-#!/bin/bash
+#!/bin/sh
usage () {
echo "Usage:"
-#!/bin/bash -x
+#!/bin/sh -x
+
{{/*
# Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved.
#
-#!/bin/bash -x
-{{/*
+#!/bin/sh -x
+{{/*
###
# ============LICENSE_START=======================================================
# APPC
-#!/bin/bash
+#!/bin/sh
+
{{/*
###
sdncOamService: sdnc-oam
sdncOamPort: 8282
+ #AAF is enabled by default
+ #aafEnabled: true
+
+ #enable importCustomCerts to add custom CA to blueprint processor pod
+ #importCustomCertsEnabled: true
+
+ #use below configmap to add custom CA certificates
+ #certificates with *.pem will be added to JAVA truststore $JAVA_HOME/lib/security/cacerts in the pod
+ #certificates with *.crt will be added to /etc/ssl/certs/ca-certificates.crt in the pod
+ #customCertsConfigMap: onap-cds-blueprints-processor-configmap
+
#################################################################
# Secrets metaconfig
#################################################################
# AAF part
#################################################################
certInitializer:
- nameOverride: cds-blueprints-processor-initializer
+ nameOverride: cds-blueprints-processor-cert-initializer
aafDeployFqi: deployer@people.osaaf.org
aafDeployPass: demo123456!
# aafDeployCredsExternalSecret: some secret
app_ns: org.osaaf.aaf
credsPath: /opt/app/osaaf/local
fqi_namespace: org.onap.sdnc-cds
+ #enable below if we need custom CA to be added to blueprint processor pod
+ #importCustomCertsEnabled: true
+ #truststoreMountpath: /opt/onap/cds
+ #truststoreOutputFileName: truststoreONAPall.jks
aaf_add_config: >
/opt/app/aaf_config/bin/agent.sh;
/opt/app/aaf_config/bin/agent.sh local showpass
-#!/bin/bash
+#!/bin/sh
set -e
{{- $entry := dict }}
{{- $uid := tpl (default "" $secret.uid) $global }}
{{- $keys := keys $secret }}
- {{- range $key := (without $keys "annotations" "filePaths" )}}
+ {{- range $key := (without $keys "annotations" "filePaths" "envs" )}}
{{- $_ := set $entry $key (tpl (index $secret $key) $global) }}
{{- end }}
{{- if $secret.annotations }}
{{- $_ := set $entry "filePaths" $secret.filePaths }}
{{- end }}
{{- end }}
+ {{- if $secret.envs }}
+ {{- $envsCache := (list) }}
+ {{- range $env := $secret.envs }}
+ {{- $tplValue := tpl (default "" $env.value) $global }}
+ {{- $envsCache = append $envsCache (dict "name" $env.name "policy" $env.policy "value" $tplValue) }}
+ {{- end }}
+ {{- $_ := set $entry "envs" $envsCache }}
+ {{- end }}
{{- $realName := default (include "common.secret.genNameFast" (dict "global" $global "uid" $uid "name" $entry.name) ) $entry.externalSecret }}
{{- $_ := set $entry "realName" $realName }}
{{- $_ := set $secretCache $uid $entry }}
{{- end }}
{{- $_ := set $global.Values "_secretsCache" $secretCache }}
{{- end }}
+
{{- end -}}
{{/*
-#!/bin/bash
+#!/bin/sh
+
{{/*
-#
# ============LICENSE_START==========================================
# org.onap.music
# ===================================================================
-#!/bin/bash
+#!/bin/sh
# ============LICENSE_START=======================================================
# Copyright (c) 2021 Bell Canada.
-#!/bin/bash
+#!/bin/sh
#function to provide help
#desc: this function provide help menu
-#!/bin/bash
+#!/bin/sh
waitForEjbcaToStart() {
until $(curl -kI https://localhost:8443/ejbca/publicweb/healthcheck/ejbcahealth --output /dev/null --silent --head --fail)
