[AAI] Reintegrate AAI OOM charts in main repo
AAI chart is currently in its own directory. As a lot will be done in
the charts with tight coordination between "common" part and components
parts, it's a lot easier to have everything in a same place for now.
Issue-ID: OOM-2513
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I5e27f7de286bf74e6d3a443e1cb31f63b3d83265
[Update aai to commit 18d4bd165e12cb4d03baa318e506f0dda381cd89]
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
diff --git a/kubernetes/aai/components/aai-sparky-be/.helmignore b/kubernetes/aai/components/aai-sparky-be/.helmignore
new file mode 100644
index 0000000..daebc7d
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/kubernetes/aai/components/aai-sparky-be/Chart.yaml b/kubernetes/aai/components/aai-sparky-be/Chart.yaml
new file mode 100644
index 0000000..a817934
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: ONAP AAI sparky-be
+name: aai-sparky-be
+version: 7.0.0
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application-oxm-default.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application-oxm-default.properties
new file mode 100644
index 0000000..67a22f7
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application-oxm-default.properties
@@ -0,0 +1,16 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+oxm.apiVersion=v14
+oxm.apiVersionList=v8,v9,v10,v11,v12,v13,v14
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application-oxm-override.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application-oxm-override.properties
new file mode 100644
index 0000000..5c733e8
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application-oxm-override.properties
@@ -0,0 +1,16 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+oxm.apiVersionOverride=v14
+oxm.apiVersionList=v8,v9,v10,v11,v12,v13,v14
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application-oxm-schema-prod.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application-oxm-schema-prod.properties
new file mode 100644
index 0000000..c7f6bbc
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application-oxm-schema-prod.properties
@@ -0,0 +1,28 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+oxm.schemaNodeDir=/opt/app/sparky/onap/oxm
+#schemaServiceTranslator is used to define whether to retreive the oxm from schema service microservice or read from the disk, possible values are schema-service/config
+oxm.schemaServiceTranslatorList=config
+# The end point for onap is https://<hostname>:<port>/onap/schema-service/v1/
+oxm.schemaServiceBaseUrl=https://<schema-service/config>/aai/schema-service/v1/
+oxm.schemaServiceKeystore=file:${CONFIG_HOME}/auth/aai-client-cert.p12
+oxm.schemaServiceTruststore=file:${CONFIG_HOME}/auth/tomcat_keystore
+oxm.schemaServiceKeystorePassword=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o
+oxm.schemaServiceTruststorePassword=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o
+
+
+
+# Schema Service need this variable for the time being
+spring.applicationName=sparky
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application-resources.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application-resources.properties
new file mode 100644
index 0000000..cdd3d48
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application-resources.properties
@@ -0,0 +1,20 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+resources.hostname=aai
+resources.port=8443
+resources.authType=SSL_BASIC
+resources.basicAuthUserName=aai@aai.onap.org
+resources.basicAuthPassword=1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek
+resources.trust-store=tomcat_keystore
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application-ssl.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application-ssl.properties
new file mode 100644
index 0000000..50e8432
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application-ssl.properties
@@ -0,0 +1,20 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+server.port=8000
+server.ssl.key-store=file:${CONFIG_HOME}/auth/org.onap.aai.p12
+server.ssl.key-store-password=OBF:1cqc1l4h1qhu1j751p3j1kmy1ncw1o6g1hf418571g7i1d9r1dan1ga8185f1hfy1o461ncu1kjo1p671j7x1qjg1l8t1cne
+server.ssl.enabled-protocols=TLSv1.1,TLSv1.2
+server.ssl.trust-store=file:${CONFIG_HOME}/auth/truststoreONAPall.jks
+server.ssl.trust-store-password=OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application-sync.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application-sync.properties
new file mode 100644
index 0000000..4fb10a2
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application-sync.properties
@@ -0,0 +1,6 @@
+aggregationSyncEnabled=true
+historicalEntitySyncEnabled=true
+autoSuggestSyncEnabled=true
+vnfAliasSyncEnabled=true
+geoSyncEnabled=true
+viewInspectSyncEnabled=true
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application.properties
new file mode 100644
index 0000000..108f9ef
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application.properties
@@ -0,0 +1,35 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#
