[AAI] Remove unused AAF proxies
Some AAI components have the ability of using AAF proxies for
authentication. As AAF is deprecated and these proxies seems not to be
used by anybody, let's remove them.
Issue-ID: OOM-2663
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ie78740eb452f1b28f031a97fe272f86acce1f8be
diff --git a/kubernetes/aai/components/aai-babel/resources/fproxy/config/auth/client-cert.p12 b/kubernetes/aai/components/aai-babel/resources/fproxy/config/auth/client-cert.p12
deleted file mode 100644
index dbf4fca..0000000
--- a/kubernetes/aai/components/aai-babel/resources/fproxy/config/auth/client-cert.p12
+++ /dev/null
Binary files differ
diff --git a/kubernetes/aai/components/aai-babel/resources/fproxy/config/auth/tomcat_keystore b/kubernetes/aai/components/aai-babel/resources/fproxy/config/auth/tomcat_keystore
deleted file mode 100644
index 9eec841..0000000
--- a/kubernetes/aai/components/aai-babel/resources/fproxy/config/auth/tomcat_keystore
+++ /dev/null
Binary files differ
diff --git a/kubernetes/aai/components/aai-babel/resources/fproxy/config/fproxy.properties b/kubernetes/aai/components/aai-babel/resources/fproxy/config/fproxy.properties
deleted file mode 100644
index f512fb7..0000000
--- a/kubernetes/aai/components/aai-babel/resources/fproxy/config/fproxy.properties
+++ /dev/null
@@ -1,2 +0,0 @@
-credential.cache.timeout.ms=180000
-transactionid.header.name=X-TransactionId
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-babel/resources/fproxy/config/logback-spring.xml b/kubernetes/aai/components/aai-babel/resources/fproxy/config/logback-spring.xml
deleted file mode 100644
index 0637cfb..0000000
--- a/kubernetes/aai/components/aai-babel/resources/fproxy/config/logback-spring.xml
+++ /dev/null
@@ -1,45 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<configuration>
-
- <property name="LOGS" value="./logs/AAF-FPS" />
- <property name="FILEPREFIX" value="application" />
-
- <appender name="Console"
- class="ch.qos.logback.core.ConsoleAppender">
- <layout class="ch.qos.logback.classic.PatternLayout">
- <Pattern>
- %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable
- </Pattern>
- </layout>
- </appender>
-
- <appender name="RollingFile"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${LOGS}/${FILEPREFIX}.log</file>
- <encoder
- class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
- <Pattern>%d %p %C{1.} [%t] %m%n</Pattern>
- </encoder>
-
- <rollingPolicy
- class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <!-- rollover daily and when the file reaches 10 MegaBytes -->
- <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log
- </fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy
- class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>10MB</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- </rollingPolicy>
- </appender>
-
- <!-- LOG everything at INFO level -->
- <root level="info">
- <appender-ref ref="RollingFile" />
- <appender-ref ref="Console" />
- </root>
-
- <!-- LOG "com.baeldung*" at TRACE level -->
- <logger name="org.onap.aaf.fproxy" level="info" />
-
-</configuration>
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-babel/resources/fproxy/config/readme.txt b/kubernetes/aai/components/aai-babel/resources/fproxy/config/readme.txt
deleted file mode 100644
index 79cf29e..0000000
--- a/kubernetes/aai/components/aai-babel/resources/fproxy/config/readme.txt
+++ /dev/null
@@ -1 +0,0 @@
-Relevant configuration files need to be copied here to successfully run this service locally.
