Merge "[COMMON][READINESS] Update readiness image and use service feature"
diff --git a/docs/sections/resources/yaml/environments_onap_demo.yaml b/docs/sections/resources/yaml/environments_onap_demo.yaml
index 492e5d2..acc395d 100644
--- a/docs/sections/resources/yaml/environments_onap_demo.yaml
+++ b/docs/sections/resources/yaml/environments_onap_demo.yaml
@@ -13,7 +13,7 @@
   repository: nexus3.onap.org:10001
   repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ==
   # readiness check
-  readinessImage: onap/oom/readiness:3.0.1
+  readinessImage: onap/oom/readiness:6.0.2
   # logging agent
   loggingRepository: docker.elastic.co
 
diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml
index 395d8d6..a24805b 100644
--- a/kubernetes/aai/values.yaml
+++ b/kubernetes/aai/values.yaml
@@ -25,7 +25,7 @@
   dockerhubRepository: docker.io
   busyboxImage: busybox
 
-  readinessImage: onap/oom/readiness:5.0.1
+  readinessImage: onap/oom/readiness:6.0.2
 
   loggingRepository: docker.elastic.co
   loggingImage: beats/filebeat:5.5.0
diff --git a/kubernetes/common/dgbuilder/templates/deployment.yaml b/kubernetes/common/dgbuilder/templates/deployment.yaml
index 18963f9..ab0b21c 100644
--- a/kubernetes/common/dgbuilder/templates/deployment.yaml
+++ b/kubernetes/common/dgbuilder/templates/deployment.yaml
@@ -61,8 +61,8 @@
       - command:
         - /app/ready.py
         args:
-        - --app-name
-        - {{ .Values.config.dbPodName }}
+        - --service-name
+        - {{ .Values.config.dbServiceName }}
         env:
         - name: NAMESPACE
           valueFrom:
diff --git a/kubernetes/common/dgbuilder/values.yaml b/kubernetes/common/dgbuilder/values.yaml
index c4dcb2f..68cb86b 100644
--- a/kubernetes/common/dgbuilder/values.yaml
+++ b/kubernetes/common/dgbuilder/values.yaml
@@ -166,6 +166,13 @@
       memory: "4Gi"
   unlimited: {}
 
+podAnnotations:
+  # Workarround to exclude K8S API from istio communication
+  # as init-container (readinessCheck) does not work with the
+  # Istio CNI plugin, see:
+  # (https://istio.io/latest/docs/setup/additional-setup/cni/#compatibility-with-application-init-containers)
+  traffic.sidecar.istio.io/excludeOutboundPorts: "443"
+
 #Pods Service Account
 serviceAccount:
   nameOverride: dgbuilder
diff --git a/kubernetes/common/etcd-init/templates/job.yaml b/kubernetes/common/etcd-init/templates/job.yaml
index 8919dc7..f77a8ec 100644
--- a/kubernetes/common/etcd-init/templates/job.yaml
+++ b/kubernetes/common/etcd-init/templates/job.yaml
@@ -27,6 +27,12 @@
   backoffLimit: {{ .Values.backoffLimit }}
   template:
     metadata:
+      annotations:
+        # Workarround to exclude K8S API from istio communication
+        # as init-container (readinessCheck) does not work with the
+        # Istio CNI plugin, see:
+        # (https://istio.io/latest/docs/setup/additional-setup/cni/#compatibility-with-application-init-containers)
+        traffic.sidecar.istio.io/excludeOutboundPorts: "443"
       labels:
         app: {{ include "common.name" . }}
         release: {{ include "common.release" . }}
@@ -37,8 +43,8 @@
         command:
         - /app/ready.py
         args:
-        - --container-name
-        - {{ .Values.etcd.containerName }}
+        - --service-name
+        - {{ .Values.etcd.serviceName }}
         env:
         - name: NAMESPACE
           valueFrom:
diff --git a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml
index 9f0a786..f212869 100644
--- a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml
+++ b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml
@@ -32,6 +32,13 @@
   jobTemplate:
     spec:
       template:
+        metadata:
+          annotations:
+            # Workarround to exclude K8S API from istio communication
+            # as init-container (readinessCheck) does not work with the
+            # Istio CNI plugin, see:
+            # (https://istio.io/latest/docs/setup/additional-setup/cni/#compatibility-with-application-init-containers)
+            traffic.sidecar.istio.io/excludeOutboundPorts: "443"
         spec:
           serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
           {{ include "common.podSecurityContext" . | indent 10 | trim}}
diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml
index 29d643e..9a27e60 100644
--- a/kubernetes/common/mariadb-galera/values.yaml
+++ b/kubernetes/common/mariadb-galera/values.yaml
@@ -329,8 +329,8 @@
 
 readinessCheck:
   wait_for:
-    apps:
-      - '{{ include "common.name" . }}'
+    services:
+      - '{{ include "common.servicename" . }}'
 
