"UserName": "${OSDF_OPT_ENGINE_USER}",
"Password": "${OSDF_OPT_ENGINE_PASS}"
}
- },
+ }{{ if .Values.cps.enabled }},
{
"name": "cps",
"values": {
"UserName": "${CPS_USER}",
"Password": "${CPS_PASS}"
}
- }
+ }{{ end }}
]
}
}
export OSDF_OPT_ENGINE_PASS=${OSDF_OPT_ENGINE_PASS_PLAIN};
export SO_PASS=${SO_PASS_PLAIN};
export SDC_PASS=${SDC_PASS_PLAIN};
+ {{- if .Values.cps.enabled }}
export CPS_PASS=${CPS_PASS_PLAIN};
+ {{- end }}
cd /config-input;
for PFILE in `find . -not -type d | grep -v -F ..`; do
envsubst <${PFILE} >/config/${PFILE};
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdc-creds" "key" "login") | indent 10 }}
- name: SDC_PASS_PLAIN
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdc-creds" "key" "password") | indent 10 }}
-
+ {{- if .Values.cps.enabled }}
- name: CPS_USER
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-creds" "key" "login") | indent 10 }}
- name: CPS_PASS_PLAIN
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cps-creds" "key" "password") | indent 10 }}
+ {{- end }}
volumeMounts:
- mountPath: /config-input
ingress:
enabled: false
+cps:
+ enabled: true
+
secrets:
- uid: aai-creds
type: basicAuth
echo "*** retrieve Truststore and Keystore password"
export $(cat {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop | xargs -0)
echo "*** obfuscate them "
- export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
- export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
- export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export JETTY_UTIL_JAR=$(find /usr/local/jetty/lib/ -regextype sed -regex ".*jetty-util-[0-9].*.jar")
+ export KEYSTORE_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export KEYSTORE_JKS_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export TRUSTSTORE_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "KEYSTORE_JKS_PASSWORD=${KEYSTORE_JKS_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "*** retrieve Truststore and Keystore password"
export $(cat {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop | xargs -0)
echo "*** obfuscate them "
- export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
- export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
- export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export JETTY_UTIL_JAR=$(find /usr/local/jetty/lib/ -regextype sed -regex ".*jetty-util-[0-9].*.jar")
+ export KEYSTORE_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export KEYSTORE_JKS_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export TRUSTSTORE_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "KEYSTORE_JKS_PASSWORD=${KEYSTORE_JKS_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "*** retrieve Truststore and Keystore password"
export $(cat {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop | xargs -0)
echo "*** obfuscate them "
- export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
- export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
- export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export JETTY_UTIL_JAR=$(find /usr/local/jetty/lib/ -regextype sed -regex ".*jetty-util-[0-9].*.jar")
+ export KEYSTORE_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export KEYSTORE_JKS_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export TRUSTSTORE_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "KEYSTORE_JKS_PASSWORD=${KEYSTORE_JKS_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "*** retrieve Truststore and Keystore password"
export $(cat {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop | xargs -0)
echo "*** obfuscate them "
- export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
- export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
- export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export JETTY_UTIL_JAR=$(find /usr/local/jetty/lib/ -regextype sed -regex ".*jetty-util-[0-9].*.jar")
+ export KEYSTORE_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export KEYSTORE_JKS_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export TRUSTSTORE_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "KEYSTORE_JKS_PASSWORD=${KEYSTORE_JKS_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "*** retrieve Truststore and Keystore password"
export $(cat {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop | xargs -0)
echo "*** obfuscate them "
- export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
- export KEYSTORE_JKS_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
- export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export JETTY_UTIL_JAR=$(find /usr/local/jetty/lib/ -regextype sed -regex ".*jetty-util-[0-9].*.jar")
