Code Review / oom.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 3980a8c)
[OOM] Use cert-initializer truststore instead of hard-coded ONAP Root CA 76/123876/7
authorAbdelmuhaimen Seaudi <abdelmuhaimen.seaudi@orange.com>
Sat, 4 Sep 2021 09:08:36 +0000 (11:08 +0200)
committerAbdelmuhaimen Seaudi <abdelmuhaimen.seaudi@orange.com>
Thu, 16 Sep 2021 21:43:40 +0000 (23:43 +0200)
By adding the certInitializer directives in cds blueprint processor
deployment, we get access to the AAF ONAP Root CA, instead of static file.

Issue-ID: CCSDK-3356
Signed-off-by: Abdelmuhaimen Seaudi <abdelmuhaimen.seaudi@orange.com>
Change-Id: Ifc3d1797905868b268cbfd06237866bf8dc3d3f5

kubernetes/cds/components/cds-blueprints-processor/requirements.yaml patch | blob | history
kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml patch | blob | history
kubernetes/cds/components/cds-blueprints-processor/values.yaml patch | blob | history
kubernetes/cds/components/cds-command-executor/values.yaml patch | blob | history
kubernetes/cds/components/cds-py-executor/values.yaml patch | blob | history
kubernetes/cds/components/cds-sdc-listener/values.yaml patch | blob | history
kubernetes/cds/components/cds-ui/values.yaml patch | blob | history

diff --git a/kubernetes/cds/components/cds-blueprints-processor/requirements.yaml b/kubernetes/cds/components/cds-blueprints-processor/requirements.yaml
index 7a3a920..baf1a76 100755 (executable)
--- a/kubernetes/cds/components/cds-blueprints-processor/requirements.yaml
+++ b/kubernetes/cds/components/cds-blueprints-processor/requirements.yaml
@@ -22,3 +22,7 @@ dependencies:
   - name: serviceAccount
     version: ~8.x-0
     repository: '@local'
+  - name: certInitializer
+    version: ~8.x-0
+    repository: '@local'
+
diff --git a/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml b/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml
index fd5265d..d92f09a 100755 (executable)
--- a/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml
+++ b/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml
@@ -48,7 +48,7 @@ spec:
         app: {{ include "common.name" . }}
         release: {{ include "common.release" . }}
     spec:
-      initContainers:
+      initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
       - command:
         - sh
         args:
@@ -113,6 +113,8 @@ spec:
             value: {{ if (gt (int (.Values.replicaCount)) 2) }} {{ .Values.cluster.enabled | quote }} {{ else }} "false" {{ end }}
           - name: CLUSTER_ID
             value: {{ .Values.cluster.clusterName }}
+          - name: AAF_CREDSPATH
+            value: {{ .Values.certInitializer.credsPath }}
           - name: CLUSTER_NODE_ID
             valueFrom:
               fieldRef:
@@ -157,7 +159,7 @@ spec:
             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
             periodSeconds: {{ .Values.readiness.periodSeconds }}
             timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
-          volumeMounts:
+          volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
           - mountPath: /etc/localtime
             name: localtime
             readOnly: true
@@ -191,7 +193,7 @@ spec:
 {{ toYaml .Values.affinity | indent 10 }}
         {{- end }}
       serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
-      volumes:
+      volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
         - name: localtime
           hostPath:
             path: /etc/localtime
diff --git a/kubernetes/cds/components/cds-blueprints-processor/values.yaml b/kubernetes/cds/components/cds-blueprints-processor/values.yaml
index 829bb22..d21598a 100755 (executable)
--- a/kubernetes/cds/components/cds-blueprints-processor/values.yaml
+++ b/kubernetes/cds/components/cds-blueprints-processor/values.yaml
@@ -47,11 +47,32 @@ secrets:
     password: '{{ .Values.config.sdncDB.dbRootPass }}'
     passwordPolicy: required
 
+#################################################################
+# AAF part
+#################################################################
+certInitializer:
+  nameOverride: cds-blueprints-processor-initializer
+  aafDeployFqi: deployer@people.osaaf.org
+  aafDeployPass: demo123456!
+  # aafDeployCredsExternalSecret: some secret
+  fqdn: sdnc-cds
+  fqi: sdnc-cds@sdnc-cds.onap.org
+  public_fqdn: sdnc-cds.onap.org
+  cadi_longitude: "0.0"
+  cadi_latitude: "0.0"
+  app_ns: org.osaaf.aaf
+  credsPath: /opt/app/osaaf/local
+  fqi_namespace: org.onap.sdnc-cds
+  aaf_add_config: >
+    /opt/app/aaf_config/bin/agent.sh;
+    /opt/app/aaf_config/bin/agent.sh local showpass
+    {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
+
 #################################################################
 # Application configuration defaults.
 #################################################################
 # application image
-image: onap/ccsdk-blueprintsprocessor:1.1.5
+image: onap/ccsdk-blueprintsprocessor:1.2.0
 pullPolicy: Always
 
 # flag to enable debugging - application support required
diff --git a/kubernetes/cds/components/cds-command-executor/values.yaml b/kubernetes/cds/components/cds-command-executor/values.yaml
index cb36686..1e8beab 100755 (executable)
--- a/kubernetes/cds/components/cds-command-executor/values.yaml
+++ b/kubernetes/cds/components/cds-command-executor/values.yaml
@@ -32,7 +32,7 @@ global:
 # Application configuration defaults.
 #################################################################
 # application image
-image: onap/ccsdk-commandexecutor:1.1.5
+image: onap/ccsdk-commandexecutor:1.2.0
 pullPolicy: Always
 
 # application configuration
diff --git a/kubernetes/cds/components/cds-py-executor/values.yaml b/kubernetes/cds/components/cds-py-executor/values.yaml
index 02805cf..c7a2734 100755 (executable)
--- a/kubernetes/cds/components/cds-py-executor/values.yaml
+++ b/kubernetes/cds/components/cds-py-executor/values.yaml
@@ -30,7 +30,7 @@ global:
 # Application configuration defaults.
 #################################################################
 # application image
-image: onap/ccsdk-py-executor:1.1.5
+image: onap/ccsdk-py-executor:1.2.0
 pullPolicy: Always
 
 # default number of instances
diff --git a/kubernetes/cds/components/cds-sdc-listener/values.yaml b/kubernetes/cds/components/cds-sdc-listener/values.yaml
index f71dafe..fd15bd0 100644 (file)
--- a/kubernetes/cds/components/cds-sdc-listener/values.yaml
+++ b/kubernetes/cds/components/cds-sdc-listener/values.yaml
@@ -29,7 +29,7 @@ global:
 # Application configuration defaults.
 #################################################################
 # application image
-image: onap/ccsdk-sdclistener:1.1.5
+image: onap/ccsdk-sdclistener:1.2.0
 name: sdc-listener
 pullPolicy: Always
 
diff --git a/kubernetes/cds/components/cds-ui/values.yaml b/kubernetes/cds/components/cds-ui/values.yaml
index 8f5f806..f579cc3 100644 (file)
--- a/kubernetes/cds/components/cds-ui/values.yaml
+++ b/kubernetes/cds/components/cds-ui/values.yaml
@@ -44,7 +44,7 @@ certInitializer:
     {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
 
 # application image
-image: onap/ccsdk-cds-ui-server:1.1.5
+image: onap/ccsdk-cds-ui-server:1.2.0
 pullPolicy: Always
 
 # application configuration
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).