 ## TLS configuration
 ##
diff --git a/kubernetes/common/mariadb-init/templates/job.yaml b/kubernetes/common/mariadb-init/templates/job.yaml
index 88ff0e0..0edb8e9 100644
--- a/kubernetes/common/mariadb-init/templates/job.yaml
+++ b/kubernetes/common/mariadb-init/templates/job.yaml
@@ -31,25 +31,18 @@
   backoffLimit: 20
   template:
     metadata:
+      annotations:
+        # Workarround to exclude K8S API from istio communication
+        # as init-container (readinessCheck) does not work with the
+        # Istio CNI plugin, see:
+        # (https://istio.io/latest/docs/setup/additional-setup/cni/#compatibility-with-application-init-containers)
+        traffic.sidecar.istio.io/excludeOutboundPorts: "443"
       labels:
         app: {{ include "common.name" . }}
         release: {{ include "common.release" . }}
       name: {{ include "common.name" . }}
     spec:
-      initContainers:
-      {{- if .Values.global.mariadbGalera.localCluster }}
-      {{-   if .Values.global.mariadbGalera.useOperator }}
-      {{ include "common.readinessCheck.waitFor" (dict "dot" . "wait_for" .Values.readinessCheck.wait_for_local_operator ) | indent 6 | trim }}
-      {{    else }}
-      {{ include "common.readinessCheck.waitFor" (dict "dot" . "wait_for" .Values.readinessCheck.wait_for_local ) | indent 6 | trim }}
-      {{-   end }}
-      {{ else }}
-      {{-   if .Values.global.mariadbGalera.useOperator }}
-      {{ include "common.readinessCheck.waitFor" (dict "dot" . "wait_for" .Values.readinessCheck.wait_for_global_operator ) | indent 6 | trim }}
-      {{   else }}
-      {{ include "common.readinessCheck.waitFor" (dict "dot" . "wait_for" .Values.readinessCheck.wait_for_global ) | indent 6 | trim }}
-      {{-   end }}
-      {{- end }}
+      initContainers: {{ include "common.readinessCheck.waitFor" . | nindent 6 }}
       containers:
       - name: {{ include "common.name" . }}
         image: {{ include "repositoryGenerator.image.mariadb" . }}
diff --git a/kubernetes/common/mariadb-init/tests/job_test.yaml b/kubernetes/common/mariadb-init/tests/job_test.yaml
index 170eaf3..31e04f0 100644
--- a/kubernetes/common/mariadb-init/tests/job_test.yaml
+++ b/kubernetes/common/mariadb-init/tests/job_test.yaml
@@ -36,7 +36,7 @@
           content: mariadb-galera
       - equal:
           path: spec.template.spec.initContainers[0].image
-          value: nexus3.onap.org:10001/onap/oom/readiness:3.0.1
+          value: nexus3.onap.org:10001/onap/oom/readiness:6.0.2
       - equal:
           path: spec.template.spec.initContainers[0].imagePullPolicy
           value: IfNotPresent
diff --git a/kubernetes/common/mariadb-init/values.yaml b/kubernetes/common/mariadb-init/values.yaml
index 5c181dd..57dfb40 100644
--- a/kubernetes/common/mariadb-init/values.yaml
+++ b/kubernetes/common/mariadb-init/values.yaml
@@ -150,15 +150,6 @@
     - '{{ include "common.name" . }}'
 
 readinessCheck:
-  wait_for_global_operator:
-    pods:
-      - '{{ .Values.global.mariadbGalera.nameOverride }}-0'
-  wait_for_local_operator:
-    pods:
-      - '{{ index .Values "mariadb-galera" "nameOverride" }}-0'
-  wait_for_global:
-    apps:
-      - '{{ include "common.mariadbAppName" . }}'
-  wait_for_local:
-    apps:
-      - '{{ include "common.mariadbAppName" . }}'
+  wait_for:
+    services:
+    - '{{ include "common.mariadbService" . }}'
diff --git a/kubernetes/common/network-name-gen/values.yaml b/kubernetes/common/network-name-gen/values.yaml
index e028e39..0b62705 100644
--- a/kubernetes/common/network-name-gen/values.yaml
+++ b/kubernetes/common/network-name-gen/values.yaml
@@ -142,6 +142,13 @@
 
