Merge "cassandra livenessProbe chart error"

diff --git a/docs/release-notes.rst b/docs/release-notes.rst
index 4972492..ae22cb2 100644 (file)
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -49,6 +49,15 @@ Summary
 
 **Security Notes**
 
+*Fixed Security Issues*
+
+*Known Security Issues*
+
+* In default deployment OOM (consul-server-ui) exposes HTTP port 30270 outside of cluster. [`OJSI-134 <https://jira.onap.org/browse/OJSI-134>`_]
+* Hard coded password used for all oom deployments [`OJSI-188 <https://jira.onap.org/browse/OJSI-188>`_]
+
+*Known Vulnerabilities in Used Modules*
+
 OOM code has been formally scanned during build time using NexusIQ and no
 Critical vulnerability was found.
 

diff --git a/kubernetes/appc/charts/appc-cdt/values.yaml b/kubernetes/appc/charts/appc-cdt/values.yaml
index ba91c19..13dcc1c 100644 (file)
--- a/kubernetes/appc/charts/appc-cdt/values.yaml
+++ b/kubernetes/appc/charts/appc-cdt/values.yaml
@@ -26,7 +26,7 @@ flavor: small
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/appc-cdt-image:1.5.1
+image: onap/appc-cdt-image:1.5.2
 pullPolicy: Always
 
 # application configuration

diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties
index 91ab8ff..0e8b71c 100644 (file)
--- a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties
+++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties
@@ -29,7 +29,7 @@ cadi_bath_convert=/opt/onap/appc/data/properties/bath_config.csv
 cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US
 cadi_keyfile=/opt/onap/appc/data/stores/org.onap.appc.keyfile
 cadi_keystore=/opt/onap/appc/data/stores/org.onap.appc.p12
-cadi_keystore_password=enc:4DVUTKvRCCtebQrKskDsuKFIHLzOf2M9XxNOhVIK4xb
+cadi_keystore_password=enc:tQTHVtbdCuzqrQY1TBRt9SkFL9tCY3OzwbsfaVyAa2dOfZlI0krFOJSBnkm1WdGr
 #cadi_key_password=enc:<KEY PASSWORD (optional if the same as KEYSTORE PASSWORD)>
 cadi_alias=appc@appc.onap.org
 cadi_truststore=/opt/onap/appc/data/stores/truststoreONAPall.jks

diff --git a/kubernetes/appc/values.yaml b/kubernetes/appc/values.yaml
index 633d4e5..4998b2e 100644 (file)
--- a/kubernetes/appc/values.yaml
+++ b/kubernetes/appc/values.yaml
@@ -31,7 +31,7 @@ global:
 flavor: small
 # application image
 repository: nexus3.onap.org:10001
-image: onap/appc-image:1.5.1
+image: onap/appc-image:1.5.2
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/cds/charts/cds-blueprints-processor/values.yaml b/kubernetes/cds/charts/cds-blueprints-processor/values.yaml
index 43b5f49..51e8e5b 100755 (executable)
--- a/kubernetes/cds/charts/cds-blueprints-processor/values.yaml
+++ b/kubernetes/cds/charts/cds-blueprints-processor/values.yaml
@@ -40,7 +40,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/ccsdk-blueprintsprocessor:0.4.4
+image: onap/ccsdk-blueprintsprocessor:0.4.5
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/cds/charts/cds-command-executor/values.yaml b/kubernetes/cds/charts/cds-command-executor/values.yaml
index 73f449b..14432ec 100755 (executable)
--- a/kubernetes/cds/charts/cds-command-executor/values.yaml
+++ b/kubernetes/cds/charts/cds-command-executor/values.yaml
@@ -40,7 +40,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/ccsdk-commandexecutor:0.4.4
+image: onap/ccsdk-commandexecutor:0.4.5
 pullPolicy: Always
 
