From: david.mcweeney <david.mcweeney@est.tech>
Date: Fri, 10 Feb 2023 12:17:12 +0000 (+0000)
Subject: [CDS-SDC-DIST] Move CDS listener to use strimzi kafka user template
X-Git-Tag: 12.0.0~111^2
X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;ds=sidebyside;h=8682c2dc8941b7b4f8240f8a93866244eb692dfd;p=oom.git

[CDS-SDC-DIST] Move CDS listener to use strimzi kafka user template

Move CDS SDC listener to use Strizi Kafka user template

Change-Id: I84c0a5840b8ce264e0be5ddcfc33c96b2facef60
Signed-off-by: david.mcweeney <david.mcweeney@est.tech>
Issue-ID: DMAAP-1851
---

diff --git a/kubernetes/cds/components/cds-sdc-listener/resources/config/application.yaml b/kubernetes/cds/components/cds-sdc-listener/resources/config/application.yaml
index 6024309d4f..6ee2201e57 100644
--- a/kubernetes/cds/components/cds-sdc-listener/resources/config/application.yaml
+++ b/kubernetes/cds/components/cds-sdc-listener/resources/config/application.yaml
@@ -7,8 +7,8 @@ listenerservice:
     pollingInterval: 15
     pollingTimeout: 60
     relevantArtifactTypes: TOSCA_CSAR
-    consumerGroup: {{ .Values.config.kafka.sdcTopic.consumerGroup }}
-    consumerId: {{ .Values.config.kafka.sdcTopic.clientId }}
+    consumerGroup: {{ (first .Values.kafkaUser.acls).name }}
+    consumerId: {{ (first .Values.kafkaUser.acls).name }}-sdc-listener
     environmentName: AUTO
     keyStorePassword:
     keyStorePath:
diff --git a/kubernetes/cds/components/cds-sdc-listener/templates/cds-sdc-list-kafka-user.yaml b/kubernetes/cds/components/cds-sdc-listener/templates/cds-sdc-list-kafka-user.yaml
deleted file mode 100644
index 58d99dd5b1..0000000000
--- a/kubernetes/cds/components/cds-sdc-listener/templates/cds-sdc-list-kafka-user.yaml
+++ /dev/null
@@ -1,36 +0,0 @@
-{{/*
-# Copyright Â© 2022 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-apiVersion: kafka.strimzi.io/v1beta2
-kind: KafkaUser
-metadata:
-  name: {{ include "common.release" . }}-{{ .Values.global.cdsSdcListenerKafkaUser }}
-  labels:
-    strimzi.io/cluster: {{ include "common.release" . }}-strimzi
-spec:
-  authentication:
-    type: {{ .Values.config.kafka.saslMechanism | lower }}
-  authorization:
-    type: {{ .Values.config.kafka.authType }}
-    acls:
-    - resource:
-        type: group
-        name: {{ .Values.config.kafka.sdcTopic.consumerGroup }}
-      operation: All
-    - resource:
-        type: topic
-        patternType: prefix
-        name: {{ .Values.config.kafka.sdcTopic.pattern }}
-      operation: All
diff --git a/kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml b/kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml
index d01e3b0af5..d08390bc12 100644
--- a/kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml
+++ b/kubernetes/cds/components/cds-sdc-listener/templates/deployment.yaml
@@ -14,7 +14,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 */}}
-
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -60,12 +59,11 @@ spec:
           env:
           - name: APP_CONFIG_HOME
             value: {{ .Values.config.appConfigDir }}
-          - name: SECURITY_PROTOCOL
-            value: {{ .Values.config.kafka.securityProtocol }}
-          - name: SASL_MECHANISM
-            value: {{ .Values.config.kafka.saslMechanism }}
           - name: SASL_JAAS_CONFIG
-            value: {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-sdc-kafka-secret" "key" "sasl.jaas.config") | indent 12 }}
+            valueFrom:
+              secretKeyRef:
+                name: {{ include "common.name" . }}-ku
+                key: sasl.jaas.config
           ports:
           - containerPort: {{ .Values.service.http.internalPort }}
             name: {{ .Values.service.http.portName }}
diff --git a/kubernetes/cds/components/cds-sdc-listener/templates/kafkauser.yaml b/kubernetes/cds/components/cds-sdc-listener/templates/kafkauser.yaml
new file mode 100644
index 0000000000..324a068cf0
--- /dev/null
+++ b/kubernetes/cds/components/cds-sdc-listener/templates/kafkauser.yaml
@@ -0,0 +1,16 @@
+{{/*
+# Copyright Â© 2022-23 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+{{ include "common.kafkauser" . }}
diff --git a/kubernetes/cds/components/cds-sdc-listener/values.yaml b/kubernetes/cds/components/cds-sdc-listener/values.yaml
index 3d13802d5d..8108d5f970 100644
--- a/kubernetes/cds/components/cds-sdc-listener/values.yaml
+++ b/kubernetes/cds/components/cds-sdc-listener/values.yaml
@@ -26,8 +26,6 @@ global:
   persistence:
     mountPath: /dockerdata-nfs
 
-  cdsSdcListenerKafkaUser: cds-sdc-list-user
-
 #################################################################
 # Application configuration defaults.
 #################################################################
@@ -39,27 +37,18 @@ pullPolicy: Always
 # flag to enable debugging - application support required
 debugEnabled: false
 
-secrets:
-  - uid: cds-sdc-kafka-secret
-    externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
-    type: genericKV
-    envs:
-      - name: sasl.jaas.config
-        value: '{{ .Values.config.someConfig }}'
-        policy: generate
+kafkaUser:
+  acls:
+    - name: cds
+      type: group
+      operations: [Read]
+    - name: SDC-DISTR
+      type: topic
+      patternType: prefix
+      operations: [Read, Write]
 
-# application configuration
 config:
   appConfigDir: /opt/app/onap/config
-  someConfig: blah
-  kafka:
-    securityProtocol: SASL_PLAINTEXT
-    saslMechanism: SCRAM-SHA-512
-    authType: simple
-    sdcTopic:
-      pattern: SDC-DIST
-      consumerGroup: cds
-      clientId: cds-sdc-listener
 
 # default number of instances
 replicaCount: 1
diff --git a/kubernetes/cds/values.yaml b/kubernetes/cds/values.yaml
index 4c06d30a80..58e6b65c6f 100644
--- a/kubernetes/cds/values.yaml
+++ b/kubernetes/cds/values.yaml
@@ -24,7 +24,6 @@ global:
   persistence:
     mountPath: /dockerdata-nfs
   cdsKafkaUser: cds-kafka-user
-  cdsSdcListenerKafkaUser: cds-sdc-list-user
 
 #################################################################
 # Secrets metaconfig
@@ -225,8 +224,6 @@ cds-py-executor:
 
 cds-sdc-listener:
   enabled: true
-  config:
-    jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.cdsSdcListenerKafkaUser }}'
 
 cds-ui:
   enabled: true