Merge "[COMMON] Add and run pre-commit linters via tox"
diff --git a/docs/oom_setup_ingress_controller.rst b/docs/oom_setup_ingress_controller.rst
index e49c72a..cb385da 100644
--- a/docs/oom_setup_ingress_controller.rst
+++ b/docs/oom_setup_ingress_controller.rst
@@ -139,8 +139,8 @@
> ./install-metallb-on-cluster.sh
-Configuration Ngninx ingress controller
-=======================================
+Configuration Nginx ingress controller
+======================================
After installation DNS server and ingress controller we can install and
configure ingress controller.
diff --git a/docs/oom_setup_kubernetes_rancher.rst b/docs/oom_setup_kubernetes_rancher.rst
index e002d38..6272f83 100644
--- a/docs/oom_setup_kubernetes_rancher.rst
+++ b/docs/oom_setup_kubernetes_rancher.rst
@@ -428,7 +428,7 @@
NFS Master, and configure all Worker nodes a Kubernetes cluster to play
the role of NFS slaves.
-It is recommneded that a separate VM, outside of the kubernetes
+It is recommended that a separate VM, outside of the kubernetes
cluster, be used. This is to ensure that the NFS Master does not compete for
resources with Kubernetes Control Plane or Worker Nodes.
diff --git a/docs/oom_setup_paas.rst b/docs/oom_setup_paas.rst
index 845fd47..6b7b9c3 100644
--- a/docs/oom_setup_paas.rst
+++ b/docs/oom_setup_paas.rst
@@ -16,7 +16,7 @@
of k8s PaaS for ONAP operations and can be installed to provide
additional functionality for ONAP engineers.
-The versions of PaaS compoents that are supported by OOM are as follows:
+The versions of PaaS components that are supported by OOM are as follows:
.. table:: ONAP PaaS components
diff --git a/docs/oom_user_guide.rst b/docs/oom_user_guide.rst
index 5f63c7d..3212fd3 100644
--- a/docs/oom_user_guide.rst
+++ b/docs/oom_user_guide.rst
@@ -570,7 +570,7 @@
Here the Name column shows the RELEASE NAME, In our case we want to try the
scale operation on cassandra, thus the RELEASE NAME would be dev-cassandra.
-Now we need to obtain the chart name for casssandra. Use the below
+Now we need to obtain the chart name for cassandra. Use the below
command to get the chart name::
> helm search cassandra
@@ -585,15 +585,15 @@
local/sdc-cs 8.0.0 ONAP Service Design and Creation Cassandra
Here the Name column shows the chart name. As we want to try the scale
-operation for cassandra, thus the correponding chart name is local/cassandra
+operation for cassandra, thus the corresponding chart name is local/cassandra
Now we have both the command's arguments, thus we can perform the
-scale opeartion for cassandra as follows::
+scale operation for cassandra as follows::
> helm upgrade dev-cassandra local/cassandra --set replicaCount=3
-Using this command we can scale up or scale down the cassadra db instances.
+Using this command we can scale up or scale down the cassandra db instances.
The ONAP components use Kubernetes provided facilities to build clustered,
diff --git a/docs/release-notes-beijing.rst b/docs/release-notes-beijing.rst
index 1172a08..84f86c1 100644
--- a/docs/release-notes-beijing.rst
+++ b/docs/release-notes-beijing.rst
@@ -231,7 +231,7 @@
* [`OOM-514 <https://jira.onap.org/browse/OOM-514>`_] - Readiness prob fails sometimes even though the relevant pods are running
* [`OOM-539 <https://jira.onap.org/browse/OOM-539>`_] - Kube2MSB registrator doesn't support https REST service registration
* [`OOM-570 <https://jira.onap.org/browse/OOM-570>`_] - Wrong value is assigned to kube2msb AUTH_TOKEN environment variable
-* [`OOM-574 <https://jira.onap.org/browse/OOM-574>`_] - OOM configuration for robot doesnt copy heat templatese in dockerdata-nfs
+* [`OOM-574 <https://jira.onap.org/browse/OOM-574>`_] - OOM configuration for robot does not copy heat templatese in dockerdata-nfs
* [`OOM-577 <https://jira.onap.org/browse/OOM-577>`_] - Incorrect evaluation of bash command in yaml template file (portal-vnc-dep.yaml)
* [`OOM-578 <https://jira.onap.org/browse/OOM-578>`_] - Hard coded token in oom/kubernetes/kube2msb/values.yaml file
* [`OOM-589 <https://jira.onap.org/browse/OOM-589>`_] - Can not acces CLI in vnc-portal
@@ -299,7 +299,7 @@
* [`OOM-913 <https://jira.onap.org/browse/OOM-913>`_] - Consul agent pod is failing
* [`OOM-916 <https://jira.onap.org/browse/OOM-916>`_] - Used to fix testing issues related to usability
* [`OOM-918 <https://jira.onap.org/browse/OOM-918>`_] - Policy - incorrect configmap mount causes base.conf to disappear
-* [`OOM-920 <https://jira.onap.org/browse/OOM-920>`_] - Issue with CLAMP configuation
+* [`OOM-920 <https://jira.onap.org/browse/OOM-920>`_] - Issue with CLAMP configuration
* [`OOM-921 <https://jira.onap.org/browse/OOM-921>`_] - align onap/values.yaml and onap/resources/environments/dev.yaml - different /dockerdata-nfs
* [`OOM-926 <https://jira.onap.org/browse/OOM-926>`_] - Disable clustering for APP-C out-of-the-box
* [`OOM-927 <https://jira.onap.org/browse/OOM-927>`_] - Need a production grade configuration override file of ONAP deployment
@@ -316,7 +316,7 @@
* [`OOM-948 <https://jira.onap.org/browse/OOM-948>`_] - make vfc got an error
* [`OOM-951 <https://jira.onap.org/browse/OOM-951>`_] - Update APPC charts based on on changes for ccsdk and Nitrogen ODL
* [`OOM-953 <https://jira.onap.org/browse/OOM-953>`_] - switch aai haproxy/hbase repo from hub.docker.com to nexus3
-* [`OOM-958 <https://jira.onap.org/browse/OOM-958>`_] - SDC-be deployment missing environment paramter
+* [`OOM-958 <https://jira.onap.org/browse/OOM-958>`_] - SDC-be deployment missing environment parameter
* [`OOM-964 <https://jira.onap.org/browse/OOM-964>`_] - SDC Healthcheck failure on sdc-be and sdc-kb containers down
* [`OOM-968 <https://jira.onap.org/browse/OOM-968>`_] - warning on default deployment values.yaml
* [`OOM-969 <https://jira.onap.org/browse/OOM-969>`_] - oomk8s images have no Dockerfile's
@@ -330,7 +330,7 @@
* [`OOM-993 <https://jira.onap.org/browse/OOM-993>`_] - AAI model-loader.properties not in sync with project file
* [`OOM-994 <https://jira.onap.org/browse/OOM-994>`_] - DCAE cloudify controller docker image 1.1.0 N/A - use 1.2.0/1.3.0
* [`OOM-1003 <https://jira.onap.org/browse/OOM-1003>`_] - dcae-cloudify-manager chart references obsolete image version
-* [`OOM-1004 <https://jira.onap.org/browse/OOM-1004>`_] - aai-resources constantly fails due to cassanda hostname
+* [`OOM-1004 <https://jira.onap.org/browse/OOM-1004>`_] - aai-resources constantly fails due to cassandra hostname
* [`OOM-1005 <https://jira.onap.org/browse/OOM-1005>`_] - AAI Widgets not loading due to duplicate volumes
* [`OOM-1007 <https://jira.onap.org/browse/OOM-1007>`_] - Update dcae robot health check config
* [`OOM-1008 <https://jira.onap.org/browse/OOM-1008>`_] - Set default consul server replica count to 1
@@ -366,7 +366,7 @@
* [`OOM-1068 <https://jira.onap.org/browse/OOM-1068>`_] - Update SO with new AAI cert
* [`OOM-1076 <https://jira.onap.org/browse/OOM-1076>`_] - some charts still using readiness check image from amsterdam 1.x
* [`OOM-1077 <https://jira.onap.org/browse/OOM-1077>`_] - AAI resources and traversal deployment failure on non-rancher envs
-* [`OOM-1079 <https://jira.onap.org/browse/OOM-1079>`_] - Robot charts dont allow over ride of pub_key, dcae_collector_ip and dcae_collector_port
+* [`OOM-1079 <https://jira.onap.org/browse/OOM-1079>`_] - Robot charts do not allow over ride of pub_key, dcae_collector_ip and dcae_collector_port
* [`OOM-1081 <https://jira.onap.org/browse/OOM-1081>`_] - Remove component 'mock' from TOSCA deployment
* [`OOM-1082 <https://jira.onap.org/browse/OOM-1082>`_] - Wrong pv location of dcae postgres
* [`OOM-1085 <https://jira.onap.org/browse/OOM-1085>`_] - appc hostname is incorrect in url
diff --git a/docs/release-notes-casablanca.rst b/docs/release-notes-casablanca.rst
index 6a6a196..6b85730 100644
--- a/docs/release-notes-casablanca.rst
+++ b/docs/release-notes-casablanca.rst
@@ -30,7 +30,7 @@
class provisioner
* CPU and Memory limits in Helm Charts to improve Pod placement based on
- resource availablity in Kubernetes Cluster
+ resource availability in Kubernetes Cluster
* Support of Node Selectors for Pod placement
diff --git a/docs/release-notes-dublin.rst b/docs/release-notes-dublin.rst
index 1974756..7a32297 100644
--- a/docs/release-notes-dublin.rst
+++ b/docs/release-notes-dublin.rst
@@ -27,7 +27,7 @@
**Platform Resiliency**
-* Documenation of a Highly-Available Kubernetes Cluster Deployment
+* Documentation of a Highly-Available Kubernetes Cluster Deployment
* Availability of a Default Storage Class Provisioner for improved Persistent
Storage resiliency
* Availability of a CNI reference integration for Multi-site support
diff --git a/docs/release-notes-elalto.rst b/docs/release-notes-elalto.rst
index bbbf271..b405902 100644
--- a/docs/release-notes-elalto.rst
+++ b/docs/release-notes-elalto.rst
@@ -26,7 +26,7 @@
Summary
-------
-The focus of this release was on maintanence and as such no new features were
+The focus of this release was on maintenance and as such no new features were
delivered.
A list of issues resolved in this release can be found here: https://jira.onap.org/projects/OOM/versions/10726
diff --git a/docs/release-notes-honolulu.rst b/docs/release-notes-honolulu.rst
index 0c8d81f..59f40ec 100644
--- a/docs/release-notes-honolulu.rst
+++ b/docs/release-notes-honolulu.rst
@@ -136,7 +136,7 @@
-----------
- `<https://github.com/bitnami/bitnami-docker-mariadb-galera/issues/35>`_
- Workaround is to generate a password with "short" strenght or pregenerate
+ Workaround is to generate a password with "short" strength or pregenerate
passwords without single quote in it. Default deployment is using "short"
password generation for mariadb.
diff --git a/docs/spelling_wordlist.txt b/docs/spelling_wordlist.txt
index c860d4a..5140ec2 100644
--- a/docs/spelling_wordlist.txt
+++ b/docs/spelling_wordlist.txt
@@ -1,5 +1,6 @@
AAF
AAI
+ACL
adaptor
Adaptor
adaptors
@@ -59,6 +60,7 @@
Financials
geocoder
Gerrit
+Git
Github
graphSON
guestOS
@@ -141,6 +143,7 @@
JUnit
Junits
JUnits
+Karaf
keypair
Keypair
keypairs
@@ -155,6 +158,7 @@
keyValue
Kibana
Kibibytes
+kubectl
Kubernetes
LF
lifecycle
@@ -173,6 +177,7 @@
MacAddress
macOS
Malware
+MariaDB
metadata
Metadata
microservice
@@ -217,14 +222,18 @@
Onboarding
online
OOF
+oom
OOM
OpenDaylight
+OpenFlow
openo
OpenO
Opensource
Openstack
OpenStack
OSS
+ovs
+ovsdb
Pandoc
partitionKey
Partitionkey
@@ -272,6 +281,7 @@
Refactored
registrator
Registrator
+releng
repo
Repo
repos
diff --git a/kubernetes/a1policymanagement/requirements.yaml b/kubernetes/a1policymanagement/requirements.yaml
index ba5f5d5..401f2e3 100644
--- a/kubernetes/a1policymanagement/requirements.yaml
+++ b/kubernetes/a1policymanagement/requirements.yaml
@@ -24,3 +24,6 @@
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
diff --git a/kubernetes/a1policymanagement/templates/statefulset.yaml b/kubernetes/a1policymanagement/templates/statefulset.yaml
index 54ee151..1d25f31 100644
--- a/kubernetes/a1policymanagement/templates/statefulset.yaml
+++ b/kubernetes/a1policymanagement/templates/statefulset.yaml
@@ -106,6 +106,7 @@
- name: {{ include "common.fullname" . }}
mountPath: "/var/policy-management-service/database"
resources: {{ include "common.resources" . | nindent 10 }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: {{ include "common.fullname" . }}-policy-conf-input
configMap:
diff --git a/kubernetes/a1policymanagement/values.yaml b/kubernetes/a1policymanagement/values.yaml
index 5c9c321..103a621 100644
--- a/kubernetes/a1policymanagement/values.yaml
+++ b/kubernetes/a1policymanagement/values.yaml
@@ -159,4 +159,8 @@
mountPath: /dockerdata-nfs
mountSubPath: nonrtric/policymanagementservice
-
+#Pods Service Account
+serviceAccount:
+ nameOverride: a1policymanagement
+ roles:
+ - read
diff --git a/kubernetes/aai/components/aai-schema-service/values.yaml b/kubernetes/aai/components/aai-schema-service/values.yaml
index 18ef89f..252df40 100644
--- a/kubernetes/aai/components/aai-schema-service/values.yaml
+++ b/kubernetes/aai/components/aai-schema-service/values.yaml
@@ -74,7 +74,7 @@
- aai_keystore
# application image
-image: onap/aai-schema-service:1.9.1
+image: onap/aai-schema-service:1.9.2
pullPolicy: Always
restartPolicy: Always
flavorOverride: small
diff --git a/kubernetes/common/timescaledb/templates/statefulset.yaml b/kubernetes/common/timescaledb/templates/statefulset.yaml
index 9b63de4..435c925 100644
--- a/kubernetes/common/timescaledb/templates/statefulset.yaml
+++ b/kubernetes/common/timescaledb/templates/statefulset.yaml
@@ -31,6 +31,18 @@
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . ) }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
+ initContainers:
+ - name: chowm-mount-path
+ command:
+ - /bin/sh
+ args:
+ - -c
+ - chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.runAsGroup }} /var/lib/postgresql/data
+ image: {{ include "repositoryGenerator.image.busybox" . }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - mountPath: /var/lib/postgresql/data
+ name: {{ include "common.fullname" . }}
containers:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }}
diff --git a/kubernetes/common/timescaledb/values.yaml b/kubernetes/common/timescaledb/values.yaml
index b6d2fac..55acd92 100644
--- a/kubernetes/common/timescaledb/values.yaml
+++ b/kubernetes/common/timescaledb/values.yaml
@@ -40,13 +40,15 @@
podSecurityContext: {}
# fsGroup: 2000
-securityContext: {}
+securityContext:
+ # Uid and gid to run the entrypoint of the container process (uid 70 is postgres user and gid 70 is postgres group)
+ runAsUser: 70
+ runAsGroup: 70
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
- # runAsUser: 1000
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
diff --git a/kubernetes/msb/components/msb-discovery/values.yaml b/kubernetes/msb/components/msb-discovery/values.yaml
index e981bbd..f0eabde 100644
--- a/kubernetes/msb/components/msb-discovery/values.yaml
+++ b/kubernetes/msb/components/msb-discovery/values.yaml
@@ -21,7 +21,7 @@
# Application configuration defaults.
#################################################################
# application image
-image: onap/msb/msb_discovery:1.2.7
+image: onap/msb/msb_discovery:1.3.0
pullPolicy: Always
istioSidecar: true
diff --git a/kubernetes/msb/components/msb-eag/values.yaml b/kubernetes/msb/components/msb-eag/values.yaml
index 0a343cf..ef36b13 100644
--- a/kubernetes/msb/components/msb-eag/values.yaml
+++ b/kubernetes/msb/components/msb-eag/values.yaml
@@ -52,7 +52,7 @@
# Application configuration defaults.
#################################################################
# application image
-image: onap/msb/msb_apigateway:1.2.8
+image: onap/msb/msb_apigateway:1.3.0
pullPolicy: Always
istioSidecar: true
diff --git a/kubernetes/msb/components/msb-iag/values.yaml b/kubernetes/msb/components/msb-iag/values.yaml
index baf2bec..4610232 100644
--- a/kubernetes/msb/components/msb-iag/values.yaml
+++ b/kubernetes/msb/components/msb-iag/values.yaml
@@ -52,7 +52,7 @@
# Application configuration defaults.
#################################################################
# application image
-image: onap/msb/msb_apigateway:1.2.8
+image: onap/msb/msb_apigateway:1.3.0
pullPolicy: Always
istioSidecar: true