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-babel/resources/rproxy/config/auth/client-cert.p12 b/kubernetes/aai/components/aai-babel/resources/rproxy/config/auth/client-cert.p12
deleted file mode 100644
index dbf4fca..0000000
--- a/kubernetes/aai/components/aai-babel/resources/rproxy/config/auth/client-cert.p12
+++ /dev/null
Binary files differ
diff --git a/kubernetes/aai/components/aai-babel/resources/rproxy/config/auth/tomcat_keystore b/kubernetes/aai/components/aai-babel/resources/rproxy/config/auth/tomcat_keystore
deleted file mode 100644
index 99129c1..0000000
--- a/kubernetes/aai/components/aai-babel/resources/rproxy/config/auth/tomcat_keystore
+++ /dev/null
Binary files differ
diff --git a/kubernetes/aai/components/aai-babel/resources/rproxy/config/auth/uri-authorization.json b/kubernetes/aai/components/aai-babel/resources/rproxy/config/auth/uri-authorization.json
deleted file mode 100644
index acc9409..0000000
--- a/kubernetes/aai/components/aai-babel/resources/rproxy/config/auth/uri-authorization.json
+++ /dev/null
@@ -1,93 +0,0 @@
-[
- {
- "uri": "\/not\/allowed\/at\/all$",
- "permissions": [
- "test.auth.access.ifYouLikedItYouShouldHavePutAPermissionOnIt"
- ]
- },
- {
- "uri": "\/one\/auth\/required$",
- "permissions": [
- "test.auth.access.aSimpleSingleAuth"
- ]
- },
- {
- "uri": "\/multi\/auth\/required$",
- "permissions": [
- "test.auth.access.aMultipleAuth1",
- "test.auth.access.aMultipleAuth2",
- "test.auth.access.aMultipleAuth3"
- ]
- },
- {
- "uri": "\/one\/[^\/]+\/required$",
- "permissions": [
- "test.auth.access.aSimpleSingleAuth"
- ]
- },
- {
- "uri": "\/services\/getAAFRequest$",
- "permissions": [
- "test.auth.access|services|GET,PUT"
- ]
- },
- {
- "uri": "\/admin\/getAAFRequest$",
- "permissions": [
- "test.auth.access|admin|GET,PUT,POST"
- ]
- },
- {
- "uri": "\/service\/aai\/webapp\/index.html$",
- "permissions": [
- "test.auth.access|services|GET,PUT"
- ]
- },
- {
- "uri": "\/services\/aai\/webapp\/index.html$",
- "permissions": [
- "test.auth.access|services|GET,PUT"
- ]
- },
- {
- "uri": "\/$",
- "permissions": [
- "\\|services\\|GET",
- "test\\.auth\\.access\\|services\\|GET,PUT"
- ]
- },
- {
- "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions$",
- "permissions": [
- "test\\.auth\\.access\\|rest\\|read"
- ]
- },
- {
- "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+$*",
- "permissions": [
- "test.auth.access|clouds|read",
- "test.auth.access|tenants|read"
- ]
- },
- {
- "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+\/tenants/tenant/[^\/]+/vservers/vserver/[^\/]+$",
- "permissions": [
- "test.auth.access|clouds|read",
- "test.auth.access|tenants|read",
- "test.auth.access|vservers|read"
- ]
- },
- {
- "uri": "\/backend$",
- "permissions": [
- "test\\.auth\\.access\\|services\\|GET,PUT",
- "\\|services\\|GET"
- ]
- },
- {
- "uri": "\/services\/babel-service\/.*",
- "permissions": [
- "org\\.access\\|\\*\\|\\*"
- ]
- }
-]
diff --git a/kubernetes/aai/components/aai-babel/resources/rproxy/config/cadi.properties b/kubernetes/aai/components/aai-babel/resources/rproxy/config/cadi.properties
deleted file mode 100644
index 188c55b..0000000
--- a/kubernetes/aai/components/aai-babel/resources/rproxy/config/cadi.properties
+++ /dev/null
@@ -1,27 +0,0 @@
-{{/*
-# This is a normal Java Properties File
-# Comments are with Pound Signs at beginning of lines,
-# and multi-line expression of properties can be obtained by backslash at end of line
-
-#hostname is used for local testing where you may have to set your hostname to **.att.com or **.sbc.com. The example given below
-#will allow for an ATT cross domain cookie to be used for GLO. If you are running on Windows corp machine, your machine name
-#may be used automatically by cadi. However, if it is not, you will need to use hostname=mywebserver.att.com and add mywebserver.att.com
-#to your hosts file on your machine.
