Use Certinitializer in order to retrieve needed certificates.
Issue-ID: OOM-2680
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I1ec295d863f8f6c0d11e64173b474e82f63e6b17
aai@aai.onap.org|aai.onap|local|/opt/app/osaaf/local||mailto:|org.onap.aai|root|30|{'aai-sparky-be.onap', 'aai.api.simpledemo.onap.org', 'aai.elasticsearch.simpledemo.onap.org', 'aai.gremlinserver.simpledemo.onap.org', 'aai.hbase.simpledemo.onap.org', 'aai.onap', 'aai.searchservice.simpledemo.onap.org', 'aai.simpledemo.onap.org', 'aai.ui.simpledemo.onap.org'}|aaf_admin@osaaf.org|{'file', 'jks', 'pkcs12'}
aai@aai.onap.org|mithrilcsp.sbc.com|local|/tmp/onap||mailto:|org.onap.aai|jg1555|30|{'aai-sparky-be.onap', 'aai.api.simpledemo.onap.org', 'aai.elasticsearch.simpledemo.onap.org', 'aai.gremlinserver.simpledemo.onap.org', 'aai.hbase.simpledemo.onap.org', 'aai.onap', 'aai.searchservice.simpledemo.onap.org', 'aai.simpledemo.onap.org', 'aai.ui.simpledemo.onap.org'}|aaf_admin@osaaf.org|{'file', 'pkcs12', 'script'}
aai-resources@aai-resources.onap.org|aai-resources|local|/opt/app/osaaf/local||mailto:|org.onap.aai-resources|root|30|{'aai-resources', 'aai-resources.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12'}
+aai-traversal@aai-traversal.onap.org|aai-traversal|local|/opt/app/osaaf/local||mailto:|org.onap.aai-traversal|root|30|{'aai-traversal', 'aai-traversal.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12'}
appc@appc.onap.org|appc|local|/opt/app/osaaf/local||mailto:|org.onap.appc|root|60|{'appc.api.simpledemo.onap.org', 'appc.onap', 'appc.simpledemo.onap.org'}|mmanager@osaaf.org|{'pkcs12'}
appc-cdt@appc-cdt.onap.org|appc-cdt|local|/opt/app/osaaf/local||mailto:|org.onap.appc-cdt|root|30|{'appc-cdt', 'appc-cdt.api.simpledemo.onap.org', 'appc-cdt.onap'}|mmanager@osaaf.org|{'file', 'pkcs12', 'script'}
clamp@clamp.onap.org|clamp|local|/opt/app/osaaf/local||mailto:|org.onap.clamp|root|30|{'clamp', 'clamp-onap', 'clamp.api.simpledemo.onap.org', 'clamp.onap'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'}
clamp@clamp.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.clamp|53344||
aai@aai.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.aai|53344||
aai-resources@aai-resources.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.aai-resources|53344||
+aai-traversal@aai-traversal.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.aai-traversal|53344||
appc@appc.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.appc|53344||
appc-cdt@appc-cdt.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.appc-cdt|53344||
cli@cli.onap.org|2|2020-11-26 12:31:54.000+0000|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.onap.cli|53344||
org.onap.aaf-sms||org.onap||3
org.onap.aai||org.onap||3
org.onap.aai-resources||org.onap||3
+org.onap.aai-traversal||org.onap||3
org.onap.appc||org.onap||3
org.onap.appc-cdt||org.onap||3
org.onap.cds||org.onap||3
org.onap.aai-resources|access|*|*|AAF Namespace Write Access|"{'org.onap.aai-resources|admin', 'org.onap.aai-resources|service'}"
org.onap.aai-resources|access|*|read|AAF Namespace Read Access|"{'org.onap.aai-resources|owner'}"
org.onap.aai-resources|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
+org.onap.aai-traversal|access|*|*|AAF Namespace Write Access|"{'org.onap.aai-traversal|admin', 'org.onap.aai-traversal|service'}"
+org.onap.aai-traversal|access|*|read|AAF Namespace Read Access|"{'org.onap.aai-traversal|owner'}"
+org.onap.aai-traversal|certman|local|request,ignoreIPs,showpass||"{'org.osaaf.aaf|deploy'}"
org.onap|access|*|*|Onap Write Access|{'org.onap.admin'}
org.onap|access|*|read|Onap Read Access|{'org.onap.owner'}
org.onap.appc|access|*|*|AAF Namespace Write Access|"{'org.onap.appc|admin', 'org.onap.appc|service'}"
org.onap.aai-resources|admin|AAF Namespace Administrators|"{'org.onap.aai-resources|access|*|*'}"
org.onap.aai-resources|owner|AAF Namespace Owners|"{'org.onap.aai-resources|access|*|read'}"
org.onap.aai-resources|service||"{'org.onapaai-resources|access|*|*'}"
+org.onap.aai-traversal|admin|AAF Namespace Administrators|"{'org.onap.aai-traversal|access|*|*'}"
+org.onap.aai-traversal|owner|AAF Namespace Owners|"{'org.onap.aai-traversal|access|*|read'}"
+org.onap.aai-traversal|service||"{'org.onapaai-traversal|access|*|*'}"
org.onap|admin|Onap Admins|"{'org.onap.access|*|*'}"
org.onap.appc|admin|AAF Namespace Administrators|"{'org.onap.appc|access|*|*'}"
org.onap.appc|apidoc||"{'org.onap.appc|apidoc|/apidoc/.*|ALL'}"
org.openecomp.dmaapBC|owner|AAF Owners|"{'org.openecomp.dmaapBC.access|*|read'}"
org.openecomp|owner|OpenEcomp Owners|"{'org.openecomp.access|*|read'}"
org.osaaf.aaf|admin|AAF Admins|"{'org.osaaf.aaf.access|*|*', 'org.osaaf.aaf|cache|all|clear', 'org.osaaf.aaf|cache|role|clear', 'org.osaaf.aaf|password|*|create,reset'}"
