Merge "[VFC] Use common secret template for DB root password"
diff --git a/kubernetes/common/common/templates/_secret.yaml b/kubernetes/common/common/templates/_secret.yaml
index e24a2e4..9f41906 100644
--- a/kubernetes/common/common/templates/_secret.yaml
+++ b/kubernetes/common/common/templates/_secret.yaml
@@ -22,6 +22,7 @@
   The template takes two arguments:
     - .global: environment (.)
     - .name: name of the secret
+    - .annotations: annotations which should be used
 
   Example call:
     {{ include "common.secret._header" (dict "global" . "name" "myFancyName") }}
@@ -39,6 +40,9 @@
     chart: {{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}
     release: {{ include "common.release" $global }}
     heritage: {{ $global.Release.Service }}
+{{- if .annotations }}
+  annotations: {{- include "common.tplValue" (dict "value" .annotations "context" $global) | nindent 4 }}
+{{- end }}
 type: Opaque
 {{- end -}}
 
@@ -204,6 +208,8 @@
     - name:
         Overrides default secret name generation and allows to set immutable
         and globaly unique name
+    - annotations:
+        List of annotations to be used while defining a secret
 
   To allow sharing a secret between the components and allow to pre-deploy secrets
   before ONAP deployment it is possible to use already existing secret instead of
@@ -239,11 +245,12 @@
   {{- range $secret := .Values.secrets }}
     {{- $uid := tpl (default "" $secret.uid) $global }}
     {{- $name := include "common.secret.genName" (dict "global" $global "uid" $uid "name" $secret.name) }}
+    {{- $annotations := default "" $secret.annotations }}
     {{- $type := default "generic" $secret.type }}
     {{- $externalSecret := tpl (default "" $secret.externalSecret) $global }}
     {{- if not $externalSecret }}
 ---
-      {{ include "common.secret._header" (dict "global" $global "name" $name) }}
+      {{ include "common.secret._header" (dict "global" $global "name" $name "annotations" $annotations) }}
 
       {{- if eq $type "generic" }}
 data:
diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json
index e505742..a0ec3b4 100644
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json
@@ -1,6 +1,6 @@
 #============LICENSE_START========================================================
 #=================================================================================
-# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2018-2020 AT&T Intellectual Property. All rights reserved.
 # Modifications Copyright © 2018 Amdocs, Bell Canada
 # ================================================================================
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -34,6 +34,7 @@
     {
       "cert_path": "/opt/app/osaaf",
       "image": "{{ .Values.global.tlsRepository }}/{{ .Values.global.tlsImage }}",
+      "component_cert_dir": "/opt/dcae/cacert",
       "component_ca_cert_path": "/opt/dcae/cacert/cacert.pem",
       "ca_cert_configmap": "{{ include "common.fullname" . }}-dcae-cacert"
     }
diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/templates/deployment.yaml
index 7a28812..a36164d 100644
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/templates/deployment.yaml
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/templates/deployment.yaml
@@ -53,8 +53,11 @@
           - dcae-config-binding-service

           - --container-name

           - dcae-db

+          - --container-name

+          - dcae-inventory-api

           - "-t"

           - "15"

+

         env:

         - name: NAMESPACE

           valueFrom:

diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
index cfdff5a..872d01d 100644
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
@@ -109,7 +109,7 @@
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.10.0
+image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.12.0
 default_k8s_location: central
 
 # DCAE component images to be deployed via Cloudify Manager
@@ -118,8 +118,7 @@
   holmes_rules: onap/holmes/rule-management:1.2.7
   holmes_engine: onap/holmes/engine-management:1.2.6
   tca: onap/org.onap.dcaegen2.deployments.tca-cdap-container:1.2.2
-  #placeholder until tca-gen2 release image is available
-  #tcagen2: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.0.0
+  tcagen2: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.0.0
   ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.5.3
   snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0
   prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.5.0
diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml
index 673b017..d2bda88 100644
--- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml
@@ -46,7 +46,7 @@
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.deployments.cm-container:2.0.2
+image: onap/org.onap.dcaegen2.deployments.cm-container:2.1.0
 pullPolicy: Always
 
 # name of shared ConfigMap with kubeconfig for multiple clusters
diff --git a/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml b/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml
index 22076e5..9d38659 100644
--- a/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-dashboard/values.yaml
@@ -1,6 +1,6 @@
 #============LICENSE_START========================================================
 # ================================================================================
-# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2019-2020 AT&T Intellectual Property. All rights reserved.
 # ================================================================================
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -44,7 +44,7 @@
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/org.onap.ccsdk.dashboard.ccsdk-app-os:1.3.0
+image: onap/org.onap.ccsdk.dashboard.ccsdk-app-os:1.3.1
 pullPolicy: Always
 
