From 572e1b57b8787348e013a0bd816a722cd5f8b5a1 Mon Sep 17 00:00:00 2001
From: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
Date: Wed, 28 May 2025 10:08:12 +0200
Subject: [PATCH] [AAI] schema-service 16.0.0 release

- rename .global.config.basicAuth.* to .global.auth.*
- clean up logback.xml by removing option to log to file [0]
- remove realm.properties

[0] with a read-only filesystem, logging to the file system does not really
    make sense. Even if the logs are logged to an empty dir volume, then this
    data is transient

Issue-ID: AAI-4142
Change-Id: I1ae592e4eb144cd0c013fe13cddbd5687ec631db
Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
---
 kubernetes/aai/Chart.yaml                          |   2 +-
 .../aai/components/aai-schema-service/Chart.yaml   |   2 +-
 .../aai-schema-service/config/aaiconfig.properties |   9 +-
 .../config/application.properties                  |   8 +-
 .../aai-schema-service/config/logback.xml          | 175 +--------------------
 .../aai-schema-service/templates/configmap.yaml    |   9 --
 .../aai-schema-service/templates/deployment.yaml   |  13 +-
 .../aai/components/aai-schema-service/values.yaml  |  13 +-
 8 files changed, 25 insertions(+), 206 deletions(-)

diff --git a/kubernetes/aai/Chart.yaml b/kubernetes/aai/Chart.yaml
index bb70fa216b..89137d209b 100644
--- a/kubernetes/aai/Chart.yaml
+++ b/kubernetes/aai/Chart.yaml
@@ -54,7 +54,7 @@ dependencies:
     repository: 'file://components/aai-resources'
     condition: aai-resources.enabled
   - name: aai-schema-service
-    version: ~15.x-0
+    version: ~16.x-0
     repository: 'file://components/aai-schema-service'
     condition: aai-schema-service.enabled
   - name: aai-sparky-be
diff --git a/kubernetes/aai/components/aai-schema-service/Chart.yaml b/kubernetes/aai/components/aai-schema-service/Chart.yaml
index b10eaa2e43..ec476bfd1b 100644
--- a/kubernetes/aai/components/aai-schema-service/Chart.yaml
+++ b/kubernetes/aai/components/aai-schema-service/Chart.yaml
@@ -18,7 +18,7 @@
 apiVersion: v2
 description: ONAP AAI Schema Service
 name: aai-schema-service
-version: 15.0.1
+version: 16.0.0
 
 dependencies:
   - name: common
diff --git a/kubernetes/aai/components/aai-schema-service/config/aaiconfig.properties b/kubernetes/aai/components/aai-schema-service/config/aaiconfig.properties
index 1cd6335585..3d4fd655ab 100644
--- a/kubernetes/aai/components/aai-schema-service/config/aaiconfig.properties
+++ b/kubernetes/aai/components/aai-schema-service/config/aaiconfig.properties
@@ -24,13 +24,12 @@ aai.server.url.base=http://aai.{{ include "common.namespace" . }}/aai/
 aai.server.url=http://aai.{{ include "common.namespace" . }}/aai/{{ .Values.global.config.schema.version.api.default }}/
 aai.global.callback.url=http://aai.{{ include "common.namespace" . }}/aai/
 
-{{ if or (.Values.global.config.basic.auth.enabled) ( include "common.onServiceMesh" .) }}
-aai.tools.enableBasicAuth=true
-aai.tools.username={{ .Values.global.config.basic.auth.username }}
-aai.tools.password={{ .Values.global.config.basic.auth.passwd }}
+{{ if or (.Values.global.auth.enabled) ( include "common.onServiceMesh" .) }}
+aai.tools.enableBasicAuth={{ .Values.global.auth.enabled }}
+aai.tools.username={{ (index .Values.global.auth.users 0).username }}
+aai.tools.password={{ (index .Values.global.auth.users 0).password }}
 {{ end }}
 
-
 aai.default.api.version={{ .Values.global.config.schema.version.api.default }}
 
 aai.logging.trace.enabled=true
diff --git a/kubernetes/aai/components/aai-schema-service/config/application.properties b/kubernetes/aai/components/aai-schema-service/config/application.properties
index 098be2fc59..ff37210f43 100644
--- a/kubernetes/aai/components/aai-schema-service/config/application.properties
+++ b/kubernetes/aai/components/aai-schema-service/config/application.properties
@@ -23,8 +23,9 @@ info.build.version=1.1.0
 
 spring.application.name=aai-schema-service
 spring.jersey.type=filter
+spring.jersey.application-path=${schema.uri.base.path}
 spring.main.allow-bean-definition-overriding=true
-
+spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration
 spring.sleuth.enabled={{ .Values.global.tracing.enabled }}
 spring.zipkin.baseUrl={{ .Values.global.tracing.collector.baseUrl }}
 spring.sleuth.trace-id128=true
@@ -36,16 +37,11 @@ spring.sleuth.web.skip-pattern={{ join "," .Values.tracing.ignorePatterns }}
 {{- end }}
 
 server.servlet.context-path=/
-
-spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration,org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration
-
-spring.jersey.application-path=${schema.uri.base.path}
 server.tomcat.max-threads=200
 server.tomcat.min-Spare-Threads=25
 server.tomcat.max-idle-time=60000
 
 server.local.startpath=aai-schema-service/src/main/resources/
-server.basic.auth.location=${server.local.startpath}/etc/auth/realm.properties
 
 server.port=8452
 security.require-ssl=false
diff --git a/kubernetes/aai/components/aai-schema-service/config/logback.xml b/kubernetes/aai/components/aai-schema-service/config/logback.xml
index 11837c5bbc..af39c27636 100644
--- a/kubernetes/aai/components/aai-schema-service/config/logback.xml
+++ b/kubernetes/aai/components/aai-schema-service/config/logback.xml
@@ -32,14 +32,7 @@
 
   <property name="AJSC_HOME" value="${AJSC_HOME:-.}"/>
   <property name="logDirectory" value="${AJSC_HOME}/logs"/>
-  <!-- Old patterns
-  <property name="eelfLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%ecompServiceName|%X{partnerName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
-  <property name="eelfAuditLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%ecompServiceName|%X{partnerName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
-  <property name="eelfMetricLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%ecompServiceName|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{targetVirtualEntity}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
-  //<property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%ecompServiceName|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
-  <property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%ecompServiceName|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%ecompResponseCode|%ecompResponseDescription|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
-  <property name="eelfTransLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%ecompServiceName|%X{partnerName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{partnerName}:%m%n"/>
-  -->
+
   <property name="p_tim" value="%d{&quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&quot;, UTC}"/>
   <property name="p_lvl" value="%level"/>
   <property name="p_log" value="%logger"/>
@@ -60,6 +53,7 @@
   <conversionRule conversionWord="clr" converterClass="org.springframework.boot.logging.logback.ColorConverter"/>
   <conversionRule conversionWord="wex" converterClass="org.springframework.boot.logging.logback.WhitespaceThrowableProxyConverter"/>
   <conversionRule conversionWord="wEx" converterClass="org.springframework.boot.logging.logback.ExtendedWhitespaceThrowableProxyConverter"/>
+
   <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
     <encoder>
       <pattern>
@@ -68,160 +62,7 @@
     </encoder>
   </appender>
 