-#hostname=test.aic.cip.att.com
-*/}}
-
-cadi_loglevel=DEBUG
-cadi_keyfile=/opt/app/rproxy/config/security/keyfile
-
-cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore
-cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
-
-# Configure AAF
-aaf_url=https://{{.Values.global.aaf.serverHostname}}:{{.Values.global.aaf.serverPort}}
-aaf_env=DEV
-
-aaf_id=demo@people.osaaf.org
-aaf_password=enc:92w4px0y_rrm265LXLpw58QnNPgDXykyA1YTrflbAKz
-
-# This is a colon separated list of client cert issuers
-cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA
diff --git a/kubernetes/aai/components/aai-babel/resources/rproxy/config/forward-proxy.properties b/kubernetes/aai/components/aai-babel/resources/rproxy/config/forward-proxy.properties
deleted file mode 100644
index 1b58d42..0000000
--- a/kubernetes/aai/components/aai-babel/resources/rproxy/config/forward-proxy.properties
+++ /dev/null
@@ -1,4 +0,0 @@
-forward-proxy.protocol = https
-forward-proxy.host = localhost
-forward-proxy.port = 10680
-forward-proxy.cacheurl = /credential-cache
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-babel/resources/rproxy/config/logback-spring.xml b/kubernetes/aai/components/aai-babel/resources/rproxy/config/logback-spring.xml
deleted file mode 100644
index 2cd95d4..0000000
--- a/kubernetes/aai/components/aai-babel/resources/rproxy/config/logback-spring.xml
+++ /dev/null
@@ -1,45 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<configuration>
-
- <property name="LOGS" value="./logs/reverse-proxy" />
- <property name="FILEPREFIX" value="application" />
-
- <appender name="Console"
- class="ch.qos.logback.core.ConsoleAppender">
- <layout class="ch.qos.logback.classic.PatternLayout">
- <Pattern>
- %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable
- </Pattern>
- </layout>
- </appender>
-
- <appender name="RollingFile"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${LOGS}/${FILEPREFIX}.log</file>
- <encoder
- class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
- <Pattern>%d %p %C{1.} [%t] %m%n</Pattern>
- </encoder>
-
- <rollingPolicy
- class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <!-- rollover daily and when the file reaches 10 MegaBytes -->
- <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log
- </fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy
- class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>10MB</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- </rollingPolicy>
- </appender>
-
- <!-- LOG everything at INFO level -->
- <root level="info">
- <appender-ref ref="RollingFile" />
- <appender-ref ref="Console" />
- </root>
-
- <!-- LOG "com.baeldung*" at TRACE level -->
- <logger name="org.onap.aaf.rproxy" level="info" />
-
-</configuration>
diff --git a/kubernetes/aai/components/aai-babel/resources/rproxy/config/primary-service.properties b/kubernetes/aai/components/aai-babel/resources/rproxy/config/primary-service.properties
deleted file mode 100644
index 7055bf5..0000000
--- a/kubernetes/aai/components/aai-babel/resources/rproxy/config/primary-service.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-primary-service.protocol = https
-primary-service.host = localhost
-primary-service.port = 9516
diff --git a/kubernetes/aai/components/aai-babel/resources/rproxy/config/readme.txt b/kubernetes/aai/components/aai-babel/resources/rproxy/config/readme.txt
deleted file mode 100644
index 79cf29e..0000000
--- a/kubernetes/aai/components/aai-babel/resources/rproxy/config/readme.txt
+++ /dev/null
@@ -1 +0,0 @@
-Relevant configuration files need to be copied here to successfully run this service locally.
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-babel/resources/rproxy/config/reverse-proxy.properties b/kubernetes/aai/components/aai-babel/resources/rproxy/config/reverse-proxy.properties
deleted file mode 100644
index 8d46e1f..0000000
--- a/kubernetes/aai/components/aai-babel/resources/rproxy/config/reverse-proxy.properties
+++ /dev/null
@@ -1 +0,0 @@
-transactionid.header.name=X-TransactionId
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-babel/resources/rproxy/config/security/keyfile b/kubernetes/aai/components/aai-babel/resources/rproxy/config/security/keyfile
