"UserName": "${OSDF_OPT_ENGINE_USER}",
"Password": "${OSDF_OPT_ENGINE_PASS}"
}
+ },
+ {
+ "name": "cps",
+ "values": {
+ "UserName": "${CPS_USER}",
+ "Password": "${CPS_PASS}"
+ }
}
]
}
export OSDF_OPT_ENGINE_PASS=${OSDF_OPT_ENGINE_PASS_PLAIN};
export SO_PASS=${SO_PASS_PLAIN};
export SDC_PASS=${SDC_PASS_PLAIN};
+ export CPS_PASS=${CPS_PASS_PLAIN};
cd /config-input;
for PFILE in `find . -not -type d | grep -v -F ..`; do
envsubst <${PFILE} >/config/${PFILE};
- name: SDC_PASS_PLAIN
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdc-creds" "key" "password") | indent 10 }}
+ - name: CPS_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-creds" "key" "login") | indent 10 }}
+ - name: CPS_PASS_PLAIN
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-creds" "key" "password") | indent 10 }}
+
volumeMounts:
- mountPath: /config-input
name: {{ include "common.name" . }}-preload-input
login: '{{ .Values.oofCreds.sdcUsername }}'
password: '{{ .Values.oofCreds.sdcPassword }}'
passwordPolicy: required
+ - uid: cps-creds
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.oofCreds.cpsUserExternalSecret) . }}'
+ login: '{{ .Values.oofCreds.cpsUsername }}'
+ password: '{{ .Values.oofCreds.cpsPassword }}'
+ passwordPolicy: required
oofCreds:
aaiUsername: oof@oof.onap.org
aaiPassword: demo123456!
sdcUsername: aai
sdcPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+ cpsUsername: ''
+ cpsPassword: ''
+ cpsUserExternalSecret: '{{ include "common.release" . }}-cps-core-app-user-creds'
+
# Configure resource requests and limits
resources:
small:
--- /dev/null
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
--- /dev/null
+# Copyright © 2021 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: Chart for Postgres init job
+name: postgres-init
+version: 8.0.0
--- /dev/null
+# Copyright © 2021 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~8.x-0
+ repository: 'file://../common'
+ - name: repositoryGenerator
+ version: ~8.x-0
+ repository: 'file://../repositoryGenerator'
--- /dev/null
+--- User Setup
+CREATE USER "${PG_USER}" LOGIN;
+ALTER USER "${PG_USER}" PASSWORD '${PG_PASSWORD}';
+
+CREATE DATABASE ${PG_DATABASE};
+GRANT ALL PRIVILEGES ON DATABASE ${PG_DATABASE} TO "${PG_USER}";
+
+--- PG_DATABASE Setup
+
+\c ${PG_DATABASE}
+
+CREATE EXTENSION IF NOT EXISTS pg_stat_statements;
+CREATE EXTENSION IF NOT EXISTS pgaudit;
+
+--- Create schema for PG_USER
+
+\c ${PG_DATABASE}
+
+CREATE SCHEMA IF NOT EXISTS "${PG_USER}" AUTHORIZATION "${PG_USER}";
--- /dev/null
+{{/*
+# Copyright © 2021 Orange
+#
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
--- /dev/null
+{{/*
+# Copyright © 2021 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}-config-job
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+spec:
+ backoffLimit: 20
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ include "common.release" . }}
+ name: {{ include "common.name" . }}
+ spec:
+ initContainers:
+ - name: {{ include "common.name" . }}-readiness
+ command:
+ - /app/ready.py
+ args:
+ - --container-name
+ - {{ .Values.global.postgres.container.name }}
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: {{ include "repositoryGenerator.image.readiness" . }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ containers:
+ - command:
+ - sh
+ args:
+ - -c
+ - |
+ function prepare_password {
+ echo -n $1 | sed -e "s/'/''/g"
+ }
+ export PG_PASSWORD=`prepare_password $PG_PASSWORD_INPUT`;
+ export PG_ROOT_PASSWORD=`prepare_password $PG_ROOT_PASSWORD_INPUT`;
+ cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done;
+ psql "postgresql://postgres:$PG_ROOT_PASSWORD@$PG_HOST" < /config/setup.sql
+ env:
+ - name: PG_HOST
+ value: "{{ .Values.global.postgres.service.name2 }}"
+ - name: PG_PRIMARY_USER
+ value: primaryuser
+ - name: MODE
+ value: postgres
+ - name: PG_PRIMARY_PASSWORD_INPUT
