Code Review / oom.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: dcaf455)
[POLICY] Use common secret template in brmsgw 91/104991/6
authorDominik Mizyn <d.mizyn@samsung.com>
Thu, 16 Apr 2020 08:41:01 +0000 (10:41 +0200)
committerDominik Mizyn <d.mizyn@samsung.com>
Thu, 16 Apr 2020 08:41:01 +0000 (10:41 +0200)
Use common secret template in brmsgw module instead of hardcoding them in
config map.

For now creds are hardcoded but this will be remove in further commits.

Issue-ID: OOM-2342
Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
Change-Id: Ic6ea25004d87d993b40df838dd30a71e25386b2c

kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf patch | blob | history
kubernetes/policy/charts/brmsgw/templates/deployment.yaml patch | blob | history
kubernetes/policy/charts/brmsgw/values.yaml patch | blob | history

diff --git a/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf
index 7c58b3d..1598a8f 100644 (file)
--- a/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf
+++ b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf
@@ -21,10 +21,10 @@ COMPONENT_X_MS_MB=1024
 REST_PAP_URL=https://{{ .Values.global.pap.nameOverride }}:{{.Values.config.papPort}}/pap/
 REST_PDP_ID=https://{{ .Values.global.pdp.nameOverride }}:{{.Values.config.pdpPort}}/pdp/
 
-PDP_HTTP_USER_ID=testpdp
-PDP_HTTP_PASSWORD=alpha123
-PDP_PAP_PDP_HTTP_USER_ID=testpap
-PDP_PAP_PDP_HTTP_PASSWORD=alpha123
+PDP_HTTP_USER_ID=${PDP_HTTP_USER_ID}
+PDP_HTTP_PASSWORD=${PDP_HTTP_PASSWORD}
+PDP_PAP_PDP_HTTP_USER_ID=${PDP_PAP_PDP_HTTP_USER_ID}
+PDP_PAP_PDP_HTTP_PASSWORD=${PDP_PAP_PDP_HTTP_PASSWORD}
 
 M2_HOME=/usr/share/java/maven-3
 snapshotRepositoryID=policy-nexus-snapshots
@@ -33,8 +33,8 @@ snapshotRepositoryURL=http://{{ .Values.global.nexus.nameOverride }}:{{.Values.c
 releaseRepositoryID=policy-nexus-releases
 releaseRepositoryName=Releases
 releaseRepositoryURL=http://{{ .Values.global.nexus.nameOverride }}:{{.Values.config.nexusPort}}/nexus/content/repositories/releases
-repositoryUsername=admin
-repositoryPassword=admin123
+repositoryUsername=${REPOSITORY_USERNAME}
+repositoryPassword=${REPOSITORY_PASSWORD}
 UEB_URL=message-router
 UEB_TOPIC=PDPD-CONFIGURATION
 UEB_API_KEY=
diff --git a/kubernetes/policy/charts/brmsgw/templates/deployment.yaml b/kubernetes/policy/charts/brmsgw/templates/deployment.yaml
index 5bbffb5..a636e90 100644 (file)
--- a/kubernetes/policy/charts/brmsgw/templates/deployment.yaml
+++ b/kubernetes/policy/charts/brmsgw/templates/deployment.yaml
@@ -42,6 +42,19 @@ spec:
           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
         - name: JDBC_PASSWORD
           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }}
+        - name: PDP_HTTP_USER_ID
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pdp-http-creds" "key" "login") | indent 10 }}
+        - name: PDP_HTTP_PASSWORD
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pdp-http-creds" "key" "password") | indent 10 }}
+        - name: PDP_PAP_PDP_HTTP_USER_ID
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pap-http-creds" "key" "login") | indent 10 }}
+        - name: PDP_PAP_PDP_HTTP_PASSWORD
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pap-http-creds" "key" "password") | indent 10 }}
+        - name: REPOSITORY_USERNAME
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "nexus-creds" "key" "login") | indent 10 }}
+        - name: REPOSITORY_PASSWORD
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "nexus-creds" "key" "password") | indent 10 }}
+        volumeMounts:
         volumeMounts:
         - mountPath: /config-input
           name: pe
@@ -77,6 +90,19 @@ spec:
           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
         - name: JDBC_PASSWORD
           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }}
+        - name: PDP_HTTP_USER_ID
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pdp-http-creds" "key" "login") | indent 10 }}
+        - name: PDP_HTTP_PASSWORD
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pdp-http-creds" "key" "password") | indent 10 }}
+        - name: PDP_PAP_PDP_HTTP_USER_ID
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pap-http-creds" "key" "login") | indent 10 }}
+        - name: PDP_PAP_PDP_HTTP_PASSWORD
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pap-http-creds" "key" "password") | indent 10 }}
+        - name: REPOSITORY_USERNAME
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "nexus-creds" "key" "login") | indent 10 }}
+        - name: REPOSITORY_PASSWORD
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "nexus-creds" "key" "password") | indent 10 }}
+        volumeMounts:
         ports:
         - containerPort: {{ .Values.service.externalPort }}
         {{- if eq .Values.liveness.enabled true }}
diff --git a/kubernetes/policy/charts/brmsgw/values.yaml b/kubernetes/policy/charts/brmsgw/values.yaml
index bf6ccab..ee47b4a 100644 (file)
--- a/kubernetes/policy/charts/brmsgw/values.yaml
+++ b/kubernetes/policy/charts/brmsgw/values.yaml
@@ -32,6 +32,24 @@ secrets:
     login: '{{ .Values.db.user }}'
     password: '{{ .Values.db.password }}'
     passwordPolicy: required
+  - uid: pdp-http-creds
+    type: basicAuth
+    externalSecret: '{{ tpl (default "" .Values.pdp.pdpCredsExternalSecret) . }}'
+    login: '{{ .Values.pdp.pdphttpuserid }}'
+    password: '{{ .Values.pdp.pdphttppassword }}'
+    passwordPolicy: required
+  - uid: pap-http-creds
+    type: basicAuth
+    externalSecret: '{{ tpl (default "" .Values.pap.papCredsExternalSecret) . }}'
+    login: '{{ .Values.pap.pdppappdphttpuserid }}'
+    password: '{{ .Values.pap.pdppappdphttppassword }}'
+    passwordPolicy: required
+  - uid: nexus-creds
+    type: basicAuth
+    externalSecret: '{{ tpl (default "" .Values.nexus.nexusCredsExternalSecret) . }}'
+    login: '{{ .Values.nexus.repositoryUsername }}'
+    password: '{{ .Values.nexus.repositoryPassword }}'
+    passwordPolicy: required
 
 #################################################################
 # Application configuration defaults.
@@ -53,6 +71,15 @@ config:
 db:
   user: policy_user
   password: policy_user
+pdp:
+  pdphttpuserid: testpdp
+  pdphttppassword: alpha123
+pap:
+  pdppappdphttpuserid: testpap
+  pdppappdphttppassword: alpha123
+nexus:
+  repositoryUsername: admin
+  repositoryPassword: admin123
 
 # default number of instances
 replicaCount: 1
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).