Code Review / oom.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw (from parent 1: efeefc2)
Merge "enable sparky to interact with schema ms and aaf"
authorBorislav Glozman <Borislav.Glozman@amdocs.com>
Mon, 11 Mar 2019 07:27:13 +0000 (07:27 +0000)
committerGerrit Code Review <gerrit@onap.org>
Mon, 11 Mar 2019 07:27:13 +0000 (07:27 +0000)
kubernetes/aai/charts/aai-sparky-be/resources/config/application-oxm-schema-prod.properties patch | blob | history
kubernetes/aai/charts/aai-sparky-be/resources/config/application.properties patch | blob | history
kubernetes/aai/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/key.properties [new file with mode: 0644] patch | blob
kubernetes/aai/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties patch | blob | history
kubernetes/aai/charts/aai-sparky-be/resources/config/portal/cadi.properties [new file with mode: 0644] patch | blob
kubernetes/aai/charts/aai-sparky-be/resources/config/portal/keyFile [new file with mode: 0644] patch | blob
kubernetes/aai/charts/aai-sparky-be/resources/config/portal/portal-authentication.properties patch | blob | history
kubernetes/aai/charts/aai-sparky-be/values.yaml patch | blob | history
kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql patch | blob | history

diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/application-oxm-schema-prod.properties b/kubernetes/aai/charts/aai-sparky-be/resources/config/application-oxm-schema-prod.properties
index 98c7abd..c7f6bbc 100644 (file)
--- a/kubernetes/aai/charts/aai-sparky-be/resources/config/application-oxm-schema-prod.properties
+++ b/kubernetes/aai/charts/aai-sparky-be/resources/config/application-oxm-schema-prod.properties
@@ -13,3 +13,16 @@
 # limitations under the License.
 
 oxm.schemaNodeDir=/opt/app/sparky/onap/oxm
+#schemaServiceTranslator is used to define whether to retreive the oxm from schema service microservice or read from the disk, possible values are schema-service/config 
+oxm.schemaServiceTranslatorList=config
+# The end point for onap is https://<hostname>:<port>/onap/schema-service/v1/
+oxm.schemaServiceBaseUrl=https://<schema-service/config>/aai/schema-service/v1/
+oxm.schemaServiceKeystore=file:${CONFIG_HOME}/auth/aai-client-cert.p12
+oxm.schemaServiceTruststore=file:${CONFIG_HOME}/auth/tomcat_keystore
+oxm.schemaServiceKeystorePassword=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o
+oxm.schemaServiceTruststorePassword=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o
+
+
+
+# Schema Service need this variable for the time being
+spring.applicationName=sparky
diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/application.properties b/kubernetes/aai/charts/aai-sparky-be/resources/config/application.properties
index da4812c..108f9ef 100644 (file)
--- a/kubernetes/aai/charts/aai-sparky-be/resources/config/application.properties
+++ b/kubernetes/aai/charts/aai-sparky-be/resources/config/application.properties
@@ -24,8 +24,12 @@ spring.mvc.favicon.enabled=false
 
 spring.profiles.active=camel,ssl,fe-prod,oxm-schema-prod,oxm-default,resources,sync,portal
 
+portal.cadiFileLocation={{.Values.config.cadiFileLocation}}
+portal.cadiFileLocation={{.Values.config.cadiFileLocation}}
 searchservice.hostname={{.Values.global.searchData.serviceName}}
 searchservice.port=9509
 searchservice.client-cert=client-cert-onap.p12
 searchservice.client-cert-password=1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
 searchservice.truststore=tomcat_keystore
+
+schema.ingest.file=${CONFIG_HOME}/schemaIngest.properties
diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/key.properties b/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/key.properties
new file mode 100644 (file)
index 0000000..67268e3
--- /dev/null
+++ b/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/key.properties
@@ -0,0 +1 @@
+cipher.enc.key=AGLDdG4D04BKm2IxIWEr8o==!
diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties b/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties
index aa16b1b..546955f 100644 (file)
--- a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties
+++ b/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties
@@ -18,7 +18,7 @@
 ################################################################################
 