-#!/bin/bash -e
+#!/bin/sh -e
# Copyright 2020 Samsung Electronics Co., Ltd.
#
}
-target_machine_notice_info() {
+target_machine_notice_info()
+{
cat << ==infodeploy
Extra DNS server already deployed:
1. You can add the DNS server to the target machine using following commands:
-#!/bin/bash -e
+#!/bin/sh -e
+
#
# Copyright 2020 Samsung Electronics Co., Ltd.
#
# limitations under the License.
#
-usage() {
+usage()
+{
cat << ==usage
$0 Automatic configuration using external addresess from nodes
$0 --help This message
-#!/bin/bash
+#!/bin/sh
# Copyright © 2020 Samsung Electronics
#
-#!/bin/bash
+#!/bin/sh
+
#############################################################################
# Copyright © 2019 Bell.
#
# limitations under the License.
*/}}
-server:
- port: 8080
-
-rest:
- api:
- cps-base-path: /cps/api
- xnf-base-path: /cps-nf-proxy/api
-
spring:
- main:
- banner-mode: "off"
- jpa:
- ddl-auto: create
- open-in-view: false
- properties:
- hibernate:
- enable_lazy_load_no_trans: true
- dialect: org.hibernate.dialect.PostgreSQLDialect
-
datasource:
url: jdbc:postgresql://{{ .Values.postgres.service.name2 }}:5432/{{ .Values.postgres.config.pgDatabase }}
username: ${DB_USERNAME}
driverClassName: org.postgresql.Driver
initialization-mode: always
- cache:
- type: caffeine
- cache-names: yangSchema
- caffeine:
- spec: maximumSize=10000,expireAfterAccess=10m
-
liquibase:
change-log: classpath:changelog/changelog-master.yaml
labels: {{ .Values.config.liquibaseLabels }}
security:
- # comma-separated uri patterns which do not require authorization
- permit-uri: /manage/health/**,/manage/info,/swagger-ui/**,/swagger-resources/**,/v3/api-docs
- auth:
- username: ${CPS_USERNAME}
- password: ${CPS_PASSWORD}
-
-# Actuator
-management:
- endpoints:
- web:
- base-path: /manage
- exposure:
- include: info,health,loggers
- endpoint:
- health:
- show-details: always
- # kubernetes probes: liveness and readiness
- probes:
- enabled: true
- loggers:
- enabled: true
-
+ # comma-separated uri patterns which do not require authorization
+ permit-uri: /manage/**,/swagger-ui/**,/swagger-resources/**,/api-docs
+ auth:
+ username: ${CPS_USERNAME}
+ password: ${CPS_PASSWORD}
logging:
level:
org:
springframework: {{ .Values.logging.level }}
+dmi:
+ auth:
