From: Sylvain Desbureaux Date: Tue, 22 Jun 2021 13:54:19 +0000 (+0000) Subject: Merge changes from topic "appc-common-db" X-Git-Tag: 9.0.0~221 X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=e9744a2148f127edf0f4dacb11064e5bb090f335;hp=468f3bf44b093f9b2f66addd1e6616be2d956802;p=oom.git Merge changes from topic "appc-common-db" * changes: [OOF] Use the common mariadb-galera instance [COMMON] Add port under mariadb-galera chart --- diff --git a/docs/master_nfs_node.sh b/docs/master_nfs_node.sh index 4a7a8dbc12..32574c9f29 100644 --- a/docs/master_nfs_node.sh +++ b/docs/master_nfs_node.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh usage () { echo "Usage:" @@ -23,7 +23,7 @@ sudo chown nobody:nogroup /dockerdata-nfs/ #Update the /etc/exports NFS_EXP="" for i in $@; do - NFS_EXP+="$i(rw,sync,no_root_squash,no_subtree_check) " + NFS_EXP="${NFS_EXP}$i(rw,sync,no_root_squash,no_subtree_check) " done echo "/dockerdata-nfs "$NFS_EXP | sudo tee -a /etc/exports diff --git a/docs/openstack-k8s-controlnode.sh b/docs/openstack-k8s-controlnode.sh index cd219aa56f..d1515a7e5f 100644 --- a/docs/openstack-k8s-controlnode.sh +++ b/docs/openstack-k8s-controlnode.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh DOCKER_VERSION=18.09.5 @@ -18,10 +18,10 @@ systemctl daemon-reload systemctl restart docker apt-mark hold docker-ce -IP_ADDR=`ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}'` -HOSTNAME=`hostname` +IP_ADDR=$(ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}') +HOST_NAME=$(hostname) -echo "$IP_ADDR $HOSTNAME" >> /etc/hosts +echo "$IP_ADDR $HOST_NAME" >> /etc/hosts docker login -u docker -p docker nexus3.onap.org:10001 diff --git a/docs/openstack-k8s-workernode.sh b/docs/openstack-k8s-workernode.sh index 3f32d050a9..8b1b9e41ee 100644 --- a/docs/openstack-k8s-workernode.sh +++ b/docs/openstack-k8s-workernode.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh DOCKER_VERSION=18.09.5 @@ -18,10 +18,10 @@ systemctl daemon-reload systemctl restart docker apt-mark hold docker-ce -IP_ADDR=`ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}'` -HOSTNAME=`hostname` +IP_ADDR=$(ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}') +HOST_NAME=$(hostname) -echo "$IP_ADDR $HOSTNAME" >> /etc/hosts +echo "$IP_ADDR $HOST_NAME" >> /etc/hosts docker login -u docker -p docker nexus3.onap.org:10001 diff --git a/docs/openstack-nfs-server.sh b/docs/openstack-nfs-server.sh index 1db04eaff6..395d04f27c 100644 --- a/docs/openstack-nfs-server.sh +++ b/docs/openstack-nfs-server.sh @@ -1,11 +1,11 @@ -#!/bin/bash +#!/bin/sh apt-get update -IP_ADDR=`ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}'` -HOSTNAME=`hostname` +IP_ADDR=$(ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}') +HOST_NAME=$(hostname) -echo "$IP_ADDR $HOSTNAME" >> /etc/hosts +echo "$IP_ADDR $HOST_NAME" >> /etc/hosts sudo apt-get install make -y diff --git a/kubernetes/aai/components/aai-resources/templates/deployment.yaml b/kubernetes/aai/components/aai-resources/templates/deployment.yaml index d630647883..1297809658 100644 --- a/kubernetes/aai/components/aai-resources/templates/deployment.yaml +++ b/kubernetes/aai/components/aai-resources/templates/deployment.yaml @@ -122,7 +122,7 @@ spec: - name: LOCAL_GROUP_ID value: {{ .Values.global.config.groupId | quote }} - name: POST_JAVA_OPTS - value: '-Djavax.net.ssl.trustStore=/opt/app/aai-resources/resources/aaf/truststoreONAPall.jks -Djavax.net.ssl.trustStorePassword={{ .Values.certInitializer.truststorePassword }}' + value: '-Djavax.net.ssl.trustStore={{ .Values.certInitializer.credsPath }}/truststoreONAPall.jks -Djavax.net.ssl.trustStorePassword={{ .Values.certInitializer.truststorePassword }}' - name: TRUSTORE_ALL_PASSWORD value: {{ .Values.certInitializer.truststorePassword }} volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }} diff --git a/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh b/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh index 5b652228a6..5f23a89867 100644 --- a/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh +++ b/kubernetes/common/cassandra/resources/config/docker-entrypoint.sh @@ -1,4 +1,5 @@ #!