+ export KEYSTORE_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export KEYSTORE_JKS_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${KEYSTORE_JKS_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export TRUSTSTORE_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "KEYSTORE_JKS_PASSWORD=${KEYSTORE_JKS_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "*** obfuscate them "
export KEYSTORE_PLAIN_PASSWORD=${KEYSTORE_PLAIN_PASSWORD}
export TRUSTSTORE_PLAIN_PASSWORD=${TRUSTSTORE_PLAIN_PASSWORD}
- export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
- export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export JETTY_UTIL_JAR=$(find /usr/local/jetty/lib/ -regextype sed -regex ".*jetty-util-[0-9].*.jar")
+ export KEYSTORE_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export TRUSTSTORE_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
image: {{ include "repositoryGenerator.image.jetty" . }}
echo "*** obfuscate them "
export KEYSTORE_PLAIN_PASSWORD=${KEYSTORE_PLAIN_PASSWORD}
export TRUSTSTORE_PLAIN_PASSWORD=${TRUSTSTORE_PLAIN_PASSWORD}
- ls -l /usr/local/jetty/lib
- export KEYSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
- export TRUSTSTORE_PASSWORD=`java -cp /usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export JETTY_UTIL_JAR=$(find /usr/local/jetty/lib/ -regextype sed -regex ".*jetty-util-[0-9].*.jar")
+ export KEYSTORE_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${KEYSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
+ export TRUSTSTORE_PASSWORD=`java -cp ${JETTY_UTIL_JAR} org.eclipse.jetty.util.security.Password ${TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.certInitializer.appMountPath }}/local/mycreds.prop
image: {{ include "repositoryGenerator.image.jetty" . }}
http-request set-header X-AAI-SSL-Client-ST %{+Q}[ssl_c_s_dn(ST)]
http-request set-header X-AAI-SSL-Client-C %{+Q}[ssl_c_s_dn(C)]
http-request set-header X-AAI-SSL-Client-O %{+Q}[ssl_c_s_dn(O)]
+#######################################
+## Request blocking configuration ###
+#######################################
+ {{- if eq $.Values.haproxy.requestBlocking.enabled true }}
+ {{- range $custom_config := $.Values.haproxy.requestBlocking.customConfigs }}
+ {{ $custom_config }}
+ {{- end }}
+ {{- end }}
+
reqadd X-Forwarded-Proto:\ https
reqadd X-Forwarded-Port:\ 8443
http-request set-header X-AAI-SSL-Client-ST %{+Q}[ssl_c_s_dn(ST)]
http-request set-header X-AAI-SSL-Client-C %{+Q}[ssl_c_s_dn(C)]
http-request set-header X-AAI-SSL-Client-O %{+Q}[ssl_c_s_dn(O)]
+#######################################
+## Request blocking configuration ###
+#######################################
+ {{- if eq $.Values.haproxy.requestBlocking.enabled true }}
+ {{- range $custom_config := $.Values.haproxy.requestBlocking.customConfigs }}
+ {{ $custom_config }}
+ {{- end }}
+ {{- end }}
+
reqadd X-Forwarded-Proto:\ https
reqadd X-Forwarded-Port:\ 8443
{{- end }}
affinity: {}
+# HAProxy configuration to block HTTP requests to AAI based on configurable URL patterns
+haproxy:
+ requestBlocking:
+ enabled: false
+ customConfigs: []
+
# probe configuration parameters
liveness:
initialDelaySeconds: 10
githubContainerRegistry: ghcr.io
# common global images
- busyboxImage: busybox:1.32
+ busyboxImage: busybox:1.34.1
curlImage: curlimages/curl:7.80.0
envsubstImage: dibi/envsubst:1
# there's only latest image for htpasswd
# (/usr/local/jetty/lib/jetty-util-9.4.45.v20220203.jar) for 9.4.45
jettyImage: jetty:9.4.45-jdk11-slim
jreImage: onap/integration-java11:10.0.0
- kubectlImage: bitnami/kubectl:1.19
+ kubectlImage: bitnami/kubectl:1.22.4
loggingImage: beats/filebeat:5.5.0
mariadbImage: bitnami/mariadb:10.6.5-debian-10-r28
- nginxImage: bitnami/nginx:1.18-debian-10
+ nginxImage: bitnami/nginx:1.21.4
postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1
readinessImage: onap/oom/readiness:3.0.1
dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1
-# Copyright (C) Pantheon.tech, Orange
+# Copyright (C) Pantheon.tech, Orange
# Modifications Copyright © 2021 Orange
# Modifications Copyright © 2021 Nordix Foundation
+# Modifications Copyright (C) 2022 Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
- name: postgres-init
version: ~10.x-0
repository: '@local'
- condition: not global.postgres.localCluster
- #condition: global.postgres.postgresInit
+ condition: postgres.postgresInit
- name: readinessCheck
version: ~10.x-0
repository: '@local'
-# Copyright (C) 2021 Pantheon.tech, Orange, Bell Canada.
