#Actuator properties
management.endpoints.web.exposure.include=*
management.endpoint.health.show-details=always
+
+#K8s Plugin properties
+#Credentials are placeholders as k8s plugin has not authentication atm
+blueprintprocessor.k8s.plugin.username=unused
+blueprintprocessor.k8s.plugin.password=unused
+blueprintprocessor.k8s.plugin.url=http://multicloud-k8s:9015/
EXCLUDES :=
HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+HELM_VER != helm version --template "{{.Version}}"
+
.PHONY: $(EXCLUDES) $(HELM_CHARTS)
all: $(COMMON_CHARTS_DIR) $(HELM_CHARTS)
package-%: lint-%
@mkdir -p $(PACKAGE_DIR)
+ifeq "$(findstring v3,$(HELM_VER))" "v3"
+ @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$(helm package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && helm push -f $$PACKAGE_NAME local; fi
+else
@if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+endif
@helm repo index $(PACKAGE_DIR)
clean:
+{{/*
# Copyright © 2018 Amdocs, Bell Canada, AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{ include "common.replicaPV" . }}
+{{/*
# Copyright © 2018 Amdocs, AT&T, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{ include "common.headlessService" . }}
+{{/*
# Copyright © 2018 Amdocs, AT&T, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
apiVersion: apps/v1
kind: StatefulSet
{{ else if eq "testRelease" (include "common.release" .) }}
{{/* Special case for chart liniting. DON"T NAME YOUR PRODUCTION RELEASE testRelease */}}
{{- printf "testRelease" -}}
+ {{ else if eq "test-release" .Release.Name }}
+ {{/* Special case for chart linting in helm3. DON"T NAME YOUR PRODUCTION RELEASE test-release */}}
+ {{- printf "testRelease" -}}
{{ else }}
{{ fail "masterPassword not provided" }}
{{ end }}
+{{/*
# Copyright © 2020 Samsung, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
+*/}}
{{ include "common.ingress" . }}
+{{/*
# Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{- if .Values.enabled }}
{{- range $kind, $enabled := .Values.hooks }}
{{- if $enabled }}
+{{/*
# Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{- if .Values.enabled }}
apiVersion: v1
kind: ConfigMap
+{{/*
# Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{- if .Values.enabled }}
{{ $role := "curator" -}}
{{ $suffix := $role -}}
+{{/*
# Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{- if and .Values.enabled .Values.psp.create }}
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
+{{/*
# Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{- if and .Values.enabled .Values.rbac.enabled }}
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
+{{/*
# Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{- if and .Values.enabled .Values.rbac.enabled }}
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
+{{/*
# Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{- if and .Values.enabled .Values.serviceAccount.create .Values.rbac.enabled }}
apiVersion: v1
kind: ServiceAccount
+{{/*
# Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{ include "common.replicaPV" (dict "dot" . "suffix" .Values.persistence.suffix )}}
+{{/*
# Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{- if .Values.serviceAccount.create }}
apiVersion: v1
kind: ServiceAccount
+{{/*
# Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
apiVersion: apps/v1
kind: StatefulSet
{{ $role := "data" -}}
+{{/*
# Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{ include "common.replicaPV" (dict "dot" . "suffix" .Values.persistence.suffix )}}
+{{/*
# Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{- if .Values.serviceAccount.create }}
+{{/*
# Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
apiVersion: apps/v1
kind: StatefulSet
+{{/*
# Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{ $role := "master" -}}
{{ $labels := (dict "role" $role) -}}
{{ $matchLabels := (dict "role" $role) }}
-{{ include "common.service" (dict "labels" $labels "matchLabels" $matchLabels "dot" . ) }}
\ No newline at end of file
+{{ include "common.service" (dict "labels" $labels "matchLabels" $matchLabels "dot" . ) }}
+{{/*
# Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
+{{/*
# Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{- if .Values.config }}
apiVersion: v1
kind: ConfigMap
+{{/*
# Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
apiVersion: apps/v1
kind: Deployment
{{ $role := "coordinating-only" -}}
+{{/*
# Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{ $role := "coordinating-only" -}}
{{ $labels := (dict "role" $role) -}}
+{{/*
# Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{- $matchLabels := (dict "discovery" (include "elasticsearch.clustername" .) "nameNoMatch" "useDiscoveryService") }}
{{ include "common.headlessService" (dict "matchLabels" $matchLabels "dot" .) }}
+{{/*
# Copyright © 2018 Amdocs, Bell Canada
# Copyright © 2019 Samsung Electronics
#
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{ include "common.secretFast" . }}
+{{/*
# Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{- if .Values.serviceAccount.create }}
apiVersion: v1
kind: ServiceAccount
+{{/*
# Copyright © 2018 Amdocs, Bell Canada, AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{- $global := . }}
{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }}
+{{/*
# Copyright 2019 Intel Corporation Inc
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
apiVersion: v1
kind: Service
+{{/*
# Copyright © 2019 Intel Corporation Inc
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
apiVersion: apps/v1
kind: StatefulSet
metadata:
+{{/*
# Copyright © 2019 Orange
# Modifications Copyright © 2018 AT&T
#
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
apiVersion: v1
kind: ConfigMap
+{{/*
# Copyright © 2019 Orange
# Copyright © 2020 Samsung Electronics
#
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{ include "mariadbInit._updateSecrets" . -}}
+{{/*
# Copyright © 2017 Amdocs, Bell Canada, Orange
# Copyright © 2020 Samsung Electronics
#
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{ include "mariadbInit._updateSecrets" . -}}
release: {{ include "common.release" . }}
heritage: {{ .Release.Service }}
spec:
- podAntiAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 1
- podAffinityTerm:
- labelSelector:
- matchExpressions:
- - key: app
- operator: In
- values:
- - {{ .Chart.Name }}
- topologyKey: kubernetes.io/hostname
serviceName: {{ include "common.servicename" . }}
replicas: {{ .Values.replicaCount }}
selector:
requests:
storage: {{ .Values.persistence.size | quote }}
{{- end }}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+{{/*
# Copyright © 2017-2020 AT&T, Amdocs, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
apiVersion: v1
kind: ConfigMap
+{{/*
# Copyright © 2017-2020 AT&T, Amdocs, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
apiVersion: apps/v1
kind: Deployment
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
resources:
-{{ toYaml .Values.resources | indent 12 }}
+{{ include "common.resources" . | indent 12 }}
env:
- name: SPRING_OPTS
value: "{{ .Values.springOpts }}"
+{{/*
# Copyright © 2020 AT&T, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{ include "common.secretFast" . }}
+{{/*
# Copyright © 2017-2020 AT&T, Amdocs, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
{{ include "common.service" . }}
heritage: {{ $dot.Release.Service }}
name: "{{ index $dot.Values "container" "name" $pgMode }}"
spec:
- serviceName: {{ $dot.Values.service.name }}
replicas: 1
selector:
matchLabels:
+{{/*
# Copyright © 2019 Amdocs, Bell Canada, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+*/}}
apiVersion: v1
kind: ConfigMap
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<java version="1.8.0_242" class="java.beans.XMLDecoder">
+ <object class="java.util.LinkedHashMap">
+ <void method="put">
+ <string>version</string>
+ <float>46.0</float>
+ </void>
+ <void method="put">
+ <string>type</string>
+ <int>1</int>
+ </void>
+ <void method="put">
+ <string>certversion</string>
+ <string>X509v3</string>
+ </void>
+ <void method="put">
+ <string>encodedvalidity</string>
+ <string>2y</string>
+ </void>
+ <void method="put">
+ <string>usecertificatevalidityoffset</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>certificatevalidityoffset</string>
+ <string>-10m</string>
+ </void>
+ <void method="put">
+ <string>useexpirationrestrictionforweekdays</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>expirationrestrictionforweekdaysbefore</string>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <string>expirationrestrictionweekdays</string>
+ <object class="java.util.ArrayList">
+ <void method="add">
+ <boolean>true</boolean>
+ </void>
+ <void method="add">
+ <boolean>true</boolean>
+ </void>
+ <void method="add">
+ <boolean>false</boolean>
+ </void>
+ <void method="add">
+ <boolean>false</boolean>
+ </void>
+ <void method="add">
+ <boolean>false</boolean>
+ </void>
+ <void method="add">
+ <boolean>true</boolean>
+ </void>
+ <void method="add">
+ <boolean>true</boolean>
+ </void>
+ </object>
+ </void>
+ <void method="put">
+ <string>allowvalidityoverride</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>allowextensionoverride</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>allowdnoverride</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>allowdnoverridebyeei</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>allowbackdatedrevokation</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>usecertificatestorage</string>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <string>storecertificatedata</string>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <string>storesubjectaltname</string>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <string>usebasicconstrants</string>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <string>basicconstraintscritical</string>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <string>usesubjectkeyidentifier</string>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <string>subjectkeyidentifiercritical</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>useauthoritykeyidentifier</string>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <string>authoritykeyidentifiercritical</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>usesubjectalternativename</string>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <string>subjectalternativenamecritical</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>useissueralternativename</string>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <string>issueralternativenamecritical</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>usecrldistributionpoint</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>usedefaultcrldistributionpoint</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>crldistributionpointcritical</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>crldistributionpointuri</string>
+ <string></string>
+ </void>
+ <void method="put">
+ <string>usefreshestcrl</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>usecadefinedfreshestcrl</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>freshestcrluri</string>
+ <string></string>
+ </void>
+ <void method="put">
+ <string>crlissuer</string>
+ <string></string>
+ </void>
+ <void method="put">
+ <string>usecertificatepolicies</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>certificatepoliciescritical</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>certificatepolicies</string>
+ <object class="java.util.ArrayList"/>
+ </void>
+ <void method="put">
+ <string>availablekeyalgorithms</string>
+ <object class="java.util.ArrayList">
+ <void method="add">
+ <string>DSA</string>
+ </void>
+ <void method="add">
+ <string>ECDSA</string>
+ </void>
+ <void method="add">
+ <string>RSA</string>
+ </void>
+ </object>
+ </void>
+ <void method="put">
+ <string>availableeccurves</string>
+ <object class="java.util.ArrayList">
+ <void method="add">
+ <string>ANY_EC_CURVE</string>
+ </void>
+ </object>
+ </void>
+ <void method="put">
+ <string>availablebitlengths</string>
+ <object class="java.util.ArrayList">
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>192</int>
+ </void>
+ <void method="add">
+ <int>224</int>
+ </void>
+ <void method="add">
+ <int>239</int>
+ </void>
+ <void method="add">
+ <int>256</int>
+ </void>
+ <void method="add">
+ <int>384</int>
+ </void>
+ <void method="add">
+ <int>512</int>
+ </void>
+ <void method="add">
+ <int>521</int>
+ </void>
+ <void method="add">
+ <int>1024</int>
+ </void>
+ <void method="add">
+ <int>1536</int>
+ </void>
+ <void method="add">
+ <int>2048</int>
+ </void>
+ <void method="add">
+ <int>3072</int>
+ </void>
+ <void method="add">
+ <int>4096</int>
+ </void>
+ <void method="add">
+ <int>6144</int>
+ </void>
+ <void method="add">
+ <int>8192</int>
+ </void>
+ </object>
+ </void>
+ <void method="put">
+ <string>minimumavailablebitlength</string>
+ <int>0</int>
+ </void>
+ <void method="put">
+ <string>maximumavailablebitlength</string>
+ <int>8192</int>
+ </void>
+ <void method="put">
+ <string>signaturealgorithm</string>
+ <null/>
+ </void>
+ <void method="put">
+ <string>usekeyusage</string>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <string>keyusage</string>
+ <object class="java.util.ArrayList">
+ <void method="add">
+ <boolean>true</boolean>
+ </void>
+ <void method="add">
+ <boolean>true</boolean>
+ </void>
+ <void method="add">
+ <boolean>true</boolean>
+ </void>
+ <void method="add">
+ <boolean>false</boolean>
+ </void>
+ <void method="add">
+ <boolean>false</boolean>
+ </void>
+ <void method="add">
+ <boolean>false</boolean>