+# disable the default thyme leaf icon on web-pages
+#
+spring.mvc.favicon.enabled=false
+
+#
+# to switch to http, remove ssl and put http
+# and in the values.yaml change the internalPort to 9517
+#
+
+spring.profiles.active=camel,ssl,fe-prod,oxm-schema-prod,oxm-default,resources,sync,portal
+
+portal.cadiFileLocation={{.Values.config.cadiFileLocation}}
+portal.cadiFileLocation={{.Values.config.cadiFileLocation}}
+searchservice.hostname={{.Values.global.searchData.serviceName}}
+searchservice.port=9509
+searchservice.client-cert=client-cert-onap.p12
+searchservice.client-cert-password=1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+searchservice.truststore=tomcat_keystore
+
+schema.ingest.file=${CONFIG_HOME}/schemaIngest.properties
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/auth/client-cert-onap.p12 b/kubernetes/aai/components/aai-sparky-be/resources/config/auth/client-cert-onap.p12
new file mode 100644
index 0000000..aa4ae74
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/auth/client-cert-onap.p12
Binary files differ
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/auth/csp-cookie-filter.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/auth/csp-cookie-filter.properties
new file mode 100644
index 0000000..6edc3d9
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/auth/csp-cookie-filter.properties
@@ -0,0 +1,26 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+global.login.url=aaiportal.onap.org
+
+# MOTS ID of the application
+application.id=12345
+
+# valid domains for open redirect
+redirect-domain=domain.com
+
+# Required by esGateKeeper. Valid values are:
+# DEVL - used during development
+# PROD - used in production
+gatekeeper.environment=TEST
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/auth/org.onap.aai.p12 b/kubernetes/aai/components/aai-sparky-be/resources/config/auth/org.onap.aai.p12
new file mode 100644
index 0000000..b2449c6
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/auth/org.onap.aai.p12
Binary files differ
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/portal/BOOT-INF/classes/key.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/portal/BOOT-INF/classes/key.properties
new file mode 100644
index 0000000..67268e3
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/portal/BOOT-INF/classes/key.properties
@@ -0,0 +1 @@
+cipher.enc.key=AGLDdG4D04BKm2IxIWEr8o==!
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties
new file mode 100644
index 0000000..e18585d
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties
@@ -0,0 +1,47 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+################################################################################
+############################## Portal properties ###############################
+################################################################################
+
+# Java class that implements the ECOMP role and user mgt API
+portal.api.impl.class = org.onap.aai.sparky.security.portal.PortalRestAPICentralServiceImpl
+
+# Instance of ECOMP Portal where the app has been on-boarded
+# use insecure http for dev purposes to avoid self-signed certificate
+ecomp_rest_url = https://portal-app:8443/ONAPPORTAL/auxapi
+
+# Standard global logon page
+ecomp_redirect_url = https://portal.api.simpledemo.onap.org:30225/ONAPPORTAL/login.htm
+
+# Name of cookie to extract on login request
+csp_cookie_name = EPService
+# Alternate values: DEVL, V_DEVL, V_PROD
+csp_gate_keeper_prod_key = PROD
+
+# Toggles use of UEB
+ueb_listeners_enable = false
+# IDs application withing UEB flow
+ueb_app_key=ueb_key_7
+# Use this tag if the app is centralized
+role_access_centralized=remote
+
+# Connection and Read timeout values
+ext_req_connection_timeout=15000
+ext_req_read_timeout=20000
+
+#Add AAF namespace if the app is centralized
+auth_namespace={{.Values.config.aafNamespace}}
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/portal/cadi.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/portal/cadi.properties
new file mode 100644
index 0000000..1f154b6
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/portal/cadi.properties
@@ -0,0 +1,45 @@
+# Configure AAF
+aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095
+aaf_url=<%=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.service:2.1
+
+#aaf_url=https://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=2.0/envContext=TEST/routeOffer=BAU_SE
+# AAF Environment Designation
+
+#if you are running aaf service from a docker image you have to use aaf service IP and port number
+aaf_id={{.Values.config.aafUsername}}
+#Encrypt the password using AAF Jar
+aaf_password={{.Values.config.aafPassword}}
+# Sample CADI Properties, from CADI 1.4.2
+#hostname=org.onap.aai.orr
+csp_domain=PROD
+# Add Absolute path to Keyfile
+cadi_keyfile={{.Values.config.cadiKeyFile}}
+
+# This is required to accept Certificate Authentication from Certman certificates.
+# can be TEST, IST or PROD
+aaf_env=DEV
+
+# DEBUG prints off all the properties. Use to get started.