/bin/bash + set -e # first arg is `-f` or `--some-option` @@ -11,7 +12,7 @@ fi if [ "$1" = 'cassandra' -a "$(id -u)" = '0' ]; then find /var/lib/cassandra /var/log/cassandra "$CASSANDRA_CONFIG" \ \! -user cassandra -exec chown cassandra '{}' + - exec gosu cassandra "$BASH_SOURCE" "$@" + exec gosu cassandra "$0" "$@" fi _ip_address() { @@ -71,7 +72,8 @@ if [ "$1" = 'cassandra' ]; then authenticator \ ; do var="CASSANDRA_${yaml^^}" - val="${!var}" + # eval presents no security issue here because of limited possible values of var + eval val=\$$var if [ "$val" ]; then _sed-in-place "$CASSANDRA_CONFIG/cassandra.yaml" \ -r 's/^(# )?('"$yaml"':).*/\2 '"$val"'/' @@ -80,7 +82,8 @@ if [ "$1" = 'cassandra' ]; then for rackdc in dc rack; do var="CASSANDRA_${rackdc^^}" - val="${!var}" + # eval presents no security issue here because of limited possible values of var + eval val=\$$var if [ "$val" ]; then _sed-in-place "$CASSANDRA_CONFIG/cassandra-rackdc.properties" \ -r 's/^('"$rackdc"'=).*/\1 '"$val"'/' diff --git a/kubernetes/common/mariadb-init/resources/config/db_init.sh b/kubernetes/common/mariadb-init/resources/config/db_init.sh index fa4b007a5a..f130bb5118 100755 --- a/kubernetes/common/mariadb-init/resources/config/db_init.sh +++ b/kubernetes/common/mariadb-init/resources/config/db_init.sh @@ -1,4 +1,5 @@ #!/bin/bash + {{/* # Copyright © 2019 Orange # Copyright © 2020 Samsung Electronics @@ -22,8 +23,15 @@ set -e while read DB ; do USER_VAR="MYSQL_USER_${DB^^}" PASS_VAR="MYSQL_PASSWORD_${DB^^}" - USER=${!USER_VAR} - PASS=`echo -n ${!PASS_VAR} | sed -e "s/'/''/g"` +{{/* + # USER=${!USER_VAR} + # PASS=`echo -n ${!PASS_VAR} | sed -e "s/'/''/g"` + # eval replacement of the bashism equivalents above might present a security issue here + # since it reads content from DB values filled by helm at the end of the script. + # These possible values has to be constrainted and/or limited by helm for a safe use of eval. +*/}} + eval USER=\$$USER_VAR + PASS=$(eval echo -n \$$PASS_VAR | sed -e "s/'/''/g") MYSQL_OPTS=( -h ${DB_HOST} -P ${DB_PORT} -uroot -p${MYSQL_ROOT_PASSWORD} ) echo "Creating database ${DB} and user ${USER}..." diff --git a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh index 67bbfd6c6f..163877deca 100755 --- a/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh +++ b/kubernetes/contrib/dns-server-for-vhost-ingress-testing/deploy_dns.sh @@ -1,5 +1,5 @@ #!/bin/bash -e -# + # Copyright 2020 Samsung Electronics Co., Ltd. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -70,7 +70,8 @@ ingress_controller_ip() { deploy() { local ingress_ip=$(ingress_controller_ip) - pushd "$SPATH/bind9dns" > /dev/null + initdir = $(pwd) + cd $SPATH/bind9dns if [ $# -eq 0 ]; then local cl_domain="simpledemo.onap.org" else @@ -82,7 +83,7 @@ deploy() { shift fi helm install . --set dnsconf.wildcard="$cl_domain=$ingress_ip" $@ - popd > /dev/null + cd $initdir target_machine_notice_info } diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/Chart.yaml new file mode 100644 index 0000000000..64b0d0f96a --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/Chart.yaml @@ -0,0 +1,23 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +apiVersion: v1 +appVersion: "Honolulu" +description: DCAE SliceAnalysis MS charts +name: dcae-slice-analysis-ms +version: 8.0.0 + diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/requirements.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/requirements.yaml new file mode 100644 index 0000000000..9cab8e92e6 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/requirements.yaml @@ -0,0 +1,34 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +dependencies: + - name: common + version: ~8.x-0 + repository: '@local' + - name: postgres + version: ~8.x-0 + repository: '@local' + - name: repositoryGenerator + version: ~8.x-0 + repository: '@local' + - name: readinessCheck + version: ~8.x-0 + repository: '@local' + - name: dcaegen2-services-common + version: ~8.x-0 + repository: '@local' + diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/configmap.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/configmap.yaml new file mode 100644 index 0000000000..26be310888 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/configmap.