+ username: ${DMI_USERNAME}
+ password: ${DMI_PASSWORD}
+
+{{- if .Values.config.eventPublisher }}
+{{ toYaml .Values.config.eventPublisher | nindent 2 }}
+{{- end }}
+
{{- if .Values.config.additional }}
{{ toYaml .Values.config.additional | nindent 2 }}
{{- end }}
-
# Last empty line is required otherwise the last property will be missing from application.yml file in the pod.
+
metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
replicas: {{ .Values.replicaCount }}
+ minReadySeconds: {{ index .Values.minReadySeconds }}
+ strategy:
+ type: {{ index .Values.updateStrategy.type }}
+ rollingUpdate:
+ maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }}
+ maxSurge: {{ index .Values.updateStrategy.maxSurge }}
selector: {{- include "common.selectors" . | nindent 4 }}
template:
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "login") | indent 12 }}
- name: CPS_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "password") | indent 12 }}
+ - name: DMI_USERNAME
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmi-plugin-user-creds" "key" "login") | indent 12 }}
+ - name: DMI_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmi-plugin-user-creds" "key" "password") | indent 12 }}
+
volumeMounts:
- mountPath: /config-input
name: init-data-input
-# ============LICENSE_START==========================================
-# ===================================================================
-# Copyright (C) 2021 Pantheon.tech
-#
+{{/*
+# ============LICENSE_START=======================================================
+# Copyright (c) 2021 Bell Canada
+# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
+
+# http://www.apache.org/licenses/LICENSE-2.0
+
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#============LICENSE_END============================================
-
-# Helm Chart for CPS Applications
-
-ONAP Configuration Persistence Service (CPS) includes the following Kubernetes services:
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+*/}}
-1) cps-core - Configuration Persistence Service together with Nf Configuration Persistence Service
\ No newline at end of file
+{{- if .Values.prometheus.enabled }}
+{{ include "common.serviceMonitor" . }}
+{{- end }}
\ No newline at end of file
#################################################################
secrets:
- uid: pg-root-pass
- name: &pgRootPassSecretName '{{ include "common.release" . }}-cps-pg-root-pass'
+ name: &pgRootPassSecretName '{{ include "common.release" . }}-cps-core-pg-root-pass'
type: password
- externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgRootPasswordExternalSecret) .) (hasSuffix "cps-pg-root-pass" .Values.postgres.config.pgRootPasswordExternalSecret) }}'
+ externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgRootPasswordExternalSecret) .) (hasSuffix "cps-core-pg-root-pass" .Values.postgres.config.pgRootPasswordExternalSecret) }}'
password: '{{ .Values.postgres.config.pgRootpassword }}'
policy: generate
- uid: pg-user-creds
- name: &pgUserCredsSecretName '{{ include "common.release" . }}-cps-pg-user-creds'
+ name: &pgUserCredsSecretName '{{ include "common.release" . }}-cps-core-pg-user-creds'
type: basicAuth
- externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "cps-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}'
+ externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "cps-core-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}'
login: '{{ .Values.postgres.config.pgUserName }}'
password: '{{ .Values.postgres.config.pgUserPassword }}'
passwordPolicy: generate
login: '{{ .Values.config.appUserName }}'
password: '{{ .Values.config.appUserPassword }}'
passwordPolicy: generate
+ - uid: dmi-plugin-user-creds
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.config.dmiPluginUserExternalSecret) . }}'
+ login: '{{ .Values.config.dmiPluginUserName }}'
+ password: '{{ .Values.config.dmiPluginUserPassword }}'
+ passwordPolicy: generate
#################################################################
# Global configuration defaults.
virtualhost:
baseurl: "simpledemo.onap.org"
-image: onap/cps-and-nf-proxy:1.0.1
+image: onap/cps-and-ncmp:2.0.0
containerPort: &svc_port 8080
+managementPort: &mgt_port 8081
service:
type: ClusterIP
ports:
- name: &port http
port: *svc_port
+ - name: management
+ port: *mgt_port
+ targetPort: *mgt_port
+
+prometheus:
+ enabled: true
+
+metrics:
+ serviceMonitor:
+ enabled: true
+ port: management
+ ## specify target port if name is not given to the port in the service definition
+ ##
+ # targetPort: 8080
+ path: /manage/prometheus
+ interval: 60s
+ basicAuth:
+ enabled: false
pullPolicy: Always
# flag to enable debugging - application support required
# in debugger so K8s doesn't restart unresponsive container
enabled: true
path: /manage/health
- port: *port
+ port: *mgt_port
readiness:
initialDelaySeconds: 15
periodSeconds: 15
path: /manage/health
- port: *port
+ port: *mgt_port
ingress:
enabled: true
spring:
profile: helm
#appUserPassword:
-
+ dmiPluginUserName: dmiuser
# Any new property can be added in the env by setting in overrides in the format mentioned below
# All the added properties must be in "key: value" format insead of yaml.
# additional:
# spring.config.max-size: 200
# spring.config.min-size: 10
+ eventPublisher:
+ spring.kafka.bootstrap-servers: message-router-kafka:9092
+ spring.kafka.security.protocol: SASL_PLAINTEXT
+ spring.kafka.properties.sasl.mechanism: PLAIN
+ spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.plain.PlainLoginModule required username=admin password=admin_secret;
+ spring.kafka.producer.client-id: cps-core
+
+ additional:
+ notification.data-updated.enabled: true
+ notification.data-updated.topic: cps.data-updated-events
+ notification.data-updated.filters.enabled-dataspaces: ""
+ notification.async.enabled: false
+ notification.async.executor.core-pool-size: 2
+ notification.async.executor.max-pool-size: 1
+ notification.async.executor.queue-capacity: 500
+ notification.async.executor.wait-for-tasks-to-complete-on-shutdown: true
+ notification.async.executor.thread-name-prefix: Async-
+
logging:
level: INFO
path: /tmp
# Postgres overriding defaults in the postgres
#################################################################
postgres:
- nameOverride: &postgresName cps-postgres
+ nameOverride: &postgresName cps-core-postgres
service:
name: *postgresName
- name2: cps-pg-primary
- name3: cps-pg-replica
+ name2: cps-core-pg-primary
+ name3: cps-core-pg-replica
container:
name:
- primary: cps-pg-primary
- replica: cps-pg-replica
+ primary: cps-core-pg-primary
+ replica: cps-core-pg-replica
persistence:
- mountSubPath: cps/data
- mountInitPath: cps
+ mountSubPath: cps-core/data
+ mountInitPath: cps-core
config:
pgUserName: cps
pgDatabase: cpsdb
readinessCheck:
wait_for:
- - cps-postgres
+ - *postgresName
+
+minReadySeconds: 10
+updateStrategy:
+ type: RollingUpdate
+ maxUnavailable: 0
+ maxSurge: 1
url: jdbc:postgresql://{{ .Values.timescaledb.service.name }}:5432/{{ .Values.timescaledb.config.pgDatabase }}
username: ${DB_USERNAME}
password: ${DB_PASSWORD}
- kafka:
- bootstrap-servers: [{{ .Values.config.kafka.service }}:{{ .Values.config.kafka.port }}]
- security:
- protocol: {{ .Values.config.kafka.protocol }}
- consumer:
- group-id: {{ .Values.config.kafka.consumerGroupId }}
security:
auth:
username: ${APP_USERNAME}
password: ${APP_PASSWORD}
-app:
- listener:
- data-updated:
- topic: {{ .Values.config.kafka.listenerTopic }}
+# Event consumption properties (kafka)
+{{- if .Values.config.eventConsumption }}
+{{ toYaml .Values.config.eventConsumption | nindent 2 }}
+{{- end }}
+# Additional properties
{{- if .Values.config.additional }}
{{ toYaml .Values.config.additional | nindent 2 }}
{{- end }}
profile: helm
#appUserPassword:
+ # Event consumption (kafka) properties
+ # All Kafka properties must be in "key: value" format instead of yaml.
+ eventConsumption:
