Updating basic requirements for Service Mesh Compliance within OOF.
Removed AAF dependencies in OOF deployments.
Resolved merge conflict for oof-has/resources/conflict/conductor.conf for DCAE
Issue-ID: OOM-2253
Change-Id: I660085ca94db723e4880dfa67aa31b604e712d15
Signed-off-by: amatthews <adrian.matthews@est.tech>
args:
- --container-name
- oof-has-controller
+ {{- if (include "common.needTLS" .) }}
- --container-name
- aaf-service
+ {{- end }}
env:
- name: NAMESPACE
valueFrom:
image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- if (include "common.needTLS" .) }}
- name: {{ include "common.name" . }}-has-sms-readiness
command:
- sh
fieldPath: metadata.namespace
image: {{ include "repositoryGenerator.image.curl" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- end }}
{{ include "common.certInitializer.initContainer" . | indent 6 }}
containers:
- mountPath: /usr/local/bin/log.conf
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: log.conf
+ {{- if (include "common.needTLS" .) }}
- mountPath: /usr/local/bin/AAF_RootCA.cer
name: {{ include "common.fullname" . }}-onap-certs
subPath: aaf_root_ca.cer
+ {{- end }}
resources:
{{ include "common.resources" . | indent 12 }}
- name: {{ include "common.name" . }}-nginx
args:
- "-c"
- |
+ {{- if (include "common.needTLS" .) }}
grep -v '^$' /opt/bitnami/nginx/ssl/local/org.onap.oof.crt > /tmp/oof.crt
cat /tmp/oof.crt /tmp/intermediate_root_ca.pem /tmp/AAF_RootCA.cer >> /opt/bitnami/nginx/org.onap.oof.crt
+ {{- end }}
/opt/bitnami/scripts/nginx/entrypoint.sh /opt/bitnami/scripts/nginx/run.sh
ports:
- containerPort: {{ .Values.service.internalPort }}
- mountPath: /opt/bitnami/nginx/conf/nginx.conf
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: nginx.conf
+ {{- if (include "common.needTLS" .) }}
- mountPath: /tmp/AAF_RootCA.cer
name: {{ include "common.fullname" . }}-onap-certs
subPath: aaf_root_ca.cer
- mountPath: /tmp/intermediate_root_ca.pem
name: {{ include "common.fullname" . }}-onap-certs
subPath: intermediate_root_ca.pem
+ {{- end }}
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
path: conductor.conf
- key: log.conf
path: log.conf
+{{- if (include "common.needTLS" .) }}
{{ include "oof.certificate.volume" . | indent 8 }}
+{{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.externalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
externalPort: 8091
internalPort: 8091
nodePort: 75
- portName: oof-has-api
+ portName: http
#backend container info
uwsgi:
args:
- --job-name
- {{ include "common.release" . }}-{{ .Values.config.etcd.configJobNameOverride }}-job
+ {{- if (include "common.needTLS" .) }}
- --container-name
- aaf-sms
+ {{- end }}
env:
- name: NAMESPACE
valueFrom:
image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- if (include "common.needTLS" .) }}
- name: {{ include "common.name" . }}-cont-sms-readiness
command:
- sh
fieldPath: metadata.namespace
image: {{ include "repositoryGenerator.image.curl" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- end }}
containers:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.image.optf_has }}
- mountPath: /usr/local/bin/healthy.sh
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: healthy.sh
+ {{- if (include "common.needTLS" .) }}
- mountPath: /usr/local/bin/AAF_RootCA.cer
name: {{ include "common.fullname" . }}-onap-certs
subPath: aaf_root_ca.cer
+ {{- end }}
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
path: log.conf
- key: healthy.sh
path: healthy.sh
+{{- if (include "common.needTLS" .) }}
{{ include "oof.certificate.volume" . | indent 8 }}