-org.osaaf.aaf|deploy|ONAP Deployment Role|"{'org.onap.aaf-sms|certman|local|request,ignoreIPs,showpass', 'org.onap.aai|certman|local|request,ignoreIPs,showpass', 'org.onap.aai-resources|certman|local|request,ignoreIPs,showpass', 'org.onap.appc|certman|local|request,ignoreIPs,showpass', 'org.onap.appc-cdt|certman|local|request,ignoreIPs,showpass', 'org.onap.clamp|certman|local|request,ignoreIPs,showpass', 'org.onap.cli|certman|local|request,ignoreIPs,showpass', 'org.onap.dcae|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-bc-mm-prov|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-bc-topic-mgr|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-bc|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-dr|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-mr|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap.mr|certman|local|request,ignoreIPs,showpass', 'org.onap.msb-eag|certman|local|request,ignoreIPs,showpass', 'org.onap.msb-iag|certman|local|request,ignoreIPs,showpass', 'org.onap.music|certman|local|request,ignoreIPs,showpass', 'org.onap.nbi|certman|local|request,ignoreIPs,showpass', 'org.onap.oof|certman|local|request,ignoreIPs,showpass', 'org.onap.policy|certman|local|request,ignoreIPs,showpass', 'org.onap.pomba|certman|local|request,ignoreIPs,showpass', 'org.onap.portal|certman|local|request,ignoreIPs,showpass', 'org.onap.sdc|certman|local|request,ignoreIPs,showpass', 'org.onap.sdnc-cds|certman|local|request,ignoreIPs,showpass', 'org.onap.sdnc|certman|local|request,ignoreIPs,showpass', 'org.onap.so|certman|local|request,ignoreIPs,showpass', 'org.onap.vfc|certman|local|request,ignoreIPs,showpass', 'org.onap.vid1|certman|local|request,ignoreIPs,showpass', 'org.onap.vid2|certman|local|request,ignoreIPs,showpass', 'org.onap.vid|certman|local|request,ignoreIPs,showpass', 'org.osaaf.aaf|certman|local|request,ignoreIPs,showpass'}"
+org.osaaf.aaf|deploy|ONAP Deployment Role|"{'org.onap.aaf-sms|certman|local|request,ignoreIPs,showpass', 'org.onap.aai|certman|local|request,ignoreIPs,showpass', 'org.onap.aai-resources|certman|local|request,ignoreIPs,showpass', 'org.onap.aai-traversal|certman|local|request,ignoreIPs,showpass', 'org.onap.appc|certman|local|request,ignoreIPs,showpass', 'org.onap.appc-cdt|certman|local|request,ignoreIPs,showpass', 'org.onap.clamp|certman|local|request,ignoreIPs,showpass', 'org.onap.cli|certman|local|request,ignoreIPs,showpass', 'org.onap.dcae|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-bc-mm-prov|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-bc-topic-mgr|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-bc|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-dr|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap-mr|certman|local|request,ignoreIPs,showpass', 'org.onap.dmaap.mr|certman|local|request,ignoreIPs,showpass', 'org.onap.msb-eag|certman|local|request,ignoreIPs,showpass', 'org.onap.msb-iag|certman|local|request,ignoreIPs,showpass', 'org.onap.music|certman|local|request,ignoreIPs,showpass', 'org.onap.nbi|certman|local|request,ignoreIPs,showpass', 'org.onap.oof|certman|local|request,ignoreIPs,showpass', 'org.onap.policy|certman|local|request,ignoreIPs,showpass', 'org.onap.pomba|certman|local|request,ignoreIPs,showpass', 'org.onap.portal|certman|local|request,ignoreIPs,showpass', 'org.onap.sdc|certman|local|request,ignoreIPs,showpass', 'org.onap.sdnc-cds|certman|local|request,ignoreIPs,showpass', 'org.onap.sdnc|certman|local|request,ignoreIPs,showpass', 'org.onap.so|certman|local|request,ignoreIPs,showpass', 'org.onap.vfc|certman|local|request,ignoreIPs,showpass', 'org.onap.vid1|certman|local|request,ignoreIPs,showpass', 'org.onap.vid2|certman|local|request,ignoreIPs,showpass', 'org.onap.vid|certman|local|request,ignoreIPs,showpass', 'org.osaaf.aaf|certman|local|request,ignoreIPs,showpass'}"
org.osaaf.aaf|owner|AAF Owners|"{'org.osaaf.aaf.access|*|read,approve'}"
org.osaaf.aaf|service||"{'org.osaaf.aaf|cache|*|clear'}"
org.osaaf|admin|OSAAF Admins|"{'org.osaaf.access|*|*'}"
mmanager@people.osaaf.org|org.onap.aai.owner|2020-11-26 12:31:54.000+0000|org.onap.aai|owner
mmanager@people.osaaf.org|org.onap.aai-resources.admin|2020-11-26 12:31:54.000+0000|org.onap.aai-resources|admin
mmanager@people.osaaf.org|org.onap.aai-resources.owner|2020-11-26 12:31:54.000+0000|org.onap.aai-resources|owner
+mmanager@people.osaaf.org|org.onap.aai-traversal.admin|2020-11-26 12:31:54.000+0000|org.onap.aai-traversal|admin
+mmanager@people.osaaf.org|org.onap.aai-traversal.owner|2020-11-26 12:31:54.000+0000|org.onap.aai-traversal|owner
mmanager@people.osaaf.org|org.onap.admin|2020-11-26 12:31:54.000+0000|org.onap|admin
mmanager@people.osaaf.org|org.onap.appc.admin|2020-11-26 12:31:54.000+0000|org.onap.appc|admin
mmanager@people.osaaf.org|org.onap.appc.owner|2020-11-26 12:31:54.000+0000|org.onap.appc|owner
aaf_admin@people.osaaf.org|org.onap.aaf-sms.admin|2020-11-26 12:31:54.000+0000|org.onap.aaf-sms|admin
aaf_admin@people.osaaf.org|org.onap.aai.admin|2020-11-26 12:31:54.000+0000|org.onap.aai|admin
aaf_admin@people.osaaf.org|org.onap.aai-resources.admin|2020-11-26 12:31:54.000+0000|org.onap.aai-resources|admin
+aaf_admin@people.osaaf.org|org.onap.aai-traversal.admin|2020-11-26 12:31:54.000+0000|org.onap.aai-traversal|admin
aaf_admin@people.osaaf.org|org.onap.appc.admin|2020-11-26 12:31:54.000+0000|org.onap.appc|admin
aaf_admin@people.osaaf.org|org.onap.appc.apidoc|2020-11-26 12:31:54.000+0000|org.onap.appc|apidoc
aaf_admin@people.osaaf.org|org.onap.appc.restconf|2020-11-26 12:31:54.000+0000|org.onap.appc|restconf
aai@aai.onap.org|org.onap.aai.resources_all|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_all
aai@aai.onap.org|org.onap.aai.traversal_advanced|2020-11-26 12:31:54.000+0000|org.onap.aai|traversal_advanced
aai-resources@aai-resources.onap.org|org.onap.aai-resources.service|2020-11-26 12:31:54.000+0000|org.onap.aai-resources|service