+ spring.kafka.bootstrap-servers: message-router-kafka:9092
+ spring.kafka.security.protocol: PLAINTEXT
+ spring.kafka.consumer.group-id: cps-temporal-group
+ app.listener.data-updated.topic: cps.data-updated-events
+
# Any new property can be added in the env by setting in overrides in the format mentioned below
# All the added properties must be in "key: value" format instead of yaml.
# additional:
# spring.config.max-size: 200
# spring.config.min-size: 10
- kafka:
- service: message-router-kafka
- port: 9092
- listenerTopic: cps.cfg-state-events
- consumerGroupId: cps-temporal-group
- protocol: PLAINTEXT
-
logging:
level: INFO
path: /tmp
# ============LICENSE_END=========================================================
*/}}
-server:
- port: 8080
+dmi:
+ service:
+ name: {{ .Values.config.dmiServiceName }}
cps-core:
- baseUrl: http://${CPS_CORE_HOST:cps}:${CPS_CORE_PORT:8080}
- dmiRegistrationUrl : /cps-ncmp/api/ncmp-dmi/v1/ch
+ baseUrl: {{ .Values.config.cpsCore.url }}
auth:
username: ${CPS_CORE_USERNAME}
password: ${CPS_CORE_PASSWORD}
sdnc:
- baseUrl: http://${SDNC_HOST:sdnc}:${SDNC_PORT:8181}
- topologyId: ${SDNC_TOPOLOGY_ID:topology-netconf}
+ baseUrl: {{ .Values.config.sdnc.url }}
+ topologyId: {{ .Values.config.sdnc.topologyId }}
auth:
username: ${SDNC_USERNAME}
password: ${SDNC_PASSWORD}
+++ /dev/null
-<!--
- ============LICENSE_START=======================================================
- Copyright (C) 2021 Nordix Foundation
- ================================================================================
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
- SPDX-License-Identifier: Apache-2.0
- ============LICENSE_END=========================================================
--->
-
-<configuration scan="true" scanPeriod="30 seconds" debug="false">
-
- <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
- <encoder>
- <pattern>%d - %highlight(%-5level) [%-20.20thread] %cyan(%logger{36}) - %msg%n</pattern>
- </encoder>
- </appender>
- <appender name="AsyncSysOut" class="ch.qos.logback.classic.AsyncAppender">
- <appender-ref ref="STDOUT" />
- </appender>
-
- <root level="INFO">
- <appender-ref ref="AsyncSysOut" />
- </root>
-
-</configuration>
-
+++ /dev/null
-# ============LICENSE_START=======================================================
-# Copyright (C) 2021 Nordix Foundation
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# SPDX-License-Identifier: Apache-2.0
-# ============LICENSE_END=========================================================
-
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- export SERVICE_PORT=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.spec.ports[0].port}')
- echo http://$SERVICE_IP:$SERVICE_PORT
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- export POD_PORT=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].spec.containers[0].ports[0].containerPort}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:$POD_PORT
-{{- end }}
metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
replicas: {{ .Values.replicaCount }}
+ minReadySeconds: {{ index .Values.minReadySeconds }}
+ strategy:
+ type: {{ index .Values.updateStrategy.type }}
+ rollingUpdate:
+ maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }}
+ maxSurge: {{ index .Values.updateStrategy.maxSurge }}
selector: {{- include "common.selectors" . | nindent 4 }}
template:
metadata:
labels:
app.kubernetes.io/name: {{ include "common.name" . }}
app.kubernetes.io/instance: {{ include "common.release" . }}
- {{- if .Values.prometheus.enabled }}
- annotations:
- prometheus.io/scrape: "true"
- prometheus.io/path: 'manage/prometheus'
- prometheus.io/port: {{ .Values.managementPort | quote }}
- {{- end }}
spec:
{{ include "common.podSecurityContext" . | indent 6 | trim}}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . ) }}
- "cd /config-input && for PFILE in `find . -not -type d | grep -v -F ..`; do envsubst <${PFILE} >/config/${PFILE}; done"
env:
- name: DMI_PLUGIN_USERNAME
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "user-creds" "key" "login") | indent 12 }}
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "login") | indent 12 }}
- name: DMI_PLUGIN_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "user-creds" "key" "password") | indent 12 }}
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "password") | indent 12 }}
- name: SDNC_USERNAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdnc-creds" "key" "login") | indent 12 }}
- name: SDNC_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdnc-creds" "key" "password") | indent 12 }}
- name: CPS_CORE_USERNAME
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "core-creds" "key" "login") | indent 12 }}
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-core-creds" "key" "login") | indent 12 }}
- name: CPS_CORE_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "core-creds" "key" "password") | indent 12 }}
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-core-creds" "key" "password") | indent 12 }}
volumeMounts:
- mountPath: /config-input
name: init-data-input
- mountPath: /app/resources/application-helm.yml
subPath: application-helm.yml
name: init-data
- - mountPath: /app/resources/logback.xml
- subPath: logback.xml
- name: init-data
- mountPath: /tmp
name: init-temp
volumes:
--- /dev/null
+{{/*
+# ============LICENSE_START=======================================================
+# Copyright (c) 2021 Bell Canada
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+
+# http://www.apache.org/licenses/LICENSE-2.0
+
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+*/}}
+
+{{- if .Values.prometheus.enabled }}
+{{ include "common.serviceMonitor" . }}
+{{- end }}
\ No newline at end of file
# Secrets.
#################################################################
secrets:
- - uid: user-creds
+ - uid: app-user-creds
type: basicAuth
externalSecret: '{{ tpl (default "" .Values.config.appUserExternalSecret) . }}'
login: '{{ .Values.config.appUserName }}'
- uid: sdnc-creds
type: basicAuth
externalSecret: '{{ tpl (default "" .Values.config.odlCredsExternalSecret) . }}'
- login: '{{ .Values.config.sdncUser }}'
- password: '{{ .Values.config.sdncPassword }}'
+ login: '{{ .Values.config.sdnc.username }}'
+ password: '{{ .Values.config.sdnc.password }}'
passwordPolicy: required
- - uid: core-creds
+ - uid: cps-core-creds
type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.config.coreCredsExternalSecret) . }}'
- login: '{{ .Values.config.coreUser }}'
- password: '{{ .Values.config.corePassword }}'
+ externalSecret: '{{ tpl (default "" .Values.config.cpsCore.credsExternalSecret) . }}'
+ login: '{{ .Values.config.cpsCore.username }}'
+ password: '{{ .Values.config.cpsCore.password }}'
passwordPolicy: generate
#################################################################
prometheus:
enabled: true
- interval: 60s
service:
type: ClusterIP
- name: ncmp-dmi-plugin
+ name: &svc_name ncmp-dmi-plugin
ports:
- name: &port http
port: *svc_port
port: *mgt_port
targetPort: *mgt_port
+metrics:
+ serviceMonitor:
+ enabled: true
+ port: management
+ ## specify target port if name is not given to the port in the service definition
+ ##
+ # targetPort: 8080
+ path: /manage/prometheus
+ interval: 60s
+ basicAuth:
+ enabled: false
+
pullPolicy: IfNotPresent
# flag to enable debugging - application support required
debugEnabled: false
service:
- baseaddr: "ncmp-dmi-plugin"
path: "/"
- name: "ncmp-dmi-plugin"
+ name: *svc_name
port: *svc_port
serviceAccount:
# REST API basic authentication credentials (passsword is generated if not provided)
appUserName: ncmpuser
+ #appUserPassword:
spring:
profile: helm
- #appUserPassword:
- sdncUser: admin
- sdncPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
-
- coreUser: cpsuser
+ dmiServiceName: http://*svc_name:*svc_port
+ sdnc:
+ url: http://sdnc:8181
+ username: admin
+ password: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+ topologyId: topology-netconf
+ cpsCore:
+ url: http://cps-core:8080
+ username: cpsuser
+ #password:
# Any new property can be added in the env by setting in overrides in the format mentioned below
# All the added properties must be in "key: value" format insead of yaml.
readinessCheck:
wait_for:
- - cps-postgres
+ - cps-core
+
+minReadySeconds: 10
+updateStrategy:
+ type: RollingUpdate
+ maxUnavailable: 0
+ maxSurge: 1
login: '{{ .Values.config.coreUserName }}'
password: '{{ .Values.config.coreUserPassword }}'
passwordPolicy: generate
+ - uid: dmi-plugin-user-creds
+ name: &dmi-plugin-creds-secret '{{ include "common.release" . }}-cps-dmi-plugin-user-creds'
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.config.dmiPluginUserExternalSecret) . }}'
+ login: '{{ .Values.config.dmiPluginUserName }}'
+ password: '{{ .Values.config.dmiPluginUserPassword }}'
+ passwordPolicy: generate
passwordStrengthOverride: basic
global:
config:
coreUserName: cpsuser
+ dmiPluginUserName: dmiuser
# Enable all CPS components by default
cps-core:
enabled: true
config:
appUserExternalSecret: *core-creds-secret
+ dmiPluginUserExternalSecret: *dmi-plugin-creds-secret
cps-temporal:
enabled: true
ncmp-dmi-plugin:
enabled: true
config:
- coreCredsExternalSecret: *core-creds-secret
+ appUserExternalSecret: *dmi-plugin-creds-secret
+ cpsCore:
+ credsExternalSecret: *core-creds-secret
+#!/bin/sh
+
#!/usr/bin/dumb-init /bin/sh
+# As of docker 1.13, using docker run --init achieves the same outcome than dumb-init.
+
set -e
set -x
-# Note above that we run dumb-init as PID 1 in order to reap zombie processes
-# as well as forward signals to all processes in its session. Normally, sh
-# wouldn't do either of these functions so we'd leak zombies as well as do
-# unclean termination of all our sub-processes.
-# As of docker 1.13, using docker run --init achieves the same outcome.
-
-# You can set CONSUL_BIND_INTERFACE to the name of the interface you'd like to
-# bind to and this will look up the IP and pass the proper -bind= option along
-# to Consul.
CONSUL_BIND=
if [ -n "$CONSUL_BIND_INTERFACE" ]; then
CONSUL_BIND_ADDRESS=$(ip -o -4 addr list $CONSUL_BIND_INTERFACE | head -n1 | awk '{print $4}' | cut -d/ -f1)
-#!/bin/bash
+#!/bin/sh
{{/*
# Copyright © 2017 Amdocs, Bell Canada
flavor: small
# application image
-image: onap/policy-clamp-frontend:6.1.1
+image: onap/policy-clamp-frontend:6.1.2
pullPolicy: Always
# flag to enable debugging - application support required
-#!/bin/bash
+#!/bin/sh
+
# Copyright (C) 2018 Amdocs, Bell Canada
# Modifications Copyright (C) 2019 Samsung
# Modifications Copyright (C) 2020 Nokia
-#!/bin/bash
+#!/bin/sh
# Copyright © 2018 Amdocs, Bell Canada
#
-#!/bin/bash
+#!/bin/sh
# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
#
-#!/bin/bash
+#!/bin/sh
# Copyright 2019 AT&T Intellectual Property. All rights reserved.
#
-#!/bin/bash
+#!/bin/sh
# Copyright © 2019 Nokia
#
-#!/usr/bin/env bash
+#!/bin/sh
# Copyright 2019 Samsung Electronics Co., Ltd.
#
-#!/bin/bash
+#!/bin/sh
# SPDX-License-Identifier: Apache-2.0
-#!/bin/bash
-{{/*
+#!/bin/sh
+{{/*
# Copyright © 2018 Amdocs
#
# Licensed under the Apache License, Version 2.0 (the "License");
-#!/bin/bash
-{{/*
+#!/bin/sh
+{{/*
###
# ============LICENSE_START=======================================================
# ONAP : SDN-C
docs,
docs-linkcheck,
gitlint,
+ checkbashisms,
skipsdist=true
[doc8]
sh -c 'which checkbashisms>/dev/null || sudo yum install devscripts-minimal || sudo apt-get install devscripts \
|| (echo "checkbashisms command not found - please install it (e.g. sudo apt-get install devscripts | \
yum install devscripts-minimal )" >&2 && exit 1)'
- find . -not -path '*/\.*' -name *.sh -exec checkbashisms -f \{\} +
+ find . -not -path '*/\.*' -name *.sh -exec checkbashisms \{\} +
[testenv:autopep8]
deps = autopep8
Code Review / oom.git / commitdiff