+# Copyright (C) 2021 Pantheon.tech, Orange, Bell Canada.
+# Modifications Copyright (C) 2022 Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# Postgres overriding defaults in the postgres
#################################################################
postgres:
+ postgresInit: true
nameOverride: &postgresName cps-core-postgres
service:
name: *postgresName
#============LICENSE_START========================================================
# ================================================================================
# Copyright (c) 2021 J. F. Lucas. All rights reserved.
-# Copyright (c) 2021 Nokia. All rights reserved.
+# Copyright (c) 2021-2022 Nokia. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# Application configuration defaults.
#################################################################
# application image
-image: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.9.1
+image: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.10.0
pullPolicy: Always
# log directory where logging sidecar should look for log files
# Copyright (c) 2018-2021 AT&T Intellectual Property. All rights reserved.
# Modifications Copyright © 2018 Amdocs, Bell Canada
# Copyright (c) 2021 J. F. Lucas. All rights reserved.
+# Copyright (c) 2022 Nokia. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
tcagen2: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.3.1
ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.10.1
prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.7.1
- hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.9.1
+ hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.10.0
# Resource Limit flavor -By Default using small
flavor: small
# Application configuration defaults.
#################################################################
# application image
-image: onap/dmaap/dmaap-mr:1.3.0
+image: onap/dmaap/dmaap-mr:1.3.2
pullPolicy: Always
kafka:
enabled: true
aaf:
enabled: true
+ aaf-sms:
+ cps:
+ # you must always set the same values as value set in cps.enabled
+ enabled: true
aai:
enabled: true
appc:
replicaCount: 1
aaf:
enabled: false
+ aaf-sms:
+ cps:
+ # you must always set the same values as value set in cps.enabled
+ enabled: false
appc:
enabled: false
cassandra:
# common global images
# Busybox for simple shell manipulation
- busyboxImage: busybox:1.32
+ busyboxImage: busybox:1.34.1
# curl image
curlImage: curlimages/curl:7.80.0
htpasswdImage: xmartlabs/htpasswd:latest
# kubenretes client image
- kubectlImage: bitnami/kubectl:1.19
+ kubectlImage: bitnami/kubectl:1.22.4
# logging agent
loggingImage: beats/filebeat:5.5.0
mariadbImage: bitnami/mariadb:10.6.5-debian-10-r28
# nginx server image
- nginxImage: bitnami/nginx:1.18-debian-10
+ nginxImage: bitnami/nginx:1.21.4
# postgreSQL client and server image
postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1
# Enable/disable and configure helm charts (ie. applications)
# to customize the ONAP deployment.
#################################################################
+
aaf:
enabled: false
+ aaf-sms:
+ cps:
+ # you must always set the same values as value set in cps.enabled
+ enabled: false
aai:
enabled: false
appc:
# ============LICENSE_START=======================================================
-# Copyright (C) 2021 Nordix Foundation. All rights reserved.
+# Copyright (C) 2021-2022 Nordix Foundation. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# Configuration of the HTTP/REST server. The parameters are defined and handled by the springboot framework.
# See springboot documentation.
port: 8083
+ servlet:
+ context-path: /onap/policy/clamp/acm/k8sparticipant
+logging:
+ # Configuration of logging
+ level:
+ ROOT: ERROR
+ org.springframework: ERROR
+ org.springframework.data: ERROR
+ org.springframework.web.reactive.function.client.ExchangeFunctions: ERROR
+ org.onap.policy.clamp.controlloop.participant.kubernetes: INFO
+
+ file:
+ name: /var/log/onap/policy/clamp/application.log
+
+chart:
+ api:
+ enabled: false
\ No newline at end of file
- name: repositoryGenerator
version: ~10.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~10.x-0
+ repository: '@local'
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
{{ include "common.log.sidecar" . | nindent 6 }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
{{ include "common.certInitializer.volumes" . | indent 8 }}
- name: localtime
log:
path: /var/log/onap
logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
+#Pods Service Account
+serviceAccount:
+ nameOverride: portal-app
+ roles:
+ - read
- name: repositoryGenerator
version: ~10.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~10.x-0
+ repository: '@local'
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- name: cassandra-docker-entrypoint-initdb
configMap:
max: 3G
new: 100M
large: {}
- unlimited: {}
\ No newline at end of file
+ unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: portal-cassandra
+ roles:
+ - read
- name: repositoryGenerator
version: ~10.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~10.x-0
+ repository: '@local'
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
{{- if .Values.persistence.enabled }}
- name: mariadb-data
cpu: 800m
memory: 1Gi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: portal-db
+ roles:
+ - read
- name: repositoryGenerator
version: ~10.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~10.x-0
+ repository: '@local'
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
{{ include "common.log.sidecar" . | nindent 6 }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- name: localtime
hostPath:
log:
path: /var/log/onap
logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
+#Pods Service Account
+serviceAccount:
+ nameOverride: portal-sdk
+ roles:
+ - read
- name: repositoryGenerator
version: ~10.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~10.x-0
+ repository: '@local'
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- name: localtime
hostPath:
cpu: 1
memory: 4Gi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: portal-widget
+ roles:
+ - read
\ No newline at end of file
# limitations under the License.
-->
<configuration scan="true" scanPeriod="3 seconds">
- <property name="logDir" value="/var/log/onap" />
- <property name="componentName" scope="system" value="sdc"></property>
- <property name="subComponentName" scope="system" value="sdc-be"></property>
- <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />
- <property file="${config.home}/catalog-be/configuration.yaml" />
- <property name="enable-all-log" scope="context" value="false" />
+ <property name="logDir" value="/var/log/onap"/>
+ <property name="componentName" scope="system" value="sdc"/>
+ <property name="subComponentName" scope="system" value="sdc-be"/>
+ <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}"/>
+ <property file="${config.home}/catalog-be/configuration.yaml"/>
+ <property name="enable-all-log" scope="context" value="false"/>
<!-- log file names -->
- <property name="errorLogName" value="error" />
- <property name="metricsLogName" value="metrics" />
- <property name="auditLogName" value="audit" />
- <property name="debugLogName" value="debug" />
- <property name="transactionLogName" value="transaction" />
- <property name="allLogName" value="all" />
- <property name="queueSize" value="256" />
- <property name="maxFileSize" value="50MB" />
- <property name="maxHistory" value="30" />
- <property name="totalSizeCap" value="10GB" />
- <property name="pattern" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />
+ <property name="errorLogName" value="error"/>
+ <property name="metricsLogName" value="metrics"/>
+ <property name="auditLogName" value="audit"/>
+ <property name="debugLogName" value="debug"/>
+ <property name="transactionLogName" value="transaction"/>
+ <property name="allLogName" value="all"/>
+ <property name="queueSize" value="256"/>
+ <property name="maxFileSize" value="50MB"/>
+ <property name="maxHistory" value="30"/>
+ <property name="totalSizeCap" value="10GB"/>
+ <property name="pattern"
+ value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n"/>
+
+ <!-- STDOUT -->
+ <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT">
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+
+ <!-- STDERR -->
+ <appender class="ch.qos.logback.core.ConsoleAppender" name="STDERR">
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">
+ <level>ERROR</level>
+ <onMatch>ACCEPT</onMatch>
+ <onMismatch>DENY</onMismatch>
+ </filter>
+ <encoder>
+ <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>
+ </encoder>
+ </appender>
+
<!-- All log -->
<if condition='property("enable-all-log").equalsIgnoreCase("true")'>
<then>
</encoder>
</appender>
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_ALL">
- <appender-ref ref="ALL_ROLLING" />
+ <appender-ref ref="ALL_ROLLING"/>
</appender>
</then>
</if>
<!-- Asynchronicity Configurations -->
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_DEBUG">
<queueSize>${queueSize}</queueSize>
- <appender-ref ref="DEBUG_ROLLING" />
+ <appender-ref ref="DEBUG_ROLLING"/>
</appender>
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_TRANSACTION">
<queueSize>${queueSize}</queueSize>
- <appender-ref ref="TRANSACTION_ROLLING" />
+ <appender-ref ref="TRANSACTION_ROLLING"/>
</appender>
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_ERROR">
<queueSize>${queueSize}</queueSize>
- <appender-ref ref="ERROR_ROLLING" />
+ <appender-ref ref="ERROR_ROLLING"/>
</appender>
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_AUDIT">
<queueSize>${queueSize}</queueSize>
- <appender-ref ref="AUDIT_ROLLING" />
+ <appender-ref ref="AUDIT_ROLLING"/>