 # Java class that implements the ECOMP role and user mgt API
-portal.api.impl.class = org.onap.aai.sparky.security.portal.PortalRestAPIServiceImpl
+portal.api.impl.class = org.onap.aai.sparky.security.portal.PortalRestAPICentralServiceImpl
 
 # Instance of ECOMP Portal where the app has been on-boarded
 # use insecure http for dev purposes to avoid self-signed certificate
@@ -35,4 +35,13 @@ csp_gate_keeper_prod_key = PROD
 # Toggles use of UEB
 ueb_listeners_enable = false
 # IDs application withing UEB flow
-ueb_app_key = qFKles9N8gDTV0Zc
+ueb_app_key = ueb_key_7
+# Use this tag if the app is centralized
+role_access_centralized=remote
+
+# Connection and Read timeout values
+ext_req_connection_timeout=15000
+ext_req_read_timeout=20000
+
+#Add AAF namespace if the app is centralized
+auth_namespace={{.Values.config.aafNamespace}}
diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/cadi.properties b/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/cadi.properties
new file mode 100644 (file)
index 0000000..41a49a0
--- /dev/null
+++ b/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/cadi.properties
@@ -0,0 +1,45 @@
+# Configure AAF
+aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095
+aaf_url=<%=https://AAF_LOCATE_URL/AAF_NS.service:2.0
+
+#aaf_url=https://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=2.0/envContext=TEST/routeOffer=BAU_SE
+# AAF Environment Designation
+
+#if you are running aaf service from a docker image you have to use aaf service IP and port number
+aaf_id={{.Values.config.aafUsername}}
+#Encrypt the password using AAF Jar
+aaf_password={{.Values.config.aafPassword}}
+# Sample CADI Properties, from CADI 1.4.2
+#hostname=org.onap.aai.orr
+csp_domain=PROD
+# Add Absolute path to Keyfile
+cadi_keyfile={{.Values.config.cadiKeyFile}}
+
+# This is required to accept Certificate Authentication from Certman certificates.
+# can be TEST, IST or PROD
+aaf_env=DEV
+
+# DEBUG prints off all the properties.  Use to get started.
+cadi_loglevel=DEBUG
+
+# Add Absolute path to truststore2018.jks
+cadi_truststore={{.Values.config.cadiTrustStore}}
+# Note: This is the ONLY password that doesn't have to be encrypted. All Java's TrustStores are this passcode by default, because they are public certs
+cadi_truststore_password={{.Values.config.cadiTrustStorePassword}}
+
+# how to turn on SSL Logging
+#javax.net.debug=ssl
+
+# Use "maps.bing.com" to get Lat and Long for an Address
+AFT_LATITUDE=32.780140
+AFT_LONGITUDE=-96.800451
+AFT_ENVIRONMENT=AFTUAT
+AFT_DME2_CLIENT_IGNORE_SSL_CONFIG=true
+DME2.DEBUG=true
+AFT_DME2_HTTP_EXCHANGE_TRACE_ON=true
+
+cadi_latitude=32.780140
+cadi_longitude=-96.800451
+
+aaf_root_ns=com.att.aaf
+aaf_api_version=2.0
diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/keyFile b/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/keyFile
new file mode 100644 (file)
index 0000000..921ce67
--- /dev/null
+++ b/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/keyFile
@@ -0,0 +1,27 @@
+77E_fh-8gTjeg8egAo-JgNkXYm1FGEBPMo44vKPgKyGCJj9Dn0xJqIBct2Ko35X4_HSU3wPq3I2q
+YHIvJCjmzXTVu2zvu4rIGTlwycTtLGDkgPyhOYFytv4GgazbpSs9331MPUeVVrdpkDCQmjtHSB4m
+DThhfEe2lkbZ35ljX3sVSf3JDy4ngRot0ktQwnnY4vxFdgVUl7LzVinXWgFLoqMyXmKh_bGw9aUH
+VMgqFsF_YmqLZY5ZARAraeywktvrU5kXYh5SnfXoJy7XIk0TBjHKqO-1mW-TcIgS3_v6GIGkZnpq
+e1FyE8cS21gTPFlc1KDoWUZE2yoEsQKJc4RFWfjid_mE6nckxym1TOsEn3G2_TlkZvliN_QMDB_c
+RuFLDB9HCChm4YYHpSn-RBqtJFz29bMTHQX8VNVfZ_Zhh-4dWOlEfpSzJvAqm_boo-8y8YDGIusx
+mvKyPXEKVCuBOljHaKhYg0d43nAXIFsssKpjmtQizA2L_TP1Mo_lDFIlCsPcRlHKTvzkTstEAhRj
+JnepzA--olBMwBkPxjm1Y5XQBGZH72i_o4Hr7_NqHb9sP486I2Nd1-owjHkhacGrLO1oORnuBUxp
+_SnaXYywe9tTz3BcfFupXSoDv4Sj7g9B53yPIWmjGggigidql3SNJsui6qOtwDHOejzEDFm23Lj7
+fXD6sb52U_ul9ahi4CoLTzpvMsPRYOqyRCk8K8FVBauZbG5D42oaFPn0S0rCSHOCU1TXbRdTF-Cs
+I2R0pEHNgb33yx6vtInaTSYIQ5cxa3XDA_50AQearV5SuYSlp8dK0BkpVCKgvSQdTn-2WiaV_hvO
+KzG7D2adT1kYY6TjYMXIaUiJ33y1XSNDG0s6r4NG5dNE6Jj7thdpnV-AAZoi0uZh1_bsHKLVmHRr
+NCXAc6DZm1D4N9y5lOJwUprUlJisZXLFTQThGMRY5dtiY_eK9Xjj4FQygXXhuhFXHz2-e4YApORv
+lXDcT29IZuuI1j26bxdNdhNr1wZsqqievBN6l6OQMiP21eIrxAUu1BEmiVOrfOzaEjxldDN2gFum
+4-zf9gsQT9UT8KEuOje64wVeHr09JpWuddV9HOAMvqc6mKTWmvUv_QiLgtK_b39QccMrOfOA1usM
+biRJ9wuTYIr584Q9CjHEcm5e2YufcbF-IDZ4IDui8gNXyYJuusTYdspeKzrtiLKfgI56ZWA3it9G
+SOkN18YyUmhk7HFkx9qEifb4UEbUQPb0dyXBRotf-91c5CPkct-36uV4sZBA_AR1tX3-aRKKB_SQ
+B0zaG-eaEdEqKv-ZYHqk23ZxiEsCX3ZdY7VSMWztE3_D5n8UgEl4et5LVfnjvU-arVVO93WUbXk0
+zi2QrOwytOZ0StAvFdF1nVwWllPg4EYcn8qLJIaaBRvLMlpHixtwRhltwJeMmJl3ExImOxNhVbhF
+6LxVXW6JK8JfMIwb_TE4EShDBjemq76BojQOwrO4OAyPG7B5iUtefdY-Zu1EtjXPhrUgljI_A1tg
+5_2WNjNTCT7Bvig3saFsIRi3cvgIcMAF2H7kJYw3UDvCFnx4LIom2u6vSeyatPxEOhRfpP0KvgEU
+koM9DFJW7VWQ11mB_DcU2NoYHdFKFy_cM62kIvoRwZTADGryEtkLSWEDT8MLpVrGXP2RjSZ3HHqC
+vVpVqQHC2VIqNKi2uHtYCiTEfj81Z0rCrnH3hYIRoOSe5W6m17xyb0RloG0G44uK0oNCfDYLwK0L
+TJaBdWSIBYI__ISsKx8o8r-3XLtbwQPPhv4-LpGwJYd7sIcqnpTYAyNGSrbEM4ECzHCH9Hwf9Duy
+cAQGWqXIbTV9i8ryw8OhcCZPTf3noPZyhzzdegiv6KNT-BBbxsgtDehtP-jvpd9eAhjlfUV_hoFJ
+rBUVMFrIOEDnnItVqBDmnavRdhn6N9ObVjVMv_4inhkvtpBCEVxtVQT2kFuBmZvPu_uHHbXi7_g8
+SVs3AjJ2ya3pZraK6gH3IOYoGtTAH3rKl7XdTMjqWnUCbhepuJqeEOF-DhpsEW7Oo0Lqzbjg
\ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/portal-authentication.properties b/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/portal-authentication.properties
index ac09f9b..97b5399 100644 (file)
--- a/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/portal-authentication.properties
+++ b/kubernetes/aai/charts/aai-sparky-be/resources/config/portal/portal-authentication.properties
@@ -26,3 +26,6 @@ password={{.Values.config.portalPassword}}
