Merge "Make Policy PAP exposition configurable" into frankfurt

diff --git a/kubernetes/aaf/charts/aaf-sms/resources/config/osdf.json b/kubernetes/aaf/charts/aaf-sms/resources/config/osdf.json
index 7666ff3..add0808 100644 (file)
--- a/kubernetes/aaf/charts/aaf-sms/resources/config/osdf.json
+++ b/kubernetes/aaf/charts/aaf-sms/resources/config/osdf.json
@@ -5,8 +5,8 @@
             {
                 "name": "so",
                 "values": {
-                    "UserName": "",
-                    "Password": ""
+                    "UserName": "${SO_USER}",
+                    "Password": "${SO_PASS}"
                 }
             },
             {

diff --git a/kubernetes/aaf/charts/aaf-sms/templates/job.yaml b/kubernetes/aaf/charts/aaf-sms/templates/job.yaml
index 7a17b91..bb145ef 100644 (file)
--- a/kubernetes/aaf/charts/aaf-sms/templates/job.yaml
+++ b/kubernetes/aaf/charts/aaf-sms/templates/job.yaml
@@ -51,6 +51,7 @@ spec:
            export CONFIG_DB_PASS=${CONFIG_DB_PASS_PLAIN};
            export OSDF_PCI_OPT_PASS=${OSDF_PCI_OPT_PASS_PLAIN};
            export OSDF_OPT_ENGINE_PASS=${OSDF_OPT_ENGINE_PASS_PLAIN};
+           export SO_PASS=${SO_PASS_PLAIN};
            cd /config-input;
            for PFILE in `find . -not -type d | grep -v -F ..`; do
              envsubst <${PFILE} >/config/${PFILE};
@@ -125,6 +126,12 @@ spec:
           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "osdf-opt-engine-creds" "key" "login") | indent 10 }}
         - name: OSDF_OPT_ENGINE_PASS_PLAIN
           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "osdf-opt-engine-creds" "key" "password") | indent 10 }}
+
+        - name: SO_USER
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-creds" "key" "login") | indent 10 }}
+        - name: SO_PASS_PLAIN
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-creds" "key" "password") | indent 10 }}
+
         volumeMounts:
         - mountPath: /config-input
           name: {{ include "common.name" . }}-preload-input

diff --git a/kubernetes/aaf/charts/aaf-sms/values.yaml b/kubernetes/aaf/charts/aaf-sms/values.yaml
index 12312c5..7e0aa5c 100644 (file)
--- a/kubernetes/aaf/charts/aaf-sms/values.yaml
+++ b/kubernetes/aaf/charts/aaf-sms/values.yaml
@@ -156,6 +156,11 @@ secrets:
     login: '{{ .Values.oofCreds.osdfOptEngineUsername }}'
     password: '{{ .Values.oofCreds.osdfOptEnginePassword }}'
     passwordPolicy: required
+  - uid: so-creds
+    type: basicAuth
+    login: '{{ .Values.oofCreds.soUsername }}'
+    password: '{{ .Values.oofCreds.soPassword }}'
+    passwordPolicy: required
 
 oofCreds:
   aaiUsername: oof@oof.onap.org
@@ -173,11 +178,11 @@ oofCreds:
   aafUsername: aaf_admin@people.osaaf.org
   aafPassword: demo123456!
 
-  policyPlatUsername: testpdp
-  policyPlatPassword: alpha123
+  policyPlatUsername: healthcheck
+  policyPlatPassword: zb!XztG34
 
-  policyCliUsername: python
-  policyCliPassword: test
+  policyCliUsername: healthcheck
+  policyCliPassword: zb!XztG34
 
   osdfPlacementUsername: test
   osdfPlacementPassword: testpwd
@@ -200,6 +205,9 @@ oofCreds:
   osdfOptEngineUsername: opt_test
   osdfOptEnginePassword: opt_testpwd
 
+  soUsername: apihBpmn
+  soPassword: password1$
+
 # Configure resource requests and limits
 resources:
   small:

diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/appc.properties b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/appc.properties
index 978dead..5426456 100644 (file)
--- a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/appc.properties
+++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/appc.properties
@@ -34,7 +34,7 @@ appc.demo.threads.poolsize.max=2
 appc.demo.provider.user={{.Values.config.odlUser}}
 appc.demo.provider.pass={{.Values.config.odlPassword}}
 appc.demo.provider.url=http://localhost:8181/restconf/operations/appc-provider
-appc.provider.vfodl.url=http://{{.Values.config.odlUser|urlquery}}:{{.Values.config.odlPassword|urlquery}}@{{.Values.service.name}}:{{.Values.service.externalPort}}/restconf/config/network-topology:network-topology/topology/topology-netconf/node/NODE_NAME/yang-ext:mount/stream-count:stream-count/streams/
+appc.provider.vfodl.url=http://{{.Values.config.odlUser|urlquery}}:{{.Values.config.odlPassword|urlquery}}@localhost:8181/restconf/config/network-topology:network-topology/topology/topology-netconf/node/NODE_NAME/yang-ext:mount/stream-count:stream-count/streams/
 
 # The properties right below are needed to properly call the Master DG to serve demo purposes
 appc.service.logic.module.name=APPC

diff --git a/kubernetes/common/network-name-gen/values.yaml b/kubernetes/common/network-name-gen/values.yaml
index a9f2a5b..10a5bce 100644 (file)
--- a/kubernetes/common/network-name-gen/values.yaml
+++ b/kubernetes/common/network-name-gen/values.yaml
@@ -85,7 +85,7 @@ config:
   springProfile: live
   polClientAuth: cHl0aG9uOnRlc3Q=
   polBasicAuth: dGVzdHBkcDphbHBoYTEyMw==
-  polUrl: https://pdp:8081/pdp/api/getConfig
+  polUrl: https://policy-xacml-pdp:6969/policy/pdpx/v1/decision
   polEnv: TEST
   polReqId: xx
   aaiCertPass: changeit

diff --git a/kubernetes/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties b/kubernetes/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties
index aeef85e..b5b4e48 100755 (executable)
--- a/kubernetes/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties
+++ b/kubernetes/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties
@@ -119,8 +119,7 @@ cookie_domain = onap.org
 remote_centralized_system_access = {{.Values.global.aafEnabled}}
 
 # External Access System Basic Auth Credentials & Rest endpoint
-# The credentials are placeholders as these are replaced by AAF X509 identity at runtime
-ext_central_access_user_name = portal@portal.onap.org
-ext_central_access_password = thisfakepasswordwillbereplacedbythex509cert
+ext_central_access_user_name = aaf_admin@people.osaaf.org
+ext_central_access_password = demo123456!
 ext_central_access_url = {{.Values.aafURL}}
 ext_central_access_user_domain = @people.osaaf.org
\ No newline at end of file

diff --git a/kubernetes/portal/charts/portal-app/values.yaml b/kubernetes/portal/charts/portal-app/values.yaml
index 01bc0da..b0d2f5d 100644 (file)
--- a/kubernetes/portal/charts/portal-app/values.yaml
+++ b/kubernetes/portal/charts/portal-app/values.yaml
@@ -32,7 +32,7 @@ global:
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/portal-app:3.2.1
+image: onap/portal-app:3.2.2
 pullPolicy: Always
 
 #AAF local config

diff --git a/kubernetes/portal/charts/portal-mariadb/values.yaml b/kubernetes/portal/charts/portal-mariadb/values.yaml
index 1234b6b..0ae7f4e 100644 (file)
--- a/kubernetes/portal/charts/portal-mariadb/values.yaml
+++ b/kubernetes/portal/charts/portal-mariadb/values.yaml
@@ -25,7 +25,7 @@ global: # global defaults
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/portal-db:3.2.0
+image: onap/portal-db:3.2.2
 pullPolicy: Always
 
 

diff --git a/kubernetes/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties b/kubernetes/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties
index 45ea9b7..2a2ec59 100755 (executable)
--- a/kubernetes/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties
+++ b/kubernetes/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties
@@ -86,8 +86,8 @@ cookie_domain = onap.org
 remote_centralized_system_access = {{.Values.global.aafEnabled}}
 
 # External Access System Basic Auth Credentials & Rest endpoint
-# The credentials are placeholders as these are replaced by AAF X509 identity at runtime
-ext_central_access_user_name = portal@portal.onap.org
-ext_central_access_password = thisfakepasswordwillbereplacedbythex509cert
+# External Access System Basic Auth Credentials & Rest endpoint
+ext_central_access_user_name = aaf_admin@people.osaaf.org
+ext_central_access_password = demo123456!
 ext_central_access_url = {{.Values.aafURL}}
 ext_central_access_user_domain = @people.osaaf.org
\ No newline at end of file

diff --git a/kubernetes/portal/charts/portal-widget/values.yaml b/kubernetes/portal/charts/portal-widget/values.yaml
index 3d63cd8..3692579 100644 (file)
--- a/kubernetes/portal/charts/portal-widget/values.yaml
+++ b/kubernetes/portal/charts/portal-widget/values.yaml
@@ -29,7 +29,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/portal-wms:3.2.0
+image: onap/portal-wms:3.2.2
 pullPolicy: Always
 
 # flag to enable debugging - application support required