deleted file mode 100644
index 6cd12fc..0000000
--- a/kubernetes/aai/components/aai-babel/resources/rproxy/config/security/keyfile
+++ /dev/null
@@ -1,27 +0,0 @@
-bZNOXiGDJ2_eiKBKWYLIFx27URvb-SWfmOl2d-QKetcVKIupOrsG-ScS_VXOtKN3Yxfb2cR6t7oM
-1RNpDnhsKAxDLM6A62IkS_h_Rp3Q9c2JeyomVmyiuHR7a2ARbelaMrX8WDrxXI_t9ce4pIHDVE29
-xiQm3Bdp7d7IiKkgg-ipvOU7Y6NEzeQbvHlHvRTJ3ZZMSwHxBOA5M8DhKN-AF1sqwozEVaNAuJxK
-BVdh72A6KTW7ieb_GvVQQp8h32BuOz8oJhZV7KaGXsWTEvXg9ImboY0h7Sl9hufgn1ZtDK1jxzGm
-6O6LBg1qezzZaFGTXRmHvaeYmEeYSu0bGsU4x-JCU0RyhNTzFhkhjNoccaqPXBdcJymLf096mD99
-QLS8nyji_KtLQJL1fqr500c8p6SOURLPgG6Gzkn4ghgFYlfgve92xs1R3ggHKhNTLV4HJ4O6iSDm
-zCoHeRbsZR1JER9yxT-v8NtcHOMAZe1oDQeY6jVyxb-bhaonN6eZPI4nyF6MHJQtWKhGARC_kOs6
-x9E0ZdAEp5TrX7F7J5PwkXzbCOuSiTVftOBum43iUB4q9He8tn2tJ0X4LtLHT3bPl16wWnZm9RPf
-8wBtTJh4QP_cTStPq1ftSaLIAuqVFpbiC2DxGemXZn3QvykuYqa-rKeYPoIJ5dtWd5rNb_hhcSIz
-FakKTELb0HWYGji98TBF6PaStea2f2m-wGX_uQGD7_Dijl6AgnV9koKVs1bN1XljLtNMPbLdD8sz
-UCvc5lwvCFyyeunljI7os1fgwBmaMyckflq5VfZv9kFxom6jFLbcozylQ_uBg4j7oCP79IXVUI-r
-banZltOSmm8zHGc2R9UlUyxJWBi01yxwi1hUtn9g1H4RtncQpu3BY0Qvu5YLAmS5imivUnGVZWbv
-6wcqnJt5HwaVatE9NHONSLNTViQPsUOutWZBZxhJtAncdZuWOYZSh4TPzUJWvt6zT0E3YMBc_UuG
-yPmdLyqo7qGHR8YWRqq_vq6ISJqENMnVD6X9-BeI6KM4GPEAlDWyhgENXxQFjG45ufg3UpP8LBTB
-xDntlfkphRumsd13-8IlvwVtlpgnbuCMbwP_-lNVeNJcdA1InPt79oY-SEVZ-RVM1881ZASCnFeB
-lh3BTc_bGQ8YoC9s6iHtcCK_1SdbwzBfQBJUqqcYsa8hJLe-j8di7KCaFzI3a-UXWKuuWljpbKbq
-ibd48UFJt_34_GxkD6bmLxycuNH-og2Sd2VcYU0o5UarcrY4-2sgFPE7Mzxovrl98uayfgNF9DqE
-fJ4MwFGqLRtEHlm4zfuMxQ5Rh_giMUHDJApc1DYRkxdGbNUd4bC4aRBln2IhN-rNKbSVtiW_uT6v
-1KTMGmElvktjPWybJd2SvhT5qOLUM81-cmZzAsNa04jxZLBlQn_1fel3IroVos4Ohbdhar2NG6T5
-liten9RZ9P4Cg9RWhgeQonAD5kqLWXAHnCfffb5CVcAU5PHqkCgCbdThvD0-zIGETLO9AE0jKISc
-0o67CUZn3MzJ9pP_3gh-ALr2w-KAwqasqCf0igf1wmEDijv9wEDcgDm39ERIElTpGKgfyuVl4F8u
-PrpK5ZfpUYySUB6CZFQVVz0MvH6E7orQk4dCKFIimV_XwEtGijBttrTvyV6xYNScAEw_olt-0mdm
-8UEKSsuqSyDMxUWLjKJT19rNedahYJNtI87WR9Fhhjsrai9Or3a-srOYa56wcvSj2ZHbkevbO9Xv
-dQ2wzWCGEAMQSpSr83n0XEpR2pZT19Z19Svbhr08mnt2JNykCk60FLCeDTUOylJtYw6YOjqBizQZ
--85B51BCbSEaAKJkgT9-8n_-LGW5aPBrBB_9FT7UIYczNEt3B1Lqr2s4ipPI_36JecEfqaS2cNLn
-c0ObAtNGAONkhO5LYLneMR3fZPMFuOX1-rMObPgE0i9dYqWDZ_30w9rpRsmiWyxYi5lvWDxU5L1J
-uJxwREz3oa_VgpSC3Y2oxCufdQwzBk57iVLDOb1qs_Hwj1SWd1nukWyAo2-g5sR1folAEcao
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-babel/templates/configmap.yaml b/kubernetes/aai/components/aai-babel/templates/configmap.yaml
index cdd2a4f..baee38c 100644
--- a/kubernetes/aai/components/aai-babel/templates/configmap.yaml
+++ b/kubernetes/aai/components/aai-babel/templates/configmap.yaml
@@ -1,6 +1,7 @@
{{/*
# Copyright © 2018 Amdocs, AT&T
# Modifications Copyright © 2018 Bell Canada
+# Modifications Copyright (c) 2021 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -27,46 +28,3 @@
heritage: {{ .Release.Service }}
data:
{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
-
-{{ if .Values.global.installSidecarSecurity }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-fproxy-config
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/fproxy/config/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-fproxy-log-config
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/fproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-rproxy-config
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/rproxy/config/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-rproxy-log-config
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/rproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
- namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/rproxy/config/auth/uri-authorization.json").AsConfig . | indent 2 }}
-{{ end }}
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-babel/templates/deployment.yaml b/kubernetes/aai/components/aai-babel/templates/deployment.yaml
index e75815e..9fe386a 100644
--- a/kubernetes/aai/components/aai-babel/templates/deployment.yaml
+++ b/kubernetes/aai/components/aai-babel/templates/deployment.yaml
@@ -1,7 +1,7 @@
{{/*
# Copyright © 2018 Amdocs, AT&T
# Modifications Copyright © 2018 Bell Canada
-# Modifications Copyright © 2020 Orange
