From: Sylvain Desbureaux Date: Mon, 4 Oct 2021 13:55:30 +0000 (+0000) Subject: Merge "[COMMON] Add and run pre-commit linters via tox" X-Git-Tag: 9.0.0~99 X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=86bd887da34ed388c648d1756258421da05b786a;hp=30ec390479c9b7eeeaa90f036be02162c29ae918;p=oom.git Merge "[COMMON] Add and run pre-commit linters via tox" --- diff --git a/docs/oom_setup_ingress_controller.rst b/docs/oom_setup_ingress_controller.rst index e49c72a2e4..cb385da141 100644 --- a/docs/oom_setup_ingress_controller.rst +++ b/docs/oom_setup_ingress_controller.rst @@ -139,8 +139,8 @@ MetalLB Load balancer can be easily installed using automatic install script:: > ./install-metallb-on-cluster.sh -Configuration Ngninx ingress controller -======================================= +Configuration Nginx ingress controller +====================================== After installation DNS server and ingress controller we can install and configure ingress controller. diff --git a/docs/oom_setup_kubernetes_rancher.rst b/docs/oom_setup_kubernetes_rancher.rst index e002d38897..6272f83238 100644 --- a/docs/oom_setup_kubernetes_rancher.rst +++ b/docs/oom_setup_kubernetes_rancher.rst @@ -428,7 +428,7 @@ share a common, distributed filesystem. In this tutorial, we will setup an NFS Master, and configure all Worker nodes a Kubernetes cluster to play the role of NFS slaves. -It is recommneded that a separate VM, outside of the kubernetes +It is recommended that a separate VM, outside of the kubernetes cluster, be used. This is to ensure that the NFS Master does not compete for resources with Kubernetes Control Plane or Worker Nodes. diff --git a/docs/oom_setup_paas.rst b/docs/oom_setup_paas.rst index 845fd473e0..6b7b9c3bab 100644 --- a/docs/oom_setup_paas.rst +++ b/docs/oom_setup_paas.rst @@ -16,7 +16,7 @@ Starting from Honolulu release, Cert-Manager and Prometheus Stack are a part of k8s PaaS for ONAP operations and can be installed to provide additional functionality for ONAP engineers. -The versions of PaaS compoents that are supported by OOM are as follows: +The versions of PaaS components that are supported by OOM are as follows: .. table:: ONAP PaaS components diff --git a/docs/oom_user_guide.rst b/docs/oom_user_guide.rst index 5f63c7d1a2..3212fd319d 100644 --- a/docs/oom_user_guide.rst +++ b/docs/oom_user_guide.rst @@ -570,7 +570,7 @@ Below is the example for the same:: Here the Name column shows the RELEASE NAME, In our case we want to try the scale operation on cassandra, thus the RELEASE NAME would be dev-cassandra. -Now we need to obtain the chart name for casssandra. Use the below +Now we need to obtain the chart name for cassandra. Use the below command to get the chart name:: > helm search cassandra @@ -585,15 +585,15 @@ Below is the example for the same:: local/sdc-cs 8.0.0 ONAP Service Design and Creation Cassandra Here the Name column shows the chart name. As we want to try the scale -operation for cassandra, thus the correponding chart name is local/cassandra +operation for cassandra, thus the corresponding chart name is local/cassandra Now we have both the command's arguments, thus we can perform the -scale opeartion for cassandra as follows:: +scale operation for cassandra as follows:: > helm upgrade dev-cassandra local/cassandra --set replicaCount=3 -Using this command we can scale up or scale down the cassadra db instances. +Using this command we can scale up or scale down the cassandra db instances. The ONAP components use Kubernetes provided facilities to build clustered, diff --git a/docs/release-notes-beijing.rst b/docs/release-notes-beijing.rst index 1172a086d2..84f86c100d 