From 8cb16a6b59d8501808d62bb558f76f161b53d3e9 Mon Sep 17 00:00:00 2001
From: mpriyank <priyank.maheshwari@est.tech>
Date: Fri, 3 Nov 2023 12:16:54 +0000
Subject: [PATCH] [CPS] Config updates for cps-core and DMI

- Actuator health check endpoints and ports updated from /manage to
  /actuator and port to service port
- Config changes relating to spring boot upgrade
- Updating the latest cps image for montreal that has
  security.permit-uri under root
- Added hazelcast capability to run on kubernetes mode

Issue-ID: CPS-1945
Issue-ID: CPS-1977
Change-Id: I28cc1c576d036cda1d61893a7f897698a056f0a8
Signed-off-by: mpriyank <priyank.maheshwari@est.tech>
---
 .../cps-core/resources/config/application-helm.yml | 11 +++++--
 .../cps/components/cps-core/templates/service.yaml |  2 ++
 kubernetes/cps/components/cps-core/values.yaml     | 36 +++++++++++++---------
 .../resources/config/application-helm.yml          |  2 +-
 .../cps/components/ncmp-dmi-plugin/values.yaml     | 18 +++++------
 5 files changed, 41 insertions(+), 28 deletions(-)

diff --git a/kubernetes/cps/components/cps-core/resources/config/application-helm.yml b/kubernetes/cps/components/cps-core/resources/config/application-helm.yml
index 842395f71e..72da92fd86 100644
--- a/kubernetes/cps/components/cps-core/resources/config/application-helm.yml
+++ b/kubernetes/cps/components/cps-core/resources/config/application-helm.yml
@@ -37,8 +37,8 @@ spring:
       client-id: cps-core
 
 security:
-  # comma-separated uri patterns which do not require authorization
-  permit-uri: /manage/**,/swagger-ui/**,/swagger-resources/**,/api-docs
+# comma-separated uri patterns which do not require authorization
+  permit-uri: /actuator/**,/swagger-ui/**,/swagger-resources/**,/api-docs
   auth:
     username: ${CPS_USERNAME}
     password: ${CPS_PASSWORD}
@@ -71,5 +71,12 @@ spring.kafka.properties.sasl.jaas.config: ${SASL_JAAS_CONFIG}
 {{ toYaml .Values.config.additional | nindent 2 }}
 {{- end }}
 
+# Custom Hazelcast config.
+hazelcast:
+  mode:
+    kubernetes:
+      enabled: {{ .Values.hazelcast.config.kubernetesDiscovery }}
+      service-name: {{ .Values.hazelcast.config.kubernetesServiceName }}
+
 # Last empty line is required otherwise the last property will be missing from application.yml file in the pod.
 
diff --git a/kubernetes/cps/components/cps-core/templates/service.yaml b/kubernetes/cps/components/cps-core/templates/service.yaml
index 97657bfc0b..52263a87ac 100644
--- a/kubernetes/cps/components/cps-core/templates/service.yaml
+++ b/kubernetes/cps/components/cps-core/templates/service.yaml
@@ -15,3 +15,5 @@
 */}}
 
 {{ include "common.service" . }}
+---
+{{ include "common.headlessService" . }}
diff --git a/kubernetes/cps/components/cps-core/values.yaml b/kubernetes/cps/components/cps-core/values.yaml
index e3c399f1d6..91f9e396e0 100644
--- a/kubernetes/cps/components/cps-core/values.yaml
+++ b/kubernetes/cps/components/cps-core/values.yaml
@@ -68,30 +68,30 @@ global:
     container:
       name: postgres
 