+# Modifications Copyright © 2020,2021 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -37,19 +37,6 @@
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
spec:
- {{ if .Values.global.installSidecarSecurity }}
- hostAliases:
- - ip: {{ .Values.global.aaf.serverIp }}
- hostnames:
- - {{ .Values.global.aaf.serverHostname }}
-
- initContainers:
- - name: {{ .Values.global.tproxyConfig.name }}
- image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.tproxyConfig.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- securityContext:
- privileged: true
- {{ end }}
containers:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
@@ -127,79 +114,6 @@
- mountPath: /usr/share/filebeat/data
name: aai-filebeat
- {{ if .Values.global.installSidecarSecurity }}
- - name: {{ .Values.global.rproxy.name }}
- image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.rproxy.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- env:
- - name: CONFIG_HOME
- value: "/opt/app/rproxy/config"
- - name: KEY_STORE_PASSWORD
- value: {{ .Values.config.keyStorePassword }}
- - name: spring_profiles_active
- value: {{ .Values.global.rproxy.activeSpringProfiles }}
- volumeMounts:
- - name: {{ include "common.fullname" . }}-rproxy-config
- mountPath: /opt/app/rproxy/config/forward-proxy.properties
- subPath: forward-proxy.properties
- - name: {{ include "common.fullname" . }}-rproxy-config
- mountPath: /opt/app/rproxy/config/primary-service.properties
- subPath: primary-service.properties
- - name: {{ include "common.fullname" . }}-rproxy-config
- mountPath: /opt/app/rproxy/config/reverse-proxy.properties
- subPath: reverse-proxy.properties
- - name: {{ include "common.fullname" . }}-rproxy-config
- mountPath: /opt/app/rproxy/config/cadi.properties
- subPath: cadi.properties
- - name: {{ include "common.fullname" . }}-rproxy-log-config
- mountPath: /opt/app/rproxy/config/logback-spring.xml
- subPath: logback-spring.xml
- - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
- mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
- subPath: uri-authorization.json
- - name: {{ include "common.fullname" . }}-rproxy-auth-config
- mountPath: /opt/app/rproxy/config/auth/tomcat_keystore
- subPath: tomcat_keystore
- - name: {{ include "common.fullname" . }}-rproxy-auth-config
- mountPath: /opt/app/rproxy/config/auth/client-cert.p12
- subPath: client-cert.p12
- - name: {{ include "common.fullname" . }}-rproxy-auth-config
- mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks
- subPath: aaf_truststore.jks
- - name: {{ include "common.fullname" . }}-rproxy-security-config
- mountPath: /opt/app/rproxy/config/security/keyfile
- subPath: keyfile
-
- ports:
- - containerPort: {{ .Values.global.rproxy.port }}
-
- - name: {{ .Values.global.fproxy.name }}
- image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.fproxy.image }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- env:
- - name: CONFIG_HOME
- value: "/opt/app/fproxy/config"
- - name: KEY_STORE_PASSWORD
- value: {{ .Values.config.keyStorePassword }}
- - name: spring_profiles_active
- value: {{ .Values.global.fproxy.activeSpringProfiles }}
- volumeMounts:
- - name: {{ include "common.fullname" . }}-fproxy-config
- mountPath: /opt/app/fproxy/config/fproxy.properties
- subPath: fproxy.properties
- - name: {{ include "common.fullname" . }}-fproxy-log-config
- mountPath: /opt/app/fproxy/config/logback-spring.xml
- subPath: logback-spring.xml
- - name: {{ include "common.fullname" . }}-fproxy-auth-config
- mountPath: /opt/app/fproxy/config/auth/tomcat_keystore
- subPath: tomcat_keystore
- - name: {{ include "common.fullname" . }}-fproxy-auth-config
- mountPath: /opt/app/fproxy/config/auth/client-cert.p12
- subPath: client-cert.p12
- ports:
- - containerPort: {{ .Values.global.fproxy.port }}
- {{ end }}
-
volumes:
- name: localtime
hostPath:
@@ -226,32 +140,6 @@
emptyDir: {}
- name: aai-filebeat
emptyDir: {}
- {{ if .Values.global.installSidecarSecurity }}
- - name: {{ include "common.fullname" . }}-rproxy-config
- configMap:
- name: {{ include "common.fullname" . }}-rproxy-config