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.postgres.secret.primaryPasswordUID" .) "key" "password") | indent 10 }}
+ - name: PG_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "login") | indent 10 }}
+ - name: PG_PASSWORD_INPUT
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.postgres.secret.userCredentialsUID" .) "key" "password") | indent 10 }}
+ - name: PG_DATABASE
+ value: "{{ .Values.config.pgDatabase }}"
+ - name: PG_ROOT_PASSWORD_INPUT
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.postgres.secret.rootPassUID" .) "key" "password") | indent 10 }}
+ volumeMounts:
+ - mountPath: /config-input/setup.sql
+ name: config
+ subPath: setup.sql
+ - mountPath: /config
+ name: pgconf
+ image: {{ include "repositoryGenerator.image.postgres" . }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-update-config
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /config-input/setup.sql
+ name: config
+ subPath: setup.sql
+ - mountPath: /config
+ name: pgconf
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: config
+ configMap:
+ name: {{ include "common.fullname" . }}
+ - name: pgconf
+ emptyDir:
+ medium: Memory
+ restartPolicy: Never
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+{{/*
+# Copyright © 2021 Orange
+# #
+# # Licensed under the Apache License, Version 2.0 (the "License");
+# # you may not use this file except in compliance with the License.
+# # You may obtain a copy of the License at
+# #
+# # http://www.apache.org/licenses/LICENSE-2.0
+# #
+# # Unless required by applicable law or agreed to in writing, software
+# # distributed under the License is distributed on an "AS IS" BASIS,
+# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# # See the License for the specific language governing permissions and
+# # limitations under the License.
+*/}}
+{{ include "common.secretFast" . }}
--- /dev/null
+# Copyright © 2021 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ postgres:
+ service:
+ name: pgset
+ container:
+ name: postgres
+
+#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+ - uid: '{{ include "common.postgres.secret.rootPassUID" . }}'
+ type: password
+ externalSecret: '{{ tpl (default "" .Values.config.pgRootPasswordExternalSecret) . }}'
+ password: '{{ .Values.config.pgRootPassword }}'
+ - uid: '{{ include "common.postgres.secret.userCredentialsUID" . }}'
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.config.pgUserExternalSecret) . }}'
+ login: '{{ .Values.config.pgUserName }}'
+ password: '{{ .Values.config.pgUserPassword }}'
+ - uid: '{{ include "common.postgres.secret.primaryPasswordUID" . }}'
+ type: password
+ externalSecret: '{{ tpl (default "" .Values.config.pgPrimaryPasswordExternalSecret) . }}'
+ password: '{{ .Values.config.pgPrimaryPassword }}'
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+
+pullPolicy: Always
+
+# application configuration
+config:
+ pgUserName: testuser
+ pgDatabase: userdb
+ pgDataPath: data
+ pgRootPasswordExternalSecret: '{{ include "common.namespace" . }}-postgres-db-root-password'
+ # pgPrimaryPassword: password
+ # pgUserPassword: password
+ # pgRootPassword: password
+
+nodeSelector: {}
+
+affinity: {}
+
+flavor: small
+
+#resources: {}
+# We usually recommend not to specify default resources and to leave this as a conscious
+# choice for the user. This also increases chances charts run on environments with little
+# resources, such as Minikube. If you do want to specify resources, uncomment the following
+# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+#
+# Example:
+# Configure resource requests and limits
+# ref: http://kubernetes.io/docs/user-guide/compute-resources/
+# Minimum memory for development is 2 CPU cores and 4GB memory
+# Minimum memory for production is 4 CPU cores and 8GB memory
+resources:
+ small:
+ limits:
+ cpu: 100m
+ memory: 300Mi
+ requests:
+ cpu: 10m
+ memory: 90Mi
+ large:
+ limits:
+ cpu: 2
+ memory: 4Gi
+ requests:
+ cpu: 1
+ memory: 2Gi
+ unlimited: {}
{{/*
# Copyright © 2018 Amdocs, AT&T, Bell Canada
# Copyright © 2020 Samsung Electronics
+# Copyright © 2021 Orange
# Modifications Copyright (C) 2021 Bell Canada.
# #
# # Licensed under the Apache License, Version 2.0 (the "License");
- name: PG_MODE
value: {{ $pgMode }}
- name: PG_PRIMARY_HOST
- value: "{{ $dot.Values.container.name.primary }}"
+ value: "{{ $dot.Values.service.name2 }}"
- name: PG_REPLICA_HOST
- value: "{{ $dot.Values.container.name.replica }}"
+ value: "{{ $dot.Values.service.name3 }}"
- name: PG_PRIMARY_PORT
value: "{{ $dot.Values.service.internalPort }}"
- name: PG_PRIMARY_PASSWORD
cpu: 500m
memory: 1Gi
serviceAccount: {{ include "common.fullname" . }}
- serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
+ serviceAccountName: {{ include "common.fullname" . }}
volumes:
- configMap:
defaultMode: 420
- name: postgres
version: ~8.x-0
repository: '@local'
+ condition: global.postgres.localCluster
+ - name: postgres-init
+ version: ~8.x-0
+ repository: '@local'
+ condition: not global.postgres.localCluster
+ #condition: global.postgres.postgresInit
- name: readinessCheck
version: ~8.x-0
repository: '@local'
# Copyright (C) 2021 Pantheon.tech
# Modifications Copyright (C) 2020 Bell Canada.
# Modifications Copyright (C) 2021 Nordix Foundation.
+# Modifications Copyright (C) 2021 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
spring:
datasource:
+{{- if .Values.global.postgres.localCluster }}
url: jdbc:postgresql://{{ .Values.postgres.service.name2 }}:5432/{{ .Values.postgres.config.pgDatabase }}
+{{- else }}
+ url: jdbc:postgresql://{{ .Values.global.postgres.service.name2 }}:5432/{{ .Values.postgres.config.pgDatabase }}
+{{- end }}
username: ${DB_USERNAME}
password: ${DB_PASSWORD}
driverClassName: org.postgresql.Driver
ingress:
virtualhost:
baseurl: "simpledemo.onap.org"
+ #Service Names of the postgres db to connect to.
+ #Override it to cps-postgres if localCluster is enabled.
+ postgres:
+ localCluster: false
+ service:
+ name: pgset
+ name2: tcp-pgset-primary
+ name3: tcp-pgset-replica
+ container:
+ name: postgres
image: onap/cps-and-ncmp:2.0.0
containerPort: &svc_port 8080
pgUserExternalSecret: *pgUserCredsSecretName
pgRootPasswordExternalSecret: *pgRootPassSecretName
+postgres-init:
+ nameOverride: cps-postgres-init
+ config:
+ pgUserName: cps
+ pgDatabase: cpsdb
+ pgDataPath: data
+ pgUserExternalSecret: *pgUserCredsSecretName
+
+ # pgPrimaryPassword: password
+ # pgUserPassword: password
+ # pgRootPassword: password
+
readinessCheck:
wait_for:
- - *postgresName
+ - '{{ ternary .Values.postgres.service.name "postgres" .Values.global.postgres.localCluster }}'
minReadySeconds: 10
updateStrategy:
# Application configuration defaults.
#################################################################
# application image
-image: onap/msb/msb_apigateway:1.3.0
+image: onap/msb/msb_apigateway:1.3.1
pullPolicy: Always
istioSidecar: true
# Application configuration defaults.
#################################################################
# application image
-image: onap/msb/msb_apigateway:1.3.0
+image: onap/msb/msb_apigateway:1.3.1
pullPolicy: Always
istioSidecar: true
# Copyright © 2019 Amdocs, Bell Canada
# Copyright (c) 2020 Nordix Foundation, Modifications
# Modifications Copyright © 2020 Nokia
+# Modifications Copyright © 2021 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
version: ~8.x-0
repository: '@local'
condition: portal.enabled
+ - name: postgres
+ version: ~8.x-0
+ repository: '@local'
+ condition: postgres.enabled
- name: oof
version: ~8.x-0
repository: '@local'
version: ~8.x-0
repository: '@local'
condition: roles-wrapper.enabled
+ - name: timescaledb
+ version: ~8.x-0
+ repository: '@local'
+ condition: timescaledb.enabled
# Copyright © 2019 Amdocs, Bell Canada
# Copyright (c) 2020 Nordix Foundation, Modifications
# Modifications Copyright © 2020 Nokia
+# Modifications Copyright © 2021 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
enabled: true
mariadb-galera:
enabled: true
+postgres:
+ enabled: true
aaf:
enabled: true
aai:
global: # global defaults
nodePortPrefix: 302
image:
- optf_has: onap/optf-has:2.2.0
+ optf_has: onap/optf-has:2.2.1
#################################################################
# secrets metaconfig
global:
image:
- optf_has: onap/optf-has:2.2.0
+ optf_has: onap/optf-has:2.2.1
#################################################################
# Secrets metaconfig
global:
image:
- optf_has: onap/optf-has:2.2.0
+ optf_has: onap/optf-has:2.2.1
#################################################################
# secrets metaconfig
global:
image:
- optf_has: onap/optf-has:2.2.0
+ optf_has: onap/optf-has:2.2.1
#################################################################
# secrets metaconfig
global:
image:
- optf_has: onap/optf-has:2.2.0
+ optf_has: onap/optf-has:2.2.1
#################################################################
# secrets metaconfig
global:
commonConfigPrefix: onap-oof-has
image:
- optf_has: onap/optf-has:2.2.0
+ optf_has: onap/optf-has:2.2.1
persistence:
enabled: true
secret_domain: {{ .Values.config.secret_domain }}
aaf_ca_certs: {{ .Values.config.aaf_ca_certs }}
+configClientType: {{ .Values.config.configClientType }}
+
# config db api
configDbUrl: {{ .Values.config.configDbUrl }}
configDbGetCellListUrl: {{ .Values.config.configDbGetCellListUrl }}
configDbGetNbrListUrl: {{ .Values.config.configDbGetNbrListUrl }}
+# cps api
+cpsUrl: {{ .Values.config.cps.Url }}
+cpsCellListUrl: {{ .Values.config.cps.cellListUrl }}
+cpsNbrListUrl: {{ .Values.config.cps.nbrListUrl }}
+
# AAI api
aaiUrl: {{ .Values.config.aaiUrl }}
aaiGetLinksUrl: {{ .Values.config.aaiGetLinksUrl }}
- |
grep -v '^$' /opt/osdf/osaaf/local/org.onap.oof.crt > /tmp/oof.crt
cat /tmp/oof.crt /opt/app/ssl_cert/intermediate_root_ca.pem /opt/app/ssl_cert/aaf_root_ca.cer >> /opt/osdf/org.onap.oof.crt
- ./osdfapp.sh -x osdfapp.py
+ python osdfapp.py
ports:
- containerPort: {{ .Values.service.internalPort }}
# disable liveness probe when breakpoints set in debugger
# Application configuration defaults.
#################################################################
# application image
-image: onap/optf-osdf:3.0.4
+image: onap/optf-osdf:3.0.6
pullPolicy: Always
# flag to enable debugging - application support required
aaf_sms_timeout: 30
secret_domain: osdf
aaf_ca_certs: /opt/app/ssl_cert/aaf_root_ca.cer
+ configClientType: cps
# config db api
configDbUrl: http://configdb:8080
configDbGetCellListUrl: 'api/sdnc-config-db/v3/getCellList'
configDbGetNbrListUrl: 'api/sdnc-config-db/v3/getNbrList'
+ # cps api
+ cps:
+ url: cps-tbdmt:8080/execute
+ cellListUrl: 'ran-network/getCellList'
+ nbrListUrl: 'ran-network/getNbrList'
+
#aai api
aaiUrl: https://aai:8443
aaiGetLinksUrl: /aai/v16/network/logical-links
# application image
repository: nexus3.onap.org:10001
-image: onap/usecase-ui-server:4.0.3
+image: onap/usecase-ui-server:4.0.5
pullPolicy: Always
# application configuration
flavor: small
# application image
-image: onap/usecase-ui:4.0.3
+image: onap/usecase-ui:4.0.5
pullPolicy: Always
# application configuration