100644 --- a/docs/release-notes-beijing.rst +++ b/docs/release-notes-beijing.rst @@ -231,7 +231,7 @@ Bug * [`OOM-514 `_] - Readiness prob fails sometimes even though the relevant pods are running * [`OOM-539 `_] - Kube2MSB registrator doesn't support https REST service registration * [`OOM-570 `_] - Wrong value is assigned to kube2msb AUTH_TOKEN environment variable -* [`OOM-574 `_] - OOM configuration for robot doesnt copy heat templatese in dockerdata-nfs +* [`OOM-574 `_] - OOM configuration for robot does not copy heat templatese in dockerdata-nfs * [`OOM-577 `_] - Incorrect evaluation of bash command in yaml template file (portal-vnc-dep.yaml) * [`OOM-578 `_] - Hard coded token in oom/kubernetes/kube2msb/values.yaml file * [`OOM-589 `_] - Can not acces CLI in vnc-portal @@ -299,7 +299,7 @@ Bug * [`OOM-913 `_] - Consul agent pod is failing * [`OOM-916 `_] - Used to fix testing issues related to usability * [`OOM-918 `_] - Policy - incorrect configmap mount causes base.conf to disappear -* [`OOM-920 `_] - Issue with CLAMP configuation +* [`OOM-920 `_] - Issue with CLAMP configuration * [`OOM-921 `_] - align onap/values.yaml and onap/resources/environments/dev.yaml - different /dockerdata-nfs * [`OOM-926 `_] - Disable clustering for APP-C out-of-the-box * [`OOM-927 `_] - Need a production grade configuration override file of ONAP deployment @@ -316,7 +316,7 @@ Bug * [`OOM-948 `_] - make vfc got an error * [`OOM-951 `_] - Update APPC charts based on on changes for ccsdk and Nitrogen ODL * [`OOM-953 `_] - switch aai haproxy/hbase repo from hub.docker.com to nexus3 -* [`OOM-958 `_] - SDC-be deployment missing environment paramter +* [`OOM-958 `_] - SDC-be deployment missing environment parameter * [`OOM-964 `_] - SDC Healthcheck failure on sdc-be and sdc-kb containers down * [`OOM-968 `_] - warning on default deployment values.yaml * [`OOM-969 `_] - oomk8s images have no Dockerfile's @@ -330,7 +330,7 @@ Bug * [`OOM-993 `_] - AAI model-loader.properties not in sync with project file * [`OOM-994 `_] - DCAE cloudify controller docker image 1.1.0 N/A - use 1.2.0/1.3.0 * [`OOM-1003 `_] - dcae-cloudify-manager chart references obsolete image version -* [`OOM-1004 `_] - aai-resources constantly fails due to cassanda hostname +* [`OOM-1004 `_] - aai-resources constantly fails due to cassandra hostname * [`OOM-1005 `_] - AAI Widgets not loading due to duplicate volumes * [`OOM-1007 `_] - Update dcae robot health check config * [`OOM-1008 `_] - Set default consul server replica count to 1 @@ -366,7 +366,7 @@ Bug * [`OOM-1068 `_] - Update SO with new AAI cert * [`OOM-1076 `_] - some charts still using readiness check image from amsterdam 1.x * [`OOM-1077 `_] - AAI resources and traversal deployment failure on non-rancher envs -* [`OOM-1079 `_] - Robot charts dont allow over ride of pub_key, dcae_collector_ip and dcae_collector_port +* [`OOM-1079 `_] - Robot charts do not allow over ride of pub_key, dcae_collector_ip and dcae_collector_port * [`OOM-1081 `_] - Remove component 'mock' from TOSCA deployment * [`OOM-1082 `_] - Wrong pv location of dcae postgres * [`OOM-1085 `_] - appc hostname is incorrect in url diff --git a/docs/release-notes-casablanca.rst b/docs/release-notes-casablanca.rst index 6a6a196b6b..6b857309aa 100644 --- a/docs/release-notes-casablanca.rst +++ b/docs/release-notes-casablanca.rst @@ -30,7 +30,7 @@ areas: class provisioner * CPU and Memory limits in Helm Charts to improve Pod placement based on - resource availablity in Kubernetes Cluster + resource availability in Kubernetes Cluster * Support of Node Selectors for Pod placement diff --git a/docs/release-notes-dublin.rst