</appender>
<root level="INFO">
- <appender-ref ref="ASYNC_ERROR" />
- <appender-ref ref="ASYNC_DEBUG" />
- <appender-ref ref="ASYNC_AUDIT" />
- <appender-ref ref="ASYNC_TRANSACTION" />
+ <appender-ref ref="ASYNC_ERROR"/>
+ <appender-ref ref="ASYNC_DEBUG"/>
+ <appender-ref ref="ASYNC_AUDIT"/>
+ <appender-ref ref="ASYNC_TRANSACTION"/>
<if condition='property("enable-all-log").equalsIgnoreCase("true")'>
<then>
- <appender-ref ref="ALL_ROLLING" />
+ <appender-ref ref="ALL_ROLLING"/>
</then>
</if>
+ <appender-ref ref="STDOUT"/>
+ <appender-ref ref="STDERR"/>
</root>
- <logger level="INFO" name="org.openecomp.sdc" />
+ <logger level="INFO" name="org.openecomp.sdc"/>
</configuration>
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdc-backend-all-plugins:1.9.5
-backendInitImage: onap/sdc-backend-init:1.9.5
+image: onap/sdc-backend-all-plugins:1.10.1
+backendInitImage: onap/sdc-backend-init:1.10.1
pullPolicy: Always
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-cassandra:1.9.5
-cassandraInitImage: onap/sdc-cassandra-init:1.9.5
+image: onap/sdc-cassandra:1.10.1
+cassandraInitImage: onap/sdc-cassandra-init:1.10.1
pullPolicy: Always
config:
-->\r
\r
<configuration scan="true" scanPeriod="3 seconds">\r
- <property name="logDir" value="/var/log/onap" />\r
- <property name="componentName" scope="system" value="sdc"></property>\r
- <property name="subComponentName" scope="system" value="sdc-fe"></property>\r
- <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />\r
- <property file="${config.home}/catalog-fe/configuration.yaml" />\r
- <property name="enable-all-log" scope="context" value="false" />\r
+ <property name="logDir" value="/var/log/onap"/>\r
+ <property name="componentName" scope="system" value="sdc"/>\r
+ <property name="subComponentName" scope="system" value="sdc-fe"/>\r
+ <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}"/>\r
+ <property file="${config.home}/catalog-fe/configuration.yaml"/>\r
+ <property name="enable-all-log" scope="context" value="false"/>\r
<!-- log file names -->\r
- <property name="errorLogName" value="error" />\r
- <property name="metricsLogName" value="metrics" />\r
- <property name="auditLogName" value="audit" />\r
- <property name="debugLogName" value="debug" />\r
- <property name="transactionLogName" value="transaction" />\r
- <property name="allLogName" value="all" />\r
- <property name="queueSize" value="256" />\r
- <property name="maxFileSize" value="50MB" />\r
- <property name="maxHistory" value="30" />\r
- <property name="totalSizeCap" value="10GB" />\r
- <property name="pattern" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />\r
+ <property name="errorLogName" value="error"/>\r
+ <property name="metricsLogName" value="metrics"/>\r
+ <property name="auditLogName" value="audit"/>\r
+ <property name="debugLogName" value="debug"/>\r
+ <property name="transactionLogName" value="transaction"/>\r
+ <property name="allLogName" value="all"/>\r
+ <property name="queueSize" value="256"/>\r
+ <property name="maxFileSize" value="50MB"/>\r
+ <property name="maxHistory" value="30"/>\r
+ <property name="totalSizeCap" value="10GB"/>\r
+ <property name="pattern"\r
+ value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n"/>\r
+\r
+ <!-- STDOUT -->\r
+ <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT">\r
+ <encoder>\r
+ <pattern>${pattern}</pattern>\r
+ </encoder>\r
+ </appender>\r
+\r
+ <!-- STDERR -->\r
+ <appender class="ch.qos.logback.core.ConsoleAppender" name="STDERR">\r
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">\r
+ <level>ERROR</level>\r
+ <onMatch>ACCEPT</onMatch>\r