- - name: {{ include "common.fullname" . }}-rproxy-log-config
- configMap:
- name: {{ include "common.fullname" . }}-rproxy-log-config
- - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
- configMap:
- name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
- - name: {{ include "common.fullname" . }}-rproxy-auth-config
- secret:
- secretName: {{ include "common.fullname" . }}-rproxy-auth-config
- - name: {{ include "common.fullname" . }}-rproxy-security-config
- secret:
- secretName: {{ include "common.fullname" . }}-rproxy-security-config
- - name: {{ include "common.fullname" . }}-fproxy-config
- configMap:
- name: {{ include "common.fullname" . }}-fproxy-config
- - name: {{ include "common.fullname" . }}-fproxy-log-config
- configMap:
- name: {{ include "common.fullname" . }}-fproxy-log-config
- - name: {{ include "common.fullname" . }}-fproxy-auth-config
- secret:
- secretName: {{ include "common.fullname" . }}-fproxy-auth-config
- {{ end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aai/components/aai-babel/templates/secrets.yaml b/kubernetes/aai/components/aai-babel/templates/secrets.yaml
index 630ce83..b81ffa0 100644
--- a/kubernetes/aai/components/aai-babel/templates/secrets.yaml
+++ b/kubernetes/aai/components/aai-babel/templates/secrets.yaml
@@ -1,6 +1,7 @@
{{/*
# Copyright © 2018 Amdocs, AT&T
# Modifications Copyright © 2018 Bell Canada
+# Modifications Copyright (c) 2021 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -43,48 +44,3 @@
data:
KEY_STORE_PASSWORD: {{ .Values.config.keyStorePassword | b64enc | quote }}
KEY_MANAGER_PASSWORD: {{ .Values.config.keyManagerPassword | b64enc | quote }}
-
-{{ if .Values.global.installSidecarSecurity }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}-fproxy-auth-config
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/fproxy/config/auth/*").AsSecrets . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}-rproxy-auth-config
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ include "common.fullname" . }}-rproxy-security-config
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/rproxy/config/security/*").AsSecrets . | indent 2 }}
-{{ end }}
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-babel/templates/service.yaml b/kubernetes/aai/components/aai-babel/templates/service.yaml
index fb72955..db54ce1 100644
--- a/kubernetes/aai/components/aai-babel/templates/service.yaml
+++ b/kubernetes/aai/components/aai-babel/templates/service.yaml
@@ -1,6 +1,7 @@
{{/*
# Copyright © 2018 Amdocs, AT&T
# Modifications Copyright © 2018 Bell Canada
+# Modifications Copyright (c) 2021 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -28,27 +29,16 @@
spec:
type: {{ .Values.service.type }}
ports:
- {{ if .Values.global.installSidecarSecurity }}
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.global.rproxy.port }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.global.rproxy.port }}
- name: {{ .Values.service.portName }}
- {{- end}}
- {{ else }}
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- {{- end}}
- {{ end }}
+ {{- if eq .Values.service.type "NodePort" }}
+ - port: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ {{- else }}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ {{- end }}
+
selector:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
diff --git a/kubernetes/aai/components/aai-babel/values.yaml b/kubernetes/aai/components/aai-babel/values.yaml
index f0a5ec2..db1a2eb 100644
--- a/kubernetes/aai/components/aai-babel/values.yaml
+++ b/kubernetes/aai/components/aai-babel/values.yaml
@@ -1,6 +1,6 @@
# Copyright © 2018 Amdocs, AT&T
# Modifications Copyright © 2018 Bell Canada
-# Modifications Copyright © 2020 Orange
+# Modifications Copyright © 2020, 2021 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -17,8 +17,7 @@
#################################################################
# Global configuration defaults.
#################################################################
-global:
- installSidecarSecurity: false
+global: {}
#################################################################
# Application configuration defaults.