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "dcaegen2-services-common.configMap" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/deployment.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/deployment.yaml new file mode 100644 index 0000000000..02b5df8135 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/deployment.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "dcaegen2-services-common.microserviceDeployment" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/secret.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/secret.yaml new file mode 100644 index 0000000000..c4596e5b21 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/secret.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.secretFast" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/service.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/service.yaml new file mode 100644 index 0000000000..ba0283dda5 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/templates/service.yaml @@ -0,0 +1,20 @@ +{{/* +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 Wipro Limited. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +*/}} + +{{ include "common.service" . }} diff --git a/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml new file mode 100644 index 0000000000..6790541bd9 --- /dev/null +++ b/kubernetes/dcaegen2-services/components/dcae-slice-analysis-ms/values.yaml @@ -0,0 +1,212 @@ +# ============= LICENSE_START ================================================ +# ============================================================================ +# Copyright (C) 2021 Wipro Limited. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============= LICENSE_END ================================================== + +################################################################# +# Global Configuration Defaults. +################################################################# +global: + nodePortPrefix: 302 + nodePortPrefixExt: 304 + +################################################################# +# Filebeat Configuration Defaults. +################################################################# +filebeatConfig: + logstashServiceName: log-ls + logstashPort: 5044 + +################################################################# +# Secrets Configuration. +################################################################# +secrets: + - uid: &aafCredsUID aafcreds + type: basicAuth + login: '{{ .Values.aafCreds.identity }}' + password: '{{ .Values.aafCreds.password }}' + passwordPolicy: required + - uid: &pgUserCredsSecretUid pg-user-creds + name: &pgUserCredsSecretName '{{ include "common.release" . }}-sliceanalysisms-pg-user-creds' + type: basicAuth + externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "sliceanalysisms-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}' + login: '{{ .Values.postgres.config.pgUserName }}' + password: '{{ .Values.postgres.config.pgUserPassword }}' + passwordPolicy: generate + +################################aafcreds################################# +# InitContainer Images. +################################################################# +tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 +consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0 + +################################################################# +# Application Configuration Defaults. +################################################################# +# Application Image +image: onap/org.onap.dcaegen2.services.components.slice-analysis-ms:1.0.4 + +# Log directory where logging sidecar should look for log files +# if absent, no sidecar will be deployed +logDirectory: /var/log/ONAP/dcaegen2/services/sliceanalysisms + +# Directory where TLS certs should be stored +# if absent, no certs will be retrieved and stored +certDirectory: /opt/app/sliceanalysisms/etc/cert/ + +# TLS role -- set to true if microservice acts as server +# If true, an init container will retrieve a server cert +# and key from AAF and mount them in certDirectory. +tlsServer: true + +# Dependencies +readinessCheck: + wait_for: + - dcae-config-binding-service + - aaf-cm + - &postgresName dcae-sliceanalysisms-postgres + +# Probe Configuration +readiness: + initialDelaySeconds: 60 + periodSeconds: 15 + timeoutSeconds: 1 + path: /healthcheck + scheme: HTTP + port: 8080 + +# Service Configuration +service: + type: ClusterIP + name: dcae-slice-analysis-ms + ports: + - name: https + port: 8080 + port_protocol: http + +# AAF Credentials +aafCreds: + identity: dcae@dcae.onap.org + password: demo123456! + +credentials: +- name: AAF_IDENTITY + uid: *aafCredsUID + key: login +- name: AAF_PASSWORD + uid: *aafCredsUID + key: password +- name: PG_USERNAME + uid: *pgUserCredsSecretUid + key: login +- name: PG_PASSWORD + uid: *pgUserCredsSecretUid + key: password + +# Initial Application Configuration +applicationConfig: + aafUsername: ${AAF_IDENTITY} + aafPassword: ${AAF_PASSWORD} + postgres.host: dcae-sliceanalysisms-pg-primary + postgres.port: 5432 + postgres.username: ${PG_USERNAME} + postgres.password: ${PG_PASSWORD} + trust_store_path: /opt/app/sliceanalysisms/etc/cert/trust.jks + trust_store_pass_path: /opt/app/sliceanalysisms/etc/cert/trust.pass + sliceanalysisms.pollingInterval: 20 + sliceanalysisms.pollingTimeout: 60 + cbsPollingInterval: 60 + sliceanalysisms.namespace: onap + sliceanalysisms.dmaap.server: ["message-router"] + sliceanalysisms.bufferTime: 60 + sliceanalysisms.cg: sliceanalysisms-cg + sliceanalysisms.cid: sliceanalysisms-cid + sliceanalysisms.configDb.service: http://config-db:8080 + sliceanalysisms.configDbEnabled: true + sliceanalysisms.aai.url: https://aai.onap.svc.cluster.local:8443/aai/v21 + sliceanalysisms.cps.url: https://cps:8088 + sliceanalysisms.samples: 3 + sliceanalysisms.minPercentageChange: 5 + sliceanalysisms.initialDelaySeconds: 120000 + streams_publishes: + CL_topic: + type: message-router + aaf_username: ${AAF_IDENTITY} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https://message-router.onap.svc.cluster.local:3905/events/unauthenticated.DCAE_CL_OUTPUT + streams_subscribes: + performance_management_topic: + type: message-router + aaf_username: ${AAF_IDENTITY} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https://message-router.onap.svc.cluster.local:3905/events/org.onap.dmaap.mr.PERFORMANCE_MEASUREMENTS + intelligent_slicing_topic: + type: message-router + aaf_username: ${AAF_IDENTITY} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https://message-router.onap.svc.cluster.local:3905/events/unauthenticated.ML_RESPONSE_TOPIC + dcae_cl_response_topic: + type: message-router + aaf_username: ${AAF_IDENTITY} + aaf_password: ${AAF_PASSWORD} + dmaap_info: + topic_url: https://message-router.onap.svc.cluster.local:3905/events/DCAE_CL_RSP + +applicationEnv: + STANDALONE: 'false' + +# Resource Limit Flavor -By Default Using Small +flavor: small +# Segregation for Different Environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 1 + memory: 1Gi + large: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 2 + memory: 2Gi + unlimited: {} + +################################################################# +# Application configuration Overriding Defaults in the Postgres. +################################################################# +postgres: + nameOverride: *postgresName + service: + name: *postgresName + name2: dcae-sliceanalysisms-pg-primary + name3: dcae-sliceanalysisms-pg-replica + container: + name: + primary: dcae-sliceanalysisms-pg-primary + replica: dcae-sliceanalysisms-pg-replica + persistence: + mountSubPath: sliceanalysisms/data + mountInitPath: sliceanalysisms + config: + pgUserName: sliceanalysisms + pgDatabase: sliceanalysisms + pgUserExternalSecret: *pgUserCredsSecretName diff --git a/kubernetes/dcaegen2-services/requirements.yaml b/kubernetes/dcaegen2-services/requirements.yaml index 9916c95fd6..e59fe98205 100644 --- a/kubernetes/dcaegen2-services/requirements.yaml +++ b/kubernetes/dcaegen2-services/requirements.yaml @@ -47,3 +47,8 @@ dependencies: repository: '@local' #repository: 'file://components/dcae-hv-ves-collector' condition: dcae-hv-ves-collector.enabled + - name: dcae-slice-analysis-ms + version: ~8.x-0 + repository: '@local' + #repository: 