 resources: {}
 
+podAnnotations:
+  # Workarround to exclude K8S API from istio communication
+  # as init-container (readinessCheck) does not work with the
+  # Istio CNI plugin, see:
+  # (https://istio.io/latest/docs/setup/additional-setup/cni/#compatibility-with-application-init-containers)
+  traffic.sidecar.istio.io/excludeOutboundPorts: "443"
+
 #Pods Service Account
 serviceAccount:
   nameOverride: network-name-gen
diff --git a/kubernetes/common/postgres-init/templates/job.yaml b/kubernetes/common/postgres-init/templates/job.yaml
index 6736559..348dda5 100644
--- a/kubernetes/common/postgres-init/templates/job.yaml
+++ b/kubernetes/common/postgres-init/templates/job.yaml
@@ -28,6 +28,12 @@
   backoffLimit: 20
   template:
     metadata:
+      annotations:
+        # Workarround to exclude K8S API from istio communication
+        # as init-container (readinessCheck) does not work with the
+        # Istio CNI plugin, see:
+        # (https://istio.io/latest/docs/setup/additional-setup/cni/#compatibility-with-application-init-containers)
+        traffic.sidecar.istio.io/excludeOutboundPorts: "443"
       labels:
         app: {{ include "common.name" . }}
         release: {{ include "common.release" . }}
diff --git a/kubernetes/common/postgres-init/values.yaml b/kubernetes/common/postgres-init/values.yaml
index d2eb090..160e672 100644
--- a/kubernetes/common/postgres-init/values.yaml
+++ b/kubernetes/common/postgres-init/values.yaml
@@ -19,6 +19,7 @@
   postgres:
     service:
       name: pgset
+      name2: tcp-pgset-primary
     container:
       name: postgres
 
@@ -98,7 +99,8 @@
 
 readinessCheck:
   wait_for:
-    - '{{ .Values.global.postgres.container.name }}'
+    services:
+    - '{{ .Values.global.postgres.service.name2 }}'
 
 wait_for_job_container:
   containers:
diff --git a/kubernetes/common/readinessCheck/Chart.yaml b/kubernetes/common/readinessCheck/Chart.yaml
index a53c7ab..bb2986a 100644
--- a/kubernetes/common/readinessCheck/Chart.yaml
+++ b/kubernetes/common/readinessCheck/Chart.yaml
@@ -17,7 +17,7 @@
 apiVersion: v2
 description: Template used to wait for other deployment/sts/jobs in onap
 name: readinessCheck
-version: 13.0.0
+version: 13.1.0
 
 dependencies:
   - name: common
diff --git a/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl b/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl
index 879be12..51791fe 100644
--- a/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl
+++ b/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl
@@ -42,6 +42,14 @@
     pods:
       - test-pod
 
+  the powerful one allows also to wait for a service to be
+  available, which means all pods are deployed, which are
+  selected by the service definition:
+  wait_for:
+    name: myservice
+    services:
+      - mariadb-galera-service
+
   the powerful one allows also to wait for pods with the
   given "app" label:
   wait_for:
@@ -62,8 +70,8 @@
      - .dot : environment (.)
      - .initRoot : the root dictionary of readinessCheck submodule
                    (default to .Values.readinessCheck)
-     - .wait_for : list of containers / pods /apps / jobs to wait for (default to
-                   .Values.wait_for)
+     - .wait_for : list of service / containers / pods /apps / jobs to wait for
+                   (default to .Values.wait_for)
 
   Example calls:
     {{ include "common.readinessCheck.waitFor" . }}
@@ -76,6 +84,7 @@
 {{-   $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }}
 {{-   $wait_for := default $initRoot.wait_for .wait_for -}}
 {{-   $containers := index (ternary (dict "containers" $wait_for) $wait_for (kindIs "slice" $wait_for)) "containers" -}}
+{{-   $services := index (ternary (dict) $wait_for (kindIs "slice" $wait_for)) "services" -}}
 {{-   $pods := index (ternary (dict) $wait_for (kindIs "slice" $wait_for)) "pods" -}}
 {{-   $apps := index (ternary (dict) $wait_for (kindIs "slice" $wait_for)) "apps" -}}
 {{-   $namePart := index (ternary (dict) $wait_for (kindIs "slice" $wait_for)) "name" -}}
@@ -97,6 +106,10 @@
   - --pod-name
   - {{ tpl $pod $dot }}
   {{- end }}
+  {{- range $service := default (list) $services }}
+  - --service-name
+  - {{ tpl $service $dot }}
+  {{- end }}
   {{- range $app := default (list) $apps }}
   - --app-name
   - {{ tpl $app $dot }}
diff --git a/kubernetes/common/repositoryGenerator/values.yaml b/kubernetes/common/repositoryGenerator/values.yaml
index 03ffdda..3b1acd9 100644
--- a/kubernetes/common/repositoryGenerator/values.yaml
+++ b/kubernetes/common/repositoryGenerator/values.yaml
@@ -39,10 +39,10 @@
   mariadbImage: bitnami/mariadb:10.5.8
   nginxImage: bitnami/nginx:1.21.4
   postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1
-  readinessImage: onap/oom/readiness:5.0.1
+  readinessImage: onap/oom/readiness:6.0.2
   dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1
   drProvClientImage: onap/dmaap/datarouter-prov-client:2.1.15
-  quitQuitImage: onap/oom/readiness:5.0.1
+  quitQuitImage: onap/oom/readiness:6.0.2
 