+ <onMismatch>DENY</onMismatch>\r
+ </filter>\r
+ <encoder>\r
+ <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>\r
+ </encoder>\r
+ </appender>\r
+\r
<!-- All log -->\r
<if condition='property("enable-all-log").equalsIgnoreCase("true")'>\r
<then>\r
</encoder>\r
</appender>\r
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_ALL">\r
- <appender-ref ref="ALL_ROLLING" />\r
+ <appender-ref ref="ALL_ROLLING"/>\r
</appender>\r
</then>\r
</if>\r
<!-- Asynchronicity Configurations -->\r
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_DEBUG">\r
<queueSize>${queueSize}</queueSize>\r
- <appender-ref ref="DEBUG_ROLLING" />\r
+ <appender-ref ref="DEBUG_ROLLING"/>\r
</appender>\r
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_TRANSACTION">\r
<queueSize>${queueSize}</queueSize>\r
- <appender-ref ref="TRANSACTION_ROLLING" />\r
+ <appender-ref ref="TRANSACTION_ROLLING"/>\r
</appender>\r
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_ERROR">\r
<queueSize>${queueSize}</queueSize>\r
- <appender-ref ref="ERROR_ROLLING" />\r
+ <appender-ref ref="ERROR_ROLLING"/>\r
</appender>\r
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_AUDIT">\r
<queueSize>${queueSize}</queueSize>\r
- <appender-ref ref="AUDIT_ROLLING" />\r
+ <appender-ref ref="AUDIT_ROLLING"/>\r
</appender>\r
<root level="INFO">\r
- <appender-ref ref="ASYNC_ERROR" />\r
- <appender-ref ref="ASYNC_DEBUG" />\r
- <appender-ref ref="ASYNC_AUDIT" />\r
- <appender-ref ref="ASYNC_TRANSACTION" />\r
+ <appender-ref ref="ASYNC_ERROR"/>\r
+ <appender-ref ref="ASYNC_DEBUG"/>\r
+ <appender-ref ref="ASYNC_AUDIT"/>\r
+ <appender-ref ref="ASYNC_TRANSACTION"/>\r
<if condition='property("enable-all-log").equalsIgnoreCase("true")'>\r
<then>\r
- <appender-ref ref="ALL_ROLLING" />\r
+ <appender-ref ref="ALL_ROLLING"/>\r
</then>\r
</if>\r
+ <appender-ref ref="STDOUT"/>\r
+ <appender-ref ref="STDERR"/>\r
</root>\r
- <logger level="INFO" name="org.openecomp.sdc" />\r
+ <logger level="INFO" name="org.openecomp.sdc"/>\r
</configuration>\r
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdc-frontend:1.9.5
+image: onap/sdc-frontend:1.10.1
pullPolicy: Always
config:
global:
pullPolicy: Always
-image: onap/sdc-helm-validator:1.3.0
+image: onap/sdc-helm-validator:1.3.1
containerPort: &svc_port 8080
config:
# limitations under the License.\r
-->\r
<configuration scan="true" scanPeriod="3 seconds">\r
- <property name="logDir" value="/var/log/onap" />\r
- <property name="componentName" scope="system" value="sdc"></property>\r
- <property name="subComponentName" scope="system" value="sdc-onboarding-be"></property>\r
- <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />\r
- <property file="${config.home}/catalog-be/configuration.yaml" />\r
- <property name="enable-all-log" scope="context" value="false" />\r
+ <property name="logDir" value="/var/log/onap"/>\r
+ <property name="componentName" scope="system" value="sdc"/>\r
+ <property name="subComponentName" scope="system" value="sdc-onboarding-be"/>\r
+ <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}"/>\r
+ <property file="${config.home}/catalog-be/configuration.yaml"/>\r
+ <property name="enable-all-log" scope="context" value="false"/>\r
<!-- log file names -->\r
- <property name="errorLogName" value="error" />\r
- <property name="metricsLogName" value="metrics" />\r
- <property name="auditLogName" value="audit" />\r
- <property name="debugLogName" value="debug" />\r
- <property name="transactionLogName" value="transaction" />\r
- <property name="allLogName" value="all" />\r
- <property name="queueSize" value="256" />\r