'file://components/dcae-slice-analysis-ms' + condition: dcae-slice-analysis-ms.enabled diff --git a/kubernetes/dcaegen2-services/values.yaml b/kubernetes/dcaegen2-services/values.yaml index 5682ce7194..50aa21741b 100644 --- a/kubernetes/dcaegen2-services/values.yaml +++ b/kubernetes/dcaegen2-services/values.yaml @@ -25,3 +25,5 @@ dcae-tcagen2: enabled: true dcae-ves-collector: enabled: true +dcae-slice-analysis-ms: + enabled: false diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml index 0a97f9e0c0..82e8229408 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml @@ -104,7 +104,7 @@ mongo: disableNfsProvisioner: true # application image -image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:3.0.4 +image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:3.2.0 default_k8s_location: central # DCAE component images to be deployed via Cloudify Manager diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml index 313ac9b34d..10fb4430ea 100644 --- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml @@ -53,7 +53,7 @@ config: # Application configuration defaults. ################################################################# # application image -image: onap/org.onap.dcaegen2.deployments.cm-container:4.5.0 +image: onap/org.onap.dcaegen2.deployments.cm-container:4.6.0 pullPolicy: Always # name of shared ConfigMap with kubeconfig for multiple clusters diff --git a/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml index a1431488b8..83914d423c 100644 --- a/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml @@ -1,6 +1,6 @@ #============LICENSE_START======================================================== # ================================================================================ -# Copyright (c) 2019-2020 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2019-2021 AT&T Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -103,10 +103,10 @@ flavor: small resources: small: limits: - cpu: 2 - memory: 2Gi + cpu: 4000m + memory: 4Gi requests: - cpu: 1 + cpu: 1500m memory: 1Gi large: limits: diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml index 521fac06a2..90bc0989d0 100644 --- a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml +++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml @@ -36,7 +36,7 @@ config: importK8S: plugin:k8splugin?version=>=3.5.1,<4.0.0 importPostgres: plugin:pgaas?version=1.3.0 importClamp: plugin:clamppolicyplugin?version=1.1.0 - importDMaaP: plugin:dmaap?version=1.5.0 + importDMaaP: plugin:dmaap?version=>=1.5.1,<2.0.0 useDmaapPlugin: false bpResourcesCpuLimit: 250m bpResourcesMemoryLimit: 128Mi diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_READY.json b/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_READY.json index 8f4cf8bd64..34197b948e 100644 --- a/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_READY.json +++ b/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_READY.json @@ -2,7 +2,7 @@ "topicName": "PNF_READY", "topicDescription": "This topic will be used to publish the PNF_READY events generated by the PNF REgistration Handler service in the DCAE platform.", "owner": "PNFRegistrationHandler", - "txenabled": false, + "tnxEnabled": false, "clients": [ { "dcaeLocationName": "san-francisco", diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_REGISTRATION.json b/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_REGISTRATION.json index f0dd2c7829..e7325794a1 100644 --- a/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_REGISTRATION.json +++ b/kubernetes/dmaap/components/dmaap-bc/resources/topics/PNF_REGISTRATION.json @@ -2,7 +2,7 @@ "topicName": "PNF_REGISTRATION", "topicDescription": "the VES collector will be publishing pnfRegistration events in this topic", "owner": "VEScollector", - "txenabled": false, + "tnxEnabled": false, "clients": [ { "dcaeLocationName": "san-francisco", diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/topics/mirrormakeragent.json b/kubernetes/dmaap/components/dmaap-bc/resources/topics/mirrormakeragent.json index ff1a5732e2..fb2c54ed4b 100644 --- a/kubernetes/dmaap/components/dmaap-bc/resources/topics/mirrormakeragent.json +++ b/kubernetes/dmaap/components/dmaap-bc/resources/topics/mirrormakeragent.json @@ -3,7 +3,7 @@ "topicDescription": "the topic used to provision the MM agent whitelist", "replicationCase": "REPLICATION_NONE", "owner": "dmaap", - "txenabled": false, + "tnxEnabled": false, "partitionCount": "1", "clients": [ { diff --git a/kubernetes/dmaap/components/dmaap-bc/values.yaml b/kubernetes/dmaap/components/dmaap-bc/values.yaml index bfd0f1ebd3..65242b4a4f 100644 --- a/kubernetes/dmaap/components/dmaap-bc/values.