Merge "[Portal] Added Logging Compliance Specification Details"

author Sylvain Desbureaux <sylvain.desbureaux@orange.com>

Fri, 9 Oct 2020 06:18:11 +0000 (06:18 +0000)

committer Gerrit Code Review <gerrit@onap.org>

Fri, 9 Oct 2020 06:18:11 +0000 (06:18 +0000)
author Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Fri, 9 Oct 2020 06:18:11 +0000 (06:18 +0000)
committer Gerrit Code Review <gerrit@onap.org>
Fri, 9 Oct 2020 06:18:11 +0000 (06:18 +0000)
diff --git a/kubernetes/a1policymanagement/values.yaml b/kubernetes/a1policymanagement/values.yaml

index 827a51d..ac26f9b 100644 (file)
--- a/kubernetes/a1policymanagement/values.yaml
+++ b/kubernetes/a1policymanagement/values.yaml
@@ -30,7 +30,7 @@ secrets:
      passwordPolicy: required
  
  repository: nexus3.onap.org:10001
-image: onap/ccsdk-oran-a1policymanagementservice:1.0.0
+image: onap/ccsdk-oran-a1policymanagementservice:1.1.0
  pullPolicy: IfNotPresent
  replicaCount: 1
  
diff --git a/kubernetes/aai b/kubernetes/aai

index 9449707..628ecd0 160000 (submodule)
--- a/kubernetes/aai
+++ b/kubernetes/aai
@@ -1 +1 @@
-Subproject commit 944970742185cccb73110875d1b4ad9f7305337f
+Subproject commit 628ecd0d519acc6b4717d05aa12fd4f7b7dfc55f
diff --git a/kubernetes/clamp/components/clamp-backend/resources/config/application.properties b/kubernetes/clamp/components/clamp-backend/resources/config/application.properties

index b2cee39..5bea37a 100644 (file)
--- a/kubernetes/clamp/components/clamp-backend/resources/config/application.properties
+++ b/kubernetes/clamp/components/clamp-backend/resources/config/application.properties
@@ -43,7 +43,7 @@ server.ssl.trust-store-password=${cadi_truststore_password}
  spring.datasource.username=${MYSQL_USER}
  spring.datasource.password=${MYSQL_PASSWORD}
  spring.datasource.url=jdbc:mariadb:sequential://clampdb.{{ include "common.namespace" . }}:3306/${MYSQL_DATABASE}?autoReconnect=true&connectTimeout=10000&socketTimeout=10000&retriesAllDown=3
-spring.profiles.active=clamp-default,clamp-aaf-authentication,clamp-sdc-controller,clamp-ssl-config,clamp-policy-controller,legacy-operational-policy,default-dictionary-elements
+spring.profiles.active=clamp-default,clamp-aaf-authentication,clamp-sdc-controller,clamp-ssl-config,clamp-policy-controller,default-dictionary-elements
  
  #The log folder that will be used in logback.xml file
  clamp.config.files.sdcController=file:/opt/clamp/sdc-controllers-config.json
@@ -66,4 +66,4 @@ clamp.config.dcae.deployment.userName=none
  clamp.config.dcae.deployment.password=none
  
  #AAF related parameters
-clamp.config.cadi.aafLocateUrl=https://aaf-locate.{{ include "common.namespace" . }}:8095
-\ No newline at end of file
+clamp.config.cadi.aafLocateUrl=https://aaf-locate.{{ include "common.namespace" . }}:8095
diff --git a/kubernetes/clamp/components/clamp-backend/values.yaml b/kubernetes/clamp/components/clamp-backend/values.yaml

index a6d5ca0..97eebeb 100644 (file)
--- a/kubernetes/clamp/components/clamp-backend/values.yaml
+++ b/kubernetes/clamp/components/clamp-backend/values.yaml
@@ -66,7 +66,7 @@ flavor: small
  
  # application image
  repository: nexus3.onap.org:10001
-image: onap/clamp-backend:5.1.0
+image: onap/clamp-backend:5.1.2
  pullPolicy: Always
  
  # flag to enable debugging - application support required
diff --git a/kubernetes/clamp/components/clamp-dash-es/values.yaml b/kubernetes/clamp/components/clamp-dash-es/values.yaml

index a4ff555..04580a0 100644 (file)
--- a/kubernetes/clamp/components/clamp-dash-es/values.yaml
+++ b/kubernetes/clamp/components/clamp-dash-es/values.yaml
@@ -70,7 +70,7 @@ busyboxImage: library/busybox:latest
  
  # application image
  repository: nexus3.onap.org:10001
-image: onap/clamp-dashboard-elasticsearch:5.0.3
+image: onap/clamp-dashboard-elasticsearch:5.0.4
  pullPolicy: Always
  
  # flag to enable debugging - application support required
diff --git a/kubernetes/clamp/components/clamp-dash-kibana/values.yaml b/kubernetes/clamp/components/clamp-dash-kibana/values.yaml

index 73cf1bd..37dae0f 100644 (file)
--- a/kubernetes/clamp/components/clamp-dash-kibana/values.yaml
+++ b/kubernetes/clamp/components/clamp-dash-kibana/values.yaml
@@ -71,7 +71,7 @@ busyboxImage: library/busybox:latest
  
  # application image
  repository: nexus3.onap.org:10001
-image: onap/clamp-dashboard-kibana:5.0.3
+image: onap/clamp-dashboard-kibana:5.0.4
  pullPolicy: Always
  
  # flag to enable debugging - application support required
diff --git a/kubernetes/clamp/components/clamp-dash-logstash/resources/config/pipeline.conf b/kubernetes/clamp/components/clamp-dash-logstash/resources/config/pipeline.conf

index 2364e55..87c8f06 100644 (file)
--- a/kubernetes/clamp/components/clamp-dash-logstash/resources/config/pipeline.conf
+++ b/kubernetes/clamp/components/clamp-dash-logstash/resources/config/pipeline.conf
@@ -221,6 +221,7 @@ output {
  
      if "error" in [tags] {
          elasticsearch {
+            ilm_enabled => false
              codec => "json"
  {{- if .Values.global.aafEnabled }}
              cacert => "{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.clamp_ca_certs_pem }}"
@@ -237,6 +238,7 @@ output {
  
      } else if "event-cl-aggs" in [tags] {
          elasticsearch {
+            ilm_enabled => false
              codec => "json"
              hosts => ["${elasticsearch_base_url}"]
  {{- if .Values.global.aafEnabled }}
@@ -255,6 +257,7 @@ output {
  
      } else {
          elasticsearch {
+            ilm_enabled => false
              codec => "json"
              hosts => ["${elasticsearch_base_url}"]
  {{- if .Values.global.aafEnabled }}
diff --git a/kubernetes/clamp/components/clamp-dash-logstash/values.yaml b/kubernetes/clamp/components/clamp-dash-logstash/values.yaml

index 8bccbcb..2b3c9f1 100644 (file)
--- a/kubernetes/clamp/components/clamp-dash-logstash/values.yaml
+++ b/kubernetes/clamp/components/clamp-dash-logstash/values.yaml
@@ -67,7 +67,7 @@ flavor: small
  
  # application image
  repository: nexus3.onap.org:10001
-image: onap/clamp-dashboard-logstash:5.0.3
+image: onap/clamp-dashboard-logstash:5.0.4
  pullPolicy: Always
  
  # flag to enable debugging - application support required
diff --git a/kubernetes/clamp/values.yaml b/kubernetes/clamp/values.yaml

index d180fbf..7a76099 100644 (file)
--- a/kubernetes/clamp/values.yaml
+++ b/kubernetes/clamp/values.yaml
@@ -93,7 +93,7 @@ flavor: small
  
  # application image
  repository: nexus3.onap.org:10001
-image: onap/clamp-frontend:5.1.0
+image: onap/clamp-frontend:5.1.2
  pullPolicy: Always
  
  # flag to enable debugging - application support required
diff --git a/kubernetes/common/elasticsearch/components/data/values.yaml b/kubernetes/common/elasticsearch/components/data/values.yaml

index 5624bee..a9e3d78 100644 (file)
--- a/kubernetes/common/elasticsearch/components/data/values.yaml
+++ b/kubernetes/common/elasticsearch/components/data/values.yaml
@@ -46,7 +46,7 @@ service:
    - name: http-transport
      port: 9300
  
-image: bitnami/elasticsearch:6.8.6-debian-9-r23
+image: bitnami/elasticsearch:7.6.1
  ## Specify a imagePullPolicy
  ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
  ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
diff --git a/kubernetes/common/elasticsearch/components/master/values.yaml b/kubernetes/common/elasticsearch/components/master/values.yaml

index 22c4987..2330233 100644 (file)
--- a/kubernetes/common/elasticsearch/components/master/values.yaml
+++ b/kubernetes/common/elasticsearch/components/master/values.yaml
@@ -43,7 +43,7 @@ replicaCount: 3
  ## master acts as master only node, choose 'no' if no further data nodes are deployed)
  dedicatednode: "yes"
  ## dedicatednode: "no"
-image: bitnami/elasticsearch:6.8.6-debian-9-r23
+image: bitnami/elasticsearch:7.6.1
  ## Specify a imagePullPolicy
  ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
  ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
diff --git a/kubernetes/common/elasticsearch/values.yaml b/kubernetes/common/elasticsearch/values.yaml

index e6e532d..31edcab 100644 (file)
--- a/kubernetes/common/elasticsearch/values.yaml
+++ b/kubernetes/common/elasticsearch/values.yaml
@@ -40,7 +40,7 @@ sysctlImage:
    enabled: true
  
  # application image
-image: bitnami/elasticsearch:6.8.6-debian-9-r23
+image: bitnami/elasticsearch:7.6.1
  ## Specify a imagePullPolicy
  ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
  ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
diff --git a/kubernetes/contrib/components/awx/charts/awx/templates/job.yaml b/kubernetes/contrib/components/awx/charts/awx/templates/job.yaml

index 4d80c9e..74c02bc 100644 (file)
--- a/kubernetes/contrib/components/awx/charts/awx/templates/job.yaml
+++ b/kubernetes/contrib/components/awx/charts/awx/templates/job.yaml
@@ -37,7 +37,7 @@ spec:
        restartPolicy: Never
        initContainers:
        - name: {{ include "common.name" . }}-init-readiness
-        image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
+        image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
          command:
          - /app/ready.py
@@ -122,4 +122,4 @@ spec:
            name: {{ include "common.fullname" . }}-rabbitmq
          name: rabbitmq-config
        imagePullSecrets:
-      - name: "{{ include "common.namespace" . }}-docker-registry-key"
-\ No newline at end of file
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/contrib/components/awx/charts/awx/templates/statefulset.yaml b/kubernetes/contrib/components/awx/charts/awx/templates/statefulset.yaml

index cfc5176..6023bb4 100644 (file)
--- a/kubernetes/contrib/components/awx/charts/awx/templates/statefulset.yaml
+++ b/kubernetes/contrib/components/awx/charts/awx/templates/statefulset.yaml
@@ -44,7 +44,7 @@ spec:
  
        initContainers:
        - name: {{ include "common.name" . }}-init-readiness
-        image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
+        image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
          command:
          - /app/ready.py
@@ -210,4 +210,4 @@ spec:
            name: {{ include "common.fullname" . }}-rabbitmq
          name: rabbitmq-config
        imagePullSecrets:
-      - name: "{{ include "common.namespace" . }}-docker-registry-key"
-\ No newline at end of file
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/contrib/components/awx/values.yaml b/kubernetes/contrib/components/awx/values.yaml

index bf862b6..1ed35c2 100755 (executable)
--- a/kubernetes/contrib/components/awx/values.yaml
+++ b/kubernetes/contrib/components/awx/values.yaml
@@ -16,6 +16,7 @@
  # Global configuration defaults.
  #################################################################
  global:
+  readinessRepository: nexus3.onap.org:10001
    nodePortPrefixExt: 304
    commonConfigPrefix: awx
    readinessImage: onap/oom/readiness:3.0.1
diff --git a/kubernetes/contrib/components/ejbca/values.yaml b/kubernetes/contrib/components/ejbca/values.yaml

index 060dcd9..1a9a34b 100644 (file)
--- a/kubernetes/contrib/components/ejbca/values.yaml
+++ b/kubernetes/contrib/components/ejbca/values.yaml
@@ -37,6 +37,7 @@ secrets:
      password: '{{ .Values.config.ejbca.clientIak }}'
  
  # application configuration
+repository: nexus3.onap.org:10001
  config:
    db:
      userName: ejbca
diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/templates/job.yaml b/kubernetes/contrib/components/netbox/charts/netbox-app/templates/job.yaml

index 2c4e668..a1b8cf1 100644 (file)
--- a/kubernetes/contrib/components/netbox/charts/netbox-app/templates/job.yaml
+++ b/kubernetes/contrib/components/netbox/charts/netbox-app/templates/job.yaml
@@ -33,7 +33,7 @@ spec:
        restartPolicy: Never
        initContainers:
        - name: {{ include "common.name" . }}-init-readiness
-        image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
+        image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
          command:
          - /app/ready.py
diff --git a/kubernetes/contrib/components/netbox/values.yaml b/kubernetes/contrib/components/netbox/values.yaml

index 0749d2d..5dc4535 100755 (executable)
--- a/kubernetes/contrib/components/netbox/values.yaml
+++ b/kubernetes/contrib/components/netbox/values.yaml
@@ -16,6 +16,7 @@
  # Global configuration defaults.
  #################################################################
  global:
+  readinessRepository: nexus3.onap.org:10001
    nodePortPrefixExt: 304
    commonConfigPrefix: netbox
    readinessImage: onap/oom/readiness:3.0.1
diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml

index a0cbbbd..f571aff 100644 (file)
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml
@@ -1,6 +1,7 @@
  #============LICENSE_START========================================================
  #=================================================================================
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2020 Nokia. All rights reserved.
  # ================================================================================
  # Licensed under the Apache License, Version 2.0 (the "License");
  # you may not use this file except in compliance with the License.
@@ -19,4 +20,9 @@
  tag_version: {{ include "common.repository" . }}/{{ .Values.componentImages.hv_ves }}
  {{ end }}
  use_tls: true
-security_ssl_disable: false
-\ No newline at end of file
+security_ssl_disable: false
+external_cert_ca_name: "RA"
+external_cert_common_name: "dcae-hv-ves-collector"
+external_cert_sans: "dcae-hv-ves-collector:hv-ves-collector:hv-ves"
+external_cert_cert_type: "JKS"
+external_cert_use_external_tls: false
diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-tcagen2-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-tcagen2-inputs.yaml

index 5074cb8..02e4dd6 100644 (file)
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-tcagen2-inputs.yaml
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-tcagen2-inputs.yaml
@@ -19,4 +19,4 @@
  tag_version: {{ include "common.repository" . }}/{{ .Values.componentImages.tcagen2 }}
  {{ end }}
  tca_handle_in_subscribe_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.VES_MEASUREMENT_OUTPUT/"
-tca_handle_out_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.TCAGEN2_OUTPUT/"
+tca_handle_out_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.DCAE_CL_OUTPUT/"
diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs-tls.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs-tls.yaml

index 5a2a595..4ff23b7 100644 (file)
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs-tls.yaml
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs-tls.yaml
@@ -30,4 +30,13 @@ ves_fault_publish_url: "http://{{ .Values.config.address.message_router }}:3904/
  ves_measurement_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.VES_MEASUREMENT_OUTPUT/"
  ves_pnfRegistration_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.VES_PNFREG_OUTPUT/"
  ves_notification_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.VES_NOTIFICATION_OUTPUT/"
+ves_3gpp_fault_supervision_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_3GPP_FAULTSUPERVISION_OUTPUT/"
+ves_3gpp_provisioning_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_3GPP_PROVISIONING_OUTPUT/"
+ves_3gpp_hearbeat_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_3GPP_HEARTBEAT_OUTPUT/"
+ves_3gpp_performance_assurance_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT/"
  user_list: "sample1,$2a$10$0buh.2WeYwN868YMwnNNEuNEAMNYVU9.FSMJGyIKV3dGET/7oGOi6|demouser,$2a$10$1cc.COcqV/d3iT2N7BjPG.S6ZKv2jpb9a5MV.o7lMih/GpjJRX.Ce"
+external_cert_ca_name: "RA"
+external_cert_common_name: "dcae-ves-collector"
+external_cert_sans: "dcae-ves-collector:ves-collector:ves"
+external_cert_cert_type: "JKS"
+external_cert_use_external_tls: false
diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml

index dda75dd..0cbe71a 100644 (file)
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml
@@ -31,3 +31,7 @@ ves_fault_publish_url: "http://{{ .Values.config.address.message_router }}:3904/
  ves_measurement_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.VES_MEASUREMENT_OUTPUT/"
  ves_pnfRegistration_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.VES_PNFREG_OUTPUT/"
  ves_notification_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.VES_NOTIFICATION_OUTPUT/"
+ves_3gpp_fault_supervision_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_3GPP_FAULTSUPERVISION_OUTPUT/"
+ves_3gpp_provisioning_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_3GPP_PROVISIONING_OUTPUT/"
+ves_3gpp_hearbeat_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_3GPP_HEARTBEAT_OUTPUT/"
+ves_3gpp_performance_assurance_publish_url: "http://{{ .Values.config.address.message_router }}:3904/events/unauthenticated.SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT/"
+\ No newline at end of file
diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/templates/deployment.yaml

index afacc26..4d10bcc 100644 (file)
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/templates/deployment.yaml
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/templates/deployment.yaml
@@ -1,6 +1,6 @@
  #============LICENSE_START========================================================
  # ================================================================================
-# Copyright (c) 2017-2019 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2017-2020 AT&T Intellectual Property. All rights reserved.
  # Modifications Copyright © 2018 Amdocs, Bell Canada
  # ================================================================================
  # Licensed under the Apache License, Version 2.0 (the "License");
@@ -128,10 +128,7 @@ spec:
              - name: CMADDR
                value: {{ .Values.config.address.cm.host }}
              - name: CMPASS
-              valueFrom:
-                secretKeyRef:
-                  name: {{ include "common.name" . }}-cmpass
-                  key: password
+              {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cm-pass" "key" "password") | indent 14}}
              - name: CMPROTO
                value: {{ .Values.config.address.cm.proto }}
              - name: CMPORT
diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/templates/secret.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/templates/secret.yaml

index 44395e4..6489659 100644 (file)
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/templates/secret.yaml
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/templates/secret.yaml
@@ -1,6 +1,6 @@
  #============LICENSE_START========================================================
  # ================================================================================
-# Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2017-2020 AT&T Intellectual Property. All rights reserved.
  # Modifications Copyright © 2018 Amdocs, Bell Canada
  # ================================================================================
  # Licensed under the Apache License, Version 2.0 (the "License");
@@ -16,18 +16,4 @@
  # limitations under the License.
  # ============LICENSE_END=========================================================
  
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ include "common.name" . }}-cmpass
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-type: Opaque
-data:
-  password: YWRtaW4=
----
  {{ include "common.secretFast" . }}
diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml

index 6a1ed17..f35a686 100644 (file)
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
@@ -36,6 +36,10 @@ secrets:
      externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgRootPasswordExternalSecret) .) (hasSuffix "dcae-bootstrap-pg-root-pass" .Values.postgres.config.pgRootPasswordExternalSecret) }}'
      password: '{{ .Values.postgres.config.pgRootpassword }}'
      policy: generate
+  - uid: 'cm-pass'
+    type: password
+    externalSecret: '{{ tpl (default "" .Values.config.cloudifyManagerPasswordExternalSecret) . }}'
+    password: '{{ .Values.config.cloudifyManagerPassword }}'
  
  config:
    logstashServiceName: log-ls
@@ -104,7 +108,7 @@ mongo:
  
  # application image
  repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:2.1.4
+image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:2.1.6
  default_k8s_location: central
  
  # DCAE component images to be deployed via Cloudify Manager
@@ -113,7 +117,7 @@ componentImages:
    holmes_rules: onap/holmes/rule-management:1.2.7
    holmes_engine: onap/holmes/engine-management:1.2.6
    tcagen2: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.2.0
-  ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.7.5
+  ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.7.6
    snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0
    prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.5.4
    hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.5.0
diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/deployment.yaml

index 539d202..428c781 100644 (file)
--- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/deployment.yaml
+++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/deployment.yaml
@@ -1,7 +1,8 @@
  #============LICENSE_START========================================================
  # ================================================================================
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2018-2020 AT&T Intellectual Property. All rights reserved.
  # Modifications Copyright © 2018 Amdocs, Bell Canada
+# Copyright (c) 2020 J. F. Lucas.  All rights reserved.
  # ================================================================================
  # Licensed under the Apache License, Version 2.0 (the "License");
  # you may not use this file except in compliance with the License.
@@ -68,7 +69,6 @@ spec:
            - {{ include "common.namespace" . }}
            - --configmap
            - {{ .Values.multisiteConfigMapName }}
-        restartPolicy: Never
        - name: init-tls
          env:
            - name: POD_IP
@@ -116,6 +116,7 @@ spec:
                port: {{ .Values.service.internalPort }}
              initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
              periodSeconds: {{ .Values.liveness.periodSeconds }}
+            timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
            {{ end }}
            readinessProbe:
              exec:
@@ -123,6 +124,7 @@ spec:
                - /scripts/readiness-check.sh
              initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
              periodSeconds: {{ .Values.readiness.periodSeconds }}
+            timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
            volumeMounts:
            - mountPath: /opt/onap/config.txt
              subPath: config.txt
@@ -144,6 +146,9 @@ spec:
              name: cm-persistent
            - mountPath: /opt/onap/certs
              name: tls-info
+          - mountPath: /opt/onap/cm-secrets
+            name: cm-secrets
+            readOnly: true
            securityContext:
              privileged: True
        volumes:
@@ -171,5 +176,8 @@ spec:
          {{- end }}
          - emptyDir: {}
            name: tls-info
+        - name: cm-secrets
+          secret:
+            secretName: {{ include "common.secret.getSecretNameFast" (dict "global" . "uid" "cm-pass") }}
        imagePullSecrets:
        - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/namespace.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/namespace.yaml

index 57cbe89..960ec78 100644 (file)
--- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/namespace.yaml
+++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/namespace.yaml
@@ -1,3 +1,4 @@
+{{/*
  #============LICENSE_START========================================================
  # ================================================================================
  # Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
@@ -15,7 +16,7 @@
  # See the License for the specific language governing permissions and
  # limitations under the License.
  # ============LICENSE_END=========================================================
-
+*/}}
  {{ if .Values.dcae_ns}}
  # Create the namespace
  apiVersion: v1
diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/secret.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/secret.yaml

index dee9200..876b971 100644 (file)
--- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/secret.yaml
+++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/secret.yaml
@@ -41,3 +41,5 @@ metadata:
    annotations:
      kubernetes.io/service-account.name: default
  type: kubernetes.io/service-account-token
+---
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml

index 1010152..0de6f03 100644 (file)
--- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml
@@ -1,7 +1,8 @@
  #============LICENSE_START========================================================
  # ================================================================================
-# Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2018-2020 AT&T Intellectual Property. All rights reserved.
  # Modifications Copyright © 2018 Amdocs, Bell Canada
+# Copyright (c) 2020 J. F. Lucas.  All rights reserved.
  # ================================================================================
  # Licensed under the Apache License, Version 2.0 (the "License");
  # you may not use this file except in compliance with the License.
@@ -31,7 +32,15 @@ global:
      user: docker
      password: docker
  
+secrets:
+  - uid: 'cm-pass'
+    type: password
+    externalSecret: '{{ tpl (default "" .Values.config.cloudifyManagerPasswordExternalSecret) . }}'
+    password: '{{ .Values.config.cloudifyManagerPassword }}'
+    policy: required
+
  config:
+  cloudifyManagerPassword: "override me"
    logstashServiceName: log-ls
    logstashPort: 5044
    # Addresses of other ONAP entities
@@ -45,7 +54,7 @@ config:
  #################################################################
  # application image
  repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.deployments.cm-container:3.3.1
+image: onap/org.onap.dcaegen2.deployments.cm-container:3.3.3
  pullPolicy: Always
  
  # name of shared ConfigMap with kubeconfig for multiple clusters
@@ -61,6 +70,7 @@ cleanupImage: onap/org.onap.dcaegen2.deployments.dcae-k8s-cleanup-container:1.0.
  liveness:
    initialDelaySeconds: 10
    periodSeconds: 10
+  timeoutSeconds: 5
    # necessary to disable liveness probe when setting breakpoints
    # in debugger so K8s doesn't restart unresponsive container
    # liveness not desirable for Cloudify Manager container
@@ -68,7 +78,13 @@ liveness:
  
  readiness:
    initialDelaySeconds: 60
-  periodSeconds: 10
+  # In some environments we see CM coming up
+  # properly but readiness probe timing out.
+  # Increasing the timeout and adjusting the
+  # period so it's longer than the timeout.
+  # (DCAEGEN2-2465)
+  periodSeconds: 30
+  timeoutSeconds: 10
  
  service:
    type: ClusterIP
diff --git a/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/deployment.yaml

index 299e3ef..e0e45c4 100644 (file)
--- a/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/deployment.yaml
+++ b/kubernetes/dcaegen2/components/dcae-config-binding-service/templates/deployment.yaml
@@ -89,7 +89,7 @@ spec:
                port: {{ .Values.service.secure.internalPort }}
              initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
              periodSeconds: {{ .Values.liveness.periodSeconds }}
-          {{ end -}}
+          {{ end }}
            readinessProbe:
              httpGet:
                scheme: "HTTPS"
@@ -139,7 +139,7 @@ spec:
                port: {{ .Values.service.insecure.internalPort }}
              initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
              periodSeconds: {{ .Values.liveness.periodSeconds }}
-          {{ end -}}
+          {{ end }}
            readinessProbe:
              httpGet:
                scheme: "HTTP"
diff --git a/kubernetes/dcaegen2/components/dcae-dashboard/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/templates/deployment.yaml

index 25e595f..404927c 100644 (file)
--- a/kubernetes/dcaegen2/components/dcae-dashboard/templates/deployment.yaml
+++ b/kubernetes/dcaegen2/components/dcae-dashboard/templates/deployment.yaml
@@ -1,6 +1,6 @@
  #============LICENSE_START========================================================
  # ================================================================================
-# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2019-2020 AT&T Intellectual Property. All rights reserved.
  # ================================================================================
  # Licensed under the Apache License, Version 2.0 (the "License");
  # you may not use this file except in compliance with the License.
@@ -119,7 +119,7 @@ spec:
              - name: postgres_port
                value: "{{ .Values.postgres.config.pgPort }}"
              - name: cloudify_password
-              value: admin
+              {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cm-pass" "key" "password") | indent 14 }}
              - name: dhandler_url
                value: {{ .Values.config.dhandler_url }}
              - name: cfy_url
diff --git a/kubernetes/dcaegen2/components/dcae-dashboard/templates/secret.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/templates/secret.yaml

index b143034..34932b7 100644 (file)
--- a/kubernetes/dcaegen2/components/dcae-dashboard/templates/secret.yaml
+++ b/kubernetes/dcaegen2/components/dcae-dashboard/templates/secret.yaml
@@ -1,16 +1,17 @@
  {{/*
  # Copyright © 2020 Samsung Electronics
-# #
-# # Licensed under the Apache License, Version 2.0 (the "License");
-# # you may not use this file except in compliance with the License.
-# # You may obtain a copy of the License at
-# #
-# #       http://www.apache.org/licenses/LICENSE-2.0
-# #
-# # Unless required by applicable law or agreed to in writing, software
-# # distributed under the License is distributed on an "AS IS" BASIS,
-# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# # See the License for the specific language governing permissions and
-# # limitations under the License.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
  */}}
+
  {{ include "common.secretFast" . }}
diff --git a/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml

index 7aa9b68..a86a1ee 100644 (file)
--- a/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml
@@ -34,8 +34,14 @@ secrets:
      login: '{{ .Values.postgres.config.pgUserName }}'
      password: '{{ .Values.postgres.config.pgUserPassword }}'
      passwordPolicy: generate
+  - uid: 'cm-pass'
+    type: password
+    externalSecret: '{{ tpl (default "" .Values.config.cloudifyManagerPasswordExternalSecret) . }}'
+    password: '{{ .Values.config.cloudifyManagerPassword }}'
+    policy: required
  
  config:
+  cloudifyManagerPassword: "override me"
    logstashServiceName: log-ls
    logstashPort: 5044
    dhandler_url: https://deployment-handler:8443
diff --git a/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/deployment.yaml

index 1a28bc4..88ec5cb 100755 (executable)
--- a/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/deployment.yaml
+++ b/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/deployment.yaml
@@ -1,6 +1,6 @@
  #============LICENSE_START========================================================
  # ================================================================================
-# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2019-2020 AT&T Intellectual Property. All rights reserved.
  # Modifications Copyright © 2020 Nokia
  # ================================================================================
  # Licensed under the Apache License, Version 2.0 (the "License");
@@ -124,7 +124,7 @@ spec:
              - name: CLOUDIFY_USER
                value: admin
              - name: CLOUDIFY_PASSWORD
-              value: admin
+              {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cm-pass" "key" "password") | indent 14 }}
              - name: CONFIG_BINDING_SERVICE
                value: config-binding-service
              - name: NODE_EXTRA_CA_CERTS
diff --git a/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/secrets.yaml b/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/secrets.yaml

new file mode 100644 (file)

index 0000000..34932b7
--- /dev/null
+++ b/kubernetes/dcaegen2/components/dcae-deployment-handler/templates/secrets.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/dcaegen2/components/dcae-deployment-handler/values.yaml b/kubernetes/dcaegen2/components/dcae-deployment-handler/values.yaml

index f281f6b..7e340db 100644 (file)
--- a/kubernetes/dcaegen2/components/dcae-deployment-handler/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-deployment-handler/values.yaml
@@ -31,7 +31,15 @@ global:
      user: docker
      password: docker
  
+secrets:
+  - uid: 'cm-pass'
+    type: password
+    externalSecret: '{{ tpl (default "" .Values.config.cloudifyManagerPasswordExternalSecret) . }}'
+    password: '{{ .Values.config.cloudifyManagerPassword }}'
+    policy: required
+
  config:
+  cloudifyManagerPassword: "override me"
    logstashServiceName: log-ls
    logstashPort: 5044
    # Addresses of other ONAP entities
diff --git a/kubernetes/dcaegen2/components/dcae-policy-handler/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/templates/deployment.yaml

index a29e334..61084fa 100644 (file)
--- a/kubernetes/dcaegen2/components/dcae-policy-handler/templates/deployment.yaml
+++ b/kubernetes/dcaegen2/components/dcae-policy-handler/templates/deployment.yaml
@@ -1,6 +1,6 @@
  #============LICENSE_START========================================================
  # ================================================================================
-# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2019-2020 AT&T Intellectual Property. All rights reserved.
  # ================================================================================
  # Licensed under the Apache License, Version 2.0 (the "License");
  # you may not use this file except in compliance with the License.
@@ -117,7 +117,7 @@ spec:
              - name: CLOUDIFY_USER
                value: admin
              - name: CLOUDIFY_PASSWORD
-              value: admin
+              {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cm-pass" "key" "password") | indent 14 }}
              - name: CONFIG_BINDING_SERVICE
                value: config-binding-service
              - name: POD_IP
diff --git a/kubernetes/dcaegen2/components/dcae-policy-handler/templates/secrets.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/templates/secrets.yaml

new file mode 100644 (file)

index 0000000..34932b7
--- /dev/null
+++ b/kubernetes/dcaegen2/components/dcae-policy-handler/templates/secrets.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml

index 2d09308..4a587d8 100644 (file)
--- a/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml
@@ -31,7 +31,15 @@ global:
      user: docker
      password: docker
  
+secrets:
+  - uid: 'cm-pass'
+    type: password
+    externalSecret: '{{ tpl (default "" .Values.config.cloudifyManagerPasswordExternalSecret) . }}'
+    password: '{{ .Values.config.cloudifyManagerPassword }}'
+    policy: required
+
  config:
+  cloudifyManagerPassword: "override me"
    logstashServiceName: log-ls
    logstashPort: 5044
    # Addresses of other ONAP entities
diff --git a/kubernetes/dcaegen2/templates/secrets.yaml b/kubernetes/dcaegen2/templates/secrets.yaml

new file mode 100644 (file)

index 0000000..34932b7
--- /dev/null
+++ b/kubernetes/dcaegen2/templates/secrets.yaml
@@ -0,0 +1,17 @@
+{{/*
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{ include "common.secretFast" . }}
diff --git a/kubernetes/dcaegen2/values.yaml b/kubernetes/dcaegen2/values.yaml

index 939bd11..1918a8f 100644 (file)
--- a/kubernetes/dcaegen2/values.yaml
+++ b/kubernetes/dcaegen2/values.yaml
@@ -1,5 +1,6 @@
  # Copyright © 2018 Amdocs, Bell Canada
  # Modifications Copyright © 2018-2019 AT&T
+# Modifications Copyright © 2020 Samsung Electronics
  #
  # Licensed under the Apache License, Version 2.0 (the "License");
  # you may not use this file except in compliance with the License.
@@ -25,22 +26,47 @@ global:
    busyboxRepository: docker.io
    busyboxImage: library/busybox:1.30
  
+#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+- name: &cmPassSecretName '{{ include "common.release" . }}-dcaegen2-cm-pass'
+  type: password
+  externalSecret: '{{ tpl (default "" .Values.config.cloudifyManagerPasswordExternalSecret) . }}'
+  password: '{{ .Values.config.cloudifyManagerPassword }}'
+
+config: {}
+
+# To work around DCAEGEN2-2450, set password strength to "basic"
+# to ensure password contains only alphanumerics
+passwordStrengthOverride: basic
+
  # Enable all DCAE components by default
  dcae-bootstrap:
    enabled: true
+  config:
+    cloudifyManagerPasswordExternalSecret: *cmPassSecretName
  dcae-cloudify-manager:
    enabled: true
+  config:
+    cloudifyManagerPasswordExternalSecret: *cmPassSecretName
  dcae-config-binding-service:
    enabled: true
  dcae-dashboard:
    enabled: true
+  config:
+    cloudifyManagerPasswordExternalSecret: *cmPassSecretName
  dcae-deployment-handler:
    enabled: true
+  config:
+    cloudifyManagerPasswordExternalSecret: *cmPassSecretName
  dcae-healthcheck:
    enabled: true
  dcae-inventory-api:
    enabled: true
  dcae-policy-handler:
    enabled: true
+  config:
+    cloudifyManagerPasswordExternalSecret: *cmPassSecretName
  dcae-servicechange-handler:
    enabled: true
diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml

index e2251e0..aa3e245 100644 (file)
--- a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml
@@ -71,7 +71,7 @@ readiness:
  
  # application image
  repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.0.6
+image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.1.0
  
  # Resource Limit flavor -By Default using small
  flavor: small
diff --git a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml

index 2b4b722..1e08954 100644 (file)
--- a/kubernetes/dmaap/components/dmaap-dr-node/values.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-node/values.yaml
@@ -24,7 +24,7 @@ global:
  # Application configuration defaults.
  #################################################################
  # application image
-image: onap/dmaap/datarouter-node:2.1.6
+image: onap/dmaap/datarouter-node:2.1.7
  pullPolicy: Always
  
  # flag to enable debugging - application support required
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml

index 1cf2e58..3d4febc 100644 (file)
--- a/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-prov/values.yaml
@@ -35,7 +35,7 @@ secrets:
  # Application configuration defaults.
  #################################################################
  # application image
-image: onap/dmaap/datarouter-prov:2.1.6
+image: onap/dmaap/datarouter-prov:2.1.7
  pullPolicy: Always
  
  # flag to enable debugging - application support required
diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml

index fd4a67a..8a4caf6 100644 (file)
--- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml
+++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml
@@ -40,29 +40,12 @@ spec:
          prometheus.io/port: {{ .Values.prometheus.jmx.port | quote }}
        {{- end }}
      spec:
-      podAntiAffinity:
-         {{if eq .Values.podAntiAffinityType "hard" -}}
-         requiredDuringSchedulingIgnoredDuringExecution:
-         {{- else -}}
-         preferredDuringSchedulingIgnoredDuringExecution:
-         {{- end}}
-         - weight: 1
-           podAffinityTerm:
-             labelSelector:
-                matchExpressions:
-                  - key: "app"
-                    operator: In
-                    values:
-                    - {{ include "common.name" . }}
-                  - key: "release"
-                    operator: In
-                    values:
-                    - {{ include "common.release" . }}
-             topologyKey: "kubernetes.io/hostname"
        {{- if .Values.nodeAffinity }}
        nodeAffinity:
        {{ toYaml .Values.nodeAffinity | indent 10 }}
        {{- end }}
+      imagePullSecrets:
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"
        initContainers:
        - name: {{ include "common.name" . }}-initcontainer
          image: "{{ .Values.global.ubuntuInitRepository }}/{{ .Values.ubuntuInitImage }}"
@@ -286,5 +269,3 @@ spec:
            requests:
              storage: {{ .Values.persistence.size | quote }}
  {{ end }}
-      imagePullSecrets:
-      - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml

index 169e898..ad9e531 100644 (file)
--- a/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml
+++ b/kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml
@@ -45,25 +45,12 @@ spec:
          prometheus.io/port: {{ .Values.prometheus.jmx.port | quote }}
        {{- end }}
      spec:
-      podAntiAffinity:
-         preferredDuringSchedulingIgnoredDuringExecution:
-         - weight: 1
-           podAffinityTerm:
-             labelSelector:
-                matchExpressions:
-                  - key: "app"
-                    operator: In
-                    values:
-                    - {{ include "common.name" . }}
-                  - key: "release"
-                    operator: In
-                    values:
-                    - {{ include "common.release" . }}
-             topologyKey: "kubernetes.io/hostname"
        {{- if .Values.nodeAffinity }}
        nodeAffinity:
          {{ toYaml .Values.nodeAffinity | indent 10 }}
        {{- end }}
+      imagePullSecrets:
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"
        initContainers:
        - name: {{ include "common.name" . }}-permission-fixer
          command:
@@ -234,5 +221,3 @@ spec:
            requests:
              storage: {{ .Values.persistence.size | quote }}
  {{ end }}
-      imagePullSecrets:
-      - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/modeling/charts/modeling-etsicatalog/requirements.yaml b/kubernetes/modeling/charts/modeling-etsicatalog/requirements.yaml

index 7fdc969..7d89fef 100644 (file)
--- a/kubernetes/modeling/charts/modeling-etsicatalog/requirements.yaml
+++ b/kubernetes/modeling/charts/modeling-etsicatalog/requirements.yaml
@@ -19,3 +19,11 @@ dependencies:
    - name: mariadb-galera
      version: ~6.x-0
      repository: '@local'
+    condition: global.mariadbGalera.localCluster
+  - name: mariadb-init
+    version: ~6.x-0
+    repository: '@local'
+    condition: not global.mariadbGalera.localCluster
+  - name: readinessCheck
+    version: ~6.x-0
+    repository: '@local'
diff --git a/kubernetes/modeling/charts/modeling-etsicatalog/templates/deployment.yaml b/kubernetes/modeling/charts/modeling-etsicatalog/templates/deployment.yaml

index 91fa483..014013a 100644 (file)
--- a/kubernetes/modeling/charts/modeling-etsicatalog/templates/deployment.yaml
+++ b/kubernetes/modeling/charts/modeling-etsicatalog/templates/deployment.yaml
@@ -39,8 +39,8 @@ spec:
        - command:
          - /app/ready.py
          args:
-        - --container-name
-        - modeling-mariadb
+        - -j
+        - "{{ include "common.release" . }}-{{ include "common.name" . }}-config-job"
          env:
          - name: NAMESPACE
            valueFrom:
@@ -49,7 +49,8 @@ spec:
                fieldPath: metadata.namespace
          image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        name: {{ include "common.name" . }}-readiness
+        name: {{ include "common.name" . }}-job-readiness
+      {{ include "common.readinessCheck.waitFor" (dict "dot" . "wait_for" .Values.readinessCheck.wait_for.msb ) | indent 6 | trim }}
        - command:
          - /bin/sh
          - -c
@@ -62,11 +63,6 @@ spec:
            mountPath: /service/modeling/etsicatalog/static
        containers:
          - name: {{ include "common.name" . }}
-          command:
-            - bash
-          args:
-            - -c
-            - 'MYSQL_AUTH=root:${MYSQL_ROOT_PASSWORD} ./docker-entrypoint.sh'
            image: "{{ include "common.repository" . }}/{{ .Values.image }}"
            imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
            ports:
@@ -87,15 +83,19 @@ spec:
              periodSeconds: {{ .Values.readiness.periodSeconds }}
            env:
            - name: MSB_PROTO
-            value: "{{ .Values.global.config.msbProtocol }}"
+            value: "{{ .Values.config.msbProtocol }}"
            - name: SSL_ENABLED
-            value: "{{ .Values.global.config.ssl_enabled }}"
+            value: "{{ .Values.config.ssl_enabled }}"
            - name: MSB_ADDR
-            value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
-          - name: MYSQL_ADDR
-            value: {{ (index .Values "mariadb-galera" "service" "name") }}:{{ (index .Values "mariadb-galera" "service" "internalPort") }}
-          - name: MYSQL_ROOT_PASSWORD
-            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-root-pass" "key" "password") | indent 12}}
+            value: "{{ .Values.config.msbServiceName }}:{{ .Values.config.msbPort }}"
+          - name: DB_IP
+            value: "{{ include "common.mariadbService" . }}"
+          - name: DB_PORT
+            value: "{{ include "common.mariadbPort" . }}"
+          - name: DB_USER
+            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "modeling-db-secret" "key" "login") | indent 12 }}
+          - name: DB_PASSWD
+            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "modeling-db-secret" "key" "password") | indent 12 }}
            volumeMounts:
            - name: {{ include "common.fullname" . }}-etsicatalog
              mountPath: /service/modeling/etsicatalog/static
diff --git a/kubernetes/modeling/charts/modeling-etsicatalog/templates/secrets.yaml b/kubernetes/modeling/charts/modeling-etsicatalog/templates/secrets.yaml

index b0cc27b..8bfebf1 100644 (file)
--- a/kubernetes/modeling/charts/modeling-etsicatalog/templates/secrets.yaml
+++ b/kubernetes/modeling/charts/modeling-etsicatalog/templates/secrets.yaml
@@ -1,4 +1,4 @@
-# Copyright (c) 2020 Samsung Electronics
+{{/*# Copyright (c) 2020 Samsung Electronics
  #
  # Licensed under the Apache License, Version 2.0 (the "License");
  # you may not use this file except in compliance with the License.
@@ -11,5 +11,6 @@
  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  # See the License for the specific language governing permissions and
  # limitations under the License.
+*/}}
  
  {{ include "common.secretFast" . }}
diff --git a/kubernetes/modeling/charts/modeling-etsicatalog/templates/service.yaml b/kubernetes/modeling/charts/modeling-etsicatalog/templates/service.yaml

index 61aefa5..4dbace3 100644 (file)
--- a/kubernetes/modeling/charts/modeling-etsicatalog/templates/service.yaml
+++ b/kubernetes/modeling/charts/modeling-etsicatalog/templates/service.yaml
@@ -30,7 +30,7 @@ metadata:
            "url": "/api/parser/v1",
            "protocol": "REST",
            "port": "{{.Values.service.externalPort}}",
-          "enable_ssl": {{ .Values.global.config.ssl_enabled }},
+          "enable_ssl": {{ .Values.config.ssl_enabled }},
            "visualRange":"1"
        },
        {
@@ -39,7 +39,7 @@ metadata:
            "url": "/api/catalog/v1",
            "protocol": "REST",
            "port": "{{.Values.service.externalPort}}",
-          "enable_ssl": {{ .Values.global.config.ssl_enabled }},
+          "enable_ssl": {{ .Values.config.ssl_enabled }},
            "visualRange":"1"
        },
           {
@@ -48,7 +48,7 @@ metadata:
            "url": "/api/nsd/v1",
            "protocol": "REST",
            "port": "{{.Values.service.externalPort}}",
-          "enable_ssl": {{ .Values.global.config.ssl_enabled }},
+          "enable_ssl": {{ .Values.config.ssl_enabled }},
            "visualRange":"1"
        },
           {
@@ -57,7 +57,7 @@ metadata:
            "url": "/api/vnfpkgm/v1",
            "protocol": "REST",
            "port": "{{.Values.service.externalPort}}",
-          "enable_ssl": {{ .Values.global.config.ssl_enabled }},
+          "enable_ssl": {{ .Values.config.ssl_enabled }},
            "visualRange":"1"
        }
        ]'
diff --git a/kubernetes/modeling/charts/modeling-etsicatalog/values.yaml b/kubernetes/modeling/charts/modeling-etsicatalog/values.yaml

index d4719da..5926584 100644 (file)
--- a/kubernetes/modeling/charts/modeling-etsicatalog/values.yaml
+++ b/kubernetes/modeling/charts/modeling-etsicatalog/values.yaml
@@ -21,29 +21,43 @@ global:
    loggingRepository: docker.elastic.co
    loggingImage: beats/filebeat:5.5.0
  
-  config:
-    ssl_enabled: false
-    msbProtocol: https
-    msbServiceName: msb-iag
-    msbPort: 443
-
    persistence:
      mountPath: /dockerdata-nfs
  
+  mariadbGalera:
+    #This flag allows Modeling to instantiate its own mariadb-galera cluster
+    localCluster: false
+    service: mariadb-galera
+    internalPort: 3306
+    nameOverride: mariadb-galera
+
+readinessCheck:
+  wait_for:
+    msb:
+      name: msb
+      containers:
+          - msb-iag
+
  #################################################################
  # Secrets metaconfig
  #################################################################
  secrets:
-  - uid: "db-root-pass"
-    externalSecret: '{{- include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" (index .Values "mariadb-galera" "nameOverride")) }}'
-    type: password
+  - uid: modeling-db-secret
+    name: &dbSecretName '{{ include "common.release" . }}-modeling-db-secret'
+    type: basicAuth
+    externalSecret: '{{ tpl (default "" .Values.config.db.userCredentialsExternalSecret) . }}'
+    login: '{{ .Values.config.db.userName }}'
+    password: '{{ .Values.config.db.userPassword }}'
  
  #################################################################
  # Dependencies configuration
  #################################################################
  
  mariadb-galera:
-  nameOverride: modeling-mariadb
+  config: &mariadbConfig
+    userCredentialsExternalSecret: *dbSecretName
+    mysqlDatabase: etsicatalog
+  nameOverride: modeling-db
    service:
      name: modeling-db
      portName: modeling-db
@@ -54,14 +68,31 @@ mariadb-galera:
      enabled: true
    disableNfsProvisioner: true
  
+mariadb-init:
+  config: *mariadbConfig
+  # nameOverride should be the same with common.name
+  nameOverride: modeling-etsicatalog
+
  #################################################################
  # Application configuration defaults.
  #################################################################
+config:
+  #application configuration about  msb
+  ssl_enabled: false
+  msbProtocol: https
+  msbServiceName: msb-iag
+  msbPort: 443
+  #application configuration user password about mariadb
+  db:
+    userName: etsicatalog
+    # userPassword: password
+    # userCredentialsExternalSecret: some-secret
+
  # application image
  flavor: small
  
  repository: nexus3.onap.org:10001
-image: onap/modeling/etsicatalog:1.0.6
+image: onap/modeling/etsicatalog:1.0.7
  initImage: busybox:latest
  pullPolicy: Always
  
diff --git a/kubernetes/nbi/templates/deployment.yaml b/kubernetes/nbi/templates/deployment.yaml

index 631cb7c..febb8a9 100644 (file)
--- a/kubernetes/nbi/templates/deployment.yaml
+++ b/kubernetes/nbi/templates/deployment.yaml
@@ -51,7 +51,7 @@ spec:
            # so K8s doesn't restart unresponsive container
            {{- if .Values.global.aafEnabled }}
            command:
-          - bash
+          - sh
            args:
            - -c
            - |
diff --git a/kubernetes/nbi/values.yaml b/kubernetes/nbi/values.yaml

index 1fc1600..0f3fd1a 100644 (file)
--- a/kubernetes/nbi/values.yaml
+++ b/kubernetes/nbi/values.yaml
@@ -71,7 +71,7 @@ subChartsOnly:
  
  # application image
  repository: nexus3.onap.org:10001
-image: onap/externalapi/nbi:7.0.0
+image: onap/externalapi/nbi:7.0.2
  pullPolicy: IfNotPresent
  sdc_authorization: Basic YWFpOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU=
  aai_authorization: Basic QUFJOkFBSQ==
diff --git a/kubernetes/oof/Makefile b/kubernetes/oof/Makefile

index 8af301d..4628206 100644 (file)
--- a/kubernetes/oof/Makefile
+++ b/kubernetes/oof/Makefile
@@ -19,6 +19,7 @@ SECRET_DIR := $(OUTPUT_DIR)/secrets
  
  EXCLUDES := dist resources templates charts docker
  HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+HELM_VER := $(shell helm version --template "{{.Version}}")
  
  .PHONY: $(EXCLUDES) $(HELM_CHARTS)
  
@@ -39,7 +40,12 @@ lint-%: dep-%
  
  package-%: lint-%
         @mkdir -p $(PACKAGE_DIR)
+ifeq "$(findstring v3,$(HELM_VER))" "v3"
+       @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$(helm package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && helm push -f $$PACKAGE_NAME local; fi
+else
         @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+endif
+
         @helm repo index $(PACKAGE_DIR)
  
  clean:
diff --git a/kubernetes/oof/components/Makefile b/kubernetes/oof/components/Makefile

index 2fc0cbe..0237136 100755 (executable)
--- a/kubernetes/oof/components/Makefile
+++ b/kubernetes/oof/components/Makefile
@@ -19,6 +19,7 @@ SECRET_DIR := $(OUTPUT_DIR)/secrets
  
  EXCLUDES :=
  HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+HELM_VER := $(shell helm version --template "{{.Version}}")
  
  .PHONY: $(EXCLUDES) $(HELM_CHARTS)
  
@@ -39,7 +40,11 @@ lint-%: dep-%
  
  package-%: lint-%
         @mkdir -p $(PACKAGE_DIR)
+ifeq "$(findstring v3,$(HELM_VER))" "v3"
+       @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$(helm package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && helm push -f $$PACKAGE_NAME local; fi
+else
         @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+endif
         @helm repo index $(PACKAGE_DIR)
  
  clean:
diff --git a/kubernetes/oof/components/oof-cmso/Makefile b/kubernetes/oof/components/oof-cmso/Makefile

index 52df18a..48cebe9 100644 (file)
--- a/kubernetes/oof/components/oof-cmso/Makefile
+++ b/kubernetes/oof/components/oof-cmso/Makefile
@@ -19,6 +19,7 @@ SECRET_DIR := $(OUTPUT_DIR)/secrets
  
  EXCLUDES := dist resources templates charts docker
  HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+HELM_VER := $(shell helm version --template "{{.Version}}")
  
  .PHONY: $(EXCLUDES) $(HELM_CHARTS)
  
@@ -39,7 +40,11 @@ lint-%: dep-%
  
  package-%: lint-%
         @mkdir -p $(PACKAGE_DIR)
+ifeq "$(findstring v3,$(HELM_VER))" "v3"
+       @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$(helm package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && helm push -f $$PACKAGE_NAME local; fi
+else
         @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+endif
         @helm repo index $(PACKAGE_DIR)
  
  clean:
diff --git a/kubernetes/oof/components/oof-cmso/components/Makefile b/kubernetes/oof/components/oof-cmso/components/Makefile

index 35be214..f7a698d 100755 (executable)
--- a/kubernetes/oof/components/oof-cmso/components/Makefile
+++ b/kubernetes/oof/components/oof-cmso/components/Makefile
@@ -19,6 +19,7 @@ SECRET_DIR := $(OUTPUT_DIR)/secrets
  
  EXCLUDES :=
  HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+HELM_VER := $(shell helm version --template "{{.Version}}")
  
  .PHONY: $(EXCLUDES) $(HELM_CHARTS)
  
@@ -39,7 +40,11 @@ lint-%: dep-%
  
  package-%: lint-%
         @mkdir -p $(PACKAGE_DIR)
+ifeq "$(findstring v3,$(HELM_VER))" "v3"
+       @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$(helm package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && helm push -f $$PACKAGE_NAME local; fi
+else
         @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+endif
         @helm repo index $(PACKAGE_DIR)
  
  clean:
diff --git a/kubernetes/oof/components/oof-has/Makefile b/kubernetes/oof/components/oof-has/Makefile

index 52df18a..48cebe9 100644 (file)
--- a/kubernetes/oof/components/oof-has/Makefile
+++ b/kubernetes/oof/components/oof-has/Makefile
@@ -19,6 +19,7 @@ SECRET_DIR := $(OUTPUT_DIR)/secrets
  
  EXCLUDES := dist resources templates charts docker
  HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+HELM_VER := $(shell helm version --template "{{.Version}}")
  
  .PHONY: $(EXCLUDES) $(HELM_CHARTS)
  
@@ -39,7 +40,11 @@ lint-%: dep-%
  
  package-%: lint-%
         @mkdir -p $(PACKAGE_DIR)
+ifeq "$(findstring v3,$(HELM_VER))" "v3"
+       @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$(helm package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && helm push -f $$PACKAGE_NAME local; fi
+else
         @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+endif
         @helm repo index $(PACKAGE_DIR)
  
  clean:
diff --git a/kubernetes/oof/components/oof-has/components/Makefile b/kubernetes/oof/components/oof-has/components/Makefile

index 35be214..f7a698d 100755 (executable)
--- a/kubernetes/oof/components/oof-has/components/Makefile
+++ b/kubernetes/oof/components/oof-has/components/Makefile
@@ -19,6 +19,7 @@ SECRET_DIR := $(OUTPUT_DIR)/secrets
  
  EXCLUDES :=
  HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+HELM_VER := $(shell helm version --template "{{.Version}}")
  
  .PHONY: $(EXCLUDES) $(HELM_CHARTS)
  
@@ -39,7 +40,11 @@ lint-%: dep-%
  
  package-%: lint-%
         @mkdir -p $(PACKAGE_DIR)
+ifeq "$(findstring v3,$(HELM_VER))" "v3"
+       @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$(helm package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && helm push -f $$PACKAGE_NAME local; fi
+else
         @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+endif
         @helm repo index $(PACKAGE_DIR)
  
  clean:
diff --git a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/ingress.yaml b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/ingress.yaml

index 0cd8cfb..2afc5da 100644 (file)
--- a/kubernetes/oof/components/oof-has/components/oof-has-api/templates/ingress.yaml
+++ b/kubernetes/oof/components/oof-has/components/oof-has-api/templates/ingress.yaml
@@ -1,4 +1,4 @@
-# Copyright © 2020 Samsung, Orange
+{{/*# Copyright © 2020 Samsung, Orange
  #
  # Licensed under the Apache License, Version 2.0 (the "License");
  # you may not use this file except in compliance with the License.
@@ -11,5 +11,6 @@
  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  # See the License for the specific language governing permissions and
  # limitations under the License.
+*/}}
  
  {{ include "common.ingress" . }}
diff --git a/kubernetes/platform/Makefile b/kubernetes/platform/Makefile

index 7a55c2e..d3fa8b7 100644 (file)
--- a/kubernetes/platform/Makefile
+++ b/kubernetes/platform/Makefile
@@ -19,6 +19,7 @@ SECRET_DIR := $(OUTPUT_DIR)/secrets
  
  EXCLUDES := dist resources templates charts
  HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+HELM_VER := $(shell helm version --template "{{.Version}}")
  
  .PHONY: $(EXCLUDES) $(HELM_CHARTS)
  
@@ -39,7 +40,11 @@ lint-%: dep-%
  
  package-%: lint-%
         @mkdir -p $(PACKAGE_DIR)
+ifeq "$(findstring v3,$(HELM_VER))" "v3"
+       @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$(helm package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && helm push -f $$PACKAGE_NAME local; fi
+else
         @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+endif
         @helm repo index $(PACKAGE_DIR)
  
  clean:
diff --git a/kubernetes/platform/components/Makefile b/kubernetes/platform/components/Makefile

index 27e17db..cf69fa6 100644 (file)
--- a/kubernetes/platform/components/Makefile
+++ b/kubernetes/platform/components/Makefile
@@ -20,6 +20,7 @@ SECRET_DIR := $(OUTPUT_DIR)/secrets
  
  EXCLUDES :=
  HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+HELM_VER := $(shell helm version --template "{{.Version}}")
  
  .PHONY: $(EXCLUDES) $(HELM_CHARTS)
  
@@ -40,7 +41,11 @@ lint-%: dep-%
  
  package-%: lint-%
         @mkdir -p $(PACKAGE_DIR)
+ifeq "$(findstring v3,$(HELM_VER))" "v3"
+       @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$(helm package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && helm push -f $$PACKAGE_NAME local; fi
+else
         @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+endif
         @helm repo index $(PACKAGE_DIR)
  
  clean:
diff --git a/kubernetes/platform/components/oom-cert-service/templates/deployment.yaml b/kubernetes/platform/components/oom-cert-service/templates/deployment.yaml

index 666e83c..a6ce282 100644 (file)
--- a/kubernetes/platform/components/oom-cert-service/templates/deployment.yaml
+++ b/kubernetes/platform/components/oom-cert-service/templates/deployment.yaml
@@ -1,4 +1,4 @@
-# Copyright © 2020, Nokia
+{{/*# Copyright © 2020, Nokia
  # Modifications Copyright  © 2020, Nordix Foundation
  #
  # Licensed under the Apache License, Version 2.0 (the "License");
@@ -11,7 +11,7 @@
  # distributed under the License is distributed on an "AS IS" BASIS,
  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  # See the License for the specific language governing permissions and
-# limitations under the License.
+# limitations under the License.*/}}
  
  {{- if .Values.global.cmpv2Enabled }}
  apiVersion: apps/v1
diff --git a/kubernetes/platform/components/oom-cert-service/templates/secret.yaml b/kubernetes/platform/components/oom-cert-service/templates/secret.yaml

index 33056c7..280922a 100644 (file)
--- a/kubernetes/platform/components/oom-cert-service/templates/secret.yaml
+++ b/kubernetes/platform/components/oom-cert-service/templates/secret.yaml
@@ -1,4 +1,4 @@
-# Copyright © 2020, Nokia
+{{/*# Copyright © 2020, Nokia
  # Modifications Copyright  © 2020, Nordix Foundation
  #
  # Licensed under the Apache License, Version 2.0 (the "License");
@@ -11,7 +11,7 @@
  # distributed under the License is distributed on an "AS IS" BASIS,
  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  # See the License for the specific language governing permissions and
-# limitations under the License.
+# limitations under the License.*/}}
  
  {{- if .Values.global.cmpv2Enabled }}
  {{ include "common.secretFast" . }}
diff --git a/kubernetes/platform/components/oom-cert-service/templates/service.yaml b/kubernetes/platform/components/oom-cert-service/templates/service.yaml

index 60e2afa..5ae6b36 100644 (file)
--- a/kubernetes/platform/components/oom-cert-service/templates/service.yaml
+++ b/kubernetes/platform/components/oom-cert-service/templates/service.yaml
@@ -1,4 +1,4 @@
-# Copyright © 2020, Nokia
+{{/*# Copyright © 2020, Nokia
  # Modifications Copyright  © 2020, Nordix Foundation
  #
  # Licensed under the Apache License, Version 2.0 (the "License");
@@ -11,7 +11,7 @@
  # distributed under the License is distributed on an "AS IS" BASIS,
  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  # See the License for the specific language governing permissions and
-# limitations under the License.
+# limitations under the License.*/}}
  {{- if .Values.global.cmpv2Enabled }}
    {{ include "common.service" . }}
  {{ end -}}
 \ No newline at end of file
diff --git a/kubernetes/policy/components/policy-api/resources/config/config.json b/kubernetes/policy/components/policy-api/resources/config/config.json

index 8db1f5a..cdc477c 100755 (executable)
--- a/kubernetes/policy/components/policy-api/resources/config/config.json
+++ b/kubernetes/policy/components/policy-api/resources/config/config.json
@@ -35,7 +35,7 @@
          "persistenceUnit": "PolicyMariaDb"
      },
      "preloadPolicyTypes": [
-        "policytypes/onap.policies.monitoring.cdap.tca.hi.lo.app.yaml",
+        "policytypes/onap.policies.monitoring.tcagen2.yaml",
          "policytypes/onap.policies.monitoring.dcaegen2.collectors.datafile.datafile-app-server.yaml",
          "policytypes/onap.policies.Optimization.yaml",
          "policytypes/onap.policies.optimization.Resource.yaml",
@@ -53,9 +53,10 @@
          "policytypes/onap.policies.controlloop.guard.common.Blacklist.yaml",
          "policytypes/onap.policies.controlloop.guard.common.FrequencyLimiter.yaml",
          "policytypes/onap.policies.controlloop.guard.common.MinMax.yaml",
+        "policytypes/onap.policies.controlloop.guard.common.Filter.yaml",
          "policytypes/onap.policies.controlloop.guard.coordination.FirstBlocksSecond.yaml",
-        "policytypes/onap.policies.controlloop.Operational.yaml",
          "policytypes/onap.policies.Naming.yaml",
+        "policytypes/onap.policies.Match.yaml",
          "policytypes/onap.policies.native.Drools.yaml",
          "policytypes/onap.policies.native.Xacml.yaml",
          "policytypes/onap.policies.native.Apex.yaml",
diff --git a/kubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml b/kubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml

index a4d060c..40f0fab 100755 (executable)
--- a/kubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml
+++ b/kubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml
@@ -119,8 +119,6 @@ spec:
              readOnly: true
            - mountPath: /opt/app/policy/pdpx/etc/mounted
              name: pdpxconfig-processed
-            emptyDir:
-              medium: Memory
            resources:
  {{ include "common.resources" . }}
          {{- if .Values.nodeSelector }}
diff --git a/kubernetes/portal/Makefile b/kubernetes/portal/Makefile

index 8af301d..248fb05 100644 (file)
--- a/kubernetes/portal/Makefile
+++ b/kubernetes/portal/Makefile
@@ -19,6 +19,7 @@ SECRET_DIR := $(OUTPUT_DIR)/secrets
  
  EXCLUDES := dist resources templates charts docker
  HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+HELM_VER := $(shell helm version --template "{{.Version}}")
  
  .PHONY: $(EXCLUDES) $(HELM_CHARTS)
  
@@ -39,7 +40,11 @@ lint-%: dep-%
  
  package-%: lint-%
         @mkdir -p $(PACKAGE_DIR)
+ifeq "$(findstring v3,$(HELM_VER))" "v3"
+       @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$(helm package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && helm push -f $$PACKAGE_NAME local; fi
+else
         @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+endif
         @helm repo index $(PACKAGE_DIR)
  
  clean:
diff --git a/kubernetes/portal/components/Makefile b/kubernetes/portal/components/Makefile

index 2fc0cbe..0237136 100644 (file)
--- a/kubernetes/portal/components/Makefile
+++ b/kubernetes/portal/components/Makefile
@@ -19,6 +19,7 @@ SECRET_DIR := $(OUTPUT_DIR)/secrets
  
  EXCLUDES :=
  HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+HELM_VER := $(shell helm version --template "{{.Version}}")
  
  .PHONY: $(EXCLUDES) $(HELM_CHARTS)
  
