To deploy all ONAP applications use this command::
> cd oom/kubernetes
- > helm deploy dev local/onap --namespace onap --set global.masterPassword=myAwesomePasswordThatINeedToChange -f onap/resources/overrides/onap-all.yaml -f onap/resources/overrides/environment.yaml -f onap/resources/overrides/openstack.yaml --timeout 900s
+ > helm deploy dev local/onap --namespace onap --create-namespace --set global.masterPassword=myAwesomePasswordThatINeedToChange -f onap/resources/overrides/onap-all.yaml -f onap/resources/overrides/environment.yaml -f onap/resources/overrides/openstack.yaml --timeout 900s
All override files may be customized (or replaced by other overrides) as per
needs.
The Helm search command reads through all of the repositories configured on the
system, and looks for matches::
- > helm search -l
+ > helm search repo local
NAME VERSION DESCRIPTION
local/appc 2.0.0 Application Controller
local/clamp 2.0.0 ONAP Clamp
six
sphinx_rtd_theme>=0.4.3
sphinxcontrib-blockdiag
-sphinxcontrib-needs>=0.2.3
+sphinxcontrib-needs<0.6.0
sphinxcontrib-nwdiag
sphinxcontrib-redoc
sphinxcontrib-seqdiag
--- /dev/null
+AAF
+AAI
+adaptor
+Adaptor
+adaptors
+Adaptors
+Alcatel
+Ansible
+API
+APIs
+APPC
+ASCII
+Avro
+BPMN
+Camunda
+Cask
+Cassandra
+CCSDK
+CD
+CDAP
+Ceilometer
+CentOS
+CI
+CLI
+Cloudify
+Codec
+committer
+committers
+CommonMark
+Contrail
+CPU
+CRM
+CSCF
+CSIT
+cyber
+DBaaS
+DCAE
+DevOps
+DHCP
+Django
+DMaaP
+DNS
+DNSaaS
+DPDK
+Ebook
+elasticsearch
+Elasticsearch
+Enablement
+enum
+Enum
+env
+Env
+ENV
+ethernet
+Facebook
+failover
+fallback
+Fcaps
+Financials
+geocoder
+Gerrit
+Github
+graphSON
+guestOS
+gui
+Hadoop
+hardcoded
+hashtag
+healthcheck
+healthCheck
+Healthcheck
+HealthCheck
+healthchecks
+heatbridge
+heatclient
+HeatStack
+hostname
+hostName
+Hostname
+hostnames
+hostOS
+htm
+html
+http
+Http
+httpclient
+httpcomponents
+httpdomain
+httpHeader
+httpPort
+httpreturncode
+https
+httpStatusCode
+Huawei
+hyperlink
+Hyperlink
+hypervisor
+Hypervisor
+hypervisors
+Hypervisors
+IaaS
+indices
+Indices
+inline
+internet
+interoperable
+interoperate
+Interoperate
+interoperation
+interwork
+Interworking
+IoT
+ip
+Ip
+IP
+ipAddress
+iPAddress
+IPAddress
+ipam
+Ipam
+ipVersion
+Jacoco
+java
+javalib
+javascript
+Javascript
+jboss
+JBoss
+Jenkins
+Jira
+jpath
+json
+Json
+jsonObject
+jsonObjectInstance
+jsonObjects
+jsonschema
+jtosca
+junit
+Junit
+JUnit
+Junits
+JUnits
+keypair
+Keypair
+keypairs
+keyserver
+keyservers
+keyspace
+Keyspace
+keyspaceName
+keyspaces
+keystore
+keytool
+keyValue
+Kibana
+Kibibytes
+Kubernetes
+LF
+lifecycle
+Lifecycle
+lifecycles
+locator
+logback
+Logback
+logfiles
+Logfiles
+logoffs
+Logoffs
+logon
+Logstash
+macAddress
+MacAddress
+macOS
+Malware
+metadata
+Metadata
+microservice
+Microservice
+microservices
+Microservices
+middleware
+msb
+MSB
+multicast
+multicloud
+Multicloud
+MultiCloud
+multipart
+Mysql
+NaaS
+nameserver
+nameservers
+namespace
+Namespace
+namespaced
+namespaces
+Namespaces
+Netconf
+nfv
+NFV
+nfvi
+nfvo
+nfvparser
+Nokia
+NSD
+OAM
+Ocata
+ODL
+Onap
+ONAP
+onboard
+Onboard
+onboarded
+Onboarded
+onboarding
+Onboarding
+online
+OOF
+OOM
+OpenDaylight
+openo
+OpenO
+Opensource
+Openstack
+OpenStack
+OSS
+Pandoc
+partitionKey
+Partitionkey
+passphrase
+PCRF
+pdf
+PGaaS
+Phishing
+PKI
+placemark
+Placemark
+placemarks
+plantUML
+playbook
+Playbook
+playbooks
+Playbooks
+plugin
+Plugin
+plugins
+Plugins
+PNF
+PoC
+Postgre
+Postgres
+Postgresql
+preload
+Preload
+proactively
+programmatically
+proxyhost
+pserver
+pServer
+pservers
+QoS
+quickstart
+Quickstart
+Rackspace
+readme
+readthedocs
+Readthedocs
+Redhat
+Redis
+refactored
+Refactored
+registrator
+Registrator
+repo
+Repo
+repos
+Restconf
+reStructuredText
+reusability
+Reusability
+RMM
+roadmap
+roadmaps
+RPT
+rst
+RST
+RVMI
+schemas
+screensaver
+sdc
+Sdc
+SDC
+sdk
+SDK
+SDN
+sdnc
+Sdnc
+SDNC
+Selenium
+servlet
+Servlet
+Skynet
+SLI
+SMP
+SNMP
+SPI
+SQL
+stateful
+subclassed
+subclassing
+subdomain
+subflows
+suboperation
+suboperations
+Suboperations
+subtending
+syslog
+sysLog
+Syslog
+syslogs
+Syslogs
+tablename
+taxonomical
+TBD
+Telco
+telecom
+Telecom
+templated
+templating
+timeframe
+timeslots
+timestamp
+Timestamp
+transcoding
+UDP
+UI
+uncheck
+undeploy
+Undeploy
+undeployed
+undeploying
+Undeployment
+uninstall
+uninstallation
+uninstalled
+unitless
+Unregistration
+updatable
+uploadable
+url
+Url
+urls
+usecase
+Usecase
+userid
+username
+Username
+usernames
+validator
+Validator
+vcpu
+vcpus
+vdns
+versioned
+Versioned
+versioning
+Versioning
+vertices
+Vertices
+vf
+vF
+vfc
+vFC
+VFC
+vfcadaptor
+vfirewall
+vFirewall
+vfmodule
+vfModule
+VfModule
+vfModules
+vfstatus
+vfStatus
+virtualization
+Virtualization
+virtualize
+virtualized
+Virtualized
+virtualizes
+virtualizing
+vlan
+Vld
+vm
+Vm
+VM
+vms
+VMs
+VMware
+vnf
+vNF
+Vnf
+VNF
+vnfapi
+vnfc
+VNFFG
+vnfm
+Vnfm
+VNFM
+VNFMs
+vnfs
+vNFs
+vnfsdk
+VPN
+vrouter
+vserver
+vServer
+Vserver
+vservers
+Vservers
+vswitch
+VVP
+Vyatta
+webapp
+webapps
+Webpage
+webserver
+WebServer
+Websocket
+Websockets
+whitebox
+whiteboxes
+whitepaper
+wiki
+Wiki
+Wikis
+Wildfly
+Windriver
+Wireline
+workflow
+Workflow
+workflows
+www
+xml
+Xmx
+Yaml
+yamls
+zabbix
+Zachman
+Zookeeper
+ZTE
+++ /dev/null
-[tox]
-minversion = 1.6
-envlist = docs,
-skipsdist = true
-
-[testenv:docs]
-basepython = python3
-deps = -r{toxinidir}/requirements-docs.txt
-commands =
- sphinx-build -b html -n -d {envtmpdir}/doctrees ./ {toxinidir}/_build/html
- echo "Generated docs available in {toxinidir}/_build/html"
-whitelist_externals =
- echo
- git
- sh
-
-[testenv:docs-linkcheck]
-basepython = python3
-#deps = -r{toxinidir}/requirements-docs.txt
-commands = echo "Link Checking not enforced"
-#commands = sphinx-build -b linkcheck -d {envtmpdir}/doctrees ./ {toxinidir}/_build/linkcheck
-whitelist_externals = echo
# See the License for the specific language governing permissions and
# limitations under the License.
- dependencies:
+dependencies:
- name: common
version: ~7.x-0
repository: '@local'
--- /dev/null
+{{/*
+#
+# Sample Identities.dat
+# This file is for use with the "Default Organization". It is a simple mechanism to have a basic ILM structure to use with
+# out-of-the-box tire-kicking, or even for Small companies
+#
+# For Larger Companies, you will want to create a new class implementing the "Organization" interface, making calls to your ILM, or utilizing
+# batch feeds, as is appropriate for your company.
+#
+# Example Field Layout. note, in this example, Application IDs and People IDs are mixed. You may want to split
+# out AppIDs, choose your own status indicators, or whatever you use.
+# 0 - unique ID
+# 1 - full name
+# 2 - first name
+# 3 - last name
+# 4 - phone
+# 5 - official email
+# 6 - employment status e=employee, c=contractor, a=application, n=no longer with company
+# 7 - responsible to (i.e Supervisor for People, or AppOwner, if it's an App ID)
+#
+*/}}
+
+iowna|Ima D. Owner|Ima|Owner|314-123-2000|ima.d.owner@people.osaaf.com|e|
+mmanager|Mark D. Manager|Mark|Manager|314-123-1234|mark.d.manager@people.osaaf.com|e|iowna
+bdevl|Robert D. Developer|Bob|Developer|314-123-1235|bob.d.developer@people.osaaf.com|e|mmanager
+mmarket|Mary D. Marketer|Mary|Marketer|314-123-1236|mary.d.marketer@people.osaaf.com|e|mmanager
+ccontra|Clarice D. Contractor|Clarice|Contractor|314-123-1237|clarice.d.contractor@people.osaaf.com|c|mmanager
+iretired|Ira Lee M. Retired|Ira|Retired|314-123-1238|clarice.d.contractor@people.osaaf.com|n|mmanager
+
+# Portal Identities
+portal|ONAP Portal Application|PORTAL|ONAP Application|314-123-1234|portal@people.osaaf.com|a|aaf_admin
+shi|ONAP SHI Portal Identity|shi|Portal Application|314-123-1234|shi@people.osaaf.com|a|aaf_admin
+demo|PORTAL DEMO|demo|PORTAL|DEMO|314-123-1234|demo@people.osaaf.com|e|aaf_admin
+jh0003|PORTAL ADMIN|jh|PORTAL ADMIN|314-123-1234|jh0003@people.osaaf.com|e|aaf_admin
+cs0008|PORTAL DESIGNER|cs|PORTAL DESIGNER|314-123-1234|cs0008@people.osaaf.com|e|aaf_admin
+jm0007|PORTAL TESTER|jm|PORTAL TESTER|314-123-1234|jm0007@people.osaaf.com|e|aaf_admin
+op0001|PORTAL OPS|op|PORTAL OPS|314-123-1234|op0001@people.osaaf.com|e|aaf_admin
+gv0001|GV PORTAL|gv|PORTAL|314-123-1234|gv0001@people.osaaf.com|e|aaf_admin
+pm0001|PM PORTAL|pm|PORTAL|314-123-1234|pm0001@people.osaaf.com|e|aaf_admin
+gs0001|GS PORTAL|gs|PORTAL|314-123-1234|gs0001@people.osaaf.com|e|aaf_admin
+ps0001|PS PORTAL|ps|PORTAL|314-123-1234|ps0001@people.osaaf.com|e|aaf_admin
+
+# AAF Defined Users
+aaf_admin|AAF Administrator|Mr AAF|AAF Admin|314-123-1234|aaf_admin@people.osaaf.com|e|mmanager
+deployer|Deployer|Deployer|Depoyer|314-123-1234|deployer@people.osaaf.com|e|aaf_admin
+
+# Requested Users
+portal_admin|Portal Admin|Portal|Admin|314-123-1234|portal_admin@people.osaaf.com|e|mmanager
+
+# ONAP App IDs
+aaf|AAF Application|AAF|Application|314-123-1234|no_reply@people.osaaf.com|a|aaf_admin
+aaf-sms|AAF SMS Application|AAF SMS|Application|314-123-1234|no_reply@people.osaaf.com|a|aaf_admin
+clamp|ONAP CLAMP Application|CLAMP|Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+aai|ONAP AAI Application|AAI|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+appc|ONAP APPC Application|APPC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+dcae|ONAP DCAE Application|CLAMP|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+oof|ONAP OOF Application|OOF|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+so|ONAP SO Application|SO|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+sdc|ONAP SDC Application|SDC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+sdnc|ONAP SDNC Application|SDNC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+sdnc-cds|ONAP SDNC CDS Application|SDNC-CDS|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+vfc|ONAP VFC Application|VNC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+policy|ONAP Policy Application|POLICY|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+pomba|ONAP Pomba Application|POMBA|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+holmes|ONAP Holmes Application|HOLMES|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+nbi|ONAP NBI Application|NBI|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+music|ONAP MUSIC Application|MUSIC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+# VID Identities
+vid|ONAP VID Application|VID|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+vid1|ONAP VID Application 1|VID 1|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+vid2|ONAP VID Application 2|VID 2|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+# DMAAP Identities
+dmaap-bc|ONAP DMaap BC Application|DMaap BC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+dmaap-bc-topic-mgr|ONAP DMaap BC Topic Manager|DMaap BC Topic Manager|DMaap BC|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+dmaap-bc-mm-prov|ONAP DMaap BC Provisioning Manager|DMaap BC Provision Manager|DMaap BC|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+dmaap-dr|ONAP DMaap DR|Prov|DMaap DR|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+dmaap-dr-prov|ONAP DMaap DR Prov|Prov|DMaap MR|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+dmaap-dr-node|ONAP DMaap DR Node|Node|DMaap MR|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+dmaap-mr|ONAP DMaap MR Application|DMaap MR|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+#deprecate these in El Alto
+dmaapmr|ONAP DMaap MR Application|DMaap MR|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+#dmaap.mr|ONAP DMaap MR Application|DMaap MR|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
--- /dev/null
+aaf@aaf.osaaf.org|aaf-hello|local|/opt/app/osaaf/local||mailto:|org.osaaf.aaf|root|30|{'aaf-hello', 'aaf-hello.api.simpledemo.onap.org', 'aaf-hello.onap', 'aaf.osaaf.org'}|aaf_admin@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
+aaf@aaf.osaaf.org|aaf|local|/opt/app/osaaf/local||mailto:|org.osaaf.aaf|root|30|{'aaf', 'aaf.api.simpledemo.onap.org', 'aaf.onap'}|aaf_admin@osaaf.org|{'pkcs12', 'script'}
+aaf-sms@aaf-sms.onap.org|aaf-sms|local|/opt/app/osaaf/local||mailto:|org.onap.aaf-sms|root|30|{'aaf-sms-db.onap', 'aaf-sms.api.simpledemo.onap.org', 'aaf-sms.onap', 'aaf-sms.simpledemo.onap.org'}|aaf_admin@osaaf.org|{'file'}
+aai@aai.onap.org|aai1|local|/opt/app/osaaf/local||mailto:|org.onap.aai|root|30|{'aai-sparky-be.onap', 'aai.api.simpledemo.onap.org', 'aai.elasticsearch.simpledemo.onap.org', 'aai.gremlinserver.simpledemo.onap.org', 'aai.hbase.simpledemo.onap.org', 'aai.onap', 'aai.searchservice.simpledemo.onap.org', 'aai.simpledemo.onap.org', 'aai.ui.simpledemo.onap.org'}|aaf_admin@osaaf.org|{'pkcs12'}
+aai@aai.onap.org|aai2|aaf|/Users/jf2512||mailto:|org.onap.aai|jf2512|60|{'aai.api.simpledemo.onap.org', 'aai.elasticsearch.simpledemo.onap.org', 'aai.gremlinserver.simpledemo.onap.org', 'aai.hbase.simpledemo.onap.org', 'aai.onap', 'aai.onap aai-sparky-be.onap', 'aai.searchservice.simpledemo.onap.org', 'aai.simpledemo.onap.org', 'aai.ui.simpledemo.onap.org aai1.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
+aai@aai.onap.org|aai|local|/opt/app/osaaf/local||mailto:|org.onap.aai|root|60|{'aai-search-data.onap', 'aai-sparky-be.onap', 'aai.api.simpledemo.onap.org', 'aai.elasticsearch.simpledemo.onap.org', 'aai.gremlinserver.simpledemo.onap.org', 'aai.hbase.simpledemo.onap.org', 'aai.onap', 'aai.searchservice.simpledemo.onap.org', 'aai.simpledemo.onap.org', 'aai.ui.simpledemo.onap.org'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12'}
+aai@aai.onap.org|aai.onap|local|/opt/app/osaaf/local||mailto:|org.onap.aai|root|30|{'aai-sparky-be.onap', 'aai.api.simpledemo.onap.org', 'aai.elasticsearch.simpledemo.onap.org', 'aai.gremlinserver.simpledemo.onap.org', 'aai.hbase.simpledemo.onap.org', 'aai.onap', 'aai.searchservice.simpledemo.onap.org', 'aai.simpledemo.onap.org', 'aai.ui.simpledemo.onap.org'}|aaf_admin@osaaf.org|{'file', 'jks', 'pkcs12'}
+aai@aai.onap.org|mithrilcsp.sbc.com|local|/tmp/onap||mailto:|org.onap.aai|jg1555|30|{'aai-sparky-be.onap', 'aai.api.simpledemo.onap.org', 'aai.elasticsearch.simpledemo.onap.org', 'aai.gremlinserver.simpledemo.onap.org', 'aai.hbase.simpledemo.onap.org', 'aai.onap', 'aai.searchservice.simpledemo.onap.org', 'aai.simpledemo.onap.org', 'aai.ui.simpledemo.onap.org'}|aaf_admin@osaaf.org|{'file', 'pkcs12', 'script'}
+appc@appc.onap.org|appc|local|/opt/app/osaaf/local||mailto:|org.onap.appc|root|60|{'appc.api.simpledemo.onap.org', 'appc.onap', 'appc.simpledemo.onap.org'}|mmanager@osaaf.org|{'pkcs12'}
+clamp@clamp.onap.org|clamp|local|/opt/app/osaaf/local||mailto:|org.onap.clamp|root|30|{'clamp', 'clamp-onap', 'clamp.api.simpledemo.onap.org', 'clamp.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
+clamp@clamp.onap.org|mithrilcsp.sbc.com|local|/tmp/onap||mailto:|org.onap.clamp|jg1555|30|{'clamp.api.simpledemo.onap.org', 'clamp.onap'}|aaf_admin@osaaf.org|{'file', 'pkcs12'}
+dcae@dcae.onap.org|dcae|local|/opt/app/osaaf/local||mailto:|org.onap.dcae|root|60|{'bbs-event-processor', 'bbs-event-processor.onap', 'bbs-event-processor.onap.svc.cluster.local', 'config-binding-service', 'config-binding-service.onap', 'config-binding-service.onap.svc.cluster.local', 'dashboard', 'dashboard.onap', 'dashboard.onap.svc.cluster.local', 'dcae-cloudify-manager', 'dcae-cloudify-manager.onap', 'dcae-cloudify-manager.onap.svc.cluster.local', 'dcae-datafile-collector', 'dcae-datafile-collector.onap', 'dcae-datafile-collector.onap.svc.cluster.local', 'dcae-hv-ves-collector', 'dcae-hv-ves-collector.onap', 'dcae-hv-ves-collector.onap.svc.cluster.local', 'dcae-pm-mapper', 'dcae-pm-mapper.onap', 'dcae-pm-mapper.onap.svc.cluster.local', 'dcae-pmsh', 'dcae-pmsh.onap', 'dcae-pmsh.onap.svc.cluster.local', 'dcae-prh', 'dcae-prh.onap', 'dcae-prh.onap.svc.cluster.local', 'dcae-tca-analytics', 'dcae-tca-analytics.onap', 'dcae-tca-analytics.onap.svc.cluster.local', 'dcae-ves-collector', 'dcae-ves-collector.onap', 'dcae-ves-collector.onap.svc.cluster.local', 'deployment-handler', 'deployment-handler.onap', 'deployment-handler.onap.svc.cluster.local', 'holmes-engine-mgmt', 'holmes-engine-mgmt.onap', 'holmes-engine-mgmt.onap.svc.cluster.local', 'holmes-rule-mgmt', 'holmes-rules-mgmt.onap', 'holmes-rules-mgmt.onap.svc.cluster.local', 'inventory', 'inventory.onap', 'inventory.onap.svc.cluster.local', 'policy-handler', 'policy-handler.onap', 'policy-handler.onap.svc.cluster.local'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
+dmaap-bc@dmaap-bc.onap.org|dmaap-bc|local|/opt/app/osaaf/local||mailto:|org.onap.dmaap-bc|root|30|{'dmaap-bc', 'dmaap-bc.api.simpledemo.onap.org', 'dmaap-bc.onap'}|mmanager@osaaf.org|{'jks', 'pkcs12', 'script'}
+dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|dmaap-bc-mm-prov|local|/opt/app/osaaf/local||mailto:|org.onap.dmaap-bc-mm-prov|root|30|{'dmaap-bc-mm-prov', 'dmaap-bc-mm-prov.api.simpledemo.onap.org', 'dmaap-bc-mm-prov.onap', 'onap.dmaap-bc-mm-prov'}|aaf_admin@osaaf.org|{'pkcs12', 'script'}
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|dmaap-bc-topic-mgr|local|/opt/app/osaaf/local||mailto:|org.onap.dmaap-bc-topic-mgr|root|30|{'dmaap-bc-topic-mgr', 'dmaap-bc-topic-mgr.api.simpledemo.onap.org', 'dmaap-bc-topic-mgr.onap', 'onap.dmaap-bc-topic-mgr'}|aaf_admin@osaaf.org|{'pkcs12', 'script'}
+dmaap-dr@dmaap-dr.onap.org|dmaap-dr|local|/opt/app/osaaf/local||mailto:|org.onap.dmaap-dr|root|30|{'dmaap-dr', 'dmaap-dr.api.simpledemo.onap.org', 'dmaap-dr.onap', 'onap.dmaap-dr'}|aaf_admin@osaaf.org|{'jks', 'script'}
+dmaap-dr-node@dmaap-dr-node.onap.org|dmaap-dr-node|local|/opt/app/osaaf/local||mailto:|onap.dmaap-dr-node|root|30|{'dmaap-dr-node', 'dmaap-dr-node.api.simpledemo.onap.org', 'dmaap-dr-node.onap'}|aaf_admin@osaaf.org|{'pkcs12', 'script'}
+dmaap-dr-node@dmaap-dr.onap.org|dmaap-dr-node|local|/opt/app/osaaf/local||mailto:|org.onap.dmaap-dr|root|30|{'dmaap-dr-node', 'dmaap-dr-node.api.simpledemo.onap.org', 'dmaap-dr-node.onap'}|aaf_admin@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
+dmaap-dr-node@dmaap-dr.onap.org|mithril|local|/Volumes/Data/open/authz/auth/docker/dmaap_dr_node||mailto:|org.onap.dmaap-dr|jg1555|30|{'dmaap-dr-node', 'dmaap-dr-node.api.simpledemo.onap.org', 'dmaap-dr-node.onap'}|aaf_admin@osaaf.org|{'jks', 'pkcs12', 'script'}
+dmaap-dr-prov@dmaap-dr.onap.org|dmaap-dr-prov|local|/opt/app/osaaf/local||mailto:|org.onap.dmaap-dr|root|30|{'dmaap-dr-prov', 'dmaap-dr-prov.api.simpledemo.onap.org', 'dmaap-dr-prov.onap'}|aaf_admin@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
+dmaap-dr-prov@dmaap-dr.onap.org|mithril|local|/tmp/temp||mailto:|org.onap.dmaap-dr|jg1555|30|{'dmaap-dr-prov', 'dmaap-dr-prov.api.simpledemo.onap.org', 'dmaap-dr-prov.onap'}|aaf_admin@osaaf.org|{'file', 'pkcs12', 'script'}
+dmaap-dr-prov@dmaap-dr-prov.onap.org|dmaap-dr-prov|local|/opt/app/osaaf/local||mailto:|onap.dmaap-dr-prov|root|30|{'dmaap-dr-prov', 'dmaap-dr-prov.api.simpledemo.onap.org', 'dmaap-dr-prov.onap'}|aaf_admin@osaaf.org|{'pkcs12', 'script'}
+dmaap-mr@dmaap-mr.onap.org|dmaap-mr|local|/opt/app/osaaf/local||mailto:|org.onap.dmaap-mr|root|30|{'dmaap-mr', 'dmaap-mr.onap', 'message-router', 'message-router.onap', 'mr.api.simpledemo.onap.org'}|aaf_admin@osaaf.org|{'jks', 'pkcs12', 'script'}
+dmaap.mr@mr.dmaap.onap.org|10.12.25.177|local|/opt/app/osaaf/local||mailto:|org.onap.dmaap.mr|root|30|{'message-router mr.api.simpledemo.onap.org message-router.onap dmaapmr dmaap.mr dmaap-mr dmaap.mr.onap dmaap-mr.onap dmaap-mr dmaapmr.onap'}|@osaaf.org|{'pkcs12', 'script'}
+dmaapmr@mr.dmaap.onap.org|dmaapmr|local|/opt/app/osaaf/local||mailto:|org.onap.dmaap.mr|root|30|{'message-router', 'message-router.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
+dmaapmr@mr.dmaap.onap.org|dmaap-mr|local|/opt/app/osaaf/local||mailto:|org.onap.dmaap.mr|root|30|{'message-router mr.api.simpledemo.onap.org message-router.onap dmaapmr dmaap.mr dmaap-mr dmaap.mr.onap dmaap-mr.onap dmaap-mr dmaapmr.onap'}|aaf_admin@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
+dmaapmr@mr.dmaap.onap.org|dmaap.mr|local|/opt/app/osaaf/local||mailto:|org.onap.dmaap.mr|root|30|{'message-router mr.api.simpledemo.onap.org message-router.onap dmaapmr dmaap.mr dmaap-mr dmaap.mr.onap dmaap-mr.onap dmaap-mr dmaapmr.onap'}|aaf_admin@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
+dmaap.mr@mr.dmaap.onap.org|dmaap.mr|local|/opt/app/osaaf/local||mailto:|org.onap.dmaap.mr|root|30|{'message-router mr.api.simpledemo.onap.org message-router.onap dmaapmr dmaap.mr dmaap-mr dmaap.mr.onap dmaap-mr.onap dmaap-mr dmaapmr.onap'}|aaf_admin@osaaf.org|{'pkcs12', 'script'}
+dmaap.mr@mr.dmaap.onap.org|dmaapmr|local|/opt/app/osaaf/local||mailto:|org.onap.dmaap.mr|root|30|{'message-router mr.api.simpledemo.onap.org message-router.onap dmaapmr dmaap.mr dmaap-mr dmaap.mr.onap dmaap-mr.onap dmaap-mr dmaapmr.onap'}|aaf_admin@osaaf.org|{'pkcs12', 'script'}
+dmaap.mr@mr.dmaap.onap.org|dmaap-mr|local|/opt/app/osaaf/local||mailto:|org.onap.dmaap.mr|root|30|{'message-router mr.api.simpledemo.onap.org message-router.onap dmaapmr dmaap.mr dmaap-mr dmaap.mr.onap dmaap-mr.onap dmaap-mr dmaapmr.onap'}|@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
+holmes@holmes.onap.org|holmes|local|/opt/app/osaaf/local||mailto:|org.onap.holmes|root|30|{'holmes.api.simpledemo.onap.org', 'holmes.onap'}|aaf_admin@osaaf.org|{'pkcs12'}
+music@music.onap.org|music|aaf|/opt/app/aaf/local||mailto:|org.onap.music|root|30|{'music.api.simpledemo.onap.org', 'music.onap'}|mmanager@osaaf.org|{'pkcs12', 'script'}
+music@music.onap.org|music.onap|local|/opt/app/osaaf/local||mailto:|org.onap.music|root|30|{'music-api', 'music-api.onap', 'music-onap', 'music.api.simpledemo.onap.org', 'music.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
+nbi@nbi.onap.org|nbi|local|/opt/app/osaaf/local||mailto:|org.onap.nbi|root|30|{'nbi', 'nbi.api.simpledemo.onap.org', 'nbi.onap'}|aaf_admin@osaaf.org|{'file', 'pkcs12'}
+ngi@ngi.onap.org|ngi|local|/opt/app/osaaf/local||mailto:|org.onap.ngi|root|30|{'ngi.api.simpledemo.onap.org', 'ngi.onap'}|aaf_admin@osaaf.org|{'file', 'pkcs12'}
+oof@oof.onap.org|oof.api.simpledemo.onap.org|local|/opt/app/osaaf/local||mailto:jflood@att.com|org.onap.oof|root|30|{'cmso-onap', 'cmso.api.simpledemo.onap.org', 'cmso.onap', 'oof-has-api', 'oof-has-api.onap', 'oof-onap', 'oof-opteng', 'oof-opteng.onap', 'oof-osdf', 'oof-osdf.onap', 'oof.api.simpledemo.onap.org', 'oof.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
+oof@oof.onap.org|oof|local|/opt/app/osaaf/local||mailto:jflood@att.com|org.onap.oof|root|30|{'cmso-onap', 'cmso.api.simpledemo.onap.org', 'cmso.onap', 'oof-has-api', 'oof-has-api.onap', 'oof-onap', 'oof-osdf', 'oof-osdf.onap', 'oof.api.simpledemo.onap.org', 'oof.onap'}|aaf_admin@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
+oof@oof.onap.org|oof.onap|local|/opt/app/osaaf/local||mailto:jflood@att.com|org.onap.oof|root|30|{'cmso-onap', 'cmso.api.simpledemo.onap.org', 'cmso.onap', 'oof-cmso', 'oof-cmso-optimizer', 'oof-cmso-ticketmgt', 'oof-cmso-topology', 'oof-has-api', 'oof-has-api.onap', 'oof-onap', 'oof-opteng', 'oof-opteng.onap', 'oof-osdf', 'oof-osdf.onap', 'oof.api.simpledemo.onap.org', 'oof.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
+policy@policy.onap.org|policy|local|/opt/app/osaaf/local||mailto:|org.onap.policy|root|60|{'*.pdp', '*.pdp.onap.svc.cluster.local', 'brmsgw', 'brmsgw.onap', 'drools', 'drools.onap', 'pap', 'pap.onap', 'pdp', 'pdp.onap', 'policy', 'policy-apex-pdp', 'policy-apex-pdp.onap', 'policy-api', 'policy-api.onap', 'policy-distribution', 'policy-distribution.onap', 'policy-pap', 'policy-pap.onap', 'policy-xacml-pdp', 'policy-xacml-pdp.onap', 'policy.api.simpledemo.onap.org'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
+policy@policy.onap.org|policy_onap|local|/opt/app/osaaf/local||mailto:|org.onap.policy|root|30|{'*.pdp', '*.pdp.onap.svc.cluster.local', 'brmsgw', 'brmsgw.onap', 'drools', 'drools.onap', 'pap', 'pap.onap', 'pdp', 'pdp.onap', 'policy', 'policy-apex-pdp', 'policy-apex-pdp.onap', 'policy-distribution', 'policy-distribution.onap', 'policy.api.simpledemo.onap.org'}|aaf_admin@osaaf.org|{'pkcs12'}
+pomba@pomba.onap.org|onap.pomba|local|/opt/app/osaaf/local||mailto:|org.onap.pomba|root|30|{'onap.pomba', 'onap_pomba', 'pomba', 'pomba.api.simpledemo.onap.org', 'pomba.onap', 'pomba_onap'}|aaf_admin@osaaf.org|{'jks', 'pkcs12', 'script'}
+portal@portal.onap.org|portal|local|/opt/app/osaaf/local||mailto:|org.onap.portal|root|30|{'onap.portal', 'onap_portal', 'portal', 'portal-app', 'portal.api.simpledemo.onap.org', 'portal.onap', 'portal_onap'}|aaf_admin@osaaf.org|{'pkcs12', 'script'}
+sdc@sdc.onap.org|sdc-fe.onap|local|/opt/app/osaaf/local||mailto:|org.onap.sdc|root|30|{'sdc-fe.onap', 'sdc.api.simpledemo.onap.org', 'sdc.onap'}|aaf_admin@osaaf.org|{'file', 'jks', 'script'}
+sdc@sdc.onap.org|sdc|local|/opt/app/osaaf/local||mailto:|org.onap.sdc|root|60|{'*.onap', '*.onap.org', 'sdc', 'sdc-be.onap', 'sdc-dcae-be.onap', 'sdc-dcae-dt.onap', 'sdc-dcae-fe.onap', 'sdc-dcae-tosca-lab.onap', 'sdc-es.onap', 'sdc-fe.onap', 'sdc-kb.onap', 'sdc-onap.org', 'sdc-onboarding-be.onap', 'sdc-wfd-be.onap', 'sdc-wfd-fe.onap', 'sdc.api.fe.simpledemo.onap.org', 'sdc.api.simpledemo.onap.org', 'sdc.dcae.plugin.simpledemo.onap.org', 'sdc.workflow.plugin.simpledemo.onap.org', 'webseal.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
+sdc@sdc.onap.org|sdc.onap|local|/opt/app/osaaf/local||mailto:|org.onap.sdc|root|60|{'*.onap', '*.onap.org', 'sdc', 'sdc-be.onap', 'sdc-dcae-be.onap', 'sdc-dcae-dt.onap', 'sdc-dcae-fe.onap', 'sdc-dcae-tosca-lab.onap', 'sdc-es.onap', 'sdc-fe.onap', 'sdc-kb.onap', 'sdc-onap.org', 'sdc-onboarding-be.onap', 'sdc-wfd-be.onap', 'sdc-wfd-fe.onap', 'sdc.api.fe.simpledemo.onap.org', 'sdc.api.simpledemo.onap.org', 'sdc.dcae.plugin.simpledemo.onap.org', 'sdc.workflow.plugin.simpledemo.onap.org', 'webseal.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
+sdnc-cds@sdnc-cds.onap.org|sdnc-cds|local|/opt/app/osaaf/local||mailto:|org.onap.sdnc-cds|root|30|{'c1.vm1.sdnc-cds.simpledemo.onap', 'c2.vm1.sdnc-cds.simpledemo.onap', 'c3.vm1.sdnc-cds.simpledemo.onap', 'c4.vm1.sdnc-cds.simpledemo.onap', 'onap-sdnc-cds', 'onap-sdnc-cds.onap', 'sdnc-cds', 'sdnc-cds.api.simpledemo.onap.org', 'sdnc-cds.onap', 'vm1.sdnc-cds.simpledemo.onap.org'}|mmanager@osaaf.org|{'file', 'pkcs12', 'script'}
+sdnc@sdnc.onap.org|ccsdk-sdnc-heat-dev|local|/home/ubuntu/cert||mailto:|org.onap.sdnc|ubuntu|60|{'c1.vm1.sdnc.simpledemo.onap', 'c2.vm1.sdnc.simpledemo.onap', 'c3.vm1.sdnc.simpledemo.onap', 'c4.vm1.sdnc.simpledemo.onap', 'onap-sdnc', 'onap-sdnc.onap', 'sdnc', 'sdnc.api.simpledemo.onap.org', 'sdnc.onap', 'vm1.sdnc.simpledemo.onap.org'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12'}
+sdnc@sdnc.onap.org|sdnc|local|/opt/app/osaaf/local||mailto:|org.onap.sdnc|root|60|{'c1.vm1.sdnc.simpledemo.onap', 'c2.vm1.sdnc.simpledemo.onap', 'c3.vm1.sdnc.simpledemo.onap', 'c4.vm1.sdnc.simpledemo.onap', 'onap-sdnc', 'onap-sdnc.onap', 'sdnc', 'sdnc.api.simpledemo.onap.org', 'sdnc.onap', 'vm1.sdnc.simpledemo.onap.org'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12'}
+shi@shi.onap.org|onap.shi|local|/opt/app/osaaf/local||mailto:|onap.shi|root|30|{'onap_shi', 'shi', 'shi.api.simpledemo.onap.org', 'shi_onap'}|aaf_admin@osaaf.org|{'jks', 'pkcs12', 'script'}
+so@so.onap.org|aai-simulator|local|/opt/app/osaaf/local||mailto:|org.onap.so|root|30|{'aai-simulator', 'localhost'}|aaf_admin@osaaf.org|{'pkcs12'}
+so@so.onap.org|bpmn-infra|local|/opt/app/osaaf/local||mailto:|org.onap.so|root|30|{'bpmn-infra', 'bpmn-infra.onap'}|mmanager@osaaf.org|{'pkcs12'}
+so@so.onap.org|sdc-simulator|local|/opt/app/osaaf/local||mailto:|org.onap.so|root|30|{'localhost', 'sdc-simulator'}|aaf_admin@osaaf.org|{'pkcs12'}
+so@so.onap.org|sdnc-simulator|local|/opt/app/osaaf/local||mailto:|org.onap.so|root|30|{'localhost', 'sdnc-simulator'}|aaf_admin@osaaf.org|{'pkcs12'}
+so@so.onap.org|so-apih|local|/opt/app/osaaf/local||mailto:rp6768@att.com|org.onap.so|root|30|{'mso-asdc-controller-svc', 'mso-bpmn-infra-svc', 'mso-catalog-db-adapter-svc', 'mso-openstack-adapter-svc', 'mso-request-db-adapter-svc', 'mso-sdnc-adapter-svc'}|mmanager@osaaf.org|{'file', 'jks', 'script'}
+so@so.onap.org|so-client|local|/opt/app/osaaf/local||mailto:rp6768@att.com|org.onap.so|root|30||mmanager@osaaf.org|{'file', 'jks', 'script'}
+so@so.onap.org|so|local|/opt/app/osaaf/local||mailto:|org.onap.so|root|30|{'so.api.simpledemo.onap.org', 'so.onap'}|aaf_admin@osaaf.org|{'pkcs12', 'script'}
+so@so.onap.org|so-vnfm-adapter|local|/opt/app/osaaf/local||mailto:|org.onap.so|root|30|{'so-vnfm-adapter', 'so-vnfm-adapter.onap'}|aaf_admin@osaaf.org|{'pkcs12'}
+so@so.onap.org|so-vnfm-simulator|local|/opt/app/osaaf/local||mailto:|org.onap.so|root|30|{'so-vnfm-simulator', 'so-vnfm-simulator.onap'}|aaf_admin@osaaf.org|{'pkcs12'}
+tester1@test.portal.onap.org|tester1|aaf|/||mailto:|org.onap.portal.test|root|30||@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
+vfc@vfc.onap.org|vfc|local|/opt/app/osaaf/local||mailto:|org.onap.vfc|root|30|{'vfc.api.simpledemo.onap.org vfc.onap'}|aaf_admin@osaaf.org|{'pkcs12', 'script'}
+vid1@vid1.onap.org|vid1|local|/opt/app/osaaf/local||mailto:|org.onap.vid1|root|30|{'onap', 'onap.vid1', 'vid1', 'vid1.api.simpledemo.onap.org'}|aaf_admin@osaaf.org|{'pkcs12', 'script'}
+vid2@vid2.onap.org|vid2|local|/opt/app/osaaf/local||mailto:|org.onap.vid2|root|30|{'onap.vid2', 'vid2', 'vid2.api.simpledemo.onap.org', 'vid2.onap'}|aaf_admin@osaaf.org|{'pkcs12', 'script'}
+vid@vid.onap.org|vid|local|/opt/app/osaaf/local||mailto:|org.onap.vid|root|30|{'vid.api.simpledemo.onap.org', 'vid.onap'}|mmanager@osaaf.org|{'jks', 'pkcs12'}
--- /dev/null
+aaf|aaf_env|DEV
+aaf|aaf_oauth2_introspect_url|https://AAF_LOCATE_URL/%CNS.%AAF_NS.introspect:2.1/introspect
+aaf|aaf_oauth2_token_url|https://AAF_LOCATE_URL/%CNS.%AAF_NS.token:2.1/token
+aaf|aaf_url_cm|https://AAF_LOCATE_URL/%CNS.%AAF_NS.cm:2.1
+aaf|aaf_url_fs|https://AAF_LOCATE_URL/%CNS.%AAF_NS.fs:2.1
+aaf|aaf_url_gui|https://AAF_LOCATE_URL/%CNS.%AAF_NS.gui:2.1
+aaf|aaf_url|https://AAF_LOCATE_URL/%CNS.%AAF_NS.service:2.1
+aaf|aaf_url_oauth|https://AAF_LOCATE_URL/%CNS.%AAF_NS.oauth:2.1
+aaf|cadi_protocols|TLSv1.1,TLSv1.2
+aaf|cadi_x509_issuers|CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
--- /dev/null
+portal@portal.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.portal|53344||
+shi@shi.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.shi|53344||
+aaf@aaf.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.aaf|53344||
+aaf-sms@aaf-sms.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.aaf-sms|53344||
+clamp@clamp.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.clamp|53344||
+aai@aai.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.aai|53344||
+appc@appc.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.appc|53344||
+dcae@dcae.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dcae|53344||
+oof@oof.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.oof|53344||
+so@so.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.so|53344||
+sdc@sdc.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.sdc|53344||
+sdnc@sdnc.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.sdnc|53344||
+sdnc-cds@sdnc-cds.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.sdnc-cds|53344||
+vfc@vfc.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.vfc|53344||
+policy@policy.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.policy|53344||
+pomba@pomba.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.pomba|53344||
+holmes@holmes.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.holmes|53344||
+nbi@nbi.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.nbi|53344||
+music@music.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.music|53344||
+vid@vid.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.vid|53344||
+vid1@vid1.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.vid1|53344||
+vid2@vid2.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.vid2|53344||
+dmaap-bc@dmaap-bc.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaap-bc|53344||
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaap-bc-topic-mgr|53344||
+dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaap-bc-mm-prov|53344||
+dmaap-dr@dmaap-dr.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaap-dr|53344||
+dmaap-dr-prov@dmaap-dr-prov.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaap-dr-prov|53344||
+dmaap-dr-node@dmaap-dr-node.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaap-dr-node|53344||
+dmaap-mr@dmaap-mr.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaap-mr|53344||
+dmaapmr@dmaapmr.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.dmaapmr|53344||
+#dmaap.mr@#dmaap.mr.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.mr.#dmaap|53344||
+iowna@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
+mmanager@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
+bdevl@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
+mmarket@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
+demo@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
+jh0003@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
+cs0008@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
+jm0007@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
+op0001@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
+gv0001@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
+pm0001@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
+gs0001@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
+ps0001@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
+aaf_admin@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
+deployer@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
+portal_admin@people.osaaf.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344||
\ No newline at end of file
--- /dev/null
+org.onap.aaf-sms||org.onap||3
+org.onap.aai||org.onap||3
+org.onap.appc||org.onap||3
+org.onap.cds||org.onap||3
+org.onap.clampdemo|Onap clamp demo NS|org.onap|2|2
+org.onap.clamp||org.onap||3
+org.onap.clamptest|Onap clamp test NS|org.onap|2|2
+org.onap.dcae||org.onap||3
+org.onap.dmaap-bc.api||org.onap.dmaap-bc||3
+org.onap.dmaap-bc-mm-prov||org.onap||3
+org.onap.dmaap-bc||org.onap||3
+org.onap.dmaap.bc||org.onap||3
+org.onap.dmaapbc||org.onap||3
+org.onap.dmaap-bc-topic-mgr||org.onap||3
+org.onap.dmaap-dr||org.onap||3
+org.onap.dmaap.mr.aNewTopic-123450||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.aNewTopic-123451||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.aNewTopic-1547667570||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.aNewTopic-||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.aTest-1547665517||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.aTest-1547666628||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.aTest-1547666760||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.aTest-1547666950||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.aTest-1547667031||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.aTestTopic-123456||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.aTestTopic-123457||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.aTestTopic-1547660509||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.aTestTopic-1547660861||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.aTestTopic-1547661011||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.aTestTopic-1547662122||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.aTestTopic-1547662451||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.aTestTopic-1547664813||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.aTestTopic-1547664928||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.aTestTopic-1547666068||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.aTopic-1547654909||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.dgl000||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.dgl_ready||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.IdentityTopic-12345||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.IdentityTopic-1547839476||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.mirrormakeragent||org.onap.dmaap.mr||3
+org.onap.dmaap-mr||org.onap||3
+org.onap.dmaap.mr||org.onap||3
+org.onap.dmaap.mr.partitionTest-1546033194||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.PM_MAPPER||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.PNF_READY||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.PNF_REGISTRATION||org.onap.dmaap.mr||3
+org.onap.dmaap-mr.sunil||org.onap.dmaap-mr||3
+org.onap.dmaap-mr.test||org.onap.dmaap-mr||3
+org.onap.dmaap.mr.topic-000||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.topic-001||org.onap.dmaap.mr||3
+org.onap.dmaap.mr.topic-002||org.onap.dmaap.mr||3
+org.onap.dmaap||org.onap||3
+org.onap.holmes||org.onap||3
+org.onap.music||org.onap||3
+org.onap.nbi||org.onap||3
+org.onap|ONAP|org|2|2
+org.onap.oof||org.onap||3
+org.onap.policy||org.onap||3
+org.onap.pomba||org.onap||3
+org.onap.portal|ONAP Portal|org.onap.portal|3|3
+org.onap.portal.test||org.onap.portal||3
+org.onap.sdc||org.onap||3
+org.onap.sdnc-cds||org.onap||3
+org.onap.sdnc||org.onap||3
+org.onap.so||org.onap||3
+org.onap.vfc||org.onap||3
+org.onap.vid1||org.onap||3
+org.onap.vid2||org.onap||3
+org.onap.vid||org.onap||3
+org.openecomp.dcae|DCAE Namespace Org|org.openecomp|3|3
+org.openecomp.dmaapBC|DMaap NS|org.openecomp|3|3
+org.openecomp|Open EComp NS|org|2|2
+org.osaaf.aaf|Application Authorization Framework|org.osaaf|3|3
+org.osaaf|OSAAF Namespace|org|2|2
+org.osaaf.people||org.osaaf||3
+org|Root Namespace|.|1|1
--- /dev/null
+org|access|*|*|Org Write Access|{'org.admin'}
+org|access|*|read,approve|Org Read Access|{'org.owner'}
+org|access|*|read|Org Read Access|{'org.owner'}
+org.onap.aaf-sms|access|*|*|AAF Namespace Write Access|"{'org.onap.aaf-sms|admin'}"
+org.onap.aaf-sms|access|*|read|AAF Namespace Read Access|"{'org.onap.aaf-sms|owner'}"
+org.onap.aaf-sms|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap.aai|access|*|*|AAF Namespace Write Access|"{'org.onap.aai|admin'}"
+org.onap.aai|access|*|read|AAF Namespace Read Access|"{'org.onap.aai|owner'}"
+org.onap.aai|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap.aai|resources|*|delete||"{'org.onap.aai|resources_all'}"
+org.onap.aai|resources|*|get||"{'org.onap.aai|resources_all', 'org.onap.aai|resources_readonly'}"
+org.onap.aai|resources|*|patch||"{'org.onap.aai|resources_all'}"
+org.onap.aai|resources|*|post||"{'org.onap.aai|resources_all'}"
+org.onap.aai|resources|*|put||"{'org.onap.aai|resources_all'}"
+org.onap.aai|traversal|*|advanced||"{'org.onap.aai|traversal_advanced'}"
+org.onap.aai|traversal|*|basic||"{'org.onap.aai|traversal_basic'}"
+org.onap|access|*|*|Onap Write Access|{'org.onap.admin'}
+org.onap|access|*|read|Onap Read Access|{'org.onap.owner'}
+org.onap.appc|access|*|*|AAF Namespace Write Access|"{'org.onap.appc|admin', 'org.onap.appc|service'}"
+org.onap.appc|access|*|read|AAF Namespace Read Access|"{'org.onap.appc|owner'}"
+org.onap.appc|apidoc|/apidoc/.*|ALL||"{'org.onap.appc|apidoc'}"
+org.onap.appc|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap.appc|odl|odl-api|*|Appc ODL API Access|"{'org.onap.appc.odl', 'org.onap.appc|admin'}"
+org.onap.appc|restconf|/restconf/.*|ALL||"{'org.onap.appc|restconf'}"
+org.onap.cds|access|*|*|AAF Namespace Write Access|"{'org.onap.cds|admin'}"
+org.onap.cds|access|*|read|AAF Namespace Read Access|"{'org.onap.cds|owner'}"
+org.onap.clamp|access|*|*|AAF Namespace Write Access|"{'org.onap.clamp|admin', 'org.onap.clamp|service'}"
+org.onap.clamp|access|*|read|Onap Clamp Read Access|{'org.onap.clamp.owner'}
+org.onap.clamp|certman|local|request,ignoreIPs,showpass||"{'org.onap.clamp|admin', 'org.onap.clamp|seeCerts', 'org.osaaf.aaf|deploy'}"
+org.onap.clamp|clds.cl|dev|*||"{'org.onap.clamp|service'}"
+org.onap.clamp|clds.cl|dev|read|Onap Clamp Dev Read Access|"{'org.onap.clamp.clds.designer.dev', 'org.onap.clamp|clds.admin.dev'}"
+org.onap.clamp|clds.cl|dev|update|Onap Clamp Dev Update Access|"{'org.onap.clamp.clds.designer.dev', 'org.onap.clamp|clds.admin.dev'}"
+org.onap.clamp|clds.cl.event|dev|*|Onap Clamp Dev Write Access|{'org.onap.clamp.clds.designer.dev'}
+org.onap.clamp|clds.cl.manage|dev|*|Onap Clamp Dev Manage Access|"{'org.onap.clamp.clds.designer.dev', 'org.onap.clamp|service'}"
+org.onap.clamp|clds.filter.vf|dev|*|Onap Clamp Filter All Dev Access|"{'org.onap.clamp.clds.vf_filter_all.dev', 'org.onap.clamp|service'}"
+org.onap.clamp|clds.template|dev|*||"{'org.onap.clamp|service'}"
+org.onap.clamp|clds.template|dev|read|Onap Clamp Dev Read Access|"{'org.onap.clamp.clds.designer.dev', 'org.onap.clamp|clds.admin.dev'}"
+org.onap.clamp|clds.template|dev|update|Onap Clamp Dev Update Access|"{'org.onap.clamp.clds.designer.dev', 'org.onap.clamp|clds.admin.dev'}"
+org.onap.clamp|clds.tosca|dev|*||"{'org.onap.clamp|service'}"
+org.onap.clampdemo|access|*|*|ClampDemo Write Access|{'org.onap.clampdemo.admin'}
+org.onap.clampdemo|access|*|read|ClampDemo Read Access|{'org.onap.clampdemo.owner'}
+org.onap.clamptest|access|*|*|Onap Write Access|{'org.onap.clamptest.admin'}
+org.onap.clamptest|access|*|read|Onap Read Access|{'org.onap.clamptest.owner'}
+org.onap.dcae|access|*|*|AAF Namespace Write Access|"{'org.onap.dcae|admin', 'org.onap.dmaap-bc-topic-mgr|admin', 'org.onap.dmaap-bc|admin'}"
+org.onap.dcae|access|*|read|AAF Namespace Read Access|"{'org.onap.dcae|owner'}"
+org.onap.dcae|certman|local|request,ignoreIPs,showpass||"{'org.onap.dcae|seeCerts', 'org.osaaf.aaf|deploy'}"
+org.onap.dcae|dmaap.topicFactory|:com.att.dcae.dmaap.FTL.mr.topic:com.att.dcae.dmaap.FTL|create||
+org.onap.dcae|dmaap.topicFactory|:null.FTL.mr.topic:null.FTL|create||
+org.onap.dmaap|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap|admin'}"
+org.onap.dmaap|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap|owner'}"
+org.onap.dmaap-bc|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap-bc|admin'}"
+org.onap.dmaapbc|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaapbc|admin'}"
+org.onap.dmaap.bc|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.bc|admin', 'org.onap.dmaap.bc|service'}"
+org.onap.dmaap-bc|access|*|read|AAF Namespace Read Access|"{'org.onap.dcae|admin', 'org.onap.dmaap-bc|owner'}"
+org.onap.dmaap.bc|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.bc|owner'}"
+org.onap.dmaapbc|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaapbc|owner'}"
+org.onap.dmaap-bc.api|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap-bc.api|admin', 'org.onap.dmaap-bc|admin'}"
+org.onap.dmaap-bc.api|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap-bc.api|owner', 'org.onap.dmaap-bc|admin', 'org.onap.dmaap-bc|service'}"
+org.onap.dmaap-bc.api|bridge|onapdemo|GET||"{'org.onap.dmaap-bc.api|Metrics'}"