+cadi_loglevel=DEBUG
+
+# Add Absolute path to truststore2018.jks
+cadi_truststore={{.Values.config.cadiTrustStore}}
+# Note: This is the ONLY password that doesn't have to be encrypted. All Java's TrustStores are this passcode by default, because they are public certs
+cadi_truststore_password={{.Values.config.cadiTrustStorePassword}}
+
+# how to turn on SSL Logging
+#javax.net.debug=ssl
+
+# Use "maps.bing.com" to get Lat and Long for an Address
+AFT_LATITUDE=32.780140
+AFT_LONGITUDE=-96.800451
+AFT_ENVIRONMENT=AFTUAT
+AFT_DME2_CLIENT_IGNORE_SSL_CONFIG=true
+DME2.DEBUG=true
+AFT_DME2_HTTP_EXCHANGE_TRACE_ON=true
+
+cadi_latitude=32.780140
+cadi_longitude=-96.800451
+
+aaf_root_ns=com.att.aaf
+aaf_api_version=2.0
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/portal/keyFile b/kubernetes/aai/components/aai-sparky-be/resources/config/portal/keyFile
new file mode 100644
index 0000000..921ce67
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/portal/keyFile
@@ -0,0 +1,27 @@
+77E_fh-8gTjeg8egAo-JgNkXYm1FGEBPMo44vKPgKyGCJj9Dn0xJqIBct2Ko35X4_HSU3wPq3I2q
+YHIvJCjmzXTVu2zvu4rIGTlwycTtLGDkgPyhOYFytv4GgazbpSs9331MPUeVVrdpkDCQmjtHSB4m
+DThhfEe2lkbZ35ljX3sVSf3JDy4ngRot0ktQwnnY4vxFdgVUl7LzVinXWgFLoqMyXmKh_bGw9aUH
+VMgqFsF_YmqLZY5ZARAraeywktvrU5kXYh5SnfXoJy7XIk0TBjHKqO-1mW-TcIgS3_v6GIGkZnpq
+e1FyE8cS21gTPFlc1KDoWUZE2yoEsQKJc4RFWfjid_mE6nckxym1TOsEn3G2_TlkZvliN_QMDB_c
+RuFLDB9HCChm4YYHpSn-RBqtJFz29bMTHQX8VNVfZ_Zhh-4dWOlEfpSzJvAqm_boo-8y8YDGIusx
+mvKyPXEKVCuBOljHaKhYg0d43nAXIFsssKpjmtQizA2L_TP1Mo_lDFIlCsPcRlHKTvzkTstEAhRj
+JnepzA--olBMwBkPxjm1Y5XQBGZH72i_o4Hr7_NqHb9sP486I2Nd1-owjHkhacGrLO1oORnuBUxp
+_SnaXYywe9tTz3BcfFupXSoDv4Sj7g9B53yPIWmjGggigidql3SNJsui6qOtwDHOejzEDFm23Lj7
+fXD6sb52U_ul9ahi4CoLTzpvMsPRYOqyRCk8K8FVBauZbG5D42oaFPn0S0rCSHOCU1TXbRdTF-Cs
+I2R0pEHNgb33yx6vtInaTSYIQ5cxa3XDA_50AQearV5SuYSlp8dK0BkpVCKgvSQdTn-2WiaV_hvO
+KzG7D2adT1kYY6TjYMXIaUiJ33y1XSNDG0s6r4NG5dNE6Jj7thdpnV-AAZoi0uZh1_bsHKLVmHRr
+NCXAc6DZm1D4N9y5lOJwUprUlJisZXLFTQThGMRY5dtiY_eK9Xjj4FQygXXhuhFXHz2-e4YApORv
+lXDcT29IZuuI1j26bxdNdhNr1wZsqqievBN6l6OQMiP21eIrxAUu1BEmiVOrfOzaEjxldDN2gFum
+4-zf9gsQT9UT8KEuOje64wVeHr09JpWuddV9HOAMvqc6mKTWmvUv_QiLgtK_b39QccMrOfOA1usM
+biRJ9wuTYIr584Q9CjHEcm5e2YufcbF-IDZ4IDui8gNXyYJuusTYdspeKzrtiLKfgI56ZWA3it9G
+SOkN18YyUmhk7HFkx9qEifb4UEbUQPb0dyXBRotf-91c5CPkct-36uV4sZBA_AR1tX3-aRKKB_SQ
+B0zaG-eaEdEqKv-ZYHqk23ZxiEsCX3ZdY7VSMWztE3_D5n8UgEl4et5LVfnjvU-arVVO93WUbXk0
+zi2QrOwytOZ0StAvFdF1nVwWllPg4EYcn8qLJIaaBRvLMlpHixtwRhltwJeMmJl3ExImOxNhVbhF
+6LxVXW6JK8JfMIwb_TE4EShDBjemq76BojQOwrO4OAyPG7B5iUtefdY-Zu1EtjXPhrUgljI_A1tg
+5_2WNjNTCT7Bvig3saFsIRi3cvgIcMAF2H7kJYw3UDvCFnx4LIom2u6vSeyatPxEOhRfpP0KvgEU
+koM9DFJW7VWQ11mB_DcU2NoYHdFKFy_cM62kIvoRwZTADGryEtkLSWEDT8MLpVrGXP2RjSZ3HHqC
+vVpVqQHC2VIqNKi2uHtYCiTEfj81Z0rCrnH3hYIRoOSe5W6m17xyb0RloG0G44uK0oNCfDYLwK0L
+TJaBdWSIBYI__ISsKx8o8r-3XLtbwQPPhv4-LpGwJYd7sIcqnpTYAyNGSrbEM4ECzHCH9Hwf9Duy
+cAQGWqXIbTV9i8ryw8OhcCZPTf3noPZyhzzdegiv6KNT-BBbxsgtDehtP-jvpd9eAhjlfUV_hoFJ
+rBUVMFrIOEDnnItVqBDmnavRdhn6N9ObVjVMv_4inhkvtpBCEVxtVQT2kFuBmZvPu_uHHbXi7_g8
+SVs3AjJ2ya3pZraK6gH3IOYoGtTAH3rKl7XdTMjqWnUCbhepuJqeEOF-DhpsEW7Oo0Lqzbjg
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/portal/portal-authentication.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/portal/portal-authentication.properties
new file mode 100644
index 0000000..97b5399
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/portal/portal-authentication.properties
@@ -0,0 +1,31 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#####################################################################################
+############################## Portal Auth Properties ##############################
+#####################################################################################
