+++ /dev/null
-# ============LICENSE_START=======================================================
-# Copyright (C) 2022,2024 Nordix Foundation. All rights reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-# http://www.apache.org/licenses/LICENSE-2.0
-
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# SPDX-License-Identifier: Apache-2.0
-# ============LICENSE_END=========================================================
-
-spring:
- autoconfigure:
- exclude:
- - org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration
- - org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration
- - org.springframework.boot.autoconfigure.jdbc.DataSourceTransactionManagerAutoConfiguration
- - org.springframework.boot.autoconfigure.data.web.SpringDataWebAutoConfiguration
- security:
- user:
- name: ${RESTSERVER_USER}
- password: ${RESTSERVER_PASSWORD}
-
-security:
- enable-csrf: false
-
-participant:
- intermediaryParameters:
- topics:
- operationTopic: {{ .Values.global.kafkaTopics.acRuntimeOperationTopic.name }}
- syncTopic: {{ .Values.global.kafkaTopics.acRuntimeSyncTopic.name }}
- reportingTimeIntervalMs: 120000
- description: Participant Description
- participantId: 101c62b3-8918-41b9-a747-d21eb79c6c00
- clampAutomationCompositionTopics:
- topicSources:
- -
- useHttps: false
- fetchTimeout: 15000
- topic: {{ .Values.global.kafkaTopics.acRuntimeOperationTopic.name }}
- topicCommInfrastructure: kafka
- servers:
- - {{ include "common.release" . }}-{{ .Values.global.kafkaBootstrap }}
- additionalProps:
- group.id: {{ (first .Values.kafkaUser.acls).name }}
- allow.auto.create.topics: false
- security.protocol: SASL_PLAINTEXT
- sasl.mechanism: {{ .Values.kafkaUser.authenticationType | upper }}
- sasl.jaas.config: ${SASL_JAAS_CONFIG}
- -
- useHttps: false
- fetchTimeout: 15000
- topic: {{ .Values.global.kafkaTopics.acRuntimeSyncTopic.name }}
- topicCommInfrastructure: kafka
- servers:
- - {{ include "common.release" . }}-{{ .Values.global.kafkaBootstrap }}
- additionalProps:
- allow.auto.create.topics: false
- security.protocol: SASL_PLAINTEXT
- sasl.mechanism: {{ .Values.kafkaUser.authenticationType | upper }}
- sasl.jaas.config: ${SASL_JAAS_CONFIG}
- topicSinks:
- -
- useHttps: false
- fetchTimeout: 15000
- topic: {{ .Values.global.kafkaTopics.acRuntimeOperationTopic.name }}
- topicCommInfrastructure: kafka
- servers:
- - {{ include "common.release" . }}-{{ .Values.global.kafkaBootstrap }}
- additionalProps:
- client.id: {{ (first .Values.kafkaUser.acls).name }}-client-id
- security.protocol: SASL_PLAINTEXT
- sasl.mechanism: {{ .Values.kafkaUser.authenticationType | upper }}
- sasl.jaas.config: ${SASL_JAAS_CONFIG}
- participantSupportedElementTypes:
- -
- typeName: org.onap.policy.clamp.acm.A1PMSAutomationCompositionElement
- typeVersion: 1.0.1
-
-
-management:
- endpoints:
- web:
- base-path: /
- exposure:
- include: health, metrics, prometheus
-server:
- port: 8086
- servlet:
- context-path: /onap/policy/clamp/acm/a1pmsparticipant
- ssl:
- enabled: false
+++ /dev/null
-<!--
- ============LICENSE_START=======================================================
- Copyright (C) 2022 Nordix Foundation. All rights reserved.
- ================================================================================
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
- http://www.apache.org/licenses/LICENSE-2.0
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
- SPDX-License-Identifier: Apache-2.0
- ============LICENSE_END=========================================================
--->
-
-<configuration scan="true" scanPeriod="30 seconds" debug="false">
-
- <appender name="ErrorOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>/var/log/onap/policy/a1pms-participant/error.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
- <fileNamePattern>/var/log/onap/policy/a1pms-participant/error.%d{yyyy-MM-dd}.%i.log.zip
- </fileNamePattern>
- <maxFileSize>50MB</maxFileSize>
- <maxHistory>30</maxHistory>
- <totalSizeCap>10GB</totalSizeCap>
- </rollingPolicy>
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>WARN</level>
- </filter>
- <encoder>
- <pattern>[%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%level|%logger{0}|%thread] %msg%n</pattern>
- </encoder>
- </appender>
-
- <appender name="AsyncErrorOut" class="ch.qos.logback.classic.AsyncAppender">
- <appender-ref ref="ErrorOut" />
- </appender>
-
- <appender name="DebugOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>/var/log/onap/policy/a1pms-participant/debug.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
- <fileNamePattern>/var/log/onap/policy/a1pms-participant/debug.%d{yyyy-MM-dd}.%i.log.zip
- </fileNamePattern>
- <maxFileSize>50MB</maxFileSize>
- <maxHistory>30</maxHistory>
- <totalSizeCap>10GB</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>[%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%level|%logger{0}|%thread] %msg%n</pattern>
- </encoder>
- </appender>
-
- <appender name="AsyncDebugOut" class="ch.qos.logback.classic.AsyncAppender">
- <appender-ref ref="DebugOut" />
- </appender>
-
- <appender name="NetworkOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>/var/log/onap/policy/a1pms-participant/network.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
- <fileNamePattern>/var/log/onap/policy/a1pms-participant/network.%d{yyyy-MM-dd}.%i.log.zip
- </fileNamePattern>
- <maxFileSize>50MB</maxFileSize>
- <maxHistory>30</maxHistory>
- <totalSizeCap>10GB</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>[%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%t]%m%n</pattern>
- </encoder>
- </appender>
-
- <appender name="AsyncNetworkOut" class="ch.qos.logback.classic.AsyncAppender">
- <appender-ref ref="NetworkOut" />
- </appender>
-
- <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
- <encoder>
- <Pattern>[%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%level|%logger{0}|%thread] %msg%n</Pattern>
- </encoder>
- </appender>
-
- <appender name="AsyncStdOut" class="ch.qos.logback.classic.AsyncAppender">
- <appender-ref ref="STDOUT" />
- </appender>
-
- <logger name="network" level="INFO" additivity="false">
- <appender-ref ref="AsyncNetworkOut" />
- <appender-ref ref="AsyncStdOut" />
- </logger>
-
- <logger name="org.eclipse.jetty.server.RequestLog" level="info" additivity="false">
- <appender-ref ref="AsyncNetworkOut" />
- <appender-ref ref="AsyncStdOut" />
- </logger>
-
- <root level="INFO">
- <appender-ref ref="AsyncDebugOut" />
- <appender-ref ref="AsyncErrorOut" />
- <appender-ref ref="AsyncStdOut" />
- </root>
-
-</configuration>
{{/*
# ============LICENSE_START=======================================================
-# Copyright (C) 2022 Nordix Foundation. All rights reserved.
+# Copyright (C) 2022,2026 OpenInfra Foundation Europe. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
namespace: {{ include "common.namespace" . }}
labels: {{- include "common.labels" . | nindent 4 }}
data:
-{{- if .Values.a1pmsconfig }}
-{{ tpl (.Files.Glob "resources/config/A1pmsParticipantParameters.yaml").AsConfig . | indent 2 }}
-{{ toYaml .Values.a1pmsconfig | indent 4 }}
-{{- end }}
-{{ tpl (.Files.Glob "resources/config/*.{json,xml,sh}").AsConfig . | indent 2 }}
{{/*
# ============LICENSE_START=======================================================
-# Copyright (C) 2022-2023 Nordix Foundation.
+# Copyright (C) 2022-2023,2026 OpenInfra Foundation Europe. All rights reserved.
# Modifications Copyright © 2024 Deutsche Telekom
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
{{ include "common.podSecurityContext" . | indent 6 | trim }}
- initContainers:
- - command:
- - sh
- args:
- - -c
- - "cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done"
- env:
- - name: RESTSERVER_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "login") | indent 10 }}
- - name: RESTSERVER_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "password") | indent 10 }}
- - name: SASL_JAAS_CONFIG
- valueFrom:
- secretKeyRef:
- name: {{ include "common.name" . }}-ku
- key: sasl.jaas.config
- volumeMounts:
- - mountPath: /config-input
- name: ac-a1pms-ppnt-config
- - mountPath: /config
- name: ac-a1pms-ppnt-config-processed
- image: {{ include "repositoryGenerator.image.envsubst" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- {{ include "common.containerSecurityContext" . | indent 8 | trim }}
- name: {{ include "common.name" . }}-update-config
containers:
- name: {{ include "common.name" . }}
{{ include "common.containerSecurityContext" . | indent 10 | trim }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/opt/app/policy/clamp/bin/a1pms-participant.sh"]
- args: ["/opt/app/policy/clamp/etc/mounted/A1pmsParticipantParameters.yaml"]
+ command: ["java", "-jar", "/app/app.jar"]
+ env:
+ - name: HTTP_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "login") | indent 14 }}
+ - name: HTTP_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "password") | indent 14 }}
+ - name: SERVER_PORT
+ value: "8086"
+ - name: a1pmsBaseUrl
+ value: {{ .Values.a1pms.baseUrl }}
+ - name: topicCommInfrastructure
+ value: kafka
+ - name: kafkaServer
+ value: "{{ include "common.release" . }}-{{ .Values.global.kafkaBootstrap }}"
+ - name: allowAutoCreateTopics
+ value: "false"
+ - name: kafkaSecurityProtocol
+ vale: SASL_PLAINTEXT
+ - name: kafkaSaslMechanism
+ value: {{ .Values.kafkaUser.authenticationType | upper }}
+ - name: kafkaSaslJaasConfig
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "common.name" . }}-ku
+ key: sasl.jaas.config
ports: {{ include "common.containerPorts" . | nindent 12 }}
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
- - mountPath: /opt/app/policy/clamp/etc/mounted
- name: ac-a1pms-ppnt-config-processed
- name: logs
mountPath: /var/log/onap
- name: empty-dir
mountPath: /tmp
subPath: tmp-dir
- - mountPath: /opt/app/policy/clamp/etc/logback.xml
- subPath: logback.xml
- name: ac-a1pms-ppnt-config-processed
resources: {{ include "common.resources" . | nindent 12 }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{- end }}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "create" "dot" . )}}
volumes:
- - name: ac-a1pms-ppnt-config
- configMap:
- name: {{ include "common.fullname" . }}-configmap
- defaultMode: 0755
- - name: ac-a1pms-ppnt-config-processed
- emptyDir:
- medium: Memory
- sizeLimit: 64Mi
- name: empty-dir
emptyDir:
sizeLimit: {{ .Values.dirSizes.emptyDir.sizeLimit }}
# ============LICENSE_START=======================================================
-# Copyright (C) 2022-2025 OpenInfra Europe. All rights reserved.
+# Copyright (C) 2022-2026 OpenInfra Europe. All rights reserved.
# Modifications Copyright © 2024 Deutsche Telekom
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-clamp-ac-a1pms-ppnt:8.2.2
+image: onap/policy-clamp-ac-a1pms-ppnt:9.0.0
pullPolicy: Always
componentName: &componentName policy-clamp-ac-a1pms-ppnt
user: participantUser
password: zb!XztG34
-a1pmsconfig:
- a1pms:
- baseUrl: http://a1policymanagement.onap:8081
- headers:
- content-type: application/json
- endpoints:
- health: /a1-policy/v2/rics
- services: /a1-policy/v2/services
- service: /a1-policy/v2/services/{service_id}
+a1pms:
+ baseUrl: http://a1policymanagement.onap:8081
# flag to enable debugging - application support required
debugEnabled: false
+++ /dev/null
-# ============LICENSE_START=======================================================
-# Copyright (C) 2021-2024 Nordix Foundation.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# SPDX-License-Identifier: Apache-2.0
-# ============LICENSE_END=========================================================
-
-spring:
- autoconfigure:
- exclude: >
- org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,
- org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration,
- org.springframework.boot.autoconfigure.jdbc.DataSourceTransactionManagerAutoConfiguration
- security:
- user:
- name: ${RESTSERVER_USER}
- password: ${RESTSERVER_PASSWORD}
-
-security:
- enable-csrf: false
-
-participant:
- intermediaryParameters:
- topics:
- operationTopic: {{ .Values.global.kafkaTopics.acRuntimeOperationTopic.name }}
- syncTopic: {{ .Values.global.kafkaTopics.acRuntimeSyncTopic.name }}
- reportingTimeIntervalMs: 120000
- description: Participant Description
- participantId: 101c62b3-8918-41b9-a747-d21eb79c6c01
- clampAutomationCompositionTopics:
- topicSources:
- -
- useHttps: false
- fetchTimeout: 15000
- topic: {{ .Values.global.kafkaTopics.acRuntimeOperationTopic.name }}
- topicCommInfrastructure: kafka
- servers:
- - {{ include "common.release" . }}-{{ .Values.global.kafkaBootstrap }}
- additionalProps:
- group.id: {{ (first .Values.kafkaUser.acls).name }}
- allow.auto.create.topics: false
- security.protocol: SASL_PLAINTEXT
- sasl.mechanism: {{ .Values.kafkaUser.authenticationType | upper }}
- sasl.jaas.config: ${SASL_JAAS_CONFIG}
- -
- useHttps: false
- fetchTimeout: 15000
- topic: {{ .Values.global.kafkaTopics.acRuntimeSyncTopic.name }}
- topicCommInfrastructure: kafka
- servers:
- - {{ include "common.release" . }}-{{ .Values.global.kafkaBootstrap }}
- additionalProps:
- allow.auto.create.topics: false
- security.protocol: SASL_PLAINTEXT
- sasl.mechanism: {{ .Values.kafkaUser.authenticationType | upper }}
- sasl.jaas.config: ${SASL_JAAS_CONFIG}
- topicSinks:
- -
- useHttps: false
- fetchTimeout: 15000
- topic: {{ .Values.global.kafkaTopics.acRuntimeOperationTopic.name }}
- topicCommInfrastructure: kafka
- servers:
- - {{ include "common.release" . }}-{{ .Values.global.kafkaBootstrap }}
- additionalProps:
- client.id: {{ (first .Values.kafkaUser.acls).name }}-client-id
- security.protocol: SASL_PLAINTEXT
- sasl.mechanism: {{ .Values.kafkaUser.authenticationType | upper }}
- sasl.jaas.config: ${SASL_JAAS_CONFIG}
- participantSupportedElementTypes:
- -
- typeName: org.onap.policy.clamp.acm.HttpAutomationCompositionElement
- typeVersion: 1.0.0
-
-
-management:
- endpoints:
- web:
- exposure:
- include: health, metrics, prometheus
-server:
- port: 8084
- servlet:
- context-path: /onap/httpparticipant
- ssl:
- enabled: false
+++ /dev/null
-<!--
- ============LICENSE_START=======================================================
- Copyright (C) 2021 Nordix Foundation. All rights reserved.
- ================================================================================
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
- http://www.apache.org/licenses/LICENSE-2.0
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
- SPDX-License-Identifier: Apache-2.0
- ============LICENSE_END=========================================================
--->
-
-<configuration scan="true" scanPeriod="30 seconds" debug="false">
-
- <appender name="ErrorOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>/var/log/onap/policy/http-participant/error.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
- <fileNamePattern>/var/log/onap/policy/http-participant/error.%d{yyyy-MM-dd}.%i.log.zip
- </fileNamePattern>
- <maxFileSize>50MB</maxFileSize>
- <maxHistory>30</maxHistory>
- <totalSizeCap>10GB</totalSizeCap>
- </rollingPolicy>
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>WARN</level>
- </filter>
- <encoder>
- <pattern>[%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%level|%logger{0}|%thread] %msg%n</pattern>
- </encoder>
- </appender>
-
- <appender name="AsyncErrorOut" class="ch.qos.logback.classic.AsyncAppender">
- <appender-ref ref="ErrorOut" />
- </appender>
-
- <appender name="DebugOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>/var/log/onap/policy/http-participant/debug.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
- <fileNamePattern>/var/log/onap/policy/http-participant/debug.%d{yyyy-MM-dd}.%i.log.zip
- </fileNamePattern>
- <maxFileSize>50MB</maxFileSize>
- <maxHistory>30</maxHistory>
- <totalSizeCap>10GB</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>[%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%level|%logger{0}|%thread] %msg%n</pattern>
- </encoder>
- </appender>
-
- <appender name="AsyncDebugOut" class="ch.qos.logback.classic.AsyncAppender">
- <appender-ref ref="DebugOut" />
- </appender>
-
- <appender name="NetworkOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>/var/log/onap/policy/http-participant/network.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
- <fileNamePattern>/var/log/onap/policy/http-participant/network.%d{yyyy-MM-dd}.%i.log.zip
- </fileNamePattern>
- <maxFileSize>50MB</maxFileSize>
- <maxHistory>30</maxHistory>
- <totalSizeCap>10GB</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>[%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%t]%m%n</pattern>
- </encoder>
- </appender>
-
- <appender name="AsyncNetworkOut" class="ch.qos.logback.classic.AsyncAppender">
- <appender-ref ref="NetworkOut" />
- </appender>
-
- <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
- <encoder>
- <Pattern>[%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%level|%logger{0}|%thread] %msg%n</Pattern>
- </encoder>
- </appender>
-
- <appender name="AsyncStdOut" class="ch.qos.logback.classic.AsyncAppender">
- <appender-ref ref="STDOUT" />
- </appender>
-
- <logger name="network" level="INFO" additivity="false">
- <appender-ref ref="AsyncNetworkOut" />
- <appender-ref ref="AsyncStdOut" />
- </logger>
-
- <logger name="org.eclipse.jetty.server.RequestLog" level="info" additivity="false">
- <appender-ref ref="AsyncNetworkOut" />
- <appender-ref ref="AsyncStdOut" />
- </logger>
-
- <root level="INFO">
- <appender-ref ref="AsyncDebugOut" />
- <appender-ref ref="AsyncErrorOut" />
- <appender-ref ref="AsyncStdOut" />
- </root>
-
-</configuration>
{{/*
# ============LICENSE_START=======================================================
-# Copyright (C) 2021 Nordix Foundation. All rights reserved.
+# Copyright (C) 2021,2026 OpenInfra Foundation Europe. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
namespace: {{ include "common.namespace" . }}
labels: {{- include "common.labels" . | nindent 4 }}
data:
-{{ tpl (.Files.Glob "resources/config/*.{xml,yaml}").AsConfig . | indent 2 }}
{{/*
# ============LICENSE_START=======================================================
-# Copyright (C) 2021-2023 Nordix Foundation.
+# Copyright (C) 2021-2023,2026 OpenInfra Foundation Europe. All rights reserved.
# Modifications Copyright © 2024 Deutsche Telekom
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
{{ include "common.podSecurityContext" . | indent 6 | trim }}
- initContainers:
- - command:
- - sh
- args:
- - -c
- - "cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done"
- env:
- - name: RESTSERVER_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "login") | indent 10 }}
- - name: RESTSERVER_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "password") | indent 10 }}
- - name: SASL_JAAS_CONFIG
- valueFrom:
- secretKeyRef:
- name: {{ include "common.name" . }}-ku
- key: sasl.jaas.config
- volumeMounts:
- - mountPath: /config-input
- name: ac-http-ppnt-config
- - mountPath: /config
- name: ac-http-ppnt-config-processed
- image: {{ include "repositoryGenerator.image.envsubst" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- {{ include "common.containerSecurityContext" . | indent 8 | trim }}
- name: {{ include "common.name" . }}-update-config
containers:
- name: {{ include "common.name" . }}
{{ include "common.containerSecurityContext" . | indent 10 | trim }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/opt/app/policy/clamp/bin/http-participant.sh"]
- args: ["/opt/app/policy/clamp/etc/mounted/HttpParticipantParameters.yaml"]
+ command: ["java", "-jar", "/app/app.jar"]
+ env:
+ - name: HTTP_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "login") | indent 14 }}
+ - name: HTTP_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "password") | indent 14 }}
+ - name: SERVER_PORT
+ value: "8084"
+ - name: topicCommInfrastructure
+ value: kafka
+ - name: kafkaServer
+ value: "{{ include "common.release" . }}-{{ .Values.global.kafkaBootstrap }}"
+ - name: allowAutoCreateTopics
+ value: "false"
+ - name: kafkaSecurityProtocol
+ vale: SASL_PLAINTEXT
+ - name: kafkaSaslMechanism
+ value: {{ .Values.kafkaUser.authenticationType | upper }}
+ - name: kafkaSaslJaasConfig
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "common.name" . }}-ku
+ key: sasl.jaas.config
ports: {{ include "common.containerPorts" . | nindent 12 }}
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
- - mountPath: /opt/app/policy/clamp/etc/mounted
- name: ac-http-ppnt-config-processed
- name: logs
mountPath: /var/log/onap
- name: empty-dir
mountPath: /tmp
subPath: tmp-dir
- - mountPath: /opt/app/policy/clamp/etc/logback.xml
- subPath: logback.xml
- name: ac-http-ppnt-config-processed
resources: {{ include "common.resources" . | nindent 12 }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{- end }}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- - name: ac-http-ppnt-config
- configMap:
- name: {{ include "common.fullname" . }}-configmap
- defaultMode: 0755
- - name: ac-http-ppnt-config-processed
- emptyDir:
- medium: Memory
- sizeLimit: 64Mi
- name: empty-dir
emptyDir:
sizeLimit: {{ .Values.dirSizes.emptyDir.sizeLimit }}
# ============LICENSE_START=======================================================
-# Copyright (C) 2021-2023, 2025 OpenInfra Europe. All rights reserved.
+# Copyright (C) 2021-2023, 2025-2026 OpenInfra Europe. All rights reserved.