+org.onap.dmaap-bc.api|dcaeLocations|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dcaeLocations|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dcaeLocations|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dcaeLocations|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dmaap|boot|DELETE||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dmaap|boot|GET||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dmaap|boot|POST||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dmaap|boot|PUT||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dmaap|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dmaap|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dmaap|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dmaap|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dr_nodes|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dr_nodes|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dr_nodes|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dr_nodes|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|dr_pubs|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dr_pubs|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dr_pubs|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dr_pubs|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dr_subs|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dr_subs|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dr_subs|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|dr_subs|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|feeds|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|feeds|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|feeds|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|feeds|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|mr_clients|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|mr_clients|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|mr_clients|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|mr_clients|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|mr_clusters|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|mr_clusters|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|mr_clusters|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|mr_clusters|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller'}"
+org.onap.dmaap-bc.api|topics|onapdemo|DELETE||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator'}"
+org.onap.dmaap-bc.api|topics|onapdemo|GET||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Inventory', 'org.onap.dmaap-bc.api|Metrics', 'org.onap.dmaap-bc.api|Orchestrator', 'org.onap.dmaap-bc.api|PortalUser'}"
+org.onap.dmaap-bc.api|topics|onapdemo|POST||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator'}"
+org.onap.dmaap-bc.api|topics|onapdemo|PUT||"{'org.onap.dmaap-bc.api|Controller', 'org.onap.dmaap-bc.api|Orchestrator'}"
+org.onap.dmaap-bc|certman|local|request,ignoreIPs,showpass||"{'org.onap.dmaap-bc|seeCerts', 'org.osaaf.aaf|deploy'}"
+org.onap.dmaap-bc-mm-prov|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap-bc-mm-prov|admin'}"
+org.onap.dmaap-bc-mm-prov|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap-bc-mm-prov|owner'}"
+org.onap.dmaap-bc-mm-prov|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap.dmaap-bc-topic-mgr|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap-bc-topic-mgr|admin'}"
+org.onap.dmaap-bc-topic-mgr|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap-bc-topic-mgr|owner'}"
+org.onap.dmaap-bc-topic-mgr|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap.dmaap-dr|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap-dr|admin'}"
+org.onap.dmaap-dr|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap-dr|owner'}"
+org.onap.dmaap-dr|certman|local|request,ignoreIPs,showpass||"{'org.onap.dmaap-dr|seeCerts', 'org.osaaf.aaf|deploy'}"
+org.onap.dmaap-dr|feed|*|approveSub||"{'org.onap.dmaap-dr|feed.admin'}"
+org.onap.dmaap|dr.feed|*|create||
+org.onap.dmaap-dr|feed|*|create||"{'org.onap.dmaap-dr|feed.admin'}"
+org.onap.dmaap-dr|feed|*|delete||"{'org.onap.dmaap-dr|feed.admin'}"
+org.onap.dmaap-dr|feed|*|edit||"{'org.onap.dmaap-dr|feed.admin'}"
+org.onap.dmaap-dr|feed|*|*||"{'org.onap.dmaap-bc|service', 'org.onap.dmaap-dr|feed.admin'}"
+org.onap.dmaap-dr|feed|*|publish||"{'org.onap.dmaap-dr|feed.admin'}"
+org.onap.dmaap-dr|feed|*|restore||"{'org.onap.dmaap-dr|feed.admin'}"
+org.onap.dmaap-dr|feed|*|subscribe||"{'org.onap.dmaap-dr|feed.admin'}"
+org.onap.dmaap-dr|feed|*|suspend||"{'org.onap.dmaap-dr|feed.admin'}"
+org.onap.dmaap-dr|sub|*|delete||"{'org.onap.dmaap-dr|sub.admin'}"
+org.onap.dmaap-dr|sub|*|edit||"{'org.onap.dmaap-dr|sub.admin'}"
+org.onap.dmaap-dr|sub|*|*||"{'org.onap.dmaap-bc|service', 'org.onap.dmaap-dr|sub.admin'}"
+org.onap.dmaap-dr|sub|*|publish||"{'org.onap.dmaap-dr|sub.admin'}"
+org.onap.dmaap-dr|sub|*|restore||"{'org.onap.dmaap-dr|sub.admin'}"
+org.onap.dmaap-dr|sub|*|suspend||"{'org.onap.dmaap-dr|sub.admin'}"
+org.onap.dmaap.mr|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap-bc|service', 'org.onap.dmaap.mr|admin'}"
+org.onap.dmaap-mr|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap-mr|admin'}"
+org.onap.dmaap-mr|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap-mr|owner'}"
+org.onap.dmaap.mr|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr|owner', 'org.onap.dmaap.mr|service'}"
+org.onap.dmaap.mr.aNewTopic-123450|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aNewTopic-123450|admin'}"
+org.onap.dmaap.mr.aNewTopic-123450|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aNewTopic-123450|owner'}"
+org.onap.dmaap.mr.aNewTopic-123451|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aNewTopic-123451|admin'}"
+org.onap.dmaap.mr.aNewTopic-123451|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aNewTopic-123451|owner'}"
+org.onap.dmaap.mr.aNewTopic-1547667570|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aNewTopic-1547667570|admin'}"
+org.onap.dmaap.mr.aNewTopic-1547667570|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aNewTopic-1547667570|owner'}"
+org.onap.dmaap.mr.aNewTopic-|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aNewTopic-|admin'}"
+org.onap.dmaap.mr.aNewTopic-|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aNewTopic-|owner'}"
+org.onap.dmaap.mr.aTest-1547665517|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTest-1547665517|admin'}"
+org.onap.dmaap.mr.aTest-1547665517|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTest-1547665517|owner'}"
+org.onap.dmaap.mr.aTest-1547666628|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTest-1547666628|admin'}"
+org.onap.dmaap.mr.aTest-1547666628|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTest-1547666628|owner'}"
+org.onap.dmaap.mr.aTest-1547666760|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTest-1547666760|admin'}"
+org.onap.dmaap.mr.aTest-1547666760|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTest-1547666760|owner'}"
+org.onap.dmaap.mr.aTest-1547666950|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTest-1547666950|admin'}"
+org.onap.dmaap.mr.aTest-1547666950|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTest-1547666950|owner'}"
+org.onap.dmaap.mr.aTest-1547667031|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTest-1547667031|admin'}"
+org.onap.dmaap.mr.aTest-1547667031|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTest-1547667031|owner'}"
+org.onap.dmaap.mr.aTestTopic-123456|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTestTopic-123456|admin'}"
+org.onap.dmaap.mr.aTestTopic-123456|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTestTopic-123456|owner'}"
+org.onap.dmaap.mr.aTestTopic-123457|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTestTopic-123457|admin'}"
+org.onap.dmaap.mr.aTestTopic-123457|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTestTopic-123457|owner'}"
+org.onap.dmaap.mr.aTestTopic-1547660509|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTestTopic-1547660509|admin'}"
+org.onap.dmaap.mr.aTestTopic-1547660509|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTestTopic-1547660509|owner'}"
+org.onap.dmaap.mr.aTestTopic-1547660861|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTestTopic-1547660861|admin'}"
+org.onap.dmaap.mr.aTestTopic-1547660861|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTestTopic-1547660861|owner'}"
+org.onap.dmaap.mr.aTestTopic-1547661011|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTestTopic-1547661011|admin'}"
+org.onap.dmaap.mr.aTestTopic-1547661011|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTestTopic-1547661011|owner'}"
+org.onap.dmaap.mr.aTestTopic-1547662122|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTestTopic-1547662122|admin'}"
+org.onap.dmaap.mr.aTestTopic-1547662122|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTestTopic-1547662122|owner'}"
+org.onap.dmaap.mr.aTestTopic-1547662451|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTestTopic-1547662451|admin'}"
+org.onap.dmaap.mr.aTestTopic-1547662451|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTestTopic-1547662451|owner'}"
+org.onap.dmaap.mr.aTestTopic-1547664813|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTestTopic-1547664813|admin'}"
+org.onap.dmaap.mr.aTestTopic-1547664813|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTestTopic-1547664813|owner'}"
+org.onap.dmaap.mr.aTestTopic-1547664928|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTestTopic-1547664928|admin'}"
+org.onap.dmaap.mr.aTestTopic-1547664928|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTestTopic-1547664928|owner'}"
+org.onap.dmaap.mr.aTestTopic-1547666068|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTestTopic-1547666068|admin'}"
+org.onap.dmaap.mr.aTestTopic-1547666068|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTestTopic-1547666068|owner'}"
+org.onap.dmaap.mr.aTopic-1547654909|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.aTopic-1547654909|admin'}"
+org.onap.dmaap.mr.aTopic-1547654909|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.aTopic-1547654909|owner'}"
+org.onap.dmaap-mr|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap.dmaap.mr|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap.dmaap.mr.dgl000|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.dgl000|admin'}"
+org.onap.dmaap.mr.dgl000|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.dgl000|owner'}"
+org.onap.dmaap.mr.dgl_ready|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.dgl_ready|admin'}"
+org.onap.dmaap.mr.dgl_ready|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.dgl_ready|owner'}"
+org.onap.dmaap.mr.IdentityTopic-12345|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.IdentityTopic-12345|admin'}"
+org.onap.dmaap.mr.IdentityTopic-12345|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.IdentityTopic-12345|owner'}"
+org.onap.dmaap.mr.IdentityTopic-1547839476|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.IdentityTopic-1547839476|admin'}"
+org.onap.dmaap.mr.IdentityTopic-1547839476|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.IdentityTopic-1547839476|owner'}"
+org.onap.dmaap.mr|mirrormaker|*|admin||"{'org.onap.dmaap.mr|mirrormaker.admin'}"
+org.onap.dmaap.mr.mirrormakeragent|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.mirrormakeragent|admin'}"
+org.onap.dmaap.mr.mirrormakeragent|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.mirrormakeragent|owner'}"
+org.onap.dmaap.mr|mirrormaker|*|user||"{'org.onap.dmaap.mr|mirrormaker.user'}"
+org.onap.dmaap.mr.partitionTest-1546033194|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.partitionTest-1546033194|admin'}"
+org.onap.dmaap.mr.partitionTest-1546033194|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.partitionTest-1546033194|owner'}"
+org.onap.dmaap.mr.PM_MAPPER|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.PM_MAPPER|admin'}"
+org.onap.dmaap.mr.PM_MAPPER|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.PM_MAPPER|owner'}"
+org.onap.dmaap.mr.PNF_READY|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.PNF_READY|admin'}"
+org.onap.dmaap.mr.PNF_READY|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.PNF_READY|owner'}"
+org.onap.dmaap.mr.PNF_REGISTRATION|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.PNF_REGISTRATION|admin'}"
+org.onap.dmaap.mr.PNF_REGISTRATION|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.PNF_REGISTRATION|owner'}"
+org.onap.dmaap-mr|saitest|:topic.org.onap.dmaap-bc.mr.dglTest201810100535|pub||"{'org.onap.dmaap-mr|admin', 'org.onap.dmaap-mr|sai'}"
+org.onap.dmaap-mr.sunil|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap-mr.sunil|admin'}"
+org.onap.dmaap-mr.sunil|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap-mr.sunil|owner'}"
+org.onap.dmaap-mr.sunil|test|:topic.org.onap.dmaap-bc.mr.dglTest201810100535|pub||"{'org.onap.dmaap-mr.sunil|admin2'}"
+org.onap.dmaap-mr.test|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap-mr.test|admin'}"
+org.onap.dmaap-mr.test|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap-mr.test|owner'}"
+org.onap.dmaap.mr.topic-000|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.topic-000|admin'}"
+org.onap.dmaap.mr.topic-000|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.topic-000|owner'}"
+org.onap.dmaap.mr.topic-001|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.topic-001|admin'}"
+org.onap.dmaap.mr.topic-001|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.topic-001|owner'}"
+org.onap.dmaap.mr.topic-002|access|*|*|AAF Namespace Write Access|"{'org.onap.dmaap.mr.topic-002|admin'}"
+org.onap.dmaap.mr.topic-002|access|*|read|AAF Namespace Read Access|"{'org.onap.dmaap.mr.topic-002|owner'}"
+org.onap.dmaap.mr|topicFactory|:org.onap.dmaap.mr.topic:org.onap.dmaap.mr|create,destroy||"{'org.onap.dmaap-bc|service'}"
+org.onap.dmaap.mr|topicFactory|:org.onap.dmaap.mr.topic:org.onap.dmaap.mr|create||"{'org.onap.dmaap-bc-topic-mgr|client', 'org.onap.dmaap.mr|create'}"
+org.onap.dmaap.mr|topicFactory|:org.onap.dmaap.mr.topic:org.onap.dmaap.mr|destroy||"{'org.onap.dmaap-bc-topic-mgr|client', 'org.onap.dmaap.mr|destroy'}"
+org.onap.dmaap.mr|topic|*|*||"{'org.onap.dmaap-bc|service'}"
+org.onap.dmaap.mr|topic|org.onap.dmaap.mr.PM_MAPPER|pub||"{'org.onap.dcae|pnfPublisher'}"
+org.onap.dmaap.mr|topic|org.onap.dmaap.mr.PM_MAPPER|sub||"{'org.onap.dcae|pnfPublisher'}"
+org.onap.dmaap.mr|topictest|*|view||
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.dglk8s.dglTest1539200479|pub||
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.dglk8s.dglTest1539200479|sub||
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.dglk8s.dglTest1539200479|view||
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.dglk8s.dglTest1539201873|pub||
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.dglk8s.dglTest1539201873|sub||
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.dglk8s.dglTest1539201873|view||
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aafIntegTest-1539385466|pub||"{'org.onap.dmaap-mr|Publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aafIntegTest-1539385466|sub||"{'org.onap.dmaap-mr|Publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aafIntegTest-1539385466|view||"{'org.onap.dmaap-mr|Publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aafIntegTest-1539628418|pub||"{'org.onap.dmaap-mr|Publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aafIntegTest-1539628418|sub||"{'org.onap.dmaap-mr|Publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aafIntegTest-1539628418|view||"{'org.onap.dmaap-mr|Publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aPnfTopic-1540492548|pub||"{'org.onap.dcae|pnfPublisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aPnfTopic-1540492548|sub||"{'org.onap.dcae|pnfSubscriber'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aPnfTopic-1540492548|view||"{'org.onap.dcae|pnfPublisher', 'org.onap.dcae|pnfSubscriber'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aSimpleTopic-1540491614|pub||"{'org.onap.dmaap-mr|Publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aSimpleTopic-1540491614|sub||"{'org.onap.dmaap-mr|Publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aSimpleTopic-1540491614|view||"{'org.onap.dmaap-mr|Publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aSimpleTopic|pub||"{'org.onap.dmaap-mr|Publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aSimpleTopic|sub||"{'org.onap.dmaap-mr|Publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aSimpleTopic|view||"{'org.onap.dmaap-mr|Publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dgl_ready|pub||"{'org.onap.dmaap.mr.dgl_ready|publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dgl_ready|sub||"{'org.onap.dmaap.mr.dgl_ready|subscriber'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dgl_ready|view||"{'org.onap.dmaap.mr.dgl_ready|publisher', 'org.onap.dmaap.mr.dgl_ready|subscriber'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1529190699|pub||
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539370708|pub||"{'org.onap.dmaap-mr|Publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539370708|sub||
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539370708|view||"{'org.onap.dmaap-mr|Publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539371800|pub||"{'org.onap.dmaap-mr|Publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539371800|sub||"{'org.onap.dmaap-mr|Publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539371800|view||"{'org.onap.dmaap-mr|Publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539385250|pub||"{'org.onap.dmaap-mr|Publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539385250|sub||"{'org.onap.dmaap-mr|Publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539385250|view||"{'org.onap.dmaap-mr|Publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest201810100530|pub||
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.IdentityTopic-12345|pub||"{'org.onap.dmaap.mr.IdentityTopic-12345|publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.IdentityTopic-12345|sub||"{'org.onap.dmaap.mr.IdentityTopic-12345|subscriber'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.IdentityTopic-12345|view||"{'org.onap.dmaap.mr.IdentityTopic-12345|publisher', 'org.onap.dmaap.mr.IdentityTopic-12345|subscriber'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.IdentityTopic-1547839476|pub||"{'org.onap.dmaap.mr.IdentityTopic-1547839476|publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.IdentityTopic-1547839476|sub||"{'org.onap.dmaap.mr.IdentityTopic-1547839476|subscriber'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.IdentityTopic-1547839476|view||"{'org.onap.dmaap.mr.IdentityTopic-1547839476|publisher', 'org.onap.dmaap.mr.IdentityTopic-1547839476|subscriber'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mirrormakeragent|pub||"{'org.onap.dmaap.mr.mirrormakeragent|pub', 'org.onap.dmaap.mr.mirrormakeragent|publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mirrormakeragent|sub||"{'org.onap.dmaap.mr.mirrormakeragent|sub', 'org.onap.dmaap.mr.mirrormakeragent|subscriber'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mirrormakeragent|view||"{'org.onap.dmaap.mr.mirrormakeragent|publisher', 'org.onap.dmaap.mr.mirrormakeragent|subscriber'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mmagent|pub||"{'org.onap.dmaap.mr|mmagent.pub'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mmagent|sub||"{'org.onap.dmaap.mr|mmagent.sub', 'org.onap.dmaap.mr|mmagent.sub1'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mrtest|pub||
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mrtesttopic|pub||"{'org.onap.dmaap.mr|mrtesttopic.pub'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mrtesttopic|sub||"{'org.onap.dmaap.mr|mrtesttopic.sub'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PM_MAPPER|pub||"{'org.onap.dmaap.mr.PM_MAPPER|publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PM_MAPPER|sub||"{'org.onap.dmaap.mr.PM_MAPPER|subscriber'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PM_MAPPER|view||"{'org.onap.dmaap.mr.PM_MAPPER|publisher', 'org.onap.dmaap.mr.PM_MAPPER|subscriber'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_READY|pub||"{'org.onap.dmaap.mr.PNF_READY|pub', 'org.onap.dmaap.mr.PNF_READY|publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_READY|sub||"{'org.onap.dmaap.mr.PNF_READY|subscriber'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_READY|view||"{'org.onap.dmaap.mr.PNF_READY|pub', 'org.onap.dmaap.mr.PNF_READY|publisher', 'org.onap.dmaap.mr.PNF_READY|subscriber'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_REGISTRATION|pub||"{'org.onap.dmaap.mr.PNF_REGISTRATION|publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_REGISTRATION|sub||"{'org.onap.dmaap.mr.PNF_REGISTRATION|sub', 'org.onap.dmaap.mr.PNF_REGISTRATION|subscriber', 'org.onap.dmaap.mr|PNF_REGISTRATION.sub'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_REGISTRATION|view||"{'org.onap.dmaap.mr.PNF_REGISTRATION|publisher', 'org.onap.dmaap.mr.PNF_REGISTRATION|sub', 'org.onap.dmaap.mr.PNF_REGISTRATION|subscriber', 'org.onap.dmaap.mr|PNF_REGISTRATION.sub'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540393649|pub||"{'org.onap.dmaap.mr.PNF_READY|pub'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540393649|sub||
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540393649|view||"{'org.onap.dmaap.mr.PNF_READY|pub'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540398384|pub||"{'org.onap.dmaap.mr.PNF_READY|pub'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540398384|sub||
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540398384|view||"{'org.onap.dmaap.mr.PNF_READY|pub'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540398410|pub||"{'org.onap.dmaap.mr.PNF_READY|pub'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540398410|sub||
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540398410|view||"{'org.onap.dmaap.mr.PNF_READY|pub'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.test1|pub||"{'org.onap.dmaap.mr|test1'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-000|pub||"{'org.onap.dcae|pnfPublisher', 'org.onap.dmaap.mr.topic-000|publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-000|sub||"{'org.onap.dmaap.mr.topic-000|subscriber'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-000|view||"{'org.onap.dcae|pnfPublisher', 'org.onap.dmaap.mr.topic-000|publisher', 'org.onap.dmaap.mr.topic-000|subscriber'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-001|pub||"{'org.onap.dmaap.mr.topic-001|publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-001|sub||"{'org.onap.dmaap.mr.topic-001|subscriber'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-001|view||"{'org.onap.dmaap.mr.topic-001|publisher', 'org.onap.dmaap.mr.topic-001|subscriber'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-002|pub||"{'org.onap.dmaap.mr.topic-002|publisher'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-002|sub||"{'org.onap.dmaap.mr.topic-002|subscriber'}"
+org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-002|view||"{'org.onap.dmaap.mr.topic-002|publisher', 'org.onap.dmaap.mr.topic-002|subscriber'}"
+org.onap.dmaap.mr|topic|*|view||"{'org.onap.dmaap-bc|service', 'org.onap.dmaap.mr|view'}"
+org.onap.dmaap.mr|viewtest|*|view||"{'org.onap.dmaap.mr|viewtest'}"
+org.onap.holmes|access|*|*|AAF Namespace Write Access|"{'org.onap.holmes|admin'}"
+org.onap.holmes|access|*|read|AAF Namespace Read Access|"{'org.onap.holmes|owner'}"
+org.onap.music|access|*|*|AAF Namespace Write Access|"{'org.onap.music|admin'}"
+org.onap.music|access|*|read|AAF Namespace Read Access|"{'org.onap.music|owner'}"
+org.onap.music|certman|local|request,ignoreIPs,showpass||"{'org.onap.music|admin', 'org.osaaf.aaf|deploy'}"
+org.onap.nbi|access|*|*|AAF Namespace Write Access|"{'org.onap.nbi|admin', 'org.onap.nbi|service'}"
+org.onap.nbi|access|*|read|AAF Namespace Read Access|"{'org.onap.nbi|owner'}"
+org.onap.nbi|certman|local|request,ignoreIPs,showpass||"{'org.onap.nbi|admin', 'org.onap.nbi|seeCerts', 'org.osaaf.aaf|deploy'}"
+org.onap.ngi|access|*|*|AAF Namespace Write Access|"{'org.onap.ngi|admin'}"
+org.onap.ngi|access|*|read|AAF Namespace Read Access|"{'org.onap.ngi|owner'}"
+org.onap.oof|access|*|*|AAF Namespace Write Access|"{'org.onap.oof|admin'}"
+org.onap.oof|access|*|read|AAF Namespace Read Access|"{'org.onap.oof|owner'}"
+org.onap.oof|certman|local|request,ignoreIPs,showpass||"{'org.onap.oof|admin', 'org.onap.sdc|admin', 'org.osaaf.aaf|deploy'}"
+org.onap.policy|access|*|*|AAF Namespace Write Access|"{'org.onap.policy|admin', 'org.onap.policy|pdpd.admin'}"
+org.onap.policy|access|*|read|AAF Namespace Read Access|"{'org.onap.policy|owner', 'org.onap.policy|pdpd.admin'}"
+org.onap.policy|certman|local|request,ignoreIPs,showpass||"{'org.onap.policy|seeCerts', 'org.osaaf.aaf|deploy'}"
+org.onap.policy|menu|menu_admin|*|Admin Menu|"{'org.onap.policy|System_Administrator'}"
+org.onap.policy|menu|menu_ajax|*|Ajax Menu|"{'org.onap.policy|Standard_User', 'org.onap.policy|System_Administrator'}"
+org.onap.policy|menu|menu_concept|*|CoNCEPT|
+org.onap.policy|menu|menu_customer_create|*|Customer Create|"{'org.onap.policy|Standard_User', 'org.onap.policy|System_Administrator'}"
+org.onap.policy|menu|menu_customer|*|Customer Menu|"{'org.onap.policy|Standard_User', 'org.onap.policy|System_Administrator'}"
+org.onap.policy|menu|menu_doclib|*|Document Library Menu|
+org.onap.policy|menu|menu_feedback|*|Feedback Menu|"{'org.onap.policy|System_Administrator'}"
+org.onap.policy|menu|menu_help|*|Help Menu|"{'org.onap.policy|System_Administrator'}"
+org.onap.policy|menu|menu_home|*|Home Menu|"{'org.onap.policy|Standard_User', 'org.onap.policy|System_Administrator'}"
+org.onap.policy|menu|menu_itracker|*|iTracker Menu|"{'org.onap.policy|Standard_User', 'org.onap.policy|System_Administrator'}"
+org.onap.policy|menu|menu_job_create|*|Job Create|"{'org.onap.policy|System_Administrator'}"
+org.onap.policy|menu|menu_job_designer|*|Process in Designer view|
+org.onap.policy|menu|menu_job|*|Job Menu|"{'org.onap.policy|System_Administrator'}"
+org.onap.policy|menu|menu_logout|*|Logout Menu|"{'org.onap.policy|Standard_User', 'org.onap.policy|System_Administrator'}"
+org.onap.policy|menu|menu_map|*|Map Menu|"{'org.onap.policy|Standard_User'}"
+org.onap.policy|menu|menu_notes|*|Notes Menu|"{'org.onap.policy|System_Administrator'}"
+org.onap.policy|menu|menu_policy|*|Policy|"{'org.onap.policy|Policy_Admin', 'org.onap.policy|Policy_Editor', 'org.onap.policy|Policy_Guest', 'org.onap.policy|Policy_Super_Admin', 'org.onap.policy|Policy_Super_Guest', 'org.onap.policy|Standard_User'}"
+org.onap.policy|menu|menu_process|*|Process List|"{'org.onap.policy|System_Administrator'}"
+org.onap.policy|menu|menu_profile_create|*|Profile Create|"{'org.onap.policy|System_Administrator'}"
+org.onap.policy|menu|menu_profile_import|*|Profile Import|"{'org.onap.policy|System_Administrator'}"
+org.onap.policy|menu|menu_profile|*|Profile Menu|"{'org.onap.policy|Standard_User', 'org.onap.policy|System_Administrator'}"
+org.onap.policy|menu|menu_reports|*|Reports Menu|"{'org.onap.policy|Standard_User', 'org.onap.policy|System_Administrator'}"
+org.onap.policy|menu|menu_sample|*|Sample Pages Menu|"{'org.onap.policy|System_Administrator'}"
+org.onap.policy|menu|menu_tab|*|Sample Tab Menu|"{'org.onap.policy|Standard_User', 'org.onap.policy|System_Administrator'}"
+org.onap.policy|menu|menu_task_search|*|Task Search|
+org.onap.policy|menu|menu_task|*|Task Menu|
+org.onap.policy|menu|menu_test|*|Test Menu|"{'org.onap.policy|System_Administrator'}"
+org.onap.policy|pdpd.healthcheck.configuration|*|get||"{'org.onap.policy|pdpd.admin'}"
+org.onap.policy|pdpd.healthcheck|*|get||"{'org.onap.policy|pdpd.admin', 'org.onap.policy|pdpd.monitor'}"
+org.onap.policy|pdpd.telemetry|*|delete||"{'org.onap.policy|pdpd.admin'}"
+org.onap.policy|pdpd.telemetry|*|get||"{'org.onap.policy|pdpd.admin', 'org.onap.policy|pdpd.monitor'}"
+org.onap.policy|pdpd.telemetry|*|post||"{'org.onap.policy|pdpd.admin'}"
+org.onap.policy|pdpd.telemetry|*|put||"{'org.onap.policy|pdpd.admin'}"
+org.onap.policy|pdpx.config|*|*||"{'org.onap.policy|pdpx.admin'}"
+org.onap.policy|pdpx.createDictionary|*|*||"{'org.onap.policy|pdpx.admin'}"
+org.onap.policy|pdpx.createPolicy|*|*||"{'org.onap.policy|pdpx.admin'}"
+org.onap.policy|pdpx.decision|*|*||"{'org.onap.policy|pdpx.admin'}"
+org.onap.policy|pdpx.getConfigByPolicyName|*|*||"{'org.onap.policy|pdpx.admin'}"
+org.onap.policy|pdpx.getConfig|*|*||"{'org.onap.policy|pdpx.admin'}"
+org.onap.policy|pdpx.getDecision|*|*||"{'org.onap.policy|pdpx.admin'}"
+org.onap.policy|pdpx.getDictionary|*|*||"{'org.onap.policy|pdpx.admin'}"
+org.onap.policy|pdpx.getMetrics|*|*||"{'org.onap.policy|pdpx.admin'}"
+org.onap.policy|pdpx.listConfig|*|*||"{'org.onap.policy|pdpx.admin'}"
+org.onap.policy|pdpx.list|*|*||"{'org.onap.policy|pdpx.admin'}"
+org.onap.policy|pdpx.listPolicy|*|*||"{'org.onap.policy|pdpx.admin'}"
+org.onap.policy|pdpx.policyEngineImport|*|*||"{'org.onap.policy|pdpx.admin'}"
+org.onap.policy|pdpx.pushPolicy|*|*||"{'org.onap.policy|pdpx.admin'}"
+org.onap.policy|pdpx.sendEvent|*|*||"{'org.onap.policy|pdpx.admin'}"
+org.onap.policy|pdpx.updateDictionary|*|*||"{'org.onap.policy|pdpx.admin'}"
+org.onap.policy|pdpx.updatePolicy|*|*||"{'org.onap.policy|pdpx.admin'}"
+org.onap.policy|url|doclib_admin|*|Document Library Admin|"{'org.onap.policy|System_Administrator'}"
+org.onap.policy|url|doclib|*|Document Library|"{'org.onap.policy|System_Administrator'}"
+org.onap.policy|url|login|*|Login|"{'org.onap.policy|Standard_User', 'org.onap.policy|System_Administrator'}"
+org.onap.policy|url|policy_admin|*|Policy Admin|"{'org.onap.policy|Policy_Super_Admin', 'org.onap.policy|Standard_User'}"
+org.onap.policy|url|policy_dashboard|*|Policy Dashboard|"{'org.onap.policy|Policy_Admin', 'org.onap.policy|Policy_Editor', 'org.onap.policy|Policy_Guest', 'org.onap.policy|Policy_Super_Admin', 'org.onap.policy|Policy_Super_Guest', 'org.onap.policy|Standard_User'}"
+org.onap.policy|url|policy_dictionary|*|Policy Dictionary|"{'org.onap.policy|Policy_Admin', 'org.onap.policy|Policy_Super_Admin', 'org.onap.policy|Standard_User'}"
+org.onap.policy|url|policy_editor|*|Policy Editor|"{'org.onap.policy|Policy_Admin', 'org.onap.policy|Policy_Editor', 'org.onap.policy|Policy_Guest', 'org.onap.policy|Policy_Super_Admin', 'org.onap.policy|Policy_Super_Guest', 'org.onap.policy|Standard_User'}"
+org.onap.policy|url|policy_pdp|*|Policy PDP|"{'org.onap.policy|Policy_Admin', 'org.onap.policy|Policy_Editor', 'org.onap.policy|Policy_Guest', 'org.onap.policy|Policy_Super_Admin', 'org.onap.policy|Policy_Super_Guest', 'org.onap.policy|Standard_User'}"
+org.onap.policy|url|policy_push|*|Policy Push|"{'org.onap.policy|Policy_Admin', 'org.onap.policy|Policy_Editor', 'org.onap.policy|Policy_Super_Admin', 'org.onap.policy|Standard_User'}"
+org.onap.policy|url|policy_roles|*|Policy Roles|"{'org.onap.policy|Policy_Super_Admin', 'org.onap.policy|Standard_User'}"
+org.onap.policy|url|view_reports|*|View Raptor reports|
+org.onap.pomba|access|*|*|AAF Namespace Write Access|"{'org.onap.pomba|admin'}"
+org.onap.pomba|access|*|read|AAF Namespace Read Access|"{'org.onap.pomba|owner'}"
+org.onap.pomba|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap.portal|access|*|*|Portal Write Access|{'org.onap.portal.admin'}
+org.onap.portal|access|*|read|Portal Read Access|
+org.onap.portal|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap.portal|menu|menu_acc_admin|*|Admin Account Menu|"{'org.onap.portal|Account_Administrator', 'org.onap.portal|System_Administrator'}"
+org.onap.portal|menu|menu_admin|*|Admin Menu|"{'org.onap.portal|System_Administrator', 'org.onap.portal|Usage_Analyst'}"
+org.onap.portal|menu|menu_ajax|*|Ajax Menu|
+org.onap.portal|menu|menu_customer_create|*|Customer Create|
+org.onap.portal|menu|menu_customer|*|Customer Menu|
+org.onap.portal|menu|menu_feedback|*|Feedback Menu|
+org.onap.portal|menu|menu_help|*|Help Menu|
+org.onap.portal|menu|menu_home|*|Home Menu|"{'org.onap.portal|Standard_User', 'org.onap.portal|System_Administrator'}"
+org.onap.portal|menu|menu_job_create|*|Job Create|
+org.onap.portal|menu|menu_job_designer|*|Process in Designer view|
+org.onap.portal|menu|menu_job|*|Job Menu|
+org.onap.portal|menu|menu_logout|*|Logout Menu|"{'org.onap.portal|Standard_User', 'org.onap.portal|System_Administrator'}"
+org.onap.portal|menu|menu_map|*|Map Menu|
+org.onap.portal|menu|menu_notes|*|Notes Menu|
+org.onap.portal|menu|menu_process|*|Process List|
+org.onap.portal|menu|menu_profile_create|*|Profile Create|
+org.onap.portal|menu|menu_profile_import|*|Profile Import|
+org.onap.portal|menu|menu_profile|*|Profile Menu|
+org.onap.portal|menu|menu_reports|*|Reports Menu|
+org.onap.portal|menu|menu_sample|*|Sample Pages Menu|
+org.onap.portal|menu|menu_tab|*|Sample Tab Menu|
+org.onap.portal|menu|menu_task_search|*|Task Search|"{'org.onap.portal|Usage_Analyst'}"
+org.onap.portal|menu|menu_task|*|Task Menu|"{'org.onap.portal|Usage_Analyst'}"
+org.onap.portal|menu|menu_web_analytics|*|Web Analytics|"{'org.onap.portal|Portal_Usage_Analyst', 'org.onap.portal|Usage_Analyst'}"
+org.onap.portal.test|aaaa|*|write||
+org.onap.portal.test|access1|*|read||
+org.onap.portal.test|access|*|*|AAF Namespace Write Access|"{'org.onap.portal.test|admin'}"
+org.onap.portal.test|access|*|read|AAF Namespace Read Access|"{'org.onap.portal.test|owner'}"
+org.onap.portal.test|myaccess|*|read||
+org.onap.portal.test|user1.access|*|read||
+org.onap.portal.test|user1.myaccess|*|read||
+org.onap.portal|url|addWebAnalyticsReport|*|Add Web Analytics Report|
+org.onap.portal|url|appsFullList|*|Apps Full List|
+org.onap.portal|url|centralizedApps|*|Centralized Apps|"{'org.onap.portal|Account_Administrator'}"
+org.onap.portal|url|edit_notification|*|User Notification|"{'org.onap.portal|Portal_Notification_Admin'}"
+org.onap.portal|url|functionalMenu|*|Functional Menu|
+org.onap.portal|url|getAdminNotifications|*|Admin Notifications|"{'org.onap.portal|Account_Administrator', 'org.onap.portal|Portal_Notification_Admin'}"
+org.onap.portal|url|getAllWebAnalytics|*|Get All Web Analytics|"{'org.onap.portal|Account_Administrator'}"
+org.onap.portal|url|getFunctionalMenuRole|*|Get Functional Menu Role|"{'org.onap.portal|Account_Administrator'}"
+org.onap.portal|url|getNotificationAppRoles|*|Get Notification App Roles|"{'org.onap.portal|Account_Administrator'}"
+org.onap.portal|url|get_role_functions%2f%2a|*|Get Role Functions|"{'org.onap.portal|Account_Administrator'}"
+org.onap.portal|url|get_roles%2f%2a|*|getRolesOfApp|"{'org.onap.portal|Account_Administrator'}"
+org.onap.portal|url|getUserAppsWebAnalytics|*|Get User Apps Web Analytics|"{'org.onap.portal|Account_Administrator'}"
+org.onap.portal|url|getUserJourneyAnalyticsReport|*|Get User Journey Report|"{'org.onap.portal|Account_Administrator'}"
+org.onap.portal|url|login|*|Login|"{'org.onap.portal|Standard_User', 'org.onap.portal|System_Administrator'}"
+org.onap.portal|url|notification_code|*|Notification Code|"{'org.onap.portal|Account_Administrator'}"
+org.onap.portal|url|role_function_list%2fsaveRoleFunction%2f%2a|*|Save Role Function|"{'org.onap.portal|Account_Administrator'}"
+org.onap.portal|url|saveNotification|*|publish notifications|"{'org.onap.portal|Portal_Notification_Admin'}"
+org.onap.portal|url|syncRoles|*|SyncRoles|"{'org.onap.portal|Account_Administrator'}"
+org.onap.portal|url|url_role.htm|*|role page|
+org.onap.portal|url|url_welcome.htm|*|welcome page|
+org.onap.portal|url|userAppRoles|*|userAppRoles|"{'org.onap.portal|Account_Administrator'}"
+org.onap.portal|url|userApps|*|User Apps|"{'org.onap.portal|Account_Administrator'}"
+org.onap.portal|url|view_reports|*|View Raptor reports|
+org.onap.sdc|access|*|*|AAF Namespace Write Access|"{'org.onap.sdc|admin'}"
+org.onap.sdc|access|*|read|AAF Namespace Read Access|"{'org.onap.sdc|owner'}"
+org.onap.sdc|administrator.access|*|*||"{'org.onap.sdc|admin'}"
+org.onap.sdc|certman|local|request,ignoreIPs,showpass||"{'org.onap.sdc|admin', 'org.osaaf.aaf|deploy'}"
+org.onap.sdc|designer.access|*|*||"{'org.onap.sdc|designer'}"
+org.onap.sdc|governance.access|*|*||"{'org.onap.sdc|governor'}"
+org.onap.sdc|operations.access|*|*||"{'org.onap.sdc|ops'}"
+org.onap.sdc|tester.access|*|*||"{'org.onap.sdc|tester'}"
+org.onap.sdnc|access|*|*|AAF Namespace Write Access|"{'org.onap.sdnc|admin'}"
+org.onap.sdnc|access|*|read|AAF Namespace Read Access|"{'org.onap.sdnc|owner'}"
+org.onap.sdnc-cds|access|*|*|AAF Namespace Write Access|"{'org.onap.sdnc-cds|admin', 'org.onap.sdnc-cds|service'}"
+org.onap.sdnc-cds|access|*|read|AAF Namespace Read Access|"{'org.onap.sdnc-cds|owner'}"
+org.onap.sdnc-cds|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap.sdnc|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap.sdnc|odl|odl-api|create||"{'org.onap.sdnc|service'}"
+org.onap.sdnc|odl|odl-api|delete||"{'org.onap.sdnc|service'}"
+org.onap.sdnc|odl|odl-api|*||"{'org.onap.sdnc|admin', 'org.onap.sdnc|service'}"
+org.onap.sdnc|odl|odl-api|read||"{'org.onap.sdnc|service'}"
+org.onap.sdnc|odl|odl-api|update||"{'org.onap.sdnc|service'}"
+org.onap.so|access|*|*|AAF Namespace Write Access|"{'org.onap.so|admin', 'org.onap.so|app'}"
+org.onap.so|access|*|read|AAF Namespace Read Access|"{'org.onap.so|owner'}"
+org.onap.so|certman|local|request,ignoreIPs,showpass||"{'org.onap.so|admin', 'org.onap.so|seeCerts', 'org.osaaf.aaf|deploy'}"
+org.onap.vfc|access|*|*|AAF Namespace Write Access|"{'org.onap.vfc|admin', 'org.onap.vfc|service'}"
+org.onap.vfc|access|*|read|AAF Namespace Read Access|"{'org.onap.vfc|owner'}"
+org.onap.vfc|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap.vid1|access|*|*|AAF Namespace Write Access|"{'org.onap.vid1|admin'}"
+org.onap.vid1|access|*|read|AAF Namespace Read Access|"{'org.onap.vid1|owner'}"
+org.onap.vid1|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap.vid2|access|*|*|AAF Namespace Write Access|"{'org.onap.vid2|admin'}"
+org.onap.vid2|access|*|read|AAF Namespace Read Access|"{'org.onap.vid2|owner'}"
+org.onap.vid2|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap.vid|access|*|*|AAF Namespace Write Access|"{'org.onap.vid|admin'}"
+org.onap.vid|access|*|read|AAF Namespace Read Access|"{'org.onap.vid|owner'}"
+org.onap.vid|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap.vid|menu|menu_admin|*|Admin Menu|"{'org.onap.vid|System_Administrator'}"
+org.onap.vid|menu|menu_ajax|*|Ajax Menu|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
+org.onap.vid|menu|menu_changemanagement|*|VNF Changes|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
+org.onap.vid|menu|menu_concept|*|CoNCEPT|
+org.onap.vid|menu|menu_customer_create|*|Customer Create|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
+org.onap.vid|menu|menu_customer|*|Customer Menu|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
+org.onap.vid|menu|menu_doclib|*|Document Library Menu|
+org.onap.vid|menu|menu_feedback|*|Feedback Menu|"{'org.onap.vid|System_Administrator'}"
+org.onap.vid|menu|menu_help|*|Help Menu|"{'org.onap.vid|System_Administrator'}"
+org.onap.vid|menu|menu_home|*|Home Menu|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
+org.onap.vid|menu|menu_itracker|*|iTracker Menu|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
+org.onap.vid|menu|menu_job_create|*|Job Create|"{'org.onap.vid|System_Administrator'}"
+org.onap.vid|menu|menu_job_designer|*|Process in Designer view|
+org.onap.vid|menu|menu_job|*|Job Menu|"{'org.onap.vid|System_Administrator'}"
+org.onap.vid|menu|menu_logout|*|Logout Menu|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
+org.onap.vid|menu|menu_map|*|Map Menu|"{'org.onap.vid|Standard_User'}"
+org.onap.vid|menu|menu_newserinstance|*|Create New Service Instance|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
+org.onap.vid|menu|menu_notes|*|Notes Menu|"{'org.onap.vid|System_Administrator'}"
+org.onap.vid|menu|menu_process|*|Process List|"{'org.onap.vid|System_Administrator'}"
+org.onap.vid|menu|menu_profile_create|*|Profile Create|"{'org.onap.vid|System_Administrator'}"
+org.onap.vid|menu|menu_profile_import|*|Profile Import|"{'org.onap.vid|System_Administrator'}"
+org.onap.vid|menu|menu_profile|*|Profile Menu|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
+org.onap.vid|menu|menu_reports|*|Reports Menu|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
+org.onap.vid|menu|menu_sample|*|Sample Pages Menu|"{'org.onap.vid|System_Administrator'}"
+org.onap.vid|menu|menu_searchexisting|*|Search for Existing Service Instances|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
+org.onap.vid|menu|menu_servicemodels|*|Browse SDC Service Instances|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
+org.onap.vid|menu|menu_tab|*|Sample Tab Menu|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
+org.onap.vid|menu|menu_task_search|*|Task Search|
+org.onap.vid|menu|menu_task|*|Task Menu|
+org.onap.vid|menu|menu_test|*|Test Menu|"{'org.onap.vid|System_Administrator'}"
+org.onap.vid|menu|menu_viewlog|*|Log Menu|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
+org.onap.vid|url|doclib_admin|*|Document Library Admin|"{'org.onap.vid|System_Administrator'}"
+org.onap.vid|url|doclib|*|Document Library|"{'org.onap.vid|System_Administrator'}"
+org.onap.vid|url|login|*|Login|"{'org.onap.vid|Standard_User', 'org.onap.vid|System_Administrator'}"
+org.onap.vid|url|view_reports|*|View Raptor reports|
+org.openecomp|access|*|*|OpenEcomp Write Access|{'org.openecomp.admin'}
+org.openecomp|access|*|read|OpenEcomp Read Access|{'org.openecomp.owner'}
+org.openecomp.dmaapBC|access|*|*|DMaap Write Access|{'org.openecomp.dmaapBC.admin'}
+org.openecomp.dmaapBC|access|*|read|DMaap Read Access|{'org.openecomp.dmaapBC.owner'}
+org.osaaf.aaf|access|*|*|AAF Write Access|{'org.osaaf.aaf.admin'}
+org.osaaf.aaf|access|*|read,approve|AAF Read Access|{'org.osaaf.aaf.owner'}
+org.osaaf.aaf|cache|all|clear||"{'org.osaaf.aaf|admin'}"
+org.osaaf.aaf|cache|*|clear||"{'org.osaaf.aaf|admin', 'org.osaaf.aaf|service'}"
+org.osaaf.aaf|cache|role|clear||"{'org.osaaf.aaf|admin'}"
+org.osaaf.aaf|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.osaaf.aaf|password|*|create,reset||"{'org.osaaf.aaf|admin'}"
+org.osaaf|access|*|*|OSAAF Write Access|{'org.osaaf.admin'}
+org.osaaf|access|*|read,appove|OSAAF Read Access|{'org.osaaf.owner'}
+org.osaaf.people|access|*|*|AAF Namespace Write Access|"{'org.osaaf.people|admin'}"
+org.osaaf.people|access|*|read|AAF Namespace Read Access|"{'org.osaaf.people|owner'}"
--- /dev/null
+org|admin|Org Admins|"{'org.access|*|*'}"
+org.onap.aaf-sms|admin|AAF Namespace Administrators|"{'org.onap.aaf-sms|access|*|*'}"
+org.onap.aaf-sms|owner|AAF Namespace Owners|"{'org.onap.aaf-sms|access|*|read'}"
+org.onap.aaf-sms|service||"{'org.onap.aaf-sms|access|*|read'}"
+org.onap.aai|aaiui||
+org.onap.aai|Account_Administrator||
+org.onap.aai|admin|AAF Namespace Administrators|"{'org.onap.aai|access|*|*'}"
+org.onap.aai|owner|AAF Namespace Owners|"{'org.onap.aai|access|*|read'}"
+org.onap.aai|resources_all|resources_all|"{'org.onap.aai|resources|*|delete', 'org.onap.aai|resources|*|get', 'org.onap.aai|resources|*|patch', 'org.onap.aai|resources|*|post', 'org.onap.aai|resources|*|put'}"
+org.onap.aai|resources_readonly|resources_readonly|"{'org.onap.aai|resources|*|get'}"
+org.onap.aai|traversal_advanced|traversal_advanced|"{'org.onap.aai|traversal|*|advanced'}"
+org.onap.aai|traversal_basic|traversal_basic|"{'org.onap.aai|traversal|*|basic'}"
+org.onap|admin|Onap Admins|"{'org.onap.access|*|*'}"
+org.onap.appc|admin|AAF Namespace Administrators|"{'org.onap.appc|access|*|*'}"
+org.onap.appc|apidoc||"{'org.onap.appc|apidoc|/apidoc/.*|ALL'}"
+org.onap.appc|jolokia||
+org.onap.appc|odl|Onap APPC ODL Admins|"{'org.onap.appc.odl|odl-api|*'}"
+org.onap.appc|owner|AAF Namespace Owners|"{'org.onap.appc|access|*|read'}"
+org.onap.appc|restconf||"{'org.onap.appc|restconf|/restconf/.*|ALL'}"
+org.onap.appc|service||"{'org.onap.appc|access|*|*'}"
+org.onap.cds|admin|AAF Namespace Administrators|"{'org.onap.cds|access|*|*'}"
+org.onap.cds|owner|AAF Namespace Owners|"{'org.onap.cds|access|*|read'}"
+org.onap.clamp|admin|AAF Namespace Administrators|"{'org.onap.clamp|access|*|*', 'org.onap.clamp|certman|local|request,ignoreIPs,showpass'}"
+org.onap.clamp|clds.admin.dev|Onap clamp Admin Dev|"{'org.onap.clamp.clds.template|dev|update', 'org.onap.clamp|clds.cl|dev|read', 'org.onap.clamp|clds.cl|dev|update', 'org.onap.clamp|clds.template|dev|read', 'org.onap.clamp|clds.template|dev|update'}"
+org.onap.clamp|clds.designer.dev|Onap clamp Designer Dev|"{'org.onap.clamp.clds.template|dev|update'}"
+org.onap.clamp|clds.vf_filter_all.dev|Onap clamp Filter All Dev|"{'org.onap.clamp.clds.filter.vf|dev|*'}"
+org.onap.clampdemo|admin|Onap Clamp Test Admins|"{'org.onap.clampdemo.access|*|*'}"
+org.onap.clampdemo|owner|onap clamp Test Owners|"{'org.onap.clampdemo.access|*|read'}"
+org.onap.clamp|owner|AAF Namespace Owners|
+org.onap.clamp|seeCerts||"{'org.onap.clamp|certman|local|request,ignoreIPs,showpass'}"
+org.onap.clamp|service||"{'org.onap.clamp|access|*|*', 'org.onap.clamp|clds.cl.manage|dev|*', 'org.onap.clamp|clds.cl|dev|*', 'org.onap.clamp|clds.filter.vf|dev|*', 'org.onap.clamp|clds.template|dev|*', 'org.onap.clamp|clds.tosca|dev|*'}"
+org.onap.clamptest|admin|Onap Clamp Test Admins|"{'org.onap.clamptest.access|*|*'}"
+org.onap.clamptest|owner|onap clamp Test Owners|"{'org.onap.clamptest.access|*|read'}"
+org.onap.dcae|admin|AAF Namespace Administrators|"{'org.onap.dcae|access|*|*', 'org.onap.dmaap-bc|access|*|read'}"
+org.onap.dcae|owner|AAF Namespace Owners|"{'org.onap.dcae|access|*|read'}"
+org.onap.dcae|pmPublisher||
+org.onap.dcae|pmSubscriber||
+org.onap.dcae|pnfPublisher||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aPnfTopic-1540492548|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aPnfTopic-1540492548|view', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-000|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-000|view', 'org.onap.dmaap.mr|topic|org.onap.dmaap.mr.PM_MAPPER|pub', 'org.onap.dmaap.mr|topic|org.onap.dmaap.mr.PM_MAPPER|sub'}"
+org.onap.dcae|pnfSubscriber||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aPnfTopic-1540492548|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aPnfTopic-1540492548|view'}"
+org.onap.dcae|seeCerts||"{'org.onap.dcae|certman|local|request,ignoreIPs,showpass'}"
+org.onap.dmaap|admin|AAF Namespace Administrators|"{'org.onap.dmaap|access|*|*'}"
+org.onap.dmaap-bc|admin|AAF Namespace Administrators|"{'org.onap.dcae|access|*|*', 'org.onap.dmaap-bc.api|access|*|*', 'org.onap.dmaap-bc.api|access|*|read', 'org.onap.dmaap-bc|access|*|*'}"
+org.onap.dmaap.bc|admin|AAF Namespace Administrators|"{'org.onap.dmaap.bc|access|*|*'}"
+org.onap.dmaapbc|admin|AAF Namespace Administrators|"{'org.onap.dmaapbc|access|*|*'}"
+org.onap.dmaap-bc.api|admin|AAF Namespace Administrators|"{'org.onap.dmaap-bc.api|access|*|*'}"
+org.onap.dmaap-bc.api|Controller||"{'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|GET', 'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|POST', 'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|PUT', 'org.onap.dmaap-bc.api|dmaap|boot|DELETE', 'org.onap.dmaap-bc.api|dmaap|boot|GET', 'org.onap.dmaap-bc.api|dmaap|boot|POST', 'org.onap.dmaap-bc.api|dmaap|boot|PUT', 'org.onap.dmaap-bc.api|dmaap|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dmaap|onapdemo|GET', 'org.onap.dmaap-bc.api|dmaap|onapdemo|POST', 'org.onap.dmaap-bc.api|dmaap|onapdemo|PUT', 'org.onap.dmaap-bc.api|dr_nodes|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dr_nodes|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_nodes|onapdemo|POST', 'org.onap.dmaap-bc.api|dr_nodes|onapdemo|PUT', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|POST', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|PUT', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|POST', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|PUT', 'org.onap.dmaap-bc.api|feeds|onapdemo|DELETE', 'org.onap.dmaap-bc.api|feeds|onapdemo|GET', 'org.onap.dmaap-bc.api|feeds|onapdemo|POST', 'org.onap.dmaap-bc.api|feeds|onapdemo|PUT', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|DELETE', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|POST', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|PUT', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|DELETE', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|POST', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|PUT', 'org.onap.dmaap-bc.api|topics|onapdemo|DELETE', 'org.onap.dmaap-bc.api|topics|onapdemo|GET', 'org.onap.dmaap-bc.api|topics|onapdemo|POST', 'org.onap.dmaap-bc.api|topics|onapdemo|PUT'}"
+org.onap.dmaap-bc.api|Inventory||"{'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|GET', 'org.onap.dmaap-bc.api|dmaap|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_nodes|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|GET', 'org.onap.dmaap-bc.api|feeds|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|GET', 'org.onap.dmaap-bc.api|topics|onapdemo|GET'}"
+org.onap.dmaap-bc.api|Metrics||"{'org.onap.dmaap-bc.api|bridge|onapdemo|GET', 'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|GET', 'org.onap.dmaap-bc.api|dmaap|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|GET', 'org.onap.dmaap-bc.api|feeds|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|GET', 'org.onap.dmaap-bc.api|topics|onapdemo|GET'}"
+org.onap.dmaap-bc.api|Orchestrator||"{'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|GET', 'org.onap.dmaap-bc.api|dmaap|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_nodes|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|POST', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|PUT', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|POST', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|PUT', 'org.onap.dmaap-bc.api|feeds|onapdemo|GET', 'org.onap.dmaap-bc.api|feeds|onapdemo|POST', 'org.onap.dmaap-bc.api|feeds|onapdemo|PUT', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|DELETE', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|POST', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|PUT', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|GET', 'org.onap.dmaap-bc.api|topics|onapdemo|DELETE', 'org.onap.dmaap-bc.api|topics|onapdemo|GET', 'org.onap.dmaap-bc.api|topics|onapdemo|POST', 'org.onap.dmaap-bc.api|topics|onapdemo|PUT'}"
+org.onap.dmaap-bc.api|owner|AAF Namespace Owners|"{'org.onap.dmaap-bc.api|access|*|read'}"
+org.onap.dmaap-bc.api|PortalUser||"{'org.onap.dmaap-bc.api|dcaeLocations|onapdemo|GET', 'org.onap.dmaap-bc.api|dmaap|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_nodes|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|POST', 'org.onap.dmaap-bc.api|dr_pubs|onapdemo|PUT', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|DELETE', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|GET', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|POST', 'org.onap.dmaap-bc.api|dr_subs|onapdemo|PUT', 'org.onap.dmaap-bc.api|feeds|onapdemo|DELETE', 'org.onap.dmaap-bc.api|feeds|onapdemo|GET', 'org.onap.dmaap-bc.api|feeds|onapdemo|POST', 'org.onap.dmaap-bc.api|feeds|onapdemo|PUT', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|DELETE', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|GET', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|POST', 'org.onap.dmaap-bc.api|mr_clients|onapdemo|PUT', 'org.onap.dmaap-bc.api|mr_clusters|onapdemo|GET', 'org.onap.dmaap-bc.api|topics|onapdemo|GET'}"
+org.onap.dmaap-bc-mm-prov|admin|AAF Namespace Administrators|"{'org.onap.dmaap-bc-mm-prov|access|*|*'}"
+org.onap.dmaap-bc-mm-prov|owner|AAF Namespace Owners|"{'org.onap.dmaap-bc-mm-prov|access|*|read'}"
+org.onap.dmaap-bc|owner|AAF Namespace Owners|"{'org.onap.dmaap-bc|access|*|read'}"
+org.onap.dmaap.bc|owner|AAF Namespace Owners|"{'org.onap.dmaap.bc|access|*|read'}"
+org.onap.dmaapbc|owner|AAF Namespace Owners|"{'org.onap.dmaapbc|access|*|read'}"
+org.onap.dmaap-bc|seeCerts||"{'org.onap.dmaap-bc|certman|local|request,ignoreIPs,showpass'}"
+org.onap.dmaap.bc|service||"{'org.onap.dmaap.bc|access|*|*'}"
+org.onap.dmaap-bc|service||"{'org.onap.dmaap-bc.api|access|*|read', 'org.onap.dmaap-dr|feed|*|*', 'org.onap.dmaap-dr|sub|*|*', 'org.onap.dmaap.mr|access|*|*', 'org.onap.dmaap.mr|topicFactory|:org.onap.dmaap.mr.topic:org.onap.dmaap.mr|create,destroy', 'org.onap.dmaap.mr|topic|*|*', 'org.onap.dmaap.mr|topic|*|view'}"
+org.onap.dmaap-bc-topic-mgr|admin|AAF Namespace Administrators|"{'org.onap.dcae|access|*|*', 'org.onap.dmaap-bc-topic-mgr|access|*|*'}"
+org.onap.dmaap-bc-topic-mgr|client||"{'org.onap.dmaap.mr|topicFactory|:org.onap.dmaap.mr.topic:org.onap.dmaap.mr|create', 'org.onap.dmaap.mr|topicFactory|:org.onap.dmaap.mr.topic:org.onap.dmaap.mr|destroy'}"
+org.onap.dmaap-bc-topic-mgr|owner|AAF Namespace Owners|"{'org.onap.dmaap-bc-topic-mgr|access|*|read'}"
+org.onap.dmaap-dr|admin|AAF Namespace Administrators|"{'org.onap.dmaap-dr|access|*|*'}"
+org.onap.dmaap-dr|feed.admin||"{'org.onap.dmaap-dr|feed|*|*'}"
+org.onap.dmaap-dr|owner|AAF Namespace Owners|"{'org.onap.dmaap-dr|access|*|read'}"
+org.onap.dmaap-dr|seeCerts||"{'org.onap.dmaap-dr|certman|local|request,ignoreIPs,showpass'}"
+org.onap.dmaap-dr|sub.admin||"{'org.onap.dmaap-dr|sub|*|*'}"
+org.onap.dmaap.mr|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr|access|*|*'}"
+org.onap.dmaap-mr|admin|AAF Namespace Administrators|"{'org.onap.dmaap-mr|access|*|*', 'org.onap.dmaap-mr|saitest|:topic.org.onap.dmaap-bc.mr.dglTest201810100535|pub'}"
+org.onap.dmaap.mr.aNewTopic-123450|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aNewTopic-123450|access|*|*'}"
+org.onap.dmaap.mr.aNewTopic-123450|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aNewTopic-123450|access|*|read'}"
+org.onap.dmaap.mr.aNewTopic-123450|publisher||
+org.onap.dmaap.mr.aNewTopic-123450|subscriber||
+org.onap.dmaap.mr.aNewTopic-123451|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aNewTopic-123451|access|*|*'}"
+org.onap.dmaap.mr.aNewTopic-123451|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aNewTopic-123451|access|*|read'}"
+org.onap.dmaap.mr.aNewTopic-123451|publisher||
+org.onap.dmaap.mr.aNewTopic-123451|subscriber||
+org.onap.dmaap.mr.aNewTopic-1547667570|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aNewTopic-1547667570|access|*|*'}"
+org.onap.dmaap.mr.aNewTopic-1547667570|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aNewTopic-1547667570|access|*|read'}"
+org.onap.dmaap.mr|aNewTopic-1547667571.publisher||
+org.onap.dmaap.mr|aNewTopic-1547667571.subscriber||
+org.onap.dmaap.mr.aNewTopic-|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aNewTopic-|access|*|*'}"
+org.onap.dmaap.mr.aNewTopic-|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aNewTopic-|access|*|read'}"
+org.onap.dmaap.mr.aNewTopic-|publisher||
+org.onap.dmaap.mr.aNewTopic-|subscriber||
+org.onap.dmaap.mr.aTest-1547665517|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTest-1547665517|access|*|*'}"
+org.onap.dmaap.mr.aTest-1547665517|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTest-1547665517|access|*|read'}"
+org.onap.dmaap.mr.aTest-1547665517|publisher||
+org.onap.dmaap.mr|aTest-1547665518.subscriber||
+org.onap.dmaap.mr.aTest-1547666628|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTest-1547666628|access|*|*'}"
+org.onap.dmaap.mr.aTest-1547666628|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTest-1547666628|access|*|read'}"
+org.onap.dmaap.mr|aTest-1547666629.publisher||
+org.onap.dmaap.mr|aTest-1547666629.subscriber||
+org.onap.dmaap.mr.aTest-1547666760|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTest-1547666760|access|*|*'}"
+org.onap.dmaap.mr.aTest-1547666760|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTest-1547666760|access|*|read'}"
+org.onap.dmaap.mr|aTest-1547666761.publisher||
+org.onap.dmaap.mr|aTest-1547666761.subscriber||
+org.onap.dmaap.mr.aTest-1547666950|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTest-1547666950|access|*|*'}"
+org.onap.dmaap.mr.aTest-1547666950|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTest-1547666950|access|*|read'}"
+org.onap.dmaap.mr.aTest-1547666950|publisher||
+org.onap.dmaap.mr|aTest-1547666951.subscriber||
+org.onap.dmaap.mr.aTest-1547667031|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTest-1547667031|access|*|*'}"
+org.onap.dmaap.mr.aTest-1547667031|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTest-1547667031|access|*|read'}"
+org.onap.dmaap.mr|aTest-1547667032.publisher||
+org.onap.dmaap.mr|aTest-1547667032.subscriber||
+org.onap.dmaap.mr.aTestTopic-123456|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTestTopic-123456|access|*|*'}"
+org.onap.dmaap.mr.aTestTopic-123456|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTestTopic-123456|access|*|read'}"
+org.onap.dmaap.mr.aTestTopic-123456|publisher||
+org.onap.dmaap.mr.aTestTopic-123456|subscriber||
+org.onap.dmaap.mr.aTestTopic-123457|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTestTopic-123457|access|*|*'}"
+org.onap.dmaap.mr.aTestTopic-123457|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTestTopic-123457|access|*|read'}"
+org.onap.dmaap.mr.aTestTopic-123457|publisher||
+org.onap.dmaap.mr.aTestTopic-123457|subscriber||
+org.onap.dmaap.mr.aTestTopic-1547660509|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTestTopic-1547660509|access|*|*'}"
+org.onap.dmaap.mr.aTestTopic-1547660509|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTestTopic-1547660509|access|*|read'}"
+org.onap.dmaap.mr.aTestTopic-1547660861|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTestTopic-1547660861|access|*|*'}"
+org.onap.dmaap.mr.aTestTopic-1547660861|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTestTopic-1547660861|access|*|read'}"
+org.onap.dmaap.mr.aTestTopic-1547661011|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTestTopic-1547661011|access|*|*'}"
+org.onap.dmaap.mr.aTestTopic-1547661011|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTestTopic-1547661011|access|*|read'}"
+org.onap.dmaap.mr.aTestTopic-1547661011|publisher||
+org.onap.dmaap.mr.aTestTopic-1547662122|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTestTopic-1547662122|access|*|*'}"
+org.onap.dmaap.mr.aTestTopic-1547662122|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTestTopic-1547662122|access|*|read'}"
+org.onap.dmaap.mr.aTestTopic-1547662122|publisher||
+org.onap.dmaap.mr.aTestTopic-1547662451|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTestTopic-1547662451|access|*|*'}"
+org.onap.dmaap.mr.aTestTopic-1547662451|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTestTopic-1547662451|access|*|read'}"
+org.onap.dmaap.mr|aTestTopic-1547662452.publisher||
+org.onap.dmaap.mr.aTestTopic-1547664813|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTestTopic-1547664813|access|*|*'}"
+org.onap.dmaap.mr.aTestTopic-1547664813|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTestTopic-1547664813|access|*|read'}"
+org.onap.dmaap.mr.aTestTopic-1547664813|publisher||
+org.onap.dmaap.mr.aTestTopic-1547664813|subscriber||
+org.onap.dmaap.mr.aTestTopic-1547664928|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTestTopic-1547664928|access|*|*'}"
+org.onap.dmaap.mr.aTestTopic-1547664928|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTestTopic-1547664928|access|*|read'}"
+org.onap.dmaap.mr.aTestTopic-1547664928|publisher||
+org.onap.dmaap.mr.aTestTopic-1547664928|subscriber||
+org.onap.dmaap.mr.aTestTopic-1547666068|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTestTopic-1547666068|access|*|*'}"
+org.onap.dmaap.mr.aTestTopic-1547666068|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTestTopic-1547666068|access|*|read'}"
+org.onap.dmaap.mr.aTopic-1547654909|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.aTopic-1547654909|access|*|*'}"
+org.onap.dmaap.mr.aTopic-1547654909|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.aTopic-1547654909|access|*|read'}"
+org.onap.dmaap.mr|create||"{'org.onap.dmaap.mr|topicFactory|:org.onap.dmaap.mr.topic:org.onap.dmaap.mr|create'}"
+org.onap.dmaap.mr|destroy||"{'org.onap.dmaap.mr|topicFactory|:org.onap.dmaap.mr.topic:org.onap.dmaap.mr|destroy'}"
+org.onap.dmaap.mr.dgl000|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.dgl000|access|*|*'}"
+org.onap.dmaap.mr.dgl000|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.dgl000|access|*|read'}"
+org.onap.dmaap.mr.dgl000|publisher||
+org.onap.dmaap.mr.dgl000|subscriber||
+org.onap.dmaap.mr.dgl_ready|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.dgl_ready|access|*|*'}"
+org.onap.dmaap.mr.dgl_ready|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.dgl_ready|access|*|read'}"
+org.onap.dmaap.mr.dgl_ready|publisher||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dgl_ready|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dgl_ready|view'}"
+org.onap.dmaap.mr.dgl_ready|subscriber||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dgl_ready|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dgl_ready|view'}"
+org.onap.dmaap.mr.IdentityTopic-12345|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.IdentityTopic-12345|access|*|*'}"
+org.onap.dmaap.mr.IdentityTopic-12345|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.IdentityTopic-12345|access|*|read'}"
+org.onap.dmaap.mr.IdentityTopic-12345|publisher||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.IdentityTopic-12345|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.IdentityTopic-12345|view'}"
+org.onap.dmaap.mr.IdentityTopic-12345|subscriber||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.IdentityTopic-12345|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.IdentityTopic-12345|view'}"
+org.onap.dmaap.mr.IdentityTopic-1547839476|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.IdentityTopic-1547839476|access|*|*'}"
+org.onap.dmaap.mr.IdentityTopic-1547839476|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.IdentityTopic-1547839476|access|*|read'}"
+org.onap.dmaap.mr.IdentityTopic-1547839476|publisher||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.IdentityTopic-1547839476|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.IdentityTopic-1547839476|view'}"
+org.onap.dmaap.mr.IdentityTopic-1547839476|subscriber||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.IdentityTopic-1547839476|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.IdentityTopic-1547839476|view'}"
+org.onap.dmaap.mr|mirrormaker.admin||"{'org.onap.dmaap.mr|mirrormaker|*|admin'}"
+org.onap.dmaap.mr.mirrormakeragent|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.mirrormakeragent|access|*|*'}"
+org.onap.dmaap.mr.mirrormakeragent|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.mirrormakeragent|access|*|read'}"
+org.onap.dmaap.mr.mirrormakeragent|publisher||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mirrormakeragent|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mirrormakeragent|view'}"
+org.onap.dmaap.mr.mirrormakeragent|pub||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mirrormakeragent|pub'}"
+org.onap.dmaap.mr.mirrormakeragent|sub||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mirrormakeragent|sub'}"
+org.onap.dmaap.mr.mirrormakeragent|subscriber||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mirrormakeragent|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mirrormakeragent|view'}"
+org.onap.dmaap.mr|mirrormaker.user||"{'org.onap.dmaap.mr|mirrormaker|*|user'}"
+org.onap.dmaap.mr|mmagent.sub||
+org.onap.dmaap.mr|mmagent.sub1||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mmagent|sub'}"
+org.onap.dmaap.mr|mrtesttopic.pub||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mrtesttopic|pub'}"
+org.onap.dmaap.mr|mrtesttopic.sub||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.mrtesttopic|sub'}"
+org.onap.dmaap.mr|mrtestt.pub||
+org.onap.dmaap-mr|owner|AAF Namespace Owners|"{'org.onap.dmaap-mr|access|*|read'}"
+org.onap.dmaap.mr|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr|access|*|read'}"
+org.onap.dmaap.mr.partitionTest-1546033194|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.partitionTest-1546033194|access|*|*'}"
+org.onap.dmaap.mr.partitionTest-1546033194|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.partitionTest-1546033194|access|*|read'}"
+org.onap.dmaap.mr.PM_MAPPER|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.PM_MAPPER|access|*|*'}"
+org.onap.dmaap.mr.PM_MAPPER|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.PM_MAPPER|access|*|read'}"
+org.onap.dmaap.mr.PM_MAPPER|publisher||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PM_MAPPER|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PM_MAPPER|view'}"
+org.onap.dmaap.mr.PM_MAPPER|subscriber||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PM_MAPPER|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PM_MAPPER|view'}"
+org.onap.dmaap.mr.PNF_READY|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.PNF_READY|access|*|*'}"
+org.onap.dmaap.mr.PNF_READY|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.PNF_READY|access|*|read'}"
+org.onap.dmaap.mr.PNF_READY|publisher||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_READY|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_READY|view'}"
+org.onap.dmaap.mr.PNF_READY|pub||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_READY|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_READY|view', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540393649|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540393649|view', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540398384|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540398384|view', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540398410|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PolandSpring1540398410|view'}"
+org.onap.dmaap.mr.PNF_READY|sub||
+org.onap.dmaap.mr.PNF_READY|subscriber||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_READY|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_READY|view'}"
+org.onap.dmaap.mr.PNF_REGISTRATION|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.PNF_REGISTRATION|access|*|*'}"
+org.onap.dmaap.mr.PNF_REGISTRATION|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.PNF_REGISTRATION|access|*|read'}"
+org.onap.dmaap.mr.PNF_REGISTRATION|pub||
+org.onap.dmaap.mr.PNF_REGISTRATION|publisher||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_REGISTRATION|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_REGISTRATION|view'}"
+org.onap.dmaap.mr.PNF_REGISTRATION|sub||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_REGISTRATION|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_REGISTRATION|view'}"
+org.onap.dmaap.mr|PNF_REGISTRATION.sub||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_REGISTRATION|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_REGISTRATION|view'}"
+org.onap.dmaap.mr.PNF_REGISTRATION|subscriber||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_REGISTRATION|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.PNF_REGISTRATION|view'}"
+org.onap.dmaap-mr|Publisher||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aSimpleTopic-1540491614|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aSimpleTopic-1540491614|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aSimpleTopic-1540491614|view', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aSimpleTopic|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aSimpleTopic|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aSimpleTopic|view', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aafIntegTest-1539385466|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aafIntegTest-1539385466|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aafIntegTest-1539385466|view', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aafIntegTest-1539628418|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aafIntegTest-1539628418|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.aafIntegTest-1539628418|view', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539370708|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539370708|view', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539371800|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539371800|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539371800|view', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539385250|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539385250|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.dglTest1539385250|view'}"
+org.onap.dmaap-mr|sai||"{'org.onap.dmaap-mr|saitest|:topic.org.onap.dmaap-bc.mr.dglTest201810100535|pub'}"
+org.onap.dmaap.mr|service||"{'org.onap.dmaap.mr|access|*|read'}"
+org.onap.dmaap-mr.sunil|admin2||"{'org.onap.dmaap-mr.sunil|test|:topic.org.onap.dmaap-bc.mr.dglTest201810100535|pub'}"
+org.onap.dmaap-mr.sunil|admin|AAF Namespace Administrators|"{'org.onap.dmaap-mr.sunil|access|*|*'}"
+org.onap.dmaap-mr.sunil|owner|AAF Namespace Owners|"{'org.onap.dmaap-mr.sunil|access|*|read'}"
+org.onap.dmaap.mr|test1||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.test1|pub'}"
+org.onap.dmaap-mr.test|admin|AAF Namespace Administrators|"{'org.onap.dmaap-mr.test|access|*|*'}"
+org.onap.dmaap-mr.test|owner|AAF Namespace Owners|"{'org.onap.dmaap-mr.test|access|*|read'}"
+org.onap.dmaap.mr.topic-000|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.topic-000|access|*|*'}"
+org.onap.dmaap.mr.topic-000|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.topic-000|access|*|read'}"
+org.onap.dmaap.mr.topic-000|publisher||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-000|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-000|view'}"
+org.onap.dmaap.mr.topic-000|subscriber||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-000|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-000|view'}"
+org.onap.dmaap.mr.topic-001|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.topic-001|access|*|*'}"
+org.onap.dmaap.mr.topic-001|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.topic-001|access|*|read'}"
+org.onap.dmaap.mr.topic-001|publisher||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-001|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-001|view'}"
+org.onap.dmaap.mr.topic-001|subscriber||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-001|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-001|view'}"
+org.onap.dmaap.mr.topic-002|admin|AAF Namespace Administrators|"{'org.onap.dmaap.mr.topic-002|access|*|*'}"
+org.onap.dmaap.mr.topic-002|owner|AAF Namespace Owners|"{'org.onap.dmaap.mr.topic-002|access|*|read'}"
+org.onap.dmaap.mr.topic-002|publisher||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-002|pub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-002|view'}"
+org.onap.dmaap.mr.topic-002|subscriber||"{'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-002|sub', 'org.onap.dmaap.mr|topic|:topic.org.onap.dmaap.mr.topic-002|view'}"
+org.onap.dmaap.mr|view||"{'org.onap.dmaap.mr|topic|*|view'}"
+org.onap.dmaap.mr|viewtest||"{'org.onap.dmaap.mr|viewtest|*|view'}"
+org.onap.dmaap|owner|AAF Namespace Owners|"{'org.onap.dmaap|access|*|read'}"
+org.onap.holmes|admin|AAF Namespace Administrators|"{'org.onap.holmes|access|*|*'}"
+org.onap.holmes|owner|AAF Namespace Owners|"{'org.onap.holmes|access|*|read'}"
+org.onap.holmes|service||
+org.onap.music|admin|AAF Namespace Administrators|"{'org.onap.music|access|*|*', 'org.onap.music|certman|local|request,ignoreIPs,showpass'}"
+org.onap.music|owner|AAF Namespace Owners|"{'org.onap.music|access|*|read'}"
+org.onap.music|service||
+org.onap.nbi|admin|AAF Namespace Administrators|"{'org.onap.nbi|access|*|*', 'org.onap.nbi|certman|local|request,ignoreIPs,showpass'}"
+org.onap.nbi|owner|AAF Namespace Owners|"{'org.onap.nbi|access|*|read'}"
+org.onap.nbi|seeCerts||"{'org.onap.nbi|certman|local|request,ignoreIPs,showpass'}"
+org.onap.nbi|service||"{'org.onap.nbi|access|*|*'}"
+org.onap.oof|admin|AAF Namespace Administrators|"{'org.onap.oof|access|*|*', 'org.onap.oof|certman|local|request,ignoreIPs,showpass'}"
+org.onap.oof|owner|AAF Namespace Owners|"{'org.onap.oof|access|*|read'}"
+org.onap.oof|service||"{'org.onap.oof|access|*|*'}"
+org.onap|owner|onap Owners|"{'org.onap.access|*|read'}"
+org.onap.policy|Account_Administrator|null|
+org.onap.policy|admin||"{'org.onap.policy|access|*|*'}"
+org.onap.policy|owner|AAF Namespace Owners|"{'org.onap.policy|access|*|read'}"
+org.onap.policy|pdpd.admin|pdpd.admin|"{'org.onap.policy|access|*|*', 'org.onap.policy|access|*|read', 'org.onap.policy|pdpd.healthcheck.configuration|*|get', 'org.onap.policy|pdpd.healthcheck|*|get', 'org.onap.policy|pdpd.telemetry|*|delete', 'org.onap.policy|pdpd.telemetry|*|get', 'org.onap.policy|pdpd.telemetry|*|post', 'org.onap.policy|pdpd.telemetry|*|put'}"
+org.onap.policy|pdpd.monitor|pdpd.monitor|"{'org.onap.policy|pdpd.healthcheck|*|get', 'org.onap.policy|pdpd.telemetry|*|get'}"
+org.onap.policy|pdpx.admin|pdpx.admin|"{'org.onap.policy|pdpx.config|*|*', 'org.onap.policy|pdpx.createDictionary|*|*', 'org.onap.policy|pdpx.createPolicy|*|*', 'org.onap.policy|pdpx.decision|*|*', 'org.onap.policy|pdpx.getConfigByPolicyName|*|*', 'org.onap.policy|pdpx.getConfig|*|*', 'org.onap.policy|pdpx.getDecision|*|*', 'org.onap.policy|pdpx.getDictionary|*|*', 'org.onap.policy|pdpx.getMetrics|*|*', 'org.onap.policy|pdpx.listConfig|*|*', 'org.onap.policy|pdpx.listPolicy|*|*', 'org.onap.policy|pdpx.list|*|*', 'org.onap.policy|pdpx.policyEngineImport|*|*', 'org.onap.policy|pdpx.pushPolicy|*|*', 'org.onap.policy|pdpx.sendEvent|*|*', 'org.onap.policy|pdpx.updateDictionary|*|*', 'org.onap.policy|pdpx.updatePolicy|*|*'}"
+org.onap.policy|pdpx.monitor|pdpx.monitor|
+org.onap.policy|Policy_Admin|Policy_Admin|"{'org.onap.policy|menu|menu_policy|*', 'org.onap.policy|url|policy_dashboard|*', 'org.onap.policy|url|policy_dictionary|*', 'org.onap.policy|url|policy_editor|*', 'org.onap.policy|url|policy_pdp|*', 'org.onap.policy|url|policy_push|*'}"
+org.onap.policy|Policy_Editor|Policy_Editor|"{'org.onap.policy|menu|menu_policy|*', 'org.onap.policy|url|policy_dashboard|*', 'org.onap.policy|url|policy_editor|*', 'org.onap.policy|url|policy_pdp|*', 'org.onap.policy|url|policy_push|*'}"
+org.onap.policy|Policy_Guest|Policy_Guest|"{'org.onap.policy|menu|menu_policy|*', 'org.onap.policy|url|policy_dashboard|*', 'org.onap.policy|url|policy_editor|*', 'org.onap.policy|url|policy_pdp|*'}"
+org.onap.policy|Policy_Super_Admin|Policy_Super_Admin|"{'org.onap.policy|menu|menu_policy|*', 'org.onap.policy|url|policy_admin|*', 'org.onap.policy|url|policy_dashboard|*', 'org.onap.policy|url|policy_dictionary|*', 'org.onap.policy|url|policy_editor|*', 'org.onap.policy|url|policy_pdp|*', 'org.onap.policy|url|policy_push|*', 'org.onap.policy|url|policy_roles|*'}"
+org.onap.policy|Policy_Super_Guest|Policy_Super_Guest|"{'org.onap.policy|menu|menu_policy|*', 'org.onap.policy|url|policy_dashboard|*', 'org.onap.policy|url|policy_editor|*', 'org.onap.policy|url|policy_pdp|*'}"
+org.onap.policy|seeCerts|seeCerts|"{'org.onap.policy|certman|local|request,ignoreIPs,showpass'}"
+org.onap.policy|Standard_User|Standard User|"{'org.onap.policy|menu|menu_ajax|*', 'org.onap.policy|menu|menu_customer_create|*', 'org.onap.policy|menu|menu_customer|*', 'org.onap.policy|menu|menu_home|*', 'org.onap.policy|menu|menu_itracker|*', 'org.onap.policy|menu|menu_logout|*', 'org.onap.policy|menu|menu_map|*', 'org.onap.policy|menu|menu_policy|*', 'org.onap.policy|menu|menu_profile|*', 'org.onap.policy|menu|menu_reports|*', 'org.onap.policy|menu|menu_tab|*', 'org.onap.policy|url|login|*', 'org.onap.policy|url|policy_admin|*', 'org.onap.policy|url|policy_dashboard|*', 'org.onap.policy|url|policy_dictionary|*', 'org.onap.policy|url|policy_editor|*', 'org.onap.policy|url|policy_pdp|*', 'org.onap.policy|url|policy_push|*', 'org.onap.policy|url|policy_roles|*'}"
+org.onap.policy|System_Administrator|System Administrator|"{'org.onap.policy|menu|menu_admin|*', 'org.onap.policy|menu|menu_ajax|*', 'org.onap.policy|menu|menu_customer_create|*', 'org.onap.policy|menu|menu_customer|*', 'org.onap.policy|menu|menu_feedback|*', 'org.onap.policy|menu|menu_help|*', 'org.onap.policy|menu|menu_home|*', 'org.onap.policy|menu|menu_itracker|*', 'org.onap.policy|menu|menu_job_create|*', 'org.onap.policy|menu|menu_job|*', 'org.onap.policy|menu|menu_logout|*', 'org.onap.policy|menu|menu_notes|*', 'org.onap.policy|menu|menu_process|*', 'org.onap.policy|menu|menu_profile_create|*', 'org.onap.policy|menu|menu_profile_import|*', 'org.onap.policy|menu|menu_profile|*', 'org.onap.policy|menu|menu_reports|*', 'org.onap.policy|menu|menu_sample|*', 'org.onap.policy|menu|menu_tab|*', 'org.onap.policy|menu|menu_test|*', 'org.onap.policy|url|doclib_admin|*', 'org.onap.policy|url|doclib|*', 'org.onap.policy|url|login|*'}"
+org.onap.pomba|admin|AAF Namespace Administrators|"{'org.onap.pomba|access|*|*'}"
+org.onap.pomba|owner|AAF Namespace Owners|"{'org.onap.pomba|access|*|read'}"
+org.onap.portal|Account_Administrator|Account Administrator|"{'org.onap.portal|menu|menu_acc_admin|*', 'org.onap.portal|url|centralizedApps|*', 'org.onap.portal|url|getAdminNotifications|*', 'org.onap.portal|url|getAllWebAnalytics|*', 'org.onap.portal|url|getFunctionalMenuRole|*', 'org.onap.portal|url|getNotificationAppRoles|*', 'org.onap.portal|url|getUserAppsWebAnalytics|*', 'org.onap.portal|url|getUserJourneyAnalyticsReport|*', 'org.onap.portal|url|get_role_functions%2f%2a|*', 'org.onap.portal|url|get_roles%2f%2a|*', 'org.onap.portal|url|notification_code|*', 'org.onap.portal|url|role_function_list%2fsaveRoleFunction%2f%2a|*', 'org.onap.portal|url|syncRoles|*', 'org.onap.portal|url|userAppRoles|*', 'org.onap.portal|url|userApps|*'}"
+org.onap.portal|admin|Portal Admins|"{'org.onap.portal.access|*|*'}"
+org.onap.portal|owner|Portal Owner|"{'org.onap.portal.access|*|read'}"
+org.onap.portal|Portal_Notification_Admin|Portal Notification Admin|"{'org.onap.portal|url|edit_notification|*', 'org.onap.portal|url|getAdminNotifications|*', 'org.onap.portal|url|saveNotification|*'}"
+org.onap.portal|Portal_Usage_Analyst|Portal Usage Analyst|"{'org.onap.portal|menu|menu_web_analytics|*'}"
+org.onap.portal|Restricted_App_Role|Restricted App Role|
+org.onap.portal|Standard_User|Standard User|"{'org.onap.portal|menu|menu_home|*', 'org.onap.portal|menu|menu_logout|*', 'org.onap.portal|url|login|*'}"
+org.onap.portal|System_Administrator|System Administrator|"{'org.onap.portal|menu|menu_acc_admin|*', 'org.onap.portal|menu|menu_admin|*', 'org.onap.portal|menu|menu_home|*', 'org.onap.portal|menu|menu_logout|*', 'org.onap.portal|url|login|*'}"
+org.onap.portal.test|admin|AAF Namespace Administrators|"{'org.onap.portal.test|access|*|*'}"
+org.onap.portal.test|oof-homing||
+org.onap.portal.test|owner|AAF Namespace Owners|"{'org.onap.portal.test|access|*|read'}"
+org.onap.portal.test|user1||
+org.onap.portal|Usage_Analyst|Usage Analyst|"{'org.onap.portal|menu|menu_admin|*', 'org.onap.portal|menu|menu_task_search|*', 'org.onap.portal|menu|menu_task|*', 'org.onap.portal|menu|menu_web_analytics|*'}"
+org.onap.sdc|Account_Administrator||
+org.onap.sdc|admin|AAF Namespace Administrators|"{'org.onap.oof|certman|local|request,ignoreIPs,showpass', 'org.onap.sdc|access|*|*', 'org.onap.sdc|administrator.access|*|*', 'org.onap.sdc|certman|local|request,ignoreIPs,showpass'}"
+org.onap.sdc|ADMIN|ADMIN|
+org.onap.sdc|app|app|
+org.onap.sdc|designer||"{'org.onap.sdc|designer.access|*|*'}"
+org.onap.sdc|governor||"{'org.onap.sdc|governance.access|*|*'}"
+org.onap.sdc|ops||"{'org.onap.sdc|operations.access|*|*'}"
+org.onap.sdc|owner|AAF Namespace Owners|"{'org.onap.sdc|access|*|read'}"
+org.onap.sdc|tester||"{'org.onap.sdc|tester.access|*|*'}"
+org.onap.sdc|TESTOR|TESTOR|
+org.onap.sdnc|admin|AAF Namespace Administrators|"{'org.onap.sdnc|access|*|*', 'org.onap.sdnc|odl|odl-api|*'}"
+org.onap.sdnc-cds|admin|AAF Namespace Administrators|"{'org.onap.sdnc-cds|access|*|*'}"
+org.onap.sdnc-cds|owner|AAF Namespace Owners|"{'org.onap.sdnc-cds|access|*|read'}"
+org.onap.sdnc-cds|service||"{'org.onap.sdnc-cds|access|*|*'}"
+org.onap.sdnc|owner|AAF Namespace Owners|"{'org.onap.sdnc|access|*|read'}"
+org.onap.sdnc|service||"{'org.onap.sdnc|access|*|*', 'org.onap.sdnc|odl|odl-api|*', 'org.onap.sdnc|odl|odl-api|create', 'org.onap.sdnc|odl|odl-api|delete', 'org.onap.sdnc|odl|odl-api|read', 'org.onap.sdnc|odl|odl-api|update'}"
+org.onap.so|admin|AAF Namespace Administrators|"{'org.onap.so|access|*|*', 'org.onap.so|certman|local|request,ignoreIPs,showpass'}"
+org.onap.so|app||"{'org.onap.so|access|*|*'}"
+org.onap.so|owner|AAF Namespace Owners|"{'org.onap.so|access|*|read'}"
+org.onap.so|seeCerts||"{'org.onap.so|certman|local|request,ignoreIPs,showpass'}"
+org.onap.vfc|admin|AAF Namespace Administrators|"{'org.onap.vfc|access|*|*'}"
+org.onap.vfc|owner|AAF Namespace Owners|"{'org.onap.vfc|access|*|read'}"
+org.onap.vfc|service||"{'org.onap.vfc|access|*|*'}"
+org.onap.vid1|admin|AAF Namespace Administrators|"{'org.onap.vid1|access|*|*'}"
+org.onap.vid1|owner|AAF Namespace Owners|"{'org.onap.vid1|access|*|read'}"
+org.onap.vid2|admin|AAF Namespace Administrators|"{'org.onap.vid2|access|*|*'}"
+org.onap.vid2|owner|AAF Namespace Owners|"{'org.onap.vid2|access|*|read'}"
+org.onap.vid|Account_Administrator||
+org.onap.vid|admin|AAF Namespace Administrators|"{'org.onap.vid|access|*|*'}"
+org.onap.vid|Demonstration___gNB||
+org.onap.vid|Demonstration___vCPE||
+org.onap.vid|Demonstration___vFW||
+org.onap.vid|Demonstration___vFWCL||
+org.onap.vid|Demonstration___vIMS||
+org.onap.vid|Demonstration___vLB||
+org.onap.vid|member|member|
+org.onap.vid|owner|AAF Namespace Owners|"{'org.onap.vid|access|*|read'}"
+org.onap.vid|seeCerts|seeCerts|
+org.onap.vid|service|service|
+org.onap.vid|Standard_User|Standard User|"{'org.onap.vid|menu|menu_ajax|*', 'org.onap.vid|menu|menu_changemanagement|*', 'org.onap.vid|menu|menu_customer_create|*', 'org.onap.vid|menu|menu_customer|*', 'org.onap.vid|menu|menu_home|*', 'org.onap.vid|menu|menu_itracker|*', 'org.onap.vid|menu|menu_logout|*', 'org.onap.vid|menu|menu_map|*', 'org.onap.vid|menu|menu_newserinstance|*', 'org.onap.vid|menu|menu_profile|*', 'org.onap.vid|menu|menu_reports|*', 'org.onap.vid|menu|menu_searchexisting|*', 'org.onap.vid|menu|menu_servicemodels|*', 'org.onap.vid|menu|menu_tab|*', 'org.onap.vid|menu|menu_viewlog|*', 'org.onap.vid|url|login|*'}"
+org.onap.vid|System_Administrator|System Administrator|"{'org.onap.vid|menu|menu_admin|*', 'org.onap.vid|menu|menu_ajax|*', 'org.onap.vid|menu|menu_changemanagement|*', 'org.onap.vid|menu|menu_customer_create|*', 'org.onap.vid|menu|menu_customer|*', 'org.onap.vid|menu|menu_feedback|*', 'org.onap.vid|menu|menu_help|*', 'org.onap.vid|menu|menu_home|*', 'org.onap.vid|menu|menu_itracker|*', 'org.onap.vid|menu|menu_job_create|*', 'org.onap.vid|menu|menu_job|*', 'org.onap.vid|menu|menu_logout|*', 'org.onap.vid|menu|menu_newserinstance|*', 'org.onap.vid|menu|menu_notes|*', 'org.onap.vid|menu|menu_process|*', 'org.onap.vid|menu|menu_profile_create|*', 'org.onap.vid|menu|menu_profile_import|*', 'org.onap.vid|menu|menu_profile|*', 'org.onap.vid|menu|menu_reports|*', 'org.onap.vid|menu|menu_sample|*', 'org.onap.vid|menu|menu_searchexisting|*', 'org.onap.vid|menu|menu_servicemodels|*', 'org.onap.vid|menu|menu_tab|*', 'org.onap.vid|menu|menu_test|*', 'org.onap.vid|menu|menu_viewlog|*', 'org.onap.vid|url|doclib_admin|*', 'org.onap.vid|url|doclib|*', 'org.onap.vid|url|login|*'}"
+org.openecomp|admin|OpenEcomp Admins|"{'org.openecomp.access|*|*'}"
+org.openecomp.dmaapBC|admin|AAF Admins|"{'org.openecomp.dmaapBC.access|*|*', 'org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|pub', 'org.openecomp.dmaapBC.mr.topic|:topic.org.openecomp.dmaapBC.newtopic|sub', 'org.openecomp.dmaapBC.topicFactory|:org.openecomp.dmaapBC.topic:org.openecomp.dmaapBC|create'}"
+org.openecomp.dmaapBC|owner|AAF Owners|"{'org.openecomp.dmaapBC.access|*|read'}"
+org.openecomp|owner|OpenEcomp Owners|"{'org.openecomp.access|*|read'}"
+org.osaaf.aaf|admin|AAF Admins|"{'org.osaaf.aaf.access|*|*', 'org.osaaf.aaf|cache|all|clear', 'org.osaaf.aaf|cache|role|clear', 'org.osaaf.aaf|password|*|create,reset'}"
+org.osaaf.aaf|deploy|ONAP Deployment Role|"{'org.onap.aaf-sms|certman|local|request,ignoreIPs,showpass', 'org.onap.aai|certman|local|request,ignoreIPs,showpass', 'org.onap.appc|certman|local|request,ignoreIPs,showpass', 'org.onap.clamp|certman|local|request,ignoreIPs,showpass', 'org.onap.dcae|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-bc-mm-prov|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-bc-topic-mgr|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-bc|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-dr|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-mr|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap.mr|certman|local|request,ignoreIPs,showpass', 'org.onap.music|certman|local|request,ignoreIPs,showpass', 'org.onap.nbi|certman|local|request,ignoreIPs,showpass', 'org.onap.oof|certman|local|request,ignoreIPs,showpass', 'org.onap.policy|certman|local|request,ignoreIPs,showpass', 'org.onap.pomba|certman|local|request,ignoreIPs,showpass', 'org.onap.portal|certman|local|request,ignoreIPs,showpass', 'org.onap.sdc|certman|local|request,ignoreIPs,showpass', 'org.onap.sdnc-cds|certman|local|request,ignoreIPs,showpass', 'org.onap.sdnc|certman|local|request,ignoreIPs,showpass', 'org.onap.so|certman|local|request,ignoreIPs,showpass', 'org.onap.vfc|certman|local|request,ignoreIPs,showpass', 'org.onap.vid1|certman|local|request,ignoreIPs,showpass', 'org.onap.vid2|certman|local|request,ignoreIPs,showpass', 'org.onap.vid|certman|local|request,ignoreIPs,showpass', 'org.osaaf.aaf|certman|local|request,ignoreIPs,showpass'}"
+org.osaaf.aaf|owner|AAF Owners|"{'org.osaaf.aaf.access|*|read,approve'}"
+org.osaaf.aaf|service||"{'org.osaaf.aaf|cache|*|clear'}"
+org.osaaf|admin|OSAAF Admins|"{'org.osaaf.access|*|*'}"
+org.osaaf|owner|OSAAF Owners|"{'org.osaaf.access|*|read,approve'}"
+org.osaaf.people|admin|AAF Namespace Administrators|"{'org.osaaf.people|access|*|*'}"
+org.osaaf.people|owner|AAF Namespace Owners|"{'org.osaaf.people|access|*|read'}"
+org|owner|Org Owners|"{'org.access|*|read,approve'}"
--- /dev/null
+mmanager@people.osaaf.org|org.onap.aaf-sms.admin|2020-11-26 12:31:54.000+0000|org.onap.aaf-sms|admin
+mmanager@people.osaaf.org|org.onap.aaf-sms.owner|2020-11-26 12:31:54.000+0000|org.onap.aaf-sms|owner
+mmanager@people.osaaf.org|org.onap.aai.admin|2020-11-26 12:31:54.000+0000|org.onap.aai|admin
+mmanager@people.osaaf.org|org.onap.aai.owner|2020-11-26 12:31:54.000+0000|org.onap.aai|owner
+mmanager@people.osaaf.org|org.onap.admin|2020-11-26 12:31:54.000+0000|org.onap|admin
+mmanager@people.osaaf.org|org.onap.appc.admin|2020-11-26 12:31:54.000+0000|org.onap.appc|admin
+mmanager@people.osaaf.org|org.onap.appc.owner|2020-11-26 12:31:54.000+0000|org.onap.appc|owner
+mmanager@people.osaaf.org|org.onap.cds.admin|2020-11-26 12:31:54.000+0000|org.onap.cds|admin
+mmanager@people.osaaf.org|org.onap.cds.owner|2020-11-26 12:31:54.000+0000|org.onap.cds|owner
+mmanager@people.osaaf.org|org.onap.clamp.admin|2020-11-26 12:31:54.000+0000|org.onap.clamp|admin
+mmanager@people.osaaf.org|org.onap.clamp.owner|2020-11-26 12:31:54.000+0000|org.onap.clamp|owner
+mmanager@people.osaaf.org|org.onap.dcae.admin|2020-11-26 12:31:54.000+0000|org.onap.dcae|admin
+mmanager@people.osaaf.org|org.onap.dcae.owner|2020-11-26 12:31:54.000+0000|org.onap.dcae|owner
+mmanager@people.osaaf.org|org.onap.dmaap.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap|admin
+mmanager@people.osaaf.org|org.onap.dmaap-bc.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc|admin
+mmanager@people.osaaf.org|org.onap.dmaap-bc.api.Controller|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc.api|Controller
+mmanager@people.osaaf.org|org.onap.dmaap-bc-mm-prov.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc-mm-prov|admin
+mmanager@people.osaaf.org|org.onap.dmaap-bc-mm-prov.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc-mm-prov|owner
+mmanager@people.osaaf.org|org.onap.dmaap-bc.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc|owner
+mmanager@people.osaaf.org|org.onap.dmaap-bc-topic-mgr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc-topic-mgr|admin
+mmanager@people.osaaf.org|org.onap.dmaap-bc-topic-mgr.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc-topic-mgr|owner
+mmanager@people.osaaf.org|org.onap.dmaap-dr.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap-dr|owner
+mmanager@people.osaaf.org|org.onap.dmaap-mr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-mr|admin
+mmanager@people.osaaf.org|org.onap.dmaap.mr.aNewTopic-123450.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aNewTopic-123450|owner
+mmanager@people.osaaf.org|org.onap.dmaap.mr.aNewTopic-123451.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aNewTopic-123451|owner
+mmanager@people.osaaf.org|org.onap.dmaap.mr.aNewTopic-1547667570.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aNewTopic-1547667570|owner
+mmanager@people.osaaf.org|org.onap.dmaap.mr.aNewTopic-.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aNewTopic-|owner
+mmanager@people.osaaf.org|org.onap.dmaap.mr.aTest-1547665517.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTest-1547665517|owner
+mmanager@people.osaaf.org|org.onap.dmaap.mr.aTest-1547666628.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTest-1547666628|owner
+mmanager@people.osaaf.org|org.onap.dmaap.mr.aTest-1547666760.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTest-1547666760|owner
+mmanager@people.osaaf.org|org.onap.dmaap.mr.aTest-1547666950.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTest-1547666950|owner
+mmanager@people.osaaf.org|org.onap.dmaap.mr.aTest-1547667031.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTest-1547667031|owner
+mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-123456.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-123456|owner
+mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-123457.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-123457|owner
+mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547660509.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547660509|owner
+mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547660861.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547660861|owner
+mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547661011.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547661011|owner
+mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547662122.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547662122|owner
+mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547662451.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547662451|owner
+mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547664813.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547664813|owner
+mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547664928.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547664928|owner
+mmanager@people.osaaf.org|org.onap.dmaap.mr.aTestTopic-1547666068.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547666068|owner
+mmanager@people.osaaf.org|org.onap.dmaap.mr.aTopic-1547654909.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTopic-1547654909|owner
+mmanager@people.osaaf.org|org.onap.dmaap.mr.dgl000.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.dgl000|owner
+mmanager@people.osaaf.org|org.onap.dmaap-mr.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap-mr|owner
+mmanager@people.osaaf.org|org.onap.dmaap.mr.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|owner
+mmanager@people.osaaf.org|org.onap.dmaap.mr.partitionTest-1546033194.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.partitionTest-1546033194|owner
+mmanager@people.osaaf.org|org.onap.dmaap-mr.sunil.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap-mr.sunil|owner
+mmanager@people.osaaf.org|org.onap.dmaap-mr.test.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap-mr.test|owner
+mmanager@people.osaaf.org|org.onap.dmaap.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap|owner
+mmanager@people.osaaf.org|org.onap.holmes.owner|2020-11-26 12:31:54.000+0000|org.onap.holmes|owner
+mmanager@people.osaaf.org|org.onap.music.admin|2020-11-26 12:31:54.000+0000|org.onap.music|admin
+mmanager@people.osaaf.org|org.onap.music.owner|2020-11-26 12:31:54.000+0000|org.onap.music|owner
+mmanager@people.osaaf.org|org.onap.nbi.owner|2020-11-26 12:31:54.000+0000|org.onap.nbi|owner
+mmanager@people.osaaf.org|org.onap.ngi.owner|2020-11-26 12:31:54.000+0000|org.onap.ngi|owner
+mmanager@people.osaaf.org|org.onap.oof.admin|2020-11-26 12:31:54.000+0000|org.onap.oof|admin
+mmanager@people.osaaf.org|org.onap.oof.owner|2020-11-26 12:31:54.000+0000|org.onap.oof|owner
+mmanager@people.osaaf.org|org.onap.owner|2020-11-26 12:31:54.000+0000|org.onap|owner
+mmanager@people.osaaf.org|org.onap.policy.owner|2020-11-26 12:31:54.000+0000|org.onap.policy|owner
+mmanager@people.osaaf.org|org.onap.pomba.admin|2020-11-26 12:31:54.000+0000|org.onap.pomba|admin
+mmanager@people.osaaf.org|org.onap.pomba.owner|2020-11-26 12:31:54.000+0000|org.onap.pomba|owner
+mmanager@people.osaaf.org|org.onap.portal.admin|2020-11-26 12:31:54.000+0000|org.onap.portal|admin
+mmanager@people.osaaf.org|org.onap.portal.owner|2020-11-26 12:31:54.000+0000|org.onap.portal|owner
+mmanager@people.osaaf.org|org.onap.sdc.admin|2020-11-26 12:31:54.000+0000|org.onap.sdc|admin
+mmanager@people.osaaf.org|org.onap.sdc.owner|2020-11-26 12:31:54.000+0000|org.onap.sdc|owner
+mmanager@people.osaaf.org|org.onap.sdnc.admin|2020-11-26 12:31:54.000+0000|org.onap.sdnc|admin
+mmanager@people.osaaf.org|org.onap.sdnc-cds.admin|2020-11-26 12:31:54.000+0000|org.onap.sdnc-cds|admin
+mmanager@people.osaaf.org|org.onap.sdnc-cds.owner|2020-11-26 12:31:54.000+0000|org.onap.sdnc-cds|owner
+mmanager@people.osaaf.org|org.onap.sdnc.owner|2020-11-26 12:31:54.000+0000|org.onap.sdnc|owner
+mmanager@people.osaaf.org|org.onap.so.admin|2020-11-26 12:31:54.000+0000|org.onap.so|admin
+mmanager@people.osaaf.org|org.onap.so.owner|2020-11-26 12:31:54.000+0000|org.onap.so|owner
+mmanager@people.osaaf.org|org.onap.vfc.admin|2020-11-26 12:31:54.000+0000|org.onap.vfc|admin
+mmanager@people.osaaf.org|org.onap.vfc.owner|2020-11-26 12:31:54.000+0000|org.onap.vfc|owner
+mmanager@people.osaaf.org|org.onap.vid1.admin|2020-11-26 12:31:54.000+0000|org.onap.vid1|admin
+mmanager@people.osaaf.org|org.onap.vid1.owner|2020-11-26 12:31:54.000+0000|org.onap.vid1|owner
+mmanager@people.osaaf.org|org.onap.vid2.admin|2020-11-26 12:31:54.000+0000|org.onap.vid2|admin
+mmanager@people.osaaf.org|org.onap.vid2.owner|2020-11-26 12:31:54.000+0000|org.onap.vid2|owner
+mmanager@people.osaaf.org|org.onap.vid.admin|2020-11-26 12:31:54.000+0000|org.onap.vid|admin
+mmanager@people.osaaf.org|org.onap.vid.owner|2020-11-26 12:31:54.000+0000|org.onap.vid|owner
+mmanager@people.osaaf.org|org.osaaf.people.owner|2020-11-26 12:31:54.000+0000|org.osaaf.people|owner
+portal@portal.onap.org|org.onap.aaf-sms.admin|2020-11-26 12:31:54.000+0000|org.onap.aaf-sms|admin
+portal@portal.onap.org|org.onap.aai.admin|2020-11-26 12:31:54.000+0000|org.onap.aai|admin
+portal@portal.onap.org|org.onap.appc.admin|2020-11-26 12:31:54.000+0000|org.onap.appc|admin
+portal@portal.onap.org|org.onap.appc.apidoc|2020-11-26 12:31:54.000+0000|org.onap.appc|apidoc
+portal@portal.onap.org|org.onap.appc.restconf|2020-11-26 12:31:54.000+0000|org.onap.appc|restconf
+portal@portal.onap.org|org.onap.cds.admin|2020-11-26 12:31:54.000+0000|org.onap.cds|admin
+portal@portal.onap.org|org.onap.clamp.admin|2020-11-26 12:31:54.000+0000|org.onap.clamp|admin
+portal@portal.onap.org|org.onap.dcae.admin|2020-11-26 12:31:54.000+0000|org.onap.dcae|admin
+portal@portal.onap.org|org.onap.dmaap-bc.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc|admin
+portal@portal.onap.org|org.onap.dmaap-bc.api.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc.api|admin
+portal@portal.onap.org|org.onap.dmaap-bc.api.Controller|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc.api|Controller
+portal@portal.onap.org|org.onap.dmaap-bc-mm-prov.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc-mm-prov|admin
+portal@portal.onap.org|org.onap.dmaap-bc-topic-mgr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc-topic-mgr|admin
+portal@portal.onap.org|org.onap.dmaap-dr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-dr|admin
+portal@portal.onap.org|org.onap.dmaap-mr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-mr|admin
+portal@portal.onap.org|org.onap.dmaap.mr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|admin
+portal@portal.onap.org|org.onap.dmaap.mr.dgl_ready.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.dgl_ready|owner
+portal@portal.onap.org|org.onap.dmaap.mr.IdentityTopic-12345.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.IdentityTopic-12345|owner
+portal@portal.onap.org|org.onap.dmaap.mr.IdentityTopic-1547839476.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.IdentityTopic-1547839476|owner
+portal@portal.onap.org|org.onap.dmaap.mr.mirrormakeragent.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|owner
+portal@portal.onap.org|org.onap.dmaap.mr.mrtesttopic.sub|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|mrtesttopic.sub
+portal@portal.onap.org|org.onap.dmaap.mr.PM_MAPPER.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.PM_MAPPER|owner
+portal@portal.onap.org|org.onap.dmaap.mr.PNF_READY.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.PNF_READY|owner
+portal@portal.onap.org|org.onap.dmaap.mr.PNF_REGISTRATION.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.PNF_REGISTRATION|owner
+portal@portal.onap.org|org.onap.dmaap-mr.sunil.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-mr.sunil|admin
+portal@portal.onap.org|org.onap.dmaap.mr.test1|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|test1
+portal@portal.onap.org|org.onap.dmaap-mr.test.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-mr.test|admin
+portal@portal.onap.org|org.onap.dmaap.mr.topic-000.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.topic-000|owner
+portal@portal.onap.org|org.onap.dmaap.mr.topic-001.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.topic-001|owner
+portal@portal.onap.org|org.onap.dmaap.mr.topic-002.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.topic-002|owner
+portal@portal.onap.org|org.onap.holmes.admin|2020-11-26 12:31:54.000+0000|org.onap.holmes|admin
+portal@portal.onap.org|org.onap.music.admin|2020-11-26 12:31:54.000+0000|org.onap.music|admin
+portal@portal.onap.org|org.onap.music.owner|2020-11-26 12:31:54.000+0000|org.onap.music|owner
+portal@portal.onap.org|org.onap.nbi.admin|2020-11-26 12:31:54.000+0000|org.onap.nbi|admin
+portal@portal.onap.org|org.onap.ngi.admin|2020-11-26 12:31:54.000+0000|org.onap.ngi|admin
+portal@portal.onap.org|org.onap.oof.admin|2020-11-26 12:31:54.000+0000|org.onap.oof|admin
+portal@portal.onap.org|org.onap.policy.admin|2020-11-26 12:31:54.000+0000|org.onap.policy|admin
+portal@portal.onap.org|org.onap.pomba.admin|2020-11-26 12:31:54.000+0000|org.onap.pomba|admin
+portal@portal.onap.org|org.onap.portal.admin|2020-11-26 12:31:54.000+0000|org.onap.portal|admin
+portal@portal.onap.org|org.onap.sdc.admin|2020-11-26 12:31:54.000+0000|org.onap.sdc|admin
+portal@portal.onap.org|org.onap.sdnc.admin|2020-11-26 12:31:54.000+0000|org.onap.sdnc|admin
+portal@portal.onap.org|org.onap.sdnc-cds.admin|2020-11-26 12:31:54.000+0000|org.onap.sdnc-cds|admin
+portal@portal.onap.org|org.onap.sdnc.owner|2020-11-26 12:31:54.000+0000|org.onap.sdnc|owner
+portal@portal.onap.org|org.onap.so.admin|2020-11-26 12:31:54.000+0000|org.onap.so|admin
+portal@portal.onap.org|org.onap.vfc.admin|2020-11-26 12:31:54.000+0000|org.onap.vfc|admin
+portal@portal.onap.org|org.onap.vid1.admin|2020-11-26 12:31:54.000+0000|org.onap.vid1|admin
+portal@portal.onap.org|org.onap.vid2.admin|2020-11-26 12:31:54.000+0000|org.onap.vid2|admin
+portal@portal.onap.org|org.onap.vid.admin|2020-11-26 12:31:54.000+0000|org.onap.vid|admin
+portal@portal.onap.org|org.osaaf.aaf.admin|2020-11-26 12:31:54.000+0000|org.osaaf.aaf|admin
+portal@portal.onap.org|org.osaaf.people.admin|2020-11-26 12:31:54.000+0000|org.osaaf.people|admin
+shi@portal.onap.org|org.onap.portal.admin|2020-11-26 12:31:54.000+0000|org.onap.portal|admin
+demo@mr.dmaap.onap.org|org.onap.dmaap.mr.view|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|view
+demo@people.osaaf.org|org.onap.aai.aaiui|2020-11-26 12:31:54.000+0000|org.onap.aai|aaiui
+demo@people.osaaf.org|org.onap.aai.Account_Administrator|2020-11-26 12:31:54.000+0000|org.onap.aai|Account_Administrator
+demo@people.osaaf.org|org.onap.aai.resources_readonly|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_readonly
+demo@people.osaaf.org|org.onap.aai.traversal_basic|2020-11-26 12:31:54.000+0000|org.onap.aai|traversal_basic
+demo@people.osaaf.org|org.onap.clamp.service|2020-11-26 12:31:54.000+0000|org.onap.clamp|service
+demo@people.osaaf.org|org.onap.dcae.pnfPublisher|2020-11-26 12:31:54.000+0000|org.onap.dcae|pnfPublisher
+demo@people.osaaf.org|org.onap.dcae.pnfSubscriber|2020-11-26 12:31:54.000+0000|org.onap.dcae|pnfSubscriber
+demo@people.osaaf.org|org.onap.dmaap-bc.api.Controller|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc.api|Controller
+demo@people.osaaf.org|org.onap.dmaap.mr.aNewTopic-123451.publisher|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aNewTopic-123451|publisher
+demo@people.osaaf.org|org.onap.dmaap.mr.create|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|create
+demo@people.osaaf.org|org.onap.dmaap.mr.destroy|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|destroy
+demo@people.osaaf.org|org.onap.dmaap.mr.mirrormakeragent.pub|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|pub
+demo@people.osaaf.org|org.onap.dmaap.mr.mirrormakeragent.publisher|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|publisher
+demo@people.osaaf.org|org.onap.dmaap.mr.mirrormakeragent.sub|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|sub
+demo@people.osaaf.org|org.onap.dmaap.mr.mirrormakeragent.subscriber|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|subscriber
+demo@people.osaaf.org|org.onap.dmaap.mr.mrtesttopic.pub|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|mrtesttopic.pub
+demo@people.osaaf.org|org.onap.dmaap.mr.mrtesttopic.sub|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|mrtesttopic.sub
+demo@people.osaaf.org|org.onap.dmaap.mr.view|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|view
+demo@people.osaaf.org|org.onap.policy.Account_Administrator|2020-11-26 12:31:54.000+0000|org.onap.policy|Account_Administrator
+demo@people.osaaf.org|org.onap.policy.pdpd.admin|2020-11-26 12:31:54.000+0000|org.onap.policy|pdpd.admin
+demo@people.osaaf.org|org.onap.policy.pdpx.admin|2020-11-26 12:31:54.000+0000|org.onap.policy|pdpx.admin
+demo@people.osaaf.org|org.onap.policy.System_Administrator|2020-11-26 12:31:54.000+0000|org.onap.policy|System_Administrator
+demo@people.osaaf.org|org.onap.portal.Account_Administrator|2020-11-26 12:31:54.000+0000|org.onap.portal|Account_Administrator
+demo@people.osaaf.org|org.onap.portal.admin|2020-11-26 12:31:54.000+0000|org.onap.portal|admin
+demo@people.osaaf.org|org.onap.portal.System_Administrator|2020-11-26 12:31:54.000+0000|org.onap.portal|System_Administrator
+demo@people.osaaf.org|org.onap.portal.test.admin|2020-11-26 12:31:54.000+0000|org.onap.portal.test|admin
+demo@people.osaaf.org|org.onap.portal.test.owner|2020-11-26 12:31:54.000+0000|org.onap.portal.test|owner
+demo@people.osaaf.org|org.onap.portal.test.user1|2020-11-26 12:31:54.000+0000|org.onap.portal.test|user1
+demo@people.osaaf.org|org.onap.sdc.Account_Administrator|2020-11-26 12:31:54.000+0000|org.onap.sdc|Account_Administrator
+demo@people.osaaf.org|org.onap.sdc.ADMIN|2020-11-26 12:31:54.000+0000|org.onap.sdc|ADMIN
+demo@people.osaaf.org|org.onap.vid.Account_Administrator|2020-11-26 12:31:54.000+0000|org.onap.vid|Account_Administrator
+demo@people.osaaf.org|org.onap.vid.Demonstration___gNB|2020-11-26 12:31:54.000+0000|org.onap.vid|Demonstration___gNB
+demo@people.osaaf.org|org.onap.vid.Demonstration___vCPE|2020-11-26 12:31:54.000+0000|org.onap.vid|Demonstration___vCPE
+demo@people.osaaf.org|org.onap.vid.Demonstration___vFW|2020-11-26 12:31:54.000+0000|org.onap.vid|Demonstration___vFW
+demo@people.osaaf.org|org.onap.vid.Demonstration___vFWCL|2020-11-26 12:31:54.000+0000|org.onap.vid|Demonstration___vFWCL
+demo@people.osaaf.org|org.onap.vid.Demonstration___vIMS|2020-11-26 12:31:54.000+0000|org.onap.vid|Demonstration___vIMS
+demo@people.osaaf.org|org.onap.vid.Demonstration___vLB|2020-11-26 12:31:54.000+0000|org.onap.vid|Demonstration___vLB
+demo@people.osaaf.org|org.onap.vid.System_Administrator|2020-11-26 12:31:54.000+0000|org.onap.vid|System_Administrator
+jh0003@people.osaaf.org|org.onap.portal.admin|2020-11-26 12:31:54.000+0000|org.onap.portal|admin
+jh0003@people.osaaf.org|org.onap.sdc.Account_Administrator|2020-11-26 12:31:54.000+0000|org.onap.sdc|Account_Administrator
+jh0003@people.osaaf.org|org.onap.sdc.ADMIN|2020-11-26 12:31:54.000+0000|org.onap.sdc|ADMIN
+cs0008@people.osaaf.org|org.onap.sdc.TESTOR|2020-11-26 12:31:54.000+0000|org.onap.sdc|TESTOR
+jm0007@people.osaaf.org|org.onap.sdc.TESTOR|2020-11-26 12:31:54.000+0000|org.onap.sdc|TESTOR
+op0001@people.osaaf.org|org.onap.sdc.TESTOR|2020-11-26 12:31:54.000+0000|org.onap.sdc|TESTOR
+gv0001@people.osaaf.org|org.onap.sdc.TESTOR|2020-11-26 12:31:54.000+0000|org.onap.sdc|TESTOR
+pm0001@people.osaaf.org|org.onap.sdc.TESTOR|2020-11-26 12:31:54.000+0000|org.onap.sdc|TESTOR
+ps0001@people.osaaf.org|org.onap.sdc.TESTOR|2020-11-26 12:31:54.000+0000|org.onap.sdc|TESTOR
+aaf_admin@people.osaaf.org|org.onap.aaf-sms.admin|2020-11-26 12:31:54.000+0000|org.onap.aaf-sms|admin
+aaf_admin@people.osaaf.org|org.onap.aai.admin|2020-11-26 12:31:54.000+0000|org.onap.aai|admin
+aaf_admin@people.osaaf.org|org.onap.appc.admin|2020-11-26 12:31:54.000+0000|org.onap.appc|admin
+aaf_admin@people.osaaf.org|org.onap.appc.apidoc|2020-11-26 12:31:54.000+0000|org.onap.appc|apidoc
+aaf_admin@people.osaaf.org|org.onap.appc.restconf|2020-11-26 12:31:54.000+0000|org.onap.appc|restconf
+aaf_admin@people.osaaf.org|org.onap.cds.admin|2020-11-26 12:31:54.000+0000|org.onap.cds|admin
+aaf_admin@people.osaaf.org|org.onap.clamp.admin|2020-11-26 12:31:54.000+0000|org.onap.clamp|admin
+aaf_admin@people.osaaf.org|org.onap.dcae.admin|2020-11-26 12:31:54.000+0000|org.onap.dcae|admin
+aaf_admin@people.osaaf.org|org.onap.dmaap-bc.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc|admin
+aaf_admin@people.osaaf.org|org.onap.dmaap-bc.api.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc.api|admin
+aaf_admin@people.osaaf.org|org.onap.dmaap-bc.api.Controller|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc.api|Controller
+aaf_admin@people.osaaf.org|org.onap.dmaap-bc-mm-prov.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc-mm-prov|admin
+aaf_admin@people.osaaf.org|org.onap.dmaap-bc-topic-mgr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc-topic-mgr|admin
+aaf_admin@people.osaaf.org|org.onap.dmaap-dr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-dr|admin
+aaf_admin@people.osaaf.org|org.onap.dmaap-mr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-mr|admin
+aaf_admin@people.osaaf.org|org.onap.dmaap.mr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|admin
+aaf_admin@people.osaaf.org|org.onap.dmaap.mr.dgl_ready.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.dgl_ready|owner
+aaf_admin@people.osaaf.org|org.onap.dmaap.mr.IdentityTopic-12345.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.IdentityTopic-12345|owner
+aaf_admin@people.osaaf.org|org.onap.dmaap.mr.IdentityTopic-1547839476.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.IdentityTopic-1547839476|owner
+aaf_admin@people.osaaf.org|org.onap.dmaap.mr.mirrormakeragent.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|owner
+aaf_admin@people.osaaf.org|org.onap.dmaap.mr.mrtesttopic.sub|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|mrtesttopic.sub
+aaf_admin@people.osaaf.org|org.onap.dmaap.mr.PM_MAPPER.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.PM_MAPPER|owner
+aaf_admin@people.osaaf.org|org.onap.dmaap.mr.PNF_READY.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.PNF_READY|owner
+aaf_admin@people.osaaf.org|org.onap.dmaap.mr.PNF_REGISTRATION.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.PNF_REGISTRATION|owner
+aaf_admin@people.osaaf.org|org.onap.dmaap-mr.sunil.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-mr.sunil|admin
+aaf_admin@people.osaaf.org|org.onap.dmaap.mr.test1|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|test1
+aaf_admin@people.osaaf.org|org.onap.dmaap-mr.test.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-mr.test|admin
+aaf_admin@people.osaaf.org|org.onap.dmaap.mr.topic-000.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.topic-000|owner
+aaf_admin@people.osaaf.org|org.onap.dmaap.mr.topic-001.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.topic-001|owner
+aaf_admin@people.osaaf.org|org.onap.dmaap.mr.topic-002.owner|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.topic-002|owner
+aaf_admin@people.osaaf.org|org.onap.holmes.admin|2020-11-26 12:31:54.000+0000|org.onap.holmes|admin
+aaf_admin@people.osaaf.org|org.onap.music.admin|2020-11-26 12:31:54.000+0000|org.onap.music|admin
+aaf_admin@people.osaaf.org|org.onap.music.owner|2020-11-26 12:31:54.000+0000|org.onap.music|owner
+aaf_admin@people.osaaf.org|org.onap.nbi.admin|2020-11-26 12:31:54.000+0000|org.onap.nbi|admin
+aaf_admin@people.osaaf.org|org.onap.ngi.admin|2020-11-26 12:31:54.000+0000|org.onap.ngi|admin
+aaf_admin@people.osaaf.org|org.onap.oof.admin|2020-11-26 12:31:54.000+0000|org.onap.oof|admin
+aaf_admin@people.osaaf.org|org.onap.policy.admin|2020-11-26 12:31:54.000+0000|org.onap.policy|admin
+aaf_admin@people.osaaf.org|org.onap.pomba.admin|2020-11-26 12:31:54.000+0000|org.onap.pomba|admin
+aaf_admin@people.osaaf.org|org.onap.portal.admin|2020-11-26 12:31:54.000+0000|org.onap.portal|admin
+aaf_admin@people.osaaf.org|org.onap.sdc.admin|2020-11-26 12:31:54.000+0000|org.onap.sdc|admin
+aaf_admin@people.osaaf.org|org.onap.sdnc.admin|2020-11-26 12:31:54.000+0000|org.onap.sdnc|admin
+aaf_admin@people.osaaf.org|org.onap.sdnc-cds.admin|2020-11-26 12:31:54.000+0000|org.onap.sdnc-cds|admin
+aaf_admin@people.osaaf.org|org.onap.sdnc.owner|2020-11-26 12:31:54.000+0000|org.onap.sdnc|owner
+aaf_admin@people.osaaf.org|org.onap.so.admin|2020-11-26 12:31:54.000+0000|org.onap.so|admin
+aaf_admin@people.osaaf.org|org.onap.vfc.admin|2020-11-26 12:31:54.000+0000|org.onap.vfc|admin
+aaf_admin@people.osaaf.org|org.onap.vid1.admin|2020-11-26 12:31:54.000+0000|org.onap.vid1|admin
+aaf_admin@people.osaaf.org|org.onap.vid2.admin|2020-11-26 12:31:54.000+0000|org.onap.vid2|admin
+aaf_admin@people.osaaf.org|org.onap.vid.admin|2020-11-26 12:31:54.000+0000|org.onap.vid|admin
+aaf_admin@people.osaaf.org|org.osaaf.aaf.admin|2020-11-26 12:31:54.000+0000|org.osaaf.aaf|admin
+aaf_admin@people.osaaf.org|org.osaaf.people.admin|2020-11-26 12:31:54.000+0000|org.osaaf.people|admin
+deployer@people.osaaf.org|org.osaaf.aaf.deploy|2020-11-26 12:31:54.000+0000|org.osaaf.aaf|deploy
+portal_admin@people.osaaf.org|org.onap.portal.admin|2020-11-26 12:31:54.000+0000|org.onap.portal|admin
+aaf@aaf.osaaf.org|org.admin|2020-11-26 12:31:54.000+0000|org|admin
+aaf@aaf.osaaf.org|org.osaaf.aaf.admin|2020-11-26 12:31:54.000+0000|org.osaaf.aaf|admin
+aaf@aaf.osaaf.org|org.osaaf.aaf.service|2020-11-26 12:31:54.000+0000|org.osaaf.aaf|service
+aaf@aaf.osaaf.org|org.osaaf.people.admin|2020-11-26 12:31:54.000+0000|org.osaaf.people|admin
+osaaf@aaf.osaaf.org|org.osaaf.aaf.admin|2020-11-26 12:31:54.000+0000|org.osaaf.aaf|admin
+aaf-sms@aaf-sms.onap.org|org.onap.aaf-sms.service|2020-11-26 12:31:54.000+0000|org.onap.aaf-sms|service
+clamp@clampdemo.onap.org|org.onap.clampdemo.owner|2020-11-26 12:31:54.000+0000|org.onap.clampdemo|owner
+clamp@clampdemo.onap.org|org.onap.clampdemo.service|2020-11-26 12:31:54.000+0000|org.onap.clampdemo|admin
+clamp@clamp.onap.org|org.onap.clamp.clds.admin.dev|2020-11-26 12:31:54.000+0000|org.onap.clamp|clds.admin.dev
+clamp@clamp.onap.org|org.onap.clamp.clds.designer.dev|2020-11-26 12:31:54.000+0000|org.onap.clamp|clds.designer.dev
+clamp@clamp.onap.org|org.onap.clamp.clds.vf_filter_all.dev|2020-11-26 12:31:54.000+0000|org.onap.clamp|clds.vf_filter_all.dev
+clamp@clamp.onap.org|org.onap.clampdemo.owner|2020-11-26 12:31:54.000+0000|org.onap.clampdemo|owner
+clamp@clamp.onap.org|org.onap.clampdemo.service|2020-11-26 12:31:54.000+0000|org.onap.clampdemo|admin
+clamp@clamp.onap.org|org.onap.clamp.seeCerts|2020-11-26 12:31:54.000+0000|org.onap.clamp|seeCerts
+clamp@clamp.onap.org|org.onap.clamp.service|2020-11-26 12:31:54.000+0000|org.onap.clamp|service
+clamp@clamp.onap.org|org.onap.clamptest.owner|2020-11-26 12:31:54.000+0000|org.onap.clamptest|owner
+clamp@clamp.onap.org|org.onap.clamptest.service|2020-11-26 12:31:54.000+0000|org.onap.clamptest|admin
+clamp@clamp.onap.org|org.onap.dmaap.mr.aNewTopic-123451.subscriber|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aNewTopic-123451|subscriber
+clamp@clamp.onap.org|org.onap.dmaap.mr.dgl000.subscriber|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.dgl000|subscriber
+clamp@clamp.osaaf.org|org.onap.clamp.service|2020-11-26 12:31:54.000+0000|org.onap.clamp|service
+clamp@clamptest.onap.org|org.onap.clamptest.owner|2020-11-26 12:31:54.000+0000|org.onap.clamptest|owner
+clamp@clamptest.onap.org|org.onap.clamptest.service|2020-11-26 12:31:54.000+0000|org.onap.clamptest|admin
+aai@aai.onap.org|org.onap.aai.admin|2020-11-26 12:31:54.000+0000|org.onap.aai|admin
+aai@aai.onap.org|org.onap.aai.resources_all|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_all
+aai@aai.onap.org|org.onap.aai.traversal_advanced|2020-11-26 12:31:54.000+0000|org.onap.aai|traversal_advanced
+appc@appc.onap.org|org.onap.aai.resources_all|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_all
+appc@appc.onap.org|org.onap.aai.traversal_advanced|2020-11-26 12:31:54.000+0000|org.onap.aai|traversal_advanced
+appc@appc.onap.org|org.onap.appc.admin|2020-11-26 12:31:54.000+0000|org.onap.appc|admin
+appc@appc.onap.org|org.onap.appc.odl|2020-11-26 12:31:54.000+0000|org.onap.appc|odl
+appc@appc.onap.org|org.onap.appc.service|2020-11-26 12:31:54.000+0000|org.onap.appc|service
+dcae@dcae.onap.org|org.onap.aai.resources_all|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_all
+dcae@dcae.onap.org|org.onap.aai.traversal_advanced|2020-11-26 12:31:54.000+0000|org.onap.aai|traversal_advanced
+dcae@dcae.onap.org|org.onap.dcae.pmPublisher|2020-11-26 12:31:54.000+0000|org.onap.dcae|pmPublisher
+dcae@dcae.onap.org|org.onap.dcae.pmSubscriber|2020-11-26 12:31:54.000+0000|org.onap.dcae|pmSubscriber
+dcae@dcae.onap.org|org.onap.dcae.pnfPublisher|2020-11-26 12:31:54.000+0000|org.onap.dcae|pnfPublisher
+dcae@dcae.onap.org|org.onap.dcae.pnfSubscriber|2020-11-26 12:31:54.000+0000|org.onap.dcae|pnfSubscriber
+dcae@dcae.onap.org|org.onap.dcae.seeCerts|2020-11-26 12:31:54.000+0000|org.onap.dcae|seeCerts
+dcae@dcae.onap.org|org.onap.dmaap-dr.feed.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-dr|feed.admin
+dcae@dcae.onap.org|org.onap.dmaap-dr.sub.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-dr|sub.admin
+dcae@dcae.onap.org|org.onap.dmaap.mr.aNewTopic-123451.subscriber|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aNewTopic-123451|subscriber
+dcae@dcae.onap.org|org.onap.dmaap.mr.PM_MAPPER.publisher|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.PM_MAPPER|publisher
+dcae@dcae.onap.org|org.onap.dmaap.mr.PNF_READY.pub|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.PNF_READY|pub
+dcae@dcae.onap.org|org.onap.dmaap.mr.PNF_REGISTRATION.sub|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.PNF_REGISTRATION|sub
+oof@oof.onap.org|org.onap.aai.resources_all|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_all
+oof@oof.onap.org|org.onap.aai.traversal_advanced|2020-11-26 12:31:54.000+0000|org.onap.aai|traversal_advanced
+oof@oof.onap.org|org.onap.oof.admin|2020-11-26 12:31:54.000+0000|org.onap.oof|admin
+oof@oof.onap.org|org.onap.oof.service|2020-11-26 12:31:54.000+0000|org.onap.oof|service
+so@so.onap.org|org.onap.aai.resources_all|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_all
+so@so.onap.org|org.onap.aai.traversal_advanced|2020-11-26 12:31:54.000+0000|org.onap.aai|traversal_advanced
+so@so.onap.org|org.onap.appc.service|2020-11-26 12:31:54.000+0000|org.onap.appc|service
+so@so.onap.org|org.onap.sdnc.service|2020-11-26 12:31:54.000+0000|org.onap.sdnc|service
+so@so.onap.org|org.onap.so.admin|2020-11-26 12:31:54.000+0000|org.onap.so|admin
+so@so.onap.org|org.onap.so.app|2020-11-26 12:31:54.000+0000|org.onap.so|app
+so@so.onap.org|org.onap.so.seeCerts|2020-11-26 12:31:54.000+0000|org.onap.so|seeCerts
+sdc@sdc.onap.org|org.onap.aai.resources_all|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_all
+sdc@sdc.onap.org|org.onap.aai.traversal_advanced|2020-11-26 12:31:54.000+0000|org.onap.aai|traversal_advanced
+sdnc@sdnc.onap.org|org.onap.aai.resources_all|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_all
+sdnc@sdnc.onap.org|org.onap.dmaap.mr.aNewTopic-123451.publisher|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aNewTopic-123451|publisher
+sdnc@sdnc.onap.org|org.onap.dmaap.mr.dgl000.publisher|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.dgl000|publisher
+sdnc@sdnc.onap.org|org.onap.sdnc.admin|2020-11-26 12:31:54.000+0000|org.onap.sdnc|admin
+sdnc@sdnc.onap.org|org.onap.sdnc.service|2020-11-26 12:31:54.000+0000|org.onap.sdnc|service
+sdnc-cds@sdnc-cds.onap.org|org.onap.sdnc-cds.service|2020-11-26 12:31:54.000+0000|org.onap.sdnc-cds|service
+vfc@vfc.onap.org|org.onap.aai.resources_all|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_all
+vfc@vfc.onap.org|org.onap.aai.traversal_advanced|2020-11-26 12:31:54.000+0000|org.onap.aai|traversal_advanced
+vfc@vfc.onap.org|org.onap.dmaap-mr.Publisher|2020-11-26 12:31:54.000+0000|org.onap.dmaap-mr|Publisher
+vfc@vfc.onap.org|org.onap.vfc.service|2020-11-26 12:31:54.000+0000|org.onap.vfc|service
+policy@policy.onap.org|org.onap.aai.resources_all|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_all
+policy@policy.onap.org|org.onap.aai.traversal_advanced|2020-11-26 12:31:54.000+0000|org.onap.aai|traversal_advanced
+policy@policy.onap.org|org.onap.policy.pdpd.admin|2020-11-26 12:31:54.000+0000|org.onap.policy|pdpd.admin
+policy@policy.onap.org|org.onap.policy.pdpx.admin|2020-11-26 12:31:54.000+0000|org.onap.policy|pdpx.admin
+policy@policy.onap.org|org.onap.policy.seeCerts|2020-11-26 12:31:54.000+0000|org.onap.policy|seeCerts
+pomba@pomba.onap.org|org.onap.aai.resources_all|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_all
+pomba@pomba.onap.org|org.onap.aai.traversal_advanced|2020-11-26 12:31:54.000+0000|org.onap.aai|traversal_advanced
+holmes@holmes.onap.org|org.onap.holmes.service|2020-11-26 12:31:54.000+0000|org.onap.holmes|service
+nbi@nbi.onap.org|org.onap.nbi.seeCerts|2020-11-26 12:31:54.000+0000|org.onap.nbi|seeCerts
+nbi@nbi.onap.org|org.onap.nbi.service|2020-11-26 12:31:54.000+0000|org.onap.nbi|service
+music@music.onap.org|org.onap.music.service|2020-11-26 12:31:54.000+0000|org.onap.music|service
+vid@vid.onap.org|org.onap.aai.resources_all|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_all
+vid@vid.onap.org|org.onap.aai.traversal_advanced|2020-11-26 12:31:54.000+0000|org.onap.aai|traversal_advanced
+vid@vid.onap.org|org.onap.vid.service|2020-11-26 12:31:54.000+0000|org.onap.vid|service
+vid1@people.osaaf.org|org.onap.vid.System_Administrator|2020-11-26 12:31:54.000+0000|org.onap.vid|System_Administrator
+vid2@people.osaaf.org|org.onap.vid.Standard_User|2020-11-26 12:31:54.000+0000|org.onap.vid|Standard_User
+vid2@people.osaaf.org|org.onap.vid.System_Administrator|2020-11-26 12:31:54.000+0000|org.onap.vid|System_Administrator
+dmaap-bc@bc.dmaap.onap.org|org.onap.dmaap.bc.service|2020-11-26 12:31:54.000+0000|org.onap.dmaap.bc|service
+dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap-bc.api.Controller|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc.api|Controller
+dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap-bc.seeCerts|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc|seeCerts
+dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap-bc.service|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc|service
+dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap.mr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|admin
+dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap.mr.dgl000.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.dgl000|admin
+dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap.mr.mirrormakeragent.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|admin
+dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap.mr.PM_MAPPER.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.PM_MAPPER|admin
+dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap.mr.topic-001.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.topic-001|admin
+dmaap-bc@dmaap-bc.onap.org|org.onap.dmaap.mr.topic-002.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.topic-002|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap-bc-topic-mgr.client|2020-11-26 12:31:54.000+0000|org.onap.dmaap-bc-topic-mgr|client
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap-dr.feed.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-dr|feed.admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap-dr.sub.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-dr|sub.admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aNewTopic-123450.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aNewTopic-123450|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aNewTopic-123451.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aNewTopic-123451|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aNewTopic-1547667570.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aNewTopic-1547667570|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aNewTopic-.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aNewTopic-|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTest-1547665517.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTest-1547665517|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTest-1547666628.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTest-1547666628|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTest-1547666760.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTest-1547666760|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTest-1547666950.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTest-1547666950|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTest-1547667031.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTest-1547667031|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-123456.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-123456|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-123457.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-123457|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547660509.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547660509|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547660861.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547660861|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547661011.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547661011|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547662122.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547662122|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547662451.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547662451|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547664813.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547664813|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547664928.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547664928|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTestTopic-1547666068.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTestTopic-1547666068|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.aTopic-1547654909.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.aTopic-1547654909|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.create|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|create
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.destroy|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|destroy
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.dgl_ready.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.dgl_ready|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.IdentityTopic-12345.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.IdentityTopic-12345|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.IdentityTopic-1547839476.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.IdentityTopic-1547839476|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.mirrormaker.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|mirrormaker.admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.mirrormakeragent.pub|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|pub
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.mirrormakeragent.publisher|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|publisher
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.mirrormakeragent.sub|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|sub
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.mirrormakeragent.subscriber|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|subscriber
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.mirrormaker.user|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|mirrormaker.user
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.partitionTest-1546033194.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.partitionTest-1546033194|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.PNF_READY.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.PNF_READY|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.PNF_REGISTRATION.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.PNF_REGISTRATION|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.topic-000.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.topic-000|admin
+dmaap-bc-topic-mgr@dmaap-bc-topic-mgr.onap.org|org.onap.dmaap.mr.view|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|view
+dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.create|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|create
+dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.destroy|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|destroy
+dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.mirrormaker.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|mirrormaker.admin
+dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.mirrormakeragent.pub|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|pub
+dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.mirrormakeragent.publisher|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|publisher
+dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.mirrormakeragent.sub|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|sub
+dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.mirrormakeragent.subscriber|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr.mirrormakeragent|subscriber
+dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.mirrormaker.user|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|mirrormaker.user
+dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org|org.onap.dmaap.mr.view|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|view
+dmaap-dr@dmaap-dr.onap.org|org.onap.dmaap-dr.seeCerts|2020-11-26 12:31:54.000+0000|org.onap.dmaap-dr|seeCerts
+dmaap-dr-prov@dmaap-dr.onap.org|org.onap.dmaap-dr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-dr|admin
+dmaap-dr-prov@dmaap-dr.onap.org|org.onap.dmaap-dr.seeCerts|2020-11-26 12:31:54.000+0000|org.onap.dmaap-dr|seeCerts
+dmaap-dr-node@dmaap-dr.onap.org|org.onap.dmaap-dr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap-dr|admin
+dmaap-dr-node@dmaap-dr.onap.org|org.onap.dmaap-dr.seeCerts|2020-11-26 12:31:54.000+0000|org.onap.dmaap-dr|seeCerts
+dmaapmr@mr.dmaap.onap.org|org.onap.dmaap.mr.admin|2020-11-26 12:31:54.000+0000|org.onap.dmaap.mr|admin
{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
+# ============LICENSE_START====================================================
+# org.onap.aaf
+# ===========================================================================
+# Copyright (c) 2020 AT&T Intellectual Property. All rights reserved.
