- id: trailing-whitespace
#exclude: '^ordmodels/'
- repo: https://github.com/jorisroovers/gitlint
- rev: v0.15.1
+ rev: v0.17.0
hooks:
- id: gitlint
stages: [commit-msg]
env:
- name: APP_FQI
value: "{{ $initRoot.fqi }}"
+ {{- if $initRoot.aaf_namespace }}
- name: aaf_locate_url
- value: "https://aaf-locate.{{ $dot.Release.Namespace}}:8095"
- - name: aaf_locator_container
- value: "oom"
+ value: "https://aaf-locate.{{ $initRoot.aaf_namespace }}:8095"
+ - name: aaf_locator_container_ns
+ value: "{{ $initRoot.aaf_namespace }}"
+ {{- else }}
+ - name: aaf_locate_url
+ value: "https://aaf-locate.{{ $dot.Release.Namespace }}:8095"
- name: aaf_locator_container_ns
value: "{{ $dot.Release.Namespace }}"
+ {{- end }}
+ - name: aaf_locator_container
+ value: "oom"
- name: aaf_locator_fqdn
value: "{{ $initRoot.fqdn }}"
- name: aaf_locator_app_ns
{{- define "common.certInitializer._volumes" -}}
{{- $dot := default . .dot -}}
{{- $initRoot := default $dot.Values.certInitializer .initRoot -}}
-{{- $subchartDot := mergeOverwrite (deepCopy (omit $dot "Values")) (dict "Chart" (set (fromJson (toJson $dot.Chart)) "Name" $initRoot.nameOverride) "Values" (mergeOverwrite (deepCopy $initRoot) (dict "global" $dot.Values.global))) }}
+{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot))}}
- name: {{ include "common.certInitializer._aafConfigVolumeName" $dot }}
emptyDir:
medium: Memory
{{- define "common.subChartDot" }}
{{- $initRoot := .initRoot }}
{{- $dot := .dot }}
-{{/* Our version of helm doesn't support deepCopy so we need this nasty trick */}}
-{{ mergeOverwrite (deepCopy (omit $dot "Values")) (dict "Chart" (set (fromJson (toJson $dot.Chart)) "Name" $initRoot.nameOverride) "Values" (mergeOverwrite (deepCopy $initRoot) (dict "global" $dot.Values.global))) | toJson }}
+{{ mergeOverwrite (deepCopy (omit $dot "Values" "Chart")) (dict "Chart" (set (set (fromJson (toJson $dot.Chart)) "Name" $initRoot.nameOverride) "Version" $dot.Chart.Version) "Values" (mergeOverwrite (deepCopy $initRoot) (dict "global" $dot.Values.global))) | toJson }}
{{- end -}}
clusterDomain: cluster.local
metrics: {}
-image: bitnami/mariadb-galera:10.5.8
+image: bitnami/mariadb-galera:10.6.5
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
{{ include "common.podSecurityContext" . | indent 6 }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
+ initContainers:
+ # we shouldn't need this but for unknown reason, it's fsGroup is not
+ # applied
+ - name: fix-permission
+ command:
+ - /bin/sh
+ args:
+ - -c
+ - |
+ chown -R {{ .Values.securityContext.user_id }}:{{ .Values.securityContext.group_id }} /data
+ image: {{ include "repositoryGenerator.image.busybox" . }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ securityContext:
+ runAsUser: 0
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-data
+ mountPath: /data
containers:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
- name: {{ include "common.fullname" . }}-data
- mountPath: /var/lib/mongo
+ mountPath: /data/db
resources: {{ include "common.resources" . | nindent 12 }}
{{ include "common.containerSecurityContext" . | indent 10 }}
{{- if .Values.nodeSelector }}
# Application configuration defaults.
#################################################################
-image: library/mongo:4.0.8
+image: library/mongo:4.4.10
pullPolicy: Always
# application configuration
{{- end }}
env:
- name: NAMESPACE
+ {{- if $subchartDot.Values.namespace }}
+ value: {{ $subchartDot.Values.namespace }}
+ {{- else }}
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
+ {{- end }}
resources:
limits:
cpu: {{ $subchartDot.Values.limits.cpu }}
# common global images
busyboxImage: busybox:1.32
- curlImage: curlimages/curl:7.69.1
+ curlImage: curlimages/curl:7.80.0
envsubstImage: dibi/envsubst:1
# there's only latest image for htpasswd
htpasswdImage: xmartlabs/htpasswd:latest
jettyImage: jetty:9-jdk11-slim
- jreImage: onap/integration-java11:7.1.0
+ jreImage: onap/integration-java11:10.0.0
kubectlImage: bitnami/kubectl:1.19
loggingImage: beats/filebeat:5.5.0
- mariadbImage: bitnami/mariadb:10.5.8
+ mariadbImage: bitnami/mariadb:10.6.5
nginxImage: bitnami/nginx:1.18-debian-10
postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1
readinessImage: onap/oom/readiness:3.0.1
{{- $policy := default dict .Values.policies -}}
{{- $policyRls := default $commonRelease $policy.policyRelease -}}
{{- $drFeedConfig := default "" .Values.drFeedConfig -}}
-
+{{- $dcaeName := print (include "common.fullname" .) }}
+{{- $dcaeLabel := (dict "dcaeMicroserviceName" $dcaeName) -}}
+{{- $dot := . -}}
apiVersion: apps/v1
kind: Deployment
-metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+metadata: {{- include "common.resourceMetadata" (dict "dot" $dot "labels" $dcaeLabel) | nindent 2 }}
spec:
replicas: 1
selector: {{- include "common.selectors" . | nindent 4 }}
value: {{ include "common.namespace" . }}
- name: HELM_RELEASE
value: {{ include "common.release" . }}
+ - name: DEPLOY_LABEL
+ value: {{ .Values.deployLabel }}
volumes:
- name: {{ include "common.fullname" . }}-expected-components
configMap:
- port: 8080
name: http
+# Label on DCAE microservice deployments
+# (Used by healthcheck code to find deployments
+# created after initial DCAE installation)
+deployLabel: dcaeMicroserviceName
+
# probe configuration parameters
liveness:
initialDelaySeconds: 10
initialDelaySeconds: 10
periodSeconds: 10
# application image
-image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.3.0
+image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.4.0
# Resource Limit flavor -By Default using small
flavor: small
uid: *controllerCredsUID
key: password
+# application environments
+applicationEnv:
+ LOG4J_FORMAT_MSG_NO_LOOKUPS: 'true'
+
# Initial Application Configuration
applicationConfig:
collector.rcc.appDescription: DCAE RestConf Collector Application
login: '{{ .Values.aafCreds.identity }}'
password: '{{ .Values.aafCreds.password }}'
passwordPolicy: required
+ - uid: &cpsCredsUID cpscreds
+ type: basicAuth
+ login: '{{ .Values.cpsCreds.identity }}'
+ password: '{{ .Values.cpsCreds.password }}'
+ passwordPolicy: required
- uid: &pgUserCredsSecretUid pg-user-creds
name: &pgUserCredsSecretName '{{ include "common.release" . }}-sonhms-pg-user-creds'
type: basicAuth
# TLS role -- set to true if microservice acts as server
# If true, an init container will retrieve a server cert
# and key from AAF and mount them in certDirectory.
-tlsServer: true
+tlsServer: false
# Policy configuraiton properties
# if present, policy-sync side car will be deployed
periodSeconds: 15
timeoutSeconds: 1
path: /healthcheck
- scheme: HTTPS
+ scheme: HTTP
port: 8080
# Service Configuration
aafCreds:
identity: dcae@dcae.onap.org
password: demo123456!
+cpsCreds:
+ identity: cps
+ password: cpsr0cks!