+{{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- if (include "common.needTLS" .) }}
- name: {{ include "common.name" . }}-data-sms-readiness
command:
- sh
fieldPath: metadata.namespace
image: {{ include "repositoryGenerator.image.curl" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- end }}
containers:
- name: {{ include "common.name" . }}
- mountPath: /usr/local/bin/healthy.sh
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: healthy.sh
+ {{- if (include "common.needTLS" .) }}
- mountPath: /usr/local/bin/aai_cert.cer
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: aai_cert.cer
- mountPath: /usr/local/bin/AAF_RootCA.cer
name: {{ include "common.fullname" . }}-onap-certs
subPath: aaf_root_ca.cer
+ {{- end }}
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
path: log.conf
- key: healthy.sh
path: healthy.sh
+ {{- if (include "common.needTLS" .) }}
- key: aai_cert.cer
path: aai_cert.cer
- key: aai_key.key
path: aai_key.key
+ {{- end }}
+{{- if (include "common.needTLS" .) }}
{{ include "oof.certificate.volume" . | indent 8 }}
+{{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- if (include "common.needTLS" .) }}
- name: {{ include "common.name" . }}-resrv-sms-readiness
command:
- sh
fieldPath: metadata.namespace
image: {{ include "repositoryGenerator.image.curl" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- end }}
containers:
- name: {{ include "common.name" . }}
- mountPath: /usr/local/bin/healthy.sh
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: healthy.sh
+ {{- if (include "common.needTLS" .) }}
- mountPath: /usr/local/bin/AAF_RootCA.cer
name: {{ include "common.fullname" . }}-onap-certs
subPath: aaf_root_ca.cer
+ {{- end }}
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
path: log.conf
- key: healthy.sh
path: healthy.sh
+{{- if (include "common.needTLS" .) }}
{{ include "oof.certificate.volume" . | indent 8 }}
+{{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- if (include "common.needTLS" .) }}
- name: {{ include "common.name" . }}-solvr-sms-readiness
command:
- sh
fieldPath: metadata.namespace
image: {{ include "repositoryGenerator.image.curl" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- end }}
containers:
- name: {{ include "common.name" . }}
- mountPath: /usr/local/bin/healthy.sh
name: {{ .Values.global.commonConfigPrefix }}-config
subPath: healthy.sh
+ {{- if (include "common.needTLS" .) }}
- mountPath: /usr/local/bin/AAF_RootCA.cer
name: {{ include "common.fullname" . }}-onap-certs
subPath: aaf_root_ca.cer
+ {{- end }}
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
path: log.conf
- key: healthy.sh
path: healthy.sh
+{{- if (include "common.needTLS" .) }}
{{ include "oof.certificate.volume" . | indent 8 }}
+{{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
#
# is_aaf_enabled. (boolean value)
-is_aaf_enabled = true
+is_aaf_enabled = {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
# aaf_cache_expiry_hrs. (integer value)
aaf_cache_expiry_hrs = 3
# aaf_url. (string value)
-aaf_url = https://{{.Values.config.aaf.serviceName}}:{{.Values.config.aaf.port}}/authz/perms/user/
+aaf_url = http{{ if (include "common.needTLS" .) }}s{{ end }}://{{.Values.config.aaf.serviceName}}:{{.Values.config.aaf.port}}/authz/perms/user/
# aaf_cert_file. (string value)
#aaf_cert_file = <None>
# aaf_ca_bundle_file. (string value)
#aaf_ca_bundle_file =
-aaf_ca_bundle_file = /usr/local/bin/AAF_RootCA.cer
+aaf_ca_bundle_file = {{ if (include "common.needTLS" .) }}/usr/local/bin/AAF_RootCA.cer{{ end }}
# aaf_retries. (integer value)
#aaf_retries = 3
# From conductor
#
+# is_enabled. (boolean value)