-  <appender name="SANE" class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <file>${logDirectory}/rest/sane.log</file>
-    <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
-      <fileNamePattern>${logDirectory}/rest/sane.log.%d{yyyy-MM-dd}</fileNamePattern>
-    </rollingPolicy>
-    <encoder>
-      <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n
-      </pattern>
-    </encoder>
-  </appender>
-
-  <appender name="asyncSANE" class="ch.qos.logback.classic.AsyncAppender">
-    <queueSize>1000</queueSize>
-    <includeCallerData>true</includeCallerData>
-    <appender-ref ref="SANE"/>
-  </appender>
-
-  <appender name="METRIC" class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <file>${logDirectory}/rest/metrics.log</file>
-    <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
-      <fileNamePattern>${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd}</fileNamePattern>
-    </rollingPolicy>
-    <encoder>
-      <pattern>${metricPattern}</pattern>
-    </encoder>
-  </appender>
-  <appender name="asyncMETRIC" class="ch.qos.logback.classic.AsyncAppender">
-    <queueSize>1000</queueSize>
-    <includeCallerData>true</includeCallerData>
-    <appender-ref ref="METRIC"/>
-  </appender>
-
-  <appender name="DEBUG"
-        class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <filter class="ch.qos.logback.classic.filter.LevelFilter">
-      <level>DEBUG</level>
-      <onMatch>ACCEPT</onMatch>
-      <onMismatch>DENY</onMismatch>
-    </filter>
-    <file>${logDirectory}/rest/debug.log</file>
-    <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
-      <fileNamePattern>${logDirectory}/rest/debug.log.%d{yyyy-MM-dd}
-      </fileNamePattern>
-    </rollingPolicy>
-    <encoder>
-      <pattern>${debugPattern}</pattern>
-    </encoder>
-  </appender>
-
-  <appender name="asyncDEBUG" class="ch.qos.logback.classic.AsyncAppender">
-    <queueSize>1000</queueSize>
-    <appender-ref ref="DEBUG"/>
-    <includeCallerData>true</includeCallerData>
-  </appender>
-
-  <appender name="ERROR"
-        class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <file>${logDirectory}/rest/error.log</file>
-    <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
-      <fileNamePattern>${logDirectory}/rest/error.log.%d{yyyy-MM-dd}
-      </fileNamePattern>
-    </rollingPolicy>
-    <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
-      <level>WARN</level>
-    </filter>
-    <encoder>
-      <pattern>${errorPattern}</pattern>
-    </encoder>
-  </appender>
-
-  <appender name="asyncERROR" class="ch.qos.logback.classic.AsyncAppender">
-    <queueSize>1000</queueSize>
-    <appender-ref ref="ERROR"/>
-  </appender>
-
-  <appender name="AUDIT"
-        class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <file>${logDirectory}/rest/audit.log</file>
-    <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
-      <fileNamePattern>${logDirectory}/rest/audit.log.%d{yyyy-MM-dd}
-      </fileNamePattern>
-    </rollingPolicy>
-    <encoder>
-      <pattern>${auditPattern}</pattern>
-    </encoder>
-  </appender>
-
-  <appender name="asyncAUDIT" class="ch.qos.logback.classic.AsyncAppender">
-    <queueSize>1000</queueSize>
-    <includeCallerData>true</includeCallerData>
-    <appender-ref ref="AUDIT"/>
-  </appender>
-
-  <appender name="translog"
-        class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <filter class="ch.qos.logback.classic.filter.LevelFilter">
-      <level>DEBUG</level>
-      <onMatch>ACCEPT</onMatch>
-      <onMismatch>DENY</onMismatch>
-    </filter>
-    <file>${logDirectory}/rest/translog.log</file>
-    <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
-      <fileNamePattern>${logDirectory}/rest/translog.log.%d{yyyy-MM-dd}
-      </fileNamePattern>
-    </rollingPolicy>
-    <encoder>
-      <pattern>${transLogPattern}</pattern>
-    </encoder>
-  </appender>
-
-  <appender name="asynctranslog" class="ch.qos.logback.classic.AsyncAppender">
-    <queueSize>1000</queueSize>
-    <includeCallerData>true</includeCallerData>
-    <appender-ref ref="translog"/>
-  </appender>
-
-  <appender name="external"
-        class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
-      <level>WARN</level>
-    </filter>
-    <file>${logDirectory}/external/external.log</file>
-    <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
-      <fileNamePattern>${logDirectory}/external/external.log.%d{yyyy-MM-dd}
-      </fileNamePattern>
-    </rollingPolicy>
-    <encoder>
-      <pattern>${debugPattern}</pattern>
-    </encoder>
-  </appender>
-
-  <appender name="auth"
-        class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
-      <level>DEBUG</level>
-    </filter>
-    <file>${logDirectory}/auth/auth.log</file>
-    <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
-      <fileNamePattern>${logDirectory}/auth/auth.log.%d{yyyy-MM-dd}
-      </fileNamePattern>
-    </rollingPolicy>
-    <encoder>
-      <pattern>%d{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}[%thread] %-5level %logger{1024} - %msg%n</pattern>
-    </encoder>
-  </appender>
-  <appender name="asyncAUTH" class="ch.qos.logback.classic.AsyncAppender">
-    <queueSize>1000</queueSize>
-    <includeCallerData>true</includeCallerData>
-    <appender-ref ref="auth" />
-  </appender>
-
-  <logger name="org.onap.aai" level="DEBUG" additivity="false">
-    <appender-ref ref="asyncDEBUG"/>
-    <appender-ref ref="asyncSANE"/>
+  <logger name="org.onap.aai" level={{ .Values.log.level.base | upper | quote }} additivity="false">
     <appender-ref ref="STDOUT"/>
   </logger>
 
@@ -266,26 +107,19 @@
 
   <logger name="org.eclipse.jetty" level="WARN"/>
 
-  <logger name="org.onap.aai.aaf.auth" level="DEBUG" additivity="false">
-    <appender-ref ref="asyncAUTH" />
-    <appender-ref ref="STDOUT"/>
-  </logger>
+
   <logger name="org.onap.aai.aailog.logs.AaiScheduledTaskAuditLog" level="INFO">
-    <appender-ref ref="asyncAUDIT"/>
     <appender-ref ref="STDOUT"/>
   </logger>
 
   <logger name="org.onap.logging.filter.base.AbstractAuditLogFilter" level="INFO">
-    <appender-ref ref="asyncAUDIT"/>
     <appender-ref ref="STDOUT"/>
   </logger>
 
   <logger name="org.onap.aai.logging.ErrorLogHelper" level="WARN">
-    <appender-ref ref="asyncERROR"/>
     <appender-ref ref="STDOUT"/>
   </logger>
   <logger name="org.onap.aai.schemaservice.interceptors.post" level="DEBUG" additivity="false">
-    <appender-ref ref="asynctranslog" />
     <appender-ref ref="STDOUT"/>
   </logger>
 
@@ -297,6 +131,5 @@
 
   <root level={{ .Values.log.level.root | upper | quote }}>
     <appender-ref ref="STDOUT" />
-    <appender-ref ref="external"/>
   </root>
 </configuration>
diff --git a/kubernetes/aai/components/aai-schema-service/templates/configmap.yaml b/kubernetes/aai/components/aai-schema-service/templates/configmap.yaml
index 0490f4325a..b98b030c62 100644
--- a/kubernetes/aai/components/aai-schema-service/templates/configmap.yaml
+++ b/kubernetes/aai/components/aai-schema-service/templates/configmap.yaml
@@ -49,12 +49,3 @@ metadata:
   labels: {{- include "common.labels" . | nindent 4 }}
 data:
 {{ tpl (.Files.Glob "config/application.properties").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ include "common.fullname" . }}-realm
-  namespace: {{ include "common.namespace" . }}
-  labels: {{- include "common.labels" . | nindent 4 }}
-data:
-{{ tpl (.Files.Glob "config/realm.properties").AsConfig . | indent 2 }}
diff --git a/kubernetes/aai/components/aai-schema-service/templates/deployment.yaml b/kubernetes/aai/components/aai-schema-service/templates/deployment.yaml
index 45130d0f54..a0c532e502 100644
--- a/kubernetes/aai/components/aai-schema-service/templates/deployment.yaml
+++ b/kubernetes/aai/components/aai-schema-service/templates/deployment.yaml
@@ -57,6 +57,8 @@ spec:
         volumeMounts:
         - mountPath: /opt/app/aai-schema-service_rw
           name: aai-schema-service
+        - mountPath: /tmp
+          name: tmp-volume
       containers:
       - name: {{ include "common.name" . }}
         image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
@@ -85,12 +87,11 @@ spec:
         - mountPath: /opt/app/aai-schema-service/resources/localhost-access-logback.xml
           name: localhost-access-log-conf
           subPath: localhost-access-logback.xml
-        - mountPath: /opt/app/aai-schema-service/resources/etc/auth/realm.properties
-          name: realm-conf
-          subPath: realm.properties
         - mountPath: /opt/app/aai-schema-service/resources/application.properties
           name: springapp-conf
           subPath: application.properties
+        - mountPath: /tmp
+          name: tmp-volume
         ports:
         - containerPort: {{ .Values.service.appPort }}
           name: {{ .Values.service.appPortName }}
@@ -133,6 +134,9 @@ spec:
       - name: aai-schema-service
         emptyDir:
           sizeLimit: {{ .Values.volumes.aaiSizeLimit }}
+      - name: tmp-volume
+        emptyDir:
+          sizeLimit: {{ .Values.volumes.aaiSizeLimit }}
       - name: logs
         emptyDir:
           sizeLimit: {{ .Values.volumes.logSizeLimit }}
@@ -149,8 +153,5 @@ spec:
       - name: aaiconfig-conf
         configMap:
           name: {{ include "common.fullname" . }}-aaiconfig
-      - name: realm-conf
-        configMap:
-          name: {{ include "common.fullname" . }}-realm
       restartPolicy: {{ .Values.restartPolicy }}
       {{- include "common.imagePullSecrets" . | nindent 6 }}
diff --git a/kubernetes/aai/components/aai-schema-service/values.yaml b/kubernetes/aai/components/aai-schema-service/values.yaml
index f47c9a5e8e..71110712f8 100644
--- a/kubernetes/aai/components/aai-schema-service/values.yaml
+++ b/kubernetes/aai/components/aai-schema-service/values.yaml
@@ -26,15 +26,14 @@ global: # global defaults
     sampling:
       probability: 1.0 # percentage of requests that are sampled (between 0-1/0%-100%)
 
+  # Specifies if basic authorization is enabled
+  auth:
+    enabled: true
+    users:
+      - username: AAI
+        password: AAI
   # Common configuration for resources traversal and graphadmin
   config:
-    # Specifies if the basic authorization is enabled
-    basic:
-      auth:
-        enabled: true
-        username: AAI
-        passwd: AAI
-
     # Schema specific properties that include supported versions of api
     schema:
       source:
-- 
2.16.6