credentials:
- name: AAF_IDENTITY
- name: AAF_PASSWORD
uid: *aafCredsUID
key: password
+- name: CPS_IDENTITY
+ uid: *cpsCredsUID
+ key: login
+- name: CPS_PASSWORD
+ uid: *cpsCredsUID
+ key: password
- name: PG_USERNAME
uid: *pgUserCredsSecretUid
key: login
postgres.port: 5432
postgres.username: ${PG_USERNAME}
postgres.password: ${PG_PASSWORD}
+ cps.username: ${CPS_IDENTITY}
+ cps.password: ${CPS_PASSWORD}
sonhandler.pollingInterval: 20
sonhandler.pollingTimeout: 60
cbsPollingInterval: 60
sonhandler.bufferTime: 60
sonhandler.cg: sonhms-cg
sonhandler.cid: sonhms-cid
+ sonhandler.clientType: cps
+ cps.service.url: http://cps-tbdmt:8080
+ cps.get.celldata: execute/cps-ran-schemaset/get-cell-data
+ cps.get.nbr.list.url: execute/cps-ran-schemaset/get-nbr-list
+ cps.get.pci.url: execute/ran-network-schemaset/get-pci
+ cps.get.pnf.url: execute/ran-network-schemaset/get-pnf
sonhandler.configDb.service: http://configdb:8080
sonhandler.oof.service: https://oof-osdf:8698
sonhandler.oof.endpoint: /api/oof/v1/pci
# application environments
applicationEnv:
CBS_CLIENT_CONFIG_PATH: '/app-config-input/application_config.yaml'
+ LOG4J_FORMAT_MSG_NO_LOOKUPS: 'true'
# initial application configuration
applicationConfig:
port: 80
port_protocol: http
+# application environments
+applicationEnv:
+ LOG4J_FORMAT_MSG_NO_LOOKUPS: 'true'
# Initial Application Configuration
applicationConfig:
initialDelaySeconds: 10
periodSeconds: 10
# application image
-image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.3.0
+image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.4.0
# Resource Limit flavor -By Default using small
flavor: small
initialDelaySeconds: 10
periodSeconds: 10
# application image
-image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.2.0
+image: onap/org.onap.dcaegen2.deployments.healthcheck-container:2.4.0
# Resource Limit flavor -By Default using small
flavor: small
value: "{{ include "common.kafkaNodes" (dict "dot" . "replicaCount" .Values.zookeeper.replicaCount "componentName" .Values.zookeeper.name "port" .Values.zookeeper.port ) }}"
- name: KAFKA_CONFLUENT_SUPPORT_METRICS_ENABLE
value: "{{ .Values.kafka.enableSupport }}"
+ - name: KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR
+ value: "{{ .Values.config.offsets_topic_replication_factor | default .Values.replicaCount }}"
+ - name: KAFKA_NUM_PARTITIONS
+ value: "{{ .Values.config.num_partition | default .Values.replicaCount }}"
+ - name: KAFKA_DEFAULT_REPLICATION_FACTOR
+ value: "{{ .Values.config.default_replication_factor | default .Values.replicaCount }}"
{{- if .Values.global.aafEnabled }}
- name: KAFKA_OPTS
value: "{{ .Values.kafka.jaasOptionsAaf }}"
interBrokerListernerAaf: INTERNAL_SASL_PLAINTEXT
interBrokerListerner: INTERNAL_PLAINTEXT
+config: {}
+ # offsets_topic_replication_factor:
+ # num_partition:
+ # default_replication_factor:
configurationOverrides:
- "offsets.topic.replication.factor": "3"
"log.dirs": "/var/lib/kafka/data"
"log.retention.hours": "168"
- "num.partitions": "3"
"transaction.state.log.replication.factor": "1"
"transaction.state.log.min.isr": "1"
"num.recovery.threads.per.data.dir": "5"
"zookeeper.connection.timeout.ms": "6000"
- "default.replication.factor": "3"
"zookeeper.set.acl": "true"
jmx:
\encoding UTF8;
-/******************DELETE OLD TABLE AND CREATE NEW***************************/
+/******************CREATE NEW TABLE***************************/
\c ${DB_NAME};
-DROP TABLE IF EXISTS ALARM_INFO;
-
-CREATE TABLE ALARM_INFO (
+CREATE TABLE IF NOT EXISTS ALARM_INFO (
EVENTID VARCHAR(150) NOT NULL,
EVENTNAME VARCHAR(150) NOT NULL,
ALARMISCLEARED SMALLINT NOT NULL,
LASTEPOCHMICROSEC BIGINT NOT NULL,
SOURCEID VARCHAR(150) NOT NULL,
SOURCENAME VARCHAR(150) NOT NULL,
- PRIMARY KEY (EVENTID)
+ SEQUENCE SMALLINT NOT NULL,
+ PRIMARY KEY (EVENTID, SEQUENCE, SOURCENAME)
);
CREATE TABLE IF NOT EXISTS ENGINE_ENTITY (
busyboxImage: busybox:1.32
# curl image
- curlImage: curlimages/curl:7.69.1
+ curlImage: curlimages/curl:7.80.0
# env substitution image
envsubstImage: dibi/envsubst:1
loggingImage: beats/filebeat:5.5.0
# mariadb client image
- mariadbImage: bitnami/mariadb:10.5.8