+is_enabled = {{ (eq "true" (include "common.needTLS" .)) | ternary true false }}
+
# Base URL for SMS, up to and not including the version, and without a trailing
# slash. (string value)
-aaf_sms_url = https://{{.Values.config.sms.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.sms.port}}
+aaf_sms_url = http{{ if (include "common.needTLS" .) }}s{{ end }}://{{.Values.config.sms.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.sms.port}}
# Timeout for SMS API Call (integer value)
# Base URL for A&AI, up to and not including the version, and without a
# trailing slash. (string value)
-server_url = https://{{.Values.config.aai.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.aai.port}}/aai
+#server_url = https://{{.Values.config.aai.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.aai.port}}/aai
+server_url = http{{ if (include "common.needTLS" .) }}s{{ end }}://{{.Values.config.aai.serviceName}}.{{ include "common.namespace" . }}:{{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.aai.port .Values.config.aai.plainPort }}/aai
# Timeout for A&AI Rest Call (string value)
#aai_rest_timeout = 30
# Certificate Authority Bundle file in pem format. Must contain the appropriate
# trust chain for the Certificate file. (string value)
#certificate_authority_bundle_file = certificate_authority_bundle.pem
-certificate_authority_bundle_file = /usr/local/bin/AAF_RootCA.cer
+certificate_authority_bundle_file = {{ if (include "common.needTLS" .) }}/usr/local/bin/AAF_RootCA.cer{{ end }}
# Username for AAI. (string value)
username = OOF
# Base URL for SDC, up to and not including the version, and without a
# trailing slash. (string value)
#server_url = https://controller:8443/sdc
-server_url = https://{{.Values.config.sdc.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.sdc.port}}/sdc
+#server_url = https://{{.Values.config.sdc.serviceName}}.{{ include "common.namespace" . }}:{{.Values.config.sdc.port}}/sdc
+server_url = http{{ if (include "common.needTLS" .) }}s{{ end }}://{{.Values.config.sdc.serviceName}}.{{ include "common.namespace" . }}:{{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdc.port .Values.config.sdc.plainPort }}/sdc
# Timeout for SDC Rest Call (string value)
#sdc_rest_timeout = 30
# Certificate Authority Bundle file in pem format. Must contain the appropriate
# trust chain for the Certificate file. (string value)
#certificate_authority_bundle_file = certificate_authority_bundle.pem
-certificate_authority_bundle_file = /usr/local/bin/AAF_RootCA.cer
+certificate_authority_bundle_file = {{ if (include "common.needTLS" .) }}/usr/local/bin/AAF_RootCA.cer{{ end }}
# Username for SDC. (string value)
#username =
# Certificate Authority Bundle file in pem format. Must contain the appropriate
# trust chain for the Certificate file. (string value)
#certificate_authority_bundle_file = certificate_authority_bundle.pem
-certificate_authority_bundle_file = /usr/local/bin/AAF_RootCA.cer
+certificate_authority_bundle_file = {{ if (include "common.needTLS" .) }}/usr/local/bin/AAF_RootCA.cer{{ end }}
# Username for CPS. (string value)
#username =
# Certificate Authority Bundle file in pem format. Must contain the appropriate
# trust chain for the Certificate file. (string value)
#certificate_authority_bundle_file = certificate_authority_bundle.pem
-certificate_authority_bundle_file = /usr/local/bin/AAF_RootCA.cer
+certificate_authority_bundle_file = {{ if (include "common.needTLS" .) }}/usr/local/bin/AAF_RootCA.cer{{ end }}
# Username for DCAE. (string value)
#username =
server {
+{{ if (include "common.needTLS" .) }}
listen 8091 ssl;
server_name oof;
ssl_certificate /opt/bitnami/nginx/org.onap.oof.crt;
ssl_certificate_key /opt/bitnami/nginx/ssl/local/org.onap.oof.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
+{{ else }}
+ listen 8091;
+ server_name oof;
+{{ end }}
location / {
include /opt/bitnami/nginx/conf/uwsgi_params;
aai:
serviceName: aai
port: 8443
+ plainPort: 80
msb:
serviceName: msb-iag
port: 80
sdc:
serviceName: sdc-be
port: 8443
+ plainPort: 8080
cps:
service: cps-tbdmt
port: 8080
external: 8698 # clients use this port on DockerHost
osdf_ip_default: 0.0.0.0
# # Important Note: At deployment time, we need to ensure the port mapping is done
- ssl_context: ['/opt/osdf/org.onap.oof.crt', '/opt/osdf/osaaf/local/org.onap.oof.key']
+ ssl_context: {{ if (include "common.needTLS" .) }}['/opt/osdf/org.onap.oof.crt', '/opt/osdf/osaaf/local/org.onap.oof.key']{{ end }}
osdf_temp: # special configuration required for "workarounds" or testing
local_policies:
placementDefaultPatchVersion: {{ .Values.config.placementDefaultPatchVersion }}
# Credentials for Conductor
-conductorUrl: {{ .Values.config.conductorUrl }}
+conductorUrl: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.conductorUrl.https .Values.config.conductorUrl.http }}
conductorPingWaitTime: {{ .Values.config.conductorPingWaitTime }}
conductorMaxRetries: {{ .Values.config.conductorMaxRetries }}
# versions to be set in HTTP header
conductorMinorVersion: {{ .Values.config.conductorMinorVersion }}
# Policy Platform -- requires ClientAuth, Authorization, and Environment
-policyPlatformUrl: {{ .Values.config.policyPlatformUrl }}
+policyPlatformUrl: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.policyPlatformUrl.https .Values.config.policyPlatformUrl.http }}
policyPlatformEnv: {{ .Values.config.policyPlatformEnv }}
# Credentials for DMaaP
is_aaf_enabled: {{ .Values.config.is_aaf_enabled }}
aaf_cache_expiry_mins: {{ .Values.config.aaf_cache_expiry_mins }}
-aaf_url: {{ .Values.config.aaf_url }}
+aaf_url: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.aaf_url.https .Values.config.aaf_url.http }}
aaf_user_roles:
{{- range .Values.config.aaf_user_roles }}
- {{ . }}
{{- end }}
# Secret Management Service from AAF
-aaf_sms_url: {{ .Values.config.aaf_sms_url }}.{{ include "common.namespace" . }}:{{ .Values.config.aaf_sms_port }}
+aaf_sms_url: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.aaf_sms_url.https .Values.config.aaf_sms_url.http }}.{{ include "common.namespace" . }}:{{ .Values.config.aaf_sms_port }}
aaf_sms_timeout: {{ .Values.config.aaf_sms_timeout }}
secret_domain: {{ .Values.config.secret_domain }}
aaf_ca_certs: {{ .Values.config.aaf_ca_certs }}
cpsNbrListUrl: {{ .Values.config.cps.nbrListUrl }}
# AAI api
-aaiUrl: {{ .Values.config.aaiUrl }}
+aaiUrl: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.aaiUrl.https .Values.config.aaiUrl.http }}
aaiGetLinksUrl: {{ .Values.config.aaiGetLinksUrl }}
aaiServiceInstanceUrl : {{ .Values.config.aaiServiceInstanceUrl }}
aaiGetControllersUrl: {{ .Values.config.aaiGetControllersUrl }}
dslQueryPath: /aai/v23/dsl?format=
#DES api
-desUrl: {{ .Values.config.desUrl }}
+desUrl: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.desUrl.https .Values.config.desUrl.http }}
desApiPath: {{ .Values.config.desApiPath }}
desHeaders:
Accept: application/json
appkey: ''
activateConsulConfig: False
-
image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-readiness
+ {{- if (include "common.needTLS" .) }}
- command:
- sh
- -c
- resp="FAILURE";
until [ $resp = "200" ]; do
- resp=$(curl -s -o /dev/null -k --write-out %{http_code} https://aaf-sms.{{ include "common.namespace" . }}:10443/v1/sms/domain/osdf/secret);
