From: Fiete Ostkamp Date: Tue, 20 May 2025 14:12:29 +0000 (+0200) Subject: [AAI] 16.0.0 graphadmin release X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=98be1dbc428566674c62f12e9d81b5f30b945746;p=oom.git [AAI] 16.0.0 graphadmin release - [graphadmin] use 1.16.0 image - [graphadmin] rename .global.config.basicAuth.* to .global.auth.* Issue-ID: AAI-4144 Change-Id: Ide792684402f69afacc39aed7aa1214066ca34cb Signed-off-by: Fiete Ostkamp --- diff --git a/kubernetes/aai/Chart.yaml b/kubernetes/aai/Chart.yaml index 474ddaa248..1433ecf72e 100644 --- a/kubernetes/aai/Chart.yaml +++ b/kubernetes/aai/Chart.yaml @@ -42,7 +42,7 @@ dependencies: repository: 'file://components/aai-babel' condition: aai-babel.enabled - name: aai-graphadmin - version: ~15.x-0 + version: ~16.x-0 repository: 'file://components/aai-graphadmin' condition: aai-graphadmin.enabled - name: aai-modelloader diff --git a/kubernetes/aai/components/aai-graphadmin/Chart.yaml b/kubernetes/aai/components/aai-graphadmin/Chart.yaml index 4a7df8e94b..c7020b7f70 100644 --- a/kubernetes/aai/components/aai-graphadmin/Chart.yaml +++ b/kubernetes/aai/components/aai-graphadmin/Chart.yaml @@ -22,7 +22,7 @@ apiVersion: v2 description: ONAP AAI GraphAdmin name: aai-graphadmin -version: 15.0.2 +version: 16.0.0 dependencies: - name: common diff --git a/kubernetes/aai/components/aai-graphadmin/resources/config/aaiconfig.properties b/kubernetes/aai/components/aai-graphadmin/resources/config/aaiconfig.properties index ae49aa03a9..0266aabe65 100644 --- a/kubernetes/aai/components/aai-graphadmin/resources/config/aaiconfig.properties +++ b/kubernetes/aai/components/aai-graphadmin/resources/config/aaiconfig.properties @@ -29,10 +29,10 @@ aai.server.url.base=http://aai.{{ include "common.namespace" . }}/aai/ aai.server.url=http://aai.{{ include "common.namespace" . }}/aai/{{ .Values.global.config.schema.version.api.default }}/ aai.global.callback.url=http://aai.{{ include "common.namespace" . }}/aai/ -{{- if or (.Values.global.config.basic.auth.enabled) ( include "common.onServiceMesh" .) }} +{{- if or (.Values.global.auth.enabled) ( include "common.onServiceMesh" .) }} aai.tools.enableBasicAuth=true -aai.tools.username={{ (index .Values.global.config.basic.auth.users 0).username }} -aai.tools.password={{ (index .Values.global.config.basic.auth.users 0).password }} +aai.tools.username={{ (index .Values.global.auth.users 0).username }} +aai.tools.password={{ (index .Values.global.auth.users 0).password }} {{- end }} aai.notification.current.version={{ .Values.global.config.schema.version.api.default }} @@ -94,7 +94,7 @@ aai.datagrooming.enabledupecheckoff=false aai.datagrooming.enableghost2checkoff=false aai.datagrooming.enableghost2fixon=false aai.datagrooming.enablef=false -aai.datagrooming.enableskipindexupdatefix=true +aai.datagrooming.enableskipindexupdatefix=false # used by the dataGrooming to set values aai.datagrooming.timewindowminutesvalue=10500 diff --git a/kubernetes/aai/components/aai-graphadmin/resources/config/application.properties b/kubernetes/aai/components/aai-graphadmin/resources/config/application.properties index 50c320ab30..196448c1fe 100644 --- a/kubernetes/aai/components/aai-graphadmin/resources/config/application.properties +++ b/kubernetes/aai/components/aai-graphadmin/resources/config/application.properties @@ -48,7 +48,7 @@ server.tomcat.max-idle-time=60000 # If thats not it, please check if the key-store file path makes sense server.local.startpath=/opt/app/aai-graphadmin/resources/ -server.port=8449 +server.port={{ .Values.service.appPort }} spring.kafka.producer.bootstrap-servers=${BOOTSTRAP_SERVERS} spring.kafka.producer.properties.security.protocol=SASL_PLAINTEXT @@ -115,8 +115,8 @@ management.security.enabled=false aai.actuator.echo.enabled={{ .Values.actuator.echo.enabled }} aai.graph.properties.path=${server.local.startpath}/etc/appprops/janusgraph-realtime.properties -aai.basic-auth.enabled={{ .Values.global.config.basic.auth.enabled }} -{{- range $index, $user := .Values.global.config.basic.auth.users }} +aai.basic-auth.enabled={{ .Values.global.auth.enabled }} +{{- range $index, $user := .Values.global.auth.users }} aai.basic-auth.users[{{ $index }}].username={{ $user.username }} aai.basic-auth.users[{{ $index }}].password={{ $user.password }} {{- end }} diff --git a/kubernetes/aai/components/aai-graphadmin/resources/config/realm.properties b/kubernetes/aai/components/aai-graphadmin/resources/config/realm.properties deleted file mode 100644 index 40dc674e8b..0000000000 --- a/kubernetes/aai/components/aai-graphadmin/resources/config/realm.properties +++ /dev/null @@ -1,40 +0,0 @@ -{{/* -# -# ============LICENSE_START======================================================= -# org.onap.aai -# ================================================================================ -# Copyright � 2018 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -# format : username: password[,rolename ...] -# default username/password: AAI/AAI, MSO/MSO, ModelLoader/ModelLoader... -*/ -}} -AAI:OBF:1gfr1ev31gg7,admin -MSO:OBF:1jzx1lz31k01,admin -SDNC:OBF:1itr1i0l1i151isv,admin -DCAE:OBF:1g8u1f9d1f991g8w,admin -POLICY:OBF:1mk61i171ima1im41i0j1mko,admin -ASDC:OBF:1f991j0u1j001f9d,admin -ModelLoader:OBF:1qvu1v2h1sov1sar1wfw1j7j1wg21saj1sov1v1x1qxw,admin -AaiUI:OBF:1gfr1p571unz1p4j1gg7,admin -OOF:OBF:1img1ke71ily,admin -aai@aai.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -so@so.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -sdnc@sdnc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -dcae@dcae.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -policy@policy.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -sdc@sdc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -oof@oof.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -pomba@pomba.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin -vfc@vfc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin diff --git a/kubernetes/aai/components/aai-graphadmin/templates/_helpers.tpl b/kubernetes/aai/components/aai-graphadmin/templates/_helpers.tpl index a6c414517b..dd3a3fcfdb 100644 --- a/kubernetes/aai/components/aai-graphadmin/templates/_helpers.tpl +++ b/kubernetes/aai/components/aai-graphadmin/templates/_helpers.tpl @@ -1,25 +1,3 @@ -{{- define "aai.waitForSchemaCreation" -}} -- name: wait-for-schema-creation - image: "{{ include "repositoryGenerator.image.curl" . }}" - imagePullPolicy: IfNotPresent - command: ["/bin/sh", "-c"] - args: - - | - URL="{{ required "URL is required" (.Values.schemaInitCheckURL | default "http://aai-graphadmin:8449/isSchemaInitialized") }}" - AUTH="{{ printf "%s:%s" (index .Values.global.config.basic.auth.users 0).username (index .Values.global.config.basic.auth.users 0).password }}" - while true; do - RESPONSE=$(curl -u $AUTH -s $URL) - if [ "$RESPONSE" = "true" ]; then - echo "Request successful. Schema is initialized." - exit 0 - else - echo "Request unsuccessful. Schema is not yet initialized. Retrying in 3 seconds..." - sleep 3 - fi - done - {{ include "common.containerSecurityContext" . | indent 2 | trim }} -{{- end -}} - {{- define "aai.waitForSchemaService" -}} - name: wait-for-schema-service image: "{{ include "repositoryGenerator.image.curl" . }}" @@ -28,7 +6,7 @@ args: - | URL="{{ required "URL is required" (.Values.schemaInitCheckURL | default "http://aai-schema-service:8452/aai/schema-service/util/echo") }}" - AUTH="{{ printf "%s:%s" (index .Values.global.config.basic.auth.users 0).username (index .Values.global.config.basic.auth.users 0).password }}" + AUTH="{{ printf "%s:%s" (index .Values.global.auth.users 0).username (index .Values.global.auth.users 0).password }}" while true; do if curl --fail --header 'X-FromAppId: graphadmin' --header 'X-TransactionId: someTransaction' -u $AUTH -s $URL; then echo "Request successful. Schema-service is available" diff --git a/kubernetes/aai/components/aai-graphadmin/templates/configmap.yaml b/kubernetes/aai/components/aai-graphadmin/templates/configmap.yaml index 1a32d7b516..90768b03d0 100644 --- a/kubernetes/aai/components/aai-graphadmin/templates/configmap.yaml +++ b/kubernetes/aai/components/aai-graphadmin/templates/configmap.yaml @@ -36,7 +36,6 @@ data: {{ tpl (.Files.Glob "resources/config/logback.xml").AsConfig . | indent 2 }} {{ tpl (.Files.Glob "resources/config/localhost-access-logback.xml").AsConfig . | indent 2 }} {{ tpl (.Files.Glob "resources/config/janusgraph-realtime.properties").AsConfig . | indent 2 }} -{{ tpl (.Files.Glob "resources/config/realm.properties").AsConfig . | indent 2 }} --- apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml b/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml index 92fea15055..4f3b44f517 100644 --- a/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml @@ -47,8 +47,9 @@ spec: terminationGracePeriodSeconds: {{ .Values.service.terminationGracePeriodSeconds }} {{- if .Values.global.initContainers.enabled }} initContainers: - {{- if not .Values.createDbSchemaViaJob.enabled }} {{ include "common.readinessCheck.waitFor" (dict "dot" . "wait_for" .Values.readinessCheck.waitForCassandraService ) | indent 8 | trim }} + {{- if not .Values.createDbSchemaViaJob.enabled }} + {{- include "aai.waitForSchemaService" . | nindent 8 }} - name: {{ include "common.name" . }}-create-db-schema image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -157,9 +158,6 @@ spec: - mountPath: /opt/app/aai-graphadmin/resources/localhost-access-logback.xml name: config subPath: localhost-access-logback.xml - - mountPath: /opt/app/aai-graphadmin/resources/etc/auth/realm.properties - name: config - subPath: realm.properties - mountPath: /opt/app/aai-graphadmin/resources/application.properties name: properties subPath: application.properties diff --git a/kubernetes/aai/components/aai-graphadmin/values.yaml b/kubernetes/aai/components/aai-graphadmin/values.yaml index ca8cc5829c..c36a576d24 100644 --- a/kubernetes/aai/components/aai-graphadmin/values.yaml +++ b/kubernetes/aai/components/aai-graphadmin/values.yaml @@ -45,21 +45,21 @@ global: # global defaults enabled: false duplicates: enabled: false + # Specifies if basic authorization is enabled + auth: + enabled: true + # users that can authenticate via basic auth + users: + - username: aai@aai.onap.org + password: demo123456! + - username: AAI + password: AAI config: # Specifies that the cluster connected to a dynamic # cluster being spinned up by kubernetes deployment cluster: cassandra: dynamic: true - # Specifies if the basic authorization is enabled - basic: - auth: - enabled: true - users: - - username: aai@aai.onap.org - password: demo123456! - - username: AAI - password: AAI # Notification event specific properties notification: eventType: AAI-EVENT @@ -106,7 +106,7 @@ global: # global defaults clients: SDNC,-1|MSO,-1|SO,-1|robot-ete,-1 # application image -image: onap/aai-graphadmin:1.15.6 +image: onap/aai-graphadmin:1.16.0 pullPolicy: Always restartPolicy: Always flavor: small diff --git a/kubernetes/aai/components/aai-resources/templates/_helpers.tpl b/kubernetes/aai/components/aai-resources/templates/_helpers.tpl index 003be58409..ad40cbd3d9 100644 --- a/kubernetes/aai/components/aai-resources/templates/_helpers.tpl +++ b/kubernetes/aai/components/aai-resources/templates/_helpers.tpl @@ -1,4 +1,4 @@ -{{- define "aai.waitForSchemaCreation" -}} +{{- define "aairesources.waitForSchemaCreation" -}} - name: wait-for-schema-creation image: "{{ include "repositoryGenerator.image.curl" . }}" imagePullPolicy: IfNotPresent diff --git a/kubernetes/aai/components/aai-resources/templates/deployment.yaml b/kubernetes/aai/components/aai-resources/templates/deployment.yaml index 35378fd83c..6dde781842 100644 --- a/kubernetes/aai/components/aai-resources/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-resources/templates/deployment.yaml @@ -49,7 +49,7 @@ spec: {{- if .Values.global.jobs.migration.enabled }} {{ include "common.readinessCheck.waitFor" (dict "dot" . "wait_for" .Values.readinessCheck.wait_for_migration) | nindent 8 }} {{- else if .Values.global.jobs.createSchema.enabled }} - {{ include "aai.waitForSchemaCreation" . | nindent 6 }} + {{ include "aairesources.waitForSchemaCreation" . | nindent 6 }} {{- end }} containers: - name: {{ include "common.name" . }}