+ mariadbImage: bitnami/mariadb:10.6.5
# nginx server image
nginxImage: bitnami/nginx:1.18-debian-10
pullPolicy: Always
# default java image
- jreImage: onap/integration-java11:7.2.0
+ jreImage: onap/integration-java11:10.0.0
# default clusterName
# {{ template "common.fullname" . }}.{{ template "common.namespace" . }}.svc.{{ .Values.global.clusterName }}
internalPort: 3306
restServer:
- user: healthcheck
+ user: policyadmin
password: none
# default number of instances
#
# Configuration Settings for Policy Engine Components
clamp.config.policy.api.url=https://policy-api.{{ include "common.namespace" . }}:6969
-clamp.config.policy.api.userName=healthcheck
+clamp.config.policy.api.userName=policyadmin
clamp.config.policy.api.password=zb!XztG34
clamp.config.policy.pap.url=https://policy-pap.{{ include "common.namespace" . }}:6969
-clamp.config.policy.pap.userName=healthcheck
+clamp.config.policy.pap.userName=policyadmin
clamp.config.policy.pap.password=zb!XztG34
#DCAE Inventory Url Properties
# application configuration
restServer:
api:
- user: healthcheck
+ user: policyadmin
password: none
pap:
- user: healthcheck
+ user: policyadmin
password: none
nodeSelector: {}
user: healthcheck
password: zb!XztG34
apiParameters:
- user: healthcheck
+ user: policyadmin
password: zb!XztG34
papParameters:
- user: healthcheck
+ user: policyadmin
password: zb!XztG34
sdcBe:
user: policy
password: policy_user
pap:
- user: healthcheck
+ user: policyadmin
password: zb!XztG34
pdp:
internalPort: 3306
restServer:
- user: healthcheck
+ user: policyadmin
password: none
healthCheckRestClient:
api:
- user: healthcheck
+ user: policyadmin
password: none
distribution:
user: healthcheck
password: zb!XztG34
apiServer:
- user: healthcheck
+ user: policyadmin
password: zb!XztG34
# default number of instances
nameOverride: *policy-mariadb
restServer:
- policyPapUserName: healthcheck
+ policyPapUserName: policyadmin
policyPapUserPassword: zb!XztG34
- policyApiUserName: healthcheck
+ policyApiUserName: policyadmin
policyApiUserPassword: zb!XztG34
# Resource Limit flavor -By Default using small
unset "$fileVar"
}
-# check to see if this file is being run or sourced from another script
-_is_sourced() {
- # https://unix.stackexchange.com/a/215279
- [ "${#FUNCNAME[@]}" -ge 2 ] \
- && [ "${FUNCNAME[0]}" = '_is_sourced' ] \
- && [ "${FUNCNAME[1]}" = 'source' ]
-}
# usage: docker_process_init_files [file [file [...]]]
# ie: docker_process_init_files /always-initdb.d/*
}
# If we are sourced from elsewhere, don't perform any further actions
-if ! _is_sourced; then
+# https://stackoverflow.com/questions/2683279/how-to-detect-if-a-script-is-being-sourced/2942183#2942183
+if [ "$(basename $0)" = "docker-entrypoint.sh" ]; then
_main "$@"
fi
value: "{{ .Values.config.configDir }}"
- name: SDNC_CONFIG_DIR
value: "{{ .Values.config.configDir }}"
+ - name: LOG4J_FORMAT_MSG_NO_LOOKUPS
+ value: "true"
volumeMounts:
- mountPath: /etc/localtime
name: localtime
value: "{{ .Values.config.configDir }}"
- name: SDNC_CONFIG_DIR
value: "{{ .Values.config.configDir }}"
+ - name: LOG4J_FORMAT_MSG_NO_LOOKUPS
+ value: "true"
volumeMounts:
- mountPath: /etc/localtime
name: localtime
value: "{{ .Values.config.javaHome}}"
- name: JAVA_OPTS
value: "-Xms{{.Values.config.odl.javaOptions.minMemory}} -Xmx{{.Values.config.odl.javaOptions.maxMemory}}"
+ - name: LOG4J_FORMAT_MSG_NO_LOOKUPS
+ value: "true"
- name: KARAF_CONSOLE_LOG_LEVEL
value: "{{ include "common.log.level" . }}"
- name: SDNRWT
commands =
{toxinidir}/.ci/check-bashisms.sh
+[testenv:shellcheck]
+basepython = python3
+deps = shellcheck-py
+whitelist_externals = find
+commands =
+ find . -not -path '*/\.*' -name *.sh -exec shellcheck \{\} +
+
[testenv:autopep8]
deps =
-r{toxinidir}/requirements.txt
# As a result, the line above is always skipped in jenkins CI since there cannot be a .git/COMMIT_EDITMSG file.
# A dedicated gitlint profile for CI is proposed above. Also to behave fine locally, this profile must have access
# to the HOME variable so that Gitlint can retrieve Git user settings.
+
+[testenv:pre-commit-autoupdate]
+basepython = python3
+deps = pre-commit
+commands =
+ pre-commit autoupdate