+aai-traversal@aai-traversal.onap.org|org.onap.aai-traversal.service|2020-11-26 12:31:54.000+0000|org.onap.aai-traversal|service
appc@appc.onap.org|org.onap.aai.resources_all|2020-11-26 12:31:54.000+0000|org.onap.aai|resources_all
appc@appc.onap.org|org.onap.aai.traversal_advanced|2020-11-26 12:31:54.000+0000|org.onap.aai|traversal_advanced
appc@appc.onap.org|org.onap.appc.admin|2020-11-26 12:31:54.000+0000|org.onap.appc|admin
clamp|ONAP CLAMP Application|CLAMP|Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
aai|ONAP AAI Application|AAI|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
aai-resources|ONAP AAI Resources Application|AAI Resources|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
+aai-traversal|ONAP AAI Traversal Application|AAI Resources|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
appc|ONAP APPC Application|APPC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
appc-cdt|ONAP APPC CDT Application|APPC|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
cli|ONAP CLI Application|SDNC-CDS|ONAP Application|314-123-1234|no_reply@people.osaaf.com|a|mmanager
# a part of this chart's package and will not
# be published independently to a repo (at this point)
repository: '@local'
+ - name: certInitializer
+ version: ~7.x-0
+ repository: '@local'
- name: repositoryGenerator
version: ~7.x-0
repository: '@local'
\ No newline at end of file
+++ /dev/null
-VoVoSXQrAveX2NBnoAGs7p5q5Zn5vWkVXC81HQrzers30k7OzSy5rfCRSUVO13wuo-wzJQ4GGn4e
-ZSOZrtTCenFwunUX6mirkIlip8W2TLNVH6O3VN-F7JS6t_6EFF5z1y7amr9MCWQ8p72Ig9uHMUWC
-uPLjD6GUWAEw0BIGtCbXgJDs6v2EOCv0TV8Mq1uYSaiAOZgMlehwt1tWcE3iSRfZscjIp4Kjpe4e
-QsZ9Bc5ATTnY3Tc5Mtmubc-1cwGDQQWFIo5k_cWfxhtpMAsNSidwp-zBjCKEWC465BKSSiUHwp4M
-YW_6xrmN1FobnFqLCNoUEoXH3Mcgeze74dXmaN8_JyQ6T5pT1EtETsitnktrfFh-XsLKGf8vE1m8
-pfAtq4hPeq1jMdG0D8SRVGFxJlHa9VsmYpbUj_4I3GGsaBt_EBl9ZUtL0b3Vnx5fnqS1OZ1amL0z
-94rQfQMf2UAnbI1j2j5oV6Hy2eBmSiLft2aNxs1VPmmZLQsm5dXDKF1eJ6twNmaZvzmQaSHTpN4b
-YqPonSwlYK1ZARaKzx1SivpRWzRP-nqqFazfAnPlLdvCBpCK0g_SjwLvlifozVmH2j0Vd6E9F9XE
-NzJSfUY6NsX6_7t10yDYtBKbFKID3jIKmSj7yn5PKNbEWBwmgvkBh4PIKTRij11udR8S8PnYsfTT
-PyC52LH37LL5Me3Y443zOUXtYWwN6wfCi9H4pDQGmg7mcnpKV0Z-Iw59AuLKypTriG3-9DxYgMSa
-_GCDiCIXhcWSEYieRV45qHoeVdgrPGN8iy9leO_JmikGsjcIKl0-mGrojsV0zHrqeP-fyvgpFD1x
-NXLKeqErqSw_KMFOxCa0-cUQHgrVvrs5wDYeetZ4TRafKEYkojZhq6mbM5V2zScQTxU_VEHK0PIs
-BJ6xHzcw9DLUjPTVtHXXbag9ly9ReoHXRLD5O9RZUvLH9pGRIkn_tMrVD1scMiS4ln9QplyGRF1_
-AAXysVgCna3-xuOIYo8zG74d29eNcuEpejPR8CiSWKiKNqp0zMYB5Jpv2dlf0XMucMne-6WV1-gg
-EETogBbymFC6rcc31TjPwqnqyLY0XP7Gy1trJ47aI9zBXS3IZLmGaKW1d12ELDRsWctujcjHyt1_
-Vp3hrny5w7BNWD8SIueUzke3-OuEhOmu0o84TGvfHc6fmKCggRBn_oXee4OeCnt2HzNSlLvOV9AZ
-g5e1UKuzl2dODQCZHNNdj-7f25LIVSV44m0SVNsDwboQ4s7T5HOTn3NM2KpklwBnB6w5ze2FFBzb
-5XNzyXOpDgHEnszN1U90WrpoFvJ0LFJ5XeX8mH0q9lpcKZXbOqP383_dBXyEd237m2OF6WVG4VVm
-4dqB98pBLiGpCR1K6ocdcZE6mAMQn-OdDaLIJLcXt77i1j2MNlODeax-MJnxMW8EjPAzNJzrdq5e
-21spFMZJT9vthdl0qqiiduuTazaXGrmvnB85uvRCXVqJOesVG3HebubWrQuuuePxVTSL18R_PhId
-0hmqho-MOZUHHTxGzqFDR0iOO8Y4hZfiAipHAd49IkkmYJUrEAb258in8W4__vJ5UcIdq2Rd8L9l
-vtIzf7AKcFCyx7Woi95GpEJ2Kr_f6aG1_04hbFY_LHP3EHPcOxsDHjz-8FYreze_LUdsYx-fBMft
-mcFmbFAblk8Jz7GYQ7c4XwULt2BbMr9rsuGuZHL3Ap6lX1eI0-6d8ZZ3DIXIWubTTqHG_mRNd5XW
-b0x5nlEbnvw4t4DdjGsEONpQfllnnmkr25tPQBncPjlsA3oso6h5QM4psvkkKi8yd0N6t-yyLwra
-w1B3p9YQFzK2hGA24Seo83baLRgIK6YvEsNnXdI7fmVEOetIslQue__6S6GupdqgUFx9xrtDLN-d
-TbdxpezKWfkjCxEBxXyAhOttb3qqP0-jtZV7OEsZmmz0T9DG4hYnNfs-clD7rrD3Va7znzDru2sq
-PtgpapahbNjM9pbx9_fU7M35aEYnGtEwG9BVGVxsWmIBMTc05ncru4qE0fLkjsDSnCMQ54e0
\ No newline at end of file
############################################################
# Properties Generated by AT&T Certificate Manager
# @copyright 2016, AT&T
+# Modifications Copyright (c) 2020 Orange
############################################################
cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
-cadi_keyfile=/opt/app/aai-traversal/resources/aaf/org.onap.aai.keyfile
-cadi_keystore=/opt/app/aai-traversal/resources/aaf/org.onap.aai.p12
-cadi_keystore_password=enc:dgVjUeXy3cuR7nJ3TFVrXFfAu19gn6rie-RsS96-0fmeZwMsXlNIgK_rHd2eRY_p
+cadi_keyfile={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.keyfile
+cadi_keystore={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12
+cadi_keystore_password=${KEYSTORE_PASSWORD}
#cadi_key_password=enc:9xs_lJ9QQRDoMcHqLbGg40-gefGrw-sLMjWL40ejbyqdC7Jt_pQfY6ajBLGcbLuL
cadi_alias=aai@aai.onap.org
-cadi_truststore=/opt/app/aai-traversal/resources/aaf/truststoreONAPall.jks
-cadi_truststore_password=enc:nF3CZ7w_swzgWJX8CtEOsKWA50x-Da_HbiYlXPWrQym
+cadi_truststore={{ .Values.certInitializer.credsPath }}/truststoreONAPall.jks
+cadi_truststore_password=${TRUSTSTORE_ALL_PASSWORD}
cadi_loglevel=INFO
cadi_bath_convert=/opt/app/aai-traversal/resources/aaf/bath_config.csv
# org.onap.aai
# ================================================================================
# Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright © 2020 Orange
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
aai.tools.password={{ .Values.global.config.basic.auth.passwd }}
{{ end }}
-aai.truststore.filename={{ .Values.global.config.truststore.filename }}
-aai.truststore.passwd.x={{ .Values.global.config.truststore.passwd }}
-aai.keystore.filename={{ .Values.global.config.keystore.filename }}
-aai.keystore.passwd.x={{ .Values.global.config.keystore.passwd }}