 # prevent the portal interface's login processing from searching for a user\r
 # specific cookie, and will instead allow passage if a valid session cookie is discovered.\r
 onap_enabled={{.Values.config.portalOnapEnabled}}\r
+onap.user_id_cookie_name={{.Values.config.portalCookieName}}\r
+cookie_decryptor_classname={{.Values.config.cookieDecryptorClass}}\r
+app_roles={{.Values.config.portalAppRoles}}\r
diff --git a/kubernetes/aai/charts/aai-sparky-be/values.yaml b/kubernetes/aai/charts/aai-sparky-be/values.yaml
index c60ce29..9755c8b 100644 (file)
--- a/kubernetes/aai/charts/aai-sparky-be/values.yaml
+++ b/kubernetes/aai/charts/aai-sparky-be/values.yaml
@@ -28,7 +28,7 @@ global: # global defaults
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/sparky-be:1.3.0
+image: onap/sparky-be:1.4-STAGING-latest
 pullPolicy: Always
 restartPolicy: Always
 flavor: small
@@ -40,7 +40,17 @@ config:
   gerritBranch: 3.0.0-ONAP
   gerritProject: http://gerrit.onap.org/r/aai/test-config
   portalUsername: aaiui
-  portalPassword: 1t2v1vfv1unz1vgz1t3b
+  portalPassword: OBF:1t2v1vfv1unz1vgz1t3b
+  portalCookieName: UserId
+  portalAppRoles: ui_view
+  aafUsername: aai@aai.onap.org
+  aafNamespace: org.onap.aai.aaiui
+  aafPassword: enc:xxYw1FqXU5UpianbPeH5Rezg0YfjzuwQrSiLcCmJGfz
+  cadiKeyFile: /opt/app/sparky/config/portal/keyFile
+  cadiTrustStore: /opt/app/sparky/config/auth/truststoreONAPall.jks
+  cadiFileLocation: /opt/app/sparky/config/portal/cadi.properties
+  cadiTrustStorePassword: changeit
+  cookieDecryptorClass: org.onap.aai.sparky.security.BaseCookieDecryptor
 
 # ONAP Cookie Processing - During initial development, the following flag, if true, will
 # prevent the portal interface's login processing from searching for a user
diff --git a/kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql b/kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql
index f34d247..e3fdb19 100644 (file)
--- a/kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql
+++ b/kubernetes/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql
@@ -72,4 +72,4 @@ update fn_app set app_username='Default', app_password='2VxipM8Z3SETg32m3Gp0FvKS
 -- vid
 update fn_app set app_username='Default', app_password='2VxipM8Z3SETg32m3Gp0FvKS6zZ2uCbCw46WDyK6T5E=', ueb_key='2Re7Pvdkgw5aeAUD', auth_central = 'Y' , auth_namespace = 'org.onap.vid' where app_id = 6;
 -- aai sparky
-update fn_app set app_username='aaiui', app_password='4LK69amiIFtuzcl6Gsv97Tt7MLhzo03aoOx7dTvdjKQ=', ueb_key='ueb_key' where app_id = 7;
\ No newline at end of file
+update fn_app set app_username='aaiui', app_password='4LK69amiIFtuzcl6Gsv97Tt7MLhzo03aoOx7dTvdjKQ=', ueb_key='ueb_key_7' where app_id = 7;
\ No newline at end of file
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).