+
+############################## Auth ##############################
+username={{.Values.config.portalUsername}}
+password={{.Values.config.portalPassword}}
+
+############################## ##############################
+#
+# ONAP Cookie Processing - During initial development, this flag, if true, will
+# prevent the portal interface's login processing from searching for a user
+# specific cookie, and will instead allow passage if a valid session cookie is discovered.
+onap_enabled={{.Values.config.portalOnapEnabled}}
+onap.user_id_cookie_name={{.Values.config.portalCookieName}}
+cookie_decryptor_classname={{.Values.config.cookieDecryptorClass}}
+app_roles={{.Values.config.portalAppRoles}}
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/roles.config b/kubernetes/aai/components/aai-sparky-be/resources/config/roles.config
new file mode 100644
index 0000000..ee131d8
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/roles.config
@@ -0,0 +1,20 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+[
+ {
+ "id":1,
+ "name":"View"
+ }
+]
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/users.config b/kubernetes/aai/components/aai-sparky-be/resources/config/users.config
new file mode 100644
index 0000000..ce69e88
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/users.config
@@ -0,0 +1,20 @@
+[{
+ "orgId": null,
+ "managerId": null,
+ "firstName": "Demo",
+ "middleInitial": null,
+ "lastName": "User",
+ "phone": null,
+ "email": "demo@email.com",
+ "hrid": null,
+ "orgUserId": "demo",
+ "orgCode": null,
+ "orgManagerUserId": null,
+ "jobTitle": null,
+ "loginId": "demo",
+ "active": false,
+ "roles": [{
+ "id": 1,
+ "name": "View"
+ }]
+}]
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-sparky-be/templates/configmap.yaml b/kubernetes/aai/components/aai-sparky-be/templates/configmap.yaml
new file mode 100644
index 0000000..9e0a572
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/templates/configmap.yaml
@@ -0,0 +1,72 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-prop
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/application.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/application-resources.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/application-ssl.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/application-oxm-default.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/application-oxm-override.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/application-oxm-schema-prod.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/roles.config").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/users.config").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-portal
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/portal/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-portal-props
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/portal/BOOT-INF/classes/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml b/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml
new file mode 100644
index 0000000..a4fe4e2
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml
@@ -0,0 +1,206 @@
+# Copyright (c) 2017 Amdocs, Bell Canada
+# Modifications Copyright (c) 2018 AT&T
+# Modifications Copyright (c) 2020 Nokia
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ include "common.release" . }}
+ name: {{ include "common.name" . }}
+ spec:
+ initContainers:
+ - command:
+ - /app/ready.py
+ args:
+ - --container-name
+ - aai-elasticsearch
+ - --container-name
+ - aai-search-data
+ - --container-name
+ - aai
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-readiness
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /opt/app/sparky/config/auth/client-cert-onap.p12