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/values.yaml @@ -40,7 +40,7 @@ secrets: pullPolicy: Always # application images -image: onap/dmaap/dmaap-bc:2.0.5 +image: onap/dmaap/dmaap-bc:2.0.6 # application configuration diff --git a/kubernetes/helm/plugins/deploy/deploy.sh b/kubernetes/helm/plugins/deploy/deploy.sh index ce8e80225f..4fec3984db 100755 --- a/kubernetes/helm/plugins/deploy/deploy.sh +++ b/kubernetes/helm/plugins/deploy/deploy.sh @@ -251,7 +251,7 @@ deploy() { fi if [ "$DELAY" = "true" ]; then echo sleep 3m - sleep 3m + sleep 180 fi else array=($(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}")) diff --git a/kubernetes/helm/plugins/undeploy/undeploy.sh b/kubernetes/helm/plugins/undeploy/undeploy.sh index 790f84fda9..35fc4ca251 100755 --- a/kubernetes/helm/plugins/undeploy/undeploy.sh +++ b/kubernetes/helm/plugins/undeploy/undeploy.sh @@ -49,4 +49,4 @@ case "${1:-"help"}" in ;; esac -exit 0 \ No newline at end of file +exit 0 diff --git a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh index c4a21b927f..65b9636891 100644 --- a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh +++ b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh @@ -1,4 +1,5 @@ #!/bin/bash + set -eo pipefail shopt -s nullglob @@ -30,10 +31,15 @@ file_env() { mysql_error "Both $var and $fileVar are set (but are exclusive)" fi local val="$def" + # val="${!var}" + # val="$(< "${!fileVar}")" + # eval replacement of the bashism equivalents above presents no security issue here + # since var and fileVar variables contents are derived from the file_env() function arguments. + # This method is only called inside this script with a limited number of possible values. if [ "${!var:-}" ]; then - val="${!var}" + eval val=\$$var elif [ "${!fileVar:-}" ]; then - val="$(< "${!fileVar}")" + val="$(< "$(eval echo "\$$fileVar")")" fi export "$var"="$val" unset "$fileVar" @@ -105,7 +111,7 @@ docker_temp_server_start() { # so that it won't try to fill in a password file when it hasn't been set yet extraArgs=() if [ -z "$DATABASE_ALREADY_EXISTS" ]; then - extraArgs+=( '--dont-use-mysql-root-password' ) + extraArgs=${extraArgs}( '--dont-use-mysql-root-password' ) fi if echo 'SELECT 1' |docker_process_sql "${extraArgs[@]}" --database=mysql >/dev/null 2>&1; then break @@ -155,7 +161,7 @@ docker_init_database_dir() { # beginning in 10.4.3, install_db uses "socket" which only allows system user root to connect, switch back to "normal" to allow mysql root without a password # see https://github.com/MariaDB/server/commit/b9f3f06857ac6f9105dc65caae19782f09b47fb3 # (this flag doesn't exist in 10.0 and below) - installArgs+=( --auth-root-authentication-method=normal ) + installArgs=${installArgs}( --auth-root-authentication-method=normal ) fi # "Other options are passed to mysqld." (so we pass all "mysqld" arguments directly here) mysql_install_db "${installArgs[@]}" "${@:2}" @@ -191,7 +197,7 @@ docker_setup_env() { docker_process_sql() { passfileArgs=() if [ '--dont-use-mysql-root-password' = "$1" ]; then - passfileArgs+=( "$1" ) + passfileArgs=${passfileArgs}( "$1" ) shift fi # args sent in can override this db, since they will be later in the command @@ -323,7 +329,7 @@ _main() { # If container is started as root user, restart as dedicated mysql user if [ "$(id -u)" = "0" ]; then mysql_note "Switching to dedicated user 'mysql'" - exec gosu mysql "$BASH_SOURCE" "$@" + exec gosu mysql "$0" "$@" fi # there's no database, so it needs to be initialized diff --git a/kubernetes/robot/demo-k8s.sh b/kubernetes/robot/demo-k8s.sh index 099f80ccff..5e4e216c95 100755 --- a/kubernetes/robot/demo-k8s.sh +++ b/kubernetes/robot/demo-k8s.sh @@ -222,7 +222,7 @@ ETEHOME=/var/opt/ONAP if [ $execscript ]; then for script in $(ls -1 "$DIR/$SCRIPTDIR"); do - [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && source "$DIR/$SCRIPTDIR/$script" + [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && . "$DIR/$SCRIPTDIR/$script" done fi diff --git a/kubernetes/robot/ete-k8s.sh b/kubernetes/robot/ete-k8s.sh index 15d07fb3ee..01cf0922fa 100755 --- a/kubernetes/robot/ete-k8s.sh +++ b/kubernetes/robot/ete-k8s.sh @@ -78,7 +78,7 @@ ETEHOME=/var/opt/ONAP if [ "${!