Merge "[DCAE] Container version revision for Jakarta"

diff --git a/kubernetes/aaf/components/aaf-sms/resources/config/osdf.json b/kubernetes/aaf/components/aaf-sms/resources/config/osdf.json
index 3ede31d..c14f7ee 100644 (file)
--- a/kubernetes/aaf/components/aaf-sms/resources/config/osdf.json
+++ b/kubernetes/aaf/components/aaf-sms/resources/config/osdf.json
@@ -99,14 +99,14 @@
                     "UserName": "${OSDF_OPT_ENGINE_USER}",
                     "Password": "${OSDF_OPT_ENGINE_PASS}"
                 }
-            },
+            }{{ if .Values.cps.enabled }},
             {
                 "name": "cps",
                 "values": {
                     "UserName": "${CPS_USER}",
                     "Password": "${CPS_PASS}"
                 }
-            }
+            }{{ end }}
         ]
     }
 }

diff --git a/kubernetes/aaf/components/aaf-sms/templates/job.yaml b/kubernetes/aaf/components/aaf-sms/templates/job.yaml
index 6d9ecaa..8dbe276 100644 (file)
--- a/kubernetes/aaf/components/aaf-sms/templates/job.yaml
+++ b/kubernetes/aaf/components/aaf-sms/templates/job.yaml
@@ -52,7 +52,9 @@ spec:
            export OSDF_OPT_ENGINE_PASS=${OSDF_OPT_ENGINE_PASS_PLAIN};
            export SO_PASS=${SO_PASS_PLAIN};
            export SDC_PASS=${SDC_PASS_PLAIN};
+           {{- if .Values.cps.enabled }}
            export CPS_PASS=${CPS_PASS_PLAIN};
+           {{-  end }}
            cd /config-input;
            for PFILE in `find . -not -type d | grep -v -F ..`; do
              envsubst <${PFILE} >/config/${PFILE};
@@ -137,11 +139,12 @@ spec:
           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdc-creds" "key" "login") | indent 10 }}
         - name: SDC_PASS_PLAIN
           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdc-creds" "key" "password") | indent 10 }}
-
+        {{- if .Values.cps.enabled }}
         - name: CPS_USER
           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-creds" "key" "login") | indent 10 }}
         - name: CPS_PASS_PLAIN
           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-creds" "key" "password") | indent 10 }}
+        {{- end }}
 
         volumeMounts:
         - mountPath: /config-input

diff --git a/kubernetes/aaf/components/aaf-sms/values.yaml b/kubernetes/aaf/components/aaf-sms/values.yaml
index cde8529..da268cc 100644 (file)
--- a/kubernetes/aaf/components/aaf-sms/values.yaml
+++ b/kubernetes/aaf/components/aaf-sms/values.yaml
@@ -116,6 +116,9 @@ persistence:
 ingress:
   enabled: false
 
+cps:
+  enabled: true
+
 secrets:
   - uid: aai-creds
     type: basicAuth

diff --git a/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml b/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml
index d0147aa..5241c6e 100644 (file)
--- a/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml
+++ b/kubernetes/aai/components/aai-graphadmin/templates/deployment.yaml
@@ -63,9 +63,10 @@ spec:
           echo "*** retrieve Truststore and Keystore password"
           export $(cat {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop | xargs -0)
           echo "*** obfuscate them "
-          export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
-          export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
-          export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+          export JETTY_UTIL_JAR=$(find /usr/local/jetty/lib/ -regextype sed -regex ".*jetty-util-[0-9].*.jar")
+          export KEYSTORE_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+          export KEYSTORE_JKS_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+          export TRUSTSTORE_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
           echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
           echo "KEYSTORE_JKS_PASSWORD=${KEYSTORE_JKS_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
           echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop

diff --git a/kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml b/kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml
index 0730713..b8adba8 100644 (file)
--- a/kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml
+++ b/kubernetes/aai/components/aai-graphadmin/templates/job-copy-db-backup.yaml
@@ -68,9 +68,10 @@ spec:
           echo "*** retrieve Truststore and Keystore password"
           export $(cat {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop | xargs -0)
           echo "*** obfuscate them "
-          export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
-          export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
-          export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+          export JETTY_UTIL_JAR=$(find /usr/local/jetty/lib/ -regextype sed -regex ".*jetty-util-[0-9].*.jar")
+          export KEYSTORE_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+          export KEYSTORE_JKS_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+          export TRUSTSTORE_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
           echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
           echo "KEYSTORE_JKS_PASSWORD=${KEYSTORE_JKS_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
           echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop

diff --git a/kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml b/kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml
index b483489..76a11fa 100644 (file)
--- a/kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml
+++ b/kubernetes/aai/components/aai-graphadmin/templates/job-create-db.yaml
@@ -63,9 +63,10 @@ spec:
           echo "*** retrieve Truststore and Keystore password"
           export $(cat {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop | xargs -0)
           echo "*** obfuscate them "
-          export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
-          export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
-          export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+          export JETTY_UTIL_JAR=$(find /usr/local/jetty/lib/ -regextype sed -regex ".*jetty-util-[0-9].*.jar")
+          export KEYSTORE_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+          export KEYSTORE_JKS_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+          export TRUSTSTORE_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
           echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
           echo "KEYSTORE_JKS_PASSWORD=${KEYSTORE_JKS_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
           echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop

diff --git a/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml b/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml
index 0d471f7..d2d0809 100644 (file)
--- a/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml
+++ b/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml
@@ -68,9 +68,10 @@ spec:
           echo "*** retrieve Truststore and Keystore password"
           export $(cat {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop | xargs -0)
           echo "*** obfuscate them "
-          export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
-          export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
-          export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+          export JETTY_UTIL_JAR=$(find /usr/local/jetty/lib/ -regextype sed -regex ".*jetty-util-[0-9].*.jar")
+          export KEYSTORE_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+          export KEYSTORE_JKS_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+          export TRUSTSTORE_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
           echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
           echo "KEYSTORE_JKS_PASSWORD=${KEYSTORE_JKS_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
           echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
@@ -266,9 +267,10 @@ spec:
           echo "*** retrieve Truststore and Keystore password"
           export $(cat {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop | xargs -0)
           echo "*** obfuscate them "
-          export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
-          export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
-          export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+          export JETTY_UTIL_JAR=$(find /usr/local/jetty/lib/ -regextype sed -regex ".*jetty-util-[0-9].*.jar")
+          export KEYSTORE_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+          export KEYSTORE_JKS_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+          export TRUSTSTORE_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
           echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
           echo "KEYSTORE_JKS_PASSWORD=${KEYSTORE_JKS_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
           echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop

diff --git a/kubernetes/aai/components/aai-modelloader/templates/deployment.yaml b/kubernetes/aai/components/aai-modelloader/templates/deployment.yaml
index 22f0dbc..47c13af 100644 (file)
--- a/kubernetes/aai/components/aai-modelloader/templates/deployment.yaml
+++ b/kubernetes/aai/components/aai-modelloader/templates/deployment.yaml
@@ -56,8 +56,9 @@ spec:
           echo "*** obfuscate them "
           export KEYSTORE_PLAIN_PASSWORD=${KEYSTORE_PLAIN_PASSWORD}
           export TRUSTSTORE_PLAIN_PASSWORD=${TRUSTSTORE_PLAIN_PASSWORD}
-          export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
-          export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+          export JETTY_UTIL_JAR=$(find /usr/local/jetty/lib/ -regextype sed -regex ".*jetty-util-[0-9].*.jar")
+          export KEYSTORE_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+          export TRUSTSTORE_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
           echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
           echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
         image: {{ include "repositoryGenerator.image.jetty" . }}

diff --git a/kubernetes/aai/components/aai-schema-service/templates/deployment.yaml b/kubernetes/aai/components/aai-schema-service/templates/deployment.yaml
index cb58120..cd58b95 100644 (file)
--- a/kubernetes/aai/components/aai-schema-service/templates/deployment.yaml
+++ b/kubernetes/aai/components/aai-schema-service/templates/deployment.yaml
@@ -52,9 +52,9 @@ spec:
           echo "*** obfuscate them "
           export KEYSTORE_PLAIN_PASSWORD=${KEYSTORE_PLAIN_PASSWORD}
           export TRUSTSTORE_PLAIN_PASSWORD=${TRUSTSTORE_PLAIN_PASSWORD}
-          ls -l /usr/local/jetty/lib
-          export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
-          export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+          export JETTY_UTIL_JAR=$(find /usr/local/jetty/lib/ -regextype sed -regex ".*jetty-util-[0-9].*.jar")
+          export KEYSTORE_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+          export TRUSTSTORE_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
           echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
           echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
         image: {{ include "repositoryGenerator.image.jetty" . }}

diff --git a/kubernetes/aai/resources/config/haproxy/haproxy-pluggable-security.cfg b/kubernetes/aai/resources/config/haproxy/haproxy-pluggable-security.cfg
index 9fa6d2e..6e7acef 100644 (file)
--- a/kubernetes/aai/resources/config/haproxy/haproxy-pluggable-security.cfg
+++ b/kubernetes/aai/resources/config/haproxy/haproxy-pluggable-security.cfg
@@ -88,6 +88,15 @@ frontend IST_8443
         http-request set-header X-AAI-SSL-Client-ST             %{+Q}[ssl_c_s_dn(ST)]
         http-request set-header X-AAI-SSL-Client-C              %{+Q}[ssl_c_s_dn(C)]
         http-request set-header X-AAI-SSL-Client-O              %{+Q}[ssl_c_s_dn(O)]
+#######################################
+## Request blocking configuration ###
+#######################################
+        {{- if eq $.Values.haproxy.requestBlocking.enabled true }}
+        {{- range $custom_config := $.Values.haproxy.requestBlocking.customConfigs }}
+        {{ $custom_config }}
+        {{- end }}
+        {{- end }}
+
         reqadd X-Forwarded-Proto:\ https
         reqadd X-Forwarded-Port:\ 8443
 

diff --git a/kubernetes/aai/resources/config/haproxy/haproxy.cfg b/kubernetes/aai/resources/config/haproxy/haproxy.cfg
index 1db4add..1accff9 100644 (file)
--- a/kubernetes/aai/resources/config/haproxy/haproxy.cfg
+++ b/kubernetes/aai/resources/config/haproxy/haproxy.cfg
@@ -119,6 +119,15 @@ frontend IST_8443
         http-request set-header X-AAI-SSL-Client-ST             %{+Q}[ssl_c_s_dn(ST)]
         http-request set-header X-AAI-SSL-Client-C              %{+Q}[ssl_c_s_dn(C)]
         http-request set-header X-AAI-SSL-Client-O              %{+Q}[ssl_c_s_dn(O)]
+#######################################
+## Request blocking configuration ###
+#######################################
+        {{- if eq $.Values.haproxy.requestBlocking.enabled true }}
+        {{- range $custom_config := $.Values.haproxy.requestBlocking.customConfigs }}
+        {{ $custom_config }}
+        {{- end }}
+        {{- end }}
+
         reqadd X-Forwarded-Proto:\ https
         reqadd X-Forwarded-Port:\ 8443
 {{- end }}

diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml
index 68d7445..62d1d2e 100644 (file)
--- a/kubernetes/aai/values.yaml
+++ b/kubernetes/aai/values.yaml
@@ -349,6 +349,12 @@ nodeSelector: {}
 
 affinity: {}
 
+# HAProxy configuration to block HTTP requests to AAI based on configurable URL patterns
+haproxy:
+  requestBlocking:
+    enabled: false
+    customConfigs: []
+
 # probe configuration parameters
 liveness:
   initialDelaySeconds: 10

diff --git a/kubernetes/common/repositoryGenerator/values.yaml b/kubernetes/common/repositoryGenerator/values.yaml
index 7058f86..34ce466 100644 (file)
--- a/kubernetes/common/repositoryGenerator/values.yaml
+++ b/kubernetes/common/repositoryGenerator/values.yaml
@@ -23,7 +23,7 @@ global:
   githubContainerRegistry: ghcr.io
 
   # common global images
-  busyboxImage: busybox:1.32
+  busyboxImage: busybox:1.34.1
   curlImage: curlimages/curl:7.80.0
   envsubstImage: dibi/envsubst:1
   # there's only latest image for htpasswd
@@ -33,10 +33,10 @@ global:
   # (/usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar) for 9.4.45
   jettyImage: jetty:9.4.45-jdk11-slim
   jreImage: onap/integration-java11:10.0.0
-  kubectlImage: bitnami/kubectl:1.19
+  kubectlImage: bitnami/kubectl:1.22.4
   loggingImage: beats/filebeat:5.5.0
   mariadbImage: bitnami/mariadb:10.6.5-debian-10-r28
-  nginxImage: bitnami/nginx:1.18-debian-10
+  nginxImage: bitnami/nginx:1.21.4
   postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1
   readinessImage: onap/oom/readiness:3.0.1
   dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1

diff --git a/kubernetes/cps/components/cps-core/Chart.yaml b/kubernetes/cps/components/cps-core/Chart.yaml
index c1ef720..95201a0 100644 (file)
--- a/kubernetes/cps/components/cps-core/Chart.yaml
+++ b/kubernetes/cps/components/cps-core/Chart.yaml
@@ -1,6 +1,7 @@
-#  Copyright (C) Pantheon.tech, Orange
+# Copyright (C) Pantheon.tech, Orange
 # Modifications Copyright © 2021 Orange
 # Modifications Copyright © 2021 Nordix Foundation
+# Modifications Copyright (C) 2022 Bell Canada
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -30,8 +31,7 @@ dependencies:
   - name: postgres-init
     version: ~10.x-0
     repository: '@local'
-    condition: not global.postgres.localCluster
-    #condition: global.postgres.postgresInit
+    condition: postgres.postgresInit
   - name: readinessCheck
     version: ~10.x-0
     repository: '@local'

diff --git a/kubernetes/cps/components/cps-core/values.yaml b/kubernetes/cps/components/cps-core/values.yaml
index e67cfb2..3da5d17 100644 (file)
--- a/kubernetes/cps/components/cps-core/values.yaml
+++ b/kubernetes/cps/components/cps-core/values.yaml
@@ -1,4 +1,5 @@
-#  Copyright (C) 2021 Pantheon.tech, Orange, Bell Canada.
+# Copyright (C) 2021 Pantheon.tech, Orange, Bell Canada.
+# Modifications Copyright (C) 2022 Bell Canada
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -200,6 +201,7 @@ logging:
 # Postgres overriding defaults in the postgres
 #################################################################
 postgres:
+  postgresInit: true
   nameOverride: &postgresName cps-core-postgres
   service:
     name: *postgresName

diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
index 856c4a0..65a5d04 100644 (file)
--- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
@@ -1,7 +1,7 @@
 #============LICENSE_START========================================================
 # ================================================================================
 # Copyright (c) 2021 J. F. Lucas. All rights reserved.
-# Copyright (c) 2021 Nokia.  All rights reserved.
+# Copyright (c) 2021-2022 Nokia.  All rights reserved.
 # ================================================================================
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -42,7 +42,7 @@ certPostProcessorImage: onap/org.onap.oom.platform.cert-service.oom-certservice-
 # Application configuration defaults.
 #################################################################
 # application image
-image: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.9.1
+image: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.10.0
 pullPolicy: Always
 
 # log directory where logging sidecar should look for log files

diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
index d7314a4..b1671f0 100644 (file)
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
@@ -3,6 +3,7 @@
 # Copyright (c) 2018-2021 AT&T Intellectual Property. All rights reserved.
 # Modifications Copyright © 2018 Amdocs, Bell Canada
 # Copyright (c) 2021 J. F. Lucas.  All rights reserved.
+# Copyright (c) 2022 Nokia.  All rights reserved.
 # ================================================================================
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -99,7 +100,7 @@ componentImages:
   tcagen2: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.3.1
   ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.10.1
   prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.7.1
-  hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.9.1
+  hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.10.0
 
 # Resource Limit flavor -By Default using small
 flavor: small

diff --git a/kubernetes/dmaap/components/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml
index 7aa3176..34b7a88 100644 (file)
--- a/kubernetes/dmaap/components/message-router/values.yaml
+++ b/kubernetes/dmaap/components/message-router/values.yaml
@@ -60,7 +60,7 @@ certInitializer:
 # Application configuration defaults.
 #################################################################
 # application image
-image: onap/dmaap/dmaap-mr:1.3.0
+image: onap/dmaap/dmaap-mr:1.3.2
 pullPolicy: Always
 
 kafka:

diff --git a/kubernetes/onap/resources/overrides/onap-all.yaml b/kubernetes/onap/resources/overrides/onap-all.yaml
index 229717a..f92bfa7 100644 (file)
--- a/kubernetes/onap/resources/overrides/onap-all.yaml
+++ b/kubernetes/onap/resources/overrides/onap-all.yaml
@@ -29,6 +29,10 @@ postgres:
   enabled: true
 aaf:
   enabled: true
+  aaf-sms:
+    cps:
+      # you must always set the same values as value set in cps.enabled
+      enabled: true
 aai:
   enabled: true
 appc:

diff --git a/kubernetes/onap/resources/overrides/sm-onap.yaml b/kubernetes/onap/resources/overrides/sm-onap.yaml
index 06ad5b7..b07b6d3 100644 (file)
--- a/kubernetes/onap/resources/overrides/sm-onap.yaml
+++ b/kubernetes/onap/resources/overrides/sm-onap.yaml
@@ -58,6 +58,10 @@ aai:
     replicaCount: 1
 aaf:
   enabled: false
+  aaf-sms:
+    cps:
+      # you must always set the same values as value set in cps.enabled
+      enabled: false
 appc:
   enabled: false
 cassandra:

diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml
index 08f404a..73f96d3 100755 (executable)
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -78,7 +78,7 @@ global:
 
   # common global images
   # Busybox for simple shell manipulation
-  busyboxImage: busybox:1.32
+  busyboxImage: busybox:1.34.1
 