- <property name="maxFileSize" value="50MB" />\r
- <property name="maxHistory" value="30" />\r
- <property name="totalSizeCap" value="10GB" />\r
- <property name="pattern" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />\r
+ <property name="errorLogName" value="error"/>\r
+ <property name="metricsLogName" value="metrics"/>\r
+ <property name="auditLogName" value="audit"/>\r
+ <property name="debugLogName" value="debug"/>\r
+ <property name="transactionLogName" value="transaction"/>\r
+ <property name="allLogName" value="all"/>\r
+ <property name="queueSize" value="256"/>\r
+ <property name="maxFileSize" value="50MB"/>\r
+ <property name="maxHistory" value="30"/>\r
+ <property name="totalSizeCap" value="10GB"/>\r
+ <property name="pattern"\r
+ value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX", UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n"/>\r
+\r
+ <!-- STDOUT -->\r
+ <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT">\r
+ <encoder>\r
+ <pattern>${pattern}</pattern>\r
+ </encoder>\r
+ </appender>\r
+\r
+ <!-- STDERR -->\r
+ <appender class="ch.qos.logback.core.ConsoleAppender" name="STDERR">\r
+ <filter class="ch.qos.logback.classic.filter.LevelFilter">\r
+ <level>ERROR</level>\r
+ <onMatch>ACCEPT</onMatch>\r
+ <onMismatch>DENY</onMismatch>\r
+ </filter>\r
+ <encoder>\r
+ <pattern>"%d [%thread] %-5level %logger{1024} - %msg%n"</pattern>\r
+ </encoder>\r
+ </appender>\r
+\r
<!-- All log -->\r
<if condition='property("enable-all-log").equalsIgnoreCase("true")'>\r
<then>\r
</encoder>\r
</appender>\r
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_ALL">\r
- <appender-ref ref="ALL_ROLLING" />\r
+ <appender-ref ref="ALL_ROLLING"/>\r
</appender>\r
</then>\r
</if>\r
<!-- Asynchronicity Configurations -->\r
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_DEBUG">\r
<queueSize>${queueSize}</queueSize>\r
- <appender-ref ref="DEBUG_ROLLING" />\r
+ <appender-ref ref="DEBUG_ROLLING"/>\r
</appender>\r
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_TRANSACTION">\r
<queueSize>${queueSize}</queueSize>\r
- <appender-ref ref="TRANSACTION_ROLLING" />\r
+ <appender-ref ref="TRANSACTION_ROLLING"/>\r
</appender>\r
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_ERROR">\r
<queueSize>${queueSize}</queueSize>\r
- <appender-ref ref="ERROR_ROLLING" />\r
+ <appender-ref ref="ERROR_ROLLING"/>\r
</appender>\r
<appender class="ch.qos.logback.classic.AsyncAppender" name="ASYNC_AUDIT">\r
<queueSize>${queueSize}</queueSize>\r
- <appender-ref ref="AUDIT_ROLLING" />\r
+ <appender-ref ref="AUDIT_ROLLING"/>\r
</appender>\r
<root level="INFO">\r
- <appender-ref ref="ASYNC_ERROR" />\r
- <appender-ref ref="ASYNC_DEBUG" />\r
- <appender-ref ref="ASYNC_AUDIT" />\r
- <appender-ref ref="ASYNC_TRANSACTION" />\r
+ <appender-ref ref="ASYNC_ERROR"/>\r
+ <appender-ref ref="ASYNC_DEBUG"/>\r
+ <appender-ref ref="ASYNC_AUDIT"/>\r
+ <appender-ref ref="ASYNC_TRANSACTION"/>\r
<if condition='property("enable-all-log").equalsIgnoreCase("true")'>\r
<then>\r
- <appender-ref ref="ALL_ROLLING" />\r
+ <appender-ref ref="ALL_ROLLING"/>\r
</then>\r
</if>\r
+ <appender-ref ref="STDOUT"/>\r
+ <appender-ref ref="STDERR"/>\r
</root>\r
- <logger level="INFO" name="org.openecomp.sdc" />\r
+ <logger level="INFO" name="org.openecomp.sdc"/>\r
</configuration>\r
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdc-onboard-backend:1.9.5
-onboardingInitImage: onap/sdc-onboard-cassandra-init:1.9.5
+image: onap/sdc-onboard-backend:1.10.1
+onboardingInitImage: onap/sdc-onboard-cassandra-init:1.10.1
pullPolicy: Always
# flag to enable debugging - application support required