@@ -39,7 +40,11 @@ lint-%: dep-%
  
  package-%: lint-%
         @mkdir -p $(PACKAGE_DIR)
+ifeq "$(findstring v3,$(HELM_VER))" "v3"
+       @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$(helm package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && helm push -f $$PACKAGE_NAME local; fi
+else
         @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+endif
         @helm repo index $(PACKAGE_DIR)
  
  clean:
diff --git a/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties b/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties

index b5b4e48..c8a292f 100755 (executable)
--- a/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties
+++ b/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties
@@ -16,8 +16,8 @@
  #mysql
  db.driver = org.mariadb.jdbc.Driver
  db.connectionURL = jdbc:mariadb:failover://portal-db:3306/portal
-db.userName =root
-db.password =Aa123456
+db.userName =${PORTAL_DB_USER}
+db.password =${PORTAL_DB_PASSWORD}
  db.hib.dialect = org.hibernate.dialect.MySQLDialect
  db.min_pool_size = 5
  db.max_pool_size = 10
@@ -122,4 +122,4 @@ remote_centralized_system_access = {{.Values.global.aafEnabled}}
  ext_central_access_user_name = aaf_admin@people.osaaf.org
  ext_central_access_password = demo123456!
  ext_central_access_url = {{.Values.aafURL}}
-ext_central_access_user_domain = @people.osaaf.org
-\ No newline at end of file
+ext_central_access_user_domain = @people.osaaf.org
diff --git a/kubernetes/portal/components/portal-app/templates/deployment.yaml b/kubernetes/portal/components/portal-app/templates/deployment.yaml

index 0be1fdc..8c434c5 100644 (file)
--- a/kubernetes/portal/components/portal-app/templates/deployment.yaml
+++ b/kubernetes/portal/components/portal-app/templates/deployment.yaml
@@ -52,8 +52,23 @@ spec:
        - name: {{ include "common.name" . }}-portal-config
          image: "{{ .Values.global.envsubstImage }}"
          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        command: ["/bin/sh"]
-        args: [ "-c", "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done"]
+        command:
+        - sh
+        args:
+        - "-c"
+        - |
+          cd /config-input && \
+          for PFILE in `ls -1 *.xml`
+          do
+            cp ${PFILE} /config
+            chmod 0755 /config/${PFILE}
+          done
+          cd /config-input && \
+          for PFILE in `ls -1 *.properties`
+          do
+            envsubst <${PFILE} >/config/${PFILE}
+            chmod 0755 /config/${PFILE}
+          done
          env:
            - name: CASSA_USER
              {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-cass" "key" "login") | indent 12 }}
@@ -61,6 +76,10 @@ spec:
              {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-cass" "key" "password") | indent 12 }}
            - name: CIPHER_ENC_KEY
              {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cipher-enc-key" "key" "password") | indent 12 }}
+          - name: PORTAL_DB_USER
+            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-backend-db" "key" "login") | indent 12 }}
+          - name: PORTAL_DB_PASSWORD
+            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-backend-db" "key" "password") | indent 12 }}
          volumeMounts:
          - mountPath: /config-input
            name: properties-onapportal-scrubbed
diff --git a/kubernetes/portal/components/portal-app/values.yaml b/kubernetes/portal/components/portal-app/values.yaml

index 55a7ccc..bd1ed58 100644 (file)
--- a/kubernetes/portal/components/portal-app/values.yaml
+++ b/kubernetes/portal/components/portal-app/values.yaml
@@ -43,6 +43,12 @@ secrets:
      externalSecret: '{{ .Values.config.cipherEncKeyExternalSecret}}'
      password: '{{ .Values.config.cipherEncKey }}'
      passwordPolicy: required
+  - uid: portal-backend-db
+    type: basicAuth
+    externalSecret: '{{ tpl (default "" .Values.mariadb.config.backendDbExternalSecret) . }}'
+    login: '{{ .Values.mariadb.config.backendUserName }}'
+    password: '{{ .Values.mariadb.config.backendPassword }}'
+    passwordPolicy: required
  
  #################################################################
  # Application configuration defaults.
@@ -120,6 +126,10 @@ service:
  mariadb:
    service:
      name: portal-db
+  config:
+    # backendDbExternalSecret: some secret
+    backendUserName: portal
+    backendPassword: portal
  widget:
    service:
      name: portal-widget
diff --git a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh

index 28fcee1..93d2b67 100644 (file)
--- a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh
+++ b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh
@@ -182,6 +182,13 @@ if [ "$1" = 'mysqld' -a -z "$wantHelp" ]; then
                         echo
                 done
  
+               file_env 'PORTAL_DB_TABLES'
+               for i in $(echo $PORTAL_DB_TABLES | sed "s/,/ /g")
+                       do
+                           echo "Granting portal user ALL PRIVILEGES for table $i"
+                                       echo "GRANT ALL ON \`$i\`.* TO '$MYSQL_USER'@'%' ;" | "${mysql[@]}"
+                       done
+
                 if ! kill -s TERM "$pid" || ! wait "$pid"; then
                         echo >&2 'MySQL init process failed.'
                         exit 1
@@ -193,4 +200,4 @@ if [ "$1" = 'mysqld' -a -z "$wantHelp" ]; then
         fi
  fi
  
-exec "$@"
-\ No newline at end of file
+exec "$@"
diff --git a/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml b/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml

index ec6cc50..196a2d1 100644 (file)
--- a/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml
+++ b/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml
@@ -69,6 +69,18 @@ spec:
                  secretKeyRef:
                    name: {{ template "common.fullname" . }}
                    key: db-root-password
+            - name: MYSQL_USER
+              valueFrom:
+                secretKeyRef:
+                  name: {{ template "common.fullname" . }}
+                  key: backend-db-user
+            - name: MYSQL_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ template "common.fullname" . }}
+                  key: backend-db-password
+            - name: PORTAL_DB_TABLES
+              value: {{ .Values.config.backend_portal_tables }}
            volumeMounts:
            - mountPath: /var/lib/mysql
              name: mariadb-data
diff --git a/kubernetes/portal/components/portal-mariadb/templates/secrets.yaml b/kubernetes/portal/components/portal-mariadb/templates/secrets.yaml

index ad1db77..4415c5e 100644 (file)
--- a/kubernetes/portal/components/portal-mariadb/templates/secrets.yaml
+++ b/kubernetes/portal/components/portal-mariadb/templates/secrets.yaml
@@ -26,3 +26,6 @@ metadata:
  type: Opaque
  data:
    db-root-password: {{ .Values.config.mariadbRootPassword | b64enc | quote }}
+stringData:
+  backend-db-user: {{ .Values.config.backendDbUser }}
+  backend-db-password: {{ .Values.config.backendDbPassword }}
diff --git a/kubernetes/portal/components/portal-mariadb/values.yaml b/kubernetes/portal/components/portal-mariadb/values.yaml

index 3435feb..fc1eca8 100644 (file)
--- a/kubernetes/portal/components/portal-mariadb/values.yaml
+++ b/kubernetes/portal/components/portal-mariadb/values.yaml
@@ -35,6 +35,11 @@ mariadbInitImage: "oomk8s/mariadb-client-init:3.0.0"
  config:
    mariadbUser: root
    mariadbRootPassword: Aa123456
+  backendDbUser: portal
+  backendDbPassword: portal
+  #backend_portal_tables is a comma delimited string listing back-end tables
+  #that backendDbUser needs access to, such as to portal and ecomp_sdk tables
+  backend_portal_tables: portal,ecomp_sdk
    #The directory where sql files are found in the projects gerrit repo.
    sqlSourceDirectory: portal/deliveries
    # sdc frontend assignment for port 9443
diff --git a/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties b/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties

index 2a2ec59..1faed41 100755 (executable)
--- a/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties
+++ b/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties
@@ -40,8 +40,8 @@ decryption_key                                  = AGLDdG4D04BKm2IxIWEr8o==
  
  db.driver = org.mariadb.jdbc.Driver
  db.connectionURL = jdbc:mariadb://portal-db:3306/ecomp_sdk
-db.userName = root
-db.password = Aa123456
+db.userName =${PORTAL_DB_USER}
+db.password =${PORTAL_DB_PASSWORD}
  db.min_pool_size = 5
  db.max_pool_size = 10
  hb.dialect = org.hibernate.dialect.MySQLDialect
@@ -90,4 +90,4 @@ remote_centralized_system_access = {{.Values.global.aafEnabled}}
  ext_central_access_user_name = aaf_admin@people.osaaf.org
  ext_central_access_password = demo123456!
  ext_central_access_url = {{.Values.aafURL}}
-ext_central_access_user_domain = @people.osaaf.org
-\ No newline at end of file
+ext_central_access_user_domain = @people.osaaf.org
diff --git a/kubernetes/portal/components/portal-sdk/templates/deployment.yaml b/kubernetes/portal/components/portal-sdk/templates/deployment.yaml

index f79098f..52bf49b 100644 (file)
--- a/kubernetes/portal/components/portal-sdk/templates/deployment.yaml
+++ b/kubernetes/portal/components/portal-sdk/templates/deployment.yaml
@@ -52,8 +52,23 @@ spec:
        - name: {{ include "common.name" . }}-portalsdk-config
          image: "{{ .Values.global.envsubstImage }}"
          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        command: ["/bin/sh"]
-        args: [ "-c", "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done"]
+        command:
+        - sh
+        args:
+        - "-c"
+        - |
+          cd /config-input && \
+          for PFILE in `ls -1 *.xml`
+          do
+            cp ${PFILE} /config
+            chmod 0755 /config/${PFILE}
+          done
+          cd /config-input && \
+          for PFILE in `ls -1 *.properties`
+          do
+            envsubst <${PFILE} >/config/${PFILE}
+            chmod 0755 /config/${PFILE}
+          done
          env:
            - name: CASSA_USER
              {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-cass" "key" "login") | indent 12 }}
@@ -61,6 +76,10 @@ spec:
              {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-cass" "key" "password") | indent 12 }}
            - name: CIPHER_ENC_KEY
              {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cipher-enc-key" "key" "password") | indent 12 }}
+          - name: PORTAL_DB_USER
+            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-backend-db" "key" "login") | indent 12 }}
+          - name: PORTAL_DB_PASSWORD
+            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-backend-db" "key" "password") | indent 12 }}
          volumeMounts:
          - mountPath: /config-input
            name: properties-onapportalsdk-scrubbed
diff --git a/kubernetes/portal/components/portal-sdk/values.yaml b/kubernetes/portal/components/portal-sdk/values.yaml

index c0f1b58..4056b2a 100644 (file)
--- a/kubernetes/portal/components/portal-sdk/values.yaml
+++ b/kubernetes/portal/components/portal-sdk/values.yaml
@@ -39,6 +39,12 @@ secrets:
      login: '{{ .Values.cassandra.config.cassandraUsername }}'
      password: '{{ .Values.cassandra.config.cassandraPassword }}'
      passwordPolicy: required
+  - uid: portal-backend-db
+    type: basicAuth
+    externalSecret: '{{ tpl (default "" .Values.mariadb.config.backendDbExternalSecret) . }}'
+    login: '{{ .Values.mariadb.config.backendUserName }}'
+    password: '{{ .Values.mariadb.config.backendPassword }}'
+    passwordPolicy: required
    - uid: cipher-enc-key
      type: password
      externalSecret: '{{ .Values.config.cipherEncKeyExternalSecret}}'
@@ -115,6 +121,10 @@ service:
  mariadb:
    service:
      name: portal-db
+  config:
+    # backendDbExternalSecret: some secret
+    backendUserName: portal
+    backendPassword: portal
  widget:
    service:
      name: portal-widget
diff --git a/kubernetes/portal/values.yaml b/kubernetes/portal/values.yaml

index 2a760cd..0d4b023 100644 (file)
--- a/kubernetes/portal/values.yaml
+++ b/kubernetes/portal/values.yaml
@@ -32,12 +32,19 @@ secrets:
      externalSecret: '{{ tpl (default "" .Values.config.casandraCredsExternalSecret) . }}'
      login: '{{ .Values.config.cassandraUsername }}'
      password: '{{ .Values.config.cassandraPassword }}'
+  - uid: portal-backend-db
+    name: &backendDbSecretName '{{ include "common.release" . }}-portal-backend-creds'
+    type: basicAuth
+    externalSecret: '{{ tpl (default "" .Values.mariadb.config.backendDbExternalSecret) . }}'
+    login: '{{ .Values.mariadb.config.backendUserName }}'
+    password: '{{ .Values.mariadb.config.backendPassword }}'
+    passwordPolicy: required
  
  config:
    logstashServiceName: log-ls
    logstashPort: 5044
    cassandraUsername: root
-# cassandraPassword: Aa123456
+  cassandraPassword: Aa123456
  # casandraCredsExternalSecret: some secret
  
  portal-mariadb:
@@ -45,6 +52,11 @@ portal-mariadb:
  mariadb:
    service:
      name: portal-db
+  config:
+#   backendDbExternalSecret: some secret
+    backendUserName: portal
+    backendPassword: portal
+
  widget:
    service:
      name: portal-widget
@@ -54,10 +66,16 @@ cassandra:
    config:
      cassandraExternalSecret: *dbSecretName
  portal-app:
+  mariadb:
+    config:
+      backendDbExternalSecret: *backendDbSecretName
    cassandra:
      config:
        cassandraExternalSecret: *dbSecretName
  portal-sdk:
+  mariadb:
+    config:
+      backendDbExternalSecret: *backendDbSecretName
    cassandra:
      config:
        cassandraExternalSecret: *dbSecretName
diff --git a/kubernetes/robot b/kubernetes/robot

index b093c77..34913f2 160000 (submodule)
--- a/kubernetes/robot
+++ b/kubernetes/robot
@@ -1 +1 @@
-Subproject commit b093c77b4faa2c4f0bfc67e481f724b6d67c7229
+Subproject commit 34913f2223539640c81ae9e7a65744a09a95c9ce
diff --git a/kubernetes/sdc/components/sdc-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-be/templates/deployment.yaml

index e2329d7..d3a47de 100644 (file)
--- a/kubernetes/sdc/components/sdc-be/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-be/templates/deployment.yaml
@@ -37,6 +37,13 @@ spec:
                fieldPath: metadata.namespace
          image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        resources:
+          limits:
+            cpu: 100m
+            memory: 100Mi
+          requests:
+            cpu: 3m
+            memory: 20Mi
        - name: {{ include "common.name" . }}-job-completion
          image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
          imagePullPolicy: "{{ .Values.global.pullPolicy | default .Values.pullPolicy }}"
@@ -51,6 +58,13 @@ spec:
              fieldRef:
                apiVersion: v1
                fieldPath: metadata.namespace
+        resources:
+          limits:
+            cpu: 100m
+            memory: 100Mi
+          requests:
+            cpu: 3m
+            memory: 20Mi
        {{- if .Values.global.aafEnabled }}
        - name: {{ include "common.name" . }}-update-config
          image: "{{ .Values.global.envsubstImage }}"
@@ -72,6 +86,13 @@ spec:
              envsubst <${PFILE} >/config-output/${PFILE}
              chmod 0755 /config-output/${PFILE}
            done
+        resources:
+          limits:
+            cpu: 100m
+            memory: 100Mi
+          requests:
+            cpu: 3m
+            memory: 20Mi
          volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
          - name: {{ include "common.fullname" . }}-environments
            mountPath: /config-input/
@@ -154,6 +175,13 @@ spec:
              mountPath: /var/log/onap
            - name: {{ include "common.fullname" . }}-data-filebeat
              mountPath: /usr/share/filebeat/data
+          resources:
+            limits:
+              cpu: 100m
+              memory: 100Mi
+            requests:
+              cpu: 3m
+              memory: 20Mi
        volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
        - name: {{ include "common.fullname" . }}-localtime
          hostPath:
diff --git a/kubernetes/sdc/components/sdc-be/templates/job.yaml b/kubernetes/sdc/components/sdc-be/templates/job.yaml

index d9c3e51..554b3c3 100644 (file)
--- a/kubernetes/sdc/components/sdc-be/templates/job.yaml
+++ b/kubernetes/sdc/components/sdc-be/templates/job.yaml
@@ -39,19 +39,28 @@ spec:
          args:
          - --container-name
          - sdc-be
+        - "-t"
+        - "35"
          env:
          - name: NAMESPACE
            valueFrom:
              fieldRef:
                apiVersion: v1
                fieldPath: metadata.namespace
+        resources:
+          limits:
+            cpu: 100m
+            memory: 100Mi
+          requests:
+            cpu: 3m
+            memory: 20Mi
        containers:
        - name: {{ include "common.name" . }}-job
          image: "{{ include "common.repository" . }}/{{ .Values.backendInitImage }}"
          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
          volumeMounts:
          - name: {{ include "common.fullname" . }}-environments
-          mountPath: /home/sdc/chef-solo/environments/
+          mountPath: /home/onap/chef-solo/environments/
          - name: sdc-logs
            mountPath: /var/lib/jetty/logs
          env:
@@ -61,6 +70,13 @@ spec:
            valueFrom:
              fieldRef:
                fieldPath: status.podIP
+        resources:
+          limits:
+            cpu: 800m
+            memory: 1024Mi
+          requests:
+            cpu: 200m
+            memory: 200Mi
        volumes:
          - name: {{ include "common.fullname" . }}-environments
            configMap:
diff --git a/kubernetes/sdc/components/sdc-be/values.yaml b/kubernetes/sdc/components/sdc-be/values.yaml

index 0389486..b825b70 100644 (file)
--- a/kubernetes/sdc/components/sdc-be/values.yaml
+++ b/kubernetes/sdc/components/sdc-be/values.yaml
@@ -39,8 +39,8 @@ global:
  #################################################################
  # application image
  repository: nexus3.onap.org:10001
-image: onap/sdc-backend:1.6.7
-backendInitImage: onap/sdc-backend-init:1.6.7
+image: onap/sdc-backend-all-plugins:1.7.1
+backendInitImage: onap/sdc-backend-init:1.7.1
  pullPolicy: Always
  
