version: ~6.x-0
repository: 'file://components/curator'
condition: elasticsearch.curator.enabled,curator.enabled
+ - name: certInitializer
+ version: ~6.x-0
+ repository: 'file://../certInitializer'
+++ /dev/null
-
-{{ if .Values.global.aafEnabled }}
-{{/*
-# Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-{{- if .Values.aafConfig.addconfig -}}
-apiVersion: v1
-kind: ConfigMap
-{{ $suffix := "aaf-add-config" -}}
-metadata: {{- include "common.resourceMetadata" (dict "suffix" $suffix "dot" . )| nindent 2 }}
-data:
- aaf-add-config.sh: |-
- cd /opt/app/osaaf/local
- mkdir -p certs
- export $(/opt/app/aaf_config/bin/agent.sh local showpass | grep '^c' | xargs -0)
- keytool -exportcert -rfc -file certs/cacert.pem -keystore {{ .Values.aafConfig.fqi_namespace }}.trust.jks -alias ca_local_0 -storepass $cadi_truststore_password
- openssl pkcs12 -in {{ .Values.aafConfig.fqi_namespace }}.p12 -out certs/cert.pem -passin pass:$cadi_keystore_password_p12 -passout pass:$cadi_keystore_password_p12
- cp {{ .Values.aafConfig.fqi_namespace }}.key certs/key.pem
- chmod -R 755 certs
-{{- end -}}
-{{- end -}}
securityContext:
privileged: true
{{- end }}
- {{ include "common.aaf-config" . | nindent 8}}
+ {{ include "common.certInitializer.initContainer" . | nindent 8 }}
containers:
- name: {{ include "common.name" . }}-nginx
- name: nginx-server-block
mountPath: /opt/bitnami/nginx/conf/server_blocks
{{- end }}
- {{- include "common.aaf-config-volume-mountpath" . | nindent 10 }}
+ {{- include "common.certInitializer.volumeMount" . | nindent 10 }}
- name: {{ include "common.name" . }}-elasticsearch
image: {{ printf "%s/%s:%s" (include "common.repository" .) .Values.image.imageName .Values.image.tag }}
configMap:
name: {{ include "common.fullname" . }}-nginx-server-block
{{- end }}
- {{- include "common.aaf-config-volumes" . | nindent 8}}
-
+ {{ include "common.certInitializer.volumes" . | nindent 8 }}
#################################################################
global:
aafEnabled: true
- aafAgentImage: onap/aaf/aaf_agent:2.1.15
nodePortPrefix: 302
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.2
# loadBalancerIP:
## Provide functionality to use RBAC
##
+
#################################################################
-# Secrets metaconfig
-#################################################################
-secrets:
- - uid: &aaf_secret_uid elasticsearch-aaf-deploy-creds
- type: basicAuth
- externalSecret: '{{ ternary (tpl (default "" .Values.aafConfig.aafDeployCredsExternalSecret) .) "aafIsDisabled" .Values.global.aafEnabled }}'
- login: '{{ .Values.aafConfig.aafDeployFqi }}'
- password: '{{ .Values.aafConfig.aafDeployPass }}'
- passwordPolicy: required
-#################################################################
-# aaf configuration defaults.
+# Certificate configuration
#################################################################
-aafConfig:
- addconfig: true
+certInitializer:
+ nameOverride: elasticsearch-cert-initializer
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ # aafDeployCredsExternalSecret: some secret
fqdn: "elastic"
- image: onap/aaf/aaf_agent:2.1.15
app_ns: "org.osaaf.aaf"
- fqi_namespace: org.onap.elastic
+ fqi_namespace: "org.onap.elastic"
fqi: "elastic@elastic.onap.org"
public_fqdn: "aaf.osaaf.org"
- deploy_fqi: "deployer@people.osaaf.org"
- aafDeployFqi: "deployer@people.osaaf.org"
- aafDeployPass: demo123456!
- #aafDeployCredsExternalSecret: some secret
- #cadi_latitude: "52.5"
- #cadi_longitude: "13.4"
- secret_uid: *aaf_secret_uid
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ credsPath: /opt/app/osaaf/local
+ aaf_add_config: >
+ cd {{ .Values.credsPath }};
+ mkdir -p certs;
+ export $(/opt/app/aaf_config/bin/agent.sh local showpass | grep '^c' | xargs -0);
+ keytool -exportcert -rfc -file certs/cacert.pem -keystore {{ .Values.fqi_namespace }}.trust.jks -alias ca_local_0 -storepass $cadi_truststore_password;
+ openssl pkcs12 -in {{ .Values.fqi_namespace }}.p12 -out certs/cert.pem -passin pass:$cadi_keystore_password_p12 -passout pass:$cadi_keystore_password_p12;
+ cp {{ .Values.fqi_namespace }}.key certs/key.pem;
+ chmod -R 755 certs;
+
#################################################################
# subcharts configuration defaults.
#################################################################
-#!/bin/bash
+#!/bin/sh
# Create region
fieldPath: metadata.namespace
containers:
- name: {{ include "common.name" . }}-provisioning-job
- image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ image: "{{ .Values.global.dockerHubRepository }}/{{ .Values.global.curlImage }}"
volumeMounts:
- name: {{ include "common.fullname" . }}-provisioning
mountPath: /tmp
command:
- - /bin/bash
+ - /bin/sh
- ./tmp/provision.sh
volumes:
- name: {{ include "common.fullname" . }}-provisioning
superuserName: admin
superuserEmail: admin@onap.org
+ curlImage: curlimages/curl:7.69.1
+ dockerHubRepository: docker.io
+
repository: netboxcommunity
image: netbox:v2.5.8
#aai_retries = 3
# The version of A&AI in v# format. (string value)
-server_url_version = v14
+server_url_version = v19
# SSL/TLS certificate file in pem format. This certificate must be registered
# with the A&AI endpoint. (string value)
commonConfigPrefix: onap-oof-has
image:
readiness: oomk8s/readiness-check:2.0.0
- optf_has: onap/optf-has:2.0.3
+ optf_has: onap/optf-has:2.0.4
filebeat: docker.elastic.co/beats/filebeat:5.5.0
pullPolicy: Always
slice_selection_policy_dir_urllc_1: "./test/policy-local-files/"
slice_selection_policy_files_urllc_1:
- vnfPolicy_URLLC_Core_1.json
- - thresholdPolicy_URLLC_Core_1_reliability.json
- - thresholdPolicy_URLLC_Core_1_latency.json
+ - thresholdPolicy_URLLC_Core_1.json
- subscriber_policy_URLLC_1.json
service_info:
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/optf-osdf:2.0.3
+image: onap/optf-osdf:2.0.4
pullPolicy: Always
# flag to enable debugging - application support required
# Url and credentials for Conductor.
conductorUrl: https://oof-has-api:8091/v1/plans/
- conductorPingWaitTime: 60
+ conductorPingWaitTime: 10
conductorMaxRetries: 30
# versions to be set in HTTP header
conductorMinorVersion: 0
elasticsearch:
nameOverride: sdnrdb
name: sdnrdb-cluster
- aafConfig:
+ certInitializer:
fqdn: "sdnc"
fqi_namespace: org.onap.sdnc
fqi: "sdnc@sdnc.onap.org"