# Modifications Copyright © 2024 Deutsche Telekom
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-clamp-ac-http-ppnt:8.2.2
+image: onap/policy-clamp-ac-http-ppnt:9.0.0
pullPolicy: Always
componentName: &componentName policy-clamp-ac-http-ppnt
+++ /dev/null
-# ============LICENSE_START=======================================================
-# Copyright (C) 2023 Nordix Foundation. All rights reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-# http://www.apache.org/licenses/LICENSE-2.0
-
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# SPDX-License-Identifier: Apache-2.0
-# ============LICENSE_END=========================================================
-
-spring:
- cloud:
- kubernetes:
- enabled: false
- discovery:
- enabled: false
- security:
- user:
- name: ${RESTSERVER_USER}
- password: ${RESTSERVER_PASSWORD}
- autoconfigure:
- exclude:
- - org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration
- - org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration
- - org.springframework.boot.autoconfigure.jdbc.DataSourceTransactionManagerAutoConfiguration
- - org.springframework.boot.autoconfigure.data.web.SpringDataWebAutoConfiguration
- - io.kubernetes.client.spring.extended.manifests.config.KubernetesManifestsAutoConfiguration
- - io.kubernetes.client.spring.extended.network.config.KubernetesLoadBalancerAutoConfiguration
-
-security:
- enable-csrf: false
-
-participant:
- intermediaryParameters:
- topics:
- operationTopic: {{ .Values.global.kafkaTopics.acRuntimeOperationTopic.name }}
- syncTopic: {{ .Values.global.kafkaTopics.acRuntimeSyncTopic.name }}
- reportingTimeIntervalMs: 120000
- description: Participant Description
- participantId: 101c62b3-8918-41b9-a747-d21eb79c6c04
- clampAutomationCompositionTopics:
- topicSources:
- -
- useHttps: false
- fetchTimeout: 15000
- topic: {{ .Values.global.kafkaTopics.acRuntimeOperationTopic.name }}
- topicCommInfrastructure: kafka
- servers:
- - {{ include "common.release" . }}-{{ .Values.global.kafkaBootstrap }}
- additionalProps:
- group.id: {{ (first .Values.kafkaUser.acls).name }}
- allow.auto.create.topics: false
- security.protocol: SASL_PLAINTEXT
- sasl.mechanism: {{ .Values.kafkaUser.authenticationType | upper }}
- sasl.jaas.config: ${SASL_JAAS_CONFIG}
- -
- useHttps: false
- fetchTimeout: 15000
- topic: {{ .Values.global.kafkaTopics.acRuntimeSyncTopic.name }}
- topicCommInfrastructure: kafka
- servers:
- - {{ include "common.release" . }}-{{ .Values.global.kafkaBootstrap }}
- additionalProps:
- allow.auto.create.topics: false
- security.protocol: SASL_PLAINTEXT
- sasl.mechanism: {{ .Values.kafkaUser.authenticationType | upper }}
- sasl.jaas.config: ${SASL_JAAS_CONFIG}
- topicSinks:
- -
- useHttps: false
- fetchTimeout: 15000
- topic: {{ .Values.global.kafkaTopics.acRuntimeOperationTopic.name }}
- topicCommInfrastructure: kafka
- servers:
- - {{ include "common.release" . }}-{{ .Values.global.kafkaBootstrap }}
- additionalProps:
- client.id: {{ (first .Values.kafkaUser.acls).name }}-client-id
- security.protocol: SASL_PLAINTEXT
- sasl.mechanism: {{ .Values.kafkaUser.authenticationType | upper }}
- sasl.jaas.config: ${SASL_JAAS_CONFIG}
- participantSupportedElementTypes:
- -
- typeName: org.onap.policy.clamp.acm.KserveAutomationCompositionElement
- typeVersion: 1.0.1
- -
- typeName: org.onap.policy.clamp.acm.AutomationCompositionElement
- typeVersion: 1.0.0
-
-customresourcedefinition:
- group: serving.kserve.io
- version: v1beta1
- plural: inferenceservices
- grace-period: 10
-
-management:
- endpoints:
- web:
- base-path: /
- exposure:
- include: health, metrics, prometheus
-server:
- port: 8087
- servlet:
- context-path: /onap/policy/clamp/acm/kserveparticipant
- ssl:
- enabled: false
+++ /dev/null
-<!--
- ============LICENSE_START=======================================================
- Copyright (C) 2023 Nordix Foundation. All rights reserved.
- ================================================================================
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
- http://www.apache.org/licenses/LICENSE-2.0
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
- SPDX-License-Identifier: Apache-2.0
- ============LICENSE_END=========================================================
--->
-
-<configuration scan="true" scanPeriod="30 seconds" debug="false">
-
- <appender name="ErrorOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>/var/log/onap/policy/kserve-participant/error.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
- <fileNamePattern>/var/log/onap/policy/kserve-participant/error.%d{yyyy-MM-dd}.%i.log.zip
- </fileNamePattern>
- <maxFileSize>50MB</maxFileSize>
- <maxHistory>30</maxHistory>
- <totalSizeCap>10GB</totalSizeCap>
- </rollingPolicy>
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>WARN</level>
- </filter>
- <encoder>
- <pattern>[%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%level|%logger{0}|%thread] %msg%n</pattern>
- </encoder>
- </appender>
-
- <appender name="AsyncErrorOut" class="ch.qos.logback.classic.AsyncAppender">
- <appender-ref ref="ErrorOut" />
- </appender>
-
- <appender name="DebugOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>/var/log/onap/policy/kserve-participant/debug.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
- <fileNamePattern>/var/log/onap/policy/kserve-participant/debug.%d{yyyy-MM-dd}.%i.log.zip
- </fileNamePattern>
- <maxFileSize>50MB</maxFileSize>
- <maxHistory>30</maxHistory>
- <totalSizeCap>10GB</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>[%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%level|%logger{0}|%thread] %msg%n</pattern>
- </encoder>
- </appender>
-
- <appender name="AsyncDebugOut" class="ch.qos.logback.classic.AsyncAppender">
- <appender-ref ref="DebugOut" />
- </appender>
-
- <appender name="NetworkOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>/var/log/onap/policy/kserve-participant/network.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
- <fileNamePattern>/var/log/onap/policy/kserve-participant/network.%d{yyyy-MM-dd}.%i.log.zip
- </fileNamePattern>
- <maxFileSize>50MB</maxFileSize>
- <maxHistory>30</maxHistory>
- <totalSizeCap>10GB</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>[%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%t]%m%n</pattern>
- </encoder>
- </appender>
-
- <appender name="AsyncNetworkOut" class="ch.qos.logback.classic.AsyncAppender">
- <appender-ref ref="NetworkOut" />
- </appender>
-
- <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
- <encoder>
- <Pattern>[%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%level|%logger{0}|%thread] %msg%n</Pattern>
- </encoder>
- </appender>
-
- <appender name="AsyncStdOut" class="ch.qos.logback.classic.AsyncAppender">
- <appender-ref ref="STDOUT" />
- </appender>
-
- <logger name="network" level="INFO" additivity="false">
- <appender-ref ref="AsyncNetworkOut" />
- <appender-ref ref="AsyncStdOut" />
- </logger>
-
- <logger name="org.eclipse.jetty.server.RequestLog" level="info" additivity="false">
- <appender-ref ref="AsyncNetworkOut" />
- <appender-ref ref="AsyncStdOut" />
- </logger>
-
- <root level="INFO">
- <appender-ref ref="AsyncDebugOut" />
- <appender-ref ref="AsyncErrorOut" />
- <appender-ref ref="AsyncStdOut" />
- </root>
-
-</configuration>
{{/*
# ============LICENSE_START=======================================================
-# Copyright (C) 2023 Nordix Foundation. All rights reserved.