  # flag to enable debugging - application support required
@@ -140,15 +140,15 @@ resources:
    small:
      limits:
        cpu: 1
-      memory: 4Gi
+      memory: 2Gi
      requests:
-      cpu: 10m
+      cpu: 100m
        memory: 1Gi
    large:
      limits:
        cpu: 2
-      memory: 8Gi
+      memory: 4Gi
      requests:
-      cpu: 20m
+      cpu: 200m
        memory: 2Gi
    unlimited: {}
diff --git a/kubernetes/sdc/components/sdc-cs/templates/job.yaml b/kubernetes/sdc/components/sdc-cs/templates/job.yaml

index 0c98d67..19dd112 100644 (file)
--- a/kubernetes/sdc/components/sdc-cs/templates/job.yaml
+++ b/kubernetes/sdc/components/sdc-cs/templates/job.yaml
@@ -45,12 +45,21 @@ spec:
          {{- else }}
          - cassandra
          {{- end }}
+        - "-t"
+        - "15"
          env:
          - name: NAMESPACE
            valueFrom:
              fieldRef:
                apiVersion: v1
                fieldPath: metadata.namespace
+        resources:
+          limits:
+            cpu: 100m
+            memory: 100Mi
+          requests:
+            cpu: 3m
+            memory: 20Mi
        containers:
        - name: {{ include "common.name" . }}-job
          image: "{{ include "common.repository" . }}/{{ .Values.cassandraInitImage }}"
@@ -78,6 +87,13 @@ spec:
            valueFrom:
              fieldRef:
                fieldPath: status.podIP
+        resources:
+          limits:
+            cpu: 800m
+            memory: 1024Mi
+          requests:
+            cpu: 200m
+            memory: 300Mi
        volumes:
        - name: {{ include "common.fullname" . }}-environments
          configMap:
diff --git a/kubernetes/sdc/components/sdc-cs/values.yaml b/kubernetes/sdc/components/sdc-cs/values.yaml

index 0738ca7..e80f648 100644 (file)
--- a/kubernetes/sdc/components/sdc-cs/values.yaml
+++ b/kubernetes/sdc/components/sdc-cs/values.yaml
@@ -38,8 +38,8 @@ global:
  #################################################################
  # application image
  repository: nexus3.onap.org:10001
-image: onap/sdc-cassandra:1.6.7
-cassandraInitImage: onap/sdc-cassandra-init:1.6.7
+image: onap/sdc-cassandra:1.7.1
+cassandraInitImage: onap/sdc-cassandra-init:1.7.1
  
  pullPolicy: Always
  
@@ -104,23 +104,3 @@ persistence:
  
  ingress:
    enabled: false
-
-# Resource Limit flavor -By Default using small
-flavor: small
-# Segregation for Different environment (Small and Large)
-resources:
-  small:
-    limits:
-      cpu: 1
-      memory: 4Gi
-    requests:
-      cpu: 10m
-      memory: 1Gi
-  large:
-    limits:
-      cpu: 2
-      memory: 8Gi
-    requests:
-      cpu: 20m
-      memory: 2Gi
-  unlimited: {}
diff --git a/kubernetes/sdc/components/sdc-fe/templates/deployment.yaml b/kubernetes/sdc/components/sdc-fe/templates/deployment.yaml

index 0571f4b..bca3c47 100644 (file)
--- a/kubernetes/sdc/components/sdc-fe/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-fe/templates/deployment.yaml
@@ -43,12 +43,21 @@ spec:
          args:
          - --job-name
          - {{ include "common.release" . }}-sdc-be-config-backend
+        - "-t"
+        - "35"
          env:
          - name: NAMESPACE
            valueFrom:
              fieldRef:
                apiVersion: v1
                fieldPath: metadata.namespace
+        resources:
+          limits:
+            cpu: 100m
+            memory: 100Mi
+          requests:
+            cpu: 3m
+            memory: 20Mi
        {{- if .Values.global.aafEnabled }}
        - name: {{ include "common.name" . }}-update-config
          image: "{{ .Values.global.envsubstImage }}"
@@ -75,6 +84,13 @@ spec:
              mountPath: /config-input/
            - name: sdc-environments-output
              mountPath: /config-output/
+        resources:
+          limits:
+            cpu: 100m
+            memory: 100Mi
+          requests:
+            cpu: 3m
+            memory: 20Mi
        {{- end }}
        containers:
          - name: {{ include "common.name" . }}
@@ -106,8 +122,7 @@ spec:
              initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
              periodSeconds: {{ .Values.readiness.periodSeconds }}
              timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
-          resources:
-{{ include "common.resources" . | indent 12 }}
+          resources: {{ include "common.resources" . | nindent 12 }}
            env:
            - name: ENVNAME
              value: {{ .Values.env.name }}
@@ -153,6 +168,13 @@ spec:
              mountPath: /var/log/onap
            - name: {{ include "common.fullname" . }}-data-filebeat
              mountPath: /usr/share/filebeat/data
+          resources:
+            limits:
+              cpu: 100m
+              memory: 100Mi
+            requests:
+              cpu: 3m
+              memory: 20Mi
        volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
          - name: {{ include "common.fullname" . }}-localtime
            hostPath:
diff --git a/kubernetes/sdc/components/sdc-fe/values.yaml b/kubernetes/sdc/components/sdc-fe/values.yaml

index e9ff284..1389d05 100644 (file)
--- a/kubernetes/sdc/components/sdc-fe/values.yaml
+++ b/kubernetes/sdc/components/sdc-fe/values.yaml
@@ -51,7 +51,7 @@ certInitializer:
  #################################################################
  # application image
  repository: nexus3.onap.org:10001
-image: onap/sdc-frontend:1.6.7
+image: onap/sdc-frontend:1.7.1
  pullPolicy: Always
  
  config:
@@ -123,16 +123,16 @@ flavor: small
  resources:
    small:
      limits:
-      cpu: 1
-      memory: 4Gi
+      cpu: 500m
+      memory: 2Gi
      requests:
-      cpu: 10m
+      cpu: 40m
        memory: 1Gi
    large:
      limits:
-      cpu: 2
-      memory: 8Gi
+      cpu: 1
+      memory: 4Gi
      requests:
-      cpu: 20m
+      cpu: 80m
        memory: 2Gi
    unlimited: {}
diff --git a/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml

index 6f1e2a9..527ddde 100644 (file)
--- a/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml
@@ -49,6 +49,13 @@ spec:
              fieldRef:
                apiVersion: v1
                fieldPath: metadata.namespace
+        resources:
+          limits:
+            cpu: 100m
+            memory: 100Mi
+          requests:
+            cpu: 3m
+            memory: 20Mi
        {{- if .Values.global.aafEnabled }}
        - name: {{ include "common.name" . }}-update-config
          image: "{{ .Values.global.envsubstImage }}"
@@ -75,6 +82,13 @@ spec:
              mountPath: /config-input/
            - name: sdc-environments-output
              mountPath: /config-output/
+        resources:
+          limits:
+            cpu: 100m
+            memory: 100Mi
+          requests:
+            cpu: 3m
+            memory: 20Mi
        {{- end }}
        containers:
          - name: {{ include "common.name" . }}
@@ -99,8 +113,7 @@ spec:
              initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
              periodSeconds: {{ .Values.readiness.periodSeconds }}
              timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
-          resources:
-{{ include "common.resources" . | indent 12 }}
+          resources: {{ include "common.resources" . | nindent 12 }}
            env:
            - name: ENVNAME
              value: {{ .Values.env.name }}
@@ -155,6 +168,13 @@ spec:
              mountPath: /var/log/onap
            - name: {{ include "common.fullname" . }}-data-filebeat
              mountPath: /usr/share/filebeat/data
+          resources:
+            limits:
+              cpu: 100m
+              memory: 100Mi
+            requests:
+              cpu: 3m
+              memory: 20Mi
        volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
        - name: {{ include "common.fullname" . }}-localtime
          hostPath:
diff --git a/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml

index 936c7c4..c3003e2 100644 (file)
--- a/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml
+++ b/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml
@@ -41,12 +41,21 @@ spec:
          args:
          - --job-name
          - {{ include "common.release" . }}-sdc-cs-config-cassandra
+        - "-t"
+        - "20"
          env:
          - name: NAMESPACE
            valueFrom:
              fieldRef:
                apiVersion: v1
                fieldPath: metadata.namespace
+        resources:
+          limits:
+            cpu: 100m
+            memory: 100Mi
+          requests:
+            cpu: 3m
+            memory: 20Mi
        containers:
        - name: {{ include "common.name" . }}-job
          image: "{{ include "common.repository" . }}/{{ .Values.onboardingInitImage }}"
@@ -72,6 +81,13 @@ spec:
              secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: cs_password}
          - name: CS_HOST_IP
            value: "{{ .Values.global.cassandra.serviceName }}"
+        resources:
+          limits:
+            cpu: 800m
+            memory: 1024Mi
+          requests:
+            cpu: 200m
+            memory: 200Mi
        volumes:
        - name: {{ include "common.fullname" . }}-environments
          configMap:
diff --git a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml

index 2e5d91e..6ec08db 100644 (file)
--- a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml
+++ b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml
@@ -63,8 +63,8 @@ certInitializer:
  #################################################################
  # application image
  repository: nexus3.onap.org:10001
-image: onap/sdc-onboard-backend:1.6.7
-onboardingInitImage: onap/sdc-onboard-cassandra-init:1.6.7
+image: onap/sdc-onboard-backend:1.7.1
+onboardingInitImage: onap/sdc-onboard-cassandra-init:1.7.1
  pullPolicy: Always
  
  # flag to enable debugging - application support required
@@ -155,16 +155,16 @@ flavor: small
  resources:
    small:
      limits:
-      cpu: 1
-      memory: 4Gi
+      cpu: 500m
+      memory: 2Gi
      requests:
-      cpu: 10m
+      cpu: 40m
        memory: 1Gi
    large:
      limits:
-      cpu: 2
-      memory: 8Gi
+      cpu: 1
+      memory: 4Gi
      requests:
-      cpu: 20m
+      cpu: 80m
        memory: 2Gi
    unlimited: {}
diff --git a/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml

index b188cda..c61c41f 100644 (file)
--- a/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml
@@ -50,6 +50,13 @@ spec:
              fieldRef:
                apiVersion: v1
                fieldPath: metadata.namespace
+        resources:
+          limits:
+            cpu: 100m
+            memory: 100Mi
+          requests:
+            cpu: 3m
+            memory: 20Mi
        {{ end }}
        containers:
          - name: {{ include "common.name" . }}
@@ -123,6 +130,7 @@ spec:
            - name: SERVER_SSL_TRUSTSTORE_TYPE
              value: "{{ .Values.config.serverSSLTrustStoreType }}"
            volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
+          resources: {{ include "common.resources" . | nindent 12 }}
        volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
        imagePullSecrets:
        - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/sdc/components/sdc-wfd-be/templates/job.yaml b/kubernetes/sdc/components/sdc-wfd-be/templates/job.yaml

index 9235cb4..be7d519 100644 (file)
--- a/kubernetes/sdc/components/sdc-wfd-be/templates/job.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-be/templates/job.yaml
@@ -34,37 +34,47 @@ spec:
      spec:
        restartPolicy: Never
        initContainers:
-      - name: {{ include "common.name" . }}-init-readiness
-        image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
-        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        command:
-        - /app/ready.py
-        args:
-        - --job-name
-        - {{ include "common.release" . }}-sdc-cs-config-cassandra
-        env:
-        - name: NAMESPACE
-          valueFrom:
-            fieldRef:
-              apiVersion: v1
-              fieldPath: metadata.namespace
+        - name: {{ include "common.name" . }}-init-readiness
+          image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
+          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          command:
+          - /app/ready.py
+          args:
+          - --job-name
+          - {{ include "common.release" . }}-sdc-cs-config-cassandra
+          - "-t"
+          - "20"
+          env:
+          - name: NAMESPACE
+            valueFrom:
+              fieldRef:
+                apiVersion: v1
+                fieldPath: metadata.namespace
+          resources:
+            limits:
+              cpu: 100m
+              memory: 100Mi
+            requests:
+              cpu: 3m
+              memory: 20Mi
        containers:
-      - name: {{ include "common.name" . }}-job
-        image: "{{ include "common.repository" . }}/{{ .Values.configInitImage }}"
-        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        env:
-        - name: CS_HOST
-          value: "{{ .Values.global.cassandra.serviceName }}"
-        - name: CS_PORT
-          value: "{{ .Values.config.cassandraClientPort }}"
-        - name: CS_AUTHENTICATE
-          value: "{{ .Values.config.cassandraAuthenticationEnabled }}"
-        - name: CS_USER
-          valueFrom:
-            secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_user}
-        - name: CS_PASSWORD
-          valueFrom:
-            secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_password}
+        - name: {{ include "common.name" . }}-job
+          image: "{{ include "common.repository" . }}/{{ .Values.configInitImage }}"
+          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          env:
+          - name: CS_HOST
+            value: "{{ .Values.global.cassandra.serviceName }}"
+          - name: CS_PORT
+            value: "{{ .Values.config.cassandraClientPort }}"
+          - name: CS_AUTHENTICATE
+            value: "{{ .Values.config.cassandraAuthenticationEnabled }}"
+          - name: CS_USER
+            valueFrom:
+              secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_user}
+          - name: CS_PASSWORD
+            valueFrom:
+              secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_password}
+          resources: {{ include "common.resources" . | nindent 12 }}
        imagePullSecrets:
        - name: "{{ include "common.namespace" . }}-docker-registry-key"
  {{ end }}
diff --git a/kubernetes/sdc/components/sdc-wfd-be/values.yaml b/kubernetes/sdc/components/sdc-wfd-be/values.yaml

index da5ae38..893a1b9 100644 (file)
--- a/kubernetes/sdc/components/sdc-wfd-be/values.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-be/values.yaml
@@ -62,8 +62,8 @@ certInitializer:
  #################################################################
  # application image
  repository: nexus3.onap.org:10001
-image: onap/workflow-backend:1.6.4
-configInitImage: onap/workflow-init:1.6.4
+image: onap/sdc-workflow-backend:1.7.0
+configInitImage: onap/sdc-workflow-init:1.7.0
  pullPolicy: Always
  
  initJob:
@@ -123,21 +123,22 @@ ingress:
    config:
      ssl: "redirect"
  
-resources: {}
-  # We usually recommend not to specify default resources and to leave this as a conscious
-  # choice for the user. This also increases chances charts run on environments with little
-  # resources, such as Minikube. If you do want to specify resources, uncomment the following
-  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-  #
-  # Example:
-  # Configure resource requests and limits
-  # ref: http://kubernetes.io/docs/user-guide/compute-resources/
-  # Minimum memory for development is 2 CPU cores and 4GB memory
-  # Minimum memory for production is 4 CPU cores and 8GB memory
-#resources:
-#  limits:
-#    cpu: 2
-#    memory: 4Gi
-#  requests:
-#    cpu: 2
-#    memory: 4Gi
+# Resource Limit flavor -By Default using small
+# Segregation for Different environment (Small and Large)
+flavor: small
+resources:
+  small:
+    limits:
+      cpu: 500m
+      memory: 2Gi
+    requests:
+      cpu: 40m
+      memory: 1Gi
+  large:
+    limits:
+      cpu: 1
+      memory: 4Gi
+    requests:
+      cpu: 80m
+      memory: 2Gi
+  unlimited: {}
diff --git a/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml b/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml

index ad10480..a5d312f 100644 (file)
--- a/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml
@@ -48,6 +48,13 @@ spec:
                fieldPath: metadata.namespace
          image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        resources:
+          limits:
+            cpu: 100m
+            memory: 100Mi
+          requests:
+            cpu: 3m
+            memory: 20Mi
        {{- if .Values.global.aafEnabled }}
        - name: {{ include "common.fullname" . }}-move-cert
          command:
@@ -63,6 +70,13 @@ spec:
          volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
            - name: sdc-certs
              mountPath: /sdc-certs
+        resources:
+          limits:
+            cpu: 100m
+            memory: 100Mi
+          requests:
+            cpu: 3m
+            memory: 20Mi
        {{- end }}
        containers:
          - name: {{ include "common.name" . }}
@@ -114,8 +128,8 @@ spec:
              readOnly: true
            {{- if .Values.global.aafEnabled }}
            - name: sdc-certs
-            mountPath: /sdc-certs
-            subpath: mycreds.prop
+            mountPath: /sdc-certs/mycreds.prop
+            subPath: mycreds.prop
            - name: sdc-certs
              mountPath: /var/lib/jetty/etc/{{ .Values.certInitializer.keystoreFile }}
              subPath: {{ .Values.certInitializer.keystoreFile }}
@@ -123,8 +137,7 @@ spec:
              mountPath: /var/lib/jetty/etc/{{ .Values.certInitializer.truststoreFile }}
              subPath: {{ .Values.certInitializer.truststoreFile }}
            {{ end }}
-          resources:
-{{ include "common.resources" . | indent 12 }}
+          resources: {{ include "common.resources" . | nindent 12 }}
          {{- if .Values.nodeSelector }}
          nodeSelector:
  {{ toYaml .Values.nodeSelector | indent 10 }}
@@ -145,6 +158,13 @@ spec:
              mountPath: /var/log/onap
            - name: {{ include "common.fullname" . }}-data-filebeat
              mountPath: /usr/share/filebeat/data
+          resources:
+            limits:
+              cpu: 100m
+              memory: 100Mi
+            requests:
+              cpu: 3m
+              memory: 20Mi
        volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
          - name: {{ include "common.fullname" . }}-localtime
            hostPath:
diff --git a/kubernetes/sdc/components/sdc-wfd-fe/values.yaml b/kubernetes/sdc/components/sdc-wfd-fe/values.yaml

index 7bb1b24..e881398 100644 (file)
--- a/kubernetes/sdc/components/sdc-wfd-fe/values.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-fe/values.yaml
@@ -51,7 +51,7 @@ certInitializer:
  #################################################################
  # application image
  repository: nexus3.onap.org:10001
-image: onap/workflow-frontend:1.6.4
+image: onap/sdc-workflow-frontend:1.7.0
  pullPolicy: Always
  
  # flag to enable debugging - application support required
@@ -114,21 +114,22 @@ ingress:
      nginx.ingress.kubernetes.io/backend-protocol: "HTTP"
      nginx.ingress.kubernetes.io/rewrite-target: "/workflows/"
  
-resources: {}
-  # We usually recommend not to specify default resources and to leave this as a conscious
-  # choice for the user. This also increases chances charts run on environments with little
-  # resources, such as Minikube. If you do want to specify resources, uncomment the following
-  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-  #
-  # Example:
-  # Configure resource requests and limits
-  # ref: http://kubernetes.io/docs/user-guide/compute-resources/
-  # Minimum memory for development is 2 CPU cores and 4GB memory
-  # Minimum memory for production is 4 CPU cores and 8GB memory
-#resources:
-#  limits:
-#    cpu: 2
-#    memory: 4Gi
-#  requests:
-#    cpu: 2
-#    memory: 4Gi
+# Resource Limit flavor -By Default using small
+# Segregation for Different environment (Small and Large)
+flavor: small
+resources:
+  small:
+    limits:
+      cpu: 500m
+      memory: 2Gi
+    requests:
+      cpu: 40m
+      memory: 1Gi
+  large:
+    limits:
+      cpu: 1
+      memory: 4Gi
+    requests:
+      cpu: 80m
+      memory: 2Gi
+  unlimited: {}
diff --git a/kubernetes/sdnc/templates/service.yaml b/kubernetes/sdnc/templates/service.yaml

index b434c40..e3be4bc 100644 (file)
--- a/kubernetes/sdnc/templates/service.yaml
+++ b/kubernetes/sdnc/templates/service.yaml
@@ -49,9 +49,9 @@ spec:
        targetPort: {{ .Values.service.internalPort4 }}
        {{ end }}
        nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }}
-      {{ if .Values.config.sdnr.enabled }}
-      Session Affinity:  ClientIP
-      {{ end }}
+  {{ if .Values.config.sdnr.enabled }}
+  sessionAffinity:  ClientIP
+  {{ end }}
    selector:
      app.kubernetes.io/name: {{ include "common.name" . }}
      app.kubernetes.io/instance: {{ include "common.release" . }}
diff --git a/kubernetes/vfc/charts/vfc-generic-vnfm-driver/resources/config/logging/log.yml b/kubernetes/vfc/charts/vfc-generic-vnfm-driver/resources/config/logging/log.yml

index 123bb29..844f993 100644 (file)
--- a/kubernetes/vfc/charts/vfc-generic-vnfm-driver/resources/config/logging/log.yml
+++ b/kubernetes/vfc/charts/vfc-generic-vnfm-driver/resources/config/logging/log.yml
@@ -11,6 +11,9 @@ loggers:
          level: "DEBUG"
          propagate: False
  handlers:
+    console:
+        class: "logging.StreamHandler"
+        formatter: "standard"
      gvnfmdriverlocal_handler:
          level: "DEBUG"
          class:
diff --git a/kubernetes/vfc/charts/vfc-generic-vnfm-driver/templates/deployment.yaml b/kubernetes/vfc/charts/vfc-generic-vnfm-driver/templates/deployment.yaml

index c6987f1..a9c92ef 100644 (file)
--- a/kubernetes/vfc/charts/vfc-generic-vnfm-driver/templates/deployment.yaml
+++ b/kubernetes/vfc/charts/vfc-generic-vnfm-driver/templates/deployment.yaml
@@ -56,12 +56,10 @@ spec:
              initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
              periodSeconds: {{ .Values.readiness.periodSeconds }}
            env:
-            - name: MSB_PROTO
-              value: "{{ .Values.global.config.msbprotocol }}"
+            - name: MSB_HOST
+              value: "{{ .Values.global.config.msbprotocol }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
              - name: SSL_ENABLED
                value: "{{ .Values.global.config.ssl_enabled }}"
-            - name: MSB_ADDR
-              value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
              - name: REG_TO_MSB_WHEN_START
                value: "{{ .Values.global.config.reg_to_msb_when_start }}"
            volumeMounts:
diff --git a/kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml b/kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml

index 2111860..96736f6 100644 (file)
--- a/kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml
+++ b/kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml
@@ -28,7 +28,7 @@ global:
  flavor: small
  
  repository: nexus3.onap.org:10001
-image: onap/vfc/gvnfmdriver:1.3.9
+image: onap/vfc/gvnfmdriver:1.4.0
  pullPolicy: Always
  
  #Istio sidecar injection policy
diff --git a/kubernetes/vfc/charts/vfc-nslcm/resources/config/logging/log.yml b/kubernetes/vfc/charts/vfc-nslcm/resources/config/logging/log.yml

index 4ae7ab1..c886062 100644 (file)
--- a/kubernetes/vfc/charts/vfc-nslcm/resources/config/logging/log.yml
+++ b/kubernetes/vfc/charts/vfc-nslcm/resources/config/logging/log.yml
@@ -11,6 +11,9 @@ loggers:
          level: "DEBUG"
          propagate: False
  handlers:
+    console:
+        class: "logging.StreamHandler"
+        formatter: "standard"
      nslcmlocal_handler:
          level: "DEBUG"
          class:
diff --git a/kubernetes/vfc/charts/vfc-nslcm/templates/deployment.yaml b/kubernetes/vfc/charts/vfc-nslcm/templates/deployment.yaml

index 9b085f8..544834d 100644 (file)
--- a/kubernetes/vfc/charts/vfc-nslcm/templates/deployment.yaml
+++ b/kubernetes/vfc/charts/vfc-nslcm/templates/deployment.yaml
@@ -76,12 +76,10 @@ spec:
              initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
              periodSeconds: {{ .Values.readiness.periodSeconds }}
            env:
-            - name: MSB_PROTO
-              value: "{{ .Values.global.config.msbprotocol }}"
+            - name: MSB_HOST
+              value: "{{ .Values.global.config.msbprotocol }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
              - name: SSL_ENABLED
                value: "{{ .Values.global.config.ssl_enabled }}"
-            - name: MSB_ADDR
-              value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
              - name: MYSQL_ADDR
                value: "{{ .Values.config.mariadbService }}:{{ .Values.config.mariadbPort }}"
              - name: MYSQL_ROOT_USER
diff --git a/kubernetes/vfc/charts/vfc-nslcm/values.yaml b/kubernetes/vfc/charts/vfc-nslcm/values.yaml

index 5478741..7d37810 100644 (file)
--- a/kubernetes/vfc/charts/vfc-nslcm/values.yaml
+++ b/kubernetes/vfc/charts/vfc-nslcm/values.yaml
@@ -38,7 +38,7 @@ secrets:
  flavor: small
  
  repository: nexus3.onap.org:10001
-image: onap/vfc/nslcm:1.3.9
+image: onap/vfc/nslcm:1.4.0
  pullPolicy: Always
  
  #Istio sidecar injection policy
diff --git a/kubernetes/vfc/charts/vfc-redis/templates/deployment.yaml b/kubernetes/vfc/charts/vfc-redis/templates/deployment.yaml

index 9eee5c7..8b32fa4 100644 (file)
--- a/kubernetes/vfc/charts/vfc-redis/templates/deployment.yaml
+++ b/kubernetes/vfc/charts/vfc-redis/templates/deployment.yaml
@@ -53,11 +53,6 @@ spec:
                port: {{ .Values.service.internalPort }}
              initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
              periodSeconds: {{ .Values.readiness.periodSeconds }}
-          env:
-            - name: MSB_ADDR
-              value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
-            - name: REG_TO_MSB_WHEN_START
-              value: "{{ .Values.global.config.reg_to_msb_when_start }}"
            resources:
  {{ include "common.resources" . | indent 12 }}
          {{- if .Values.nodeSelector }}
diff --git a/kubernetes/vfc/charts/vfc-redis/values.yaml b/kubernetes/vfc/charts/vfc-redis/values.yaml

index 80924a8..2761d05 100644 (file)
--- a/kubernetes/vfc/charts/vfc-redis/values.yaml
+++ b/kubernetes/vfc/charts/vfc-redis/values.yaml
@@ -28,7 +28,7 @@ global:
  flavor: small
  
  repository: nexus3.onap.org:10001
-image: onap/vfc/db:1.3.3
+image: onap/vfc/db:1.3.4
  pullPolicy: Always
  
  # flag to enable debugging - application support required
diff --git a/kubernetes/vfc/charts/vfc-vnflcm/resources/config/logging/log.yml b/kubernetes/vfc/charts/vfc-vnflcm/resources/config/logging/log.yml

index 4af8faa..9dbf475 100644 (file)
--- a/kubernetes/vfc/charts/vfc-vnflcm/resources/config/logging/log.yml
+++ b/kubernetes/vfc/charts/vfc-vnflcm/resources/config/logging/log.yml
@@ -11,6 +11,9 @@ loggers:
          level: "DEBUG"
          propagate: False
  handlers:
+    console:
+        class: "logging.StreamHandler"
+        formatter: "standard"
      vnfmgrlocal_handler:
          level: "DEBUG"
          class:
diff --git a/kubernetes/vfc/charts/vfc-vnflcm/templates/deployment.yaml b/kubernetes/vfc/charts/vfc-vnflcm/templates/deployment.yaml

index d61dc9d..7fd74b9 100644 (file)
--- a/kubernetes/vfc/charts/vfc-vnflcm/templates/deployment.yaml
+++ b/kubernetes/vfc/charts/vfc-vnflcm/templates/deployment.yaml
@@ -76,12 +76,10 @@ spec:
              initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
              periodSeconds: {{ .Values.readiness.periodSeconds }}
            env:
-            - name: MSB_PROTO
-              value: "{{ .Values.global.config.msbprotocol }}"
+            - name: MSB_HOST
+              value: "{{ .Values.global.config.msbprotocol }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
              - name: SSL_ENABLED
                value: "{{ .Values.global.config.ssl_enabled }}"
-            - name: MSB_ADDR
-              value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
              - name: MYSQL_ADDR
                value: "{{ .Values.config.mariadbService }}:{{ .Values.config.mariadbPort }}"
              - name: MYSQL_ROOT_USER
diff --git a/kubernetes/vfc/charts/vfc-vnflcm/values.yaml b/kubernetes/vfc/charts/vfc-vnflcm/values.yaml

index 89847ca..fafef0c 100644 (file)
--- a/kubernetes/vfc/charts/vfc-vnflcm/values.yaml
+++ b/kubernetes/vfc/charts/vfc-vnflcm/values.yaml
@@ -38,7 +38,7 @@ secrets:
  flavor: small
  
  repository: nexus3.onap.org:10001
-image: onap/vfc/vnflcm:1.3.9
+image: onap/vfc/vnflcm:1.4.0
  pullPolicy: Always
  
  #Istio sidecar injection policy
diff --git a/kubernetes/vfc/charts/vfc-vnfmgr/resources/config/logging/log.yml b/kubernetes/vfc/charts/vfc-vnfmgr/resources/config/logging/log.yml

index 4af8faa..9dbf475 100644 (file)
--- a/kubernetes/vfc/charts/vfc-vnfmgr/resources/config/logging/log.yml
+++ b/kubernetes/vfc/charts/vfc-vnfmgr/resources/config/logging/log.yml
@@ -11,6 +11,9 @@ loggers:
          level: "DEBUG"
          propagate: False
  handlers:
+    console:
+        class: "logging.StreamHandler"
+        formatter: "standard"
      vnfmgrlocal_handler:
          level: "DEBUG"
          class:
diff --git a/kubernetes/vfc/charts/vfc-vnfmgr/templates/deployment.yaml b/kubernetes/vfc/charts/vfc-vnfmgr/templates/deployment.yaml

index 3eede19..bd0b377 100644 (file)
--- a/kubernetes/vfc/charts/vfc-vnfmgr/templates/deployment.yaml
+++ b/kubernetes/vfc/charts/vfc-vnfmgr/templates/deployment.yaml
@@ -76,12 +76,10 @@ spec:
              initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
              periodSeconds: {{ .Values.readiness.periodSeconds }}
            env:
-            - name: MSB_PROTO
-              value: "{{ .Values.global.config.msbprotocol }}"
+            - name: MSB_HOST
+              value: "{{ .Values.global.config.msbprotocol }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
              - name: SSL_ENABLED
                value: "{{ .Values.global.config.ssl_enabled }}"
-            - name: MSB_ADDR
-              value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
              - name: MYSQL_ADDR
                value: "{{ .Values.config.mariadbService }}:{{ .Values.config.mariadbPort }}"
              - name: REDIS_HOST
diff --git a/kubernetes/vfc/charts/vfc-vnfmgr/values.yaml b/kubernetes/vfc/charts/vfc-vnfmgr/values.yaml

index 6fbc033..67b087f 100644 (file)
--- a/kubernetes/vfc/charts/vfc-vnfmgr/values.yaml
+++ b/kubernetes/vfc/charts/vfc-vnfmgr/values.yaml
@@ -38,7 +38,7 @@ secrets:
  flavor: small
  
  repository: nexus3.onap.org:10001
-image: onap/vfc/vnfmgr:1.3.8
+image: onap/vfc/vnfmgr:1.3.9
  pullPolicy: Always
  
  #Istio sidecar injection policy
diff --git a/kubernetes/vfc/charts/vfc-vnfres/resources/config/logging/log.yml b/kubernetes/vfc/charts/vfc-vnfres/resources/config/logging/log.yml

index c4cc1e3..7644af1 100644 (file)
--- a/kubernetes/vfc/charts/vfc-vnfres/resources/config/logging/log.yml
+++ b/kubernetes/vfc/charts/vfc-vnfres/resources/config/logging/log.yml
@@ -11,6 +11,9 @@ loggers:
          level: "DEBUG"
          propagate: False
  handlers:
+    console:
+        class: "logging.StreamHandler"
+        formatter: "standard"
      vnflcmlocal_handler:
          level: "DEBUG"
          class:
diff --git a/kubernetes/vfc/charts/vfc-vnfres/templates/deployment.yaml b/kubernetes/vfc/charts/vfc-vnfres/templates/deployment.yaml

index 32c7cd2..9f2a4c7 100644 (file)
--- a/kubernetes/vfc/charts/vfc-vnfres/templates/deployment.yaml
+++ b/kubernetes/vfc/charts/vfc-vnfres/templates/deployment.yaml
@@ -76,12 +76,10 @@ spec:
              initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
              periodSeconds: {{ .Values.readiness.periodSeconds }}
            env:
-            - name: MSB_PROTO
-              value: "{{ .Values.global.config.msbprotocol }}"
+            - name: MSB_HOST
+              value: "{{ .Values.global.config.msbprotocol }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
              - name: SSL_ENABLED
                value: "{{ .Values.global.config.ssl_enabled }}"
-            - name: MSB_ADDR
-              value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
              - name: MYSQL_ADDR
                value: "{{ .Values.config.mariadbService }}:{{ .Values.config.mariadbPort }}"
              - name: REDIS_HOST
diff --git a/kubernetes/vfc/charts/vfc-vnfres/values.yaml b/kubernetes/vfc/charts/vfc-vnfres/values.yaml

index 82b74e0..1b6fc79 100644 (file)
--- a/kubernetes/vfc/charts/vfc-vnfres/values.yaml
+++ b/kubernetes/vfc/charts/vfc-vnfres/values.yaml
@@ -38,7 +38,7 @@ secrets:
  flavor: small
  
  repository: nexus3.onap.org:10001
-image: onap/vfc/vnfres:1.3.7
+image: onap/vfc/vnfres:1.3.8
  pullPolicy: Always
  