 # probe configuration parameters
diff --git a/kubernetes/dcaegen2/components/dcae-inventory-api/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/templates/deployment.yaml
index f056079..6769c00 100644
--- a/kubernetes/dcaegen2/components/dcae-inventory-api/templates/deployment.yaml
+++ b/kubernetes/dcaegen2/components/dcae-inventory-api/templates/deployment.yaml
@@ -52,6 +52,8 @@
                 fieldPath: metadata.namespace
         - name: init-tls
           env:
+          - name: aaf_locator_fqdn
+            value: dcae
           - name: POD_IP
             valueFrom:
               fieldRef:
@@ -61,7 +63,7 @@
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
           resources: {}
           volumeMounts:
-            - mountPath: /opt/tls/shared
+            - mountPath: /opt/app/osaaf
               name: tls-info
       containers:
         - name: {{ include "common.name" . }}
diff --git a/kubernetes/dcaegen2/components/dcae-inventory-api/values.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/values.yaml
index a6e5125..51af963 100644
--- a/kubernetes/dcaegen2/components/dcae-inventory-api/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-inventory-api/values.yaml
@@ -25,7 +25,7 @@
   loggingRepository: docker.elastic.co
   loggingImage: beats/filebeat:5.5.0
   tlsRepository: nexus3.onap.org:10001
-  tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.3
+  tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
   repositoryCred:
     user: docker
     password: docker
diff --git a/kubernetes/dcaegen2/values.yaml b/kubernetes/dcaegen2/values.yaml
index dfc4dbf..25ddfc7 100644
--- a/kubernetes/dcaegen2/values.yaml
+++ b/kubernetes/dcaegen2/values.yaml
@@ -19,8 +19,7 @@
 global:
   nodePortPrefix: 302
   tlsRepository: nexus3.onap.org:10001
-# Have to use locally-define tlsImage until inventory API can use 2.x.y
-#  tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
+  tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
   consulLoaderRepository: nexus3.onap.org:10001
   consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0
 redis:
diff --git a/kubernetes/esr/charts/esr-server/values.yaml b/kubernetes/esr/charts/esr-server/values.yaml
index 354e8e3..f3f4f88 100644
--- a/kubernetes/esr/charts/esr-server/values.yaml
+++ b/kubernetes/esr/charts/esr-server/values.yaml
@@ -27,7 +27,7 @@
 
 # application image
 repository: nexus3.onap.org:10001
-image: onap/aai/esr-server:1.5.1
+image: onap/aai/esr-server:1.5.2
 pullPolicy: Always
 msbaddr: msb-iag.{{ include "common.namespace" . }}:443
 
diff --git a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml
index a714ba9..02947c6 100755
--- a/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml
+++ b/kubernetes/so/charts/so-bpmn-infra/resources/config/overrides/override.yaml
@@ -289,6 +289,15 @@
   si:
     svc:
       types: PORT-MIRROR,PPROBE
+  dmaap:
+    host: http://message-router.{{ include "common.namespace" . }}:3904
+    timeout: 30000
+  lcm:
+    path: '/restconf/operations/LCM:'
+    actionTimeout: 300000
+    dmapp:
+      readTopic: SDNC-LCM-WRITE
+      writeTopic: SDNC-LCM-READ
 appc:
   client:
     topic:
diff --git a/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml b/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml
index a20d217..6235bd2 100755
--- a/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/charts/so-sdnc-adapter/resources/config/overrides/override.yaml
@@ -151,6 +151,7 @@
                     sdncurl7: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/L3UCPE-API:'
                     sdncurl8: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NBNC-API:'
                     sdncurl9: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/NORTHBOUND-API:service-topology-operation'
+                    sdncurl20: 'http://sdnc.{{ include "common.namespace" . }}:8282/restconf/operations/LCM:'
                     service:
                         infra:
                             service-topology-infra-activate-operation: POST|90000|sdncurl9|sdnc-request-header|com:att:sdnctl:northbound-api:v1
@@ -160,6 +161,12 @@
                     vfmodule:
                         '':
                             query: GET|60000|sdncurl12|
+                    lcm:
+                      download-n-e-sw: POST|1800000|sdncurl20|common-header|org:onap:ccsdk:sli:northbound:lcm
+                      activate-n-e-sw: POST|300000|sdncurl20|common-header|org:onap:ccsdk:sli:northbound:lcm
+                      upgrade-pre-check: POST|180000|sdncurl20|common-header|org:onap:ccsdk:sli:northbound:lcm
+                      upgrade-post-check: POST|180000|sdncurl20|common-header|org:onap:ccsdk:sli:northbound:lcm
+                      default: POST|180000|sdncurl20|common-header|org:onap:ccsdk:sli:northbound:lcm
                 network:
                     encryptionKey: {{ index .Values.org.onap.so.adapters.sdnc.network.encryptionKey }}
 spring: