enabled: true
port: tcp-cql
-image: onap/aaf/aaf_cass:2.1.20
+image: onap/aaf/aaf_cass:2.1.22
config:
cluster_name: osaaf
replicaCount: 0
-image: onap/aaf/aaf_hello:2.1.20
+image: onap/aaf/aaf_hello:2.1.22
service:
name: aaf-hello
aaf:
readiness: false
- image: onap/aaf/aaf_core:2.1.20
+ image: onap/aaf/aaf_core:2.1.22
aaf_env: "DEV"
public_fqdn: "aaf.osaaf.org"
- aaf_release: "El Alto"
+ aaf_release: "Frankfurt"
# DUBLIN ONLY - for M4 compatibility with Casablanca
# aaf_locator_name: "public.%NS.%N"
# aaf_locator_name_oom: "%NS.%N"
cadi_x509_issuers: "CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US"
config:
- image: onap/aaf/aaf_config:2.1.20
+ image: onap/aaf/aaf_config:2.1.22
service:
fqdn: "aaf-service"
name: {{ include "common.name" . }}-readiness
containers:
- name: {{ include "common.name" . }}
+ command:
+ - bash
+ args:
+ - '-c'
+ - 'export POL_BASIC_AUTH=`echo -n $POL_BASIC_AUTH_USER:$POL_BASIC_AUTH_PASSWORD | base64`; /startService.sh'
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
env:
value: jdbc:mysql://{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}/{{ index .Values "mariadb-galera" "config" "mysqlDatabase" }}
- name: POL_CLIENT_AUTH
value: "{{ .Values.config.polClientAuth }}"
- - name: POL_BASIC_AUTH
- value: "{{ .Values.config.polBasicAuth }}"
+ - name: POL_BASIC_AUTH_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pol-basic-auth-secret" "key" "login") | indent 10}}
+ - name: POL_BASIC_AUTH_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pol-basic-auth-secret" "key" "password") | indent 10}}
- name: POL_URL
value: "{{ .Values.config.polUrl }}"
- name: POL_ENV
externalSecret: '{{ tpl (default "" .Values.config.db.userCredentialsExternalSecret) . }}'
login: '{{ .Values.config.db.userName }}'
password: '{{ .Values.config.db.userPassword }}'
+ - uid: pol-basic-auth-secret
+ name: '{{ include "common.release" . }}-pol-basic-auth-secret'
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.config.polBasicAuthSecret) . }}'
+ login: '{{ .Values.config.polBasicAuthUser }}'
+ password: '{{ .Values.config.polBasicAuthPassword }}'
# sub-chart config
mariadb-galera:
# userCredentialsExternalSecret: some-secret
springProfile: live
polClientAuth: cHl0aG9uOnRlc3Q=
- polBasicAuth: dGVzdHBkcDphbHBoYTEyMw==
- polUrl: https://pdp:8081/pdp/api/getConfig
+ polBasicAuthUser: healthcheck
+ polBasicAuthPassword: zb!XztG34
+ polUrl: https://policy-xacml-pdp:6969/policy/pdpx/v1/decision
polEnv: TEST
polReqId: xx
aaiCertPass: changeit
# ============LICENSE_START=======================================================
# Copyright (C) 2019 Nordix Foundation.
# Modifications Copyright (C) 2019 AT&T Intellectual Property.
+# Modifications Copyright (C) 2020 Bell Canada.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
release: {{ include "common.release" . }}
heritage: {{ .Release.Service }}
spec:
+ type: {{ .Values.service.type }}
ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
name: {{ .Values.service.portName }}
+ {{- end}}
selector:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
# ============LICENSE_START=======================================================
# Copyright (C) 2019 Nordix Foundation.
# Modifications Copyright (C) 2019-2020 AT&T Intellectual Property.
+# Modifications Copyright (C) 2020 Bell Canada.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# Global configuration defaults.
#################################################################
global:
+ nodePortPrefixExt: 304
persistence: {}
envsubstImage: dibi/envsubst
portName: policy-pap
internalPort: 6969
externalPort: 6969
+ nodePort: 42
ingress:
enabled: false
remote_centralized_system_access = {{.Values.global.aafEnabled}}
# External Access System Basic Auth Credentials & Rest endpoint
-# The credentials are placeholders as these are replaced by AAF X509 identity at runtime
-ext_central_access_user_name = portal@portal.onap.org
-ext_central_access_password = thisfakepasswordwillbereplacedbythex509cert
+ext_central_access_user_name = aaf_admin@people.osaaf.org
+ext_central_access_password = demo123456!
ext_central_access_url = {{.Values.aafURL}}
ext_central_access_user_domain = @people.osaaf.org
\ No newline at end of file
# application image
repository: nexus3.onap.org:10001
-image: onap/portal-app:3.2.1
+image: onap/portal-app:3.2.2
pullPolicy: Always
#AAF local config
# application image
repository: nexus3.onap.org:10001
-image: onap/portal-db:3.2.0
+image: onap/portal-db:3.2.2
pullPolicy: Always
remote_centralized_system_access = {{.Values.global.aafEnabled}}
# External Access System Basic Auth Credentials & Rest endpoint
-# The credentials are placeholders as these are replaced by AAF X509 identity at runtime
-ext_central_access_user_name = portal@portal.onap.org
-ext_central_access_password = thisfakepasswordwillbereplacedbythex509cert
+# External Access System Basic Auth Credentials & Rest endpoint
+ext_central_access_user_name = aaf_admin@people.osaaf.org
+ext_central_access_password = demo123456!
ext_central_access_url = {{.Values.aafURL}}
ext_central_access_user_domain = @people.osaaf.org
\ No newline at end of file
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/portal-wms:3.2.0
+image: onap/portal-wms:3.2.2
pullPolicy: Always
# flag to enable debugging - application support required