so.trust.jks
+      cadiKeyFile: /app/client/org.onap.so.keyfile
+      cadiTrustStore: /app/client/org.onap.so.trust.jks
       cadiTruststorePassword: enc:MFpuxKeYK6Eo6QXjDUjtOBbp0FthY7SB4mKSIJm_RWC
       cadiLatitude: 38.4329
       cadiLongitude: -90.43248
@@ -73,7 +73,9 @@ global:
     msoKey: 07a7159d3bf51a0e53be7a8f89699be7
   client:
     certs:
-      trustStorePassword: b25hcDRzbw==
+      truststore: /app/client/org.onap.so.trust.jks
+      keystore: /app/client/org.onap.so.jks
+      trustStorePassword: LHN4Iy5DKlcpXXdWZ0pDNmNjRkhJIzpI
       keyStorePassword: c280b25hcA==
   certificates:
     path: /etc/ssl/certs

diff --git a/kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml b/kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml
index d7108a8..8bc90fc 100644 (file)
--- a/kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml
+++ b/kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml
@@ -29,7 +29,7 @@ global:
 flavor: small
 
 repository: nexus3.onap.org:10001
-image: onap/vfc/gvnfmdriver:1.3.8
+image: onap/vfc/gvnfmdriver:1.3.9
 pullPolicy: Always
 
 #Istio sidecar injection policy

diff --git a/kubernetes/vfc/charts/vfc-nslcm/values.yaml b/kubernetes/vfc/charts/vfc-nslcm/values.yaml
index 023ec59..e36efee 100644 (file)
--- a/kubernetes/vfc/charts/vfc-nslcm/values.yaml
+++ b/kubernetes/vfc/charts/vfc-nslcm/values.yaml
@@ -39,7 +39,7 @@ secrets:
 flavor: small
 
 repository: nexus3.onap.org:10001
-image: onap/vfc/nslcm:1.3.8
+image: onap/vfc/nslcm:1.3.9
 pullPolicy: Always
 
 #Istio sidecar injection policy

diff --git a/kubernetes/vfc/charts/vfc-vnflcm/values.yaml b/kubernetes/vfc/charts/vfc-vnflcm/values.yaml
index 76eebe5..48176a7 100644 (file)
--- a/kubernetes/vfc/charts/vfc-vnflcm/values.yaml
+++ b/kubernetes/vfc/charts/vfc-vnflcm/values.yaml
@@ -39,7 +39,7 @@ secrets:
 flavor: small
 
 repository: nexus3.onap.org:10001
-image: onap/vfc/vnflcm:1.3.8
+image: onap/vfc/vnflcm:1.3.9
 pullPolicy: Always
 
 #Istio sidecar injection policy