 # application configuration

diff --git a/kubernetes/cds/charts/cds-controller-blueprints/values.yaml b/kubernetes/cds/charts/cds-controller-blueprints/values.yaml
index 9030000..c924b2b 100755 (executable)
--- a/kubernetes/cds/charts/cds-controller-blueprints/values.yaml
+++ b/kubernetes/cds/charts/cds-controller-blueprints/values.yaml
@@ -38,7 +38,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/ccsdk-controllerblueprints:0.4.4
+image: onap/ccsdk-controllerblueprints:0.4.5
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/cds/charts/cds-sdc-listener/values.yaml b/kubernetes/cds/charts/cds-sdc-listener/values.yaml
index d4c0cd7..cd2fbf5 100644 (file)
--- a/kubernetes/cds/charts/cds-sdc-listener/values.yaml
+++ b/kubernetes/cds/charts/cds-sdc-listener/values.yaml
@@ -37,7 +37,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/ccsdk-sdclistener:0.4.4
+image: onap/ccsdk-sdclistener:0.4.5
 name: sdc-listener
 pullPolicy: Always
 

diff --git a/kubernetes/cds/charts/cds-ui/values.yaml b/kubernetes/cds/charts/cds-ui/values.yaml
index c7bf6ec..036b888 100644 (file)
--- a/kubernetes/cds/charts/cds-ui/values.yaml
+++ b/kubernetes/cds/charts/cds-ui/values.yaml
@@ -28,7 +28,7 @@ subChartsOnly:
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/ccsdk-cds-ui-server:0.4.4
+image: onap/ccsdk-cds-ui-server:0.4.5
 pullPolicy: Always
 
 # application configuration

diff --git a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml
index 5965b41..954de3a 100644 (file)
--- a/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml
+++ b/kubernetes/clamp/charts/clamp-dash-kibana/values.yaml
@@ -34,7 +34,7 @@ busyboxImage: library/busybox:latest
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/clamp-dashboard-kibana:4.0.3
+image: onap/clamp-dashboard-kibana:4.0.5
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml
index 356d64b..893860b 100644 (file)
--- a/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml
+++ b/kubernetes/clamp/charts/clamp-dash-logstash/values.yaml
@@ -30,7 +30,7 @@ flavor: small
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/clamp-dashboard-logstash:4.0.3
+image: onap/clamp-dashboard-logstash:4.0.5
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/clamp/values.yaml b/kubernetes/clamp/values.yaml
index 214eed6..398c9ea 100644 (file)
--- a/kubernetes/clamp/values.yaml
+++ b/kubernetes/clamp/values.yaml
@@ -30,7 +30,7 @@ flavor: small
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/clamp:4.0.3
+image: onap/clamp:4.0.5
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/dcaegen2/charts/dcae-policy-handler/resources/config/config.json b/kubernetes/dcaegen2/charts/dcae-policy-handler/resources/config/config.json
index 1db11ad..7342ca6 100644 (file)
--- a/kubernetes/dcaegen2/charts/dcae-policy-handler/resources/config/config.json
+++ b/kubernetes/dcaegen2/charts/dcae-policy-handler/resources/config/config.json
@@ -12,7 +12,7 @@
     },
     "policy_engine": {
       "url": "https://{{ .Values.config.address.policy_xacml_pdp }}:6969",
-      "path_decision": "/policy/pdpx/v1/decision"
+      "path_decision": "/policy/pdpx/v1/decision",
       "path_notifications": "/pdp/notifications",
       "path_api": "/pdp/api/",
       "headers": {

diff --git a/kubernetes/helm/plugins/deploy/deploy.sh b/kubernetes/helm/plugins/deploy/deploy.sh
index 2bbae80..3416a02 100755 (executable)
--- a/kubernetes/helm/plugins/deploy/deploy.sh
+++ b/kubernetes/helm/plugins/deploy/deploy.sh
@@ -206,6 +206,9 @@ deploy() {
 
   # upgrade/install each "enabled" subchart
   cd $CACHE_SUBCHART_DIR/
+  #“helm ls” is an expensive command in that it can take a long time to execute.
+  #So cache the results to prevent repeated execution.
+  ALL_HELM_RELEASES=$(helm ls -q)
   for subchart in * ; do
     SUBCHART_OVERRIDES=$CACHE_SUBCHART_DIR/$subchart/subchart-overrides.yaml
 
@@ -236,7 +239,7 @@ deploy() {
         fi
       fi
     else
-      array=($(helm ls -q | grep "${RELEASE}-${subchart}"))
+      array=($(echo "$ALL_HELM_RELEASES" | grep "${RELEASE}-${subchart}"))
       n=${#array[*]}
       for (( i = n-1; i >= 0; i-- )); do
         helm del "${array[i]}" --purge

diff --git a/kubernetes/oof/charts/oof-has/values.yaml b/kubernetes/oof/charts/oof-has/values.yaml
index 8bc3e17..e53c342 100755 (executable)
--- a/kubernetes/oof/charts/oof-has/values.yaml
+++ b/kubernetes/oof/charts/oof-has/values.yaml
@@ -25,7 +25,7 @@ global:
   commonConfigPrefix: onap-oof-has
   image:
     readiness: oomk8s/readiness-check:2.0.0
-    optf_has: onap/optf-has:1.3.0
+    optf_has: onap/optf-has:1.3.1
     filebeat: docker.elastic.co/beats/filebeat:5.5.0
 
 pullPolicy: Always

diff --git a/kubernetes/oof/values.yaml b/kubernetes/oof/values.yaml
index bf87f0f..d72b1f0 100644 (file)
--- a/kubernetes/oof/values.yaml
+++ b/kubernetes/oof/values.yaml
@@ -26,7 +26,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/optf-osdf:1.3.0
+image: onap/optf-osdf:1.3.2
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/policy/charts/drools/values.yaml b/kubernetes/policy/charts/drools/values.yaml
index 08da64d..d958201 100644 (file)
--- a/kubernetes/policy/charts/drools/values.yaml
+++ b/kubernetes/policy/charts/drools/values.yaml
@@ -28,7 +28,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/policy-pdpd-cl:1.4.1
+image: onap/policy-pdpd-cl:1.4.2
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/robot/values.yaml b/kubernetes/robot/values.yaml
old mode 100755 (executable)
new mode 100644 (file)
index 5d41e06..f19c0e2
--- a/kubernetes/robot/values.yaml
+++ b/kubernetes/robot/values.yaml
@@ -22,7 +22,7 @@ global: # global defaults
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/testsuite:1.4.0
+image: onap/testsuite:1.4.1
 pullPolicy: Always
 
 ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
@@ -40,7 +40,7 @@ config:
 
 # Demo configuration
 # Nexus demo artifact version.  Maps to GLOBAL_INJECTED_ARTIFACTS_VERSION
-demoArtifactsVersion: "1.4.0-SNAPSHOT"
+demoArtifactsVersion: "1.4.0"
 # Nexus demo artifact URL.
 demoArtifactsRepoUrl: "https://nexus.onap.org/content/repositories/releases"
 # Openstack medium sized flavour name.  Maps GLOBAL_INJECTED_VM_FLAVOR
@@ -80,7 +80,7 @@ ubuntu14Image: "Ubuntu_14_trusty"
 # Openstack glance image name for Ubuntu 16.  Maps to GLOBAL_INJECTED_UBUNTU_1604_IMAGE
 ubuntu16Image: "Ubuntu_16_xenial"
 # GLOBAL_INJECTED_SCRIPT_VERSION.  Maps to GLOBAL_INJECTED_SCRIPT_VERSION
-scriptVersion: "1.4.0-SNAPSHOT"
+scriptVersion: "1.4.0"
 # Openstack network to which VNFs will bind their primary (first) interface.  Maps to GLOBAL_INJECTED_NETWORK
 openStackPrivateNetId: "e8f51956-00dd-4425-af36-045716781ffc"
 # Openstack security group for instantiating VNFs

diff --git a/kubernetes/sdnc/charts/dmaap-listener/values.yaml b/kubernetes/sdnc/charts/dmaap-listener/values.yaml
index 65c1dcf..cd1a887 100644 (file)
--- a/kubernetes/sdnc/charts/dmaap-listener/values.yaml
+++ b/kubernetes/sdnc/charts/dmaap-listener/values.yaml
@@ -27,7 +27,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/sdnc-dmaap-listener-image:1.5.3
+image: onap/sdnc-dmaap-listener-image:1.5.4
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml
index e5df37d..a7e249a 100644 (file)
--- a/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml
+++ b/kubernetes/sdnc/charts/sdnc-ansible-server/values.yaml
@@ -27,7 +27,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/sdnc-ansible-server-image:1.5.3
+image: onap/sdnc-ansible-server-image:1.5.4
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/sdnc/charts/sdnc-portal/values.yaml b/kubernetes/sdnc/charts/sdnc-portal/values.yaml
index 2cfab8f..ef76ed3 100644 (file)
--- a/kubernetes/sdnc/charts/sdnc-portal/values.yaml
+++ b/kubernetes/sdnc/charts/sdnc-portal/values.yaml
@@ -27,7 +27,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/admportal-sdnc-image:1.5.3
+image: onap/admportal-sdnc-image:1.5.4
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/sdnc/charts/ueb-listener/values.yaml b/kubernetes/sdnc/charts/ueb-listener/values.yaml
index 5e6fe53..7c985ce 100644 (file)
--- a/kubernetes/sdnc/charts/ueb-listener/values.yaml
+++ b/kubernetes/sdnc/charts/ueb-listener/values.yaml
@@ -27,7 +27,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/sdnc-ueb-listener-image:1.5.3
+image: onap/sdnc-ueb-listener-image:1.5.4
 pullPolicy: Always
 
 # flag to enable debugging - application support required

diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml
index 4013486..9bd50a1 100644 (file)
--- a/kubernetes/sdnc/values.yaml
+++ b/kubernetes/sdnc/values.yaml
@@ -32,7 +32,7 @@ global:
 # application images
 repository: nexus3.onap.org:10001
 pullPolicy: Always
-image: onap/sdnc-image:1.5.3
+image: onap/sdnc-image:1.5.4
 
 # flag to enable debugging - application support required
 debugEnabled: false

diff --git a/kubernetes/so/charts/so-bpmn-infra/values.yaml b/kubernetes/so/charts/so-bpmn-infra/values.yaml
index 5ac258e..d97a629 100755 (executable)
--- a/kubernetes/so/charts/so-bpmn-infra/values.yaml
+++ b/kubernetes/so/charts/so-bpmn-infra/values.yaml
@@ -27,7 +27,7 @@ global:
 # Application configuration defaults.
 #################################################################
 repository: nexus3.onap.org:10001
-image: onap/so/bpmn-infra:1.4.3
+image: onap/so/bpmn-infra:1.4.4
 pullPolicy: Always
 
 replicaCount: 1

diff --git a/kubernetes/so/charts/so-catalog-db-adapter/values.yaml b/kubernetes/so/charts/so-catalog-db-adapter/values.yaml
index 23c1f25..614986b 100755 (executable)
--- a/kubernetes/so/charts/so-catalog-db-adapter/values.yaml
+++ b/kubernetes/so/charts/so-catalog-db-adapter/values.yaml
@@ -27,7 +27,7 @@ global:
 # Application configuration defaults.
 #################################################################
 repository: nexus3.onap.org:10001
-image: onap/so/catalog-db-adapter:1.4.3
+image: onap/so/catalog-db-adapter:1.4.4
 pullPolicy: Always
 
 replicaCount: 1

diff --git a/kubernetes/so/charts/so-monitoring/values.yaml b/kubernetes/so/charts/so-monitoring/values.yaml
index 9254abe..ade7116 100644 (file)
--- a/kubernetes/so/charts/so-monitoring/values.yaml
+++ b/kubernetes/so/charts/so-monitoring/values.yaml
@@ -32,7 +32,7 @@ global:
 # Application configuration defaults.
 #################################################################
 repository: nexus3.onap.org:10001
-image: onap/so/so-monitoring:1.4.3
+image: onap/so/so-monitoring:1.4.4
 pullPolicy: Always
 
 replicaCount: 1

diff --git a/kubernetes/so/charts/so-openstack-adapter/values.yaml b/kubernetes/so/charts/so-openstack-adapter/values.yaml
index 37c7887..02379cd 100755 (executable)
--- a/kubernetes/so/charts/so-openstack-adapter/values.yaml
+++ b/kubernetes/so/charts/so-openstack-adapter/values.yaml
@@ -26,7 +26,7 @@ global:
 #################################################################
 # Application configuration defaults.
 #################################################################
-image: onap/so/openstack-adapter:1.4.3
+image: onap/so/openstack-adapter:1.4.4
 pullPolicy: Always
 repository: nexus3.onap.org:10001
 