   # curl image
   curlImage: curlimages/curl:7.80.0
@@ -91,7 +91,7 @@ global:
   htpasswdImage: xmartlabs/htpasswd:latest
 
   # kubenretes client image
-  kubectlImage: bitnami/kubectl:1.19
+  kubectlImage: bitnami/kubectl:1.22.4
 
   # logging agent
   loggingImage: beats/filebeat:5.5.0
@@ -100,7 +100,7 @@ global:
   mariadbImage: bitnami/mariadb:10.6.5-debian-10-r28
 
   # nginx server image
-  nginxImage: bitnami/nginx:1.18-debian-10
+  nginxImage: bitnami/nginx:1.21.4
 
   # postgreSQL client and server image
   postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1
@@ -259,8 +259,13 @@ global:
 # Enable/disable and configure helm charts (ie. applications)
 # to customize the ONAP deployment.
 #################################################################
+
 aaf:
   enabled: false
+  aaf-sms:
+    cps:
+      # you must always set the same values as value set in cps.enabled
+      enabled: false
 aai:
   enabled: false
 appc:

diff --git a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml b/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml
index fd6de7e..184adb6 100644 (file)
--- a/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml
+++ b/kubernetes/policy/components/policy-clamp-cl-k8s-ppnt/resources/config/KubernetesParticipantParameters.yaml
@@ -1,5 +1,5 @@
 #  ============LICENSE_START=======================================================
-#   Copyright (C) 2021 Nordix Foundation. All rights reserved.
+#   Copyright (C) 2021-2022 Nordix Foundation. All rights reserved.
 #  ================================================================================
 #  Licensed under the Apache License, Version 2.0 (the "License");
 #  you may not use this file except in compliance with the License.
@@ -57,4 +57,21 @@ server:
   # Configuration of the HTTP/REST server. The parameters are defined and handled by the springboot framework.
   # See springboot documentation.
   port: 8083
+  servlet:
+    context-path: /onap/policy/clamp/acm/k8sparticipant
 
+logging:
+  # Configuration of logging
+  level:
+    ROOT: ERROR
+    org.springframework: ERROR
+    org.springframework.data: ERROR
+    org.springframework.web.reactive.function.client.ExchangeFunctions: ERROR
+    org.onap.policy.clamp.controlloop.participant.kubernetes: INFO
+
+  file:
+    name: /var/log/onap/policy/clamp/application.log
+
+chart:
+  api:
+    enabled: false
\ No newline at end of file

diff --git a/kubernetes/portal/components/portal-app/Chart.yaml b/kubernetes/portal/components/portal-app/Chart.yaml
index a73fffe..c9c8b1b 100644 (file)
--- a/kubernetes/portal/components/portal-app/Chart.yaml
+++ b/kubernetes/portal/components/portal-app/Chart.yaml
@@ -29,3 +29,6 @@ dependencies:
   - name: repositoryGenerator
     version: ~10.x-0
     repository: '@local'
+  - name: serviceAccount
+    version: ~10.x-0
+    repository: '@local'

diff --git a/kubernetes/portal/components/portal-app/templates/deployment.yaml b/kubernetes/portal/components/portal-app/templates/deployment.yaml
index db4454d..02926f5 100644 (file)
--- a/kubernetes/portal/components/portal-app/templates/deployment.yaml
+++ b/kubernetes/portal/components/portal-app/templates/deployment.yaml
@@ -170,6 +170,7 @@ spec:
 {{ toYaml .Values.affinity | indent 10 }}
       {{- end }}
       {{ include "common.log.sidecar" . | nindent 6 }}
+      serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
       volumes:
 {{ include "common.certInitializer.volumes" . | indent 8 }}
         - name: localtime

diff --git a/kubernetes/portal/components/portal-app/values.yaml b/kubernetes/portal/components/portal-app/values.yaml
index 6cf2513..039f560 100644 (file)
--- a/kubernetes/portal/components/portal-app/values.yaml
+++ b/kubernetes/portal/components/portal-app/values.yaml
@@ -171,3 +171,8 @@ resources:
 log:
   path: /var/log/onap
 logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
+#Pods Service Account
+serviceAccount:
+  nameOverride: portal-app
+  roles:
+    - read

diff --git a/kubernetes/portal/components/portal-cassandra/Chart.yaml b/kubernetes/portal/components/portal-cassandra/Chart.yaml
index f65b413..b85fc84 100644 (file)
--- a/kubernetes/portal/components/portal-cassandra/Chart.yaml
+++ b/kubernetes/portal/components/portal-cassandra/Chart.yaml
@@ -27,3 +27,6 @@ dependencies:
   - name: repositoryGenerator
     version: ~10.x-0
     repository: '@local'
+  - name: serviceAccount
+    version: ~10.x-0
+    repository: '@local'

diff --git a/kubernetes/portal/components/portal-cassandra/templates/deployment.yaml b/kubernetes/portal/components/portal-cassandra/templates/deployment.yaml
index 59eace6..9becdaa 100644 (file)
--- a/kubernetes/portal/components/portal-cassandra/templates/deployment.yaml
+++ b/kubernetes/portal/components/portal-cassandra/templates/deployment.yaml
@@ -139,6 +139,7 @@ spec:
       affinity:
 {{ toYaml .Values.affinity | indent 10 }}
       {{- end }}
+      serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
       volumes:
         - name: cassandra-docker-entrypoint-initdb
           configMap:

diff --git a/kubernetes/portal/components/portal-cassandra/values.yaml b/kubernetes/portal/components/portal-cassandra/values.yaml
index bed75e5..c3ffb4f 100644 (file)
--- a/kubernetes/portal/components/portal-cassandra/values.yaml
+++ b/kubernetes/portal/components/portal-cassandra/values.yaml
@@ -139,4 +139,10 @@ heap:
     max: 3G
     new: 100M
   large: {}
-  unlimited: {}
\ No newline at end of file
+  unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+  nameOverride: portal-cassandra
+  roles:
+    - read

diff --git a/kubernetes/portal/components/portal-mariadb/Chart.yaml b/kubernetes/portal/components/portal-mariadb/Chart.yaml
index cef1b64..a152d71 100644 (file)
--- a/kubernetes/portal/components/portal-mariadb/Chart.yaml
+++ b/kubernetes/portal/components/portal-mariadb/Chart.yaml
@@ -27,3 +27,6 @@ dependencies:
   - name: repositoryGenerator
     version: ~10.x-0
     repository: '@local'
+  - name: serviceAccount
+    version: ~10.x-0
+    repository: '@local'

