---
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
- rev: v4.0.1
+ rev: v5.0.0
hooks:
- id: trailing-whitespace
#exclude: '^ordmodels/'
- repo: https://github.com/jorisroovers/gitlint
- rev: v0.18.0
+ rev: v0.19.1
hooks:
- id: gitlint
stages: [commit-msg]
- repo: https://github.com/Lucas-C/pre-commit-hooks
- rev: v1.1.10
+ rev: v1.5.5
hooks:
- id: remove-tabs
- stages: [commit]
+ stages: [pre-commit]
exclude: '^(.git/|docs/make.bat|.*/Makefile$)'
apiVersion: v2
description: ONAP Active and Available Inventory
name: aai
-version: 15.0.1
+version: 15.0.2
dependencies:
- name: common
apiVersion: v2
description: Babel microservice
name: aai-babel
-version: 15.0.1
+version: 15.0.2
dependencies:
- name: common
tosca.mappings.config=${CONFIG_HOME}/tosca-mappings.json
spring.application.name=aai-babel
-spring.sleuth.enabled=true
+spring.sleuth.enabled={{ .Values.tracing.enabled }}
spring.zipkin.baseUrl={{ .Values.tracing.collector.baseUrl }}
spring.sleuth.messaging.jms.enabled = false
spring.sleuth.trace-id128=true
apiVersion: apps/v1
kind: Deployment
-metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+metadata: {{- include "common.resourceMetadata" (dict "annotations" .Values.annotations "dot" .) | nindent 2 }}
spec:
selector: {{- include "common.selectors" . | nindent 4 }}
{{- if .Values.debug.enabled }}
replicaCount: 1
# number of ReplicaSets that should be retained for the Deployment
-revisionHistoryLimit: 2
+revisionHistoryLimit: 1
updateStrategy:
type: RollingUpdate
small:
limits:
cpu: "1"
- memory: "3Gi"
+ memory: "2500Mi"
requests:
- cpu: "200m"
+ cpu: "100m"
memory: "1Gi"
large:
limits:
cpu: "4"
- memory: "6Gi"
+ memory: "4Gi"
requests:
cpu: "1"
- memory: "2Gi"
+ memory: "1Gi"
unlimited: {}
tracing:
+ enabled: false
collector:
baseUrl: http://jaeger-collector.istio-system:9411
sampling:
apiVersion: v2
description: ONAP AAI GraphAdmin
name: aai-graphadmin
-version: 15.0.1
+version: 15.0.2
dependencies:
- name: common
# This does the same as the /echo endpoint,
# but doesn't show up in micrometer metrics
aai.actuator.echo.enabled={{ .Values.actuator.echo.enabled }}
+
+aai.graph.properties.path=${server.local.startpath}/etc/appprops/janusgraph-realtime.properties
<logger name="org.zookeeper" level="WARN"/>
<logger name="com.netflix" level="WARN"/>
<logger name="org.janusgraph" level="WARN"/>
+ <logger name="org.janusgraph.graphdb.transaction" level="ERROR" />
<logger name="com.att.aft.dme2" level="WARN"/>
<!-- ============================================================================ -->
<!-- General EELF logger -->
*/}}
apiVersion: apps/v1
kind: Deployment
-metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+metadata: {{- include "common.resourceMetadata" (dict "annotations" .Values.annotations "dot" .) | nindent 2 }}
spec:
{{- if .Values.config.debug.enabled }}
replicas: 1
terminationGracePeriodSeconds: {{ .Values.service.terminationGracePeriodSeconds }}
{{- if .Values.global.initContainers.enabled }}
initContainers:
- {{ include "common.readinessCheck.waitFor" (dict "dot" . "wait_for" .Values.readinessCheck.waitForWithCreateSchemaDisabled ) | indent 6 | trim}}
+ {{ include "common.readinessCheck.waitFor" (dict "dot" . "wait_for" .Values.readinessCheck.waitForWithCreateSchemaDisabled ) | indent 6 | trim }}
{{- end }}
{{ include "common.podSecurityContext" . | indent 6 | trim }}
containers:
value: {{ $value | quote}}
{{- end }}
{{- end }}
- {{- if eq .Values.flavor "small" }}
- - name: MAX_HEAP_SIZE
- value: {{ .Values.small.maxHeapSize | quote }}
- {{- else if eq .Values.flavor "large" }}
- - name: MAX_HEAP_SIZE
- value: {{ .Values.large.maxHeapSize | quote }}