+aai.truststore.filename={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks
+aai.truststore.passwd.x=${TRUSTSTORE_PASSWORD}
+aai.keystore.filename={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12
+aai.keystore.passwd.x=${KEYSTORE_PASSWORD}
aai.notification.current.version={{ .Values.global.config.schema.version.api.default }}
aai.notificationEvent.default.status=UNPROCESSED
{{/*
# Copyright © 2018 Amdocs, Bell Canada, AT&T
+# Modifications Copyright © 2020 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
server.port=8446
server.ssl.enabled-protocols=TLSv1.1,TLSv1.2
-server.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }}
-server.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }})
-server.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }}
-server.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }})
+server.ssl.key-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12
+server.ssl.key-store-password=${KEYSTORE_PASSWORD}
+server.ssl.trust-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks
+server.ssl.trust-store-password=${TRUSTSTORE_PASSWORD}
server.ssl.client-auth=want
server.ssl.key-store-type=JKS
schema.service.custom.queries.endpoint=stored-queries
schema.service.client={{ .Values.global.config.schema.service.client }}
-schema.service.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }}
-schema.service.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }}
-schema.service.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }})
-schema.service.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }})
+schema.service.ssl.key-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12
+schema.service.ssl.trust-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks
+schema.service.ssl.key-store-password=${KEYSTORE_PASSWORD}
+schema.service.ssl.trust-store-password=${TRUSTSTORE_PASSWORD}
-{{/*\r
-<!--\r
-\r
+{{/*<!--\r
============LICENSE_START=======================================================\r
org.onap.aai\r
================================================================================\r
Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
Modifications Copyright © 2018 Amdocs, Bell Canada\r
+ Modifications Copyright © 2020 Orange\r
================================================================================\r
Licensed under the Apache License, Version 2.0 (the "License");\r
you may not use this file except in compliance with the License.\r
You may obtain a copy of the License at\r
\r
- http://www.apache.org/licenses/LICENSE-2.0\r
+ http://www.apache.org/licenses/LICENSE-2.0\r
\r
Unless required by applicable law or agreed to in writing, software\r
distributed under the License is distributed on an "AS IS" BASIS,\r
See the License for the specific language governing permissions and\r
limitations under the License.\r
============LICENSE_END=========================================================\r
-\r
- ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
-\r
-->\r
-*/}}\r
-<configuration>\r
- <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />\r
- <appender name="ACCESS"\r
- class="ch.qos.logback.core.rolling.RollingFileAppender">\r
- <file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>\r
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">\r
- <fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}\r
- </fileNamePattern>\r
- </rollingPolicy>\r
- <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">\r
- <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D</Pattern>\r
- </encoder>\r
- </appender>\r
- <appender-ref ref="ACCESS" />\r
-</configuration>\r
-{{/*\r
-<!-- \r
+*/}}<configuration>\r
+ <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />\r
+ <appender name="ACCESS" class="ch.qos.logback.core.rolling.RollingFileAppender">\r
+ <file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>\r
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">\r
+ <fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}\r
+</fileNamePattern>\r
+ </rollingPolicy>\r
+ <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">\r
+ <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D</Pattern>\r
+ </encoder>\r
+ </appender>\r
+ <appender-ref ref="ACCESS" />\r
+</configuration>{{/*<!--\r
%a - Remote IP address\r
%A - Local IP address\r
%b - Bytes sent, excluding HTTP headers, or '-' if no bytes were sent\r
\r
%z - Custom pattern that parses the cert for the subject\r
%y - Custom pattern determines rest or dme2\r
- -->\r
-*/}}
\ No newline at end of file
+-->*/}}
\ No newline at end of file
-{{/*
-<!--
-
+{{/*<!--
============LICENSE_START=======================================================
org.onap.aai
================================================================================
Copyright © 2017 AT&T Intellectual Property. All rights reserved.
Modifications Copyright © 2018 Amdocs, Bell Canada
+ Modifications Copyright © 2020 Orange
================================================================================
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
- http://www.apache.org/licenses/LICENSE-2.0
+ http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
See the License for the specific language governing permissions and
limitations under the License.
============LICENSE_END=========================================================
-
- ECOMP is a trademark and service mark of AT&T Intellectual Property.