-image: onap/cps-and-ncmp:3.2.6
-containerPort: &svc_port 8080
-managementPort: &mgt_port 8081
+image: onap/cps-and-ncmp:3.3.11
 
 service:
   type: ClusterIP
+  headless: {}
   name: cps-core
+  internalPort: &svc_port 8080
   ports:
     - name: &port http
       port: *svc_port
-    - name: http-management
-      port: *mgt_port
-      targetPort: *mgt_port
+  headlessPorts:
+    - name: tcp-hazelcast
+      port: 5701
 
 prometheus:
   enabled: false
 
 metrics:
   serviceMonitor:
-    port: http-management
+    port: http
       ## specify target port if name is not given to the port in the service definition
       ##
     # targetPort: 8080
-    path: /manage/prometheus
+    path: /actuator/prometheus
     interval: 60s
     basicAuth:
       enabled: false
@@ -129,20 +129,20 @@ liveness:
   # necessary to disable liveness probe when setting breakpoints
   # in debugger so K8s doesn't restart unresponsive container
   enabled: true
-  path: /manage/health
-  port: *mgt_port
+  path: /actuator/health
+  port: *svc_port
 
 readiness:
   initialDelaySeconds: 15
   periodSeconds: 15
-  path: /manage/health
-  port: *mgt_port
+  path: /actuator/health
+  port: *svc_port
 
 startup:
   failureThreshold: 5
   periodSeconds: 60
-  path: /manage/health
-  port: *mgt_port
+  path: /actuator/health
+  port: *svc_port
 
 ingress:
   enabled: true
@@ -276,3 +276,11 @@ updateStrategy:
   type: RollingUpdate
   maxUnavailable: 0
   maxSurge: 1
+
+# Hazlecast custom configurations.
+hazelcast:
+  config:
+    kubernetesDiscovery: true
+    kubernetesServiceName: cps-core-headless
+
+
diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/resources/config/application-helm.yml b/kubernetes/cps/components/ncmp-dmi-plugin/resources/config/application-helm.yml
index 428a553de6..3c9261191b 100644
--- a/kubernetes/cps/components/ncmp-dmi-plugin/resources/config/application-helm.yml
+++ b/kubernetes/cps/components/ncmp-dmi-plugin/resources/config/application-helm.yml
@@ -37,7 +37,7 @@ sdnc:
 
 security:
   # comma-separated uri patterns which do not require authorization
-  permit-uri: /manage/**,/swagger-ui/**,/swagger-resources/**,/v3/api-docs
+  permit-uri: /actuator/**,/swagger-ui/**,/swagger-resources/**,/v3/api-docs
   auth:
     username: ${DMI_PLUGIN_USERNAME}
     password: ${DMI_PLUGIN_PASSWORD}
diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml b/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml
index f3074c7b8b..c9d5c33fca 100644
--- a/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml
+++ b/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml
@@ -47,9 +47,8 @@ global:
     virtualhost:
       baseurl: "simpledemo.onap.org"
 
-image: onap/ncmp-dmi-plugin:1.3.0
+image: onap/ncmp-dmi-plugin:1.4.0
 containerPort: &svc_port 8080
-managementPort: &mgt_port 8081
 
 prometheus:
   enabled: false
@@ -60,17 +59,14 @@ service:
   ports:
     - name: &port http
       port: *svc_port
-    - name: http-management
-      port: *mgt_port
-      targetPort: *mgt_port
 
 metrics:
   serviceMonitor:
-    port: http-management
+    port: http
       ## specify target port if name is not given to the port in the service definition
       ##
     # targetPort: 8080
-    path: /manage/prometheus
+    path: /actuator/prometheus
     interval: 60s
     basicAuth:
       enabled: false
@@ -108,14 +104,14 @@ liveness:
   # necessary to disable liveness probe when setting breakpoints
   # in debugger so K8s doesn't restart unresponsive container
   enabled: true
-  path: /manage/health
-  port: *mgt_port
+  path: /actuator/health
+  port: *svc_port
 
 readiness:
   initialDelaySeconds: 15
   periodSeconds: 15
-  path: /manage/health
-  port: *mgt_port
+  path: /actuator/health
+  port: *svc_port
 
 ingress:
   enabled: true
-- 
2.16.6