diff --git a/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml b/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml
index 7e94c76..1d0d5bc 100644 (file)
--- a/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml
+++ b/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml
@@ -102,6 +102,7 @@ spec:
         affinity:
 {{ toYaml .Values.affinity | indent 10 }}
         {{- end }}
+      serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
       volumes:
       {{- if .Values.persistence.enabled }}
         - name: mariadb-data

diff --git a/kubernetes/portal/components/portal-mariadb/values.yaml b/kubernetes/portal/components/portal-mariadb/values.yaml
index 99dda39..a7fdb54 100644 (file)
--- a/kubernetes/portal/components/portal-mariadb/values.yaml
+++ b/kubernetes/portal/components/portal-mariadb/values.yaml
@@ -145,3 +145,9 @@ resources:
       cpu: 800m
       memory: 1Gi
   unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+  nameOverride: portal-db
+  roles:
+    - read

diff --git a/kubernetes/portal/components/portal-sdk/Chart.yaml b/kubernetes/portal/components/portal-sdk/Chart.yaml
index 6535998..02c1733 100644 (file)
--- a/kubernetes/portal/components/portal-sdk/Chart.yaml
+++ b/kubernetes/portal/components/portal-sdk/Chart.yaml
@@ -30,3 +30,6 @@ dependencies:
   - name: repositoryGenerator
     version: ~10.x-0
     repository: '@local'
+  - name: serviceAccount
+    version: ~10.x-0
+    repository: '@local'

diff --git a/kubernetes/portal/components/portal-sdk/templates/deployment.yaml b/kubernetes/portal/components/portal-sdk/templates/deployment.yaml
index abc5daa..66e8065 100644 (file)
--- a/kubernetes/portal/components/portal-sdk/templates/deployment.yaml
+++ b/kubernetes/portal/components/portal-sdk/templates/deployment.yaml
@@ -161,6 +161,7 @@ spec:
 {{ toYaml .Values.affinity | indent 10 }}
       {{- end }}
       {{ include "common.log.sidecar" . | nindent 6 }}
+      serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
       volumes:
         - name: localtime
           hostPath:

diff --git a/kubernetes/portal/components/portal-sdk/values.yaml b/kubernetes/portal/components/portal-sdk/values.yaml
index f0c3954..617ed10 100644 (file)
--- a/kubernetes/portal/components/portal-sdk/values.yaml
+++ b/kubernetes/portal/components/portal-sdk/values.yaml
@@ -166,3 +166,8 @@ resources:
 log:
   path: /var/log/onap
 logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
+#Pods Service Account
+serviceAccount:
+  nameOverride: portal-sdk
+  roles:
+    - read

diff --git a/kubernetes/portal/components/portal-widget/Chart.yaml b/kubernetes/portal/components/portal-widget/Chart.yaml
index 283009b..03b9344 100644 (file)
--- a/kubernetes/portal/components/portal-widget/Chart.yaml
+++ b/kubernetes/portal/components/portal-widget/Chart.yaml
@@ -27,3 +27,6 @@ dependencies:
   - name: repositoryGenerator
     version: ~10.x-0
     repository: '@local'
+  - name: serviceAccount
+    version: ~10.x-0
+    repository: '@local'

diff --git a/kubernetes/portal/components/portal-widget/templates/deployment.yaml b/kubernetes/portal/components/portal-widget/templates/deployment.yaml
index 2462576..e9ecece 100644 (file)
--- a/kubernetes/portal/components/portal-widget/templates/deployment.yaml
+++ b/kubernetes/portal/components/portal-widget/templates/deployment.yaml
@@ -125,6 +125,7 @@ spec:
       affinity:
 {{ toYaml .Values.affinity | indent 10 }}
       {{- end }}
+      serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
       volumes:
         - name: localtime
           hostPath:

diff --git a/kubernetes/portal/components/portal-widget/values.yaml b/kubernetes/portal/components/portal-widget/values.yaml
index f86ff85..dfa51d8 100644 (file)
--- a/kubernetes/portal/components/portal-widget/values.yaml
+++ b/kubernetes/portal/components/portal-widget/values.yaml
@@ -124,3 +124,9 @@ resources:
       cpu: 1
       memory: 4Gi
   unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+  nameOverride: portal-widget
+  roles:
+    - read
\ No newline at end of file