-
-->
-*/}}
-<configuration scan="true" scanPeriod="60 seconds" debug="false">
- <statusListener class="ch.qos.logback.core.status.NopStatusListener" />
+*/}}<configuration scan="true" scanPeriod="60 seconds" debug="false">
+ <statusListener class="ch.qos.logback.core.status.NopStatusListener" />
- <property resource="application.properties" />
+ <property resource="application.properties" />
- <property name="namespace" value="aai-resources"/>
+ <property name="namespace" value="aai-resources" />
- <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
- <jmxConfigurator />
- <property name="logDirectory" value="${AJSC_HOME}/logs" />
- <!-- Old patterns
+ <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
+ <jmxConfigurator />
+ <property name="logDirectory" value="${AJSC_HOME}/logs" />
+ <!-- Old patterns
<property name="eelfLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%ecompServiceName|%X{partnerName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
<property name="eelfAuditLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%ecompServiceName|%X{partnerName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n|\r\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
<property name="eelfMetricLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%ecompServiceName|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{targetVirtualEntity}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
<property name="eelfErrorLogPattern" value="%ecompStartTime|%X{requestId}|%-10t|%ecompServiceName|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%ecompErrorCategory|%ecompResponseCode|%ecompResponseDescription|co=%X{component}:%replace(%replace(%m){'\\|', '!'}){'\r|\n', '^'}%n"/>
<property name="eelfTransLogPattern" value="%ecompStartTime|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{requestId}|%X{serviceInstanceId}|%-10t|%X{serverName}|%ecompServiceName|%X{partnerName}|%ecompStatusCode|%X{responseCode}|%replace(%replace(%X{responseDescription}){'\\|', '!'}){'\r|\n', '^'}|%X{instanceUUID}|%level|%X{severity}|%X{serverIpAddress}|%ecompElapsedTime|%X{server}|%X{clientIpAddress}|%eelfClassOfCaller|%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{partnerName}:%m%n"/>
-->
- <property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}"/>
- <property name="p_lvl" value="%level"/>
- <property name="p_log" value="%logger"/>
- <property name="p_mdc" value="%replace(%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}){'\\|', '!'}"/>
- <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}"/>
- <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}"/>
- <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/>
- <property name="p_thr" value="%thread"/>
- <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/>
- <!-- Patterns from onap demo -->
- <property name="errorPattern" value="%X{LogTimestamp}|%X{RequestID}|%thread|%replace(%X{ServiceName}){'\\|', '!'}|%X{PartnerName}|%X{TargetEntity}|%replace(%X{TargetServiceName}){'\\|', '!'}|%.-5level|%X{ErrorCode}|%X{ErrorDesc}|%msg%n" />
- <property name="debugPattern" value="%X{LogTimestamp}|%X{RequestID}|%msg\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t|^%n" />
- <property name="auditPattern" value="%X{EntryTimestamp}|%X{LogTimestamp}|%X{RequestID}|%X{ServiceInstanceID}|%thread||%replace(%X{ServiceName}){'\\|', '!'}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDesc}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}||||${p_mak}|${p_mdc}|||%msg%n" />
- <property name="metricPattern" value="%X{InvokeTimestamp}|%X{LogTimestamp}|%X{RequestID}|%X{ServiceInstanceID}|%thread||%replace(%X{ServiceName}){'\\|', '!'}|%X{PartnerName}|%X{TargetEntity}|%replace(%X{TargetServiceName}){'\\|', '!'}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDesc}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}||||%X{TargetVirtualEntity}|${p_mak}|${p_mdc}|||%msg%n" />
- <property name="transLogPattern" value="%X{LogTimestamp}|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{RequestID}|%X{ServiceInstanceID}|%-10t|%X{ServerFQDN}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%replace(%replace(%X{ResponseDesc}){'\\|', '!'}){'\r|\n', '^'}|%X{InstanceUUID}|%level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{clientIpAddress}||%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{PartnerName}:%m%n"/>
- <conversionRule conversionWord="clr" converterClass="org.springframework.boot.logging.logback.ColorConverter" />
- <conversionRule conversionWord="wex" converterClass="org.springframework.boot.logging.logback.WhitespaceThrowableProxyConverter" />
- <conversionRule conversionWord="wEx" converterClass="org.springframework.boot.logging.logback.ExtendedWhitespaceThrowableProxyConverter" />
- <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
- <encoder>
- <pattern>
+ <property name="p_tim" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}" />
+ <property name="p_lvl" value="%level" />
+ <property name="p_log" value="%logger" />
+ <property name="p_mdc" value="%replace(%replace(%replace(%mdc){'\t','\\\\t'}){'\n', '\\\\n'}){'\\|', '!'}" />
+ <property name="p_msg" value="%replace(%replace(%msg){'\t', '\\\\t'}){'\n','\\\\n'}" />
+ <property name="p_exc" value="%replace(%replace(%rootException){'\t', '\\\\t'}){'\n','\\\\n'}" />
+ <property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}" />
+ <property name="p_thr" value="%thread" />
+ <property name="pattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n" />
+ <!-- Patterns from onap demo -->
+ <property name="errorPattern" value="%X{LogTimestamp}|%X{RequestID}|%thread|%replace(%X{ServiceName}){'\\|', '!'}|%X{PartnerName}|%X{TargetEntity}|%replace(%X{TargetServiceName}){'\\|', '!'}|%.-5level|%X{ErrorCode}|%X{ErrorDesc}|%msg%n" />
+ <property name="debugPattern" value="%X{LogTimestamp}|%X{RequestID}|%msg\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t|^%n" />
+ <property name="auditPattern" value="%X{EntryTimestamp}|%X{LogTimestamp}|%X{RequestID}|%X{ServiceInstanceID}|%thread||%replace(%X{ServiceName}){'\\|', '!'}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDesc}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}||||${p_mak}|${p_mdc}|||%msg%n" />
+ <property name="metricPattern" value="%X{InvokeTimestamp}|%X{LogTimestamp}|%X{RequestID}|%X{ServiceInstanceID}|%thread||%replace(%X{ServiceName}){'\\|', '!'}|%X{PartnerName}|%X{TargetEntity}|%replace(%X{TargetServiceName}){'\\|', '!'}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDesc}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}||||%X{TargetVirtualEntity}|${p_mak}|${p_mdc}|||%msg%n" />
+ <property name="transLogPattern" value="%X{LogTimestamp}|%date{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}|%X{RequestID}|%X{ServiceInstanceID}|%-10t|%X{ServerFQDN}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%replace(%replace(%X{ResponseDesc}){'\\|', '!'}){'\r|\n', '^'}|%X{InstanceUUID}|%level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{clientIpAddress}||%X{unused}|%X{processKey}|%X{customField1}|%X{customField2}|%X{customField3}|%X{customField4}|co=%X{PartnerName}:%m%n" />
+ <conversionRule conversionWord="clr" converterClass="org.springframework.boot.logging.logback.ColorConverter" />
+ <conversionRule conversionWord="wex" converterClass="org.springframework.boot.logging.logback.WhitespaceThrowableProxyConverter" />
+ <conversionRule conversionWord="wEx" converterClass="org.springframework.boot.logging.logback.ExtendedWhitespaceThrowableProxyConverter" />
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>
%clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx}
- </pattern>
- </encoder>
- </appender>
+</pattern>
+ </encoder>
+ </appender>
- <appender name="SANE" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/rest/sane.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/sane.log.%d{yyyy-MM-dd}</fileNamePattern>
