Merge "[SDC] use of certInitializer template"
diff --git a/kubernetes/sdc/Makefile b/kubernetes/sdc/Makefile
new file mode 100644
index 0000000..f2670c5
--- /dev/null
+++ b/kubernetes/sdc/Makefile
@@ -0,0 +1,50 @@
+# Copyright © 2020 Samsung Electronics, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+OUTPUT_DIR := $(ROOT_DIR)/../dist
+PACKAGE_DIR := $(OUTPUT_DIR)/packages
+SECRET_DIR := $(OUTPUT_DIR)/secrets
+
+EXCLUDES := dist resources templates charts docker
+HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+
+.PHONY: $(EXCLUDES) $(HELM_CHARTS)
+
+all: $(HELM_CHARTS)
+
+$(HELM_CHARTS):
+ @echo "\n[$@]"
+ @make package-$@
+
+make-%:
+ @if [ -f $*/Makefile ]; then make -C $*; fi
+
+dep-%: make-%
+ @if [ -f $*/requirements.yaml ]; then helm dep up $*; fi
+
+lint-%: dep-%
+ @if [ -f $*/Chart.yaml ]; then helm lint $*; fi
+
+package-%: lint-%
+ @mkdir -p $(PACKAGE_DIR)
+ @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+ @helm repo index $(PACKAGE_DIR)
+
+clean:
+ @rm -f */requirements.lock
+ @rm -f *tgz */charts/*tgz
+ @rm -rf $(PACKAGE_DIR)
+%:
+ @:
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml
deleted file mode 100644
index bc110c3..0000000
--- a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-{{/*
-# ================================================================================
-# Copyright (C) 2019, Nordix Foundation. All rights reserved.
-# ================================================================================
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-{{- if and .Values.persistence.enabled (not .Values.cert.persistence.existingClaim) -}}
-{{- if eq "True" (include "common.needPV" .) -}}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ .Values.cert.persistence.size}}
- accessModes:
- - {{ .Values.cert.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.cert.persistence.volumeReclaimPolicy }}
- storageClassName: "{{ include "common.fullname" . }}-data"
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.cert.persistence.mountSubPath }}
-{{- end -}}
-{{- end -}}
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml
deleted file mode 100644
index 006d736..0000000
--- a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-{{/*
-# ================================================================================
-# Copyright (C) 2019, Nordix Foundation. All rights reserved.
-# ================================================================================
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-{{- if and .Values.cert.persistence.enabled (not .Values.cert.persistence.existingClaim) -}}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-cert
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.cert.persistence.annotations }}
- annotations:
-{{ toYaml .Values.cert.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- accessModes:
- - {{ .Values.cert.persistence.accessMode }}
- storageClassName: {{ include "common.storageClass" . }}
- resources:
- requests:
- storage: {{ .Values.cert.persistence.size }}
-{{- end -}}
diff --git a/kubernetes/sdc/components/Makefile b/kubernetes/sdc/components/Makefile
new file mode 100644
index 0000000..8d3bf2b
--- /dev/null
+++ b/kubernetes/sdc/components/Makefile
@@ -0,0 +1,50 @@
+# Copyright © 2020 Samsung Electronics, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+OUTPUT_DIR := $(ROOT_DIR)/../../dist
+PACKAGE_DIR := $(OUTPUT_DIR)/packages
+SECRET_DIR := $(OUTPUT_DIR)/secrets
+
+EXCLUDES :=
+HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+
+.PHONY: $(EXCLUDES) $(HELM_CHARTS)
+
+all: $(HELM_CHARTS)
+
+$(HELM_CHARTS):
+ @echo "\n[$@]"
+ @make package-$@
+
+make-%:
+ @if [ -f $*/Makefile ]; then make -C $*; fi
+
+dep-%: make-%
+ @if [ -f $*/requirements.yaml ]; then helm dep up $*; fi
+
+lint-%: dep-%
+ @if [ -f $*/Chart.yaml ]; then helm lint $*; fi
+
+package-%: lint-%
+ @mkdir -p $(PACKAGE_DIR)
+ @if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+ @helm repo index $(PACKAGE_DIR)
+
+clean:
+ @rm -f */requirements.lock
+ @rm -f *tgz */charts/*tgz
+ @rm -rf $(PACKAGE_DIR)
+%:
+ @:
diff --git a/kubernetes/sdc/charts/sdc-be/.helmignore b/kubernetes/sdc/components/sdc-be/.helmignore
similarity index 100%
rename from kubernetes/sdc/charts/sdc-be/.helmignore
rename to kubernetes/sdc/components/sdc-be/.helmignore
diff --git a/kubernetes/sdc/charts/sdc-be/Chart.yaml b/kubernetes/sdc/components/sdc-be/Chart.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-be/Chart.yaml
rename to kubernetes/sdc/components/sdc-be/Chart.yaml
diff --git a/kubernetes/sdc/components/sdc-be/requirements.yaml b/kubernetes/sdc/components/sdc-be/requirements.yaml
new file mode 100644
index 0000000..b1d52ae
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-be/requirements.yaml
@@ -0,0 +1,23 @@
+# ============LICENSE_START=======================================================
+# Copyright (C) 2018 Ericsson. All rights reserved.
+# Modifications Copyright © 2020 AT&T. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+dependencies:
+ - name: certInitializer
+ version: ~6.x-0
+ repository: '@local'
\ No newline at end of file
diff --git a/kubernetes/sdc/charts/sdc-be/resources/config/logging/logback.xml b/kubernetes/sdc/components/sdc-be/resources/config/logging/logback.xml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-be/resources/config/logging/logback.xml
rename to kubernetes/sdc/components/sdc-be/resources/config/logging/logback.xml
diff --git a/kubernetes/sdc/charts/sdc-be/templates/NOTES.txt b/kubernetes/sdc/components/sdc-be/templates/NOTES.txt
similarity index 100%
rename from kubernetes/sdc/charts/sdc-be/templates/NOTES.txt
rename to kubernetes/sdc/components/sdc-be/templates/NOTES.txt
diff --git a/kubernetes/sdc/charts/sdc-be/templates/configmap.yaml b/kubernetes/sdc/components/sdc-be/templates/configmap.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-be/templates/configmap.yaml
rename to kubernetes/sdc/components/sdc-be/templates/configmap.yaml
diff --git a/kubernetes/sdc/charts/sdc-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-be/templates/deployment.yaml
similarity index 82%
rename from kubernetes/sdc/charts/sdc-be/templates/deployment.yaml
rename to kubernetes/sdc/components/sdc-be/templates/deployment.yaml
index 78f2912..e2329d7 100644
--- a/kubernetes/sdc/charts/sdc-be/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-be/templates/deployment.yaml
@@ -22,7 +22,7 @@
template:
metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
- initContainers:
+ initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
- name: {{ include "common.name" . }}-readiness
command:
- /app/ready.py
@@ -51,34 +51,46 @@
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
+ {{- if .Values.global.aafEnabled }}
- name: {{ include "common.name" . }}-update-config
image: "{{ .Values.global.envsubstImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command:
- sh
args:
- - -c
- - "cd /config-input && for PFILE in `find . -not -type d | grep -v -F ..`; do envsubst <${PFILE} >/config-output/${PFILE}; chmod 0755 /config-output/${PFILE}; done"
- env:
- - name: KEYSTORE_PASS
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-sdc-cs-secrets
- key: keystore_password
- - name: TRUSTSTORE_PASS
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-sdc-cs-secrets
- key: truststore_password
- volumeMounts:
+ - "-c"
+ - |
+ export $(grep '^c' {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
+ export KEYSTORE_PASS=$cadi_keystore_password_p12
+ export KEYMANAGER_PASS=$cadi_keystore_password_p12
+ export TRUSTSTORE_PASS=$cadi_truststore_password
+ cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }} /config-output
+ cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }} /config-output
+ cd /config-input && \
+ for PFILE in `find . -not -type d | grep -v -F ..`
+ do
+ envsubst <${PFILE} >/config-output/${PFILE}
+ chmod 0755 /config-output/${PFILE}
+ done
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
- name: {{ include "common.fullname" . }}-environments
mountPath: /config-input/
- name: sdc-environments-output
mountPath: /config-output/
+ {{- end }}
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- if .Values.global.aafEnabled }}
+ command:
+ - sh
+ args:
+ - "-c"
+ - |
+ sed -i '/trustStorePassword/d' ${JETTY_BASE}/startup.sh
+ ${JETTY_BASE}/startup.sh
+ {{- end }}
ports: {{ include "common.containerPorts" . | nindent 10 }}
{{ if eq .Values.liveness.enabled true }}
livenessProbe:
@@ -100,7 +112,7 @@
resources: {{ include "common.resources" . | nindent 12 }}
env:
- name: ENVNAME
- value: {{ .Values.global.env.name }}
+ value: {{ .Values.env.name }}
- name: JAVA_OPTIONS
value: {{ .Values.config.javaOptions }}
- name: cassandra_ssl_enabled
@@ -112,10 +124,10 @@
volumeMounts:
- name: sdc-environments-output
mountPath: /var/lib/jetty/chef-solo/environments/
- - name: sdc-cert
+ - name: sdc-environments-output
mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.p12
subPath: org.onap.sdc.p12
- - name: sdc-cert
+ - name: sdc-environments-output
mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.trust.jks
subPath: org.onap.sdc.trust.jks
- name: {{ include "common.fullname" . }}-localtime
@@ -142,13 +154,10 @@
mountPath: /var/log/onap
- name: {{ include "common.fullname" . }}-data-filebeat
mountPath: /usr/share/filebeat/data
- volumes:
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
- name: {{ include "common.fullname" . }}-localtime
hostPath:
path: /etc/localtime
- - name: sdc-cert
- secret:
- secretName: sdc-cert
- name: {{ include "common.fullname" . }}-filebeat-conf
configMap:
name: {{ include "common.release" . }}-sdc-filebeat-configmap
diff --git a/kubernetes/sdc/charts/sdc-be/templates/ingress.yaml b/kubernetes/sdc/components/sdc-be/templates/ingress.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-be/templates/ingress.yaml
rename to kubernetes/sdc/components/sdc-be/templates/ingress.yaml
diff --git a/kubernetes/sdc/charts/sdc-be/templates/job.yaml b/kubernetes/sdc/components/sdc-be/templates/job.yaml
similarity index 97%
rename from kubernetes/sdc/charts/sdc-be/templates/job.yaml
rename to kubernetes/sdc/components/sdc-be/templates/job.yaml
index 8a5f2fa..d9c3e51 100644
--- a/kubernetes/sdc/charts/sdc-be/templates/job.yaml
+++ b/kubernetes/sdc/components/sdc-be/templates/job.yaml
@@ -56,7 +56,7 @@
mountPath: /var/lib/jetty/logs
env:
- name: ENVNAME
- value: {{ .Values.global.env.name }}
+ value: {{ .Values.env.name }}
- name: HOST_IP
valueFrom:
fieldRef:
diff --git a/kubernetes/sdc/charts/sdc-be/templates/service.yaml b/kubernetes/sdc/components/sdc-be/templates/service.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-be/templates/service.yaml
rename to kubernetes/sdc/components/sdc-be/templates/service.yaml
diff --git a/kubernetes/sdc/charts/sdc-be/values.yaml b/kubernetes/sdc/components/sdc-be/values.yaml
similarity index 68%
rename from kubernetes/sdc/charts/sdc-be/values.yaml
rename to kubernetes/sdc/components/sdc-be/values.yaml
index a2f1f0c..0389486 100644
--- a/kubernetes/sdc/charts/sdc-be/values.yaml
+++ b/kubernetes/sdc/components/sdc-be/values.yaml
@@ -21,6 +21,18 @@
readinessImage: onap/oom/readiness:3.0.1
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
+ aafEnabled: true
+ cassandra:
+ #This flag allows SDC to instantiate its own cluster, serviceName
+ #should be sdc-cs if this flag is enabled
+ localCluster: false
+ #The cassandra service name to connect to (default: shared cassandra service)
+ serviceName: cassandra
+ #Shared cassandra cluster replicaCount, should be changed if localCluster is enabled
+ #to match with its own cluster replica
+ replicaCount: 3
+ clusterName: cassandra
+ dataCenter: Pod
#################################################################
# Application configuration defaults.
@@ -34,6 +46,33 @@
# flag to enable debugging - application support required
debugEnabled: false
+#environment file
+env:
+ name: AUTO
+
+certInitializer:
+ nameOverride: sdc-be-cert-init
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ fqdn: sdc
+ fqi: sdc@sdc.onap.org
+ public_fqdn: sdc.onap.org
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ app_ns: org.osaaf.aaf
+ credsPath: /opt/app/osaaf/local
+ addconfig: true
+ keystoreFile: "org.onap.sdc.p12"
+ truststoreFile: "org.onap.sdc.trust.jks"
+ permission_user: 352070
+ permission_group: 35953
+ aaf_add_config: >
+ /opt/app/aaf_config/bin/agent.sh local showpass
+ {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
+
+#################################################################
+# SDC Config part
+#################################################################
config:
javaOptions: "-Xmx1536m -Xms1536m"
cassandraSslEnabled: "false"
diff --git a/kubernetes/sdc/charts/sdc-cs/.helmignore b/kubernetes/sdc/components/sdc-cs/.helmignore
similarity index 100%
rename from kubernetes/sdc/charts/sdc-cs/.helmignore
rename to kubernetes/sdc/components/sdc-cs/.helmignore
diff --git a/kubernetes/sdc/charts/sdc-cs/Chart.yaml b/kubernetes/sdc/components/sdc-cs/Chart.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-cs/Chart.yaml
rename to kubernetes/sdc/components/sdc-cs/Chart.yaml
diff --git a/kubernetes/sdc/components/sdc-cs/requirements.yaml b/kubernetes/sdc/components/sdc-cs/requirements.yaml
new file mode 100644
index 0000000..5969143
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-cs/requirements.yaml
@@ -0,0 +1,23 @@
+# ============LICENSE_START=======================================================
+# Copyright (C) 2018 Ericsson. All rights reserved.
+# Modifications Copyright © 2020 AT&T. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
\ No newline at end of file
diff --git a/kubernetes/sdc/charts/sdc-cs/templates/NOTES.txt b/kubernetes/sdc/components/sdc-cs/templates/NOTES.txt
similarity index 100%
rename from kubernetes/sdc/charts/sdc-cs/templates/NOTES.txt
rename to kubernetes/sdc/components/sdc-cs/templates/NOTES.txt
diff --git a/kubernetes/sdc/charts/sdc-cs/templates/job.yaml b/kubernetes/sdc/components/sdc-cs/templates/job.yaml
similarity index 98%
rename from kubernetes/sdc/charts/sdc-cs/templates/job.yaml
rename to kubernetes/sdc/components/sdc-cs/templates/job.yaml
index ff32a87..0c98d67 100644
--- a/kubernetes/sdc/charts/sdc-cs/templates/job.yaml
+++ b/kubernetes/sdc/components/sdc-cs/templates/job.yaml
@@ -62,7 +62,7 @@
mountPath: /home/sdc/chef-solo/cache
env:
- name: ENVNAME
- value: {{ .Values.global.env.name }}
+ value: {{ .Values.env.name }}
- name: RELEASE
value: {{ .Values.config.release }}
- name: SDC_USER
diff --git a/kubernetes/sdc/charts/sdc-cs/values.yaml b/kubernetes/sdc/components/sdc-cs/values.yaml
similarity index 85%
rename from kubernetes/sdc/charts/sdc-cs/values.yaml
rename to kubernetes/sdc/components/sdc-cs/values.yaml
index 5cf3065..0738ca7 100644
--- a/kubernetes/sdc/charts/sdc-cs/values.yaml
+++ b/kubernetes/sdc/components/sdc-cs/values.yaml
@@ -21,6 +21,17 @@
readinessImage: onap/oom/readiness:3.0.1
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
+ cassandra:
+ #This flag allows SDC to instantiate its own cluster, serviceName
+ #should be sdc-cs if this flag is enabled
+ localCluster: false
+ #The cassandra service name to connect to (default: shared cassandra service)
+ serviceName: cassandra
+ #Shared cassandra cluster replicaCount, should be changed if localCluster is enabled
+ #to match with its own cluster replica
+ replicaCount: 3
+ clusterName: cassandra
+ dataCenter: Pod
#################################################################
# Application configuration defaults.
@@ -37,6 +48,10 @@
maxHeapSize: "1536M"
heapNewSize: "512M"
+#environment file
+env:
+ name: AUTO
+
# default number of instances
replicaCount: 1
diff --git a/kubernetes/sdc/charts/sdc-dcae-be/.helmignore b/kubernetes/sdc/components/sdc-dcae-be/.helmignore
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-be/.helmignore
rename to kubernetes/sdc/components/sdc-dcae-be/.helmignore
diff --git a/kubernetes/sdc/charts/sdc-dcae-be/Chart.yaml b/kubernetes/sdc/components/sdc-dcae-be/Chart.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-be/Chart.yaml
rename to kubernetes/sdc/components/sdc-dcae-be/Chart.yaml
diff --git a/kubernetes/sdc/components/sdc-dcae-be/requirements.yaml b/kubernetes/sdc/components/sdc-dcae-be/requirements.yaml
new file mode 100644
index 0000000..b1d52ae
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-dcae-be/requirements.yaml
@@ -0,0 +1,23 @@
+# ============LICENSE_START=======================================================
+# Copyright (C) 2018 Ericsson. All rights reserved.
+# Modifications Copyright © 2020 AT&T. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+dependencies:
+ - name: certInitializer
+ version: ~6.x-0
+ repository: '@local'
\ No newline at end of file
diff --git a/kubernetes/sdc/charts/sdc-dcae-be/resources/config/logging/logback.xml b/kubernetes/sdc/components/sdc-dcae-be/resources/config/logging/logback.xml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-be/resources/config/logging/logback.xml
rename to kubernetes/sdc/components/sdc-dcae-be/resources/config/logging/logback.xml
diff --git a/kubernetes/sdc/charts/sdc-dcae-be/templates/NOTES.txt b/kubernetes/sdc/components/sdc-dcae-be/templates/NOTES.txt
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-be/templates/NOTES.txt
rename to kubernetes/sdc/components/sdc-dcae-be/templates/NOTES.txt
diff --git a/kubernetes/sdc/charts/sdc-dcae-be/templates/configmap.yaml b/kubernetes/sdc/components/sdc-dcae-be/templates/configmap.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-be/templates/configmap.yaml
rename to kubernetes/sdc/components/sdc-dcae-be/templates/configmap.yaml
diff --git a/kubernetes/sdc/charts/sdc-dcae-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-dcae-be/templates/deployment.yaml
similarity index 82%
rename from kubernetes/sdc/charts/sdc-dcae-be/templates/deployment.yaml
rename to kubernetes/sdc/components/sdc-dcae-be/templates/deployment.yaml
index a8e9403..4ddb229 100644
--- a/kubernetes/sdc/charts/sdc-dcae-be/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-dcae-be/templates/deployment.yaml
@@ -33,7 +33,7 @@
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
spec:
- initContainers:
+ initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
- name: {{ include "common.name" . }}-readiness
command:
- /app/ready.py
@@ -62,34 +62,46 @@
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
+ {{- if .Values.global.aafEnabled }}
- name: {{ include "common.name" . }}-update-config
image: "{{ .Values.global.envsubstImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command:
- - sh
+ - sh
args:
- - -c
- - "cd /config-input && for PFILE in `find . -not -type d | grep -v -F ..`; do envsubst <${PFILE} >/config-output/${PFILE}; chmod 0755 /config-output/${PFILE}; done"
- env:
- - name: KEYSTORE_PASS
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-sdc-cs-secrets
- key: keystore_password
- - name: TRUSTSTORE_PASS
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-sdc-cs-secrets
- key: truststore_password
- volumeMounts:
+ - "-c"
+ - |
+ export $(grep '^c' {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
+ export KEYSTORE_PASS=$cadi_keystore_password_p12
+ export KEYMANAGER_PASS=$cadi_keystore_password_p12
+ export TRUSTSTORE_PASS=$cadi_truststore_password
+ cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }} /config-output
+ cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }} /config-output
+ cd /config-input && \
+ for PFILE in `find . -not -type d | grep -v -F ..`
+ do
+ envsubst <${PFILE} >/config-output/${PFILE}
+ chmod 0755 /config-output/${PFILE}
+ done
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- name: {{ include "common.fullname" . }}-environments
mountPath: /config-input/
- name: sdc-environments-output
mountPath: /config-output/
+ {{- end }}
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- if .Values.global.aafEnabled }}
+ command:
+ - sh
+ args:
+ - "-c"
+ - |
+ sed -i '/trustStorePassword/d' ${JETTY_BASE}/startup.sh
+ ${JETTY_BASE}/startup.sh
+ {{- end }}
ports:
- containerPort: {{ .Values.service.internalPort }}
- containerPort: {{ .Values.service.internalPort2 }}
@@ -109,7 +121,7 @@
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- name: ENVNAME
- value: {{ .Values.global.env.name }}
+ value: {{ .Values.env.name }}
- name: JAVA_OPTIONS
value: {{ .Values.config.javaOptions }}
- name: HOST_IP
@@ -119,10 +131,10 @@
volumeMounts:
- name: sdc-environments-output
mountPath: /var/lib/jetty/chef-solo/environments/
- - name: sdc-cert
+ - name: sdc-environments-output
mountPath: /var/lib/jetty/chef-solo/cookbooks/Deploy-DCAE/files/default/org.onap.sdc.p12
subPath: org.onap.sdc.p12
- - name: sdc-cert
+ - name: sdc-environments-output
mountPath: /var/lib/jetty/chef-solo/cookbooks/Deploy-DCAE/files/default/org.onap.sdc.trust.jks
subPath: org.onap.sdc.trust.jks
- name: {{ include "common.fullname" . }}-localtime
@@ -160,13 +172,10 @@
mountPath: /var/log/onap
- name: {{ include "common.fullname" . }}-data-filebeat
mountPath: /usr/share/filebeat/data
- volumes:
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
- name: {{ include "common.fullname" . }}-localtime
hostPath:
path: /etc/localtime
- - name: sdc-cert
- secret:
- secretName: sdc-cert
- name: {{ include "common.fullname" . }}-filebeat-conf
configMap:
name: {{ include "common.release" . }}-sdc-filebeat-configmap
diff --git a/kubernetes/sdc/charts/sdc-dcae-be/templates/job.yaml b/kubernetes/sdc/components/sdc-dcae-be/templates/job.yaml
similarity index 97%
rename from kubernetes/sdc/charts/sdc-dcae-be/templates/job.yaml
rename to kubernetes/sdc/components/sdc-dcae-be/templates/job.yaml
index 5be29ee..d85c6bf 100644
--- a/kubernetes/sdc/charts/sdc-dcae-be/templates/job.yaml
+++ b/kubernetes/sdc/components/sdc-dcae-be/templates/job.yaml
@@ -55,7 +55,7 @@
mountPath: /var/lib/jetty/chef-solo/environments
env:
- name: ENVNAME
- value: {{ .Values.global.env.name }}
+ value: {{ .Values.env.name }}
- name: HOST_IP
valueFrom:
fieldRef:
diff --git a/kubernetes/sdc/charts/sdc-dcae-be/templates/service.yaml b/kubernetes/sdc/components/sdc-dcae-be/templates/service.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-be/templates/service.yaml
rename to kubernetes/sdc/components/sdc-dcae-be/templates/service.yaml
diff --git a/kubernetes/sdc/charts/sdc-dcae-be/values.yaml b/kubernetes/sdc/components/sdc-dcae-be/values.yaml
similarity index 76%
rename from kubernetes/sdc/charts/sdc-dcae-be/values.yaml
rename to kubernetes/sdc/components/sdc-dcae-be/values.yaml
index ece8ed5..351c88c 100644
--- a/kubernetes/sdc/charts/sdc-dcae-be/values.yaml
+++ b/kubernetes/sdc/components/sdc-dcae-be/values.yaml
@@ -20,6 +20,30 @@
readinessImage: onap/oom/readiness:3.0.1
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
+ aafEnabled: true
+
+#################################################################
+# AAF Part
+#################################################################
+certInitializer:
+ nameOverride: sdc-dcae-be-cert-init
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ fqdn: sdc
+ fqi: sdc@sdc.onap.org
+ public_fqdn: sdc.onap.org
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ app_ns: org.osaaf.aaf
+ credsPath: /opt/app/osaaf/local
+ addconfig: true
+ keystoreFile: "org.onap.sdc.p12"
+ truststoreFile: "org.onap.sdc.trust.jks"