+# Copyright (C) 2023,2026 OpenInfra Foundation Europe. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
namespace: {{ include "common.namespace" . }}
labels: {{- include "common.labels" . | nindent 4 }}
data:
-{{ tpl (.Files.Glob "resources/config/*.{xml,yaml}").AsConfig . | indent 2 }}
{{/*
# ============LICENSE_START=======================================================
-# Copyright (C) 2023 Nordix Foundation.
+# Copyright (C) 2023,2026 OpenInfra Foundation Europe. All rights reserved.
# Modifications Copyright © 2024 Deutsche Telekom
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
{{ include "common.podSecurityContext" . | indent 6 | trim }}
- initContainers:
- - command:
- - sh
- args:
- - -c
- - "cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done"
- env:
- - name: RESTSERVER_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "login") | indent 10 }}
- - name: RESTSERVER_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "password") | indent 10 }}
- - name: SASL_JAAS_CONFIG
- valueFrom:
- secretKeyRef:
- name: {{ include "common.name" . }}-ku
- key: sasl.jaas.config
- volumeMounts:
- - mountPath: /config-input
- name: ac-kserve-ppnt-config
- - mountPath: /config
- name: ac-kserve-ppnt-config-processed
- image: {{ include "repositoryGenerator.image.envsubst" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- {{ include "common.containerSecurityContext" . | indent 8 | trim }}
- name: {{ include "common.name" . }}-update-config
containers:
- name: {{ include "common.name" . }}
{{ include "common.containerSecurityContext" . | indent 10 | trim }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/opt/app/policy/clamp/bin/kserve-participant.sh"]
- args: ["/opt/app/policy/clamp/etc/mounted/KserveParticipantParameters.yaml"]
+ command: ["java", "-jar", "/app/app.jar"]
+ env:
+ - name: HTTP_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "login") | indent 14 }}
+ - name: HTTP_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "password") | indent 14 }}
+ - name: SERVER_PORT
+ value: "8087"
+ - name: topicCommInfrastructure
+ value: kafka
+ - name: kafkaServer
+ value: "{{ include "common.release" . }}-{{ .Values.global.kafkaBootstrap }}"
+ - name: allowAutoCreateTopics
+ value: "false"
+ - name: kafkaSecurityProtocol
+ vale: SASL_PLAINTEXT
+ - name: kafkaSaslMechanism
+ value: {{ .Values.kafkaUser.authenticationType | upper }}
+ - name: kafkaSaslJaasConfig
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "common.name" . }}-ku
+ key: sasl.jaas.config
ports: {{ include "common.containerPorts" . | nindent 12 }}
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
- - mountPath: /opt/app/policy/clamp/etc/mounted
- name: ac-kserve-ppnt-config-processed
- name: logs
mountPath: /var/log/onap
- name: empty-dir
mountPath: /tmp
subPath: tmp-dir
- - mountPath: /opt/app/policy/clamp/etc/logback.xml
- subPath: logback.xml
- name: ac-kserve-ppnt-config-processed
resources: {{ include "common.resources" . | nindent 12 }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{- end }}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "create" "dot" . )}}
volumes:
- - name: ac-kserve-ppnt-config
- configMap:
- name: {{ include "common.fullname" . }}-configmap
- defaultMode: 0755
- - name: ac-kserve-ppnt-config-processed
- emptyDir:
- medium: Memory
- sizeLimit: 64Mi
- name: empty-dir
emptyDir:
sizeLimit: {{ .Values.dirSizes.emptyDir.sizeLimit }}
# ============LICENSE_START=======================================================
-# Copyright (C) 2023, 2025 OpenInfra Europe. All rights reserved.
+# Copyright (C) 2023, 2025-2026 OpenInfra Europe. All rights reserved.
# Modifications Copyright © 2024 Deutsche Telekom
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-clamp-ac-kserve-ppnt:8.2.2
+image: onap/policy-clamp-ac-kserve-ppnt:9.0.0
pullPolicy: Always
componentName: &componentName policy-clamp-ac-kserve-ppnt
+++ /dev/null
-# ============LICENSE_START=======================================================
-# Copyright (C) 2021-2024 Nordix Foundation.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# SPDX-License-Identifier: Apache-2.0
-# ============LICENSE_END=========================================================
-
-spring:
- autoconfigure:
- exclude: >
- org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,
- org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration,
- org.springframework.boot.autoconfigure.jdbc.DataSourceTransactionManagerAutoConfiguration
- security:
- user:
- name: ${RESTSERVER_USER}
- password: ${RESTSERVER_PASSWORD}
-
-security:
- enable-csrf: false
-
-participant:
- pdpGroup: defaultGroup
- pdpType: apex
- policyApiParameters:
- clientName: api
- hostname: policy-api
- port: 6969
- userName: ${API_USER}
- password: ${API_PASSWORD}
- useHttps: "false"
- allowSelfSignedCerts: true
- policyPapParameters:
- clientName: pap
- hostname: policy-pap
- port: 6969
- userName: ${PAP_USER}
- password: ${PAP_PASSWORD}
- useHttps: "false"
- allowSelfSignedCerts: true
- intermediaryParameters:
- topics:
- operationTopic: {{ .Values.global.kafkaTopics.acRuntimeOperationTopic.name }}
- syncTopic: {{ .Values.global.kafkaTopics.acRuntimeSyncTopic.name }}
- reportingTimeIntervalMs: 120000
- description: Participant Description
- participantId: 101c62b3-8918-41b9-a747-d21eb79c6c03
- clampAutomationCompositionTopics:
- topicSources:
- -
- useHttps: false
- fetchTimeout: 15000
- topic: {{ .Values.global.kafkaTopics.acRuntimeOperationTopic.name }}
- topicCommInfrastructure: kafka
- servers:
- - {{ include "common.release" . }}-{{ .Values.global.kafkaBootstrap }}
- additionalProps:
- group.id: {{ (first .Values.kafkaUser.acls).name }}
- allow.auto.create.topics: false
- security.protocol: SASL_PLAINTEXT
- sasl.mechanism: {{ .Values.kafkaUser.authenticationType | upper }}
- sasl.jaas.config: ${SASL_JAAS_CONFIG}
- -
- useHttps: false
- fetchTimeout: 15000
- topic: {{ .Values.global.kafkaTopics.acRuntimeSyncTopic.name }}
- topicCommInfrastructure: kafka
- servers:
- - {{ include "common.release" . }}-{{ .Values.global.kafkaBootstrap }}
- additionalProps:
- allow.auto.create.topics: false
- security.protocol: SASL_PLAINTEXT
- sasl.mechanism: {{ .Values.kafkaUser.authenticationType | upper }}
- sasl.jaas.config: ${SASL_JAAS_CONFIG}
- topicSinks:
- -
- useHttps: false
- fetchTimeout: 15000
- topic: {{ .Values.global.kafkaTopics.acRuntimeOperationTopic.name }}
- topicCommInfrastructure: kafka
- servers:
- - {{ include "common.release" . }}-{{ .Values.global.kafkaBootstrap }}
- additionalProps:
- client.id: {{ (first .Values.kafkaUser.acls).name }}-client-id
- security.protocol: SASL_PLAINTEXT
- sasl.mechanism: {{ .Values.kafkaUser.authenticationType | upper }}
- sasl.jaas.config: ${SASL_JAAS_CONFIG}
- participantSupportedElementTypes:
- -
- typeName: org.onap.policy.clamp.acm.PolicyAutomationCompositionElement
- typeVersion: 1.0.0
-
-management:
- endpoints:
- web:
- exposure:
- include: health, metrics, prometheus
-
-server:
- port: 8085
- servlet:
- context-path: /onap/policyparticipant
- ssl:
- enabled: false
+++ /dev/null
-<!--
- ============LICENSE_START=======================================================
- Copyright (C) 2021 Nordix Foundation. All rights reserved.
- ================================================================================
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
- http://www.apache.org/licenses/LICENSE-2.0
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
- SPDX-License-Identifier: Apache-2.0
- ============LICENSE_END=========================================================
--->
-
-<configuration scan="true" scanPeriod="30 seconds" debug="false">
-
- <appender name="ErrorOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>/var/log/onap/policy/pf-participant/error.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
- <fileNamePattern>/var/log/onap/policy/pf-participant/error.%d{yyyy-MM-dd}.%i.log.zip
- </fileNamePattern>
- <maxFileSize>50MB</maxFileSize>
- <maxHistory>30</maxHistory>
- <totalSizeCap>10GB</totalSizeCap>
- </rollingPolicy>
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>WARN</level>
- </filter>
- <encoder>
- <pattern>[%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%level|%logger{0}|%thread] %msg%n</pattern>
- </encoder>
- </appender>
-
- <appender name="AsyncErrorOut" class="ch.qos.logback.classic.AsyncAppender">
- <appender-ref ref="ErrorOut" />
- </appender>
-
- <appender name="DebugOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>/var/log/onap/policy/pf-participant/debug.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
- <fileNamePattern>/var/log/onap/policy/pf-participant/debug.%d{yyyy-MM-dd}.%i.log.zip
- </fileNamePattern>
- <maxFileSize>50MB</maxFileSize>
- <maxHistory>30</maxHistory>
- <totalSizeCap>10GB</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>[%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%level|%logger{0}|%thread] %msg%n</pattern>
- </encoder>
- </appender>
-
- <appender name="AsyncDebugOut" class="ch.qos.logback.classic.AsyncAppender">
- <appender-ref ref="DebugOut" />
- </appender>
-
- <appender name="NetworkOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>/var/log/onap/policy/pf-participant/network.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
- <fileNamePattern>/var/log/onap/policy/pf-participant/network.%d{yyyy-MM-dd}.%i.log.zip
- </fileNamePattern>
- <maxFileSize>50MB</maxFileSize>
- <maxHistory>30</maxHistory>
- <totalSizeCap>10GB</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>[%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%t]%m%n</pattern>
- </encoder>
- </appender>
-
- <appender name="AsyncNetworkOut" class="ch.qos.logback.classic.AsyncAppender">
- <appender-ref ref="NetworkOut" />
- </appender>
-
- <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
- <encoder>
- <Pattern>[%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%level|%logger{0}|%thread] %msg%n</Pattern>
- </encoder>
- </appender>
-
- <appender name="AsyncStdOut" class="ch.qos.logback.classic.AsyncAppender">
- <appender-ref ref="STDOUT" />
- </appender>
-
- <logger name="network" level="INFO" additivity="false">
- <appender-ref ref="AsyncNetworkOut" />
- <appender-ref ref="AsyncStdOut" />
- </logger>
-
- <logger name="org.eclipse.jetty.server.RequestLog" level="info" additivity="false">
- <appender-ref ref="AsyncNetworkOut" />
- <appender-ref ref="AsyncStdOut" />
- </logger>
-
- <root level="INFO">
- <appender-ref ref="AsyncDebugOut" />
- <appender-ref ref="AsyncErrorOut" />
- <appender-ref ref="AsyncStdOut" />
- </root>
-
-</configuration>
{{/*
# ============LICENSE_START=======================================================
-# Copyright (C) 2021 Nordix Foundation. All rights reserved.