+ name: {{ include "common.fullname" . }}-auth-config
+ subPath: client-cert-onap.p12
+
+ - mountPath: /opt/app/sparky/config/auth/csp-cookie-filter.properties
+ name: {{ include "common.fullname" . }}-auth-config
+ subPath: csp-cookie-filter.properties
+
+ - mountPath: /opt/app/sparky/config/auth/org.onap.aai.p12
+ name: {{ include "common.fullname" . }}-auth-config
+ subPath: org.onap.aai.p12
+
+ - mountPath: /opt/app/sparky/config/auth/truststoreONAPall.jks
+ name: aai-common-aai-auth-mount
+ subPath: truststoreONAPall.jks
+
+ - mountPath: /opt/app/sparky/config/portal/
+ name: {{ include "common.fullname" . }}-portal-config
+
+ - mountPath: /opt/app/sparky/config/portal/BOOT-INF/classes/
+ name: {{ include "common.fullname" . }}-portal-config-props
+
+ - mountPath: /var/log/onap
+ name: {{ include "common.fullname" . }}-logs
+
+ - mountPath: /opt/app/sparky/config/application.properties
+ name: {{ include "common.fullname" . }}-properties
+ subPath: application.properties
+
+ - mountPath: /opt/app/sparky/config/application-resources.properties
+ name: {{ include "common.fullname" . }}-properties
+ subPath: application-resources.properties
+
+ - mountPath: /opt/app/sparky/config/application-ssl.properties
+ name: {{ include "common.fullname" . }}-properties
+ subPath: application-ssl.properties
+
+ - mountPath: /opt/app/sparky/config/application-oxm-default.properties
+ name: {{ include "common.fullname" . }}-properties
+ subPath: application-oxm-default.properties
+
+ - mountPath: /opt/app/sparky/config/application-oxm-override.properties
+ name: {{ include "common.fullname" . }}-properties
+ subPath: application-oxm-override.properties
+
+ - mountPath: /opt/app/sparky/config/application-oxm-schema-prod.properties
+ name: {{ include "common.fullname" . }}-properties
+ subPath: application-oxm-schema-prod.properties
+
+ - mountPath: /opt/app/sparky/config/roles.config
+ name: {{ include "common.fullname" . }}-properties
+ subPath: roles.config
+
+ - mountPath: /opt/app/sparky/config/users.config
+ name: {{ include "common.fullname" . }}-properties
+ subPath: users.config
+
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end -}}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ resources:
+{{ include "common.resources" . }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+ {{- end }}
+
+ # side car containers
+ - name: filebeat-onap
+ image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: /usr/share/filebeat/filebeat.yml
+ subPath: filebeat.yml
+ name: filebeat-conf
+ - mountPath: /var/log/onap
+ name: {{ include "common.fullname" . }}-logs
+ - mountPath: /usr/share/filebeat/data
+ name: aai-sparky-filebeat
+ resources:
+{{ include "common.resources" . }}
+
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+
+ - name: {{ include "common.fullname" . }}-properties
+ configMap:
+ name: {{ include "common.fullname" . }}-prop
+
+ - name: {{ include "common.fullname" . }}-config
+ configMap:
+ name: {{ include "common.fullname" . }}
+
+ - name: {{ include "common.fullname" . }}-portal-config
+ configMap:
+ name: {{ include "common.fullname" . }}-portal
+
+ - name: {{ include "common.fullname" . }}-portal-config-props
+ configMap:
+ name: {{ include "common.fullname" . }}-portal-props
+
+ - name: {{ include "common.fullname" . }}-auth-config
+ secret:
+ secretName: {{ include "common.fullname" . }}
+
+ - name: aai-common-aai-auth-mount
+ secret:
+ secretName: aai-common-aai-auth
+
+ - name: filebeat-conf
+ configMap:
+ name: aai-filebeat
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ - name: aai-sparky-filebeat
+ emptyDir: {}
+ - name: modeldir
+ emptyDir: {}
+ restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aai/components/aai-sparky-be/templates/ingress.yaml b/kubernetes/aai/components/aai-sparky-be/templates/ingress.yaml
new file mode 100644
index 0000000..8f87c68
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/templates/ingress.yaml
@@ -0,0 +1 @@
+{{ include "common.ingress" . }}
diff --git a/kubernetes/aai/components/aai-sparky-be/templates/secret.yaml b/kubernetes/aai/components/aai-sparky-be/templates/secret.yaml
new file mode 100644
index 0000000..292e035
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/templates/secret.yaml
@@ -0,0 +1,27 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }}
diff --git a/kubernetes/aai/components/aai-sparky-be/templates/service.yaml b/kubernetes/aai/components/aai-sparky-be/templates/service.yaml
new file mode 100644
index 0000000..5c939ae
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/templates/service.yaml
@@ -0,0 +1,38 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ {{- else -}}
+ - port: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ include "common.release" . }}
diff --git a/kubernetes/aai/components/aai-sparky-be/values.yaml b/kubernetes/aai/components/aai-sparky-be/values.yaml
new file mode 100644
index 0000000..10448b7
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/values.yaml
@@ -0,0 +1,120 @@
+# Copyright (c) 2018 Amdocs, Bell Canada, AT&T
+# Modifications Copyright (c) 2020 Nokia
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Default values for sparky-be.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+global: # global defaults
+ nodePortPrefix: 302
+ aai:
+ serviceName: aai
+ aaiElasticsearch:
+ serviceName: aai-elasticsearch
+ gizmo:
+ serviceName: aai-gizmo
+ searchData:
+ serviceName: aai-search-data
+ readinessImage: onap/oom/readiness:3.0.1
+
+# application image
+repository: nexus3.onap.org:10001
+image: onap/sparky-be:1.6.2
+pullPolicy: Always
+restartPolicy: Always
+flavor: small
+flavorOverride: small
+dockerhubRepository: registry.hub.docker.com
+ubuntuInitImage: oomk8s/ubuntu-init:2.0.0
+# application configuration
+config:
+ elasticsearchHttpPort: 9200
+ gerritBranch: 3.0.0-ONAP
+ gerritProject: http://gerrit.onap.org/r/aai/test-config
+ portalUsername: aaiui
+ portalPassword: OBF:1t2v1vfv1unz1vgz1t3b
+ portalCookieName: UserId
+ portalAppRoles: ui_view
+ aafUsername: aai@aai.onap.org
+ aafNamespace: org.onap.aai
+ aafPassword: enc:xxYw1FqXU5UpianbPeH5Rezg0YfjzuwQrSiLcCmJGfz
+ cadiKeyFile: /opt/app/sparky/config/portal/keyFile
+ cadiTrustStore: /opt/app/sparky/config/auth/truststoreONAPall.jks
+ cadiFileLocation: /opt/app/sparky/config/portal/cadi.properties
+ cadiTrustStorePassword: changeit
+ cookieDecryptorClass: org.onap.aai.sparky.security.BaseCookieDecryptor
+
+# ONAP Cookie Processing - During initial development, the following flag, if true, will
+# prevent the portal interface's login processing from searching for a user
+# specific cookie, and will instead allow passage if a valid session cookie is discovered.
+ portalOnapEnabled: true
+#
+
+# override chart name (sparky-be) to share a common namespace
+# suffix with parent chart (aai)
+nsSuffix: aai
+
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+
+service:
+ type: NodePort
+ portName: aai-sparky-be
+ internalPort: 8000
+ nodePort: 20
+
+ingress:
+ enabled: false
+ service:
+ - baseaddr: "aaisparkybe"
+ name: "aai-sparky-be"
+ port: 8000
+ config:
+ ssl: "redirect"
+
+# Configure resource requests and limits
+# ref: http://kubernetes.io/docs/user-guide/compute-resources/
+resources:
+ small:
+ limits:
+ cpu: 2
+ memory: 4Gi
+ requests:
+ cpu: 0.25
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4
+ memory: 8Gi
+ requests:
+ cpu: 0.5
+ memory: 2Gi
+ unlimited: {}