diff --git a/kubernetes/so/charts/so-request-db-adapter/values.yaml b/kubernetes/so/charts/so-request-db-adapter/values.yaml
index 308b304..a6d29f5 100755 (executable)
--- a/kubernetes/so/charts/so-request-db-adapter/values.yaml
+++ b/kubernetes/so/charts/so-request-db-adapter/values.yaml
@@ -27,7 +27,7 @@ global:
 # Application configuration defaults.
 #################################################################
 repository: nexus3.onap.org:10001
-image: onap/so/request-db-adapter:1.4.3
+image: onap/so/request-db-adapter:1.4.4
 pullPolicy: Always
 
 replicaCount: 1

diff --git a/kubernetes/so/charts/so-sdc-controller/values.yaml b/kubernetes/so/charts/so-sdc-controller/values.yaml
index 1109d7d..90b5e77 100755 (executable)
--- a/kubernetes/so/charts/so-sdc-controller/values.yaml
+++ b/kubernetes/so/charts/so-sdc-controller/values.yaml
@@ -27,7 +27,7 @@ global:
 # Application configuration defaults.
 #################################################################
 repository: nexus3.onap.org:10001
-image: onap/so/sdc-controller:1.4.3
+image: onap/so/sdc-controller:1.4.4
 pullPolicy: Always
 
 replicaCount: 1

diff --git a/kubernetes/so/charts/so-sdnc-adapter/values.yaml b/kubernetes/so/charts/so-sdnc-adapter/values.yaml
index 3f13e83..32ab607 100755 (executable)
--- a/kubernetes/so/charts/so-sdnc-adapter/values.yaml
+++ b/kubernetes/so/charts/so-sdnc-adapter/values.yaml
@@ -27,7 +27,7 @@ global:
 # Application configuration defaults.
 #################################################################
 repository: nexus3.onap.org:10001
-image: onap/so/sdnc-adapter:1.4.3
+image: onap/so/sdnc-adapter:1.4.4
 pullPolicy: Always
 
 replicaCount: 1

diff --git a/kubernetes/so/charts/so-vfc-adapter/values.yaml b/kubernetes/so/charts/so-vfc-adapter/values.yaml
index ca4d1d9..6265b83 100755 (executable)
--- a/kubernetes/so/charts/so-vfc-adapter/values.yaml
+++ b/kubernetes/so/charts/so-vfc-adapter/values.yaml
@@ -27,7 +27,7 @@ global:
 # Application configuration defaults.
 #################################################################
 repository: nexus3.onap.org:10001
-image: onap/so/vfc-adapter:1.4.3
+image: onap/so/vfc-adapter:1.4.4
 pullPolicy: Always
 
 replicaCount: 1

diff --git a/kubernetes/so/charts/so-vnfm-adapter/values.yaml b/kubernetes/so/charts/so-vnfm-adapter/values.yaml
index c48428a..b3bd8f5 100755 (executable)
--- a/kubernetes/so/charts/so-vnfm-adapter/values.yaml
+++ b/kubernetes/so/charts/so-vnfm-adapter/values.yaml
@@ -26,7 +26,7 @@ global:
 # Application configuration defaults.
 #################################################################
 repository: nexus3.onap.org:10001
-image: onap/so/vnfm-adapter:1.4.3
+image: onap/so/vnfm-adapter:1.4.4
 pullPolicy: Always
 
 replicaCount: 1

diff --git a/kubernetes/vid/values.yaml b/kubernetes/vid/values.yaml
index e274b7a..0825c76 100644 (file)
--- a/kubernetes/vid/values.yaml
+++ b/kubernetes/vid/values.yaml
@@ -27,7 +27,7 @@ subChartsOnly:
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/vid:4.3.0
+image: onap/vid:4.3.1
 pullPolicy: Always
 
 # mariadb image for initializing

diff --git a/kubernetes/vnfsdk/values.yaml b/kubernetes/vnfsdk/values.yaml
index a6d7efc..2b6fd99 100644 (file)
--- a/kubernetes/vnfsdk/values.yaml
+++ b/kubernetes/vnfsdk/values.yaml
@@ -28,7 +28,7 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/vnfsdk/refrepo:1.3.0
+image: onap/vnfsdk/refrepo:1.3.2
 postgresRepository: crunchydata
 postgresImage: crunchy-postgres:centos7-10.3-1.8.2
 pullPolicy: Always