- </rollingPolicy>
- <encoder>
- <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n
- </pattern>
- </encoder>
- </appender>
+ <appender name="SANE" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/rest/sane.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/sane.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder>
+ <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n
+</pattern>
+ </encoder>
+ </appender>
- <appender name="asyncSANE" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>1000</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="SANE" />
- </appender>
- <appender name="METRIC" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/rest/metrics.log</file>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd}</fileNamePattern>
- </rollingPolicy>
- <encoder>
- <pattern>${metricPattern}</pattern>
- </encoder>
- </appender>
+ <appender name="asyncSANE" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="SANE" />
+ </appender>
+ <appender name="METRIC" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/rest/metrics.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/metrics.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${metricPattern}</pattern>
+ </encoder>
+ </appender>
- <appender name="asyncMETRIC" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>1000</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="METRIC"/>
- </appender>
+ <appender name="asyncMETRIC" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="METRIC" />
+ </appender>
- <appender name="DEBUG"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>DEBUG</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <file>${logDirectory}/rest/debug.log</file>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/debug.log.%d{yyyy-MM-dd}</fileNamePattern>
- </rollingPolicy>
- <encoder>
- <pattern>${debugPattern}</pattern>
- </encoder>
- </appender>
+ <appender name="DEBUG" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <file>${logDirectory}/rest/debug.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/debug.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${debugPattern}</pattern>
+ </encoder>
+ </appender>
- <appender name="asyncDEBUG" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>1000</queueSize>
- <appender-ref ref="DEBUG" />
- <includeCallerData>true</includeCallerData>
- </appender>
- <appender name="ERROR"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/rest/error.log</file>
- <rollingPolicy
- class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/error.log.%d{yyyy-MM-dd}</fileNamePattern>
- </rollingPolicy>
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>WARN</level>
- </filter>
- <encoder>
- <pattern>${errorPattern}</pattern>
- </encoder>
- </appender>
+ <appender name="asyncDEBUG" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <appender-ref ref="DEBUG" />
+ <includeCallerData>true</includeCallerData>
+ </appender>
+ <appender name="ERROR" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/rest/error.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/error.log.%d{yyyy-MM-dd}</fileNamePattern>
+ </rollingPolicy>
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <encoder>
+ <pattern>${errorPattern}</pattern>
+ </encoder>
+ </appender>
- <appender name="asyncERROR" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>1000</queueSize>
- <appender-ref ref="ERROR"/>
- </appender>
+ <appender name="asyncERROR" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <appender-ref ref="ERROR" />
+ </appender>
- <appender name="AUDIT"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/rest/audit.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/audit.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder>
- <pattern>${auditPattern}</pattern>
- </encoder>
- </appender>
+ <appender name="AUDIT" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/rest/audit.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/audit.log.%d{yyyy-MM-dd}
+</fileNamePattern>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${auditPattern}</pattern>
+ </encoder>
+ </appender>
- <appender name="asyncAUDIT" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>1000</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="AUDIT" />
- </appender>
+ <appender name="asyncAUDIT" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="AUDIT" />
+ </appender>
- <appender name="translog"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>DEBUG</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <file>${logDirectory}/rest/translog.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/rest/translog.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder>
- <pattern>${transLogPattern}</pattern>
- </encoder>
- </appender>
+ <appender name="translog" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <file>${logDirectory}/rest/translog.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/rest/translog.log.%d{yyyy-MM-dd}
+</fileNamePattern>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${transLogPattern}</pattern>
+ </encoder>
+ </appender>
- <appender name="asynctranslog" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>1000</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="translog" />
- </appender>
+ <appender name="asynctranslog" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="translog" />
+ </appender>
- <appender name="dmaapAAIEventConsumer"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>WARN</level>
- </filter>
- <File>${logDirectory}/dmaapAAIEventConsumer/error.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder>
- <pattern>${errorPattern}</pattern>
- </encoder>
+ <appender name="dmaapAAIEventConsumer" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <File>${logDirectory}/dmaapAAIEventConsumer/error.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/error.log.%d{yyyy-MM-dd}
+</fileNamePattern>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${errorPattern}</pattern>
+ </encoder>
- </appender>
+ </appender>
- <appender name="dmaapAAIEventConsumerDebug"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>DEBUG</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <File>${logDirectory}/dmaapAAIEventConsumer/debug.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder>
- <pattern>${debugPattern}</pattern>
- </encoder>
- </appender>
- <appender name="dmaapAAIEventConsumerInfo"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>INFO</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <File>${logDirectory}/dmaapAAIEventConsumer/dmaap-transaction.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/dmaap-transaction.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder>
- <pattern>${auditPattern}</pattern>
- </encoder>
- </appender>
- <appender name="dmaapAAIEventConsumerMetric"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.LevelFilter">
- <level>INFO</level>
- <onMatch>ACCEPT</onMatch>
- <onMismatch>DENY</onMismatch>
- </filter>
- <File>${logDirectory}/dmaapAAIEventConsumer/metrics.log</File>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder>
- <pattern>${metricPattern}</pattern>
- </encoder>
- </appender>
- <appender name="external"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>WARN</level>
- </filter>
- <file>${logDirectory}/external/external.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/external/external.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder>
- <pattern>${debugPattern}</pattern>
- </encoder>
- </appender>
- <appender name="auth"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>DEBUG</level>
- </filter>
- <file>${logDirectory}/auth/auth.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/auth/auth.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- </rollingPolicy>
- <encoder>