+ </void>
+ <void method="add">
+ <boolean>false</boolean>
+ </void>
+ <void method="add">
+ <boolean>false</boolean>
+ </void>
+ <void method="add">
+ <boolean>false</boolean>
+ </void>
+ </object>
+ </void>
+ <void method="put">
+ <string>allowkeyusageoverride</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>keyusagecritical</string>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <string>useextendedkeyusage</string>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <string>extendedkeyusage</string>
+ <object class="java.util.ArrayList">
+ <void method="add">
+ <string>1.3.6.1.5.5.7.3.2</string>
+ </void>
+ <void method="add">
+ <string>1.3.6.1.5.5.7.3.4</string>
+ </void>
+ <void method="add">
+ <string>1.3.6.1.5.5.7.3.1</string>
+ </void>
+ </object>
+ </void>
+ <void method="put">
+ <string>extendedkeyusagecritical</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>usedocumenttypelist</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>documenttypelistcritical</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>documenttypelist</string>
+ <object class="java.util.ArrayList"/>
+ </void>
+ <void method="put">
+ <string>availablecas</string>
+ <object class="java.util.ArrayList">
+ <void method="add">
+ <int>-1</int>
+ </void>
+ </object>
+ </void>
+ <void method="put">
+ <string>usedpublishers</string>
+ <object class="java.util.ArrayList"/>
+ </void>
+ <void method="put">
+ <string>useocspnocheck</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>useldapdnorder</string>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <string>usecustomdnorder</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>usemicrosofttemplate</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>microsofttemplate</string>
+ <string></string>
+ </void>
+ <void method="put">
+ <string>usecardnumber</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>usecnpostfix</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>cnpostfix</string>
+ <string></string>
+ </void>
+ <void method="put">
+ <string>usesubjectdnsubset</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>subjectdnsubset</string>
+ <object class="java.util.ArrayList"/>
+ </void>
+ <void method="put">
+ <string>usesubjectaltnamesubset</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>subjectaltnamesubset</string>
+ <object class="java.util.ArrayList"/>
+ </void>
+ <void method="put">
+ <string>usepathlengthconstraint</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>pathlengthconstraint</string>
+ <int>0</int>
+ </void>
+ <void method="put">
+ <string>useqcstatement</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>usepkixqcsyntaxv2</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>useqcstatementcritical</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>useqcstatementraname</string>
+ <string></string>
+ </void>
+ <void method="put">
+ <string>useqcsematicsid</string>
+ <string></string>
+ </void>
+ <void method="put">
+ <string>useqcetsiqccompliance</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>useqcetsisignaturedevice</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>useqcetsivaluelimit</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>qcetsivaluelimit</string>
+ <int>0</int>
+ </void>
+ <void method="put">
+ <string>qcetsivaluelimitexp</string>
+ <int>0</int>
+ </void>
+ <void method="put">
+ <string>qcetsivaluelimitcurrency</string>
+ <string></string>
+ </void>
+ <void method="put">
+ <string>useqcetsiretentionperiod</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>qcetsiretentionperiod</string>
+ <int>0</int>
+ </void>
+ <void method="put">
+ <string>useqccustomstring</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>qccustomstringoid</string>
+ <string></string>
+ </void>
+ <void method="put">
+ <string>qccustomstringtext</string>
+ <string></string>
+ </void>
+ <void method="put">
+ <string>qcetsipds</string>
+ <null/>
+ </void>
+ <void method="put">
+ <string>qcetsitype</string>
+ <null/>
+ </void>
+ <void method="put">
+ <string>usecertificatetransparencyincerts</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>usecertificatetransparencyinocsp</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>usecertificatetransparencyinpublisher</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>usesubjectdirattributes</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>usenameconstraints</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>useauthorityinformationaccess</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>caissuers</string>
+ <object class="java.util.ArrayList"/>
+ </void>
+ <void method="put">
+ <string>usedefaultcaissuer</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>usedefaultocspservicelocator</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>ocspservicelocatoruri</string>
+ <string></string>
+ </void>
+ <void method="put">
+ <string>cvcaccessrights</string>
+ <int>3</int>
+ </void>
+ <void method="put">
+ <string>usedcertificateextensions</string>
+ <object class="java.util.ArrayList"/>
+ </void>
+ <void method="put">
+ <string>approvals</string>
+ <object class="java.util.LinkedHashMap">
+ <void method="put">
+ <object class="java.lang.Enum" method="valueOf">
+ <class>org.cesecore.certificates.ca.ApprovalRequestType</class>
+ <string>REVOCATION</string>
+ </object>
+ <int>-1</int>
+ </void>
+ <void method="put">
+ <object class="java.lang.Enum" method="valueOf">
+ <class>org.cesecore.certificates.ca.ApprovalRequestType</class>
+ <string>KEYRECOVER</string>
+ </object>
+ <int>-1</int>
+ </void>
+ <void method="put">
+ <object class="java.lang.Enum" method="valueOf">
+ <class>org.cesecore.certificates.ca.ApprovalRequestType</class>
+ <string>ADDEDITENDENTITY</string>
+ </object>
+ <int>-1</int>
+ </void>
+ </object>
+ </void>
+ <void method="put">
+ <string>useprivkeyusageperiodnotbefore</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>useprivkeyusageperiod</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>useprivkeyusageperiodnotafter</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>privkeyusageperiodstartoffset</string>
+ <long>0</long>
+ </void>
+ <void method="put">
+ <string>privkeyusageperiodlength</string>
+ <long>63072000</long>
+ </void>
+ <void method="put">
+ <string>usesingleactivecertificateconstraint</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>overridableextensionoids</string>
+ <object class="java.util.LinkedHashSet"/>
+ </void>
+ <void method="put">
+ <string>nonoverridableextensionoids</string>
+ <object class="java.util.LinkedHashSet"/>
+ </void>
+ <void method="put">
+ <string>allowcertsnoverride</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>usecustomdnorderldap</string>
+ <boolean>false</boolean>
+ </void>
+ </object>
+</java>
ejbca.sh config cmp updatealias --alias cmpRA --key operationmode --value ra
ejbca.sh ca editca --caname ManagementCA --field cmpRaAuthSecret --value ${RA_IAK}
ejbca.sh config cmp updatealias --alias cmpRA --key responseprotection --value pbe
+ #Custom EJBCA cert profile and endentity are imported to allow issuing certificates with correct extended usage (containing serverAuth)
+ ejbca.sh ca importprofiles -d /opt/primekey/custom_profiles
+ #Profile name taken from certprofile filename (certprofile_<profile-name>-<id>.xml)
+ ejbca.sh config cmp updatealias --alias cmpRA --key ra.certificateprofile --value CUSTOM_ENDUSER
+ #ID taken from entityprofile filename (entityprofile_<profile-name>-<id>.xml)
+ ejbca.sh config cmp updatealias --alias cmpRA --key ra.endentityprofileid --value 1356531849
ejbca.sh config cmp dumpalias --alias cmpRA
ejbca.sh config cmp addalias --alias cmp
ejbca.sh config cmp updatealias --alias cmp --key allowautomatickeyupdate --value true
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<java version="1.8.0_242" class="java.beans.XMLDecoder">
+ <object class="java.util.LinkedHashMap">
+ <void method="put">
+ <string>version</string>
+ <float>14.0</float>
+ </void>
+ <void method="put">
+ <string>NUMBERARRAY</string>
+ <object class="java.util.ArrayList">
+ <void method="add">
+ <int>1</int>
+ </void>
+ <void method="add">
+ <int>1</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>1</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>1</int>
+ </void>
+ <void method="add">
+ <int>1</int>
+ </void>
+ <void method="add">
+ <int>1</int>
+ </void>
+ <void method="add">
+ <int>1</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>1</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>3</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>1</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>1</int>
+ </void>
+ <void method="add">
+ <int>1</int>
+ </void>
+ <void method="add">
+ <int>1</int>
+ </void>
+ <void method="add">
+ <int>1</int>
+ </void>
+ <void method="add">
+ <int>1</int>
+ </void>
+ <void method="add">
+ <int>1</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>1</int>
+ </void>
+ <void method="add">
+ <int>1</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>1</int>
+ </void>
+ <void method="add">
+ <int>1</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>1</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>1</int>
+ </void>
+ <void method="add">
+ <int>1</int>
+ </void>
+ <void method="add">
+ <int>1</int>
+ </void>
+ <void method="add">
+ <int>1</int>
+ </void>
+ <void method="add">
+ <int>1</int>
+ </void>
+ <void method="add">
+ <int>1</int>
+ </void>
+ <void method="add">
+ <int>1</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ <void method="add">
+ <int>0</int>
+ </void>
+ </object>
+ </void>
+ <void method="put">
+ <string>SUBJECTDNFIELDORDER</string>
+ <object class="java.util.ArrayList">
+ <void method="add">
+ <int>500</int>
+ </void>
+ <void method="add">
+ <int>1100</int>
+ </void>
+ <void method="add">
+ <int>1200</int>
+ </void>
+ <void method="add">
+ <int>1300</int>
+ </void>
+ <void method="add">
+ <int>1400</int>
+ </void>
+ <void method="add">
+ <int>1600</int>
+ </void>
+ </object>
+ </void>
+ <void method="put">
+ <string>SUBJECTALTNAMEFIELDORDER</string>
+ <object class="java.util.ArrayList">
+ <void method="add">
+ <int>1800</int>
+ </void>
+ <void method="add">
+ <int>1801</int>
+ </void>
+ <void method="add">
+ <int>1802</int>
+ </void>
+ </object>
+ </void>
+ <void method="put">
+ <string>SUBJECTDIRATTRFIELDORDER</string>
+ <object class="java.util.ArrayList"/>
+ </void>
+ <void method="put">
+ <int>0</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20000</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>10000</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>30000</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>1</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20001</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>10001</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>30001</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>95</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20095</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>10095</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>30095</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>96</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20096</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>10096</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>30096</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>5</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20005</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>10005</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>30005</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>26</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20026</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>10026</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>30026</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>29</int>
+ <string>1834889499</string>
+ </void>
+ <void method="put">
+ <int>20029</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>10029</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>30029</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>30</int>
+ <string>1834889499</string>
+ </void>
+ <void method="put">
+ <int>20030</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>10030</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>30030</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>31</int>
+ <string>1</string>
+ </void>
+ <void method="put">
+ <int>20031</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>10031</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>30031</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>32</int>
+ <string>1;2;3;4</string>
+ </void>
+ <void method="put">
+ <int>20032</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>10032</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>30032</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>33</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20033</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>10033</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>30033</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>34</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20034</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>10034</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>30034</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>38</int>
+ <string>1</string>
+ </void>
+ <void method="put">
+ <int>20038</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>10038</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>30038</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>37</int>
+ <string>-477565695</string>
+ </void>
+ <void method="put">
+ <int>20037</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>10037</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>30037</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>98</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20098</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>10098</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>30098</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>99</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20099</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>10099</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>30099</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>97</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20097</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>10097</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>30097</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>91</int>
+ <string>false</string>
+ </void>
+ <void method="put">
+ <int>20091</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>10091</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>30091</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>94</int>
+ <string>-1</string>
+ </void>
+ <void method="put">
+ <int>20094</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>10094</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>30094</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>93</int>
+ <string>-1</string>
+ </void>
+ <void method="put">
+ <int>20093</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>10093</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>30093</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>89</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20089</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>10089</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>30089</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>88</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20088</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>10088</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>30088</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <string>ALLOW_MERGEDN_WEBSERVICES</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>2</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20002</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>10002</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>10090</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>90</int>
+ <string>0</string>
+ </void>
+ <void method="put">
+ <string>REVERSEFFIELDCHECKS</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>28</int>
+ <string>false</string>
+ </void>
+ <void method="put">
+ <int>20028</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>10028</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>REUSECERTIFICATE</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>35</int>
+ <string>false</string>
+ </void>
+ <void method="put">
+ <int>20035</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>10035</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>10092</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>USEEXTENSIONDATA</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>PRINTINGUSE</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>PRINTINGDEFAULT</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>PRINTINGREQUIRED</string>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <string>PRINTINGCOPIES</string>
+ <int>1</int>
+ </void>
+ <void method="put">
+ <string>PRINTINGPRINTERNAME</string>
+ <string></string>
+ </void>
+ <void method="put">
+ <string>PRINTINGSVGDATA</string>
+ <string></string>
+ </void>
+ <void method="put">
+ <string>PRINTINGSVGFILENAME</string>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>11</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20011</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>10011</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>30011</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>12</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20012</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>10012</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>30012</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>13</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20013</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>10013</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>30013</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>14</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20014</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>10014</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>30014</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>16</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20016</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>10016</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>30016</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>18</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20018</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>10018</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>30018</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>118</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20118</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>10118</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>30118</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>218</int>
+ <string></string>
+ </void>
+ <void method="put">
+ <int>20218</int>
+ <boolean>false</boolean>
+ </void>
+ <void method="put">
+ <int>10218</int>
+ <boolean>true</boolean>
+ </void>
+ <void method="put">
+ <int>30218</int>
+ <boolean>true</boolean>
+ </void>
+ </object>
+</java>
name: "{{ include "common.fullname" . }}-config-script"
data:
{{ tpl (.Files.Glob "resources/ejbca-config.sh").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: "{{ include "common.fullname" . }}-profiles"
+data:
+{{ tpl (.Files.Glob "resources/certprofile_CUSTOM_ENDUSER-1834889499.xml").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/entityprofile_Custom_EndEntity-1356531849.xml").AsConfig . | indent 2 }}
volumeMounts:
- name: "{{ include "common.fullname" . }}-volume"
mountPath: /opt/primekey/scripts/
+ - name: "{{ include "common.fullname" . }}-profiles-volume"
+ mountPath: /opt/primekey/custom_profiles/
ports: {{ include "common.containerPorts" . | nindent 10 }}
env:
- name: INITIAL_ADMIN
name: "{{ include "common.fullname" . }}-config-script"
defaultMode: 0755
name: "{{ include "common.fullname" . }}-volume"
+ - configMap:
+ name: "{{ include "common.fullname" . }}-profiles"
+ defaultMode: 0755
+ name: "{{ include "common.fullname" . }}-profiles-volume"
mountSubPath: multicloud-k8s/mongo/data
enabled: true
disableNfsProvisioner: true
+ flavor: &storage_flavor large
+ resources: &storage_resources
+ small:
+ limits:
+ cpu: 100m
+ memory: 300Mi
+ requests:
+ cpu: 10m
+ memory: 75Mi
+ large:
+ limits:
+ cpu: 200m
+ memory: 1Gi
+ requests:
+ cpu: 50m
+ memory: 300Mi
+ unlimited: {}
#etcd chart overrides for k8splugin
etcd:
persistence:
mountSubPath: multicloud-k8s/etcd/data
enabled: true
+ flavor: *storage_flavor
+ resources: *storage_resources
# No persistence right now as we rely on Mongo to handle that
persistence:
nodePortPrefix: 302
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
- artifactImage: onap/multicloud/framework-artifactbroker:1.5.1
+ artifactImage: onap/multicloud/framework-artifactbroker:1.6.0
prometheus:
enabled: false
persistence: {}
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/multicloud/framework:1.5.1
+image: onap/multicloud/framework:1.6.0
pullPolicy: Always
#Istio sidecar injection policy
-# Copyright © 2017 Amdocs, AT&T, Bell Canada, VMware
+# Copyright © 2020 Samsung Electronics
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
-make-has:
- cd charts && helm dep up oof-has
- cd charts && helm dep up oof-cmso
+ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+OUTPUT_DIR := $(ROOT_DIR)/../dist
+PACKAGE_DIR := $(OUTPUT_DIR)/packages
+SECRET_DIR := $(OUTPUT_DIR)/secrets
+
+EXCLUDES := dist resources templates charts docker
+HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+
+.PHONY: $(EXCLUDES) $(HELM_CHARTS)
+
+all: $(HELM_CHARTS)
+
+$(HELM_CHARTS):
+ @echo "\n[$@]"
+ @make package-$@
+
+make-%:
+ @if [ -f $*/Makefile ]; then make -C $*; fi
+
+dep-%: make-%
+ @if [ -f $*/requirements.yaml ]; then helm dep up $*; fi
+
+lint-%: dep-%
+ @if [ -f $*/Chart.yaml ]; then helm lint $*; fi
+
+package-%: lint-%
+ @mkdir -p $(PACKAGE_DIR)
+ @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+ @helm repo index $(PACKAGE_DIR)
clean:
- @find . -type f -name '*.tgz' -delete
- @find . -type f -name '*.lock' -delete
+ @rm -f */requirements.lock
+ @rm -f *tgz */charts/*tgz
+ @rm -rf $(PACKAGE_DIR)
+%:
+ @:
+++ /dev/null
- # -------------------------------------------------------------------------
- # Copyright (c) 2019 AT&T Intellectual Property
- #
- # Licensed under the Apache License, Version 2.0 (the "License");
- # you may not use this file except in compliance with the License.
- # You may obtain a copy of the License at
- #
- # http://www.apache.org/licenses/LICENSE-2.0
- #
- # Unless required by applicable law or agreed to in writing, software
- # distributed under the License is distributed on an "AS IS" BASIS,
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- # See the License for the specific language governing permissions and
- # limitations under the License.
- #
- # -------------------------------------------------------------------------
- #
-
-aaf_id=oof@oof.onap.org
-aaf_password=demo123456!
-cadi_keyfile=/share/etc/certs/org.onap.oof.keyfile
-cadi_truststore=/share/etc/certs//truststoreONAPall.jks
+++ /dev/null
-dX1X5XcwStbiOmKV2k-px6nukVP3Ucg3mB6Rx3IyAyAQOZx8nU-TBK9kOV635VI5559pLF6z7jGR
-BcBfEgQtiO93vGKsSfkiVjorFz5UDqqXvoW6kFz4yQHBYR8cfFIRQ4L6mitfrs6gsM0d7CBqBz29
-I5lyzeSzmaPmJDP92jw--y3cvGRYYNLGvl3U3IIeCFX9IkDY29OZazaQaihAZx2trjLZKEeuzLN1
-6JQGbKEqCCRzZ46TXnH1DKRPxxV2aNzb_3I8402XUmlGBPf0Ucyj2wlBWrSApVVaxKKIEgIjf7vs
-x2fEMD-ye--2MkalDZ6Tm_x75GFKiia7Uc2fBBb4xHGZZEmKTh4php1Gu3v1bVY8hjXXVTpF-WXm
-cm9T4uczm_CgnKE4PtqLnYQg87LI8ONbWIE5jkgu1D4lhWkzO8nMrQlnFT0HlB-CRGu_xRsIWvnc
-bTA8K4iKJMHm7IhRfrBFNRBSq8AH_9LoUfTQ62C-Nt8g6Wu7ox6fO_dus1S9H9ndNzos31IVrn1h
-5QHxuBCUORISWjGoEQSM6spz3pyvbNMgKpkkg2izwXzDwc3RbqOgiSY8WtpKXuWceU-Ltl_npFpO
-O1suykGF6fnuql87ERJ7mcEiNd8L2_GuxTr-0YbbWgCK2IBDyfNc6ayTcjN0huoF72umE0ODQ0aK
-0HUAWAV4W6cWXEj7iOpMx1jkDURbWEdPetlz-LZKv7aN3s65Cl4Nib7ltWrs9ilP5J-KUKTkUPpM
-poBWXVZf4IjNx3H2KFzdLeGSXO3kG46tQDeeloFuY2yk1FWeyS9xLS60H2komdIW6qRVVBzeJHRN
-7dYMK5AhAgOghhe5XBhH1yHVdjLJuOMXPRrXe8dTyNU6fD1rHuvGukwSLW9lXsQkJBENfsIxY-At
--j6Gm54G_Dz5k7tu7ThpCREVxNoBDMOBC_RemS0P-pqHSEpxEc0OjLQbVSPBQRa3eaRiqLMz_dop
-FGJt56UE73Qn0HWQw16lSdKSDtuSlByEwbQ8fRFN6e2f6DCHwW81kPpfJBcoPgO4RcoazNfbLXGI
-c3q9SSpOy6r33lPT8ZigURWiNqgO2NgWswAhaN1lllbXooQxhmTnokTxi8lbQ45ZMI0n5TKFJVAB
-TtEpi4VESECsda-Rlt2w-SE9QMSSxbdYcoMutupHoj2EuRcEDAW9ghLcfBqBkGapS_Vk-E7VYBqT
-mCzuKx5WdvNj9RFCIHq7U6axpddRd7XGgKhQwyLo075DLlpULcXjHegh2Dv_U-CgwMc7J4NfCNYL
-atLIkKAhxiaHt7nkhSVKsJK89-7_NQd-OubYnUNMREoEBJautCFfyiL5fooEb2Vdu1S-27fAYk3f
-9Zv4j_lwldSGBkNZg8vKGsSLgl9acdXld_zyUI9iGe-cj5eibI7LLpaxRL9UyBJWvElyDdTQvTZL
-DdpWmy3QF9GUGx0AwZixPixXdIHmmu2yOu1kFqNAjHqfVfoyNETlGrQRM5IPQ6RmBhWC3Iv5mSNA
-FZ0J95bvy9_HS718wAhlEiw4B6FGnTR8KZozfOtr2ihh8QybBgvvJrs-68RIB56gWyavbn-aAnXi
-zTI1YYCVzBDVv4XPzqK4itVl5gPb3KCHPUSlrVhkPLXAUix3b4-nu4pk8veAE1CYZCIy_GqPNUOT
-LqLl4-WMHodF7SLNzvPSqgolCC1TjnuO1ysOHlK86W7nZPyrpnideiLbGs6G51cG0pIcDIyWNm6d
-9TXQTiRx87cZxRxEEFz57ftjqy3qhg_sw2ziFWOeItEO6OaOgwfH2OtMToeBWiJepyfG1eB4n7jH
-OsTQLSvCt2gHI1zXyCtYBZKeZI2dxO6cOdh5ljIuS0rABHe1BP2ZkKmJIXoEPFstJlAz4GPaghL4
-8rCndhdyoW7CayzBAAe5balYq63qjqUD_eOIp-pHcEe0Mfbmzu4CDSK8-40Qia6ApskFsRCkzu1V
-Pf1fH6-3rvQZFqt6irr_7HWUFhGRcXw9kBOy8h24nTawv-L6eydW5iX0pwRMz_QfHo_Krm6O
\ No newline at end of file
+++ /dev/null
- # -------------------------------------------------------------------------
- # Copyright (c) 2019 AT&T Intellectual Property
- #
- # Licensed under the Apache License, Version 2.0 (the "License");
- # you may not use this file except in compliance with the License.
- # You may obtain a copy of the License at
- #
- # http://www.apache.org/licenses/LICENSE-2.0
- #
- # Unless required by applicable law or agreed to in writing, software
- # distributed under the License is distributed on an "AS IS" BASIS,
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- # See the License for the specific language governing permissions and
- # limitations under the License.
- #
- # -------------------------------------------------------------------------
- #
-
-cadi_latitude=0.00
-cadi_longitude=0.00
+++ /dev/null
- # -------------------------------------------------------------------------
- # Copyright (c) 2019 AT&T Intellectual Property
- #
- # Licensed under the Apache License, Version 2.0 (the "License");
- # you may not use this file except in compliance with the License.
- # You may obtain a copy of the License at
- #
- # http://www.apache.org/licenses/LICENSE-2.0
- #
- # Unless required by applicable law or agreed to in writing, software
- # distributed under the License is distributed on an "AS IS" BASIS,
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- # See the License for the specific language governing permissions and
- # limitations under the License.
- #
- # -------------------------------------------------------------------------
- #
-
-aaf_id=oof@oof.onap.org
-aaf_locate_url=https://aaf-locate:8095
-aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1
-cadi_etc_dir=/share/etc/certs/
-cadi_latitude=0.00
-cadi_longitude=0.00
-cadi_prop_files=/share/etc/certs/org.onap.oof.location.props:/share/etc/certs/org.onap.oof.cred.props
-cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIIFEDCCA/igAwIBAgIILW/fiLbps5cwDQYJKoZIhvcNAQELBQAwRzELMAkGA1UE
-BhMCVVMxDTALBgNVBAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMRkwFwYDVQQDDBBp
-bnRlcm1lZGlhdGVDQV85MB4XDTIwMDQwNDE4NDMxNloXDTIxMDQwNDE4NDMxNlow
-XjERMA8GA1UEAwwIb29mLm9uYXAxHTAbBgNVBAsMFG9vZkBvb2Yub25hcC5vcmc6
-REVWMQ4wDAYDVQQLDAVPU0FBRjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv9ebvHIAgYYtJZDvxwDLR
-UlCLQutOCosckzgWIwCL9JCJcd+4vMhGnT/zoKckm3koTOV4rB4Cfnf+CLYpRbLQ
-IlLUopRs7ZQZNNyYm3l6ygi3IrW9MldUd2U1MnFZDpV4dEW67rDbCjz8MS2XrnxB
-HpCzyxXvm5Uzf/U5J48fdhlJU2U00D89lCy9dRLOg7Jk2R8cn8BG2bCKGUfEjKb+
-LL9EqdJrGXstZii2OLsByQIEZuL5fv2wLh9m6m55wA+wKOS3aEkqiHaHKfVxm1ZH
-hvP5zkkkex/hH1OEkTQCIzHuJnBZMr4bT1keLf4kBWrnM4zEQgGuxS2guGQUGsib
-AgMBAAGjggHnMIIB4zAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIF4DAgBgNVHSUB
-Af8EFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwVAYDVR0jBE0wS4AUgfeZWxC5yIze
-81Je6k5poEM+rN2hMKQuMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQ
-MQswCQYDVQQGEwJVU4IBBzAdBgNVHQ4EFgQUkjCndmbyBIsg2xtiFYgeONQa8Ysw
-ggEtBgNVHREEggEkMIIBIIEfbWFyay5kLm1hbmFnZXJAcGVvcGxlLm9zYWFmLmNv
-bYIIb29mLm9uYXCCCWNtc28tb25hcIIcY21zby5hcGkuc2ltcGxlZGVtby5vbmFw
-Lm9yZ4IJY21zby5vbmFwgghvb2YtY21zb4ISb29mLWNtc28tb3B0aW1pemVyghJv
-b2YtY21zby10aWNrZXRtZ3SCEW9vZi1jbXNvLXRvcG9sb2d5ggtvb2YtaGFzLWFw
-aYIQb29mLWhhcy1hcGkub25hcIIIb29mLW9uYXCCCm9vZi1vcHRlbmeCD29vZi1v
-cHRlbmcub25hcIIIb29mLW9zZGaCDW9vZi1vc2RmLm9uYXCCG29vZi5hcGkuc2lt
-cGxlZGVtby5vbmFwLm9yZzANBgkqhkiG9w0BAQsFAAOCAQEAHoAD6tRvFPAtUfkU
-FsTO2p7lftMld0CzeAWfEln9vBXwr0ZGdNTP2TWJAcenIE1cwJavyQuDc3sZ4Z20
-/pOz1/oic9gnlVFe46/KRcwVUVXBU1EJlXB2UPU/v4MNrkWUcgqzEcxfKmBWl/My
-7OlQFc7zAeqZw6XtnaLzMipaXg98M7sWnfS4t116wfwmHIkP2RY7dAp1XAbzOW+X
-koFvfuj6MljxEzy8oc90SxhQHWNhWH73FxW0MuP+qf6x5PRciXIq6NJOrkG91Z0L
-mksGtWU58Y7uP9DzcxaOB4cv3UpK4rx//IUnAN4/aDxLq566A5qj21ftMhHlCFg5
-GsHFjQ==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEdTCCAl2gAwIBAgIBBzANBgkqhkiG9w0BAQsFADAsMQ4wDAYDVQQLDAVPU0FB
-RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMwHhcNMTgwODE3MTg1MTM3WhcN
-MjMwODE3MTg1MTM3WjBHMQswCQYDVQQGEwJVUzENMAsGA1UECgwET05BUDEOMAwG
-A1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVkaWF0ZUNBXzkwggEiMA0GCSqG
-SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv0HHUkba3uNtNI3jPKimUcd6RNwmhSCJL
-neMWpnjqp5/A+HCKyNsEaT4y177hNLmCm/aMm1u2JIfikc+8wEqLCSBBPz+P0h+d
-o+sZ7U+4oeQizdYYpEdzHJ2SieHHa8vtu80rU3nO2NEIkuYC20HcKSEtl8fFKsk3
-nqlhY+tGfYJPTXcDOQAO40BTcgat3C3uIJHkWJJ4RivunE4LEuRv9QyKgAw7rkJV
-v+f7guqpZlXy6dzAkuU7XULWcgo55MkZlssoiErMvEZJad5aWKvRY3g7qUjaQ6wO
-15wOAUoRBW96eeZZbytgn8kybcBy++Ue49gPtgm1MF/KlAsp0MD5AgMBAAGjgYYw
-gYMwHQYDVR0OBBYEFIH3mVsQuciM3vNSXupOaaBDPqzdMB8GA1UdIwQYMBaAFFNV
-M/JL69BRscF4msEoMXvv6u1JMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/
-BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B
-AQsFAAOCAgEADxNymiCNr2e37iLReoaxKmZvwox0cTiNAaj7iafRzmwIoY3VXO8Q
-ix5IYcp4FaQ7fV1jyp/AmaSnyHf6Osl0sx8PxsQkO7ALttxKUrjfbvNSVUA2C/vl
-u5m7UVJLIUtFDZBWanzUSmkTsYLHpiANFQKd2c/cU1qXcyzgJVFEFVyyHNkF7Is+
-+pjG9M1hwQHOoTnEuU013P7X1mHek+RXEfhJWwe7UsZnBKZaZKbQZu7hEtqKWYp/
-QsHgnjoLYXsh0WD5rz/mBxdTdDLGpFqWDzDqb8rsYnqBzoowvsasV8X8OSkov0Ht
-8Yka0ckFH9yf8j1Cwmbl6ttuonOhky3N/gwLEozuhy7TPcZGVyzevF70kXy7g1CX
-kpFGJyEHXoprlNi8FR4I+NFzbDe6a2cFow1JN19AJ9Z5Rk5m7M0mQPaQ4RcikjB3
-aoLsASCJTm1OpOFHfxEKiBW4Lsp3Uc5/Rb9ZNbfLrwqWZRM7buW1e3ekLqntgbky
-uKKISHqVJuw/vXHl1jNibEo9+JuQ88VNuAcm7WpGUogeCa2iAlPTckPZei+MwZ8w
-tpvxTyYlZEC8DWzY1VC29+W2N5cvh01e2E3Ql08W1zL63dqrgdEZ3VWjzooYi4ep
-BmMXTvouW+Flyvcw/0oTcfN0biDIt0mCkZ5CQVjfGL9DTOYteR5hw+k=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFPjCCAyagAwIBAgIJAJ6u7cCnzrWdMA0GCSqGSIb3DQEBCwUAMCwxDjAMBgNV
-BAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzAeFw0xODA0MDUx
-NDE1MjhaFw0zODAzMzExNDE1MjhaMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQK
-DARPTkFQMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
-ggIBAMA5pkgRs7NhGG4ew5JouhyYakgYUyFaG121+/h8qbSdt0hVQv56+EA41Yq7
-XGie7RYDQK9NmAFF3gruE+6X7wvJiChp+Cyd7sFMnb65uWhxEdxWTM2BJFrgfzUn
-H8ZCxgaCo3XH4PzlKRy2LQQJEJECwl/RZmRCXijMt5e9h8XoZY/fKkKcZZUsWNCM
-pTo266wjvA9MXLmdgReRj0+vrCjrNqy+htwJDztoiHWiYPqT6o8EvGcgjNqjlZx7
-NUNf8MfLDByqKF6+wRbHv1GKjn3/Vijd45Fv8riyRYROiFanvbV6jIfBkv8PZbXg
-2VDWsYsgp8NAvMxK+iV8cO+Ck3lBI2GOPZbCEqpPVTYbLUz6sczAlCXwQoPzDIZY
-wYa3eR/gYLY1gP2iEVHORag3bLPap9ZX5E8DZkzTNTjovvLk8KaCmfcaUMJsBtDd
-ApcUitz10cnRyZc1sX3gE1f3DpzQM6t9C5sOVyRhDcSrKqqwb9m0Ss04XAS9FsqM
-P3UWYQyqDXSxlUAYaX892u8mV1hxnt2gjb22RloXMM6TovM3sSrJS0wH+l1nznd6
-aFXftS/G4ZVIVZ/LfT1is4StoyPWZCwwwly1z8qJQ/zhip5NgZTxQw4mi7ww35DY
-PdAQOCoajfSvFjqslQ/cPRi/MRCu079heVb5fQnnzVtnpFQRAgMBAAGjYzBhMB0G
-A1UdDgQWBBRTVTPyS+vQUbHBeJrBKDF77+rtSTAfBgNVHSMEGDAWgBRTVTPyS+vQ
-UbHBeJrBKDF77+rtSTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAN
-BgkqhkiG9w0BAQsFAAOCAgEAPx/IaK94n02wPxpnYTy+LVLIxwdq/kawNd6IbiMz
-L87zmNMDmHcGbfoRCj8OkhuggX9Lx1/CkhpXimuYsZOFQi5blr/u+v4mIbsgbmi9
-7j+cUHDP0zLycvSvxKHty51LwmaX9a4wkJl5zBU4O1sd/H9tWcEmwJ39ltKoBKBx
-c94Zc3iMm5ytRWGj+0rKzLDAXEWpoZ5bE5PLJauA6UDCxDLfs3FwhbS7uDggxYvf
-jySF5FCNET94oJ+m8s7VeHvoa8iPGKvXrIqdd7XDHnqJJlVKr7m9S0fMbyEB8ci2
-RtOXDt93ifY1uhoEtEykn4dqBSp8ezvNMnwoXdYPDvTd9uCAFeWFLVreBAWxd25h
-PsBTkZA5hpa/rA+mKv6Af4VBViYr8cz4dZCsFChuioVebe9ighrfjB//qKepFjPF
-CyjzKN1u0JKm/2x/ORqxkTONG8p3uDwoIOyimUcTtTMv42bfYD88RKakqSFXE9G+
-Z0LlaKABqfjK49o/tsAp+c5LoNlYllKhnetO3QAdraHwdmC36BhoghzR1jpX751A
-cZn2VH3Q4XKyp01cJNCJIrua+A+bx6zh3RyW6zIIkbRCbET+UD+4mr8WIcSE3mtR
-ZVlnhUDO4z9//WKMVzwS9Rh8/kuszrGFI1KQozXCHLrce3YP6RYZfOed79LXaRwX
-dYY=
------END CERTIFICATE-----
-
-
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCv9ebvHIAgYYtJ
-ZDvxwDLRUlCLQutOCosckzgWIwCL9JCJcd+4vMhGnT/zoKckm3koTOV4rB4Cfnf+
-CLYpRbLQIlLUopRs7ZQZNNyYm3l6ygi3IrW9MldUd2U1MnFZDpV4dEW67rDbCjz8
-MS2XrnxBHpCzyxXvm5Uzf/U5J48fdhlJU2U00D89lCy9dRLOg7Jk2R8cn8BG2bCK
-GUfEjKb+LL9EqdJrGXstZii2OLsByQIEZuL5fv2wLh9m6m55wA+wKOS3aEkqiHaH
-KfVxm1ZHhvP5zkkkex/hH1OEkTQCIzHuJnBZMr4bT1keLf4kBWrnM4zEQgGuxS2g
-uGQUGsibAgMBAAECggEAZFnZWoTmjZET3sdLaJQ0ZyyKwuFnURqyO5m6YuWTaj4Q
-MFLBRJplneAQmOEGcdo5PsKcHDYM5185D6foO6GEWS86Dgqqm3TjAX0kUeRZY63V
-SpyBCWWsaH+vOKeL/T5UAF5PZky6kDFGlo11cwwP0ROdcuxflkck0DopoG7vMQE0
-XvOWDn9z7WLu6hph7RnweW5Wou3VG2WSlE8i7gngAExxRFs2RxUr3UHooUX0pLOY
-Qk/ofsWB6AhMD02BAIgKEWZK33+uTHUchbm3zA1sAx8vXoA5G9uSh/E+YnXbt3D0
-0wrHIJy+BW3f4WfGc7tE3HpsnLsnUwBV48DvG/zAAQKBgQD4HshYjEkT4WAVnzbe
-FaivRh67sFqHvkpSA4gmNdot1Q4MeZ1I5u2lKBntbxyk72m/zA/7qw2h1PT2r430
-XA2/cV+YHCiTbPqfm0Lj+w0ht+RmF3VQB1uHWjsVvybPIeuwVLZ3hgu2Tl2oDCKd
-8bKLpvj4fwZRxbp3G5VjuQztiwKBgQC1jHYVaUHkekshHG0HFPBKAEU8urSeKzoD
-Y7SyrDLQwx3rqhY3v0VZntjnT47JEThECunl5Aun0YJyMs12Ex0zI7ciC9WIgbHx
-Qhs/46uhKPuiEHzBsET6CX7wDBJMBIN6HrNMsSdCTmWZu6LGJSlHasEXnmKsTngF
-nYdBeQATMQKBgGMvOvtaqOPPli9OhApnMhVOvH5e0vGsed0rGEPeByeHIaSPAPbh
-iWIaE7M8VYEBS46mLkV2bW6hyILMTry+B6jd007lArtcNxuSXzzvYKJ39k9xVS32
-ovoKcdARp5vpfWPxmTdSWGA6F2pT34qv0aXNy3zamlYZ6p4uYpuIn8hdAoGAKL5h
-MeTxeMlJWyD6BwDX/IObBkoQhv7EgkY6I28p6FghuuXtHo26jqZrn13neZB3xC1+
-2K0ZQIxwbhigq8MWZoe5bdaiEYSp3q8rVmdN+VktP+3bUcyxbjv7VPwgjxbkOt/w
-9WE8olDd1Gab3UQxw2ld9GMDWhAyN3BnDnaNYcECgYBFyc/maooUp2x1SEh3UisY
-vkpzYvUyHGiq2/gwm1htz8HQO75RuNY/YtxN1m9jrMArPBy6OgQ/Wk3Zi6S8HqYY
-ENTUUsIVr33nJT3rOWWJ2qdAmo6kAWt/J3LPNV01MWZ2cU4DcEDF1ZVkGFVgI0ZC
-h+G1ZXD4PyjI6KWhRC3JuA==
------END PRIVATE KEY-----
\ No newline at end of file
--- /dev/null
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+OUTPUT_DIR := $(ROOT_DIR)/../../dist
+PACKAGE_DIR := $(OUTPUT_DIR)/packages
+SECRET_DIR := $(OUTPUT_DIR)/secrets
+
+EXCLUDES :=
+HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+
+.PHONY: $(EXCLUDES) $(HELM_CHARTS)
+
+all: $(HELM_CHARTS)
+
+$(HELM_CHARTS):
+ @echo "\n[$@]"
+ @make package-$@
+
+make-%:
+ @if [ -f $*/Makefile ]; then make -C $*; fi
+
+dep-%: make-%
+ @if [ -f $*/requirements.yaml ]; then helm dep up $*; fi
+
+lint-%: dep-%
+ @if [ -f $*/Chart.yaml ]; then helm lint $*; fi
+
+package-%: lint-%
+ @mkdir -p $(PACKAGE_DIR)
+ @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+ @helm repo index $(PACKAGE_DIR)
+
+clean:
+ @rm -f */requirements.lock
+ @rm -f *tgz */charts/*tgz
+ @rm -rf $(PACKAGE_DIR)
+%:
+ @:
--- /dev/null
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+OUTPUT_DIR := $(ROOT_DIR)/../../../dist
+PACKAGE_DIR := $(OUTPUT_DIR)/packages
+SECRET_DIR := $(OUTPUT_DIR)/secrets
+
+EXCLUDES := dist resources templates charts docker
+HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+
+.PHONY: $(EXCLUDES) $(HELM_CHARTS)
+
+all: $(HELM_CHARTS)
+
+$(HELM_CHARTS):
+ @echo "\n[$@]"
+ @make package-$@
+
+make-%:
+ @if [ -f $*/Makefile ]; then make -C $*; fi
+
+dep-%: make-%
+ @if [ -f $*/requirements.yaml ]; then helm dep up $*; fi
+
+lint-%: dep-%
+ @if [ -f $*/Chart.yaml ]; then helm lint $*; fi
+
+package-%: lint-%
+ @mkdir -p $(PACKAGE_DIR)
+ @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+ @helm repo index $(PACKAGE_DIR)
+
+clean:
+ @rm -f */requirements.lock
+ @rm -f *tgz */charts/*tgz
+ @rm -rf $(PACKAGE_DIR)
+%:
+ @:
--- /dev/null
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+OUTPUT_DIR := $(ROOT_DIR)/../../../../dist
+PACKAGE_DIR := $(OUTPUT_DIR)/packages
+SECRET_DIR := $(OUTPUT_DIR)/secrets
+
+EXCLUDES :=
+HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+
+.PHONY: $(EXCLUDES) $(HELM_CHARTS)
+
+all: $(HELM_CHARTS)
+
+$(HELM_CHARTS):
+ @echo "\n[$@]"
+ @make package-$@
+
+make-%:
+ @if [ -f $*/Makefile ]; then make -C $*; fi
+
+dep-%: make-%
+ @if [ -f $*/requirements.yaml ]; then helm dep up $*; fi
+
+lint-%: dep-%
+ @if [ -f $*/Chart.yaml ]; then helm lint $*; fi
+
+package-%: lint-%
+ @mkdir -p $(PACKAGE_DIR)
+ @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+ @helm repo index $(PACKAGE_DIR)
+
+clean:
+ @rm -f */requirements.lock
+ @rm -f *tgz */charts/*tgz
+ @rm -rf $(PACKAGE_DIR)
+%:
+ @:
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T,VMware
+# Copyright (C) 2020 Wipro Limited.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
- name: common
version: ~6.x-0
repository: '@local'
- - name: music
+ - name: certInitializer
version: ~6.x-0
repository: '@local'
# Copyright (c) 2019 AT&T Intellectual Property.
# =======================================================================
# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain a
+# not use this file except in compliance with the License. You may obtain a
# copy of the License at
-#
+#
# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
-# or implied. See the License for the specific language governing
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+# or implied. See the License for the specific language governing
# permissions and limitations under the License.
# ============LICENSE_END=================================================
-#
+#
#-------------------------------------------------------------------------------
cadi_loglevel=DEBUG
-cadi_prop_files=/share/etc/certs/org.onap.oof.props
+cadi_prop_files=/share/etc/osaaf/local/org.onap.oof.props
aaf.namespace=org.onap.oof
cadi_loglevel=DEBUG
-cadi_prop_files=/share/etc/certs/org.onap.oof.props
+cadi_prop_files=/share/etc/osaaf/local/org.onap.oof.props
aaf.user.roles=/share/etc/certs/AAFUserRoles.properties
\ No newline at end of file
mountPath: /share/etc/config
- name: {{ include "common.fullname" . }}-logs
mountPath: /share/logs
+{{ include "common.certInitializer.initContainer" . | indent 6 }}
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- name: DB_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "password") | indent 10}}
- name: JAVA_TRUSTSTORE
- value: /share/etc/certs/{{ .Values.global.truststoreFile }}
+ value: /share/etc/osaaf/local/{{ .Values.global.truststoreFile }}
- name: SSL_KEYSTORE
- value: /share/etc/certs/{{ .Values.global.keystoreFile }}
+ value: /share/etc/osaaf/local/{{ .Values.global.keystoreFile }}
- name: JAVA_TRUSTSTORE_PASSWORD
value: {{ .Values.global.truststorePassword }}
- - name: SSL_KEYSTORE_PASSWORD
- value: {{ .Values.global.keystorePassword }}
- name: AUTHENTICATION
value: {{ .Values.global.authentication }}
+ command:
+ - /bin/sh
+ args:
+ - "-c"
+ - |
+ export SSL_KEYSTORE_PASSWORD=$(cat /share/etc/osaaf/local/.pass)
+ ./startService.sh
ports:
- containerPort: {{ .Values.service.internalPort }}
# disable liveness probe when breakpoints set in debugger
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
+{{ include "common.certInitializer.volumeMount" . | indent 8 }}
- name: {{ include "common.fullname" . }}-logs
mountPath: /share/logs
- name: {{ include "common.fullname" . }}-logs
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
volumes:
+ {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: {{ include "common.fullname" . }}-config
configMap:
name: {{ include "common.fullname" . }}
port: 3306
# rootPassword: pass
# rootPasswordExternalSecret: some secret
-# user: cmso-admin
-# password: pass
+ user: cmso-admin
+ password: pass
# userCredentialsExternalSecret: some-secret
# host: host
# container: container
--- /dev/null
+# Copyright (C) 2020 Wipro Limited.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
+ - name: certInitializer
+ version: ~6.x-0
+ repository: '@local'
# Copyright (c) 2019 AT&T Intellectual Property.
# =======================================================================
# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain a
+# not use this file except in compliance with the License. You may obtain a
# copy of the License at
-#
+#
# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
-# or implied. See the License for the specific language governing
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+# or implied. See the License for the specific language governing
# permissions and limitations under the License.
# ============LICENSE_END=================================================
-#
+#
#-------------------------------------------------------------------------------
cadi_loglevel=DEBUG
-cadi_prop_files=/share/etc/certs/org.onap.oof.props
+cadi_prop_files=/share/etc/osaaf/local/org.onap.oof.props
aaf.namespace=org.onap.oof
cadi_loglevel=DEBUG
-cadi_prop_files=/share/etc/certs/org.onap.oof.props
+cadi_prop_files=/share/etc/osaaf/local/org.onap.oof.props
aaf.user.roles=/share/etc/certs/AAFUserRoles.properties
mountPath: /share/etc/config
- name: {{ include "common.fullname" . }}-logs
mountPath: /share/logs
+{{ include "common.certInitializer.initContainer" . | indent 6 }}
containers:
# side car containers
- name: filebeat-onap
- name: DB_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cmso-db-user-secret" "key" "password") | indent 10}}
- name: JAVA_TRUSTSTORE
- value: /share/etc/certs/{{ .Values.global.truststoreFile }}
+ value: /share/etc/osaaf/local/{{ .Values.global.truststoreFile }}
- name: SSL_KEYSTORE
- value: /share/etc/certs/{{ .Values.global.keystoreFile }}
+ value: /share/etc/osaaf/local/{{ .Values.global.keystoreFile }}
- name: JAVA_TRUSTSTORE_PASSWORD
value: {{ .Values.global.truststorePassword }}
- - name: SSL_KEYSTORE_PASSWORD
- value: {{ .Values.global.keystorePassword }}
- name: AUTHENTICATION
value: {{ .Values.global.authentication }}
+ command:
+ - /bin/sh
+ args:
+ - "-c"
+ - |
+ export SSL_KEYSTORE_PASSWORD=$(cat /share/etc/osaaf/local/.pass)
+ ./startService.sh
ports:
- containerPort: {{ .Values.service.internalPort }}
# disable liveness probe when breakpoints set in debugger
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
+{{ include "common.certInitializer.volumeMount" . | indent 8 }}
- name: {{ include "common.fullname" . }}-logs
mountPath: /share/logs
- name: {{ include "common.fullname" . }}-logs
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
volumes:
+ {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: {{ include "common.fullname" . }}-config
configMap:
name: {{ include "common.fullname" . }}
port: 3306
# rootPassword: pass
# rootPasswordExternalSecret: some secret
-# user: cmso-admin
-# password: pass
+ user: cmso-admin
+ password: pass
# userCredentialsExternalSecret: some-secret
# host: host
# container: container
--- /dev/null
+# Copyright (C) 2020 Wipro Limited.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
+ - name: certInitializer
+ version: ~6.x-0
+ repository: '@local'
# Copyright (c) 2019 AT&T Intellectual Property.
# =======================================================================
# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain a
+# not use this file except in compliance with the License. You may obtain a
# copy of the License at
-#
+#
# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
-# or implied. See the License for the specific language governing
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+# or implied. See the License for the specific language governing
# permissions and limitations under the License.
# ============LICENSE_END=================================================
-#
+#
#-------------------------------------------------------------------------------
cadi_loglevel=DEBUG
-cadi_prop_files=/share/etc/certs/org.onap.oof.props
+cadi_prop_files=/share/etc/osaaf/local/org.onap.oof.props
#-------------------------------------------------------------------------------
# Copyright © 2017-2019 AT&T Intellectual Property.
# Modifications Copyright © 2018 IBM.
-#
+#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
-#
+#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#
-#
+#
+#
# Unless otherwise specified, all documentation contained herein is licensed
# under the Creative Commons License, Attribution 4.0 Intl. (the â??Licenseâ?\9d);
# you may not use this documentation except in compliance with the License.
# You may obtain a copy of the License at
-#
+#
# https://creativecommons.org/licenses/by/4.0/
-#
+#
# Unless required by applicable law or agreed to in writing, documentation
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# limitations under the License.
#-------------------------------------------------------------------------------
cadi_loglevel=DEBUG
-cadi_prop_files=/share/etc/certs/org.onap.oof.props
+cadi_prop_files=/share/etc/osaaf/local/org.onap.oof.props
aaf.user.roles=/share/etc/certs/AAFUserRoles.properties
aaf.urls=https://aaf-locate:8095
aaf.user.role.properties=/share/etc/certs/AAFUserRoles.properties
aaf.enabled=true
-aaf.namespace=org.onap.oof
\ No newline at end of file
+aaf.namespace=org.onap.oof
volumeMounts:
- name: {{ include "common.fullname" . }}-logs
mountPath: /share/logs
+{{ include "common.certInitializer.initContainer" . | indent 6 }}
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
env:
- name: JAVA_TRUSTSTORE
- value: /share/etc/certs/{{ .Values.global.truststoreFile }}
+ value: /share/etc/osaaf/local/{{ .Values.global.truststoreFile }}
- name: SSL_KEYSTORE
- value: /share/etc/certs/{{ .Values.global.keystoreFile }}
+ value: /share/etc/osaaf/local/{{ .Values.global.keystoreFile }}
- name: JAVA_TRUSTSTORE_PASSWORD
value: {{ .Values.global.truststorePassword }}
- - name: SSL_KEYSTORE_PASSWORD
- value: {{ .Values.global.keystorePassword }}
- name: AUTHENTICATION
value: proprietary-auth
+ command:
+ - /bin/sh
+ args:
+ - "-c"
+ - |
+ export SSL_KEYSTORE_PASSWORD=$(cat /share/etc/osaaf/local/.pass)
+ ./startService.sh
ports:
- containerPort: {{ .Values.service.internalPort }}
# disable liveness probe when breakpoints set in debugger
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
+{{ include "common.certInitializer.volumeMount" . | indent 8 }}
- name: {{ include "common.fullname" . }}-logs
mountPath: /share/logs
- name: {{ include "common.fullname" . }}-logs
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
volumes:
+ {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: {{ include "common.fullname" . }}-config
configMap:
name: {{ include "common.fullname" . }}
--- /dev/null
+# Copyright (C) 2020 Wipro Limited.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
+ - name: certInitializer
+ version: ~6.x-0
+ repository: '@local'
# Copyright (c) 2019 AT&T Intellectual Property.
# =======================================================================
# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain a
+# not use this file except in compliance with the License. You may obtain a
# copy of the License at
-#
+#
# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
-# or implied. See the License for the specific language governing
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+# or implied. See the License for the specific language governing
# permissions and limitations under the License.
# ============LICENSE_END=================================================
-#
+#
#-------------------------------------------------------------------------------
cadi_loglevel=DEBUG
-cadi_prop_files=/share/etc/certs/org.onap.oof.props
+cadi_prop_files=/share/etc/osaaf/local/org.onap.oof.props
#-------------------------------------------------------------------------------
# Copyright © 2017-2019 AT&T Intellectual Property.
# Modifications Copyright © 2018 IBM.
-#
+#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
-#
+#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#
-#
+#
+#
# Unless otherwise specified, all documentation contained herein is licensed
# under the Creative Commons License, Attribution 4.0 Intl. (the â??Licenseâ?\9d);
# you may not use this documentation except in compliance with the License.
# You may obtain a copy of the License at
-#
+#
# https://creativecommons.org/licenses/by/4.0/
-#
+#
# Unless required by applicable law or agreed to in writing, documentation
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# limitations under the License.
#-------------------------------------------------------------------------------
cadi_loglevel=DEBUG
-cadi_prop_files=/share/etc/certs/org.onap.oof.props
+cadi_prop_files=/share/etc/osaaf/local/org.onap.oof.props
aaf.user.roles=/share/etc/certs/AAFUserRoles.properties
aaf.urls=https://aaf-locate:8095
aaf.user.role.properties=/share/etc/certs/AAFUserRoles.properties
aaf.enabled=true
-aaf.namespace=org.onap.oof
\ No newline at end of file
+aaf.namespace=org.onap.oof
volumeMounts:
- name: {{ include "common.fullname" . }}-logs
mountPath: /share/logs
+{{ include "common.certInitializer.initContainer" . | indent 6 }}
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
env:
- name: JAVA_TRUSTSTORE
- value: /share/etc/certs/{{ .Values.global.truststoreFile }}
+ value: /share/etc/osaaf/local/{{ .Values.global.truststoreFile }}
- name: SSL_KEYSTORE
- value: /share/etc/certs/{{ .Values.global.keystoreFile }}
+ value: /share/etc/osaaf/local/{{ .Values.global.keystoreFile }}
- name: JAVA_TRUSTSTORE_PASSWORD
value: {{ .Values.global.truststorePassword }}
- - name: SSL_KEYSTORE_PASSWORD
- value: {{ .Values.global.keystorePassword }}
- name: AUTHENTICATION
value: {{ .Values.global.authentication }}
+ command:
+ - /bin/sh
+ args:
+ - "-c"
+ - |
+ export SSL_KEYSTORE_PASSWORD=$(cat /share/etc/osaaf/local/.pass)
+ ./startService.sh
ports:
- containerPort: {{ .Values.service.internalPort }}
# disable liveness probe when breakpoints set in debugger
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
+{{ include "common.certInitializer.volumeMount" . | indent 8 }}
- name: {{ include "common.fullname" . }}-logs
mountPath: /share/logs
- name: {{ include "common.fullname" . }}-logs
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
volumes:
+ {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: {{ include "common.fullname" . }}-config
configMap:
name: {{ include "common.fullname" . }}
- name: mariadb-init
version: ~6.x-0
repository: '@local'
+ - name: oof-cmso-optimizer
+ version: ~6.x-0
+ repository: 'file://components/oof-cmso-optimizer'
+ condition: oof-cmso-optimizer.enabled
+ - name: oof-cmso-service
+ version: ~6.x-0
+ repository: 'file://components/oof-cmso-service'
+ condition: oof-cmso-service.enabled
+ - name: oof-cmso-ticketmgt
+ version: ~6.x-0
+ repository: 'file://components/oof-cmso-ticketmgt'
+ condition: oof-cmso-ticketmgt.enabled
+ - name: oof-cmso-topology
+ version: ~6.x-0
+ repository: 'file://components/oof-cmso-topology'
+ condition: oof-cmso-topology.enabled
keystoreFile: "org.onap.oof.jks"
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
- keystorePassword: OA7*y0PEGTma?$be2z#0$:L]
truststorePassword:
authentication: aaf-auth
busyBoxImage: busybox:1.30
optimizer:
userName: cmso-optimizer
+#sub-charts configuration
+certInitializer: &certInitConfig
+ fqdn: "oof.onap"
+ app_ns: "org.osaaf.aaf"
+ fqi: "oof@oof.onap.org"
+ fqi_namespace: org.onap.oof
+ public_fqdn: "oof.onap.org"
+ aafDeployFqi: "deployer@people.osaaf.org"
+ aafDeployPass: demo123456!
+ cadi_latitude: "0.0"
+ cadi_longitude: "0.0"
+ credsPath: /opt/app/osaaf/local
+ appMountPath: /share/etc/osaaf
+ aaf_add_config: >
+ cd {{ .Values.credsPath }};
+ /opt/app/aaf_config/bin/agent.sh local showpass {{.Values.fqi}} {{ .Values.fqdn }} | grep cadi_keystore_password_jks= | cut -d= -f 2 > {{ .Values.credsPath }}/.pass 2>&1;
+ find ./ -type f -exec sed -i -e 's/\/opt\/app\/osaaf\/local/\/share\/etc\/osaaf\/local/g' {} \;
+
oof-cmso-service:
+ enabled: true
+ certInitializer:
+ << : *certInitConfig
+ nameOverride: oof-cmso-service-cert-initializer
config:
db:
userCredentialsExternalSecret: *serviceDbCreds
mysqlDatabase: cmso
oof-cmso-optimizer:
+ enabled: true
+ certInitializer:
+ << : *certInitConfig
+ nameOverride: oof-cmso-optimizer-cert-initializer
config:
+ enabled: true
db:
userCredentialsExternalSecret: *optimizerDbCreds
host: oof-cmso-dbhost
container: cmso-db
mysqlDatabase: optimizer
+
+oof-cmso-topology:
+ enabled: true
+ certInitializer:
+ << : *certInitConfig
+ nameOverride: oof-cmso-topology-cert-initializer
+
+oof-cmso-ticketmgt:
+ enabled: true
+ certInitializer:
+ << : *certInitConfig
+ nameOverride: oof-cmso-ticketmgt-cert-initializer
--- /dev/null
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+OUTPUT_DIR := $(ROOT_DIR)/../../../dist
+PACKAGE_DIR := $(OUTPUT_DIR)/packages
+SECRET_DIR := $(OUTPUT_DIR)/secrets
+
+EXCLUDES := dist resources templates charts docker
+HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+
+.PHONY: $(EXCLUDES) $(HELM_CHARTS)
+
+all: $(HELM_CHARTS)
+
+$(HELM_CHARTS):
+ @echo "\n[$@]"
+ @make package-$@
+
+make-%:
+ @if [ -f $*/Makefile ]; then make -C $*; fi
+
+dep-%: make-%
+ @if [ -f $*/requirements.yaml ]; then helm dep up $*; fi
+
+lint-%: dep-%
+ @if [ -f $*/Chart.yaml ]; then helm lint $*; fi
+
+package-%: lint-%
+ @mkdir -p $(PACKAGE_DIR)
+ @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+ @helm repo index $(PACKAGE_DIR)
+
+clean:
+ @rm -f */requirements.lock
+ @rm -f *tgz */charts/*tgz
+ @rm -rf $(PACKAGE_DIR)
+%:
+ @:
--- /dev/null
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+OUTPUT_DIR := $(ROOT_DIR)/../../../../dist
+PACKAGE_DIR := $(OUTPUT_DIR)/packages
+SECRET_DIR := $(OUTPUT_DIR)/secrets
+
+EXCLUDES :=
+HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+
+.PHONY: $(EXCLUDES) $(HELM_CHARTS)
+
+all: $(HELM_CHARTS)
+
+$(HELM_CHARTS):
+ @echo "\n[$@]"
+ @make package-$@
+
+make-%:
+ @if [ -f $*/Makefile ]; then make -C $*; fi
+
+dep-%: make-%
+ @if [ -f $*/requirements.yaml ]; then helm dep up $*; fi
+
+lint-%: dep-%
+ @if [ -f $*/Chart.yaml ]; then helm lint $*; fi
+
+package-%: lint-%
+ @mkdir -p $(PACKAGE_DIR)
+ @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+ @helm repo index $(PACKAGE_DIR)
+
+clean:
+ @rm -f */requirements.lock
+ @rm -f *tgz */charts/*tgz
+ @rm -rf $(PACKAGE_DIR)
+%:
+ @:
--- /dev/null
+# Copyright (C) 2020 Wipro Limited.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
+ - name: certInitializer
+ version: ~6.x-0
+ repository: '@local'
fieldPath: metadata.namespace
image: "{{ .Values.global.dockerHubRepository }}/{{ .Values.global.curlImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+{{ include "common.certInitializer.initContainer" . | indent 6 }}
containers:
- name: {{ include "common.name" . }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
+{{ include "common.certInitializer.volumeMount" . | indent 10 }}
- mountPath: /etc/localtime
name: localtime
readOnly: true
- mountPath: /opt/bitnami/nginx/conf/nginx.conf
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: nginx.conf
- - mountPath: /opt/bitnami/nginx/ssl/org.onap.oof.crt
- name: {{ .Values.global.commonConfigPrefix }}-config
- subPath: org.onap.oof.crt
- - mountPath: /opt/bitnami/nginx/ssl/org.onap.oof.key
- name: {{ .Values.global.commonConfigPrefix }}-config
- subPath: org.onap.oof.key
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
volumes:
+ {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: localtime
hostPath:
path: /etc/localtime
path: log.conf
- key: AAF_RootCA.cer
path: AAF_RootCA.cer
- - key: org.onap.oof.key
- path: org.onap.oof.key
- - key: org.onap.oof.crt
- path: org.onap.oof.crt
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
global: # global defaults
nodePortPrefix: 302
+ image:
+ optf_has: onap/optf-has:2.0.4
service:
type: NodePort
initialDelaySeconds: 10
periodSeconds: 10
+#sub-charts configuration
+certInitializer:
+ nameOverride: oof-has-cert-initializer
+ fqdn: "oof.onap"
+ app_ns: "org.osaaf.aaf"
+ fqi: "oof@oof.onap.org"
+ fqi_namespace: org.onap.oof
+ public_fqdn: "oof.onap.org"
+ aafDeployFqi: "deployer@people.osaaf.org"
+ aafDeployPass: demo123456!
+ cadi_latitude: "0.0"
+ cadi_longitude: "0.0"
+ credsPath: /opt/app/osaaf/local
+ appMountPath: /opt/bitnami/nginx/ssl
+ aaf_add_config: >
+ chmod 444 {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key;
+
ingress:
enabled: false
--- /dev/null
+# Copyright (C) 2020 Wipro Limited.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
# See the License for the specific language governing permissions and
# limitations under the License.
+global:
+ readinessImage: onap/oom/readiness:3.0.1
+ repository: nexus3.onap.org:10001
+ image:
+ optf_has: onap/optf-has:2.0.4
+
ingress:
enabled: false
replicaCount: 1
--- /dev/null
+# Copyright (C) 2020 Wipro Limited.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
# See the License for the specific language governing permissions and
# limitations under the License.
+global:
+ readinessImage: onap/oom/readiness:3.0.1
+ repository: nexus3.onap.org:10001
+ image:
+ optf_has: onap/optf-has:2.0.4
+
ingress:
enabled: false
replicaCount: 1
--- /dev/null
+# Copyright (C) 2020 Wipro Limited.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
# See the License for the specific language governing permissions and
# limitations under the License.
+global:
+ readinessImage: onap/oom/readiness:3.0.1
+ repository: nexus3.onap.org:10001
+ image:
+ optf_has: onap/optf-has:2.0.4
+
ingress:
enabled: false
replicaCount: 1
--- /dev/null
+# Copyright (C) 2020 Wipro Limited.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
# See the License for the specific language governing permissions and
# limitations under the License.
+global:
+ readinessImage: onap/oom/readiness:3.0.1
+ repository: nexus3.onap.org:10001
+ image:
+ optf_has: onap/optf-has:2.0.4
+
ingress:
enabled: false
replicaCount: 1
--- /dev/null
+# Copyright © 2017 Amdocs, Bell Canada
+# Modifications Copyright © 2018 AT&T,VMware
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
+ - name: music
+ version: ~6.x-0
+ repository: '@local'
+ - name: oof-has-api
+ version: ~6.x-0
+ repository: 'file://components/oof-has-api'
+ condition: oof-has-api.enabled
+ - name: oof-has-controller
+ version: ~6.x-0
+ repository: 'file://components/oof-has-controller'
+ condition: oof-has-controller.enabled
+ - name: oof-has-data
+ version: ~6.x-0
+ repository: 'file://components/oof-has-data'
+ condition: oof-has-data.enabled
+ - name: oof-has-reservation
+ version: ~6.x-0
+ repository: 'file://components/oof-has-reservation'
+ condition: oof-has-reservation.enabled
+ - name: oof-has-solver
+ version: ~6.x-0
+ repository: 'file://components/oof-has-solver'
+ condition: oof-has-solver.enabled
listen 8091 ssl;
server_name oof;
- ssl_certificate /opt/bitnami/nginx/ssl/org.onap.oof.crt;
- ssl_certificate_key /opt/bitnami/nginx/ssl/org.onap.oof.key;
+ ssl_certificate /opt/bitnami/nginx/ssl/local/org.onap.oof.crt;
+ ssl_certificate_key /opt/bitnami/nginx/ssl/local/org.onap.oof.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
image:
optf_has: onap/optf-has:2.0.4
filebeat: docker.elastic.co/beats/filebeat:5.5.0
+ persistence:
+ enabled: true
pullPolicy: Always
nodePortPrefix: 302
memory: 2Gi
cpu: 1000m
unlimited: {}
+
+#component overrides
+oof-has-api:
+ enabled: true
+oof-has-controller:
+ enabled: true
+oof-has-data:
+ enabled: true
+oof-has-reservation:
+ enabled: true
+oof-has-solver:
+ enabled: true
+
- name: common
version: ~6.x-0
repository: '@local'
+ - name: certInitializer
+ version: ~6.x-0
+ repository: '@local'
+ - name: oof-cmso
+ version: ~6.x-0
+ repository: 'file://components/oof-cmso'
+ condition: oof-cmso.enabled
+ - name: oof-has
+ version: ~6.x-0
+ repository: 'file://components/oof-has'
+ condition: oof-has.enabled
external: 8698 # clients use this port on DockerHost
osdf_ip_default: 0.0.0.0
# # Important Note: At deployment time, we need to ensure the port mapping is done
- ssl_context: ['/opt/app/ssl_cert/org.onap.oof.crt', '/opt/app/ssl_cert/org.onap.oof.key']
+ ssl_context: ['/opt/osdf/osaaf/local/org.onap.oof.crt', '/opt/osdf/osaaf/local/org.onap.oof.key']
osdf_temp: # special configuration required for "workarounds" or testing
local_policies:
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIIFEDCCA/igAwIBAgIILW/fiLbps5cwDQYJKoZIhvcNAQELBQAwRzELMAkGA1UE
-BhMCVVMxDTALBgNVBAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMRkwFwYDVQQDDBBp
-bnRlcm1lZGlhdGVDQV85MB4XDTIwMDQwNDE4NDMxNloXDTIxMDQwNDE4NDMxNlow
-XjERMA8GA1UEAwwIb29mLm9uYXAxHTAbBgNVBAsMFG9vZkBvb2Yub25hcC5vcmc6
-REVWMQ4wDAYDVQQLDAVPU0FBRjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv9ebvHIAgYYtJZDvxwDLR
-UlCLQutOCosckzgWIwCL9JCJcd+4vMhGnT/zoKckm3koTOV4rB4Cfnf+CLYpRbLQ
-IlLUopRs7ZQZNNyYm3l6ygi3IrW9MldUd2U1MnFZDpV4dEW67rDbCjz8MS2XrnxB
-HpCzyxXvm5Uzf/U5J48fdhlJU2U00D89lCy9dRLOg7Jk2R8cn8BG2bCKGUfEjKb+
-LL9EqdJrGXstZii2OLsByQIEZuL5fv2wLh9m6m55wA+wKOS3aEkqiHaHKfVxm1ZH
-hvP5zkkkex/hH1OEkTQCIzHuJnBZMr4bT1keLf4kBWrnM4zEQgGuxS2guGQUGsib
-AgMBAAGjggHnMIIB4zAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIF4DAgBgNVHSUB
-Af8EFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwVAYDVR0jBE0wS4AUgfeZWxC5yIze
-81Je6k5poEM+rN2hMKQuMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQ
-MQswCQYDVQQGEwJVU4IBBzAdBgNVHQ4EFgQUkjCndmbyBIsg2xtiFYgeONQa8Ysw
-ggEtBgNVHREEggEkMIIBIIEfbWFyay5kLm1hbmFnZXJAcGVvcGxlLm9zYWFmLmNv
-bYIIb29mLm9uYXCCCWNtc28tb25hcIIcY21zby5hcGkuc2ltcGxlZGVtby5vbmFw
-Lm9yZ4IJY21zby5vbmFwgghvb2YtY21zb4ISb29mLWNtc28tb3B0aW1pemVyghJv
-b2YtY21zby10aWNrZXRtZ3SCEW9vZi1jbXNvLXRvcG9sb2d5ggtvb2YtaGFzLWFw
-aYIQb29mLWhhcy1hcGkub25hcIIIb29mLW9uYXCCCm9vZi1vcHRlbmeCD29vZi1v
-cHRlbmcub25hcIIIb29mLW9zZGaCDW9vZi1vc2RmLm9uYXCCG29vZi5hcGkuc2lt
-cGxlZGVtby5vbmFwLm9yZzANBgkqhkiG9w0BAQsFAAOCAQEAHoAD6tRvFPAtUfkU
-FsTO2p7lftMld0CzeAWfEln9vBXwr0ZGdNTP2TWJAcenIE1cwJavyQuDc3sZ4Z20
-/pOz1/oic9gnlVFe46/KRcwVUVXBU1EJlXB2UPU/v4MNrkWUcgqzEcxfKmBWl/My
-7OlQFc7zAeqZw6XtnaLzMipaXg98M7sWnfS4t116wfwmHIkP2RY7dAp1XAbzOW+X
-koFvfuj6MljxEzy8oc90SxhQHWNhWH73FxW0MuP+qf6x5PRciXIq6NJOrkG91Z0L
-mksGtWU58Y7uP9DzcxaOB4cv3UpK4rx//IUnAN4/aDxLq566A5qj21ftMhHlCFg5
-GsHFjQ==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEdTCCAl2gAwIBAgIBBzANBgkqhkiG9w0BAQsFADAsMQ4wDAYDVQQLDAVPU0FB
-RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMwHhcNMTgwODE3MTg1MTM3WhcN
-MjMwODE3MTg1MTM3WjBHMQswCQYDVQQGEwJVUzENMAsGA1UECgwET05BUDEOMAwG
-A1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVkaWF0ZUNBXzkwggEiMA0GCSqG
-SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv0HHUkba3uNtNI3jPKimUcd6RNwmhSCJL
-neMWpnjqp5/A+HCKyNsEaT4y177hNLmCm/aMm1u2JIfikc+8wEqLCSBBPz+P0h+d
-o+sZ7U+4oeQizdYYpEdzHJ2SieHHa8vtu80rU3nO2NEIkuYC20HcKSEtl8fFKsk3
-nqlhY+tGfYJPTXcDOQAO40BTcgat3C3uIJHkWJJ4RivunE4LEuRv9QyKgAw7rkJV
-v+f7guqpZlXy6dzAkuU7XULWcgo55MkZlssoiErMvEZJad5aWKvRY3g7qUjaQ6wO
-15wOAUoRBW96eeZZbytgn8kybcBy++Ue49gPtgm1MF/KlAsp0MD5AgMBAAGjgYYw
-gYMwHQYDVR0OBBYEFIH3mVsQuciM3vNSXupOaaBDPqzdMB8GA1UdIwQYMBaAFFNV
-M/JL69BRscF4msEoMXvv6u1JMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/
-BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B
-AQsFAAOCAgEADxNymiCNr2e37iLReoaxKmZvwox0cTiNAaj7iafRzmwIoY3VXO8Q
-ix5IYcp4FaQ7fV1jyp/AmaSnyHf6Osl0sx8PxsQkO7ALttxKUrjfbvNSVUA2C/vl
-u5m7UVJLIUtFDZBWanzUSmkTsYLHpiANFQKd2c/cU1qXcyzgJVFEFVyyHNkF7Is+
-+pjG9M1hwQHOoTnEuU013P7X1mHek+RXEfhJWwe7UsZnBKZaZKbQZu7hEtqKWYp/
-QsHgnjoLYXsh0WD5rz/mBxdTdDLGpFqWDzDqb8rsYnqBzoowvsasV8X8OSkov0Ht
-8Yka0ckFH9yf8j1Cwmbl6ttuonOhky3N/gwLEozuhy7TPcZGVyzevF70kXy7g1CX
-kpFGJyEHXoprlNi8FR4I+NFzbDe6a2cFow1JN19AJ9Z5Rk5m7M0mQPaQ4RcikjB3
-aoLsASCJTm1OpOFHfxEKiBW4Lsp3Uc5/Rb9ZNbfLrwqWZRM7buW1e3ekLqntgbky
-uKKISHqVJuw/vXHl1jNibEo9+JuQ88VNuAcm7WpGUogeCa2iAlPTckPZei+MwZ8w
-tpvxTyYlZEC8DWzY1VC29+W2N5cvh01e2E3Ql08W1zL63dqrgdEZ3VWjzooYi4ep
-BmMXTvouW+Flyvcw/0oTcfN0biDIt0mCkZ5CQVjfGL9DTOYteR5hw+k=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFPjCCAyagAwIBAgIJAJ6u7cCnzrWdMA0GCSqGSIb3DQEBCwUAMCwxDjAMBgNV
-BAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzAeFw0xODA0MDUx
-NDE1MjhaFw0zODAzMzExNDE1MjhaMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQK
-DARPTkFQMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
-ggIBAMA5pkgRs7NhGG4ew5JouhyYakgYUyFaG121+/h8qbSdt0hVQv56+EA41Yq7
-XGie7RYDQK9NmAFF3gruE+6X7wvJiChp+Cyd7sFMnb65uWhxEdxWTM2BJFrgfzUn
-H8ZCxgaCo3XH4PzlKRy2LQQJEJECwl/RZmRCXijMt5e9h8XoZY/fKkKcZZUsWNCM
-pTo266wjvA9MXLmdgReRj0+vrCjrNqy+htwJDztoiHWiYPqT6o8EvGcgjNqjlZx7
-NUNf8MfLDByqKF6+wRbHv1GKjn3/Vijd45Fv8riyRYROiFanvbV6jIfBkv8PZbXg
-2VDWsYsgp8NAvMxK+iV8cO+Ck3lBI2GOPZbCEqpPVTYbLUz6sczAlCXwQoPzDIZY
-wYa3eR/gYLY1gP2iEVHORag3bLPap9ZX5E8DZkzTNTjovvLk8KaCmfcaUMJsBtDd
-ApcUitz10cnRyZc1sX3gE1f3DpzQM6t9C5sOVyRhDcSrKqqwb9m0Ss04XAS9FsqM
-P3UWYQyqDXSxlUAYaX892u8mV1hxnt2gjb22RloXMM6TovM3sSrJS0wH+l1nznd6
-aFXftS/G4ZVIVZ/LfT1is4StoyPWZCwwwly1z8qJQ/zhip5NgZTxQw4mi7ww35DY
-PdAQOCoajfSvFjqslQ/cPRi/MRCu079heVb5fQnnzVtnpFQRAgMBAAGjYzBhMB0G
-A1UdDgQWBBRTVTPyS+vQUbHBeJrBKDF77+rtSTAfBgNVHSMEGDAWgBRTVTPyS+vQ
-UbHBeJrBKDF77+rtSTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAN
-BgkqhkiG9w0BAQsFAAOCAgEAPx/IaK94n02wPxpnYTy+LVLIxwdq/kawNd6IbiMz
-L87zmNMDmHcGbfoRCj8OkhuggX9Lx1/CkhpXimuYsZOFQi5blr/u+v4mIbsgbmi9
-7j+cUHDP0zLycvSvxKHty51LwmaX9a4wkJl5zBU4O1sd/H9tWcEmwJ39ltKoBKBx
-c94Zc3iMm5ytRWGj+0rKzLDAXEWpoZ5bE5PLJauA6UDCxDLfs3FwhbS7uDggxYvf
-jySF5FCNET94oJ+m8s7VeHvoa8iPGKvXrIqdd7XDHnqJJlVKr7m9S0fMbyEB8ci2
-RtOXDt93ifY1uhoEtEykn4dqBSp8ezvNMnwoXdYPDvTd9uCAFeWFLVreBAWxd25h
-PsBTkZA5hpa/rA+mKv6Af4VBViYr8cz4dZCsFChuioVebe9ighrfjB//qKepFjPF
-CyjzKN1u0JKm/2x/ORqxkTONG8p3uDwoIOyimUcTtTMv42bfYD88RKakqSFXE9G+
-Z0LlaKABqfjK49o/tsAp+c5LoNlYllKhnetO3QAdraHwdmC36BhoghzR1jpX751A
-cZn2VH3Q4XKyp01cJNCJIrua+A+bx6zh3RyW6zIIkbRCbET+UD+4mr8WIcSE3mtR
-ZVlnhUDO4z9//WKMVzwS9Rh8/kuszrGFI1KQozXCHLrce3YP6RYZfOed79LXaRwX
-dYY=
------END CERTIFICATE-----
-
-
+++ /dev/null
------BEGIN PRIVATE KEY-----
-MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCv9ebvHIAgYYtJ
-ZDvxwDLRUlCLQutOCosckzgWIwCL9JCJcd+4vMhGnT/zoKckm3koTOV4rB4Cfnf+
-CLYpRbLQIlLUopRs7ZQZNNyYm3l6ygi3IrW9MldUd2U1MnFZDpV4dEW67rDbCjz8
-MS2XrnxBHpCzyxXvm5Uzf/U5J48fdhlJU2U00D89lCy9dRLOg7Jk2R8cn8BG2bCK
-GUfEjKb+LL9EqdJrGXstZii2OLsByQIEZuL5fv2wLh9m6m55wA+wKOS3aEkqiHaH
-KfVxm1ZHhvP5zkkkex/hH1OEkTQCIzHuJnBZMr4bT1keLf4kBWrnM4zEQgGuxS2g
-uGQUGsibAgMBAAECggEAZFnZWoTmjZET3sdLaJQ0ZyyKwuFnURqyO5m6YuWTaj4Q
-MFLBRJplneAQmOEGcdo5PsKcHDYM5185D6foO6GEWS86Dgqqm3TjAX0kUeRZY63V
-SpyBCWWsaH+vOKeL/T5UAF5PZky6kDFGlo11cwwP0ROdcuxflkck0DopoG7vMQE0
-XvOWDn9z7WLu6hph7RnweW5Wou3VG2WSlE8i7gngAExxRFs2RxUr3UHooUX0pLOY
-Qk/ofsWB6AhMD02BAIgKEWZK33+uTHUchbm3zA1sAx8vXoA5G9uSh/E+YnXbt3D0
-0wrHIJy+BW3f4WfGc7tE3HpsnLsnUwBV48DvG/zAAQKBgQD4HshYjEkT4WAVnzbe
-FaivRh67sFqHvkpSA4gmNdot1Q4MeZ1I5u2lKBntbxyk72m/zA/7qw2h1PT2r430
-XA2/cV+YHCiTbPqfm0Lj+w0ht+RmF3VQB1uHWjsVvybPIeuwVLZ3hgu2Tl2oDCKd
-8bKLpvj4fwZRxbp3G5VjuQztiwKBgQC1jHYVaUHkekshHG0HFPBKAEU8urSeKzoD
-Y7SyrDLQwx3rqhY3v0VZntjnT47JEThECunl5Aun0YJyMs12Ex0zI7ciC9WIgbHx
-Qhs/46uhKPuiEHzBsET6CX7wDBJMBIN6HrNMsSdCTmWZu6LGJSlHasEXnmKsTngF
-nYdBeQATMQKBgGMvOvtaqOPPli9OhApnMhVOvH5e0vGsed0rGEPeByeHIaSPAPbh
-iWIaE7M8VYEBS46mLkV2bW6hyILMTry+B6jd007lArtcNxuSXzzvYKJ39k9xVS32
-ovoKcdARp5vpfWPxmTdSWGA6F2pT34qv0aXNy3zamlYZ6p4uYpuIn8hdAoGAKL5h
-MeTxeMlJWyD6BwDX/IObBkoQhv7EgkY6I28p6FghuuXtHo26jqZrn13neZB3xC1+
-2K0ZQIxwbhigq8MWZoe5bdaiEYSp3q8rVmdN+VktP+3bUcyxbjv7VPwgjxbkOt/w
-9WE8olDd1Gab3UQxw2ld9GMDWhAyN3BnDnaNYcECgYBFyc/maooUp2x1SEh3UisY
-vkpzYvUyHGiq2/gwm1htz8HQO75RuNY/YtxN1m9jrMArPBy6OgQ/Wk3Zi6S8HqYY
-ENTUUsIVr33nJT3rOWWJ2qdAmo6kAWt/J3LPNV01MWZ2cU4DcEDF1ZVkGFVgI0ZC
-h+G1ZXD4PyjI6KWhRC3JuA==
------END PRIVATE KEY-----
\ No newline at end of file
image: "{{ .Values.global.dockerHubRepository }}/{{ .Values.global.curlImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-osdf-sms-readiness
-
+{{ include "common.certInitializer.initContainer" . | indent 6 }}
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
volumeMounts:
+{{ include "common.certInitializer.volumeMount" . | indent 10 }}
- mountPath: /etc/localtime
name: localtime
readOnly: true
- mountPath: /opt/app/ssl_cert/aaf_root_ca.cer
name: {{ include "common.fullname" . }}-config
subPath: aaf_root_ca.cer
- - mountPath: /opt/app/ssl_cert/org.onap.oof.crt
- name: {{ include "common.fullname" . }}-config
- subPath: org.onap.oof.crt
- - mountPath: /opt/app/ssl_cert/org.onap.oof.key
- name: {{ include "common.fullname" . }}-config
- subPath: org.onap.oof.key
- mountPath: /opt/osdf/config/common_config.yaml
name: {{ include "common.fullname" . }}-config
subPath: common_config.yaml
{{- end }}
volumes:
+ {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: localtime
hostPath:
path: /etc/localtime
path: aaf_root_ca.cer
- key: common_config.yaml
path: common_config.yaml
- - key: org.onap.oof.crt
- path: org.onap.oof.crt
- - key: org.onap.oof.key
- path: org.onap.oof.key
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
affinity: {}
# Resource Limit flavor -By Default using small
flavor: small
+
+#sub-charts configuration
+certInitializer:
+ nameOverride: oof-osdf-cert-initializer
+ fqdn: "oof.onap"
+ app_ns: "org.osaaf.aaf"
+ fqi: "oof@oof.onap.org"
+ fqi_namespace: org.onap.oof
+ public_fqdn: "oof.onap.org"
+ aafDeployFqi: "deployer@people.osaaf.org"
+ aafDeployPass: demo123456!
+ cadi_latitude: "0.0"
+ cadi_longitude: "0.0"
+ credsPath: /opt/app/osaaf/local
+ appMountPath: /opt/osdf/osaaf
+ aaf_add_config: >
+ chmod 444 {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key;
+
# Segregation for Different environment (Small and Large)
resources:
small:
port: 8698
config:
ssl: "redirect"
+
+#component overrides
+
+oof-cmso:
+ enabled: true
+oof-has:
+ enabled: true