diff --git a/kubernetes/sdc/components/sdc-be/resources/config/logging/logback.xml b/kubernetes/sdc/components/sdc-be/resources/config/logging/logback.xml
index 28fd910..fcbca71 100644 (file)
--- a/kubernetes/sdc/components/sdc-be/resources/config/logging/logback.xml
+++ b/kubernetes/sdc/components/sdc-be/resources/config/logging/logback.xml
@@ -14,24 +14,45 @@
 # limitations under the License.
 -->
 <configuration scan="true" scanPeriod="3 seconds">
-    <property name="logDir" value="/var/log/onap" />
-    <property name="componentName" scope="system" value="sdc"></property>
-    <property name="subComponentName" scope="system" value="sdc-be"></property>
-    <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />
-    <property file="${config.home}/catalog-be/configuration.yaml" />
-    <property name="enable-all-log" scope="context" value="false" />
+    <property name="logDir" value="/var/log/onap"/>
+    <property name="componentName" scope="system" value="sdc"/>
+    <property name="subComponentName" scope="system" value="sdc-be"/>
+    <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}"/>
+    <property file="${config.home}/catalog-be/configuration.yaml"/>
+    <property name="enable-all-log" scope="context" value="false"/>
     <!--  log file names -->
-    <property name="errorLogName" value="error" />
-    <property name="metricsLogName" value="metrics" />
-    <property name="auditLogName" value="audit" />
-    <property name="debugLogName" value="debug" />
-    <property name="transactionLogName" value="transaction" />
-    <property name="allLogName" value="all" />
-    <property name="queueSize" value="256" />
-    <property name="maxFileSize" value="50MB" />
-    <property name="maxHistory" value="30" />
-    <property name="totalSizeCap" value="10GB" />
-    <property name="pattern" value="%d{&quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />
+    <property name="errorLogName" value="error"/>
+    <property name="metricsLogName" value="metrics"/>
+    <property name="auditLogName" value="audit"/>
+    <property name="debugLogName" value="debug"/>
+    <property name="transactionLogName" value="transaction"/>
+    <property name="allLogName" value="all"/>
+    <property name="queueSize" value="256"/>
+    <property name="maxFileSize" value="50MB"/>
+    <property name="maxHistory" value="30"/>
+    <property name="totalSizeCap" value="10GB"/>
+    <property name="pattern"
+        value="%d{&quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n"/>
+
+    <!-- STDOUT -->
+    <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT">
+        <encoder>
+            <pattern>${pattern}</pattern>
+        </encoder>
+    </appender>
+
+    <!-- STDERR -->
+    <appender class="ch.qos.logback.core.ConsoleAppender" name="STDERR">
+        <filter class="ch.qos.logback.classic.filter.LevelFilter">
+            <level>ERROR</level>
+            <onMatch>ACCEPT</onMatch>
+            <onMismatch>DENY</onMismatch>
+        </filter>
+        <encoder>
+            <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
+        </encoder>
+    </appender>
+
     <!-- All log -->
     <if condition='property("enable-all-log").equalsIgnoreCase("true")'>
         <then>
@@ -50,7 +71,7 @@
                 </encoder>
             </appender>
             <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_ALL">
-                <appender-ref ref="ALL_ROLLING" />
+                <appender-ref ref="ALL_ROLLING"/>
             </appender>
         </then>
     </if>
@@ -170,30 +191,32 @@
     <!-- Asynchronicity Configurations -->
     <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_DEBUG">
         <queueSize>${queueSize}</queueSize>
-        <appender-ref ref="DEBUG_ROLLING" />
+        <appender-ref ref="DEBUG_ROLLING"/>
     </appender>
     <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_TRANSACTION">
         <queueSize>${queueSize}</queueSize>
-        <appender-ref ref="TRANSACTION_ROLLING" />
+        <appender-ref ref="TRANSACTION_ROLLING"/>
     </appender>
     <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_ERROR">
         <queueSize>${queueSize}</queueSize>
-        <appender-ref ref="ERROR_ROLLING" />
+        <appender-ref ref="ERROR_ROLLING"/>
     </appender>
     <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_AUDIT">
         <queueSize>${queueSize}</queueSize>
-        <appender-ref ref="AUDIT_ROLLING" />
+        <appender-ref ref="AUDIT_ROLLING"/>
     </appender>
     <root level="INFO">
-        <appender-ref ref="ASYNC_ERROR" />
-        <appender-ref ref="ASYNC_DEBUG" />
-        <appender-ref ref="ASYNC_AUDIT" />
-        <appender-ref ref="ASYNC_TRANSACTION" />
+        <appender-ref ref="ASYNC_ERROR"/>
+        <appender-ref ref="ASYNC_DEBUG"/>
+        <appender-ref ref="ASYNC_AUDIT"/>
+        <appender-ref ref="ASYNC_TRANSACTION"/>
         <if condition='property("enable-all-log").equalsIgnoreCase("true")'>
             <then>
-                <appender-ref ref="ALL_ROLLING" />
+                <appender-ref ref="ALL_ROLLING"/>
             </then>
         </if>
+        <appender-ref ref="STDOUT"/>
+        <appender-ref ref="STDERR"/>
     </root>
-    <logger level="INFO" name="org.openecomp.sdc" />
+    <logger level="INFO" name="org.openecomp.sdc"/>
 </configuration>

diff --git a/kubernetes/sdc/components/sdc-be/values.yaml b/kubernetes/sdc/components/sdc-be/values.yaml
index 0ae39bf..b7fa714 100644 (file)
--- a/kubernetes/sdc/components/sdc-be/values.yaml
+++ b/kubernetes/sdc/components/sdc-be/values.yaml
@@ -35,8 +35,8 @@ global:
 # Application configuration defaults.
 #################################################################
 # application image
-image: onap/sdc-backend-all-plugins:1.9.5
-backendInitImage: onap/sdc-backend-init:1.9.5
+image: onap/sdc-backend-all-plugins:1.10.1
+backendInitImage: onap/sdc-backend-init:1.10.1
 
 pullPolicy: Always
 

diff --git a/kubernetes/sdc/components/sdc-cs/values.yaml b/kubernetes/sdc/components/sdc-cs/values.yaml
index 951249c..3391af7 100644 (file)
--- a/kubernetes/sdc/components/sdc-cs/values.yaml
+++ b/kubernetes/sdc/components/sdc-cs/values.yaml
@@ -51,8 +51,8 @@ cassandra:
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/sdc-cassandra:1.9.5
-cassandraInitImage: onap/sdc-cassandra-init:1.9.5
+image: onap/sdc-cassandra:1.10.1
+cassandraInitImage: onap/sdc-cassandra-init:1.10.1
 pullPolicy: Always
 
 config:

diff --git a/kubernetes/sdc/components/sdc-fe/resources/config/logging/logback.xml b/kubernetes/sdc/components/sdc-fe/resources/config/logging/logback.xml
index 1000982..f3ebf76 100644 (file)
--- a/kubernetes/sdc/components/sdc-fe/resources/config/logging/logback.xml
+++ b/kubernetes/sdc/components/sdc-fe/resources/config/logging/logback.xml
@@ -16,24 +16,45 @@
 -->\r
 \r
 <configuration scan="true" scanPeriod="3 seconds">\r
-    <property name="logDir" value="/var/log/onap" />\r
-    <property name="componentName" scope="system" value="sdc"></property>\r
-    <property name="subComponentName" scope="system" value="sdc-fe"></property>\r
-    <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />\r
-    <property file="${config.home}/catalog-fe/configuration.yaml" />\r
-    <property name="enable-all-log" scope="context" value="false" />\r
+    <property name="logDir" value="/var/log/onap"/>\r
+    <property name="componentName" scope="system" value="sdc"/>\r
+    <property name="subComponentName" scope="system" value="sdc-fe"/>\r
+    <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}"/>\r
+    <property file="${config.home}/catalog-fe/configuration.yaml"/>\r
+    <property name="enable-all-log" scope="context" value="false"/>\r
     <!--  log file names -->\r
-    <property name="errorLogName" value="error" />\r
-    <property name="metricsLogName" value="metrics" />\r
-    <property name="auditLogName" value="audit" />\r
-    <property name="debugLogName" value="debug" />\r
-    <property name="transactionLogName" value="transaction" />\r
-    <property name="allLogName" value="all" />\r
-    <property name="queueSize" value="256" />\r
-    <property name="maxFileSize" value="50MB" />\r
-    <property name="maxHistory" value="30" />\r
-    <property name="totalSizeCap" value="10GB" />\r
-    <property name="pattern" value="%d{&quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />\r
+    <property name="errorLogName" value="error"/>\r
+    <property name="metricsLogName" value="metrics"/>\r
+    <property name="auditLogName" value="audit"/>\r
+    <property name="debugLogName" value="debug"/>\r
+    <property name="transactionLogName" value="transaction"/>\r
+    <property name="allLogName" value="all"/>\r
+    <property name="queueSize" value="256"/>\r
+    <property name="maxFileSize" value="50MB"/>\r
+    <property name="maxHistory" value="30"/>\r
+    <property name="totalSizeCap" value="10GB"/>\r
+    <property name="pattern"\r
+        value="%d{&quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n"/>\r
+\r
+    <!-- STDOUT -->\r
+    <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT">\r
+        <encoder>\r
+            <pattern>${pattern}</pattern>\r
+        </encoder>\r
+    </appender>\r
+\r
+    <!-- STDERR -->\r
+    <appender class="ch.qos.logback.core.ConsoleAppender" name="STDERR">\r
+        <filter class="ch.qos.logback.classic.filter.LevelFilter">\r
+            <level>ERROR</level>\r
+            <onMatch>ACCEPT</onMatch>\r
+            <onMismatch>DENY</onMismatch>\r
+        </filter>\r
+        <encoder>\r
+            <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>\r
+        </encoder>\r
+    </appender>\r
+\r
     <!-- All log -->\r
     <if condition='property("enable-all-log").equalsIgnoreCase("true")'>\r
         <then>\r
@@ -52,7 +73,7 @@
                 </encoder>\r
             </appender>\r
             <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_ALL">\r
-                <appender-ref ref="ALL_ROLLING" />\r
+                <appender-ref ref="ALL_ROLLING"/>\r
             </appender>\r
         </then>\r
     </if>\r
@@ -174,30 +195,32 @@
     <!-- Asynchronicity Configurations -->\r
     <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_DEBUG">\r
         <queueSize>${queueSize}</queueSize>\r
-        <appender-ref ref="DEBUG_ROLLING" />\r
+        <appender-ref ref="DEBUG_ROLLING"/>\r
     </appender>\r
     <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_TRANSACTION">\r
         <queueSize>${queueSize}</queueSize>\r
-        <appender-ref ref="TRANSACTION_ROLLING" />\r
+        <appender-ref ref="TRANSACTION_ROLLING"/>\r
     </appender>\r
     <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_ERROR">\r
         <queueSize>${queueSize}</queueSize>\r
-        <appender-ref ref="ERROR_ROLLING" />\r
+        <appender-ref ref="ERROR_ROLLING"/>\r
     </appender>\r
     <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_AUDIT">\r
         <queueSize>${queueSize}</queueSize>\r
-        <appender-ref ref="AUDIT_ROLLING" />\r
+        <appender-ref ref="AUDIT_ROLLING"/>\r
     </appender>\r
     <root level="INFO">\r
-        <appender-ref ref="ASYNC_ERROR" />\r
-        <appender-ref ref="ASYNC_DEBUG" />\r
-        <appender-ref ref="ASYNC_AUDIT" />\r
-        <appender-ref ref="ASYNC_TRANSACTION" />\r
+        <appender-ref ref="ASYNC_ERROR"/>\r
+        <appender-ref ref="ASYNC_DEBUG"/>\r
+        <appender-ref ref="ASYNC_AUDIT"/>\r
+        <appender-ref ref="ASYNC_TRANSACTION"/>\r
         <if condition='property("enable-all-log").equalsIgnoreCase("true")'>\r
             <then>\r
-                <appender-ref ref="ALL_ROLLING" />\r
+                <appender-ref ref="ALL_ROLLING"/>\r
             </then>\r
         </if>\r
+        <appender-ref ref="STDOUT"/>\r
+        <appender-ref ref="STDERR"/>\r
     </root>\r
-    <logger level="INFO" name="org.openecomp.sdc" />\r
+    <logger level="INFO" name="org.openecomp.sdc"/>\r
 </configuration>\r

diff --git a/kubernetes/sdc/components/sdc-fe/values.yaml b/kubernetes/sdc/components/sdc-fe/values.yaml
index 09d9829..1dbf9eb 100644 (file)
--- a/kubernetes/sdc/components/sdc-fe/values.yaml
+++ b/kubernetes/sdc/components/sdc-fe/values.yaml
@@ -47,7 +47,7 @@ certInitializer:
 # Application configuration defaults.
 #################################################################
 # application image
-image: onap/sdc-frontend:1.9.5
+image: onap/sdc-frontend:1.10.1
 pullPolicy: Always
 
 config:

diff --git a/kubernetes/sdc/components/sdc-helm-validator/values.yaml b/kubernetes/sdc/components/sdc-helm-validator/values.yaml
index e51c242..363a059 100644 (file)
--- a/kubernetes/sdc/components/sdc-helm-validator/values.yaml
+++ b/kubernetes/sdc/components/sdc-helm-validator/values.yaml
@@ -18,7 +18,7 @@
 global:
   pullPolicy: Always
 
-image: onap/sdc-helm-validator:1.3.0
+image: onap/sdc-helm-validator:1.3.1
 containerPort: &svc_port 8080
 
 config:

diff --git a/kubernetes/sdc/components/sdc-onboarding-be/resources/config/logging/logback.xml b/kubernetes/sdc/components/sdc-onboarding-be/resources/config/logging/logback.xml
index b537709..ee22ff2 100644 (file)
--- a/kubernetes/sdc/components/sdc-onboarding-be/resources/config/logging/logback.xml
+++ b/kubernetes/sdc/components/sdc-onboarding-be/resources/config/logging/logback.xml
@@ -15,24 +15,45 @@
 # limitations under the License.\r
 -->\r
 <configuration scan="true" scanPeriod="3 seconds">\r
-    <property name="logDir" value="/var/log/onap" />\r
-    <property name="componentName" scope="system" value="sdc"></property>\r
-    <property name="subComponentName" scope="system" value="sdc-onboarding-be"></property>\r
-    <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />\r
-    <property file="${config.home}/catalog-be/configuration.yaml" />\r
-    <property name="enable-all-log" scope="context" value="false" />\r
+    <property name="logDir" value="/var/log/onap"/>\r
+    <property name="componentName" scope="system" value="sdc"/>\r
+    <property name="subComponentName" scope="system" value="sdc-onboarding-be"/>\r
+    <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}"/>\r
+    <property file="${config.home}/catalog-be/configuration.yaml"/>\r
+    <property name="enable-all-log" scope="context" value="false"/>\r
     <!--  log file names -->\r
-    <property name="errorLogName" value="error" />\r
-    <property name="metricsLogName" value="metrics" />\r
-    <property name="auditLogName" value="audit" />\r
-    <property name="debugLogName" value="debug" />\r
-    <property name="transactionLogName" value="transaction" />\r
-    <property name="allLogName" value="all" />\r
-    <property name="queueSize" value="256" />\r
-    <property name="maxFileSize" value="50MB" />\r
-    <property name="maxHistory" value="30" />\r
-    <property name="totalSizeCap" value="10GB" />\r
-    <property name="pattern" value="%d{&quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />\r
+    <property name="errorLogName" value="error"/>\r
+    <property name="metricsLogName" value="metrics"/>\r
+    <property name="auditLogName" value="audit"/>\r
+    <property name="debugLogName" value="debug"/>\r
+    <property name="transactionLogName" value="transaction"/>\r
+    <property name="allLogName" value="all"/>\r
+    <property name="queueSize" value="256"/>\r
+    <property name="maxFileSize" value="50MB"/>\r
+    <property name="maxHistory" value="30"/>\r
+    <property name="totalSizeCap" value="10GB"/>\r
+    <property name="pattern"\r
+        value="%d{&quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n"/>\r
+\r
+    <!-- STDOUT -->\r
+    <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT">\r
+        <encoder>\r
+            <pattern>${pattern}</pattern>\r
+        </encoder>\r
+    </appender>\r
+\r
+    <!-- STDERR -->\r
+    <appender class="ch.qos.logback.core.ConsoleAppender" name="STDERR">\r
+        <filter class="ch.qos.logback.classic.filter.LevelFilter">\r
+            <level>ERROR</level>\r
+            <onMatch>ACCEPT</onMatch>\r
+            <onMismatch>DENY</onMismatch>\r
+        </filter>\r
+        <encoder>\r
+            <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>\r
+        </encoder>\r
+    </appender>\r
+\r
     <!-- All log -->\r
     <if condition='property("enable-all-log").equalsIgnoreCase("true")'>\r
         <then>\r
@@ -51,7 +72,7 @@
                 </encoder>\r
             </appender>\r
             <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_ALL">\r
-                <appender-ref ref="ALL_ROLLING" />\r
+                <appender-ref ref="ALL_ROLLING"/>\r
             </appender>\r
         </then>\r
     </if>\r
@@ -171,30 +192,32 @@
     <!-- Asynchronicity Configurations -->\r
     <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_DEBUG">\r
         <queueSize>${queueSize}</queueSize>\r
-        <appender-ref ref="DEBUG_ROLLING" />\r
+        <appender-ref ref="DEBUG_ROLLING"/>\r
     </appender>\r
     <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_TRANSACTION">\r
         <queueSize>${queueSize}</queueSize>\r
-        <appender-ref ref="TRANSACTION_ROLLING" />\r
+        <appender-ref ref="TRANSACTION_ROLLING"/>\r
     </appender>\r
     <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_ERROR">\r
         <queueSize>${queueSize}</queueSize>\r
-        <appender-ref ref="ERROR_ROLLING" />\r
+        <appender-ref ref="ERROR_ROLLING"/>\r
     </appender>\r
     <appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_AUDIT">\r
         <queueSize>${queueSize}</queueSize>\r
-        <appender-ref ref="AUDIT_ROLLING" />\r
+        <appender-ref ref="AUDIT_ROLLING"/>\r
     </appender>\r
     <root level="INFO">\r
-        <appender-ref ref="ASYNC_ERROR" />\r
-        <appender-ref ref="ASYNC_DEBUG" />\r
-        <appender-ref ref="ASYNC_AUDIT" />\r
-        <appender-ref ref="ASYNC_TRANSACTION" />\r
+        <appender-ref ref="ASYNC_ERROR"/>\r
+        <appender-ref ref="ASYNC_DEBUG"/>\r
+        <appender-ref ref="ASYNC_AUDIT"/>\r
+        <appender-ref ref="ASYNC_TRANSACTION"/>\r
         <if condition='property("enable-all-log").equalsIgnoreCase("true")'>\r
             <then>\r
-                <appender-ref ref="ALL_ROLLING" />\r
+                <appender-ref ref="ALL_ROLLING"/>\r
             </then>\r
         </if>\r
+        <appender-ref ref="STDOUT"/>\r
+        <appender-ref ref="STDERR"/>\r
     </root>\r
-    <logger level="INFO" name="org.openecomp.sdc" />\r
+    <logger level="INFO" name="org.openecomp.sdc"/>\r
 </configuration>\r

diff --git a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml
index f96d59b..ff5d031 100644 (file)
--- a/kubernetes/sdc/components/sdc-onboarding-be/values.yaml
+++ b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml
@@ -59,8 +59,8 @@ certInitializer:
 # Application configuration defaults.
 #################################################################
 # application image
-image: onap/sdc-onboard-backend:1.9.5
-onboardingInitImage: onap/sdc-onboard-cassandra-init:1.9.5
+image: onap/sdc-onboard-backend:1.10.1
+onboardingInitImage: onap/sdc-onboard-cassandra-init:1.10.1
 pullPolicy: Always
 
 # flag to enable debugging - application support required