+# Copyright (C) 2021,2026 OpenInfra Foundation Europe. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
namespace: {{ include "common.namespace" . }}
labels: {{- include "common.labels" . | nindent 4 }}
data:
-{{ tpl (.Files.Glob "resources/config/*.{xml,yaml}").AsConfig . | indent 2 }}
{{/*
# ============LICENSE_START=======================================================
-# Copyright (C) 2021-2023 Nordix Foundation.
+# Copyright (C) 2021-2023,2026 OpenInfra Foundation Europe. All rights reserved.
# Modifications Copyright © 2024 Deutsche Telekom
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
{{ include "common.podSecurityContext" . | indent 6 | trim }}
- initContainers:
- - command:
- - sh
- args:
- - -c
- - "cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done"
- env:
- - name: API_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "api-secret" "key" "login") | indent 10 }}
- - name: API_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "api-secret" "key" "password") | indent 10 }}
- - name: PAP_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pap-secret" "key" "login") | indent 10 }}
- - name: PAP_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pap-secret" "key" "password") | indent 10 }}
- - name: RESTSERVER_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "login") | indent 10 }}
- - name: RESTSERVER_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "password") | indent 10 }}
- - name: SASL_JAAS_CONFIG
- valueFrom:
- secretKeyRef:
- name: {{ include "common.name" . }}-ku
- key: sasl.jaas.config
- volumeMounts:
- - mountPath: /config-input
- name: ac-pf-ppnt-config
- - mountPath: /config
- name: ac-pf-ppnt-config-processed
- image: {{ include "repositoryGenerator.image.envsubst" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- {{ include "common.containerSecurityContext" . | indent 8 | trim }}
- name: {{ include "common.name" . }}-update-config
containers:
- name: {{ include "common.name" . }}
{{ include "common.containerSecurityContext" . | indent 10 | trim }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/opt/app/policy/clamp/bin/policy-participant.sh"]
- args: ["/opt/app/policy/clamp/etc/mounted/PolicyParticipantParameters.yaml"]
+ command: ["java", "-jar", "/app/app.jar"]
+ env:
+ - name: HTTP_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "login") | indent 14 }}
+ - name: HTTP_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "password") | indent 14 }}
+ - name: API_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "api-secret" "key" "login") | indent 14 }}
+ - name: API_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "api-secret" "key" "password") | indent 14 }}
+ - name: PAP_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pap-secret" "key" "login") | indent 14 }}
+ - name: PAP_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pap-secret" "key" "password") | indent 14 }}
+ - name: SERVER_PORT
+ value: "8085"
+ - name: topicCommInfrastructure
+ value: kafka
+ - name: kafkaServer
+ value: "{{ include "common.release" . }}-{{ .Values.global.kafkaBootstrap }}"
+ - name: allowAutoCreateTopics
+ value: "false"
+ - name: kafkaSecurityProtocol
+ vale: SASL_PLAINTEXT
+ - name: kafkaSaslMechanism
+ value: {{ .Values.kafkaUser.authenticationType | upper }}
+ - name: kafkaSaslJaasConfig
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "common.name" . }}-ku
+ key: sasl.jaas.config
ports: {{ include "common.containerPorts" . | nindent 12 }}
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
- - mountPath: /opt/app/policy/clamp/etc/mounted
- name: ac-pf-ppnt-config-processed
- name: logs
mountPath: /var/log/onap
- name: empty-dir
mountPath: /tmp
subPath: tmp-dir
- - mountPath: /opt/app/policy/clamp/etc/logback.xml
- subPath: logback.xml
- name: ac-pf-ppnt-config-processed
resources: {{ include "common.resources" . | nindent 12 }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{- end }}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- - name: ac-pf-ppnt-config
- configMap:
- name: {{ include "common.fullname" . }}-configmap
- defaultMode: 0755
- - name: ac-pf-ppnt-config-processed
- emptyDir:
- medium: Memory
- sizeLimit: 64Mi
- name: empty-dir
emptyDir:
sizeLimit: {{ .Values.dirSizes.emptyDir.sizeLimit }}
# ============LICENSE_START=======================================================
-# Copyright (C) 2021-2025 OpenInfra Europe. All rights reserved.
+# Copyright (C) 2021-2026 OpenInfra Europe. All rights reserved.
# Modifications Copyright © 2024 Deutsche Telekom
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-clamp-ac-pf-ppnt:8.2.2
+image: onap/policy-clamp-ac-pf-ppnt:9.0.0
pullPolicy: Always
componentName: &componentName policy-clamp-ac-pf-ppnt
Code Review / oom.git / commitdiff