b/docs/release-notes-dublin.rst index 1974756ea3..7a32297210 100644 --- a/docs/release-notes-dublin.rst +++ b/docs/release-notes-dublin.rst @@ -27,7 +27,7 @@ Summary **Platform Resiliency** -* Documenation of a Highly-Available Kubernetes Cluster Deployment +* Documentation of a Highly-Available Kubernetes Cluster Deployment * Availability of a Default Storage Class Provisioner for improved Persistent Storage resiliency * Availability of a CNI reference integration for Multi-site support diff --git a/docs/release-notes-elalto.rst b/docs/release-notes-elalto.rst index bbbf271a5f..b4059028e5 100644 --- a/docs/release-notes-elalto.rst +++ b/docs/release-notes-elalto.rst @@ -26,7 +26,7 @@ Version 5.0.1 (El Alto Release) Summary ------- -The focus of this release was on maintanence and as such no new features were +The focus of this release was on maintenance and as such no new features were delivered. A list of issues resolved in this release can be found here: https://jira.onap.org/projects/OOM/versions/10726 diff --git a/docs/release-notes-honolulu.rst b/docs/release-notes-honolulu.rst index 0c8d81f164..59f40ec0fa 100644 --- a/docs/release-notes-honolulu.rst +++ b/docs/release-notes-honolulu.rst @@ -136,7 +136,7 @@ Workarounds ----------- - ``_ - Workaround is to generate a password with "short" strenght or pregenerate + Workaround is to generate a password with "short" strength or pregenerate passwords without single quote in it. Default deployment is using "short" password generation for mariadb. diff --git a/docs/spelling_wordlist.txt b/docs/spelling_wordlist.txt index c860d4aa00..5140ec258f 100644 --- a/docs/spelling_wordlist.txt +++ b/docs/spelling_wordlist.txt @@ -1,5 +1,6 @@ AAF AAI +ACL adaptor Adaptor adaptors @@ -59,6 +60,7 @@ Fcaps Financials geocoder Gerrit +Git Github graphSON guestOS @@ -141,6 +143,7 @@ Junit JUnit Junits JUnits +Karaf keypair Keypair keypairs @@ -155,6 +158,7 @@ keytool keyValue Kibana Kibibytes +kubectl Kubernetes LF lifecycle @@ -173,6 +177,7 @@ macAddress MacAddress macOS Malware +MariaDB metadata Metadata microservice @@ -217,14 +222,18 @@ onboarding Onboarding online OOF +oom OOM OpenDaylight +OpenFlow openo OpenO Opensource Openstack OpenStack OSS +ovs +ovsdb Pandoc partitionKey Partitionkey @@ -272,6 +281,7 @@ refactored Refactored registrator Registrator +releng repo Repo repos diff --git a/kubernetes/a1policymanagement/requirements.yaml b/kubernetes/a1policymanagement/requirements.yaml index ba5f5d5ea3..401f2e3c9f 100644 --- a/kubernetes/a1policymanagement/requirements.yaml +++ b/kubernetes/a1policymanagement/requirements.yaml @@ -24,3 +24,6 @@ dependencies: - name: repositoryGenerator version: ~8.x-0 repository: '@local' + - name: serviceAccount + version: ~8.x-0 + repository: '@local' diff --git a/kubernetes/a1policymanagement/templates/statefulset.yaml b/kubernetes/a1policymanagement/templates/statefulset.yaml index 54ee1515bc..1d25f31e7f 100644 --- a/kubernetes/a1policymanagement/templates/statefulset.yaml +++ b/kubernetes/a1policymanagement/templates/statefulset.yaml @@ -106,6 +106,7 @@ spec: - name: {{ include "common.fullname" . }} mountPath: "/var/policy-management-service/database" resources: {{ include "common.resources" . | nindent 10 }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: {{ include "common.fullname" . }}-policy-conf-input configMap: diff --git a/kubernetes/a1policymanagement/values.yaml b/kubernetes/a1policymanagement/values.yaml index 5c9c32186a..103a621f52 100644 --- a/kubernetes/a1policymanagement/values.yaml +++ b/kubernetes/a1policymanagement/values.yaml @@ -159,4 +159,8 @@ persistence: mountPath: /dockerdata-nfs mountSubPath: nonrtric/policymanagementservice - +#Pods Service Account +serviceAccount: + nameOverride: a1policymanagement + roles: + - read diff --git a/kubernetes/aai/components/aai-schema-service/values.yaml b/kubernetes/aai/components/aai-schema-service/values.yaml index 18ef89f1fd..252df407c1 100644 --- a/kubernetes/aai/components/aai-schema-service/values.yaml +++ b/kubernetes/aai/components/aai-schema-service/values.yaml @@ -74,7 +74,7 @@ global: # global defaults - aai_keystore # application image -image: onap/aai-schema-service:1.9.1 +image: onap/aai-schema-service:1.9.2 pullPolicy: Always restartPolicy: Always flavorOverride: small diff --git a/kubernetes/common/timescaledb/templates/statefulset.yaml b/kubernetes/common/timescaledb/templates/statefulset.yaml index 9b63de434d..435c925eb2 100644 --- a/kubernetes/common/timescaledb/templates/statefulset.yaml +++ b/kubernetes/common/timescaledb/templates/statefulset.yaml @@ -31,6 +31,18 @@ spec: serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . ) }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} + initContainers: + - name: chowm-mount-path + command: + - /bin/sh + args: + - -c + - chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.runAsGroup }} /var/lib/postgresql/data + image: {{ include "repositoryGenerator.image.busybox" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: {{ include "common.fullname" . }} containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }} diff --git a/kubernetes/common/timescaledb/values.yaml b/kubernetes/common/timescaledb/values.yaml index b6d2face3a..55acd92847 100644 --- a/kubernetes/common/timescaledb/values.yaml +++ b/kubernetes/common/timescaledb/values.yaml @@ -40,13 +40,15 @@ serviceAccount: podSecurityContext: {} # fsGroup: 2000 -securityContext: {} +securityContext: + # Uid and gid to run the entrypoint of the container process (uid 70 is postgres user and gid 70 is postgres group) + runAsUser: 70 + runAsGroup: 70 # capabilities: # drop: # - ALL # readOnlyRootFilesystem: true # runAsNonRoot: true - # runAsUser: 1000 resources: # We usually recommend not to specify default resources and to leave this as a conscious diff --git a/kubernetes/msb/components/msb-discovery/values.yaml b/kubernetes/msb/components/msb-discovery/values.yaml index e981bbd091..f0eabde79f 100644 --- a/kubernetes/msb/components/msb-discovery/values.yaml +++ b/kubernetes/msb/components/msb-discovery/values.yaml @@ -21,7 +21,7 @@ global: # Application configuration defaults. ################################################################# # application image -image: onap/msb/msb_discovery:1.2.7 +image: onap/msb/msb_discovery:1.3.0 pullPolicy: Always istioSidecar: true diff --git a/kubernetes/msb/components/msb-eag/values.yaml b/kubernetes/msb/components/msb-eag/values.yaml index 0a343cf925..ef36b13742 100644 --- a/kubernetes/msb/components/msb-eag/values.yaml +++ b/kubernetes/msb/components/msb-eag/values.yaml @@ -52,7 +52,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/msb/msb_apigateway:1.2.8 +image: onap/msb/msb_apigateway:1.3.0 pullPolicy: Always istioSidecar: true diff --git a/kubernetes/msb/components/msb-iag/values.yaml b/kubernetes/msb/components/msb-iag/values.yaml index baf2bec4bc..4610232e7b 100644 --- a/kubernetes/msb/components/msb-iag/values.yaml +++ b/kubernetes/msb/components/msb-iag/values.yaml @@ -52,7 +52,7 @@ certInitializer: # Application configuration defaults. ################################################################# # application image -image: onap/msb/msb_apigateway:1.2.8 +image: onap/msb/msb_apigateway:1.3.0 pullPolicy: Always istioSidecar: true