+ resp=$(curl -s -o /dev/null -k --write-out %{http_code} http{{ if (include "common.needTLS" .) }}s{{ end }}://aaf-sms.{{ include "common.namespace" . }}:10443/v1/sms/domain/osdf/secret);
echo $resp;
sleep 2;
done
image: {{ include "repositoryGenerator.image.curl" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-osdf-sms-readiness
+ {{- end }}
{{ include "common.certInitializer.initContainer" . | indent 6 }}
containers:
- name: {{ include "common.name" . }}
args:
- "-c"
- |
+ {{- if (include "common.needTLS" .) }}
grep -v '^$' /opt/osdf/osaaf/local/org.onap.oof.crt > /tmp/oof.crt
cat /tmp/oof.crt /opt/app/ssl_cert/intermediate_root_ca.pem /opt/app/ssl_cert/aaf_root_ca.cer >> /opt/osdf/org.onap.oof.crt
+ {{ end }}
python osdfapp.py
ports:
- containerPort: {{ .Values.service.internalPort }}
- mountPath: /opt/osdf/config/osdf_config.yaml
name: {{ include "common.fullname" . }}-config
subPath: osdf_config.yaml
+ {{- if (include "common.needTLS" .) }}
- mountPath: /opt/app/ssl_cert/aaf_root_ca.cer
name: {{ include "common.fullname" . }}-onap-certs
subPath: aaf_root_ca.cer
- mountPath: /opt/app/ssl_cert/intermediate_root_ca.pem
name: {{ include "common.fullname" . }}-onap-certs
subPath: intermediate_root_ca.pem
+ {{- end }}
- mountPath: /opt/osdf/config/common_config.yaml
name: {{ include "common.fullname" . }}-config
subPath: common_config.yaml
- port: {{ .Values.service.externalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.name }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.name }}{{ if (include "common.needTLS" .) }}s{{ end }}
{{- end}}
selector:
app: {{ include "common.name" . }}
placementDefaultPatchVersion: "0"
# Url and credentials for Conductor.
- conductorUrl: https://oof-has-api:8091/v1/plans/
+ conductorUrl:
+ https: https://oof-has-api:8091/v1/plans/
+ http: http://oof-has-api:8091/v1/plans/
conductorPingWaitTime: 10
conductorMaxRetries: 30
# versions to be set in HTTP header
conductorMinorVersion: 0
# Url and credentials for the Policy Platform
- policyPlatformUrl: https://policy-xacml-pdp:6969/policy/pdpx/v1/decision # Policy Dev platform URL
+ policyPlatformUrl:
+ https: https://policy-xacml-pdp:6969/policy/pdpx/v1/decision # Policy Dev platform URL
+ http: http://policy-xacml-pdp:8080/policy/pdpx/v1/decision
policyPlatformEnv: TEST # Environment for policy platform
# Credentials for the message reader - A placeholder.
messageReaderHosts: NA
#AAF Authentication
is_aaf_enabled: False
aaf_cache_expiry_mins: 5
- aaf_url: https://aaf-service:8100
+ aaf_url:
+ https: https://aaf-service:8100
+ http: http://aaf-service:8080
aaf_user_roles:
- '/placement:org.onap.oof.access|*|read ALL'
- '/pci:org.onap.oof.access|*|read ALL'
# Secret Management Service from AAF
- aaf_sms_url: https://aaf-sms
+ aaf_sms_url:
+ https: https://aaf-sms
+ http: http://aaf-sms
aaf_sms_port: 10443
aaf_sms_timeout: 30
secret_domain: osdf
nbrListUrl: 'ran-network/getNbrList'
#aai api
- aaiUrl: https://aai:8443
+ aaiUrl:
+ https: https://aai:8443
+ http: http://aai:8080
aaiGetLinksUrl: /aai/v16/network/logical-links
aaiServiceInstanceUrl : /aai/v20/nodes/service-instances/service-instance/
aaiGetControllersUrl: /aai/v19/external-system/esr-thirdparty-sdnc-list
controllerQueryUrl: /aai/v19/query?format=resource
aaiGetInterDomainLinksUrl: /aai/v19/network/logical-links?link-type=inter-domain&operational-status=up
#des api
- desUrl: https://des.url:9000
+ desUrl:
+ https: https://des.url:9000
+ http: http://des.url:8080
desApiPath: /datalake/v1/exposure/
desUsername: ''
desPassword: ''
Code Review / oom.git / commitdiff