+# ===========================================================================
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
*/}}
-#{{ if not .Values.disableClampClampMariadb }}
apiVersion: v1
kind: ConfigMap
metadata:
- name: clamp-entrypoint-bulkload-configmap
+ name: {{ include "common.fullname" . }}-cass-init-dats
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
heritage: {{ .Release.Service }}
data:
-{{ tpl (.Files.Glob "resources/config/mariadb/docker-entrypoint-initdb.d/*").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/cass-init-dats/*").AsConfig . | indent 2 }}
---
apiVersion: v1
kind: ConfigMap
metadata:
- name: clamp-mariadb-conf-configmap
+ name: {{ include "common.fullname" . }}-cass-init-data
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
heritage: {{ .Release.Service }}
data:
-{{ tpl (.Files.Glob "resources/config/mariadb/conf.d/conf1/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/init/*").AsConfig . | indent 2 }}
-#{{ end }}
+{{ tpl (.Files.Glob "resources/cass-init-data/*").AsConfig . | indent 2 }}
args:
- -c
- |
- chown -R 1000:1000 /opt/app/aaf/status
+ echo "*** input data ***"
+ ls -l /config-input-data/*
+ echo "*** input dats ***"
+ ls -l /config-input-dats/*
+ cp -L /config-input-data/* /config-data/
+ cp -L /config-input-dats/* /config-dats/
+ echo "*** output data ***"
+ ls -l /config-data/*
+ echo "*** output dats ***"
+ ls -l /config-dats/*
+ chown -R 1000:1000 /config-data
+ chown -R 1000:1000 /config-dats
chown -R 1000:1000 /var/lib/cassandra
+ chown -R 1000:1000 /status
image: {{ include "repositoryGenerator.image.busybox" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
volumeMounts:
- mountPath: /var/lib/cassandra
name: aaf-cass-vol
+ - mountPath: /config-input-data
+ name: config-cass-init-data
+ - mountPath: /config-input-dats
+ name: config-cass-init-dats
+ - mountPath: /config-dats
+ name: config-cass-dats
+ - mountPath: /config-data
+ name: config-cass-data
+ - mountPath: /status
+ name: aaf-status
resources:
limits:
cpu: 100m
- mountPath: /etc/localtime
name: localtime
readOnly: true
+ - mountPath: /opt/app/aaf/cass_init/data
+ name: config-cass-data
+ - mountPath: /opt/app/aaf/cass_init/dats
+ name: config-cass-dats
+ - mountPath: /opt/app/aaf/status
+ name: aaf-status
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
- name: localtime
hostPath:
path: /etc/localtime
+ - name: aaf-status
+ emptyDir: {}
- name: aaf-cass-vol
{{- if .Values.persistence.enabled }}
persistentVolumeClaim:
{{- else }}
emptyDir: {}
{{- end }}
+ - name: config-cass-init-dats
+ configMap:
+ name: {{ include "common.fullname" . }}-cass-init-dats
+ - name: config-cass-init-data
+ configMap:
+ name: {{ include "common.fullname" . }}-cass-init-data
+ - name: config-cass-dats
+ emptyDir: {}
+ - name: config-cass-data
+ emptyDir: {}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
- # Copyright © 2020 Orange
+# Copyright © 2020 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
- dependencies:
+dependencies:
- name: common
version: ~7.x-0
repository: '@local'
- # Copyright © 2020 Orange
+# Copyright © 2020 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
- dependencies:
+dependencies:
- name: common
version: ~7.x-0
repository: '@local'
# See the License for the specific language governing permissions and
# limitations under the License.
- dependencies:
+dependencies:
- name: common
version: ~7.x-0
repository: '@local'
# See the License for the specific language governing permissions and
# limitations under the License.
- dependencies:
+dependencies:
- name: common
version: ~7.x-0
repository: '@local'
# See the License for the specific language governing permissions and
# limitations under the License.
- dependencies:
+dependencies:
- name: common
version: ~7.x-0
repository: '@local'
# See the License for the specific language governing permissions and
# limitations under the License.
- dependencies:
+dependencies:
- name: common
version: ~7.x-0
repository: '@local'
# See the License for the specific language governing permissions and
# limitations under the License.
- dependencies:
+dependencies:
- name: common
version: ~7.x-0
repository: '@local'
# See the License for the specific language governing permissions and
# limitations under the License.
- dependencies:
+dependencies:
- name: common
version: ~7.x-0
repository: '@local'
- # Copyright © 2020 Orange
+# Copyright © 2020 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# See the License for the specific language governing permissions and
# limitations under the License.
- dependencies:
+dependencies:
- name: common
version: ~7.x-0
repository: '@local'
- mountPath: /etc/localtime
name: localtime
readOnly: true
+ - mountPath: /opt/app/osaaf/etc/org.osaaf.aaf.log4j.props
+ name: aaf-log
+ subPath: org.osaaf.aaf.log4j.props
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
path: /etc/localtime
- name: aaf-config-vol
emptyDir: {}
+ - name: aaf-log
+ configMap:
+ name: {{ include "common.release" . }}-aaf-log
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
{{- end -}}
--- /dev/null
+#########
+# ============LICENSE_START====================================================
+# org.onap.aaf
+# ===========================================================================
+# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2020 Orange Intellectual Property. All rights reserved.
+# ===========================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END====================================================
+#
+
+log4j.appender.INIT=org.apache.log4j.DailyRollingFileAppender
+log4j.appender.INIT.File=${LOG4J_FILENAME_init}
+log4j.appender.INIT.DatePattern='.'yyyy-MM-dd
+log4j.appender.INIT.layout=org.apache.log4j.PatternLayout
+log4j.appender.INIT.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %m %n
+
+log4j.appender.SRVR=org.apache.log4j.DailyRollingFileAppender
+log4j.appender.SRVR.File=${LOG4J_FILENAME_service}
+log4j.appender.SRVR.DatePattern='.'yyyy-MM-dd
+log4j.appender.SRVR.layout=org.apache.log4j.PatternLayout
+log4j.appender.SRVR.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %p [%c] %m %n
+
+log4j.appender.AUDIT=org.apache.log4j.DailyRollingFileAppender
+log4j.appender.AUDIT.File=${LOG4J_FILENAME_audit}
+log4j.appender.AUDIT.DatePattern='.'yyyy-MM-dd
+log4j.appender.AUDIT.layout=org.apache.log4j.PatternLayout
+log4j.appender.AUDIT.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSSZ} %m %n
+
+log4j.appender.stdout=org.apache.log4j.ConsoleAppender
+log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
+log4j.appender.stdout.layout.ConversionPattern=%d %p [%c] %m %n
+
+# General Apache libraries
+log4j.rootLogger=WARN.SRVR
+log4j.logger.org.apache=WARN,SRVR
+log4j.logger.com.datastax=WARN,SRVR
+log4j.logger.init=INFO,INIT,stdout
+log4j.logger.service=${LOGGING_LEVEL},SRVR,stdout
+log4j.logger.audit=INFO,AUDIT
+# Additional configs, not caugth with Root Logger
+log4j.logger.io.netty=INFO,SRVR
+log4j.logger.org.eclipse=INFO,SRVR
\ No newline at end of file
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
+# Copyright © 2020 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-*/}}
apiVersion: v1
kind: ConfigMap
metadata:
- name: {{ include "common.fullname" . }}
+ name: {{ include "common.fullname" . }}-log
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
heritage: {{ .Release.Service }}
data:
-{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/log/*").AsConfig . | indent 2 }}
\ No newline at end of file
value: {{ .Values.global.config.userId | quote }}
- name: LOCAL_GROUP_ID
value: {{ .Values.global.config.groupId | quote }}
+ - name: POST_JAVA_OPTS
+ value: '-Djavax.net.ssl.trustStore=/opt/app/aai-resources/resources/aaf/truststoreONAPall.jks -Djavax.net.ssl.trustStorePassword=changeit'
volumeMounts:
- mountPath: /etc/localtime
name: localtime
# be published independently to a repo (at this point)
repository: '@local'
condition: global.cassandra.localCluster
+ - name: certInitializer
+ version: ~7.x-0
+ repository: '@local'
- name: repositoryGenerator
version: ~7.x-0
repository: '@local'
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIIFKzCCBBOgAwIBAgIILW/fiLbps3kwDQYJKoZIhvcNAQELBQAwRzELMAkGA1UE
-BhMCVVMxDTALBgNVBAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMRkwFwYDVQQDDBBp
-bnRlcm1lZGlhdGVDQV85MB4XDTIwMDMxNzIwMjg1NloXDTIxMDMxNzIwMjg1Nlow
-WTEMMAoGA1UEAwwDYWFpMR0wGwYDVQQLDBRhYWlAYWFpLm9uYXAub3JnOkRFVjEO
-MAwGA1UECwwFT1NBQUYxDTALBgNVBAoMBE9OQVAxCzAJBgNVBAYTAlVTMIIBIjAN
-BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAov4ddmOzRCWAU/sx2Q9kcYZZ0r/x
-agqwDBcmlS2OP0MAou/f/xY2gzE2ugXXGGEXG6PCUx4YEHGeRxyezEQ/+c+kSjFe
-0FTUa8Z1Ojad3VDsJfjfZ1994NpV99KTrrw1Twq9Ei7dpkypUA8kZxEjg7eM11TU
-F4jS6x5NEyVsxih5uJjIF7ErGwimSEKsympcsXezYgG9Z/VPBpZWmYlYl5MWjzT6
-F0FgGfSbajWauMifEPajmvn8ZXn6Lyx0RCI25+BCcOhS6UvYXFX+jE/uOoEbKgwz
-11tIdryEFrXiLVfD01uhacx02YCrzj1u53RWiD6bCPyatKo1hQsf+aDkEQIDAQAB
-o4ICBzCCAgMwCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBeAwIAYDVR0lAQH/BBYw
-FAYIKwYBBQUHAwEGCCsGAQUFBwMCMFQGA1UdIwRNMEuAFIH3mVsQuciM3vNSXupO
-aaBDPqzdoTCkLjAsMQ4wDAYDVQQLDAVPU0FBRjENMAsGA1UECgwET05BUDELMAkG
-A1UEBhMCVVOCAQcwHQYDVR0OBBYEFP94WTftXhHcz93nBT6jIdMe6h+6MIIBTQYD
-VR0RBIIBRDCCAUCBH21hcmsuZC5tYW5hZ2VyQHBlb3BsZS5vc2FhZi5jb22CA2Fh
-aYIUYWFpLXNlYXJjaC1kYXRhLm9uYXCCEmFhaS1zcGFya3ktYmUub25hcIIbYWFp
-LmFwaS5zaW1wbGVkZW1vLm9uYXAub3JngiVhYWkuZWxhc3RpY3NlYXJjaC5zaW1w
-bGVkZW1vLm9uYXAub3JngiVhYWkuZ3JlbWxpbnNlcnZlci5zaW1wbGVkZW1vLm9u
-YXAub3Jngh1hYWkuaGJhc2Uuc2ltcGxlZGVtby5vbmFwLm9yZ4IIYWFpLm9uYXCC
-JWFhaS5zZWFyY2hzZXJ2aWNlLnNpbXBsZWRlbW8ub25hcC5vcmeCF2FhaS5zaW1w
-bGVkZW1vLm9uYXAub3JnghphYWkudWkuc2ltcGxlZGVtby5vbmFwLm9yZzANBgkq
-hkiG9w0BAQsFAAOCAQEAVigPPsYd8yscW+U6zpffBc5S6Mg2DQD/gikB0uF//lIq
-oa5qTI3yB0wPoRKmxpeEZiJYDkBs3App2sPM2fPb9GGmGncCLkprqTflM2Y4yxX4
-k/a7w8vEwMoCrBgxEdmniAj9TirsISyLqBIXoGT7WtaXBLZarYhJ4P7TplhyWuwe
-sV6jxkZLIRLj31ihf32adFIhPZQKxaHbbFnyEylLTdPuZGy3nvdmjajZuomOFF8h
-HhDIouSJAtgkuWVsMiX6iR1qG9//6ymnZMvUyDGr8bkZURhMqesAejwP4aKxqDZg
-B0uVjapQTJH4ES0M+2PoY9gP8uh0dc3TusOs1QYJiA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEdTCCAl2gAwIBAgIBBzANBgkqhkiG9w0BAQsFADAsMQ4wDAYDVQQLDAVPU0FB
-RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMwHhcNMTgwODE3MTg1MTM3WhcN
-MjMwODE3MTg1MTM3WjBHMQswCQYDVQQGEwJVUzENMAsGA1UECgwET05BUDEOMAwG
-A1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVkaWF0ZUNBXzkwggEiMA0GCSqG
-SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv0HHUkba3uNtNI3jPKimUcd6RNwmhSCJL
-neMWpnjqp5/A+HCKyNsEaT4y177hNLmCm/aMm1u2JIfikc+8wEqLCSBBPz+P0h+d
-o+sZ7U+4oeQizdYYpEdzHJ2SieHHa8vtu80rU3nO2NEIkuYC20HcKSEtl8fFKsk3
-nqlhY+tGfYJPTXcDOQAO40BTcgat3C3uIJHkWJJ4RivunE4LEuRv9QyKgAw7rkJV
-v+f7guqpZlXy6dzAkuU7XULWcgo55MkZlssoiErMvEZJad5aWKvRY3g7qUjaQ6wO
-15wOAUoRBW96eeZZbytgn8kybcBy++Ue49gPtgm1MF/KlAsp0MD5AgMBAAGjgYYw
-gYMwHQYDVR0OBBYEFIH3mVsQuciM3vNSXupOaaBDPqzdMB8GA1UdIwQYMBaAFFNV
-M/JL69BRscF4msEoMXvv6u1JMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/
-BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B
-AQsFAAOCAgEADxNymiCNr2e37iLReoaxKmZvwox0cTiNAaj7iafRzmwIoY3VXO8Q
-ix5IYcp4FaQ7fV1jyp/AmaSnyHf6Osl0sx8PxsQkO7ALttxKUrjfbvNSVUA2C/vl
-u5m7UVJLIUtFDZBWanzUSmkTsYLHpiANFQKd2c/cU1qXcyzgJVFEFVyyHNkF7Is+
-+pjG9M1hwQHOoTnEuU013P7X1mHek+RXEfhJWwe7UsZnBKZaZKbQZu7hEtqKWYp/
-QsHgnjoLYXsh0WD5rz/mBxdTdDLGpFqWDzDqb8rsYnqBzoowvsasV8X8OSkov0Ht
-8Yka0ckFH9yf8j1Cwmbl6ttuonOhky3N/gwLEozuhy7TPcZGVyzevF70kXy7g1CX
-kpFGJyEHXoprlNi8FR4I+NFzbDe6a2cFow1JN19AJ9Z5Rk5m7M0mQPaQ4RcikjB3
-aoLsASCJTm1OpOFHfxEKiBW4Lsp3Uc5/Rb9ZNbfLrwqWZRM7buW1e3ekLqntgbky
-uKKISHqVJuw/vXHl1jNibEo9+JuQ88VNuAcm7WpGUogeCa2iAlPTckPZei+MwZ8w
-tpvxTyYlZEC8DWzY1VC29+W2N5cvh01e2E3Ql08W1zL63dqrgdEZ3VWjzooYi4ep
-BmMXTvouW+Flyvcw/0oTcfN0biDIt0mCkZ5CQVjfGL9DTOYteR5hw+k=
------END CERTIFICATE-----
-Bag Attributes
- friendlyName: aai@aai.onap.org
- localKeyID: 54 69 6D 65 20 31 35 38 34 34 37 36 39 33 36 35 31 35
-Key Attributes: <No Attributes>
------BEGIN PRIVATE KEY-----
-MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCi/h12Y7NEJYBT
-+zHZD2RxhlnSv/FqCrAMFyaVLY4/QwCi79//FjaDMTa6BdcYYRcbo8JTHhgQcZ5H
-HJ7MRD/5z6RKMV7QVNRrxnU6Np3dUOwl+N9nX33g2lX30pOuvDVPCr0SLt2mTKlQ
-DyRnESODt4zXVNQXiNLrHk0TJWzGKHm4mMgXsSsbCKZIQqzKalyxd7NiAb1n9U8G
-llaZiViXkxaPNPoXQWAZ9JtqNZq4yJ8Q9qOa+fxlefovLHREIjbn4EJw6FLpS9hc
-Vf6MT+46gRsqDDPXW0h2vIQWteItV8PTW6FpzHTZgKvOPW7ndFaIPpsI/Jq0qjWF
-Cx/5oOQRAgMBAAECggEAVYWGSf9IKYKP0gDkh+LmrhZzfPxPnHddJgrjqLSNha4P
-YG8CliK+mZmyAGteECGpcUw8g0YwFDi5dtCSldVdyCLmLjO3bxKDnsUz70aHEIAM
-WGQ8PE5Diz6kivMHoFCKnB2jVS4YCNECqco4LIg2nT8q/DU7T9nv6YQtptUlPNdY
-OmJRXfUfcBSUINqVi/VbEjHtbZqc6dgvaRNEF0CYtqHm7P51BXGa3pH+6drL+U+a
-o3T4yHrEsDKUaQzJZoiJneexwN91x42gcyHzg30UZVgCP+9Zt2GQWXqpENNZjGlI
-bwzouvBj266ViBNbuu3tar58MASOCnCKGA0Jrs3P3QKBgQD0ENenvzaqNzV0A47x
-+RI76DM2eorY2dxh+4txAt1pXlkbMZuWXjs1ysBPYaGHZRitiCFcaSwdP2T0oCET
-ojYEU97bJkKlcuw2scAqznSi7U0uSaStwaWzEviGTsQ51MKghRESMfpt3BxZqyi0
-BV+fPeRk3l3xaw1AuZQ/JTn0qwKBgQCq9msPcbRzKvsmfsAVvjKAodzl6EaM+PcF
-YLnJLurjCtdyjj1lRaCBg9bRbaRbt9YPg4VA5oMYm2SuwbJQQHjqaeN+SpnV8GGc
-nPsZgoSlfZrnLovyGgC3muiA3uSPREZWUlp+IE8qlQ8VztSWkNyxNej4nhxk2UTH
-DOE2ZmNyMwKBgFD+yeKkZUrFuZp/l8+bfb6dx2kb77oZSrbFmLfvYHUYV2/b3atg
-KDwoxftSBh39odvs4k1dpcMrB6DbBz8RxOVYxAtsPg/T/KoGASTzkOeE4ukqjVkQ
-e6Ha+NjxiNM8VT6aCllEdrxAoLPtRju/0MTy8Dm9ReXZRfOl4pm2C+6zAoGAY2D6
-uu+NxaSmeaoUXo9BLCTrE3oCCNBwR2ACnz/2qiQTOTQV3FitBJxusy7Y67fhZwM8
-4o0ch6FM1Yki7iOMJjeHVlJnOkWReEiIbjvAf7KT6O7VytXytMgHf2IR2nYFrQgS
-Ml71pfsf2b1xNlTe9OQxmNPQDY9+u3ZxM/4wsKECgYBPvlYMaZNIOLFf7VXzUYGG
-rkXMpbLgLvIHvhF+4nsvspPVSqPeWjh2KMee3tMamy93H4R66G/KfoQw02JuZH+N
-HbGnnpyLa2jGjY0NkXEo08o2wsqv2QFtT/SFRoDLkah8rwZUwpxIg0akgrwwTslO
-rzAazDQvlb0itUxgU4qgqw==
------END PRIVATE KEY-----
frontend IST_8443
mode http
- bind 0.0.0.0:8443 name https ssl crt /etc/ssl/private/aai.pem
+ bind 0.0.0.0:8443 name https ssl crt /opt/app/osaaf/local/certs/fullchain.pem
# log-format %ci:%cp\ [%t]\ %ft\ %b/%s\ %Tq/%Tw/%Tc/%Tr/%Tt\ %ST\ %B\ %CC\ %CS\ %tsc\ %ac/%fc/%bc/%sc/%rc\ %sq/%bq\ %hr\ %hs\ {%[ssl_c_verify],%{+Q}[ssl_c_s_dn],%{+Q}[ssl_c_i_dn]}\ %{+Q}r
log-format "%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC \ %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r"
option httplog
frontend IST_8443
mode http
- bind 0.0.0.0:8443 name https ssl crt /etc/ssl/private/aai.pem
+ bind 0.0.0.0:8443 name https ssl crt /opt/app/osaaf/local/certs/fullchain.pem
# log-format %ci:%cp\ [%t]\ %ft\ %b/%s\ %Tq/%Tw/%Tc/%Tr/%Tt\ %ST\ %B\ %CC\ %CS\ %tsc\ %ac/%fc/%bc/%sc/%rc\ %sq/%bq\ %hr\ %hs\ {%[ssl_c_verify],%{+Q}[ssl_c_s_dn],%{+Q}[ssl_c_i_dn]}\ %{+Q}r
log-format "%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC \ %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r"
option httplog
{{ else }}
{{ tpl (.Files.Glob "resources/config/haproxy/haproxy.cfg").AsConfig . | indent 2 }}
{{ end }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: aai-haproxy-secret
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/config/haproxy/aai.pem").AsSecrets . | indent 2 }}
-# This is a shared key for both resources and traversal
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: aai-auth-truststore-secret
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/config/aai/*").AsSecrets . | indent 2 }}
-
{{ if .Values.global.installSidecarSecurity }}
---
apiVersion: v1
annotations:
checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
spec:
- initContainers:
+ initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
- command:
- /app/ready.py
args:
subPath: haproxy.cfg
{{ end }}
name: haproxy-cfg
- - mountPath: /etc/ssl/private/aai.pem
- name: aai-pem
- subPath: aai.pem
+ {{- include "common.certInitializer.volumeMount" . | nindent 8 }}
ports:
- containerPort: {{ .Values.service.internalPort }}
# disable liveness probe when breakpoints set in debugger
- name: haproxy-cfg
configMap:
name: aai-deployment-configmap
- - name: aai-pem
- secret:
- secretName: aai-haproxy-secret
+ {{ include "common.certInitializer.volumes" . | nindent 8 }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
# since when this is enabled, it prints a lot of information to console
enabled: false
+#################################################################
+# Certificate configuration
+#################################################################
+certInitializer:
+ nameOverride: aai-cert-initializer
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ # aafDeployCredsExternalSecret: some secret
+ fqdn: "aai"
+ app_ns: "org.osaaf.aaf"
+ fqi_namespace: "org.onap.aai"
+ fqi: "aai@aai.onap.org"
+ public_fqdn: "aaf.osaaf.org"
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ credsPath: /opt/app/osaaf/local
+ aaf_add_config: |
+ echo "*** retrieving passwords from AAF"
+ /opt/app/aaf_config/bin/agent.sh local showpass \
+ {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
+ export $(grep '^c' {{ .Values.credsPath }}/mycreds.prop | xargs -0)
+ echo "*** transform AAF certs into pem files"
+ mkdir -p {{ .Values.credsPath }}/certs
+ keytool -exportcert -rfc -file {{ .Values.credsPath }}/certs/cacert.pem \
+ -keystore {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.trust.jks \
+ -alias ca_local_0 \
+ -storepass $cadi_truststore_password
+ openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \
+ -nokeys -out {{ .Values.credsPath }}/certs/cert.pem \
+ -passin pass:$cadi_keystore_password_p12 \
+ -passout pass:$cadi_keystore_password_p12
+ echo "*** generating needed file"
+ cat {{ .Values.credsPath }}/certs/cert.pem \
+ {{ .Values.credsPath }}/certs/cacert.pem \
+ {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key \
+ > {{ .Values.credsPath }}/certs/fullchain.pem;
+ chown 1001 {{ .Values.credsPath }}/certs/*
+
# application image
dockerhubRepository: registry.hub.docker.com
image: aaionap/haproxy:1.4.2
+++ /dev/null
-components/
+++ /dev/null
-# Copyright © 2020 Samsung Electronics
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
-OUTPUT_DIR := $(ROOT_DIR)/../dist
-PACKAGE_DIR := $(OUTPUT_DIR)/packages
-SECRET_DIR := $(OUTPUT_DIR)/secrets
-
-EXCLUDES := dist resources templates charts docker
-HELM_BIN := helm
-HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
-HELM_VER := $(shell $(HELM_BIN) version --template "{{.Version}}")
-
-.PHONY: $(EXCLUDES) $(HELM_CHARTS)
-
-all: $(HELM_CHARTS)
-
-$(HELM_CHARTS):
- @echo "\n[$@]"
- @make package-$@
-
-make-%:
- @if [ -f $*/Makefile ]; then make -C $*; fi
-
-dep-%: make-%
- @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi
-
-lint-%: dep-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi
-
-package-%: lint-%
- @mkdir -p $(PACKAGE_DIR)
-ifeq "$(findstring v3,$(HELM_VER))" "v3"
- @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) push -f $$PACKAGE_NAME local; fi
-else
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi
-endif
- @$(HELM_BIN) repo index $(PACKAGE_DIR)
-
-clean:
- @rm -f */requirements.lock
- @rm -f *tgz */charts/*tgz
- @rm -rf $(PACKAGE_DIR)
-%:
- @:
+++ /dev/null
-# Copyright © 2020 Samsung Electronics
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
-OUTPUT_DIR := $(ROOT_DIR)/../../dist
-PACKAGE_DIR := $(OUTPUT_DIR)/packages
-SECRET_DIR := $(OUTPUT_DIR)/secrets
-
-EXCLUDES :=
-HELM_BIN := helm
-HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
-
-.PHONY: $(EXCLUDES) $(HELM_CHARTS)
-
-all: $(HELM_CHARTS)
-
-$(HELM_CHARTS):
- @echo "\n[$@]"
- @make package-$@
-
-make-%:
- @if [ -f $*/Makefile ]; then make -C $*; fi
-
-dep-%: make-%
- @if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi
-
-lint-%: dep-%
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi
-
-package-%: lint-%
- @mkdir -p $(PACKAGE_DIR)
- @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi
- @$(HELM_BIN) repo index $(PACKAGE_DIR)
-
-clean:
- @rm -f */requirements.lock
- @rm -f *tgz */charts/*tgz
- @rm -rf $(PACKAGE_DIR)
-%:
- @:
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: ONAP Clamp Dashboard Elasticsearch
-name: clamp-dash-es
-version: 7.0.0
+++ /dev/null
----
-# Copyright © 2020 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ======================== Elasticsearch Configuration =========================
-#
-# NOTE: Elasticsearch comes with reasonable defaults for most settings.
-# Before you set out to tweak and tune the configuration, make sure you
-# understand what are you trying to accomplish and the consequences.
-#
-# The primary way of configuring a node is via this file. This template lists
-# the most important settings you may want to configure for a production cluster.
-#
-# Please consult the documentation for further information on configuration options:
-# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
-#
-# ---------------------------------- Cluster -----------------------------------
-#
-# Name of the Elasticsearch cluster.
-# A node can only join a cluster when it shares its cluster.name with all the other nodes in the cluster.
-# The default name is elasticsearch, but you should change it to an appropriate name which describes the
-# purpose of the cluster.
-#
-## Default Elasticsearch configuration from elasticsearch-docker.
-## from https://opendistro.github.io/for-elasticsearch-docs/docs/elasticsearch/configuration/
-#
-
-cluster.name: "clamp-dashboard"
-node.name: "cldash-es-node1"
-# ---------------------------------- Network -----------------------------------
-#
-# Set the bind address to a specific IP (IPv4 or IPv6):
-# In order to communicate and to form a cluster with nodes on other servers, your node will need to bind to a
-# non-loopback address.
-network.host: 0.0.0.0
-#
-# Set a custom port for HTTP: If required, default is 9200-9300
-#
-#http.port: $http.port
-#
-# For more information, consult the network module documentation.
-# ----------------------------------- Paths ------------------------------------
-#
-# The location of the data files of each index / shard allocated on the node. Can hold multiple locations separated by coma.
-# In production, we should not keep this default to "/elasticsearch/data", as on upgrading Elasticsearch, directory structure
-# may change & can deal to data loss.
-path.data: /usr/share/elasticsearch/data
-#
-# Elasticsearch's log files location. In production, we should not keep this default to "/elasticsearch/logs",
-# as on upgrading Elasticsearch, directory structure may change.
-path.logs: /usr/share/elasticsearch/logs
-#
-# ----------------------------------- Memory -----------------------------------
-#
-# It is vitally important to the health of your node that none of the JVM is ever swapped out to disk.
-# Lock the memory on startup.
-#
-bootstrap.memory_lock: false
-#
-# Make sure that the heap size is set to about half the memory available
-# on the system and that the owner of the process is allowed to use this
-# limit.
-#
-# Elasticsearch performs poorly when the system is swapping the memory.
-#
-# --------------------------------- Discovery ----------------------------------
-#
-# Pass an initial list of hosts to perform discovery when new node is started
-# To form a cluster with nodes on other servers, you have to provide a seed list of other nodes in the cluster
-# that are likely to be live and contactable.
-# By default, Elasticsearch will bind to the available loopback addresses and will scan ports 9300 to 9305 to try
-# to connect to other nodes running on the same server.
-# # minimum_master_nodes need to be explicitly set when bound on a public IP
-# # set to 1 to allow single node clusters
-# # Details: https://github.com/elastic/elasticsearch/pull/17288
-discovery.zen.minimum_master_nodes: 1
-discovery.seed_hosts: []
-# # Breaking change in 7.0
-# # https://www.elastic.co/guide/en/elasticsearch/reference/7.0/breaking-changes-7.0.html#breaking_70_discovery_changes
-cluster.initial_master_nodes:
- - cldash-es-node1
-# - docker-test-node-1
-# ---------------------------------- Various -----------------------------------
-#
-# Require explicit names when deleting indices:
-#
-#action.destructive_requires_name: true
-# Set a custom port for HTTP: If required, default is 9200-9300
-# This is used for REST APIs
-http.port: {{.Values.service.externalPort}}
-# Port to bind for communication between nodes. Accepts a single value or a range.
-# If a range is specified, the node will bind to the first available port in the range.
-# Defaults to 9300-9400.
-# More info:
-transport.tcp.port: {{.Values.service.externalPort2}}
-
-######## Start OpenDistro for Elasticsearch Security Demo Configuration ########
-# WARNING: revise all the lines below before you go into production
-{{- if .Values.global.aafEnabled }}
-opendistro_security.ssl.transport.pemcert_filepath: {{ .Values.certInitializer.clamp_pem }}
-opendistro_security.ssl.transport.pemkey_filepath: {{ .Values.certInitializer.clamp_key }}
-opendistro_security.ssl.transport.pemtrustedcas_filepath: {{ .Values.certInitializer.clamp_ca_certs_pem }}
-opendistro_security.ssl.http.pemcert_filepath: {{ .Values.certInitializer.clamp_pem }}
-opendistro_security.ssl.http.pemkey_filepath: {{ .Values.certInitializer.clamp_key }}
-opendistro_security.ssl.http.pemtrustedcas_filepath: {{ .Values.certInitializer.clamp_ca_certs_pem }}
-{{- else }}
-opendistro_security.ssl.transport.pemcert_filepath: esnode.pem
-opendistro_security.ssl.transport.pemkey_filepath: esnode-key.pem
-opendistro_security.ssl.transport.pemtrustedcas_filepath: root-ca.pem
-opendistro_security.ssl.http.pemcert_filepath: esnode.pem
-opendistro_security.ssl.http.pemkey_filepath: esnode-key.pem
-opendistro_security.ssl.http.pemtrustedcas_filepath: root-ca.pem
-{{- end }}
-opendistro_security.ssl.transport.enforce_hostname_verification: false
-opendistro_security.ssl.http.enabled: {{.Values.security.ssl.enabled}}
-
-opendistro_security.allow_unsafe_democertificates: true
-opendistro_security.allow_default_init_securityindex: true
-opendistro_security.authcz.admin_dn:
- - CN=kirk,OU=client,O=client,L=test, C=de
-
-opendistro_security.audit.type: internal_elasticsearch
-opendistro_security.enable_snapshot_restore_privilege: true
-opendistro_security.check_snapshot_restore_write_privileges: true
-opendistro_security.restapi.roles_enabled: ["all_access", "security_rest_api_access"]
-cluster.routing.allocation.disk.threshold_enabled: false
-node.max_local_storage_nodes: 3
-######## End OpenDistro for Elasticsearch Security Demo Configuration ########
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- spec:
- initContainers:
- - command:
- - /bin/sh
- - -c
- - |
- sysctl -w vm.max_map_count=262144
- mkdir -p /usr/share/elasticsearch/logs
- mkdir -p /usr/share/elasticsearch/data
- chmod -R 777 /usr/share/elasticsearch
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- securityContext:
- privileged: true
- image: {{ include "repositoryGenerator.image.busybox" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: init-sysctl
- volumeMounts:
- - name: {{ include "common.fullname" . }}-logs
- mountPath: /usr/share/elasticsearch/logs/
- - name: {{ include "common.fullname" . }}-data
- mountPath: /usr/share/elasticsearch/data/
-{{ include "common.certInitializer.initContainer" . | indent 6 }}
- containers:
- - name: {{ include "common.name" . }}
- image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- {{- if .Values.global.aafEnabled }}
- command:
- - sh
- args:
- - -c
- - |
- cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.clamp_key }} /usr/share/elasticsearch/config/{{ .Values.certInitializer.clamp_key }}
- cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.clamp_pem }} /usr/share/elasticsearch/config/{{ .Values.certInitializer.clamp_pem }}
- cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.clamp_ca_certs_pem }} /usr/share/elasticsearch/config/{{ .Values.certInitializer.clamp_ca_certs_pem }}
- /usr/local/bin/docker-entrypoint.sh
- {{- end }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- name: {{ include "common.servicename" . }}
- - containerPort: {{ .Values.service.internalPort2 }}
- name: {{ include "common.servicename" . }}2
-# disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
- {{- if eq .Values.liveness.enabled true }}
- livenessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
- {{ end -}}
- readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort2 }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
- env:
- volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - mountPath: /usr/share/elasticsearch/config/elasticsearch.yml
- name: {{ include "common.fullname" . }}-config
- subPath: elasticsearch.yml
- - mountPath: /usr/share/elasticsearch/data/
- name: {{ include "common.fullname" . }}-data
- resources:
-{{ include "common.resources" . | indent 12 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: {{ include "common.fullname" . }}-config
- configMap:
- name: {{ include "common.fullname" . }}-configmap
- items:
- - key: elasticsearch.yml
- path: elasticsearch.yml
- - name: {{ include "common.fullname" . }}-data
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}
- - name: {{ include "common.fullname" . }}-logs
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPathLogs }}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+++ /dev/null
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-{{- if eq "True" (include "common.needPV" .) -}}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-data
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ .Values.persistence.size}}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- storageClassName: "{{ include "common.fullname" . }}-data"
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }}
-{{- end -}}
-{{- end -}}
+++ /dev/null
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- accessModes:
- - {{ .Values.persistence.accessMode }}
- storageClassName: {{ include "common.storageClass" . }}
- resources:
- requests:
- storage: {{ .Values.persistence.size }}
-{{- end -}}
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
- annotations:
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.externalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.config.portName }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.config.portName }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
----
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}-tcp
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
- annotations:
-spec:
- type: {{ .Values.service.type2 }}
- ports:
- {{if eq .Values.service.type2 "NodePort" -}}
- - port: {{ .Values.service.externalPort2 }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
- name: {{ .Values.config.portName2 }}
- {{- else -}}
- - port: {{ .Values.service.externalPort2 }}
- targetPort: {{ .Values.service.internalPort2 }}
- name: {{ .Values.config.portName2 }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
+++ /dev/null
-# Copyright © 2020 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- persistence: {}
- centralizedLoggingEnabled: true
- #AAF service
- aafEnabled: true
-
-#################################################################
-# AAF part
-#################################################################
-certInitializer:
- permission_user: 1000
- permission_group: 999
- addconfig: true
- keystoreFile: "org.onap.clamp.p12"
- truststoreFile: "org.onap.clamp.trust.jks"
- keyFile: "org.onap.clamp.keyfile"
- truststoreFileONAP: "truststoreONAPall.jks"
- clamp_key: "org.onap.clamp.crt.key"
- clamp_pem: "org.onap.clamp.key.pem"
- clamp_ca_certs_pem: "clamp-ca-certs.pem"
- nameOverride: clamp-es-cert-initializer
- aafDeployFqi: deployer@people.osaaf.org
- aafDeployPass: demo123456!
- # aafDeployCredsExternalSecret: some secret
- fqdn: clamp
- fqi: clamp@clamp.onap.org
- public_fqdn: clamp.onap.org
- cadi_longitude: "0.0"
- cadi_latitude: "0.0"
- app_ns: org.osaaf.aaf
- credsPath: /opt/app/osaaf/local
- aaf_add_config: >
- /opt/app/aaf_config/bin/agent.sh local showpass {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop;
- export $(/opt/app/aaf_config/bin/agent.sh local showpass | grep '^c' | xargs -0);
- cd {{ .Values.credsPath }};
- openssl pkcs12 -in {{ .Values.keystoreFile }} -nocerts -nodes -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_key }};
- openssl pkcs12 -in {{ .Values.keystoreFile }} -clcerts -nokeys -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_pem }};
- openssl pkcs12 -in {{ .Values.keystoreFile }} -cacerts -nokeys -chain -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_ca_certs_pem }};
- chmod a+rx *;
-
-flavor: small
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-image: onap/clamp-dashboard-elasticsearch:5.0.4
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-# Example:
-config: {}
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 180
- periodSeconds: 30
- timeoutSeconds: 5
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 180
- periodSeconds: 30
- timeoutSeconds: 5
-
-## Persist data to a persitent volume
-persistence:
- enabled: true
-
- ## A manually managed Persistent Volume and Claim
- ## Requires persistence.enabled: true
- ## If defined, PVC must be created manually before volume will be bound
- # existingClaim:
- volumeReclaimPolicy: Retain
-
- ## database data Persistent Volume Storage Class
- ## If defined, storageClassName: <storageClass>
- ## If set to "-", storageClassName: "", which disables dynamic provisioning
- ## If undefined (the default) or set to null, no storageClassName spec is
- ## set, choosing the default provisioner. (gp2 on AWS, standard on
- ## GKE, AWS & OpenStack)
- accessMode: ReadWriteOnce
- size: 4Gi
- mountPath: /dockerdata-nfs
- mountSubPath: clamp/dashboard-elasticsearch/data
- mountSubPathLogs: clamp
-
-security:
- ssl:
- enabled: true
-
-service:
- type: ClusterIP
- name: cdash-es
- portName: cdash-es-rest
- externalPort: 9200
- internalPort: 9200
- type2: ClusterIP
- portName2: cdash-es-tcp
- externalPort2: 9300
- internalPort2: 9300
-
-ingress:
- enabled: false
-
-#resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- #
- # Example:
- # Configure resource requests and limits
- # ref: http://kubernetes.io/docs/user-guide/compute-resources/
- # Minimum memory for development is 2 CPU cores and 4GB memory
- # Minimum memory for production is 4 CPU cores and 8GB memory
-resources:
- small:
- limits:
- cpu: 1
- memory: 4Gi
- requests:
- cpu: 10m
- memory: 2.5Gi
- large:
- limits:
- cpu: 1
- memory: 4Gi
- requests:
- cpu: 10m
- memory: 2.5Gi
- unlimited: {}
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-dependencies:
- - name: common
- version: ~7.x-0
- repository: '@local'
- - name: certInitializer
- version: ~7.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~7.x-0
- repository: '@local'
\ No newline at end of file
+++ /dev/null
-{{/*
-# Copyright © 2020 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.# Default Kibana configuration from kibana-docker.
-*/}}
-
-server.name: "Clamp CL Dashboard"
-server.host: "0"
-# Kibana is served by a back end server. This setting specifies the port to use.
-server.port: {{.Values.service.externalPort}}
-
-server.ssl.enabled: {{.Values.config.sslEnabled}}
-{{- if .Values.global.aafEnabled }}
-server.ssl.certificate: {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.clamp_pem }}
-server.ssl.key: {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.clamp_key }}
-{{ else }}
-server.ssl.certificate: {{.Values.config.sslPemCertFilePath}}
-server.ssl.key: {{.Values.config.sslPemkeyFilePath}}
-{{- end }}
-# The URL of the Elasticsearch instance to use for all your queries.
-elasticsearch.hosts: ${elasticsearch_base_url}
-
-elasticsearch.ssl.verificationMode: none
-elasticsearch.username: {{.Values.config.elasticUSR}}
-elasticsearch.password: {{.Values.config.elasticPWD}}
-
-elasticsearch.requestHeadersWhitelist: ["securitytenant","Authorization"]
-
-opendistro_security.multitenancy.enabled: true
-opendistro_security.multitenancy.tenants.preferred: ["Private", "Global"]
-opendistro_security.readonly_mode.roles: ["kibana_read_only"]
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}-aaf-pem-keys
- namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }}
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- spec:
- initContainers:
- - command:
- - /app/ready.py
- args:
- - --container-name
- - clamp-dash-es
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
-{{ include "common.certInitializer.initContainer" . | indent 6 }}
- containers:
- - name: {{ include "common.name" . }}
- image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- name: {{ include "common.servicename" . }}
- readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
-# disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
- {{- if eq .Values.liveness.enabled true }}
- livenessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- {{ end -}}
- env:
- - name: elasticsearch_base_url
- value: "{{ternary "https" "http" .Values.security.ssl.enabled}}://{{.Values.config.elasticsearchServiceName}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.config.elasticsearchPort}}"
- volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - mountPath: /usr/share/kibana/config/kibana.yml
- name: {{ include "common.fullname" . }}
- subPath: kibana.yml
- resources:
-{{ include "common.resources" . | indent 12 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: {{ include "common.fullname" . }}
- configMap:
- name: {{ include "common.fullname" . }}
- items:
- - key: kibana.yml
- path: kibana.yml
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
- annotations:
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.externalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.config.portName }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.config.portName }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- persistence: {}
- centralizedLoggingEnabled: true
- #AAF service
- aafEnabled: true
-
-#################################################################
-# AAF part
-#################################################################
-certInitializer:
- permission_user: 1000
- permission_group: 999
- addconfig: true
- keystoreFile: "org.onap.clamp.p12"
- truststoreFile: "org.onap.clamp.trust.jks"
- keyFile: "org.onap.clamp.keyfile"
- truststoreFileONAP: "truststoreONAPall.jks"
- clamp_key: "org.onap.clamp.crt.key"
- clamp_pem: "org.onap.clamp.key.pem"
- clamp_ca_certs_pem: "clamp-ca-certs.pem"
- nameOverride: clamp-kibana-cert-initializer
- aafDeployFqi: deployer@people.osaaf.org
- aafDeployPass: demo123456!
- # aafDeployCredsExternalSecret: some secret
- fqdn: clamp
- fqi: clamp@clamp.onap.org
- public_fqdn: clamp.onap.org
- cadi_longitude: "0.0"
- cadi_latitude: "0.0"
- app_ns: org.osaaf.aaf
- credsPath: /opt/app/osaaf/local
- aaf_add_config: >
- /opt/app/aaf_config/bin/agent.sh local showpass {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop;
- export $(/opt/app/aaf_config/bin/agent.sh local showpass | grep '^c' | xargs -0);
- cd {{ .Values.credsPath }};
- openssl pkcs12 -in {{ .Values.keystoreFile }} -nocerts -nodes -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_key }};
- openssl pkcs12 -in {{ .Values.keystoreFile }} -clcerts -nokeys -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_pem }};
- openssl pkcs12 -in {{ .Values.keystoreFile }} -cacerts -nokeys -chain -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_ca_certs_pem }};
- chmod a+rx *;
-
-flavor: small
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-image: onap/clamp-dashboard-kibana:5.0.4
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-#the 'sslEnabled flag' here below is for the kibana UI connection (web browser connection to kibana)
-config:
- elasticsearchServiceName: cdash-es
- elasticsearchPort: 9200
- elasticUSR: kibanaserver
- elasticPWD: kibanaserver
- sslEnabled: true
- sslPemCertFilePath: /usr/share/kibana/config/keystore/org.onap.clamp.crt.pem
- sslPemkeyFilePath: /usr/share/kibana/config/keystore/org.onap.clamp.key.pem
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 360
- periodSeconds: 30
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 360
- periodSeconds: 30
-
-#internal ssl security scheme for elasticsearch connection mainly
-security:
- ssl:
- enabled: true
-
-service:
- #Example service definition with external, internal and node ports.
- #Services may use any combination of ports depending on the 'type' of
- #service being defined.
- type: NodePort
- name: cdash-kibana
- portName: cdash-kibana-http
- externalPort: 5601
- internalPort: 5601
- nodePort: 90
-ingress:
- enabled: false
- service:
- - baseaddr: "cdash-kibana"
- name: "cdash-kibana"
- port: 5601
- config:
- ssl: "redirect"
-
-#resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- #
- # Example:
- # Configure resource requests and limits
- # ref: http://kubernetes.io/docs/user-guide/compute-resources/
- # Minimum memory for development is 2 CPU cores and 4GB memory
- # Minimum memory for production is 4 CPU cores and 8GB memory
-resources:
- small:
- limits:
- cpu: 1
- memory: 2Gi
- requests:
- cpu: 10m
- memory: 750Mi
- large:
- limits:
- cpu: 1
- memory: 2Gi
- requests:
- cpu: 10m
- memory: 750Mi
- unlimited: {}
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: ONAP Clamp Dashboard Logstash
-name: clamp-dash-logstash
-version: 7.0.0
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-dependencies:
- - name: common
- version: ~7.x-0
- repository: '@local'
- - name: certInitializer
- version: ~7.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~7.x-0
- repository: '@local'
\ No newline at end of file
+++ /dev/null
-{{/*
-# Copyright © 2020 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-http.host: "0.0.0.0"
-## Path where pipeline configurations reside
-path.config: /usr/share/logstash/pipeline
-
-## Type of queue : memeory based or file based
-#queue.type: persisted
-## Size of queue
-#queue.max_bytes: 1024mb
-## Setting true makes logstash check periodically for change in pipeline configurations
-config.reload.automatic: true
-
+++ /dev/null
-{{/*
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-input {
- http_poller {
- urls => {
- event_queue => {
- method => get
- url => "${dmaap_base_url}/events/${event_topic}/${dmaap_consumer_group}/${dmaap_consumer_id}?timeout=15000"
- headers => {
- Accept => "application/json"
- }
- topic => "${event_topic}"
- tags => [ "dmaap_source" ]
- }
- notification_queue => {
- method => get
- url => "${dmaap_base_url}/events/${notification_topic}/${dmaap_consumer_group}/${dmaap_consumer_id}?timeout=15000"
- headers => {
- Accept => "application/json"
- }
- topic => "${notification_topic}"
- tags => [ "dmaap_source" ]
- }
- request_queue => {
- method => get
- url => "${dmaap_base_url}/events/${request_topic}/${dmaap_consumer_group}/${dmaap_consumer_id}?timeout=15000"
- headers => {
- Accept => "application/json"
- }
- topic => "${request_topic}"
- tags => [ "dmaap_source" ]
- }
- }
- socket_timeout => 30
- request_timeout => 30
- schedule => { "every" => "1m" }
- codec => "plain"
-{{- if .Values.global.aafEnabled }}
- cacert => "{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.clamp_ca_certs_pem }}"
-{{- else }}
- cacert => "/certs.d/aafca.pem"
-{{- end }}
- }
-}
-
-
-filter {
- # avoid noise if no entry in the list
- if [message] == "[]" {
- drop { }
- }
-
- if [http_request_failure] or [@metadata][code] != 200 {
- mutate {
- add_tag => [ "error" ]
- }
- }
-
- if "dmaap_source" in [@metadata][request][tags] {
- #
- # Dmaap provides a json list, whose items are Strings containing the event
- # provided to Dmaap, which itself is an escaped json.
- #
- # We first need to parse the json as we have to use the plaintext as it cannot
- # work with list of events, then split that list into multiple string events,
- # that we then transform into json.
- #
- json {
- source => "[message]"
- target => "message"
- }
-
- split {
- field => "message"
- }
- json {
- source => "message"
- }
- mutate {
- remove_field => [ "message" ]
- }
- }
-
- #
- # Some timestamps are expressed as milliseconds, some are in microseconds
- #
- if [closedLoopAlarmStart] {
- ruby {
- code => "
- if event.get('closedLoopAlarmStart').to_s.to_i(10) > 9999999999999
- event.set('closedLoopAlarmStart', event.get('closedLoopAlarmStart').to_s.to_i(10) / 1000)
- else
- event.set('closedLoopAlarmStart', event.get('closedLoopAlarmStart').to_s.to_i(10))
- end
- "
- }
- date {
- match => [ "closedLoopAlarmStart", UNIX_MS ]
- target => "closedLoopAlarmStart"
- }
- }
-
- if [closedLoopAlarmEnd] {
- ruby {
- code => "
- if event.get('closedLoopAlarmEnd').to_s.to_i(10) > 9999999999999
- event.set('closedLoopAlarmEnd', event.get('closedLoopAlarmEnd').to_s.to_i(10) / 1000)
- else
- event.set('closedLoopAlarmEnd', event.get('closedLoopAlarmEnd').to_s.to_i(10))
- end
- "
- }
- date {
- match => [ "closedLoopAlarmEnd", UNIX_MS ]
- target => "closedLoopAlarmEnd"
- }
-
- }
-
-
- #
- # Notification time are expressed under the form "yyyy-MM-dd HH:mm:ss", which
- # is close to ISO8601, but lacks of T as spacer: "yyyy-MM-ddTHH:mm:ss"
- #
- if [notificationTime] {
- mutate {
- gsub => [
- "notificationTime", " ", "T"
- ]
- }
- date {
- match => [ "notificationTime", ISO8601 ]
- target => "notificationTime"
- }
- }
-
-
- #
- # Renaming some fields for readability
- #
- if [AAI][generic-vnf.vnf-name] {
- mutate {
- add_field => { "vnfName" => "%{[AAI][generic-vnf.vnf-name]}" }
- }
- }
- if [AAI][generic-vnf.vnf-type] {
- mutate {
- add_field => { "vnfType" => "%{[AAI][generic-vnf.vnf-type]}" }
- }
- }
- if [AAI][vserver.vserver-name] {
- mutate {
- add_field => { "vmName" => "%{[AAI][vserver.vserver-name]}" }
- }
- }
- if [AAI][complex.city] {
- mutate {
- add_field => { "locationCity" => "%{[AAI][complex.city]}" }
- }
- }
- if [AAI][complex.state] {
- mutate {
- add_field => { "locationState" => "%{[AAI][complex.state]}" }
- }
- }
-
-
- #
- # Adding some flags to ease aggregation
- #
- if [closedLoopEventStatus] =~ /(?i)ABATED/ {
- mutate {
- add_field => { "flagAbated" => "1" }
- }
- }
- if [notification] =~ /^.*?(?:\b|_)FINAL(?:\b|_).*?(?:\b|_)FAILURE(?:\b|_).*?$/ {
- mutate {
- add_field => { "flagFinalFailure" => "1" }
- }
- }
-
-
- if "error" not in [@metadata][request][tags]{
- #
- # Creating data for a secondary index
- #
- clone {
- clones => [ "event-cl-aggs" ]
- add_tag => [ "event-cl-aggs" ]
- }
-
- if "event-cl-aggs" in [@metadata][request][tags]{
- #
- # we only need a few fields for aggregations; remove all fields from clone except :
- # vmName,vnfName,vnfType,requestID,closedLoopAlarmStart, closedLoopControlName,closedLoopAlarmEnd,abated,nbrDmaapevents,finalFailure
- #
- prune {
- whitelist_names => ["^@.*$","^topic$","^type$","^tags$","^flagFinalFailure$","^flagAbated$","^locationState$","^locationCity$","^vmName$","^vnfName$","^vnfType$","^requestID$","^closedLoopAlarmStart$","^closedLoopControlName$","^closedLoopAlarmEnd$","^target$","^target_type$","^triggerSourceName$","^policyScope$","^policyName$","^policyVersion$"]
- }
-
- }
- }
-}
-
-
-output {
- stdout {
- codec => rubydebug
- }
-
- if "error" in [tags] {
- elasticsearch {
- ilm_enabled => false
- codec => "json"
-{{- if .Values.global.aafEnabled }}
- cacert => "{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.clamp_ca_certs_pem }}"
-{{- else }}
- cacert => "/clamp-cert/ca-certs.pem"
-{{- end }}
- ssl_certificate_verification => false
- hosts => ["${elasticsearch_base_url}"]
- user => ["${logstash_user}"]
- password => ["${logstash_pwd}"]
- index => "errors-%{+YYYY.MM.DD}"
- doc_as_upsert => true
- }
-
- } else if "event-cl-aggs" in [tags] {
- elasticsearch {
- ilm_enabled => false
- codec => "json"
- hosts => ["${elasticsearch_base_url}"]
-{{- if .Values.global.aafEnabled }}
- cacert => "{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.clamp_ca_certs_pem }}"
-{{- else }}
- cacert => "/clamp-cert/ca-certs.pem"
-{{- end }}
- ssl_certificate_verification => false
- user => ["${logstash_user}"]
- password => ["${logstash_pwd}"]
- document_id => "%{requestID}"
- index => "events-cl-%{+YYYY.MM.DD}" # creates daily indexes for control loop
- doc_as_upsert => true
- action => "update"
- }
-
- } else {
- elasticsearch {
- ilm_enabled => false
- codec => "json"
- hosts => ["${elasticsearch_base_url}"]
-{{- if .Values.global.aafEnabled }}
- cacert => "{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.clamp_ca_certs_pem }}"
-{{- else }}
- cacert => "/clamp-cert/ca-certs.pem"
-{{- end }}
- ssl_certificate_verification => false
- user => ["${logstash_user}"]
- password => ["${logstash_pwd}"]
- index => "events-%{+YYYY.MM.DD}" # creates daily indexes
- doc_as_upsert => true
- }
- }
-}
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- spec:
- initContainers:
- - command:
- - /app/ready.py
- args:
- - --container-name
- - clamp-dash-es
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
-{{ include "common.certInitializer.initContainer" . | indent 6 }}
- containers:
- - name: {{ include "common.name" . }}
- image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- env:
- - name: dmaap_consumer_group
- value: "{{ .Values.config.dmaapConsumerGroup }}"
- - name: dmaap_consumer_id
- value: "{{ .Values.config.dmaapConsumerId }}"
- - name: event_topic
- value: "{{ .Values.config.eventTopic }}"
- - name: notification_topic
- value: "{{ .Values.config.notificationTopic }}"
- - name: request_topic
- value: "{{ .Values.config.requestTopic }}"
- - name: dmaap_base_url
- value: {{ ternary "https" "http" .Values.security.ssl.enabled }}://{{ .Values.config.dmaapHost }}.{{ include "common.namespace" . }}:{{ .Values.config.dmaapPort }}
- - name: logstash_user
- value: "{{ .Values.config.logstash_user }}"
- - name: logstash_pwd
- value: "{{ .Values.config.logstash_pwd }}"
- - name: elasticsearch_base_url
- value: "{{ ternary "https" "http" .Values.security.ssl.enabled }}://{{.Values.config.elasticsearchServiceName}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.config.elasticsearchPort}}"
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- name: {{ include "common.servicename" . }}
- readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
-# disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
- {{- if eq .Values.liveness.enabled true }}
- livenessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
- {{ end -}}
- volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - mountPath: /usr/share/logstash/config/logstash.yml
- name: {{ include "common.fullname" . }}
- subPath: logstash.yml
- - mountPath: /usr/share/logstash/pipeline/logstash.conf
- name: {{ include "common.fullname" . }}
- subPath: pipeline.conf
- resources:
-{{ include "common.resources" . | indent 12 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: {{ include "common.fullname" . }}
- configMap:
- name: {{ include "common.fullname" . }}
- items:
- - key: logstash.yml
- path: logstash.yml
- - key: pipeline.conf
- path: pipeline.conf
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
- annotations:
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.externalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.config.portName }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.config.portName }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
- nodePortPrefix: 302
- persistence: {}
- centralizedLoggingEnabled: true
- #AAF service
- aafEnabled: true
-
-#################################################################
-# AAF part
-#################################################################
-certInitializer:
- permission_user: 1000
- permission_group: 999
- addconfig: true
- keystoreFile: "org.onap.clamp.p12"
- truststoreFile: "org.onap.clamp.trust.jks"
- keyFile: "org.onap.clamp.keyfile"
- truststoreFileONAP: "truststoreONAPall.jks"
- clamp_key: "org.onap.clamp.crt.key"
- clamp_pem: "org.onap.clamp.key.pem"
- clamp_ca_certs_pem: "clamp-ca-certs.pem"
- nameOverride: clamp-logstash-cert-initializer
- aafDeployFqi: deployer@people.osaaf.org
- aafDeployPass: demo123456!
- # aafDeployCredsExternalSecret: some secret
- fqdn: clamp
- fqi: clamp@clamp.onap.org
- public_fqdn: clamp.onap.org
- cadi_longitude: "0.0"
- cadi_latitude: "0.0"
- app_ns: org.osaaf.aaf
- credsPath: /opt/app/osaaf/local
- aaf_add_config: >
- /opt/app/aaf_config/bin/agent.sh local showpass {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop;
- export $(/opt/app/aaf_config/bin/agent.sh local showpass | grep '^c' | xargs -0);
- cd {{ .Values.credsPath }};
- openssl pkcs12 -in {{ .Values.keystoreFile }} -nocerts -nodes -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_key }};
- openssl pkcs12 -in {{ .Values.keystoreFile }} -clcerts -nokeys -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_pem }};
- openssl pkcs12 -in {{ .Values.keystoreFile }} -cacerts -nokeys -chain -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_ca_certs_pem }};
- chmod a+rx *;
-
-flavor: small
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-
-# application image
-image: onap/clamp-dashboard-logstash:5.0.4
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config:
- elasticsearchServiceName: cdash-es
- elasticsearchPort: 9200
- dmaapHost: message-router
- dmaapSchemeSSL: https
- dmaapSchemeNoSSL: http
- dmaapPort: 3905
- dmaapConsumerGroup: "clampdashboard"
- dmaapConsumerId: "clampdashboard"
- eventTopic: "DCAE-CL-EVENT"
- notificationTopic: "POLICY-CL-MGT"
- requestTopic: "APPC-CL"
- logstash_user: "logstash"
- logstash_pwd: "logstash"
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 900
- periodSeconds: 20
- timeoutSeconds: 5
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 900
- periodSeconds: 20
- timeoutSeconds: 5
-
-security:
- ssl:
- enabled: true
-
-service:
- #Example service definition with external, internal and node ports.
- #Services may use any combination of ports depending on the 'type' of
- #service being defined.
- type: ClusterIP
- name: cdash-ls
- portName: cdash-ls-healthcheck
- externalPort: 9600
- internalPort: 9600
-ingress:
- enabled: false
-
-#resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- #
- # Example:
- # Configure resource requests and limits
- # ref: http://kubernetes.io/docs/user-guide/compute-resources/
- # Minimum memory for development is 2 CPU cores and 4GB memory
- # Minimum memory for production is 4 CPU cores and 8GB memory
-resources:
- small:
- limits:
- cpu: 1
- memory: 1.3Gi
- requests:
- cpu: 10m
- memory: 750Mi
- large:
- limits:
- cpu: 1
- memory: 1.3Gi
- requests:
- cpu: 10m
- memory: 750Mi
- unlimited: {}
+++ /dev/null
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
+++ /dev/null
-#!/bin/bash
-set -eo pipefail
-shopt -s nullglob
-
-# if command starts with an option, prepend mysqld
-if [ "${1:0:1}" = '-' ]; then
- set -- mysqld "$@"
-fi
-
-# skip setup if they want an option that stops mysqld
-wantHelp=
-for arg; do
- case "$arg" in
- -'?'|--help|--print-defaults|-V|--version)
- wantHelp=1
- break
- ;;
- esac
-done
-
-prepare_password()
-{
- echo "$1" | sed -e "s/'/\\\\'/g; s/\"/\\\\\"/g"
-}
-
-# usage: file_env VAR [DEFAULT]
-# ie: file_env 'XYZ_DB_PASSWORD' 'example'
-# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
-# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
-file_env() {
- local var="$1"
- local fileVar="${var}_FILE"
- local def="${2:-}"
- if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
- echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
- exit 1
- fi
- local val="$def"
- if [ "${!var:-}" ]; then
- val="${!var}"
- elif [ "${!fileVar:-}" ]; then
- val="$(< "${!fileVar}")"
- fi
- val=`prepare_password $val`
- export "$var"="$val"
- unset "$fileVar"
-}
-
-_check_config() {
- toRun=( "$@" --verbose --help --log-bin-index="$(mktemp -u)" )
- if ! errors="$("${toRun[@]}" 2>&1 >/dev/null)"; then
- cat >&2 <<-EOM
-
- ERROR: mysqld failed while attempting to check config
- command was: "${toRun[*]}"
-
- $errors
- EOM
- exit 1
- fi
-}
-
-# Fetch value from server config
-# We use mysqld --verbose --help instead of my_print_defaults because the
-# latter only show values present in config files, and not server defaults
-_get_config() {
- local conf="$1"; shift
- "$@" --verbose --help --log-bin-index="$(mktemp -u)" 2>/dev/null \
- | awk '$1 == "'"$conf"'" && /^[^ \t]/ { sub(/^[^ \t]+[ \t]+/, ""); print; exit }'
- # match "datadir /some/path with/spaces in/it here" but not "--xyz=abc\n datadir (xyz)"
-}
-
-# allow the container to be started with `--user`
-if [ "$1" = 'mysqld' -a -z "$wantHelp" -a "$(id -u)" = '0' ]; then
- _check_config "$@"
- DATADIR="$(_get_config 'datadir' "$@")"
- mkdir -p "$DATADIR"
- find "$DATADIR" \! -user mysql -exec chown mysql '{}' +
- exec gosu mysql "$BASH_SOURCE" "$@"
-fi
-
-if [ "$1" = 'mysqld' -a -z "$wantHelp" ]; then
- # still need to check config, container may have started with --user
- _check_config "$@"
- # Get config
- DATADIR="$(_get_config 'datadir' "$@")"
-
- if [ ! -d "$DATADIR/mysql" ]; then
- file_env 'MYSQL_ROOT_PASSWORD'
- if [ -z "$MYSQL_ROOT_PASSWORD" -a -z "$MYSQL_ALLOW_EMPTY_PASSWORD" -a -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then
- echo >&2 'error: database is uninitialized and password option is not specified '
- echo >&2 ' You need to specify one of MYSQL_ROOT_PASSWORD, MYSQL_ALLOW_EMPTY_PASSWORD and MYSQL_RANDOM_ROOT_PASSWORD'
- exit 1
- fi
-
- mkdir -p "$DATADIR"
-
- echo 'Initializing database'
- # "Other options are passed to mysqld." (so we pass all "mysqld" arguments directly here)
- mysql_install_db --datadir="$DATADIR" --rpm "${@:2}"
- echo 'Database initialized'
-
- SOCKET="$(_get_config 'socket' "$@")"
- "$@" --skip-networking --socket="${SOCKET}" &
- pid="$!"
-
- mysql=( mysql --protocol=socket -uroot -hlocalhost --socket="${SOCKET}" )
-
- for i in {30..0}; do
- if echo 'SELECT 1' | "${mysql[@]}" &> /dev/null; then
- break
- fi
- echo 'MySQL init process in progress...'
- sleep 1
- done
- if [ "$i" = 0 ]; then
- echo >&2 'MySQL init process failed.'
- exit 1
- fi
-
- if [ -z "$MYSQL_INITDB_SKIP_TZINFO" ]; then
- # sed is for https://bugs.mysql.com/bug.php?id=20545
- mysql_tzinfo_to_sql /usr/share/zoneinfo | sed 's/Local time zone must be set--see zic manual page/FCTY/' | "${mysql[@]}" mysql
- fi
-
- if [ ! -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then
- export MYSQL_ROOT_PASSWORD="$(pwgen -1 32)"
- echo "GENERATED ROOT PASSWORD: $MYSQL_ROOT_PASSWORD"
- fi
-
- rootCreate=
- # default root to listen for connections from anywhere
- file_env 'MYSQL_ROOT_HOST' '%'
- if [ ! -z "$MYSQL_ROOT_HOST" -a "$MYSQL_ROOT_HOST" != 'localhost' ]; then
- # no, we don't care if read finds a terminating character in this heredoc
- # https://unix.stackexchange.com/questions/265149/why-is-set-o-errexit-breaking-this-read-heredoc-expression/265151#265151
- read -r -d '' rootCreate <<-EOSQL || true
- CREATE USER 'root'@'${MYSQL_ROOT_HOST}' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}' ;
- GRANT ALL ON *.* TO 'root'@'${MYSQL_ROOT_HOST}' WITH GRANT OPTION ;
- EOSQL
- fi
-
- "${mysql[@]}" <<-EOSQL
- -- What's done in this file shouldn't be replicated
- -- or products like mysql-fabric won't work
- SET @@SESSION.SQL_LOG_BIN=0;
-
- DELETE FROM mysql.user WHERE user NOT IN ('mysql.sys', 'mysqlxsys', 'root') OR host NOT IN ('localhost') ;
- SET PASSWORD FOR 'root'@'localhost'=PASSWORD('${MYSQL_ROOT_PASSWORD}') ;
- GRANT ALL ON *.* TO 'root'@'localhost' WITH GRANT OPTION ;
- ${rootCreate}
- DROP DATABASE IF EXISTS test ;
- FLUSH PRIVILEGES ;
- EOSQL
-
- if [ ! -z "$MYSQL_ROOT_PASSWORD" ]; then
- mysql+=( -p"${MYSQL_ROOT_PASSWORD}" )
- fi
-
- file_env 'MYSQL_DATABASE'
- if [ "$MYSQL_DATABASE" ]; then
- echo "CREATE DATABASE IF NOT EXISTS \`$MYSQL_DATABASE\` ;" | "${mysql[@]}"
- mysql+=( "$MYSQL_DATABASE" )
- fi
-
- file_env 'MYSQL_USER'
- file_env 'MYSQL_PASSWORD'
- if [ "$MYSQL_USER" -a "$MYSQL_PASSWORD" ]; then
- echo "CREATE USER '$MYSQL_USER'@'%' IDENTIFIED BY '$MYSQL_PASSWORD' ;" | "${mysql[@]}"
-
- if [ "$MYSQL_DATABASE" ]; then
- echo "GRANT ALL ON \`$MYSQL_DATABASE\`.* TO '$MYSQL_USER'@'%' ;" | "${mysql[@]}"
- fi
- fi
-
- echo
- for f in /docker-entrypoint-initdb.d/*; do
- case "$f" in
- *.sh) echo "$0: running $f"; . "$f" ;;
- *.sql) echo "$0: running $f"; "${mysql[@]}" < "$f"; echo ;;
- *.sql.gz) echo "$0: running $f"; gunzip -c "$f" | "${mysql[@]}"; echo ;;
- *) echo "$0: ignoring $f" ;;
- esac
- echo
- done
-
- if ! kill -s TERM "$pid" || ! wait "$pid"; then
- echo >&2 'MySQL init process failed.'
- exit 1
- fi
-
- echo
- echo 'MySQL init process done. Ready for start up.'
- echo
- fi
-fi
-
-exec "$@"
+++ /dev/null
-{{/*
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# Example MySQL config file for medium systems.
-#
-# This is for a system with memory 8G where MySQL plays
-# an important part, or systems up to 128M where MySQL is used together with
-# other programs (such as a web server)
-#
-# In this file, you can use all long options that a program supports.
-# If you want to know which options a program supports, run the program
-# with the "--help" option.
-*/}}
-
-# The following options will be passed to all MySQL clients
-##[client]
-##user = root
-##port = 3306
-##socket = //opt/app/mysql/mysql.sock
-
-# Here follows entries for some specific programs
-
-# The MySQL server
-[mysqld]
-##performance_schema
-
-slow_query_log =ON
-long_query_time =2
-slow_query_log_file =//var/lib/mysql/slow_query.log
-##basedir = //opt/app/mysql/product/mariadb-10.1.11-linux-x86_64
-##datadir = //opt/app/mysql/data
-##port = 3306
-##socket = //opt/app/mysql/mysql.sock
-skip-external-locking
-explicit_defaults_for_timestamp = true
-skip-symbolic-links
-local-infile = 0
-#ignore_db_dir=lost+found
-key_buffer_size = 16M
-max_allowed_packet = 4M
-table_open_cache = 100
-sort_buffer_size = 512K
-net_buffer_length = 8K
-read_buffer_size = 256K
-read_rnd_buffer_size = 512K
-myisam_sort_buffer_size = 8M
-max_connections = 500
-lower_case_table_names = 1
-thread_stack = 256K
-thread_cache_size = 25
-query_cache_size = 8M
-query_cache_type = 0
-query_prealloc_size = 512K
-query_cache_limit = 1M
-
-# Password validation
-##plugin-load-add=simple_password_check.so
-##simple_password_check_other_characters=0
-
-# Audit Log settings
-plugin-load-add=server_audit.so
-server_audit=FORCE_PLUS_PERMANENT
-server_audit_file_path=//var/lib/mysql/audit.log
-server_audit_file_rotate_size=50M
-server_audit_events=CONNECT,QUERY,TABLE
-server_audit_logging=on
-
-# Don't listen on a TCP/IP port at all. This can be a security enhancement,
-# if all processes that need to connect to mysqld run on the same host.
-# All interaction with mysqld must be made via Unix sockets or named pipes.
-# Note that using this option without enabling named pipes on Windows
-# (via the "enable-named-pipe" option) will render mysqld useless!
-#
-#skip-networking
-
-# Replication Master Server (default)
-# binary logging is required for replication
-##log-bin=//var/lib/mysql/mysql-bin
-
-# binary logging format - mixed recommended
-binlog_format=row
-
-# required unique id between 1 and 2^32 - 1
-# defaults to 1 if master-host is not set
-# but will not function as a master if omitted
-
-# Replication Slave (comment out master section to use this)
-#
-# To configure this host as a replication slave, you can choose between
-# two methods :
-#
-# 1) Use the CHANGE MASTER TO command (fully described in our manual) -
-# the syntax is:
-#
-# CHANGE MASTER TO MASTER_HOST=<host>, MASTER_PORT=<port>,
-# MASTER_USER=<user>, MASTER_PASSWORD=<password> ;
-#
-# where you replace <host>, <user>, <password> by quoted strings and
-# <port> by the master's port number (3306 by default).
-#
-# Example:
-#
-# CHANGE MASTER TO MASTER_HOST='125.564.12.1', MASTER_PORT=3306,
-# MASTER_USER='joe', MASTER_PASSWORD='secret';
-#
-# OR
-#
-# 2) Set the variables below. However, in case you choose this method, then
-# start replication for the first time (even unsuccessfully, for example
-# if you mistyped the password in master-password and the slave fails to
-# connect), the slave will create a master.info file, and any later
-# change in this file to the variables' values below will be ignored and
-# overridden by the content of the master.info file, unless you shutdown
-# the slave server, delete master.info and restart the slaver server.
-# For that reason, you may want to leave the lines below untouched
-# (commented) and instead use CHANGE MASTER TO (see above)
-#
-# required unique id between 2 and 2^32 - 1
-# (and different from the master)
-# defaults to 2 if master-host is set
-# but will not function as a slave if omitted
-#server-id = 2
-#
-# The replication master for this slave - required
-#master-host = <hostname>
-#
-# The username the slave will use for authentication when connecting
-# to the master - required
-#master-user = <username>
-#
-# The password the slave will authenticate with when connecting to
-# the master - required
-#master-password = <password>
-#
-# The port the master is listening on.
-# optional - defaults to 3306
-#master-port = <port>
-#
-# binary logging - not required for slaves, but recommended
-#log-bin=mysql-bin
-
-# Uncomment the following if you are using InnoDB tables
-##innodb_data_home_dir = //opt/app/mysql/data
-##innodb_data_file_path = ibdata1:20M:autoextend:max:32G
-##innodb_log_group_home_dir = //opt/app/mysql/iblogs
-# You can set .._buffer_pool_size up to 50 - 80 %
-# of RAM but beware of setting memory usage too high
-innodb_buffer_pool_size = 128M
-#innodb_additional_mem_pool_size = 2M
-# Set .._log_file_size to 25 % of buffer pool size
-innodb_log_file_size = 10M
-innodb_log_files_in_group = 3
-innodb_log_buffer_size = 8M
-#innodb_flush_log_at_trx_commit = 1
-innodb_lock_wait_timeout = 50
-innodb_autoextend_increment = 100
-expire_logs_days = 8
-open_files_limit = 2000
-transaction-isolation=READ-COMMITTED
-####### Galera parameters #######
-## Galera Provider configuration
-wsrep_provider=/usr/lib/galera/libgalera_smm.so
-wsrep_provider_options="gcache.size=128M; gcache.page_size=10M"
-## Galera Cluster configuration
-wsrep_cluster_name="MSO-automated-tests-cluster"
-wsrep_cluster_address="gcomm://"
-#wsrep_cluster_address="gcomm://mariadb1,mariadb2,mariadb3"
-##wsrep_cluster_address="gcomm://192.169.3.184,192.169.3.185,192.169.3.186"
-## Galera Synchronization configuration
-wsrep_sst_method=rsync
-#wsrep_sst_method=xtrabackup-v2
-#wsrep_sst_auth="sstuser:Mon#2o!6"
-## Galera Node configuration
-wsrep_node_name="mariadb1"
-##wsrep_node_address="192.169.3.184"
-wsrep_on=OFF
-## Status notification
-#wsrep_notify_cmd=/opt/app/mysql/bin/wsrep_notify
-#######
-
-
-[mysqldump]
-quick
-max_allowed_packet = 16M
-
-[mysql]
-no-auto-rehash
-# Remove the next comment character if you are not familiar with SQL
-#safe-updates
-
-[myisamchk]
-key_buffer_size = 20971520
-
-##[mysqlhotcopy]
-##interactive-timeout
-##[mysqld_safe]
-##malloc-lib=//opt/app/mysql/local/lib/libjemalloc.so.1
-##log-error=//opt/app/mysql/log/mysqld.log
+++ /dev/null
-# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- replicas: {{ .Values.replicaCount }}
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- spec:
- containers:
- - name: {{ include "common.name" . }}
- image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
- {{- if eq .Values.liveness.enabled true }}
- livenessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- {{ end -}}
- readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- env:
- - name: MYSQL_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }}
- - name: MYSQL_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }}
- - name: MYSQL_ROOT_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-root-pass" "key" "password") | indent 12 }}
- - name: MYSQL_DATABASE
- value: {{ tpl .Values.db.databaseName .}}
- volumeMounts:
- - mountPath: /docker-entrypoint.sh
- subPath: docker-entrypoint.sh
- name: init-script
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - mountPath: /docker-entrypoint-initdb.d/
- name: docker-entrypoint-bulkload
- - mountPath: /etc/mysql/conf.d/conf1/
- name: clamp-mariadb-conf
- - mountPath: /var/lib/mysql
- name: clamp-mariadb-data
- resources:
-{{ include "common.resources" . | indent 12 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- volumes:
- {{- if .Values.persistence.enabled }}
- - name: clamp-mariadb-data
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}
- {{- else }}
- emptyDir: {}
- {{- end }}
- - name: docker-entrypoint-bulkload
- configMap:
- name: clamp-entrypoint-bulkload-configmap
- - name: clamp-mariadb-conf
- configMap:
- name: clamp-mariadb-conf-configmap
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: init-script
- configMap:
- name: {{ include "common.fullname" . }}
- defaultMode: 0755
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-{{- if eq "True" (include "common.needPV" .) -}}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-data
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ .Values.persistence.size}}
- accessModes:
- - {{ .Values.persistence.accessMode }}
- storageClassName: "{{ include "common.fullname" . }}-data"
- persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }}
-{{- end -}}
-{{- end -}}
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
- annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- accessModes:
- - {{ .Values.persistence.accessMode }}
- resources:
- requests:
- storage: {{ .Values.persistence.size }}
- storageClassName: {{ include "common.storageClass" . }}
-{{- end -}}
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018-2019 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global: # global defaults
- nodePortPrefix: 302
-
- persistence: {}
-# application image
-image: mariadb:10.5.4
-pullPolicy: Always
-flavor: small
-#################################################################
-# Secrets metaconfig
-#################################################################
-secrets:
- - uid: db-root-pass
- type: password
- externalSecret: '{{ tpl (default "" .Values.db.rootCredsExternalSecret) . }}'
- password: '{{ .Values.db.rootPass }}'
- - uid: db-secret
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.db.userCredsExternalSecret) . }}'
- login: '{{ .Values.db.user }}'
- password: '{{ .Values.db.password }}'
-
-# Application configuration
-# dummy value db user pasword to pass lint!!!
-db:
- user: dummy-clds
- password: dummy-sidnnd83K
- databaseName: dummy-cldsdb4
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 30
- periodSeconds: 10
- timeoutSeconds: 3
- # necessary to disable liveness probe when setting breakpoints
- # in debugger so K8s doesn't restart unresponsive container
- enabled: true
-
-readiness:
- initialDelaySeconds: 30
- periodSeconds: 10
- timeoutSeconds: 3
-
-## Persist data to a persitent volume
-persistence:
- enabled: true
-
- ## A manually managed Persistent Volume and Claim
- ## Requires persistence.enabled: true
- ## If defined, PVC must be created manually before volume will be bound
- # existingClaim:
- volumeReclaimPolicy: Retain
-
- ## database data Persistent Volume Storage Class
- ## If defined, storageClassName: <storageClass>
- ## If set to "-", storageClassName: "", which disables dynamic provisioning
- ## If undefined (the default) or set to null, no storageClassName spec is
- ## set, choosing the default provisioner. (gp2 on AWS, standard on
- ## GKE, AWS & OpenStack)
- ##
- # storageClass: "-"
- accessMode: ReadWriteOnce
- size: 2Gi
- mountPath: /dockerdata-nfs
- mountSubPath: clamp/mariadb/data
-
-service:
- type: ClusterIP
- name: clampdb
- portName: clampdb
- internalPort: 3306
- externalPort: 3306
-
-
-ingress:
- enabled: false
-
-
-#resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- #
- # Example:
- # Configure resource requests and limits
- # ref: http://kubernetes.io/docs/user-guide/compute-resources/
- # Minimum memory for development is 2 CPU cores and 4GB memory
- # Minimum memory for production is 4 CPU cores and 8GB memory
-resources:
- small:
- limits:
- cpu: 1
- memory: 500Mi
- requests:
- cpu: 10m
- memory: 200Mi
- large:
- limits:
- cpu: 1
- memory: 500Mi
- requests:
- cpu: 10m
- memory: 200Mi
- unlimited: {}
+++ /dev/null
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-dependencies:
- - name: certInitializer
- version: ~7.x-0
- repository: '@local'
- - name: repositoryGenerator
- version: ~7.x-0
- repository: '@local'
- - name: clamp-mariadb
- version: ~7.x-0
- repository: 'file://components/clamp-mariadb'
- - name: clamp-backend
- version: ~7.x-0
- repository: 'file://components/clamp-backend'
- - name: clamp-dash-es
- version: ~7.x-0
- repository: 'file://components/clamp-dash-es'
- - name: clamp-dash-logstash
- version: ~7.x-0
- repository: 'file://components/clamp-dash-logstash'
- - name: clamp-dash-kibana
- version: ~7.x-0
- repository: 'file://components/clamp-dash-kibana'
\ No newline at end of file
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
-
-{{ include "common.log.configMap" . }}
+++ /dev/null
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ .Values.service.name }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
----
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ .Values.service.name2 }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
- annotations:
-spec:
- type: {{ .Values.service.type2 }}
- ports:
- {{if eq .Values.service.type2 "NodePort" -}}
- - port: {{ .Values.service.internalPort2 }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
- name: {{ .Values.config.portName2 }}
- {{- else -}}
- - port: {{ .Values.service.externalPort2 }}
- targetPort: {{ .Values.service.internalPort2 }}
- name: {{ .Values.config.portName2 }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
\ No newline at end of file
# Decrypt and move relevant files to WORK_DIR
for f in $CERTS_DIR/*; do
- if [[ $AAF_ENABLED == false ]] && [[ $f == *$ONAP_TRUSTSTORE* ]]; then
+ export canonical_name_nob64=$(echo $f | sed 's/.*\/\([^\/]*\)/\1/')
+ export canonical_name_b64=$(echo $f | sed 's/.*\/\([^\/]*\)\(\.b64\)/\1/')
+ if [ "$AAF_ENABLED" == "false" ] && [ "$canonical_name_b64" == "$ONAP_TRUSTSTORE" ]; then
# Dont use onap truststore when aaf is disabled
continue
fi
- if [[ $f == *.sh ]]; then
+ if [ "$AAF_ENABLED" == "false" ] && [ "$canonical_name_nob64" == "$ONAP_TRUSTSTORE" ]; then
+ # Dont use onap truststore when aaf is disabled
+ continue
+ fi
+ if [ ${f: -3} == ".sh" ]; then
continue
fi
- if [[ $f == *.b64 ]]
+ if [ ${f: -4} == ".b64" ]
then
base64 -d $f > $WORK_DIR/`basename $f .b64`
else
done
# Prepare truststore output file
-if [[ $AAF_ENABLED == true ]]
+if [ "$AAF_ENABLED" == "true" ]
then
mv $WORK_DIR/$ONAP_TRUSTSTORE $WORK_DIR/$TRUSTSTORE_OUTPUT_FILENAME
else
# Import Custom Certificates
for f in $WORK_DIR/*; do
- if [[ $f == *.pem ]]; then
+ if [ ${f: -4} == ".pem" ]; then
echo "importing certificate: $f"
keytool -import -file $f -alias `basename $f` -keystore $WORK_DIR/$TRUSTSTORE_OUTPUT_FILENAME -storepass $TRUSTSTORE_PASSWORD -noprompt
- if [[ $? != 0 ]]; then
+ if [ $? != 0 ]; then
echo "failed importing certificate: $f"
exit 1
fi
securityContext:
runAsUser: 0
command:
- - /bin/bash
+ - /bin/sh
- -c
- /root/import-custom-certs.sh
env:
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
+# Copyright © 2021 Nokia
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
apiVersion: v1
-description: ONAP Clamp Dashboard Kibana
-name: clamp-dash-kibana
+name: certManagerCertificate
+description: A Helm chart for Cert-Manager Certificate CRD template
version: 7.0.0
-{{/* # Copyright © 2020 Samsung, Orange
+# Copyright © 2021 Nokia
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-*/}}
-{{ include "common.ingress" . }}
+dependencies:
+ - name: common
+ version: ~7.x-0
+ repository: 'file://../common'
--- /dev/null
+{{/*#
+# Copyright © 2020-2021, Nokia
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.*/}}
+
+{{/*
+# This is a template for requesting a certificate from the cert-manager (https://cert-manager.io).
+#
+# To request a certificate following steps are to be done:
+# - create an object 'certificates' in the values.yaml
+# - create a file templates/certificates.yaml and invoke the function "certManagerCertificate.certificate".
+#
+# Here is an example of the certificate request for a component:
+#
+# Directory structure:
+# component
+# templates
+# certifictes.yaml
+# values.yaml
+#
+# To be added in the file certificates.yamll
+#
+# To be added in the file values.yaml
+# 1. Minimal version (certificates only in PEM format)
+# certificates:
+# - commonName: component.onap.org
+#
+# 2. Extended version (with defined own issuer and additional certificate format):
+# certificates:
+# - name: onap-component-certificate
+# secretName: onap-component-certificate
+# commonName: component.onap.org
+# dnsNames:
+# - component.onap.org
+# issuer:
+# group: certmanager.onap.org
+# kind: CMPv2Issuer
+# name: cmpv2-issuer-for-the-component
+# keystore:
+# outputType:
+# - p12
+# - jks
+# passwordSecretRef:
+# name: secret-name
+# key: secret-key
+#
+# Fields 'name', 'secretName' and 'commonName' are mandatory and required to be defined.
+# Other mandatory fields for the certificate definition do not have to be defined directly,
+# in that case they will be taken from default values.
+#
+# Default values are defined in file onap/values.yaml (see-> global.certificate.default)
+# and can be overriden during onap installation process.
+#
+*/}}
+
+{{- define "certManagerCertificate.certificate" -}}
+{{- $dot := default . .dot -}}
+{{- $initRoot := default $dot.Values.certManagerCertificate .initRoot -}}
+
+{{- $certificates := $dot.Values.certificates -}}
+{{- $subchartGlobal := mergeOverwrite (deepCopy $initRoot.global) $dot.Values.global }}
+
+{{ range $i, $certificate := $certificates }}
+{{/*# General certifiacate attributes #*/}}
+{{- $name := include "common.fullname" $dot -}}
+{{- $certName := default (printf "%s-cert-%d" $name $i) $certificate.name -}}
+{{- $secretName := default (printf "%s-secret-%d" $name $i) $certificate.secretName -}}
+{{- $commonName := (required "'commonName' for Certificate is required." $certificate.commonName) -}}
+{{- $renewBefore := default $subchartGlobal.certificate.default.renewBefore $certificate.renewBefore -}}
+{{- $duration := default $subchartGlobal.certificate.default.duration $certificate.duration -}}
+{{- $namespace := $dot.Release.Namespace -}}
+{{/*# SAN's #*/}}
+{{- $dnsNames := $certificate.dnsNames -}}
+{{- $ipAddresses := $certificate.ipAddresses -}}
+{{- $uris := $certificate.uris -}}
+{{- $emailAddresses := $certificate.emailAddresses -}}
+{{/*# Subject #*/}}
+{{- $subject := $subchartGlobal.certificate.default.subject -}}
+{{- if $certificate.subject -}}
+{{- $subject = $certificate.subject -}}
+{{- end -}}
+{{/*# Issuer #*/}}
+{{- $issuer := $subchartGlobal.certificate.default.issuer -}}
+{{- if $certificate.issuer -}}
+{{- $issuer = $certificate.issuer -}}
+{{- end -}}
+---
+{{- if $certificate.keystore }}
+ {{- $passwordSecretRef := $certificate.keystore.passwordSecretRef -}}
+ {{- $password := include "common.createPassword" (dict "dot" $dot "uid" $certName) | quote }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ $passwordSecretRef.name }}
+ namespace: {{ $namespace }}
+type: Opaque
+stringData:
+ {{ $passwordSecretRef.key }}: {{ $password }}
+{{- end }}
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+ name: {{ $certName }}
+ namespace: {{ $namespace }}
+spec:
+ secretName: {{ $secretName }}
+ commonName: {{ $commonName }}
+ renewBefore: {{ $renewBefore }}
+ {{- if $duration }}
+ duration: {{ $duration }}
+ {{- end }}
+ subject:
+ organizations:
+ - {{ $subject.organization }}
+ countries:
+ - {{ $subject.country }}
+ localities:
+ - {{ $subject.locality }}
+ provinces:
+ - {{ $subject.province }}
+ organizationalUnits:
+ - {{ $subject.organizationalUnit }}
+ {{- if $dnsNames }}
+ dnsNames:
+ {{- range $dnsName := $dnsNames }}
+ - {{ $dnsName }}
+ {{- end }}
+ {{- end }}
+ {{- if $ipAddresses }}
+ ipAddresses:
+ {{- range $ipAddress := $ipAddresses }}
+ - {{ $ipAddress }}
+ {{- end }}
+ {{- end }}
+ {{- if $uris }}
+ uris:
+ {{- range $uri := $uris }}
+ - {{ $uri }}
+ {{- end }}
+ {{- end }}
+ {{- if $emailAddresses }}
+ emailAddresses:
+ {{- range $emailAddress := $emailAddresses }}
+ - {{ $emailAddress }}
+ {{- end }}
+ {{- end }}
+ issuerRef:
+ group: {{ $issuer.group }}
+ kind: {{ $issuer.kind }}
+ name: {{ $issuer.name }}
+ {{- if $certificate.keystore }}
+ keystores:
+ {{- range $outputType := $certificate.keystore.outputType }}
+ {{- if eq $outputType "p12" }}
+ {{- $outputType = "pkcs12" }}
+ {{- end }}
+ {{ $outputType }}:
+ create: true
+ passwordSecretRef:
+ name: {{ $certificate.keystore.passwordSecretRef.name }}
+ key: {{ $certificate.keystore.passwordSecretRef.key }}
+ {{- end }}
+ {{- end }}
+{{ end }}
+{{- end -}}
+
+{{- define "common.certManager.volumeMounts" -}}
+{{- $dot := default . .dot -}}
+{{- $initRoot := default $dot.Values.certManagerCertificate .initRoot -}}
+{{- $subchartGlobal := mergeOverwrite (deepCopy $initRoot.global) $dot.Values.global -}}
+ {{- range $i, $certificate := $dot.Values.certificates -}}
+ {{- $mountPath := $certificate.mountPath -}}
+- mountPath: {{ $mountPath }}
+ name: certmanager-certs-volume-{{ $i }}
+ {{- end -}}
+{{- end -}}
+
+{{- define "common.certManager.volumes" -}}
+{{- $dot := default . .dot -}}
+{{- $initRoot := default $dot.Values.certManagerCertificate .initRoot -}}
+{{- $subchartGlobal := mergeOverwrite (deepCopy $initRoot.global) $dot.Values.global -}}
+{{- $certificates := $dot.Values.certificates -}}
+ {{- range $i, $certificate := $certificates -}}
+ {{- $name := include "common.fullname" $dot -}}
+ {{- $certificatesSecretName := default (printf "%s-secret-%d" $name $i) $certificate.secretName -}}
+- name: certmanager-certs-volume-{{ $i }}
+ projected:
+ sources:
+ - secret:
+ name: {{ $certificatesSecretName }}
+ {{- if $certificate.keystore }}
+ items:
+ {{- range $outputType := $certificate.keystore.outputType }}
+ - key: keystore.{{ $outputType }}
+ path: keystore.{{ $outputType }}
+ - key: truststore.{{ $outputType }}
+ path: truststore.{{ $outputType }}
+ {{- end }}
+ - secret:
+ name: {{ $certificate.keystore.passwordSecretRef.name }}
+ items:
+ - key: {{ $certificate.keystore.passwordSecretRef.key }}
+ path: keystore.pass
+ - key: {{ $certificate.keystore.passwordSecretRef.key }}
+ path: truststore.pass
+ {{- end }}
+ {{- end -}}
+{{- end -}}
--- /dev/null
+# Copyright © 2021 Nokia
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+global:
+# default values for certificates
+ certificate:
+ default:
+ renewBefore: 720h #30 days
+ duration: 8760h #365 days
+ subject:
+ organization: "Linux-Foundation"
+ country: "US"
+ locality: "San-Francisco"
+ province: "California"
+ organizationalUnit: "ONAP"
+ issuer:
+ group: certmanager.onap.org
+ kind: CMPv2Issuer
+ name: cmpv2-issuer-onap
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
+# Copyright © 2021 Nokia
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
apiVersion: v1
-description: ONAP Clamp
-name: clamp
+description: Template used to add cmpv2 certificates to components
+name: cmpv2Certificate
version: 7.0.0
-# Copyright © 2020 Samsung Electronics
+# Copyright © 2021 Nokia
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
dependencies:
- name: common
version: ~7.x-0
- repository: '@local'
+ repository: 'file://../common'
- name: repositoryGenerator
version: ~7.x-0
- repository: '@local'
\ No newline at end of file
+ repository: 'file://../repositoryGenerator'
--- /dev/null
+{{/*
+# Copyright © 2021 Nokia
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{/*
+In order to use certServiceClient it is needed do define certificates array in target component values.yaml. Each
+certificate will be requested from separate init container
+
+Minimum example of array in target component values.yaml:
+certificates:
+ - mountPath: /var/custom-certs
+ commonName: common-name
+
+Full example (other fields are ignored):
+certificates:
+ - mountPath: /var/custom-certs
+ caName: RA
+ outputType: JKS
+ commonName: common-name
+ dnsNames:
+ - dns-name-1
+ - dns-name-2
+ ipAddresses:
+ - 192.168.0.1
+ - 192.168.0.2
+ emailAddresses:
+ - email-1@onap.org
+ - email-2@onap.org
+ uris:
+ - http://uri-1.onap.org
+ - http://uri-2.onap.org
+ subject:
+ organization: Linux-Foundation
+ country: US
+ locality: San Francisco
+ province: California
+ organizationalUnit: ONAP
+
+There also need to be some includes used in a target component deployment (indent values may need to be adjusted):
+ 1. In initContainers section:
+ {{ include "common.certServiceClient.initContainer" . | indent 6 }}
+ 2. In volumeMounts section of container using certificates:
+ {{ include "common.certServiceClient.volumeMounts" . | indent 10 }}
+ 3. In volumes section:
+ {{ include "common.certServiceClient.volumes" . | indent 8 }}
+
+*/}}
+
+{{- define "common.certServiceClient.initContainer" -}}
+{{- $dot := default . .dot -}}
+{{- $initRoot := default $dot.Values.cmpv2Certificate .initRoot -}}
+{{- $subchartGlobal := mergeOverwrite (deepCopy $initRoot.global) $dot.Values.global -}}
+{{- if and $subchartGlobal.cmpv2Enabled (not $subchartGlobal.CMPv2CertManagerIntegration) -}}
+{{- range $index, $certificate := $dot.Values.certificates -}}
+{{/*# General certifiacate attributes #*/}}
+{{- $commonName := $certificate.commonName -}}
+{{/*# SAN's #*/}}
+{{- $dnsNames := default (list) $certificate.dnsNames -}}
+{{- $ipAddresses := default (list) $certificate.ipAddresses -}}
+{{- $uris := default (list) $certificate.uris -}}
+{{- $emailAddresses := default (list) $certificate.emailAddresses -}}
+{{- $sansList := concat $dnsNames $ipAddresses $uris $emailAddresses -}}
+{{- $sans := join "," $sansList }}
+{{/*# Subject #*/}}
+{{- $organization := $subchartGlobal.certificate.default.subject.organization -}}
+{{- $country := $subchartGlobal.certificate.default.subject.country -}}
+{{- $locality := $subchartGlobal.certificate.default.subject.locality -}}
+{{- $province := $subchartGlobal.certificate.default.subject.province -}}
+{{- $orgUnit := $subchartGlobal.certificate.default.subject.organizationalUnit -}}
+{{- if $certificate.subject -}}
+{{- $organization := $certificate.subject.organization -}}
+{{- $country := $certificate.subject.country -}}
+{{- $locality := $certificate.subject.locality -}}
+{{- $province := $certificate.subject.province -}}
+{{- $orgUnit := $certificate.subject.organizationalUnit -}}
+{{- end -}}
+{{- $caName := default $subchartGlobal.platform.certServiceClient.envVariables.caName $certificate.caName -}}
+{{- $outputType := default $subchartGlobal.platform.certServiceClient.envVariables.outputType $certificate.outputType -}}
+{{- $requestUrl := $subchartGlobal.platform.certServiceClient.envVariables.requestURL -}}
+{{- $certPath := $subchartGlobal.platform.certServiceClient.envVariables.certPath -}}
+{{- $requestTimeout := $subchartGlobal.platform.certServiceClient.envVariables.requestTimeout -}}
+{{- $certificatesSecretMountPath := $subchartGlobal.platform.certServiceClient.secret.mountPath -}}
+{{- $keystorePath := $subchartGlobal.platform.certServiceClient.envVariables.keystorePath -}}
+{{- $keystorePassword := $subchartGlobal.platform.certServiceClient.envVariables.keystorePassword -}}
+{{- $truststorePath := $subchartGlobal.platform.certServiceClient.envVariables.truststorePath -}}
+{{- $truststorePassword := $subchartGlobal.platform.certServiceClient.envVariables.truststorePassword -}}
+- name: certs-init-{{ $index }}
+ image: {{ include "repositoryGenerator.image.certserviceclient" $dot }}
+ imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
+ env:
+ - name: REQUEST_URL
+ value: {{ $requestUrl | quote }}
+ - name: REQUEST_TIMEOUT
+ value: {{ $requestTimeout | quote }}
+ - name: OUTPUT_PATH
+ value: {{ $certPath | quote }}
+ - name: OUTPUT_TYPE
+ value: {{ $outputType | quote }}
+ - name: CA_NAME
+ value: {{ $caName | quote }}
+ - name: COMMON_NAME
+ value: {{ $commonName | quote }}
+ - name: SANS
+ value: {{ $sans | quote }}
+ - name: ORGANIZATION
+ value: {{ $organization | quote }}
+ - name: ORGANIZATION_UNIT
+ value: {{ $orgUnit | quote }}
+ - name: LOCATION
+ value: {{ $locality | quote }}
+ - name: STATE
+ value: {{ $province | quote }}
+ - name: COUNTRY
+ value: {{ $country | quote }}
+ - name: KEYSTORE_PATH
+ value: {{ $keystorePath | quote }}
+ - name: KEYSTORE_PASSWORD
+ value: {{ $keystorePassword | quote }}
+ - name: TRUSTSTORE_PATH
+ value: {{ $truststorePath | quote }}
+ - name: TRUSTSTORE_PASSWORD
+ value: {{ $truststorePassword | quote }}
+ terminationMessagePath: /dev/termination-log
+ terminationMessagePolicy: File
+ volumeMounts:
+ - mountPath: {{ $certPath }}
+ name: cmpv2-certs-volume-{{ $index }}
+ - mountPath: {{ $certificatesSecretMountPath }}
+ name: certservice-tls-volume
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "common.certServiceClient.volumes" -}}
+{{- $dot := default . .dot -}}
+{{- $initRoot := default $dot.Values.cmpv2Certificate .initRoot -}}
+{{- $subchartGlobal := mergeOverwrite (deepCopy $initRoot.global) $dot.Values.global -}}
+{{- if and $subchartGlobal.cmpv2Enabled (not $subchartGlobal.CMPv2CertManagerIntegration) -}}
+{{- $certificatesSecretName := $subchartGlobal.platform.certServiceClient.secret.name -}}
+- name: certservice-tls-volume
+ secret:
+ secretName: {{ $certificatesSecretName }}
+{{ range $index, $certificate := $dot.Values.certificates -}}
+- name: cmpv2-certs-volume-{{ $index }}
+ emptyDir:
+ medium: Memory
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "common.certServiceClient.volumeMounts" -}}
+{{- $dot := default . .dot -}}
+{{- $initRoot := default $dot.Values.cmpv2Certificate .initRoot -}}
+{{- $subchartGlobal := mergeOverwrite (deepCopy $initRoot.global) $dot.Values.global -}}
+{{- if and $subchartGlobal.cmpv2Enabled (not $subchartGlobal.CMPv2CertManagerIntegration) -}}
+{{- range $index, $certificate := $dot.Values.certificates -}}
+{{- $mountPath := $certificate.mountPath -}}
+- mountPath: {{ $mountPath }}
+ name: cmpv2-certs-volume-{{ $index }}
+{{ end -}}
+{{- end -}}
+{{- end -}}
--- /dev/null
+# Copyright © 2021 Nokia
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration default values that can be inherited by
+# all subcharts.
+#################################################################
+global:
+ # Enabling CMPv2
+ cmpv2Enabled: true
+ CMPv2CertManagerIntegration: false
+
+ certificate:
+ default:
+ subject:
+ organization: "Linux-Foundation"
+ country: "US"
+ locality: "San-Francisco"
+ province: "California"
+ organizationalUnit: "ONAP"
+
+ platform:
+ certServiceClient:
+ secret:
+ name: oom-cert-service-client-tls-secret
+ mountPath: /etc/onap/oom/certservice/certs/
+ envVariables:
+ certPath: "/var/custom-certs"
+ # Client configuration related
+ caName: "RA"
+ requestURL: "https://oom-cert-service:8443/v1/certificate/"
+ requestTimeout: "30000"
+ keystorePath: "/etc/onap/oom/certservice/certs/certServiceClient-keystore.jks"
+ outputType: "P12"
+ keystorePassword: "secret"
+ truststorePath: "/etc/onap/oom/certservice/certs/truststore.jks"
+ truststorePassword: "secret"
-# Copyright © 2020 Nokia
+# Copyright © 2020-2021 Nokia
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
global:
platform:
certServiceClient:
- image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.2
+ image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.3
secretName: oom-cert-service-client-tls-secret
envVariables:
# Certificate related
keystorePassword: "secret"
truststorePassword: "secret"
certPostProcessor:
- image: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.3.2
+ image: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.3.3
{{- $aafRoot := default $dot.Values.aafConfig .aafRoot -}}
{{- if $dot.Values.global.aafEnabled -}}
- name: {{ include "common.name" $dot }}-aaf-readiness
- image: "{{ include "common.repository" $dot }}/{{ $dot.Values.global.readinessImage }}"
+ image: {{ include "common.repository" $dot }}/{{ $dot.Values.global.readinessImage }}
imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
command:
- /app/ready.py
+++ /dev/null
-{{/*#
-# Copyright © 2020, Nokia
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.*/}}
-
-{{/*
-# This is a template for requesting a certificate from the cert-manager (https://cert-manager.io).
-#
-# To request a certificate following steps are to be done:
-# - create an object 'certificates' in the values.yaml
-# - create a file templates/certificates.yaml and invoke the function "commom.certificate".
-#
-# Here is an example of the certificate request for a component:
-#
-# Directory structure:
-# component
-# templates
-# certifictes.yaml
-# values.yaml
-#
-# To be added in the file certificates.yamll
-#
-# To be added in the file values.yaml
-# 1. Minimal version (certificates only in PEM format)
-# certificates:
-# - commonName: component.onap.org
-#
-# 2. Extended version (with defined own issuer and additional certificate format):
-# certificates:
-# - name: onap-component-certificate
-# secretName: onap-component-certificate
-# commonName: component.onap.org
-# dnsNames:
-# - component.onap.org
-# issuer:
-# group: certmanager.onap.org
-# kind: CMPv2Issuer
-# name: cmpv2-issuer-for-the-component
-# p12Keystore:
-# create: true
-# passwordSecretRef:
-# name: secret-name
-# key: secret-key
-# jksKeystore:
-# create: true
-# passwordSecretRef:
-# name: secret-name
-# key: secret-key
-#
-# Fields 'name', 'secretName' and 'commonName' are mandatory and required to be defined.
-# Other mandatory fields for the certificate definition do not have to be defined directly,
-# in that case they will be taken from default values.
-#
-# Default values are defined in file onap/values.yaml (see-> global.certificate.default)
-# and can be overriden during onap installation process.
-#
-*/}}
-
-{{- define "common.certificate" -}}
-{{- $dot := default . .dot -}}
-{{- $certificates := $dot.Values.certificates -}}
-
-{{ range $i, $certificate := $certificates }}
-{{/*# General certifiacate attributes #*/}}
-{{- $name := include "common.fullname" $dot -}}
-{{- $certName := default (printf "%s-cert-%d" $name $i) $certificate.name -}}
-{{- $secretName := default (printf "%s-secret-%d" $name $i) $certificate.secretName -}}
-{{- $commonName := default $dot.Values.global.certificate.default.commonName $certificate.commonName -}}
-{{- $renewBefore := default $dot.Values.global.certificate.default.renewBefore $certificate.renewBefore -}}
-{{- $duration := $certificate.duration -}}
-{{- $namespace := default $dot.Release.Namespace $dot.Values.global.certificate.default.namespace -}}
-{{- if $certificate.namespace -}}
-{{- $namespace = default $namespace $certificate.namespace -}}
-{{- end -}}
-{{/*# SAN's #*/}}
-{{- $dnsNames := default $dot.Values.global.certificate.default.dnsNames $certificate.dnsNames -}}
-{{- $ipAddresses := default $dot.Values.global.certificate.default.ipAddresses $certificate.ipAddresses -}}
-{{- $uris := default $dot.Values.global.certificate.default.uris $certificate.uris -}}
-{{- $emailAddresses := default $dot.Values.global.certificate.default.emailAddresses $certificate.emailAddresses -}}
-{{/*# Subject #*/}}
-{{- $subject := $dot.Values.global.certificate.default.subject -}}
-{{- if $certificate.subject -}}
-{{- $subject = mergeOverwrite $subject $certificate.subject -}}
-{{- end -}}
-{{/*# Issuer #*/}}
-{{- $issuer := $dot.Values.global.certificate.default.issuer -}}
-{{- if $certificate.issuer -}}
-{{- $issuer = mergeOverwrite $issuer $certificate.issuer -}}
-{{- end -}}
-{{/*# Keystores #*/}}
-{{- $createJksKeystore := $dot.Values.global.certificate.default.jksKeystore.create -}}
-{{- $jksKeystorePasswordSecretName := $dot.Values.global.certificate.default.jksKeystore.passwordSecretRef.name -}}
-{{- $jksKeystorePasswordSecreKey := $dot.Values.global.certificate.default.jksKeystore.passwordSecretRef.key -}}
-{{- $createP12Keystore := $dot.Values.global.certificate.default.p12Keystore.create -}}
-{{- $p12KeystorePasswordSecretName := $dot.Values.global.certificate.default.p12Keystore.passwordSecretRef.name -}}
-{{- $p12KeystorePasswordSecreKey := $dot.Values.global.certificate.default.p12Keystore.passwordSecretRef.key -}}
-{{- if $certificate.jksKeystore -}}
-{{- $createJksKeystore = default $createJksKeystore $certificate.jksKeystore.create -}}
-{{- if $certificate.jksKeystore.passwordSecretRef -}}
-{{- $jksKeystorePasswordSecretName = default $jksKeystorePasswordSecretName $certificate.jksKeystore.passwordSecretRef.name -}}
-{{- $jksKeystorePasswordSecreKey = default $jksKeystorePasswordSecreKey $certificate.jksKeystore.passwordSecretRef.key -}}
-{{- end -}}
-{{- end -}}
-{{- if $certificate.p12Keystore -}}
-{{- $createP12Keystore = default $createP12Keystore $certificate.p12Keystore.create -}}
-{{- if $certificate.p12Keystore.passwordSecretRef -}}
-{{- $p12KeystorePasswordSecretName = default $p12KeystorePasswordSecretName $certificate.p12Keystore.passwordSecretRef.name -}}
-{{- $p12KeystorePasswordSecreKey = default $p12KeystorePasswordSecreKey $certificate.p12Keystore.passwordSecretRef.key -}}
-{{- end -}}
-{{- end -}}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: {{ $certName }}
- namespace: {{ $namespace }}
-spec:
- secretName: {{ $secretName }}
- commonName: {{ $commonName }}
- renewBefore: {{ $renewBefore }}
- {{- if $duration }}
- duration: {{ $duration }}
- {{- end }}
- subject:
- organizations:
- - {{ $subject.organization }}
- countries:
- - {{ $subject.country }}
- localities:
- - {{ $subject.locality }}
- provinces:
- - {{ $subject.province }}
- organizationalUnits:
- - {{ $subject.organizationalUnit }}
- {{- if $dnsNames }}
- dnsNames:
- {{- range $dnsName := $dnsNames }}
- - {{ $dnsName }}
- {{- end }}
- {{- end }}
- {{- if $ipAddresses }}
- ipAddresses:
- {{- range $ipAddress := $ipAddresses }}
- - {{ $ipAddress }}
- {{- end }}
- {{- end }}
- {{- if $uris }}
- uris:
- {{- range $uri := $uris }}
- - {{ $uri }}
- {{- end }}
- {{- end }}
- {{- if $emailAddresses }}
- emailAddresses:
- {{- range $emailAddress := $emailAddresses }}
- - {{ $emailAddress }}
- {{- end }}
- {{- end }}
- issuerRef:
- group: {{ $issuer.group }}
- kind: {{ $issuer.kind }}
- name: {{ $issuer.name }}
- {{- if or $createJksKeystore $createP12Keystore }}
- keystores:
- {{- if $createJksKeystore }}
- jks:
- create: {{ $createJksKeystore }}
- passwordSecretRef:
- name: {{ $jksKeystorePasswordSecretName }}
- key: {{ $jksKeystorePasswordSecreKey }}
- {{- end }}
- {{- if $createP12Keystore }}
- pkcs12:
- create: {{ $createP12Keystore }}
- passwordSecretRef:
- name: {{ $p12KeystorePasswordSecretName }}
- key: {{ $p12KeystorePasswordSecreKey }}
- {{- end }}
- {{- end }}
-{{ end }}
-
-{{- end -}}
-{{- define "ingress.config.port" -}}
+{{- define "ingress.config.host" -}}
{{- $dot := default . .dot -}}
+{{- $baseaddr := (required "'baseaddr' param, set to the specific part of the fqdn, is required." .baseaddr) -}}
{{- $burl := (required "'baseurl' param, set to the generic part of the fqdn, is required." $dot.Values.global.ingress.virtualhost.baseurl) -}}
+{{ printf "%s.%s" $baseaddr $burl }}
+{{- end -}}
+
+{{- define "ingress.config.port" -}}
+{{- $dot := default . .dot -}}
{{ range .Values.ingress.service }}
{{- $baseaddr := (required "'baseaddr' param, set to the specific part of the fqdn, is required." .baseaddr) }}
- - host: {{ printf "%s.%s" $baseaddr $burl }}
+ - host: {{ include "ingress.config.host" (dict "dot" $dot "baseaddr" $baseaddr) }}
http:
paths:
- backend:
{{- end -}}
{{- if .Values.ingress.config -}}
{{- if .Values.ingress.config.tls -}}
-{{- $dot := default . .dot -}}
+{{- $dot := default . .dot }}
tls:
- - hosts:
- {{- range .Values.ingress.service }}{{ $baseaddr := required "baseaddr" .baseaddr }}
- - {{ include "ingress.config.host" (dict "dot" $dot "baseaddr" $baseaddr) }}
- {{- end }}
+ - hosts:
+ {{- range .Values.ingress.service }}{{ $baseaddr := required "baseaddr" .baseaddr }}
+ - {{ include "ingress.config.host" (dict "dot" $dot "baseaddr" $baseaddr) }}
+ {{- end }}
secretName: {{ required "secret" (tpl (default "" .Values.ingress.config.tls.secret) $dot) }}
{{- end -}}
{{- end -}}
{{- define "common.log.sidecar" -}}
{{- if .Values.global.centralizedLoggingEnabled }}
- name: {{ include "common.name" . }}-filebeat
- image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ image: {{ include "repositoryGenerator.image.logging" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
volumeMounts:
- name: filebeat-conf
name: {{ $port.name }}
{{- end }}
{{- if (eq $serviceType "NodePort") }}
- nodePort: {{ include "common.nodePortPrefix" (dict "dot" $dot "portNodePortExt" $port.useNodePortExt) }}{{ $port.nodePort }}
+ nodePort: {{ include "common.nodePortPrefix" (dict "dot" $dot "useNodePortExt" $port.useNodePortExt) }}{{ $port.nodePort }}
{{- end }}
{{- else }}
- port: {{ default $port.port $port.plain_port }}
# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2020 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# we should wait for other pods to be up before trying to join
# otherwise we got "no such host" errors when trying to resolve other members
for i in $(seq 0 $((${INITIAL_CLUSTER_SIZE} - 1))); do
+ if [ "${SET_NAME}-${i}" == "${HOSTNAME}" ]; then
+ echo "Skipping self-checking"
+ continue
+ fi
while true; do
echo "Waiting for ${SET_NAME}-${i}.${SERVICE_NAME} to come up"
ping -W 1 -c 1 ${SET_NAME}-${i}.${SERVICE_NAME} > /dev/null && break
value: {{ .Values.galera.name | quote }}
- name: MARIADB_GALERA_CLUSTER_ADDRESS
value: "gcomm://{{ template "common.name" . }}-headless.{{ include "common.namespace" . }}.svc.{{ .Values.global.clusterDomain }}"
+ # Bitnami init script don't behave well in dual stack env.
+ # set it here as long as https://github.com/bitnami/charts/issues/4077 is not solved.
+ - name: MARIADB_GALERA_NODE_ADDRESS
+ valueFrom:
+ fieldRef:
+ fieldPath: status.podIP
- name: MARIADB_ROOT_USER
value: {{ .Values.rootUser.user | quote }}
- name: MARIADB_ROOT_PASSWORD
- name: repositoryGenerator
version: ~7.x-0
repository: 'file://../repositoryGenerator'
+ - name: certInitializer
+ version: ~7.x-0
+ repository: 'file://../certInitializer'
\ No newline at end of file
#logging.file=/opt/app/music/logs/MUSIC/music-app.log
#logging.config=file:/opt/app/music/etc/logback.xml
security.require-ssl=true
-server.ssl.key-store=/opt/app/aafcertman/org.onap.music.jks
+server.ssl.key-store=/opt/app/aafcertman/local/org.onap.music.jks
server.ssl.key-store-password=${KEYSTORE_PASSWORD}
server.ssl.key-store-provider=SUN
server.ssl.key-store-type=JKS
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
+ {{ include "common.certInitializer.initContainer" . | indent 8 | trim }}
- command:
- sh
args:
- -c
- - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done"
+ - "export KEYSTORE_PASSWORD=$(cat /opt/app/aafcertman/local/.pass); cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done"
env:
- - name: KEYSTORE_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "music-keystore-pw" "key" "password") | indent 12}}
- name: CASSA_USER
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cassa-secret" "key" "login") | indent 12 }}
- name: CASSA_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cassa-secret" "key" "password") | indent 12 }}
- volumeMounts:
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- mountPath: /config-input
name: properties-music-scrubbed
- mountPath: /config
value: "{{ .Values.javaOpts }}"
- name: DEBUG
value: "{{ .Values.debug }}"
- volumeMounts:
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- name: localtime
mountPath: /etc/localtime
readOnly: true
- name: properties-music-scrubbed
mountPath: /opt/app/music/etc/logback.xml
subPath: logback.xml
- - name: certs-aaf
- mountPath: /opt/app/aafcertman/
- volumes:
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: shared-data
emptyDir: {}
- name: certificate-vol
- name: properties-music
emptyDir:
medium: Memory
- - name: certs-aaf
- secret:
- secretName: {{ include "common.secret.getSecretNameFast" (dict "global" . "uid" "music-certs") }}
# Secrets metaconfig
#################################################################
secrets:
- - uid: music-certs
- name: keystore.jks
- type: generic
- filePaths:
- - resources/keys/org.onap.music.jks
- - uid: music-keystore-pw
- name: keystore-pw
- type: password
- password: '{{ .Values.keystorePassword }}'
- passwordPolicy: required
- uid: cassa-secret
type: basicAuth
login: '{{ .Values.properties.cassandraUser }}'
ingress:
enabled: false
-keystorePassword: "ysF9CVS+xvuXr0vf&fRa5lew"
-
properties:
lockUsing: "cassandra"
# Comma dilimited list of hosts
metricsLogLevel: info
auditLogLevel: info
# Values must be uppercase: INFO, WARN, CRITICAL,DEBUG etc..
- rootLogLevel: INFO
\ No newline at end of file
+ rootLogLevel: INFO
+
+#sub-charts configuration
+certInitializer:
+ nameOverride: music-cert-initializer
+ fqdn: "music.onap"
+ app_ns: "org.osaaf.aaf"
+ fqi: "music@music.onap.org"
+ fqi_namespace: org.onap.music
+ public_fqdn: "music.onap.org"
+ aafDeployFqi: "deployer@people.osaaf.org"
+ aafDeployPass: demo123456!
+ cadi_latitude: "0.0"
+ cadi_longitude: "0.0"
+ credsPath: /opt/app/osaaf/local
+ appMountPath: /opt/app/aafcertman
+ aaf_add_config: >
+ cd {{ .Values.credsPath }};
+ /opt/app/aaf_config/bin/agent.sh local showpass {{.Values.fqi}} {{ .Values.fqdn }} | grep cadi_keystore_password_jks= | cut -d= -f 2 > {{ .Values.credsPath }}/.pass 2>&1;
{{- include "repositoryGenerator.image._helper" (merge (dict "image" "curlImage") .) }}
{{- end -}}
+{{- define "repositoryGenerator.image.certserviceclient" -}}
+ {{- include "repositoryGenerator.image._helper" (merge (dict "image" "certServiceClientImage") .) }}
+{{- end -}}
+
{{- define "repositoryGenerator.image.envsubst" -}}
{{- include "repositoryGenerator.image._helper" (merge (dict "image" "envsubstImage") .) }}
{{- end -}}
# Copyright © 2020 Orange
+# Copyright © 2021 Nokia
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# common global images
busyboxImage: busybox:1.32
curlImage: curlimages/curl:7.69.1
+ certServiceClientImage: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.3
envsubstImage: dibi/envsubst:1
# there's only latest image for htpasswd
htpasswdImage: xmartlabs/htpasswd:latest
imageRepoMapping:
busyboxImage: dockerHubRepository
curlImage: dockerHubRepository
+ certServiceClientImage: repository
envsubstImage: dockerHubRepository
htpasswdImage: dockerHubRepository
jreImage: repository
# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
# Modifications Copyright © 2018 Amdocs, Bell Canada
# Modifications (c) 2020 Nokia. All rights reserved.
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
- name: mongo
version: ~7.x-0
repository: '@local'
- - name: cmpv2Config
- version: ~7.x-0
- repository: '@local'
- name: repositoryGenerator
version: ~7.x-0
repository: '@local'
+++ /dev/null
-{{/*
-#============LICENSE_START========================================================
-#=================================================================================
-# Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved.
-# Modifications Copyright © 2018 Amdocs, Bell Canada
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-*/}}
-
-{{ if .Values.componentImages.datafile_collector }}
-tag_version: {{ include "repositoryGenerator.repository" . }}/{{ .Values.componentImages.datafile_collector }}
-{{ end }}
-replicas: 1
-log_directory: "/var/log/ONAP"
-topic_name: "unauthenticated.VES_NOTIFICATION_OUTPUT"
-envs: {}
-use_tls: true
-PM_MEAS_FILES_feed0_location: "loc00"
-feed0_name: "bulk_pm_feed"
-consumer_id: "C12"
-consumer_group: "OpenDcae-c12"
-cert_directory: "/opt/app/datafile/etc/cert/"
-external_port: ":0"
-datafile-collector_memory_limit: "512Mi"
-datafile-collector_memory_request: "512Mi"
-datafile-collector_cpu_limit: "250m"
-datafile-collector_cpu_request: "250m"
-external_cert_use_external_tls: false
-external_cert_ca_name: "RA"
-external_cert_common_name: "dcae-datafile-collector"
-external_cert_sans: "dcae-datafile-collector,datafile-collector,datafile"
-external_cert_cert_type: "P12"
+++ /dev/null
-{{/*
-#============LICENSE_START========================================================
-#=================================================================================
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
-# Modifications Copyright © 2018 Amdocs, Bell Canada
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-*/}}
-
-{{ if .Values.componentImages.snmptrap }}
-tag_version: {{ include "repositoryGenerator.repository" . }}/{{ .Values.componentImages.snmptrap }}
-{{ end }}
-external_port: {{ .Values.config.address.snmptrap.port }}
# ================================================================================
# Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved.
# Modifications Copyright © 2018 Amdocs, Bell Canada
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
# ============LICENSE_END=========================================================
*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-dcae-config
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
----
apiVersion: v1
kind: ConfigMap
metadata:
# ================================================================================
# Copyright (c) 2017-2020 AT&T Intellectual Property. All rights reserved.
# Modifications Copyright © 2018 Amdocs, Bell Canada
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
volumeMounts:
- mountPath: /inputs
name: {{ include "common.fullname" . }}-dcae-inputs
- - mountPath: /dcae-configs
- name: {{ include "common.fullname" . }}-dcae-config
- mountPath: /etc/localtime
name: localtime
readOnly: true
- name: {{ include "common.fullname" . }}-dcae-inputs
emptyDir:
medium: Memory
- - name: {{ include "common.fullname" . }}-dcae-config
- configMap:
- name: {{ include "common.fullname" . }}-dcae-config
- name: localtime
hostPath:
path: /etc/localtime
#=================================================================================
# Copyright (c) 2018-2020 AT&T Intellectual Property. All rights reserved.
# Modifications Copyright © 2018 Amdocs, Bell Canada
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
nodePortPrefix: 302
nodePortPrefixExt: 304
tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
- consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0
+ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0
secrets:
- uid: pg-root-pass
disableNfsProvisioner: true
# application image
-image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:2.2.3
+image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:3.0.0
default_k8s_location: central
# DCAE component images to be deployed via Cloudify Manager
tcagen2: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.2.1
ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.7.9
snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0
- prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.5.4
+ prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.5.5
hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.6.0
datafile_collector: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.5.0
# Copyright © 2017 Amdocs, Bell Canada
# Modifications Copyright © 2018 AT&T
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
version: ~7.x-0
repository: '@local'
- name: repositoryGenerator
+ version: ~7.x-0
+ repository: '@local'
+ - name: cmpv2Config
version: ~7.x-0
repository: '@local'
\ No newline at end of file
# limitations under the License.
# ============LICENSE_END=========================================================
*/}}
-
{
"namespace": "{{ if .Values.dcae_ns }}{{ .Values.dcae_ns}}{{ else }}{{include "common.namespace" . }}{{ end}}",
"consul_dns_name": "{{ .Values.config.address.consul.host }}.{{ include "common.namespace" . }}",
# ================================================================================
# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
# Modifications Copyright © 2018 Amdocs, Bell Canada
+# Copyright (c) 2021 J. F. Lucas. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
# ============LICENSE_END=========================================================
*/}}
-
apiVersion: v1
kind: ConfigMap
metadata:
---
apiVersion: v1
kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-plugins
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/plugins/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
metadata:
name: {{ include "common.release" . }}-dcae-filebeat-configmap
namespace: {{include "common.namespace" . }}
# ================================================================================
# Copyright (c) 2018-2020 AT&T Intellectual Property. All rights reserved.
# Modifications Copyright © 2018 Amdocs, Bell Canada
-# Copyright (c) 2020 J. F. Lucas. All rights reserved.
+# Copyright (c) 2020-2021 J. F. Lucas. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
- ip: "127.0.0.1"
hostnames:
- "dcae-cloudify-manager"
+ # Cloudify requires a fixed hostname across restarts
+ hostname: dcae-cloudify-manager
initContainers:
- name: {{ include "common.name" . }}-readiness
image: {{ include "repositoryGenerator.image.readiness" . }}
args:
- --container-name
- aaf-cm
+ - --container-name
+ - consul-server
- "-t"
- "15"
env:
- {{ include "common.namespace" . }}
- --configmap
- {{ .Values.multisiteConfigMapName }}
+ - name: init-consul
+ image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.consulLoaderImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ args:
+ - --key
+ - k8s-plugin|/plugin-configs/k8s-plugin.json
+ - --key
+ - dmaap-plugin|/plugin-configs/dmaap-plugin.json
+ resources: {}
+ volumeMounts:
+ - mountPath: /plugin-configs
+ name: plugin-configs
- name: init-tls
env:
- name: POD_IP
- name: {{ include "common.fullname" .}}-kubeconfig
configMap:
name: {{ .Values.multisiteConfigMapName }}
+ - name: plugin-configs
+ configMap:
+ name: {{ include "common.fullname" . }}-plugins
- name: dcae-token
secret:
secretName: dcae-token
# ================================================================================
# Copyright (c) 2018-2020 AT&T Intellectual Property. All rights reserved.
# Modifications Copyright © 2018 Amdocs, Bell Canada
-# Copyright (c) 2020 J. F. Lucas. All rights reserved.
+# Copyright (c) 2020-2021 J. F. Lucas. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
nodePortPrefix: 302
persistence: {}
tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
+ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0
repositoryCred:
user: docker
password: docker
# Application configuration defaults.
#################################################################
# application image
-image: onap/org.onap.dcaegen2.deployments.cm-container:3.4.2
+image: onap/org.onap.dcaegen2.deployments.cm-container:4.2.0
pullPolicy: Always
# name of shared ConfigMap with kubeconfig for multiple clusters
# image for cleanup job container
cleanupImage: onap/org.onap.dcaegen2.deployments.dcae-k8s-cleanup-container:1.0.0
+# default location for k8s deployments via Cloudify
+default_k8s_location: central
+
# probe configuration parameters
liveness:
initialDelaySeconds: 10
global:
nodePortPrefix: 302
tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
- consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0
+ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0
secrets:
- uid: 'cm-pass'
global:
nodePortPrefix: 302
tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
- consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0
-
+ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0
secrets:
- uid: 'cm-pass'
type: password
global:
nodePortPrefix: 302
tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
- consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0
+ consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0
#################################################################
# Secrets metaconfig
mountInitPath: dcaemod
# application image
-image: onap/org.onap.dcaegen2.platform.mod.onboardingapi:2.12.3
+image: onap/org.onap.dcaegen2.platform.mod.onboardingapi:2.12.4
# Resource Limit flavor -By Default using small
flavor: small
# Should have a proper readiness endpoint or script
# application image
-image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.2.0
+image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.2.2
# Resource Limit flavor -By Default using small
flavor: small
{{- end -}}
{{- if .Values.affinity }}
affinity: {{ toYaml .Values.affinity | nindent 10 }}
- {{- end -}}
+ {{- end }}
# Filebeat sidecar container
- name: {{ include "common.name" . }}-filebeat-onap
image: {{ include "repositoryGenerator.image.logging" . }}
{{- if .Values.affinity }}
affinity:
{{ toYaml .Values.affinity | indent 10 }}
- {{- end -}}
+ {{- end }}
# Filebeat sidecar container
- name: {{ include "common.name" . }}-filebeat-onap
image: {{ include "repositoryGenerator.image.logging" . }}
type: {{ $root.Values.service.type }}
externalTrafficPolicy: Local
selector:
- statefulset.kubernetes.io/pod-name: {{ include "common.release" $root }}-{{ $root.Values.service.name }}-{{ $i }}
+ statefulset.kubernetes.io/pod-name: {{ include "common.release" $root }}-{{ $root.Values.service.name }}-{{ $i }}
ports:
- port: {{ $root.Values.service.externalPort }}
targetPort: {{ $root.Values.service.externalPort }}
service:
type: NodePort
name: message-router-kafka
- portName: message-router-kafka
+ portName: tcp-message-router-kafka
internalPort: 9092
internalSSLPort: 9093
externalPort: 9091
value: "{{ .Values.zkConfig.clientPort }}"
- name: KAFKA_OPTS
value: "{{ .Values.zkConfig.kafkaOpts }}"
+ - name: ZOOKEEPER_QUORUM_LISTEN_ON_ALL_IPS
+ value: "true"
- name: ZOOKEEPER_SERVER_ID
valueFrom:
fieldRef:
type: ClusterIP
name: message-router-zookeeper
portName: message-router-zookeeper
- clientPortName: client
+ clientPortName: tcp-client
clientPort: 2181
- serverPortName: server
+ serverPortName: tcp-server
serverPort: 2888
- leaderElectionPortName: leader-election
+ leaderElectionPortName: tcp-leader
leaderElectionPort: 3888
ingress:
version: ~7.x-0
repository: '@local'
condition: cds.enabled
- - name: clamp
- version: ~7.x-0
- repository: '@local'
- condition: clamp.enabled
- name: cli
version: ~7.x-0
repository: '@local'
# Copyright © 2019 Amdocs, Bell Canada
# Copyright (c) 2020 Nordix Foundation, Modifications
-# Modifications Copyright © 2020 Nokia
+# Modifications Copyright © 2020-2021 Nokia
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# default values for certificates
certificate:
default:
- renewBefore: 8h
+ renewBefore: 720h #30 days
+ duration: 8760h #365 days
subject:
organization: "Linux-Foundation"
country: "US"
group: certmanager.onap.org
kind: CMPv2Issuer
name: cmpv2-issuer-onap
- p12Keystore:
- create: false
- passwordSecretRef:
- name: ""
- key: ""
- jksKeystore:
- create: false
- passwordSecretRef:
- name: ""
- key: ""
# Enabling CMPv2
cmpv2Enabled: true
CMPv2CertManagerIntegration: false
platform:
certServiceClient:
- image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.2
+ image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.3
secret:
name: oom-cert-service-client-tls-secret
mountPath: /etc/onap/oom/certservice/certs/
envVariables:
+ certPath: "/var/custom-certs"
# Certificate related
cmpv2Organization: "Linux-Foundation"
cmpv2OrganizationalUnit: "ONAP"
{{/*
###
-# Copyright (c) 2019 AT&T Intellectual Property.
-# Modifications Copyright (c) 2018 IBM.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-#
-# Unless otherwise specified, all documentation contained herein is licensed
-# under the Creative Commons License, Attribution 4.0 Intl. (the ââ?¬Å"Licenseââ?¬);
-# you may not use this documentation except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# https://creativecommons.org/licenses/by/4.0/
-#
-# Unless required by applicable law or agreed to in writing, documentation
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
+# Copyright (c) 2019 AT&T Intellectual Property.
+# Modifications Copyright (c) 2018 IBM.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
# limitations under the License.
-###
+#
+# Unless otherwise specified, all documentation contained herein is licensed
+# under the Creative Commons License, Attribution 4.0 Intl. (the “License”);
+# you may not use this documentation except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# https://creativecommons.org/licenses/by/4.0/
+#
+# Unless required by applicable law or agreed to in writing, documentation
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+#
*/}}
spring.datasource.jdbcUrl=jdbc:mariadb://${DB_HOST}:${DB_PORT}/${DB_SCHEMA}?createDatabaseIfNotExist=true
spring.datasource.driver-class-name=org.mariadb.jdbc.Driver
{{/*
###
-# Copyright © 2017-2018 AT&T Intellectual Property.
-# Modifications Copyright © 2018 IBM.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-#
-# Unless otherwise specified, all documentation contained herein is licensed
-# under the Creative Commons License, Attribution 4.0 Intl. (the ââ?¬Å"Licenseââ?¬);
-# you may not use this documentation except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# https://creativecommons.org/licenses/by/4.0/
-#
-# Unless required by applicable law or agreed to in writing, documentation
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
+# Copyright © 2017-2018 AT&T Intellectual Property.
+# Modifications Copyright © 2018 IBM.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
# limitations under the License.
+#
+# Unless otherwise specified, all documentation contained herein is licensed
+# under the Creative Commons License, Attribution 4.0 Intl. (the “License”);
+# you may not use this documentation except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# https://creativecommons.org/licenses/by/4.0/
+#
+# Unless required by applicable law or agreed to in writing, documentation
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+#
###
*/}}
spring.datasource.jdbcUrl=jdbc:mariadb://${DB_HOST}:${DB_PORT}/${DB_SCHEMA}?createDatabaseIfNotExist=true
{{/*
#-------------------------------------------------------------------------------
# Copyright (c) 2017-2018 AT&T Intellectual Property.
-# Modifications Copyright ? 2018 IBM.
-#
+# Modifications Copyright (c) 2018 IBM.
+#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
-#
+#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#
-#
+#
# Unless otherwise specified, all documentation contained herein is licensed
-# under the Creative Commons License, Attribution 4.0 Intl. (the ???License???);
+# under the Creative Commons License, Attribution 4.0 Intl. (the “License”);
# you may not use this documentation except in compliance with the License.
# You may obtain a copy of the License at
-#
-# https://creativecommons.org/licenses/by/4.0/
-#
+#
+# https://creativecommons.org/licenses/by/4.0/
+#
# Unless required by applicable law or agreed to in writing, documentation
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#-------------------------------------------------------------------------------
+#
+#
*/}}
cmso.optimizer.request.url=https://oof-cmso-optimizer:7997/optimizer/v1/optimize/schedule
{{/*
#-------------------------------------------------------------------------------
-# Copyright © 2017-2018 AT&T Intellectual Property.
-# Modifications Copyright © 2018 IBM.
-#
+# Copyright © 2017-2018 AT&T Intellectual Property.
+# Modifications Copyright © 2018 IBM.
+#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
-#
+#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#
-#
+#
# Unless otherwise specified, all documentation contained herein is licensed
-# under the Creative Commons License, Attribution 4.0 Intl. (the â??Licenseâ?\9d);
+# under the Creative Commons License, Attribution 4.0 Intl. (the â\80\9cLicenseâ\80\9d);
# you may not use this documentation except in compliance with the License.
# You may obtain a copy of the License at
-#
-# https://creativecommons.org/licenses/by/4.0/
-#
+#
+# https://creativecommons.org/licenses/by/4.0/
+#
# Unless required by applicable law or agreed to in writing, documentation
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#-------------------------------------------------------------------------------
+#
+#
*/}}
tm.vnfs.per.ticket=1
-# Copyright © 2020, Nokia
+# Copyright © 2020-2021, Nokia
# Modifications Copyright © 2020, Nordix Foundation, Orange
# Modifications Copyright © 2020 Nokia
#
# Deployment configuration
repository: "nexus3.onap.org:10001"
-image: onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.3.2
+image: onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.3.3
pullPolicy: Always
replicaCount: 1
# limitations under the License.
apiVersion: v1
-description: ONAP Clamp
-name: clamp-backend
+description: ONAP Policy Clamp Backend
+name: policy-clamp-be
version: 7.0.0
#clds datasource connection details
spring.datasource.username=${MYSQL_USER}
spring.datasource.password=${MYSQL_PASSWORD}
-spring.datasource.url=jdbc:mariadb:sequential://clampdb.{{ include "common.namespace" . }}:3306/${MYSQL_DATABASE}?autoReconnect=true&connectTimeout=10000&socketTimeout=10000&retriesAllDown=3
+spring.datasource.url=jdbc:mariadb:sequential://{{ .Values.db.service.name }}:{{ .Values.db.service.internalPort }}/policyclamp?autoReconnect=true&connectTimeout=10000&socketTimeout=10000&retriesAllDown=3
spring.profiles.active=clamp-default,clamp-aaf-authentication,clamp-sdc-controller,clamp-ssl-config,clamp-policy-controller,default-dictionary-elements
#The log folder that will be used in logback.xml file
-clamp.config.files.sdcController=file:/opt/clamp/sdc-controllers-config.json
+clamp.config.files.sdcController=file:/opt/policy/clamp/sdc-controllers-config.json
#
# Configuration Settings for Policy Engine Components
+#!/bin/sh
{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+# Modifications Copyright © 2018, 2020-2021 AT&T Intellectual Property
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
*/}}
-{{ include "common.secretFast" . }}
+mysql -h"${MYSQL_HOST}" -P"${MYSQL_PORT}" -u"${MYSQL_USER}" -p"${MYSQL_PASSWORD}" policyclamp < /dbcmd-config/policy-clamp-create-tables.sql
heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+
+{{ include "common.log.configMap" . }}
- command:
- /app/ready.py
args:
- - --container-name
- - clamp-mariadb
+ - --job-name
+ - {{ include "common.release" . }}-policy-clamp-galera-config
env:
- name: NAMESPACE
valueFrom:
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command:
- sh
- workingDir: "/opt/clamp/"
+ workingDir: "/opt/policy/clamp/"
args:
- -c
- |
{{- if .Values.global.aafEnabled }}
export $(grep '^cadi_' {{ .Values.certInitializer.credsPath }}/org.onap.clamp.cred.props | xargs -0)
{{- end }}
- java -Djava.security.egd=file:/dev/./urandom ${JAVA_RAM_CONFIGURATION} -jar ./app.jar
+ java -Djava.security.egd=file:/dev/./urandom ${JAVA_RAM_CONFIGURATION} -jar ./policy-clamp-backend.jar
ports:
- containerPort: {{ .Values.service.internalPort }}
# disable liveness probe when breakpoints set in debugger
volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- name: logs
mountPath: {{ .Values.log.path }}
- - mountPath: /opt/clamp/sdc-controllers-config.json
+ - mountPath: /opt/policy/clamp/sdc-controllers-config.json
name: {{ include "common.fullname" . }}-config
subPath: sdc-controllers-config.json
- - mountPath: /opt/clamp/application.properties
+ - mountPath: /opt/policy/clamp/application.properties
name: {{ include "common.fullname" . }}-config
subPath: application.properties
env:
- name: MYSQL_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }}
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-creds" "key" "login") | indent 12 }}
- name: MYSQL_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }}
- - name: MYSQL_DATABASE
- value: {{ tpl .Values.db.databaseName .}}
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-creds" "key" "password") | indent 12 }}
{{- if ne "unlimited" (include "common.flavor" .) }}
- name: JAVA_RAM_CONFIGURATION
value: -XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=75
volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: {{ include "common.fullname" . }}-config
configMap:
- name: {{ include "common.fullname" . }}
+ name: {{ include "common.fullname" . }}-configmap
items:
- key: sdc-controllers-config.json
path: sdc-controllers-config.json
--- /dev/null
+{{/*
+# Copyright © 2018 Amdocs, Bell Canada
+# Modifications Copyright © 2020-2021 AT&T Intellectual Property
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.release" . }}-policy-clamp-galera-config
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}-policy-clamp-job
+ release: {{ include "common.release" . }}
+spec:
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}-policy-clamp-job
+ release: {{ include "common.release" . }}
+ spec:
+ initContainers:
+#This container checks that all galera instances are up before initializing it.
+ - name: {{ include "common.name" . }}-readiness
+ image: {{ include "repositoryGenerator.image.readiness" . }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /app/ready.py
+ - --job-name
+ - {{ include "common.release" . }}-policy-galera-config
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ containers:
+ - name: {{ include "common.release" . }}-policy-clamp-galera-config
+ image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.db.image }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: /dbcmd-config/create-db-tables.sh
+ name: {{ include "common.fullname" . }}-config
+ subPath: create-db-tables.sh
+ - mountPath: /dbcmd-config/policy-clamp-create-tables.sql
+ name: {{ include "common.fullname" . }}-config
+ subPath: policy-clamp-create-tables.sql
+ command:
+ - /bin/sh
+ args:
+ - -x
+ - /dbcmd-config/create-db-tables.sh
+ env:
+ - name: MYSQL_HOST
+ value: "{{ .Values.db.service.name }}"
+ - name: MYSQL_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-creds" "key" "login") | indent 10 }}
+ - name: MYSQL_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-creds" "key" "password") | indent 10 }}
+ - name: MYSQL_PORT
+ value: "{{ .Values.db.service.internalPort }}"
+ resources:
+{{ include "common.resources" . }}
+ restartPolicy: Never
+ volumes:
+ - name: {{ include "common.fullname" . }}-config
+ configMap:
+ name: {{ include "common.fullname" . }}-configmap
+ items:
+ - key: create-db-tables.sh
+ path: create-db-tables.sh
+ - key: policy-clamp-create-tables.sql
+ path: policy-clamp-create-tables.sql
chmod a+rx *;
secrets:
- - uid: db-secret
+ - uid: db-creds
type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.db.userCredsExternalSecret) . }}'
+ externalSecret: '{{ tpl (default "" .Values.db.credsExternalSecret) . }}'
login: '{{ .Values.db.user }}'
password: '{{ .Values.db.password }}'
passwordPolicy: required
flavor: small
# application image
-image: onap/clamp-backend:5.1.5
+image: onap/policy-clamp-backend:6.0.0
pullPolicy: Always
# flag to enable debugging - application support required
#####dummy values for db user and password to pass lint!!!#######
db:
- user: dummyclds
- password: dummysidnnd83K
- databaseName: dummycldsdb4
+ user: policy_user
+ password: policy_user
+ image: mariadb:10.5.8
+ service:
+ name: policy-mariadb
+ internalPort: 3306
config:
log:
service:
type: ClusterIP
- name: clamp-backend
- portName: clamp-backend
+ name: policy-clamp-be
+ portName: policy-clamp-be
internalPort: 8443
- externalPort: 443
+ externalPort: 8443
ingress:
enabled: false
# limitations under the License.
apiVersion: v1
-description: MariaDB Service
-name: clamp-mariadb
+description: ONAP Policy Clamp Frontend
+name: policy-clamp-fe
version: 7.0.0
# limitations under the License.
dependencies:
- - name: common
- version: ~7.x-0
- repository: '@local'
- name: certInitializer
version: ~7.x-0
repository: '@local'
ssl_verify_client optional_no_ca;
location /restservices/clds/ {
- proxy_pass https://clamp-backend:443;
+ proxy_pass https://policy-clamp-be:8443;
proxy_set_header X-SSL-Cert $ssl_client_escaped_cert;
}
- /app/ready.py
args:
- --container-name
- - clamp-backend
+ - policy-clamp-be
env:
- name: NAMESPACE
valueFrom:
apiVersion: v1
kind: Service
metadata:
- name: {{ include "common.servicename" . }}
+ name: {{ .Values.service.name }}
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
- {{- end}}
name: {{ .Values.service.portName }}
+ {{- end}}
selector:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
+---
openssl pkcs12 -in {{ .Values.keystoreFile }} -cacerts -nokeys -chain -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_ca_certs_pem }};
chmod a+rx *;
-secrets:
- - uid: db-root-pass
- name: &dbRootPass '{{ include "common.release" . }}-clamp-db-root-pass'
- type: password
- password: '{{ .Values.db.rootPass }}'
- - uid: db-secret
- name: &dbUserPass '{{ include "common.release" . }}-clamp-db-user-pass'
- type: basicAuth
- login: '{{ .Values.db.user }}'
- password: '{{ .Values.db.password }}'
-
-db:
- user: clds
-# password: sidnnd83K
- databaseName: &dbName cldsdb4
-# rootPass: emrys user: testos
-
-clamp-backend:
- db:
- userCredsExternalSecret: *dbUserPass
- databaseName: *dbName
-clamp-mariadb:
- db:
- rootCredsExternalSecret: *dbRootPass
- userCredsExternalSecret: *dbUserPass
- databaseName: *dbName
-
subChartsOnly:
enabled: true
flavor: small
# application image
-image: onap/clamp-frontend:5.1.5
+image: onap/policy-clamp-frontend:6.0.0
pullPolicy: Always
# flag to enable debugging - application support required
service:
type: NodePort
- name: clamp-external
- portName: clamp-external
+ name: policy-clamp-fe
+ portName: policy-clamp-fe
internalPort: 2443
nodePort: 58
# as of 20180904 port 58 is reserved for clamp from log/logdemonode
# see https://wiki.onap.org/display/DW/OOM+NodePort+List
- type2: ClusterIP
- name2: clamp
- portName2: clamp-internal
- internalPort2: 2443
- externalPort2: 8443
-
ingress:
enabled: false
service:
version: ~7.x-0
repository: 'file://components/policy-distribution'
condition: policy-distribution.enabled
+ - name: policy-clamp-be
+ version: ~7.x-0
+ repository: 'file://components/policy-clamp-be'
+ condition: policy-clamp-be.enabled
+ - name: policy-clamp-fe
+ version: ~7.x-0
+ repository: 'file://components/policy-clamp-fe'
+ condition: policy-clamp-fe.enabled
- name: repositoryGenerator
version: ~7.x-0
repository: '@local'
mysql() { /usr/bin/mysql -h ${MYSQL_HOST} -P ${MYSQL_USER} "$@"; };
-for db in support onap_sdk log migration operationshistory10 pooling policyadmin operationshistory
+for db in support onap_sdk log migration operationshistory10 pooling policyadmin policyclamp operationshistory
do
mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "CREATE DATABASE IF NOT EXISTS ${db};"
mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "GRANT ALL PRIVILEGES ON \`${db}\`.* TO '${MYSQL_USER}'@'%' ;"
policy-distribution:
enabled: true
db: *dbSecretsHook
+policy-clamp-be:
+ enabled: true
+ db: *dbSecretsHook
+policy-clamp-fe:
+ enabled: true
policy-nexus:
enabled: false
# validator settings
#default_error_message = Default error message
-login_url_no_ret_val = http://{{.Values.global.portalHostName}}:{{.Values.global.portalPort}}/ONAPPORTAL/login.htm
+login_url_no_ret_val = https://{{.Values.global.portalHostName}}:{{.Values.global.portalFEPort}}/ONAPPORTAL/login.htm
user_attribute_name = user
{{/*
# Copyright (c) 2017 Amdocs, Bell Canada
# Modifications Copyright (c) 2018 AT&T
-# Modifications Copyright (c) 2020 Nokia
+# Modifications Copyright (c) 2020 Nokia, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
value: rack1
- name: CASSANDRA_ENABLE_RPC
value: "true"
+ {{- $flavor := include "common.flavor" . }}
+ {{- $heap := pluck $flavor .Values.heap | first }}
+ {{- if (hasKey $heap "max") }}
+ - name: MAX_HEAP_SIZE
+ value: {{ $heap.max }}
+ {{- end }}
+ {{- if (hasKey $heap "new") }}
+ - name: HEAP_NEWSIZE
+ value: {{ $heap.new }}
+ {{- end }}
volumeMounts:
- mountPath: /etc/localtime
name: localtime
# Copyright (c) 2017 Amdocs, Bell Canada
# Modifications Copyright (c) 2018 AT&T
-# Modifications Copyright (c) 2020 Nokia
+# Modifications Copyright (c) 2020 Nokia, Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
memory: 3.75Gi
requests:
cpu: 160m
- memory: 2.8Gi
+ memory: 3.1Gi
large:
limits:
cpu: 4
cpu: 2
memory: 6Gi
unlimited: {}
+
+heap:
+ # Heap size is tightly correlated to RAM limits.
+ # If limit > 8G, Cassandra should define itself the best value.
+ # If not, you must set up it in a coherent way with limits set
+ # Refer to https://docs.datastax.com/en/cassandra-oss/3.0/cassandra/operations/opsTuneJVM.html#Determiningtheheapsize
+ # for more informations.
+ small:
+ max: 3G
+ new: 100M
+ large: {}
+ unlimited: {}
\ No newline at end of file
GLOBAL_INJECTED_APPC_CDT_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "appc-cdt") }}'
GLOBAL_INJECTED_ARTIFACTS_VERSION = '{{.Values.demoArtifactsVersion}}'
GLOBAL_INJECTED_ARTIFACTS_REPO_URL = "{{ .Values.demoArtifactsRepoUrl }}"
-GLOBAL_INJECTED_CLAMP_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "clamp") }}'
+GLOBAL_INJECTED_CLAMP_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "policy-clamp-fe") }}'
GLOBAL_INJECTED_CLI_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "cli") }}'
GLOBAL_INJECTED_CLOUD_ENV = 'openstack'
GLOBAL_INJECTED_DCAE_COLLECTOR_IP = "{{ .Values.dcaeCollectorIp }}"
GLOBAL_SDC_AUTHENTICATION = [GLOBAL_SDC_USERNAME, GLOBAL_SDC_PASSWORD]
# clamp info - everything is from the private oam network (also called onap private network)
GLOBAL_CLAMP_SERVER_PROTOCOL = "https"
-GLOBAL_CLAMP_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "clamp" "port" 8443) }}'
+GLOBAL_CLAMP_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "policy-clamp-fe" "port" 2443) }}'
# nbi info - everything is from the private oam network (also called onap private network)
GLOBAL_NBI_SERVER_PROTOCOL = "https"
GLOBAL_NBI_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "nbi" "port" 8443) }}'
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdnc-dmaap-listener-image:2.0.4
+image: onap/sdnc-dmaap-listener-image:2.0.5
pullPolicy: Always
# flag to enable debugging - application support required
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdnc-ansible-server-image:2.0.4
+image: onap/sdnc-ansible-server-image:2.0.5
pullPolicy: Always
# flag to enable debugging - application support required
# Application configuration defaults.
#################################################################
# application image
-image: "onap/sdnc-web-image:2.0.4"
+image: "onap/sdnc-web-image:2.0.5"
pullPolicy: Always
config:
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdnc-ueb-listener-image:2.0.4
+image: onap/sdnc-ueb-listener-image:2.0.5
pullPolicy: Always
# flag to enable debugging - application support required
# Copyright © 2017 Amdocs, Bell Canada,
# Copyright © 2020 highstreet technologies GmbH
+# Copyright © 2021 Nokia
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
- name: certInitializer
version: ~7.x-0
repository: '@local'
+ - name: cmpv2Certificate
+ version: ~7.x-0
+ repository: '@local'
+ - name: certManagerCertificate
+ version: ~7.x-0
+ repository: '@local'
- name: logConfiguration
version: ~7.x-0
repository: '@local'
--- /dev/null
+#!/bin/sh
+
+###
+# ============LICENSE_START=======================================================
+# ONAP : SDN-C
+# ================================================================================
+# Copyright (C) 2017 AT&T Intellectual Property. All rights
+# reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+###
+
+
+if [ "$MDSAL_PATH" = "" ]
+then
+ MDSAL_PATH=/opt/opendaylight/mdsal
+fi
+
+if [ "$DAEXIM_PATH" = "" ]
+then
+ DAEXIM_PATH=/opt/opendaylight/daexim
+fi
+
+if [ "$JOURNAL_PATH" = "" ]
+then
+ JOURNAL_PATH=/opt/opendaylight/journal
+fi
+
+if [ "$SNAPSHOTS_PATH" = "" ]
+then
+ SNAPSHOTS_PATH=/opt/opendaylight/snapshots
+fi
+
+
+if [ ! -L $DAEXIM_PATH ]
+then
+ ln -s $MDSAL_PATH/daexim $DAEXIM_PATH
+fi
+
+if [ ! -L $JOURNAL_PATH ]
+then
+ if [ -d $JOURNAL_PATH ]
+ then
+ mv $JOURNAL_PATH/* $MDSAL_PATH/journal
+ rm -f $JOURNAL_PATH
+ fi
+ ln -s $MDSAL_PATH/journal $JOURNAL_PATH
+fi
+
+if [ ! -L $SNAPSHOTS_PATH ]
+then
+ if [ -d $SNAPSHOTS_PATH ]
+ then
+ mv $SNAPSHOTS_PATH/* $MDSAL_PATH/snapshots
+ rm -f $SNAPSHOTS_PATH
+ fi
+ ln -s $MDSAL_PATH/snapshots $SNAPSHOTS_PATH
+fi
faultConsumerClass=org.onap.ccsdk.features.sdnr.wt.mountpointregistrar.impl.DMaaPFaultVESMsgConsumer
TransportType=HTTPNOAUTH
host=message-router.{{.Release.Namespace}}:{{.Values.config.dmaapPort | default "3904"}}
+{{- if .Values.config.sdnr.dmaapProxy.enabled }}
+{{- if .Values.config.sdnr.dmaapProxy.usepwd }}
+jersey.config.client.proxy.username=${DMAAP_HTTP_PROXY_USERNAME}
+jersey.config.client.proxy.password=${DMAAP_HTTP_PROXY_PASSWORD}
+{{- end }}
+jersey.config.client.proxy.uri={{ .Values.config.sdnr.dmaapProxy.url }}
+{{- end }}
topic=unauthenticated.SEC_FAULT_OUTPUT
contenttype=application/json
group=myG
pnfRegConsumerClass=org.onap.ccsdk.features.sdnr.wt.mountpointregistrar.impl.DMaaPPNFRegVESMsgConsumer
TransportType=HTTPNOAUTH
host=message-router.{{.Release.Namespace}}:{{.Values.config.dmaapPort | default "3904"}}
+{{- if .Values.config.sdnr.dmaapProxy.enabled }}
+{{- if .Values.config.sdnr.dmaapProxy.usepwd }}
+jersey.config.client.proxy.username=${DMAAP_HTTP_PROXY_USERNAME}
+jersey.config.client.proxy.password=${DMAAP_HTTP_PROXY_PASSWORD}
+{{- end }}
+jersey.config.client.proxy.uri={{ .Values.config.sdnr.dmaapProxy.url }}
+{{- end }}
topic=unauthenticated.VES_PNFREG_OUTPUT
contenttype=application/json
group=myG
--- /dev/null
+# Daexim directory location
+# absolute path or path relative to Karaf home directory
+# property substitution (interpolation) currently only supported for "${karaf.home}", no others (hard-coded) -- M.
+daexim.dir={{ .Values.persistence.daeximPath }}
\ No newline at end of file
{{/*
-# Copyright © 2020 Nokia
+# Copyright © 2020-2021 Nokia
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
*/}}
-{{ if .Values.global.CMPv2CertManagerIntegration }}
-{{ include "common.certificate" . }}
+{{ if and .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }}
+{{ include "certManagerCertificate.certificate" . }}
{{ end }}
{{/*
-# Copyright © 2018 Amdocs, AT&T, Bell Canada
-# #
-# # Licensed under the Apache License, Version 2.0 (the "License");
-# # you may not use this file except in compliance with the License.
-# # You may obtain a copy of the License at
-# #
-# # http://www.apache.org/licenses/LICENSE-2.0
-# #
-# # Unless required by applicable law or agreed to in writing, software
-# # distributed under the License is distributed on an "AS IS" BASIS,
-# # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# # See the License for the specific language governing permissions and
-# # limitations under the License.
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
*/}}
-{{- $global := . }}
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-{{- if eq "True" (include "common.needPV" .) -}}
-{{- range $i := until (int $global.Values.replicaCount)}}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" $global }}-data-{{ $i }}
- namespace: {{ include "common.namespace" $global }}
- labels:
- app: {{ include "common.fullname" $global }}
- chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}"
- release: "{{ include "common.release" $global }}"
- heritage: "{{ $global.Release.Service }}"
- name: {{ include "common.fullname" $global }}
-spec:
- capacity:
- storage: {{ $global.Values.persistence.size}}
- accessModes:
- - {{ $global.Values.persistence.accessMode }}
- storageClassName: "{{ include "common.fullname" $global }}-data"
- persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }}
- hostPath:
- path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ include "common.release" $global }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}}
-{{if ne $i (int $global.Values.replicaCount) }}
----
-{{- end -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
+{{ include "common.replicaPV" . }}
{{/*
# Copyright © 2020 Samsung Electronics
# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2021 Nokia
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 10 }}
- name: ODL_ADMIN_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 10 }}
+ {{ if and .Values.config.sdnr.dmaapProxy.enabled .Values.config.sdnr.dmaapProxy.usepwd }}
+ - name: DMAAP_HTTP_PROXY_USERNAME
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-proxy-creds" "key" "login") | indent 10 }}
+ - name: DMAAP_HTTP_PROXY_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-proxy-creds" "key" "password") | indent 10 }}
+ {{- end }}
+
volumeMounts:
- mountPath: /config-input
name: {{ include "common.name" . }}-readiness
{{ end -}}
{{ include "common.certInitializer.initContainer" . | indent 6 }}
-
- {{ if .Values.global.cmpv2Enabled }}
- - name: certs-init
- image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.platform.certServiceClient.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- env:
- - name: REQUEST_URL
- value: {{ .Values.global.platform.certServiceClient.envVariables.requestURL }}
- - name: REQUEST_TIMEOUT
- value: "30000"
- - name: OUTPUT_PATH
- value: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }}
- - name: CA_NAME
- value: {{ .Values.global.platform.certServiceClient.envVariables.caName }}
- - name: COMMON_NAME
- value: {{ .Values.global.platform.certServiceClient.envVariables.common_name }}
- - name: ORGANIZATION
- value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Organization }}
- - name: ORGANIZATION_UNIT
- value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2OrganizationalUnit }}
- - name: LOCATION
- value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Location }}
- - name: STATE
- value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2State }}
- - name: COUNTRY
- value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Country }}
- - name: KEYSTORE_PATH
- value: {{ .Values.global.platform.certServiceClient.envVariables.keystorePath }}
- - name: KEYSTORE_PASSWORD
- value: {{ .Values.global.platform.certServiceClient.envVariables.keystorePassword }}
- - name: TRUSTSTORE_PATH
- value: {{ .Values.global.platform.certServiceClient.envVariables.truststorePath }}
- - name: TRUSTSTORE_PASSWORD
- value: {{ .Values.global.platform.certServiceClient.envVariables.truststorePassword }}
- terminationMessagePath: /dev/termination-log
- terminationMessagePolicy: File
- volumeMounts:
- - mountPath: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }}
- name: certs
- - mountPath: {{ .Values.global.platform.certServiceClient.secret.mountPath }}
- name: certservice-tls-volume
- {{ end }}
-
+{{ include "common.certServiceClient.initContainer" . | indent 6 }}
- name: {{ include "common.name" . }}-chown
image: {{ include "repositoryGenerator.image.busybox" . }}
command:
- sh
args:
- -c
- - chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }}
+ - |
+ mkdir {{ .Values.persistence.mdsalPath }}/journal
+ mkdir {{ .Values.persistence.mdsalPath }}/snapshots
+ chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }}
{{- if .Values.global.aafEnabled }}
- - chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certInitializer.credsPath }}
+ chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certInitializer.credsPath }}
{{- end }}
volumeMounts:
{{ include "common.certInitializer.volumeMount" . | indent 10 }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command: ["/bin/bash"]
- args: ["-c", "/opt/onap/sdnc/bin/startODL.sh"]
+ args: ["-c", "/opt/onap/sdnc/bin/createLinks.sh ; /opt/onap/sdnc/bin/startODL.sh"]
ports:
- containerPort: {{ .Values.service.internalPort }}
- containerPort: {{ .Values.service.internalPort2 }}
value: "{{ .Values.replicaCount }}"
- name: MYSQL_HOST
value: {{ include "common.mariadbService" . }}
+ - name: MDSAL_PATH
+ value: {{ .Values.persistence.mdsalPath }}
+ - name: DAEXIM_PATH
+ value: {{ .Values.persistence.daeximPath }}
+ - name: JOURNAL_PATH
+ value: {{ .Values.persistence.journalPath }}
+ - name: SNAPSHOTS_PATH
+ value: {{ .Values.persistence.snapshotsPath }}
- name: JAVA_HOME
value: "{{ .Values.config.javaHome}}"
- name: JAVA_OPTS
volumeMounts:
{{ include "common.certInitializer.volumeMount" . | indent 10 }}
+{{ include "common.certServiceClient.volumeMounts" . | indent 10 }}
+{{- if and .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }}
+{{ include "common.certManager.volumeMounts" . | indent 10 }}
+{{- end }}
- mountPath: /etc/localtime
name: localtime
readOnly: true
- mountPath: {{ .Values.config.binDir }}/installSdncDb.sh
name: bin
subPath: installSdncDb.sh
+ - mountPath: {{ .Values.config.binDir }}/createLinks.sh
+ name: bin
+ subPath: createLinks.sh
- mountPath: {{ .Values.config.ccsdkConfigDir }}/aaiclient.properties
name: properties
subPath: aaiclient.properties
- mountPath: {{ .Values.config.odl.etcDir }}/mountpoint-state-provider.properties
name: properties
subPath: mountpoint-state-provider.properties
- {{ if .Values.global.cmpv2Enabled }}
- - mountPath: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }}
- name: certs
- {{- end }}
+ - mountPath: {{ .Values.config.odl.etcDir }}/org.opendaylight.daexim.cfg
+ name: properties
+ subPath: org.opendaylight.daexim.cfg
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
- name: properties
emptyDir:
medium: Memory
- {{ if .Values.global.cmpv2Enabled }}
- - name: certs
- emptyDir:
- medium: Memory
- - name: certservice-tls-volume
- secret:
- secretName: {{ .Values.global.platform.certServiceClient.secret.name }}
- {{- end }}
{{ if not .Values.persistence.enabled }}
- name: {{ include "common.fullname" . }}-data
emptyDir: {}
{{ else }}
{{ include "common.certInitializer.volumes" . | nindent 8 }}
+{{ include "common.certServiceClient.volumes" . | nindent 8 }}
+{{- if and .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }}
+{{ include "common.certManager.volumes" . | nindent 8 }}
+{{- end }}
volumeClaimTemplates:
- metadata:
name: {{ include "common.fullname" . }}-data
# Copyright © 2020 Samsung Electronics, highstreet technologies GmbH
# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2021 Nokia
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
service: mariadb-galera
internalPort: 3306
nameOverride: mariadb-galera
- service: mariadb-galera
- # Enabling CMPv2
- cmpv2Enabled: true
+ # Enabling CMPv2 with CertManager
CMPv2CertManagerIntegration: false
- platform:
- certServiceClient:
- image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.2
- secret:
- name: oom-cert-service-client-tls-secret
- mountPath: /etc/onap/oom/certservice/certs/
- envVariables:
- # Certificate related
- cert_path: /var/custom-certs
- cmpv2Organization: "Linux-Foundation"
- cmpv2OrganizationalUnit: "ONAP"
- cmpv2Location: "San-Francisco"
- cmpv2Country: "US"
- # Client configuration related
- caName: "RA"
- common_name: "sdnc.simpledemo.onap.org"
- requestURL: "https://oom-cert-service:8443/v1/certificate/"
- requestTimeout: "30000"
- keystorePath: "/etc/onap/oom/certservice/certs/certServiceClient-keystore.jks"
- outputType: "P12"
- keystorePassword: "secret"
- truststorePath: "/etc/onap/oom/certservice/certs/truststore.jks"
- truststorePassword: "secret"
#################################################################
# Secrets metaconfig
password: '{{ .Values.config.odlPassword }}'
# For now this is left hardcoded but should be revisited in a future
passwordPolicy: required
+ - uid: dmaap-proxy-creds
+ name: &dmaapProxyCredsSecretName '{{ include "common.release" . }}-sdnc-dmaap-proxy-creds'
+ type: basicAuth
+ externalSecret: '{{ .Values.config.dmaapProxyCredsExternalSecret }}'
+ login: '{{ .Values.config.sdnr.dmaapProxy.user }}'
+ password: '{{ .Values.config.sdnr.dmaapProxy.password }}'
+ # For now this is left hardcoded but should be revisited in a future
+ passwordPolicy: required
- uid: netbox-apikey
type: password
externalSecret: '{{ .Values.config.netboxApikeyExternalSecret }}'
login: '{{ .Values.config.scaleoutUser }}'
password: '{{ .Values.config.scaleoutPassword }}'
passwordPolicy: required
- - uid: keystore-password
- type: password
- password: secret
- passwordPolicy: required
#################################################################
# Certificates
#################################################################
certificates:
- - commonName: sdnc.simpledemo.onap.org
+ - mountPath: /var/custom-certs
+ commonName: sdnc.simpledemo.onap.org
dnsNames:
- sdnc.simpledemo.onap.org
- p12Keystore:
- create: true
- passwordSecretRef:
- name: keystore-password
- key: password
- jksKeystore:
- create: true
+ keystore:
+ outputType:
+ - jks
passwordSecretRef:
- name: keystore-password
+ name: sdnc-cmpv2-keystore-password
key: password
+ issuer:
+ group: certmanager.onap.org
+ kind: CMPv2Issuer
+ name: cmpv2-issuer-onap
#################################################################
# Application configuration defaults.
#################################################################
# application images
pullPolicy: Always
-image: onap/sdnc-image:2.0.4
+image: onap/sdnc-image:2.0.5
# flag to enable debugging - application support required
debugEnabled: false
sdnrdbTrustAllCerts: true
mountpointRegistrarEnabled: false
mountpointStateProviderEnabled: false
+ # enable and set dmaap-proxy for mountpointRegistrar
+ dmaapProxy:
+ enabled: false
+ usepwd: true
+ user: addUserHere
+ password: addPasswordHere
+ url: addProxyUrlHere
+
+
size: 1Gi
mountPath: /dockerdata-nfs
mountSubPath: sdnc/mdsal
- mdsalPath: /opt/opendaylight/current/daexim
+ mdsalPath: /opt/opendaylight/mdsal
+ daeximPath: /opt/opendaylight/mdsal/daexim
+ journalPath: /opt/opendaylight/journal
+ snapshotsPath: /opt/opendaylight/snapshots
certpersistence:
enabled: true
# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2021 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
+ - name: certInitializer
+ version: ~7.x-0
+ repository: '@local'
- name: mariadb-galera
version: ~7.x-0
repository: '@local'
- name: repositoryGenerator
version: ~7.x-0
repository: '@local'
-
{{/*
# Copyright © 2017 Amdocs, Bell Canada
# Copyright © 2020 Samsung Electronics
+# Copyright © 2021 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
spec:
- initContainers:
+ initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
- command:
- /app/ready.py
args:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- if .Values.global.aafEnabled }}
+ command:
+ - sh
+ args:
+ - -c
+ - |
+ export $(cat {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
+ /tmp/vid/localize.sh
+ {{- end }}
ports:
- containerPort: {{ .Values.service.internalPort }}
# disable liveness probe when breakpoints set in debugger
value: "{{ .Values.config.roleaccesscentralized }}"
- name: VID_CONTACT_US_LINK
value: "{{ .Values.config.vidcontactuslink }}"
- - name: VID_KEYSTORE_PASSWORD
- value: {{ .Values.config.vidkeystorepassword | quote }}
- name: VID_UEB_URL_LIST
value: message-router.{{ include "common.namespace" . }}
- name: VID_MYSQL_HOST
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "vid-db-user-secret" "key" "password") | indent 14 }}
- name: VID_MYSQL_MAXCONNECTIONS
value: "{{ .Values.config.vidmysqlmaxconnections }}"
- volumeMounts:
- - mountPath: /opt/app/vid/etc
- name: vid-certs
+ {{- if .Values.global.aafEnabled }}
+ - name: VID_KEYSTORE_FILENAME
+ value: "{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.jks"
+ - name: VID_TRUSTSTORE_FILENAME
+ value: "{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks"
+ {{- end }}
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- mountPath: /etc/localtime
name: localtime
readOnly: true
name: vid-logs
- mountPath: /usr/share/filebeat/data
name: vid-data-filebeat
- volumes:
- - name: vid-certs
- secret:
- secretName: {{ include "common.fullname" . }}-certs
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: localtime
hostPath:
path: /etc/localtime
{{/*
# Copyright © 2017 Amdocs, Bell Canada
# Copyright © 2020 Samsung Electronics
+# Copyright © 2021 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
*/}}
{{ include "common.secretFast" . }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}-certs
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }}
# Copyright © 2017 Amdocs, Bell Canada
# Copyright © 2020 Samsung Electronics
+# Copyright © 2021 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
login: '{{ .Values.config.db.userName }}'
password: '{{ .Values.config.db.userPassword }}'
+#################################################################
+# AAF part
+#################################################################
+certInitializer:
+ nameOverride: vid-cert-initializer
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ # aafDeployCredsExternalSecret: some secret
+ fqdn: vid
+ fqi: vid@vid.onap.org
+ public_fqdn: vid.onap.org
+ fqi_namespace: "org.onap.vid"
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ app_ns: org.osaaf.aaf
+ credsPath: /opt/app/osaaf/local
+ aaf_add_config: |
+ echo "*** retrieving password for keystore and trustore"
+ export $(/opt/app/aaf_config/bin/agent.sh local showpass \
+ {{.Values.fqi}} {{ .Values.fqdn }} | grep '^c' | xargs -0)
+ if [ -z "$cadi_keystore_password" ]
+ then
+ echo " /!\ certificates retrieval failed"
+ exit 1
+ else
+ echo "*** changing them into shell safe ones"
+ export KEYSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
+ export TRUSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
+ cd {{ .Values.credsPath }}
+ keytool -storepasswd -new "${KEYSTORE_PASSWD}" \
+ -storepass "${cadi_keystore_password_jks}" \
+ -keystore {{ .Values.fqi_namespace }}.jks
+ keytool -storepasswd -new "${TRUSTORE_PASSWD}" \
+ -storepass "${cadi_truststore_password}" \
+ -keystore {{ .Values.fqi_namespace }}.trust.jks
+ echo "*** set key password as same password as keystore password"
+ keytool -keypasswd -new "${KEYSTORE_PASSWD}" \
+ -keystore {{ .Values.fqi_namespace }}.jks \
+ -keypass "${cadi_keystore_password_jks}" \
+ -storepass "${KEYSTORE_PASSWD}" -alias {{ .Values.fqi }}
+ echo "*** save the generated passwords"
+ echo "VID_KEYSTORE_PASSWORD=${KEYSTORE_PASSWD}" > mycreds.prop
+ echo "VID_TRUSTSTORE_PASSWORD=${TRUSTORE_PASSWD}" >> mycreds.prop
+ echo "*** change ownership of certificates to targeted user"
+ chown -R 1000 .
+ fi
+
subChartsOnly:
enabled: true
userName: vidadmin
# userCredentialsExternalSecret: some secret
# userPassword: password
- vidkeystorepassword: 'F:.\,csU\&ew8\;tdVitnfo\}O\!g'
asdcclientrestauth: "Basic dmlkOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU="
asdcclientrestport: "8443"
vidaaiport: "8443"
[testenv:docs]
deps = -rdocs/requirements-docs.txt
commands =
- sphinx-build -W -b html -n -W -d {envtmpdir}/doctrees ./docs/ {toxinidir}/docs/_build/html
+ sphinx-build -W -b html -n -d {envtmpdir}/doctrees ./docs/ {toxinidir}/docs/_build/html
[testenv:docs-linkcheck]
deps = -rdocs/requirements-docs.txt
commands = sphinx-build -W -b linkcheck -d {envtmpdir}/doctrees ./docs/ {toxinidir}/docs/_build/linkcheck
+[testenv:spelling]
+#basepython = python3
+whitelist_externals = wget
+deps =
+ -rdocs/requirements-docs.txt
+ sphinxcontrib-spelling
+ PyEnchant
+changedir={toxinidir}/docs
+commands =
+ wget -nv https://git.onap.org/doc/plain/docs/spelling_wordlist.txt -O spelling_wordlist.txt
+ sphinx-build -b spelling -d {envtmpdir}/doctrees . _build/spelling
+
[testenv:gitlint]
basepython = python3
deps =