#}" = "execscript" ]; then for script in $(ls -1 "$DIR/$SCRIPTDIR"); do - [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && source "$DIR/$SCRIPTDIR/$script" + [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && . "$DIR/$SCRIPTDIR/$script" done fi diff --git a/kubernetes/robot/eteHelm-k8s.sh b/kubernetes/robot/eteHelm-k8s.sh index d5e2fa41c3..8b74da77f8 100755 --- a/kubernetes/robot/eteHelm-k8s.sh +++ b/kubernetes/robot/eteHelm-k8s.sh @@ -46,7 +46,7 @@ ETEHOME=/var/opt/ONAP if [ "${!#}" = "execscript" ]; then for script in $(ls -1 "$DIR/$SCRIPTDIR"); do - [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && source "$DIR/$SCRIPTDIR/$script" + [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && . "$DIR/$SCRIPTDIR/$script" done fi diff --git a/kubernetes/robot/instantiate-k8s.sh b/kubernetes/robot/instantiate-k8s.sh index f4f6b04e4c..623870b9f3 100755 --- a/kubernetes/robot/instantiate-k8s.sh +++ b/kubernetes/robot/instantiate-k8s.sh @@ -1,4 +1,5 @@ #!/bin/bash + # Copyright 2019 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -13,7 +14,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -THIS_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" +THIS_DIR="$( cd "$( dirname "$0" )" >/dev/null 2>&1 && pwd )" NAMESPACE= FOLDER= @@ -138,13 +139,13 @@ kubectl --namespace $NAMESPACE cp ${POD}:share/logs/$OUTPUT_FOLDER/summary/stack kubectl --namespace $NAMESPACE cp ${POD}:share/logs/$OUTPUT_FOLDER/summary/results.json "$OUTPUT_DIRECTORY"/results.json kubectl --namespace $NAMESPACE cp ${POD}:share/logs/$OUTPUT_FOLDER/log.html "$OUTPUT_DIRECTORY"/log.html -pushd . +initdir=$(pwd) # echo -e "import hashlib\nwith open(\"README.md\", \"r\") as f: bytes = f.read()\nreadable_hash = hashlib.sha256(bytes).hexdigest()\nprint(readable_hash)" | python cd "$OUTPUT_DIRECTORY" tar -czvf vnf_heat_results.tar.gz * -popd +cd $initdir echo "VNF test results: $OUTPUT_DIRECTORY/vnf_heat_results.tar.gz" diff --git a/kubernetes/sdc/components/sdc-helm-validator/values.yaml b/kubernetes/sdc/components/sdc-helm-validator/values.yaml index ede80a6af0..5c5c5995b0 100644 --- a/kubernetes/sdc/components/sdc-helm-validator/values.yaml +++ b/kubernetes/sdc/components/sdc-helm-validator/values.yaml @@ -18,7 +18,7 @@ global: pullPolicy: Always -image: onap/org.onap.sdc.sdc-helm-validator:1.2.0 +image: onap/org.onap.sdc.sdc-helm-validator:1.2.1 containerPort: &svc_port 8080 config: diff --git a/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh b/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh index feb6662196..099103ca79 100755 --- a/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh +++ b/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh @@ -1,6 +1,6 @@ #!/bin/bash -{{/* +{{/* # Copyright © 2018 Amdocs # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncStandby.sh b/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncStandby.sh index 94858339e7..05a17017ab 100755 --- a/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncStandby.sh +++ b/kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncStandby.sh @@ -1,6 +1,6 @@ -#!/bin/bash -{{/* +#!/bin/sh +{{/* # Copyright © 2018 Amdocs # # Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/kubernetes/sdnc/resources/geo/bin/switchVoting.sh b/kubernetes/sdnc/resources/geo/bin/switchVoting.sh index 65b76265fc..a276854d5c 100755 --- a/kubernetes/sdnc/resources/geo/bin/switchVoting.sh +++ b/kubernetes/sdnc/resources/geo/bin/switchVoting.sh @@ -1,6 +1,6 @@ -#!/bin/bash -{{/* +#!/bin/sh +{{/* # Copyright © 2018 Amdocs # # Licensed under the Apache License, Version 2.0 (the "License");