  #Istio sidecar injection policy
diff --git a/kubernetes/vfc/charts/vfc-zte-vnfm-driver/resources/config/logging/log.yml b/kubernetes/vfc/charts/vfc-zte-vnfm-driver/resources/config/logging/log.yml

index a0bf170..6c00048 100644 (file)
--- a/kubernetes/vfc/charts/vfc-zte-vnfm-driver/resources/config/logging/log.yml
+++ b/kubernetes/vfc/charts/vfc-zte-vnfm-driver/resources/config/logging/log.yml
@@ -11,6 +11,9 @@ loggers:
          level: "DEBUG"
          propagate: False
  handlers:
+    console:
+        class: "logging.StreamHandler"
+        formatter: "standard"
      ztevnfmdriverlocal_handler:
          level: "DEBUG"
          class:
diff --git a/kubernetes/vfc/charts/vfc-zte-vnfm-driver/templates/deployment.yaml b/kubernetes/vfc/charts/vfc-zte-vnfm-driver/templates/deployment.yaml

index bcae4ac..32e4133 100644 (file)
--- a/kubernetes/vfc/charts/vfc-zte-vnfm-driver/templates/deployment.yaml
+++ b/kubernetes/vfc/charts/vfc-zte-vnfm-driver/templates/deployment.yaml
@@ -72,12 +72,10 @@ spec:
              initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
              periodSeconds: {{ .Values.readiness.periodSeconds }}
            env:
-            - name: MSB_PROTO
-              value: "{{ .Values.global.config.msbprotocol }}"
+            - name: MSB_HOST
+              value: "{{ .Values.global.config.msbprotocol }}://{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
              - name: SSL_ENABLED
                value: "{{ .Values.global.config.ssl_enabled }}"
-            - name: MSB_ADDR
-              value: "{{ .Values.global.config.msbServiceName }}:{{ .Values.global.config.msbPort }}"
              - name: REG_TO_MSB_WHEN_START
                value: "{{ .Values.global.config.reg_to_msb_when_start }}"
            volumeMounts:
diff --git a/kubernetes/vfc/charts/vfc-zte-vnfm-driver/values.yaml b/kubernetes/vfc/charts/vfc-zte-vnfm-driver/values.yaml

index 18cd207..7ebd3a5 100644 (file)
--- a/kubernetes/vfc/charts/vfc-zte-vnfm-driver/values.yaml
+++ b/kubernetes/vfc/charts/vfc-zte-vnfm-driver/values.yaml
@@ -28,7 +28,7 @@ global:
  flavor: small
  
  repository: nexus3.onap.org:10001
-image: onap/vfc/ztevnfmdriver:1.3.6
+image: onap/vfc/ztevnfmdriver:1.3.7
  pullPolicy: Always
  
  #Istio sidecar injection policy
diff --git a/kubernetes/vnfsdk/resources/config/configuration.xml b/kubernetes/vnfsdk/resources/config/configuration.xml

index 6bd4e1c..09b6551 100644 (file)
--- a/kubernetes/vnfsdk/resources/config/configuration.xml
+++ b/kubernetes/vnfsdk/resources/config/configuration.xml
@@ -23,7 +23,7 @@ PUBLIC "//mybatis.org//DTD Config 3.0//EN"
              <transactionManager type="JDBC" />
              <dataSource type="UNPOOLED">
                  <property name="driver" value="org.postgresql.Driver" />
-                <property name="url" value="jdbc:postgresql://{{ .Values.postgres.service.name }}:{{ .Values.postgres.service.externalPort }}/marketplaceDB" />
+                <property name="url" value="jdbc:postgresql://{{.Values.postgres.service.name2}}:{{.Values.postgres.service.externalPort}}/marketplaceDB" />
                  <property name="username" value="${PG_USER}" />
                  <property name="password" value="${PG_PASSWORD}" />
              </dataSource>
diff --git a/kubernetes/vnfsdk/templates/deployment.yaml b/kubernetes/vnfsdk/templates/deployment.yaml

index 06ce212..60edcff 100644 (file)
--- a/kubernetes/vnfsdk/templates/deployment.yaml
+++ b/kubernetes/vnfsdk/templates/deployment.yaml
@@ -73,7 +73,7 @@ spec:
          name: {{ include "common.name" . }}
          resources:
  {{ include "common.resources" . | indent 12 }}
-        volumes:
+        volumeMounts:
          - mountPath: /service/webapps/ROOT/WEB-INF/classes/mybatis/configuration/configuration.xml
            name: init-data
            subPath: configuration.xml
diff --git a/kubernetes/vnfsdk/values.yaml b/kubernetes/vnfsdk/values.yaml

index b72f396..3e0e235 100644 (file)
--- a/kubernetes/vnfsdk/values.yaml
+++ b/kubernetes/vnfsdk/values.yaml
@@ -43,7 +43,7 @@ secrets:
  #################################################################
  # application image
  repository: nexus3.onap.org:10001
-image: onap/vnfsdk/refrepo:1.5.2
+image: onap/vnfsdk/refrepo:1.6.0
  postgresRepository: crunchydata
  postgresImage: crunchy-postgres:centos7-10.3-1.8.2
  pullPolicy: Always
author	Sylvain Desbureaux <sylvain.desbureaux@orange.com>
	Fri, 9 Oct 2020 06:18:11 +0000 (06:18 +0000)
committer	Gerrit Code Review <gerrit@onap.org>
	Fri, 9 Oct 2020 06:18:11 +0000 (06:18 +0000)
kubernetes/a1policymanagement/values.yaml		patch \| blob \| history
kubernetes/aai		patch \| blob \| history
kubernetes/clamp/components/clamp-backend/resources/config/application.properties		patch \| blob \| history
kubernetes/clamp/components/clamp-backend/values.yaml		patch \| blob \| history
kubernetes/clamp/components/clamp-dash-es/values.yaml		patch \| blob \| history
kubernetes/clamp/components/clamp-dash-kibana/values.yaml		patch \| blob \| history
kubernetes/clamp/components/clamp-dash-logstash/resources/config/pipeline.conf		patch \| blob \| history
kubernetes/clamp/components/clamp-dash-logstash/values.yaml		patch \| blob \| history
kubernetes/clamp/values.yaml		patch \| blob \| history
kubernetes/common/elasticsearch/components/data/values.yaml		patch \| blob \| history
kubernetes/common/elasticsearch/components/master/values.yaml		patch \| blob \| history
kubernetes/common/elasticsearch/values.yaml		patch \| blob \| history
kubernetes/contrib/components/awx/charts/awx/templates/job.yaml		patch \| blob \| history
kubernetes/contrib/components/awx/charts/awx/templates/statefulset.yaml		patch \| blob \| history
kubernetes/contrib/components/awx/values.yaml		patch \| blob \| history
kubernetes/contrib/components/ejbca/values.yaml		patch \| blob \| history
kubernetes/contrib/components/netbox/charts/netbox-app/templates/job.yaml		patch \| blob \| history
kubernetes/contrib/components/netbox/values.yaml		patch \| blob \| history
kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml		patch \| blob \| history
kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-tcagen2-inputs.yaml		patch \| blob \| history
kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs-tls.yaml		patch \| blob \| history
kubernetes/dcaegen2/components/dcae-bootstrap/resources/inputs/k8s-ves-inputs.yaml		patch \| blob \| history
kubernetes/dcaegen2/components/dcae-bootstrap/templates/deployment.yaml		patch \| blob \| history
kubernetes/dcaegen2/components/dcae-bootstrap/templates/secret.yaml		patch \| blob \| history
kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml		patch \| blob \| history
kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/deployment.yaml		patch \| blob \| history
kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/namespace.yaml		patch \| blob \| history
kubernetes/dcaegen2/components/dcae-cloudify-manager/templates/secret.yaml		patch \| blob \| history
kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml		patch \| blob \| history
kubernetes/dcaegen2/components/dcae-config-binding-service/templates/deployment.yaml		patch \| blob \| history
kubernetes/dcaegen2/components/dcae-dashboard/templates/deployment.yaml		patch \| blob \| history
kubernetes/dcaegen2/components/dcae-dashboard/templates/secret.yaml		patch \| blob \| history
kubernetes/dcaegen2/components/dcae-dashboard/values.yaml		patch \| blob \| history
kubernetes/dcaegen2/components/dcae-deployment-handler/templates/deployment.yaml		patch \| blob \| history
kubernetes/dcaegen2/components/dcae-deployment-handler/templates/secrets.yaml	[new file with mode: 0644]	patch \| blob
kubernetes/dcaegen2/components/dcae-deployment-handler/values.yaml		patch \| blob \| history
kubernetes/dcaegen2/components/dcae-policy-handler/templates/deployment.yaml		patch \| blob \| history
kubernetes/dcaegen2/components/dcae-policy-handler/templates/secrets.yaml	[new file with mode: 0644]	patch \| blob
kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml		patch \| blob \| history
kubernetes/dcaegen2/templates/secrets.yaml	[new file with mode: 0644]	patch \| blob
kubernetes/dcaegen2/values.yaml		patch \| blob \| history
kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml		patch \| blob \| history
kubernetes/dmaap/components/dmaap-dr-node/values.yaml		patch \| blob \| history
kubernetes/dmaap/components/dmaap-dr-prov/values.yaml		patch \| blob \| history
kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml		patch \| blob \| history
kubernetes/dmaap/components/message-router/charts/message-router-zookeeper/templates/statefulset.yaml		patch \| blob \| history
kubernetes/modeling/charts/modeling-etsicatalog/requirements.yaml		patch \| blob \| history
kubernetes/modeling/charts/modeling-etsicatalog/templates/deployment.yaml		patch \| blob \| history
kubernetes/modeling/charts/modeling-etsicatalog/templates/secrets.yaml		patch \| blob \| history
kubernetes/modeling/charts/modeling-etsicatalog/templates/service.yaml		patch \| blob \| history
kubernetes/modeling/charts/modeling-etsicatalog/values.yaml		patch \| blob \| history
kubernetes/nbi/templates/deployment.yaml		patch \| blob \| history
kubernetes/nbi/values.yaml		patch \| blob \| history
kubernetes/oof/Makefile		patch \| blob \| history
kubernetes/oof/components/Makefile		patch \| blob \| history
kubernetes/oof/components/oof-cmso/Makefile		patch \| blob \| history
kubernetes/oof/components/oof-cmso/components/Makefile		patch \| blob \| history
kubernetes/oof/components/oof-has/Makefile		patch \| blob \| history
kubernetes/oof/components/oof-has/components/Makefile		patch \| blob \| history
kubernetes/oof/components/oof-has/components/oof-has-api/templates/ingress.yaml		patch \| blob \| history
kubernetes/platform/Makefile		patch \| blob \| history
kubernetes/platform/components/Makefile		patch \| blob \| history
kubernetes/platform/components/oom-cert-service/templates/deployment.yaml		patch \| blob \| history
kubernetes/platform/components/oom-cert-service/templates/secret.yaml		patch \| blob \| history
kubernetes/platform/components/oom-cert-service/templates/service.yaml		patch \| blob \| history
kubernetes/policy/components/policy-api/resources/config/config.json		patch \| blob \| history
kubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml		patch \| blob \| history
kubernetes/portal/Makefile		patch \| blob \| history
kubernetes/portal/components/Makefile		patch \| blob \| history
kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties		patch \| blob \| history
kubernetes/portal/components/portal-app/templates/deployment.yaml		patch \| blob \| history
kubernetes/portal/components/portal-app/values.yaml		patch \| blob \| history
kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh		patch \| blob \| history
kubernetes/portal/components/portal-mariadb/templates/deployment.yaml		patch \| blob \| history
kubernetes/portal/components/portal-mariadb/templates/secrets.yaml		patch \| blob \| history
kubernetes/portal/components/portal-mariadb/values.yaml		patch \| blob \| history
kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties		patch \| blob \| history
kubernetes/portal/components/portal-sdk/templates/deployment.yaml		patch \| blob \| history
kubernetes/portal/components/portal-sdk/values.yaml		patch \| blob \| history
kubernetes/portal/values.yaml		patch \| blob \| history
kubernetes/robot		patch \| blob \| history
kubernetes/sdc/components/sdc-be/templates/deployment.yaml		patch \| blob \| history
kubernetes/sdc/components/sdc-be/templates/job.yaml		patch \| blob \| history
kubernetes/sdc/components/sdc-be/values.yaml		patch \| blob \| history
kubernetes/sdc/components/sdc-cs/templates/job.yaml		patch \| blob \| history
kubernetes/sdc/components/sdc-cs/values.yaml		patch \| blob \| history
kubernetes/sdc/components/sdc-fe/templates/deployment.yaml		patch \| blob \| history
kubernetes/sdc/components/sdc-fe/values.yaml		patch \| blob \| history
kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml		patch \| blob \| history
kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml		patch \| blob \| history
kubernetes/sdc/components/sdc-onboarding-be/values.yaml		patch \| blob \| history
kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml		patch \| blob \| history
kubernetes/sdc/components/sdc-wfd-be/templates/job.yaml		patch \| blob \| history
kubernetes/sdc/components/sdc-wfd-be/values.yaml		patch \| blob \| history
kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml		patch \| blob \| history
kubernetes/sdc/components/sdc-wfd-fe/values.yaml		patch \| blob \| history
kubernetes/sdnc/templates/service.yaml		patch \| blob \| history
kubernetes/vfc/charts/vfc-generic-vnfm-driver/resources/config/logging/log.yml		patch \| blob \| history
kubernetes/vfc/charts/vfc-generic-vnfm-driver/templates/deployment.yaml		patch \| blob \| history
kubernetes/vfc/charts/vfc-generic-vnfm-driver/values.yaml		patch \| blob \| history
kubernetes/vfc/charts/vfc-nslcm/resources/config/logging/log.yml		patch \| blob \| history
kubernetes/vfc/charts/vfc-nslcm/templates/deployment.yaml		patch \| blob \| history
kubernetes/vfc/charts/vfc-nslcm/values.yaml		patch \| blob \| history
kubernetes/vfc/charts/vfc-redis/templates/deployment.yaml		patch \| blob \| history
kubernetes/vfc/charts/vfc-redis/values.yaml		patch \| blob \| history
kubernetes/vfc/charts/vfc-vnflcm/resources/config/logging/log.yml		patch \| blob \| history
kubernetes/vfc/charts/vfc-vnflcm/templates/deployment.yaml		patch \| blob \| history
kubernetes/vfc/charts/vfc-vnflcm/values.yaml		patch \| blob \| history
kubernetes/vfc/charts/vfc-vnfmgr/resources/config/logging/log.yml		patch \| blob \| history
kubernetes/vfc/charts/vfc-vnfmgr/templates/deployment.yaml		patch \| blob \| history
kubernetes/vfc/charts/vfc-vnfmgr/values.yaml		patch \| blob \| history
kubernetes/vfc/charts/vfc-vnfres/resources/config/logging/log.yml		patch \| blob \| history
kubernetes/vfc/charts/vfc-vnfres/templates/deployment.yaml		patch \| blob \| history
kubernetes/vfc/charts/vfc-vnfres/values.yaml		patch \| blob \| history
kubernetes/vfc/charts/vfc-zte-vnfm-driver/resources/config/logging/log.yml		patch \| blob \| history
kubernetes/vfc/charts/vfc-zte-vnfm-driver/templates/deployment.yaml		patch \| blob \| history
kubernetes/vfc/charts/vfc-zte-vnfm-driver/values.yaml		patch \| blob \| history
kubernetes/vnfsdk/resources/config/configuration.xml		patch \| blob \| history
kubernetes/vnfsdk/templates/deployment.yaml		patch \| blob \| history
kubernetes/vnfsdk/values.yaml		patch \| blob \| history