   # Default credentials
   # they're optional. If the target repository doesn't need them, comment them
diff --git a/kubernetes/onap/resources/environments/dev.yaml b/kubernetes/onap/resources/environments/dev.yaml
index c2b4403..e0ceea6 100644
--- a/kubernetes/onap/resources/environments/dev.yaml
+++ b/kubernetes/onap/resources/environments/dev.yaml
@@ -32,7 +32,7 @@
   #repository: nexus3.onap.org:10001
 
   # readiness check
-  readinessImage: onap/oom/readiness:3.0.1
+  readinessImage: onap/oom/readiness:6.0.2
 
   # logging agent - temporary repo until images migrated to nexus3
   loggingRepository: docker.elastic.co
diff --git a/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml b/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml
index a51106f..0a4a2f8 100644
--- a/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml
+++ b/kubernetes/onap/resources/overrides/onap-5g-network-slicing.yaml
@@ -35,7 +35,7 @@
     password: docker
 
   # readiness check
-  readinessImage: onap/oom/readiness:3.0.1
+  readinessImage: onap/oom/readiness:6.0.2
 
   # logging agent - temporary repo until images migrated to nexus3
   loggingRepository: docker.elastic.co
diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml
index a4bf64b..f850936 100755
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -103,7 +103,7 @@
   postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1
 
   # readiness check image
-  readinessImage: onap/oom/readiness:5.0.1
+  readinessImage: onap/oom/readiness:6.0.2
 
   # image pull policy
   pullPolicy: Always
diff --git a/kubernetes/platform/components/cmpv2-cert-provider/values.yaml b/kubernetes/platform/components/cmpv2-cert-provider/values.yaml
index b038b52..94416b4 100644
--- a/kubernetes/platform/components/cmpv2-cert-provider/values.yaml
+++ b/kubernetes/platform/components/cmpv2-cert-provider/values.yaml
@@ -15,7 +15,7 @@
 # Global
 global:
   nodePortPrefix: 302
-  readinessImage: onap/oom/readiness:3.0.1
+  readinessImage: onap/oom/readiness:6.0.2
   loggingRepository: docker.elastic.co
   loggingImage: beats/filebeat:5.5.0
   busyboxRepository: registry.hub.docker.com
diff --git a/kubernetes/sdc/components/sdc-cs/values.yaml b/kubernetes/sdc/components/sdc-cs/values.yaml
index 2c896ea..f6317b7 100644
--- a/kubernetes/sdc/components/sdc-cs/values.yaml
+++ b/kubernetes/sdc/components/sdc-cs/values.yaml
@@ -18,7 +18,7 @@
 #################################################################
 global:
   nodePortPrefix: 302
-  readinessImage: onap/oom/readiness:3.0.1
+  readinessImage: onap/oom/readiness:6.0.2
   loggingRepository: docker.elastic.co
   loggingImage: beats/filebeat:5.5.0
   sdc_cassandra:
diff --git a/kubernetes/so/components/so-admin-cockpit/values.yaml b/kubernetes/so/components/so-admin-cockpit/values.yaml
index c10b509..2ec3d2e 100644
--- a/kubernetes/so/components/so-admin-cockpit/values.yaml
+++ b/kubernetes/so/components/so-admin-cockpit/values.yaml
@@ -26,7 +26,7 @@
   nodePortPrefix: 302
   nodePortPrefixExt: 304
   repository: nexus3.onap.org:10001
-  readinessImage: onap/oom/readiness:3.0.1
+  readinessImage: onap/oom/readiness:6.0.2
   envsubstImage: dibi/envsubst
   persistence:
     mountPath: /dockerdata-nfs
diff --git a/kubernetes/so/components/so-mariadb/values.yaml b/kubernetes/so/components/so-mariadb/values.yaml
index 6fdfd75..39d5e08 100755
--- a/kubernetes/so/components/so-mariadb/values.yaml
+++ b/kubernetes/so/components/so-mariadb/values.yaml
@@ -22,7 +22,7 @@
   nodePortPrefix: 302
   nodePortPrefixExt: 304
   repository: nexus3.onap.org:10001
-  readinessImage: onap/oom/readiness:5.0.1
+  readinessImage: onap/oom/readiness:6.0.2
   ubuntuInitRepository: docker.io
   mariadbGalera:
     # flag to enable the DB creation via mariadb-operator