- {{- end }}
- name: INTERNAL_PORT_1
value: {{ .Values.service.appPort | quote }}
- name: INTERNAL_PORT_2
resources: {{ include "common.resources" . | nindent 10 }}
{{- if .Values.nodeSelector }}
nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{ toYaml .Values.nodeSelector | indent 8 }}
{{- end -}}
{{- if .Values.affinity }}
affinity:
-{{ toYaml .Values.affinity | indent 8 }}
+ {{ toYaml .Values.affinity | indent 8 }}
{{- end }}
-
# side car containers
{{ include "common.log.sidecar" . | nindent 6 }}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
name: {{ include "common.fullname" . }}-db-backup
namespace: {{ include "common.namespace" . }}
labels: {{- include "common.labels" (dict "labels" .Values.labels "ignoreHelmChart" .Values.ignoreHelmChart "dot" . "suffix" "job") | nindent 4 }}
- annotations:
- "helm.sh/hook": pre-upgrade,pre-install
- "helm.sh/hook-weight": "2"
- "helm.sh/hook-delete-policy": before-hook-creation
+ {{- if .Values.jobAnnotations.backup }}
+ annotations: {{- include "common.tplValue" (dict "value" .Values.jobAnnotations.backup "context" $) | nindent 4 }}
+ {{- end }}
spec:
backoffLimit: 20
template:
name: {{ include "common.fullname" . }}-create-db-schema
namespace: {{ include "common.namespace" . }}
labels: {{- include "common.labels" (dict "labels" .Values.labels "ignoreHelmChart" .Values.ignoreHelmChart "dot" . "suffix" "job") | nindent 4 }}
+ {{- if .Values.jobAnnotations.createDBSchema }}
+ annotations: {{- include "common.tplValue" (dict "value" .Values.jobAnnotations.createDBSchema "context" $) | nindent 4 }}
+ {{- end }}
spec:
backoffLimit: 20
template:
- name: {{ include "common.name" . }}-job
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- {{ include "common.containerSecurityContext" . | indent 8 | trim }}
+ {{ include "common.containerSecurityContext" . | nindent 8 | trim }}
command:
- sh
args:
secretKeyRef:
name: {{ include "common.release" . }}-{{ .Values.global.aaiGraphKafkaUser }}
key: sasl.jaas.config
- ports:
{{- if .Values.config.debug.enabled }}
+ ports:
- containerPort: {{ .Values.service.debugPort }}
name: {{ .Values.service.debugPortName }}
{{- end }}
name: {{ include "common.fullname" . }}-properties
restartPolicy: Never
{{- include "common.imagePullSecrets" . | nindent 6 }}
-{{ end }}
+{{- end }}
name: {{ include "common.fullname" . }}-migration
namespace: {{ include "common.namespace" . }}
labels: {{- include "common.labels" (dict "labels" .Values.labels "ignoreHelmChart" .Values.ignoreHelmChart "dot" . "suffix" "job") | nindent 4 }}
- annotations:
- "helm.sh/hook": post-upgrade,post-rollback,post-install
- "helm.sh/hook-weight": "1"
- "helm.sh/hook-delete-policy": before-hook-creation
+ {{- if .Values.jobAnnotations.migration }}
+ annotations: {{- include "common.tplValue" (dict "value" .Values.jobAnnotations.migration "context" $) | nindent 4 }}
+ {{- end }}
spec:
backoffLimit: 20
template:
clients: SDNC,-1|MSO,-1|SO,-1|robot-ete,-1
# application image
-image: onap/aai-graphadmin:1.15.2
+image: onap/aai-graphadmin:1.15.4
pullPolicy: Always
restartPolicy: Always
flavor: small
replicaCount: 1
# number of ReplicaSets that should be retained for the Deployment
-revisionHistoryLimit: 2
+revisionHistoryLimit: 1
# the minimum number of seconds that a newly created Pod should be ready
minReadySeconds: 30
- "-Djava.rmi.server.hostname=127.0.0.1"
env:
BOOTSTRAP_SERVERS: onap-strimzi-kafka-bootstrap:9092
-
+ DATA_SNAPSHOT_TASKS_ENABLED: false
+ DATA_SNAPSHOT_CLEANUP_ENABLED: false
nodeSelector: {}
# probe configuration parameters
liveness:
enabled: true
- path: /actuator/health/liveness
+ path: /actuator/health
periodSeconds: 10
readiness:
memory: "4Gi"
unlimited: {}
-# define the heap size for the JVM
-# according to the resource flavor
-small:
- maxHeapSize: "1g"
-large:
- maxHeapSize: "5g"
-
metrics:
serviceMonitor:
enabled: true
podAnnotations:
checksum/config: '{{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}'
+
+jobAnnotations:
+ backup:
+ "helm.sh/hook": pre-upgrade,pre-rollback,post-install
+ "helm.sh/hook-weight": "2"
+ "helm.sh/hook-delete-policy": before-hook-creation
+ migration:
+ "helm.sh/hook": pre-upgrade,pre-rollback,post-install
+ "helm.sh/hook-weight": "2"
+ "helm.sh/hook-delete-policy": before-hook-creation
unlimited: {}
tracing:
- enabled: true
+ enabled: false
collector:
baseUrl: http://jaeger-collector.istio-system:9411
sampling:
apiVersion: v2
description: ONAP AAI resources
name: aai-resources
-version: 15.0.1
+version: 15.0.2
dependencies:
- name: common
repository: '@local'
- name: readinessCheck
version: ~13.x-0
- repository: '@local'
\ No newline at end of file
+ repository: '@local'
spring.main.allow-bean-definition-overriding=true
server.servlet.context-path=/
+spring.sleuth.enabled={{ .Values.tracing.enabled }}
spring.zipkin.baseUrl={{ .Values.tracing.collector.baseUrl }}
spring.sleuth.messaging.jms.enabled = false
spring.sleuth.trace-id128=true
# This does the same as the /echo endpoint,
# but doesn't show up in micrometer metrics
aai.actuator.echo.enabled={{ .Values.actuator.echo.enabled }}
+aai.graph.properties.path=${server.local.startpath}/etc/appprops/janusgraph-realtime.properties
<logger name="org.springframework.beans" level="WARN" />
<logger name="org.springframework.web" level="WARN" />
<logger name="org.janusgraph" level="WARN" />
+ <logger name="org.janusgraph.graphdb.transaction" level="ERROR" />
<logger name="org.zookeeper" level="OFF" />
apiVersion: apps/v1
kind: Deployment
-metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+metadata: {{- include "common.resourceMetadata" (dict "annotations" .Values.annotations "dot" .) | nindent 2 }}
spec:
{{- if or .Values.config.debug.enabled .Values.config.profiling.enabled }}
replicas: 1
app: {{ include "common.name" . }}
template:
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
- {{- if .Values.global.msbEnabled }}
- {{ $values := .Values }}
- msb.onap.org/service-info: '[
- {{- range $api_endpoint := $values.aai_enpoints -}}
- {{- range $api_version := $values.api_list }}
- {
- "serviceName": "_{{ $api_endpoint.name }}",
- "version": "v{{ $api_version }}",
- "url": "/aai/v{{ $api_version }}/{{ $api_endpoint.url }}",
- "protocol": "REST",
- "port": "8447",
- "enable_ssl": true,
- "lb_policy":"ip_hash",
- "visualRange": "1",
- "path": "/aai/v{{ $api_version }}/{{ $api_endpoint.url }}"
- },
- {
- "serviceName": "{{ $api_endpoint.name }}",
- "version": "v{{ $api_version }}",
- "url": "/aai/v{{ $api_version }}/{{ $api_endpoint.url }}",
- "protocol": "REST",
- "port": "8447",
- "enable_ssl": true,
- "lb_policy":"ip_hash",
- "visualRange": "1"
- },
- {{- end }}
- {{- end }}
- ]'
- {{- end }}
spec:
hostname: aai-resources
terminationGracePeriodSeconds: {{ .Values.service.terminationGracePeriodSeconds }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
{{- end }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
{{- end }}
readinessProbe:
httpGet:
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
{{- end }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
+ timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
startupProbe:
httpGet:
port: {{ .Values.service.metricsPort }}
path: {{ .Values.startup.path }}
failureThreshold: {{ .Values.startup.failureThreshold }}
periodSeconds: {{ .Values.startup.periodSeconds }}
+ timeoutSeconds: {{ .Values.startup.timeoutSeconds }}
resources: {{ include "common.resources" . | nindent 10 }}
{{- if .Values.nodeSelector }}
nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }}
{{- if .Values.metrics.serviceMonitor.enabled }}
{{ include "common.serviceMonitor" . }}
-{{- end }}
\ No newline at end of file
+{{- end }}
url: external-system
# application image
-image: onap/aai-resources:1.15.2
+image: onap/aai-resources:1.15.4
pullPolicy: Always
restartPolicy: Always
flavor: small
replicaCount: 1
# number of ReplicaSets that should be retained for the Deployment
-revisionHistoryLimit: 2
+revisionHistoryLimit: 1
# the minimum number of seconds that a newly created Pod should be ready
minReadySeconds: 30
# environment variables added to the launch of the image in deployment
env:
- MIN_HEAP_SIZE: "512m"
MAX_METASPACE_SIZE: "512m"
# adds jvm args for remote debugging the application
# probe configuration parameters
liveness:
enabled: true
- path: /actuator/health/liveness
+ path: /actuator/health
periodSeconds: 10
+ timeoutSeconds: 3
readiness:
path: /actuator/health/readiness
periodSeconds: 10
+ timeoutSeconds: 3
startup:
path: /actuator/health/liveness
failureThreshold: 60
periodSeconds: 5
+ timeoutSeconds: 3
actuator:
echo:
unlimited: {}
tracing:
+ enabled: false
collector:
baseUrl: http://jaeger-collector.istio-system:9411
sampling:
apiVersion: v2
description: ONAP AAI traversal
name: aai-traversal
-version: 15.0.1
+version: 15.0.2
dependencies:
- name: common
{{/*
# Copyright © 2018 Amdocs, Bell Canada, AT&T
# Modifications Copyright © 2020 Orange
-# Modifications Copyright � 2023 Nordix Foundation
+# Modifications Copyright © 2023 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
spring.profiles.active={{ .Values.global.config.profiles.active }}
spring.jersey.application-path=/
+spring.sleuth.enabled={{ .Values.tracing.enabled }}
spring.zipkin.baseUrl={{ .Values.tracing.collector.baseUrl }}
spring.sleuth.messaging.jms.enabled = false
spring.sleuth.trace-id128=true
security.require-ssl=false
server.ssl.enabled=false
-# JMS bind address host port
-jms.bind.address=tcp://localhost:61647
# dmaap is deprecated now kafka is used
spring.kafka.producer.bootstrap-servers=${BOOTSTRAP_SERVERS}
spring.kafka.producer.properties.security.protocol=SASL_PLAINTEXT
# This does the same as the /echo endpoint,
# but doesn't show up in micrometer metrics
aai.actuator.echo.enabled={{ .Values.actuator.echo.enabled }}
+aai.graph.properties.path=${server.local.startpath}/etc/appprops/janusgraph-realtime.properties
<logger name="org.springframework.beans" level="WARN" />
<logger name="org.springframework.web" level="WARN" />
<logger name="org.janusgraph" level="WARN" />
+ <logger name="org.janusgraph.graphdb.transaction" level="ERROR" />
<logger name="org.zookeeper" level="OFF" />
apiVersion: apps/v1
kind: Deployment
-metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+metadata: {{- include "common.resourceMetadata" (dict "annotations" .Values.annotations "dot" .) | nindent 2 }}
spec:
{{- if or .Values.config.debug.enabled .Values.config.profiling.enabled }}
replicas: 1
app: {{ include "common.name" . }}
template:
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
- {{- if .Values.global.msbEnabled }}
- {{ $values := .Values }}
- msb.onap.org/service-info: '[
- {{- range $api_endpoint := $values.aai_enpoints -}}
- {{- range $api_version := $values.api_list }}
- {
- "serviceName": "_{{ $api_endpoint.name }}",
- "version": "v{{ $api_version }}",
- "url": "/aai/v{{ $api_version }}/{{ $api_endpoint.url }}",
- "protocol": "REST",
- "port": "8446",
- "enable_ssl": true,
- "lb_policy":"ip_hash",
- "visualRange": "1",
- "path": "/aai/v{{ $api_version }}/{{ $api_endpoint.url }}"
- },
- {
- "serviceName": "{{ $api_endpoint.name }}",
- "version": "v{{ $api_version }}",
- "url": "/aai/v{{ $api_version }}/{{ $api_endpoint.url }}",
- "protocol": "REST",
- "port": "8446",
- "enable_ssl": true,
- "lb_policy":"ip_hash",
- "visualRange": "1"
- },
- {{- end }}
- {{- end }}
- {
- "serviceName": "_aai-named-query",
- "url": "/aai/search",
- "protocol": "REST",
- "port": "8446",
- "enable_ssl": true,
- "lb_policy":"ip_hash",
- "visualRange": "1",
- "path": "/aai/search"
- },
- {
- "serviceName": "aai-named-query",
- "url": "/aai/search",
- "protocol": "REST",
- "port": "8446",
- "enable_ssl": true,
- "lb_policy":"ip_hash",
- "visualRange": "1"
- }
- ]'
- {{- end }}
spec:
hostname: aai-traversal
terminationGracePeriodSeconds: {{ .Values.service.terminationGracePeriodSeconds }}
- -c
- |
while (netstat -an | grep ESTABLISHED | grep -e $INTERNAL_PORT_1)
- do sleep 10
+ do sleep 3
done
# disable liveness probe when
# debugging.enable=true or profiling.enabled=true
namespace: {{ include "common.namespace" . }}
labels: {{- include "common.labels" . | nindent 4 }}
{{ if .Values.global.jobs.migration.enabled }}
- annotations:
- "helm.sh/hook": post-upgrade,post-rollback,post-install
- "helm.sh/hook-weight": "2"
- "helm.sh/hook-delete-policy": before-hook-creation
+ {{- if .Values.jobAnnotations }}
+ annotations: {{- include "common.tplValue" (dict "value" .Values.jobAnnotations "context" $) | nindent 4 }}
+ {{- end }}
{{ end }}
spec:
template:
- name: {{ include "common.name" . }}-wait-for-aai-haproxy
image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ securityContext:
+ runAsUser: 100
+ runAsGroup: 65533
+ readOnlyRootFilesystem: true
+ privileged: false
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ - CAP_NET_RAW
command:
- sh
- "-c"
requests:
cpu: "3m"
memory: "20Mi"
- securityContext:
- runAsUser: 100
- runAsGroup: 65533
- readOnlyRootFilesystem: true
- privileged: false
- allowPrivilegeEscalation: false
- capabilities:
- drop:
- - ALL
- - CAP_NET_RAW
containers:
- name: {{ include "common.name" . }}-job
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
someConfig: random
# application image
-image: onap/aai-traversal:1.15.2
+image: onap/aai-traversal:1.15.4
pullPolicy: Always
restartPolicy: Always
flavor: small
replicaCount: 1
# number of ReplicaSets that should be retained for the Deployment
-revisionHistoryLimit: 2
+revisionHistoryLimit: 1
nodeSelector: {}
# probe configuration parameters
liveness:
- path: /actuator/health/liveness
+ path: /actuator/health
initialDelaySeconds: 60
periodSeconds: 60
enabled: true
targetCPUUtilizationPercentage: 80
tracing:
+ enabled: false
collector:
baseUrl: http://jaeger-collector.istio-system:9411
sampling:
wait_for_service:
services:
- aai
+
+jobAnnotations:
+ "helm.sh/hook": pre-upgrade,pre-rollback,post-install
+ "helm.sh/hook-weight": "2"
+ "helm.sh/hook-delete-policy": before-hook-creation
#################################################################
# Secrets metaconfig
#################################################################
dockerhubRepository: docker.io
busyboxImage: busybox
- readinessImage: onap/oom/readiness:6.0.3
+ readinessImage: onap/oom/readiness:6.1.0
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
restartPolicy: Always
- msbEnabled: false
centralizedLoggingEnabled: false
cassandra:
replicaCount: 1
# number of ReplicaSets that should be retained for the Deployment
-revisionHistoryLimit: 2
+revisionHistoryLimit: 1
updateStrategy:
type: RollingUpdate
Code Review / oom.git / commitdiff