- <pattern>%d{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}[%thread] %-5level %logger{1024} - %msg%n</pattern>
- </encoder>
- </appender>
- <appender name="asyncAUTH" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>1000</queueSize>
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="auth" />
- </appender>
- <!-- logback internals logging -->
+ <appender name="dmaapAAIEventConsumerDebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>DEBUG</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dmaapAAIEventConsumer/debug.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/debug.log.%d{yyyy-MM-dd}
+</fileNamePattern>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${debugPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="dmaapAAIEventConsumerInfo" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dmaapAAIEventConsumer/dmaap-transaction.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/dmaap-transaction.log.%d{yyyy-MM-dd}
+</fileNamePattern>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${auditPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="dmaapAAIEventConsumerMetric" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>INFO</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <File>${logDirectory}/dmaapAAIEventConsumer/metrics.log</File>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/dmaapAAIEventConsumer/metrics.log.%d{yyyy-MM-dd}
+</fileNamePattern>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${metricPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="external" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <file>${logDirectory}/external/external.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/external/external.log.%d{yyyy-MM-dd}
+</fileNamePattern>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${debugPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="auth" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>DEBUG</level>
+ </filter>
+ <file>${logDirectory}/auth/auth.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/auth/auth.log.%d{yyyy-MM-dd}
+</fileNamePattern>
+ </rollingPolicy>
+ <encoder>
+ <pattern>%d{yyyy-MM-dd'T'HH:mm:ss.SSSZ, UTC}[%thread] %-5level %logger{1024} - %msg%n</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncAUTH" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>1000</queueSize>
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="auth" />
+ </appender>
+ <!-- logback internals logging -->
- <logger name="ch.qos.logback.classic" level="WARN" />
- <logger name="ch.qos.logback.core" level="WARN" />
+ <logger name="ch.qos.logback.classic" level="WARN" />
+ <logger name="ch.qos.logback.core" level="WARN" />
- <logger name="com.att.aft.dme2" level="WARN" />
- <logger name="com.jayway.jsonpath" level="WARN" />
+ <logger name="com.att.aft.dme2" level="WARN" />
+ <logger name="com.jayway.jsonpath" level="WARN" />
- <logger name="org.apache" level="OFF" />
- <logger name="org.apache.commons" level="WARN" />
- <logger name="org.apache.zookeeper" level="OFF" />
- <logger name="org.codehaus.groovy" level="WARN" />
- <logger name="org.eclipse.jetty" level="WARN" />
- <!-- Spring related loggers -->
- <logger name="org.springframework" level="WARN" />
- <logger name="org.springframework.beans" level="WARN" />
- <logger name="org.springframework.web" level="WARN" />
- <logger name="org.janusgraph" level="WARN" />
- <logger name="org.zookeeper" level="OFF" />
+ <logger name="org.apache" level="OFF" />
+ <logger name="org.apache.commons" level="WARN" />
+ <logger name="org.apache.zookeeper" level="OFF" />
+ <logger name="org.codehaus.groovy" level="WARN" />
+ <logger name="org.eclipse.jetty" level="WARN" />
+ <!-- Spring related loggers -->
+ <logger name="org.springframework" level="WARN" />
+ <logger name="org.springframework.beans" level="WARN" />
+ <logger name="org.springframework.web" level="WARN" />
+ <logger name="org.janusgraph" level="WARN" />
+ <logger name="org.zookeeper" level="OFF" />
- <logger name="org.onap.aai" level="DEBUG" additivity="false">
- <appender-ref ref="asyncDEBUG" />
- <appender-ref ref="asyncSANE" />
- <appender-ref ref="STDOUT" />
- </logger>
- <logger name="org.onap.aai.aaf.auth" level="DEBUG" additivity="false">
- <appender-ref ref="asyncAUTH" />
- <appender-ref ref="STDOUT" />
- </logger>
- <logger name="org.onap.aai.aailog.logs.AaiScheduledTaskAuditLog" level="INFO">
- <appender-ref ref="asyncAUDIT"/>
- </logger>
- <logger name="org.onap.logging.filter.base.AbstractAuditLogFilter" level="INFO">
- <appender-ref ref="asyncAUDIT"/>
- </logger>
- <logger name="org.onap.aai.aailog.logs.AaiDBMetricLog" level="INFO">
- <appender-ref ref="asyncMETRIC"/>
- </logger>
- <logger name="org.onap.aai.aailog.logs.AaiDmaapMetricLog" level="INFO">
- <appender-ref ref="dmaapAAIEventConsumerMetric"/>
- </logger>
- <logger name="org.onap.aai.logging.ErrorLogHelper" level="WARN">
- <appender-ref ref="asyncERROR"/>
- </logger>
- <logger name="org.onap.aai.interceptors.post" level="DEBUG" additivity="false">
- <appender-ref ref="asynctranslog" />
- <appender-ref ref="STDOUT" />
- </logger>
+ <logger name="org.onap.aai" level="DEBUG" additivity="false">
+ <appender-ref ref="asyncDEBUG" />
+ <appender-ref ref="asyncSANE" />
+ <appender-ref ref="STDOUT" />
+ </logger>
+ <logger name="org.onap.aai.aaf.auth" level="DEBUG" additivity="false">
+ <appender-ref ref="asyncAUTH" />
+ <appender-ref ref="STDOUT" />
+ </logger>
+ <logger name="org.onap.aai.aailog.logs.AaiScheduledTaskAuditLog" level="INFO">
+ <appender-ref ref="asyncAUDIT" />
+ </logger>
+ <logger name="org.onap.logging.filter.base.AbstractAuditLogFilter" level="INFO">
+ <appender-ref ref="asyncAUDIT" />
+ </logger>
+ <logger name="org.onap.aai.aailog.logs.AaiDBMetricLog" level="INFO">
+ <appender-ref ref="asyncMETRIC" />
+ </logger>
+ <logger name="org.onap.aai.aailog.logs.AaiDmaapMetricLog" level="INFO">
+ <appender-ref ref="dmaapAAIEventConsumerMetric" />
+ </logger>
+ <logger name="org.onap.aai.logging.ErrorLogHelper" level="WARN">
+ <appender-ref ref="asyncERROR" />
+ </logger>
+ <logger name="org.onap.aai.interceptors.post" level="DEBUG" additivity="false">
+ <appender-ref ref="asynctranslog" />
+ <appender-ref ref="STDOUT" />
+ </logger>
- <logger name="org.onap.aai.dmaap" level="DEBUG" additivity="false">
- <appender-ref ref="dmaapAAIEventConsumer" />
- <appender-ref ref="dmaapAAIEventConsumerDebug" />
- </logger>
+ <logger name="org.onap.aai.dmaap" level="DEBUG" additivity="false">
+ <appender-ref ref="dmaapAAIEventConsumer" />
+ <appender-ref ref="dmaapAAIEventConsumerDebug" />
+ </logger>
- <logger name="com.att.nsa.mr" level="INFO" >
- <appender-ref ref="dmaapAAIEventConsumerInfo" />
- </logger>
+ <logger name="com.att.nsa.mr" level="INFO">
+ <appender-ref ref="dmaapAAIEventConsumerInfo" />
+ </logger>
- <root level="DEBUG">
- <appender-ref ref="external" />
- <appender-ref ref="STDOUT" />
- </root>
-</configuration>
+ <root level="DEBUG">
+ <appender-ref ref="external" />
+ <appender-ref ref="STDOUT" />
+ </root>
+</configuration>
\ No newline at end of file
{{/*
# Copyright © 2018 Amdocs, Bell Canada, AT&T
+# Copyright © 2021 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
apiVersion: v1
kind: ConfigMap
metadata:
- name: {{ include "common.fullname" . }}-configmap
+ name: {{ include "common.fullname" . }}
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
{{ tpl (.Files.Glob "resources/config/aaf/permissions.properties").AsConfig . | indent 2 }}
{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.props").AsConfig . | indent 2 }}
{{ tpl (.Files.Glob "resources/config/aaf/cadi.properties").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}-aaf-keys
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.keyfile").AsSecrets . | indent 2 }}
-{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.p12").AsSecrets . | indent 2 }}
-{{ tpl (.Files.Glob "resources/config/aaf/bath_config.csv").AsSecrets . | indent 2 }}
{{- end }}
spec:
hostname: aai-traversal
- {{ if .Values.global.initContainers.enabled }}
- initContainers:
+ initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
- command:
- {{ if .Values.global.jobs.migration.enabled }}
- /app/ready.py
args:
+ {{- if .Values.global.jobs.migration.enabled }}
- --job-name
- {{ include "common.release" . }}-aai-graphadmin-migration
- {{ else if .Values.global.jobs.createSchema.enabled }}
- - /app/ready.py
- args:
+ {{- else }}
+ {{- if .Values.global.jobs.createSchema.enabled }}
- --job-name
- {{ include "common.release" . }}-aai-graphadmin-create-db-schema
- {{ else }}
- - /app/ready.py
- args:
+ {{- else }}
- --container-name
- {{- if .Values.global.cassandra.localCluster }}
+ {{- if .Values.global.cassandra.localCluster }}
- aai-cassandra
- {{- else }}
+ {{- else }}
- cassandra
- {{- end }}
+ {{- end }}
- --container-name
- aai-schema-service
- {{ end }}
+ {{- end }}
+ {{- end }}
env:
- name: NAMESPACE
valueFrom:
image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-readiness
- {{ end }}
containers:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - sh
+ args:
+ - -c
+ - |
+ echo "*** retrieve Truststore and Keystore password"
+ export $(cat {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
+ echo "*** actual launch of AAI Resources"
+ /bin/bash /opt/app/aai-traversal/docker-entrypoint.sh
env:
+ - name: TRUSTORE_ALL_PASSWORD
+ value: {{ .Values.certInitializer.truststoreAllPassword }}
- name: DISABLE_UPDATE_QUERY
value: {{ .Values.config.disableUpdateQuery | quote }}
- name: LOCAL_USER_ID
value: {{ .Values.global.config.userId | quote }}
- name: LOCAL_GROUP_ID
value: {{ .Values.global.config.groupId | quote }}
- volumeMounts:
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
- mountPath: /etc/localtime
name: localtime
readOnly: true
- mountPath: /opt/app/aai-traversal/resources/etc/auth/realm.properties
name: {{ include "common.fullname" . }}-config
subPath: realm.properties
- - mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.keyfile
- name: {{ include "common.fullname" . }}-aaf-certs
- subPath: org.onap.aai.keyfile
- mountPath: /opt/app/aai-traversal/resources/aaf/bath_config.csv
name: {{ include "common.fullname" . }}-aaf-certs
subPath: bath_config.csv
- mountPath: /opt/app/aai-traversal/resources/cadi.properties
name: {{ include "common.fullname" . }}-aaf-properties
subPath: cadi.properties
- - mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.p12
- name: {{ include "common.fullname" . }}-aaf-certs
- subPath: org.onap.aai.p12
- - mountPath: /opt/app/aai-traversal/resources/aaf/truststoreONAPall.jks
- name: aai-common-aai-auth-mount
- subPath: truststoreONAPall.jks
- mountPath: /opt/app/aai-traversal/resources/application.properties
name: {{ include "common.fullname" . }}-config
subPath: application.properties
- {{ $global := . }}
- {{ range $job := .Values.global.config.auth.files }}
- - mountPath: /opt/app/aai-traversal/resources/etc/auth/{{ . }}
- name: {{ include "common.fullname" $global }}-auth-truststore-sec
- subPath: {{ . }}
- {{ end }}
ports:
- containerPort: {{ .Values.service.internalPort }}
- containerPort: {{ .Values.service.internalPort2 }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 8 }}
- {{- end -}}
+ {{- end }}
{{- if .Values.affinity }}
affinity:
{{ toYaml .Values.affinity | indent 8 }}
name: {{ include "common.fullname" . }}-filebeat
resources:
{{ include "common.resources" . }}
- volumes:
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
- name: localtime
hostPath:
path: /etc/localtime
emptyDir: {}
- name: {{ include "common.fullname" . }}-config
configMap:
- name: {{ include "common.fullname" . }}-configmap
+ name: {{ include "common.fullname" . }}
- name: {{ include "common.fullname" . }}-aaf-properties
configMap:
name: {{ include "common.fullname" . }}-aaf-props
- name: {{ include "common.fullname" . }}-aaf-certs
secret:
- secretName: {{ include "common.fullname" . }}-aaf-keys
+ secretName: {{ include "common.fullname" . }}-aaf
- name: aai-common-aai-auth-mount
secret:
secretName: aai-common-aai-auth
- - name: {{ include "common.fullname" . }}-auth-truststore-sec
- secret:
- secretName: aai-common-truststore
- items:
- {{ range $job := .Values.global.config.auth.files }}
- - key: {{ . }}
- path: {{ . }}
- {{ end }}
restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
- mountPath: /opt/app/aai-traversal/resources/application.properties
name: {{ include "common.fullname" . }}-config
subPath: application.properties
- {{ $global := . }}
- {{ range $job := .Values.global.config.auth.files }}
- - mountPath: /opt/app/aai-traversal/resources/etc/auth/{{ . }}
- name: {{ include "common.fullname" $global }}-auth-truststore-sec
- subPath: {{ . }}
- {{ end }}
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
volumes:
emptyDir: {}
- name: {{ include "common.fullname" . }}-config
configMap:
- name: {{ include "common.fullname" . }}-configmap
- - name: {{ include "common.fullname" . }}-auth-truststore-sec
- secret:
- secretName: aai-common-truststore
- items:
- {{ range $job := .Values.global.config.auth.files }}
- - key: {{ . }}
- path: {{ . }}
- {{ end }}
+ name: {{ include "common.fullname" . }}
restartPolicy: OnFailure
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+{{/*
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+# Copyright © 2021 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-aaf
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/aaf/bath_config.csv").AsSecrets . | indent 2 }}
\ No newline at end of file
selector:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
- clusterIP: None
#Override it to aai-cassandra if localCluster is enabled.
serviceName: cassandra
- initContainers:
- enabled: true
# Specifies a list of jobs to be run
jobs:
# When enabled, it will create the schema based on oxm and edge rules
edge:
label: v12
- # Keystore configuration password and filename
- keystore:
- filename: aai_keystore
- passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0
-
- # Truststore configuration password and filename
- truststore:
- filename: aai_keystore
- passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0
-
- # Specifies a list of files to be included in auth volume
- auth:
- files:
- - aai_keystore
-
# Specifies which clients should always default to realtime graph connection
realtime:
clients: SDNC,MSO,SO,robot-ete
+#################################################################
+# Certificate configuration
+#################################################################
+certInitializer:
+ nameOverride: aai-traversal-cert-initializer
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ # aafDeployCredsExternalSecret: some secret
+ fqdn: aai-traversal
+ fqi: aai-traversal@aai-traversal.onap.org
+ public_fqdn: aai-traversal.onap.org
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ app_ns: org.osaaf.aaf
+ credsPath: /opt/app/osaaf/local
+ fqi_namespace: org.onap.aai-traversal
+ aaf_add_config: |
+ echo "*** retrieving password for keystore and trustore"
+ export $(/opt/app/aaf_config/bin/agent.sh local showpass \
+ {{.Values.fqi}} {{ .Values.fqdn }} | grep '^c' | xargs -0)
+ if [ -z "$cadi_keystore_password_p12" ]
+ then
+ echo " /!\ certificates retrieval wasn't good"
+ exit 1
+ else
+ echo "*** writing passwords into prop file"
+ echo "KEYSTORE_PASSWORD=${cadi_keystore_password_p12}" > {{ .Values.credsPath }}/mycreds.prop
+ echo "TRUSTSTORE_PASSWORD=${cadi_truststore_password}" >> {{ .Values.credsPath }}/mycreds.prop
+ echo "*** change ownership of certificates to targeted user"
+ chown -R 1000 {{ .Values.credsPath }}
+ fi
+ truststoreAllPassword: changeit
# application image
image: onap/aai-traversal:1.7.2