+ permission_user: 352070
+ permission_group: 35953
+ aaf_add_config: >
+ /opt/app/aaf_config/bin/agent.sh local showpass
+ {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
#################################################################
# Application configuration defaults.
@@ -33,6 +57,10 @@
# flag to enable debugging - application support required
debugEnabled: false
+#environment file
+env:
+ name: AUTO
+
config:
javaOptions: -XX:MaxPermSize=256m -Xmx1024m -Dconfig.home=config -Dlog.home=/var/lib/jetty/logs/ -Dlogging.config=config/dcae-be/logback-spring.xml
cassandraSslEnabled: "false"
diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/Chart.yaml b/kubernetes/sdc/components/sdc-dcae-dt/Chart.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-dt/Chart.yaml
rename to kubernetes/sdc/components/sdc-dcae-dt/Chart.yaml
diff --git a/kubernetes/sdc/components/sdc-dcae-dt/requirements.yaml b/kubernetes/sdc/components/sdc-dcae-dt/requirements.yaml
new file mode 100644
index 0000000..b1d52ae
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-dcae-dt/requirements.yaml
@@ -0,0 +1,23 @@
+# ============LICENSE_START=======================================================
+# Copyright (C) 2018 Ericsson. All rights reserved.
+# Modifications Copyright © 2020 AT&T. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+dependencies:
+ - name: certInitializer
+ version: ~6.x-0
+ repository: '@local'
\ No newline at end of file
diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/resources/config/logging/logback.xml b/kubernetes/sdc/components/sdc-dcae-dt/resources/config/logging/logback.xml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-dt/resources/config/logging/logback.xml
rename to kubernetes/sdc/components/sdc-dcae-dt/resources/config/logging/logback.xml
diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/templates/NOTES.txt b/kubernetes/sdc/components/sdc-dcae-dt/templates/NOTES.txt
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-dt/templates/NOTES.txt
rename to kubernetes/sdc/components/sdc-dcae-dt/templates/NOTES.txt
diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/templates/configmap.yaml b/kubernetes/sdc/components/sdc-dcae-dt/templates/configmap.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-dt/templates/configmap.yaml
rename to kubernetes/sdc/components/sdc-dcae-dt/templates/configmap.yaml
diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/templates/deployment.yaml b/kubernetes/sdc/components/sdc-dcae-dt/templates/deployment.yaml
similarity index 84%
rename from kubernetes/sdc/charts/sdc-dcae-dt/templates/deployment.yaml
rename to kubernetes/sdc/components/sdc-dcae-dt/templates/deployment.yaml
index e3f1b5d..58410ec 100644
--- a/kubernetes/sdc/charts/sdc-dcae-dt/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-dcae-dt/templates/deployment.yaml
@@ -33,7 +33,7 @@
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
spec:
- initContainers:
+ initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
- name: {{ include "common.name" . }}-readiness
command:
- /app/ready.py
@@ -62,30 +62,33 @@
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
+ {{- if .Values.global.aafEnabled }}
- name: {{ include "common.name" . }}-update-config
image: "{{ .Values.global.envsubstImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command:
- - sh
+ - sh
args:
- - -c
- - "cd /config-input && for PFILE in `find . -not -type d | grep -v -F ..`; do envsubst <${PFILE} >/config-output/${PFILE}; chmod 0755 /config-output/${PFILE}; done"
- env:
- - name: KEYSTORE_PASS
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-sdc-cs-secrets
- key: keystore_password
- - name: TRUSTSTORE_PASS
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-sdc-cs-secrets
- key: truststore_password
- volumeMounts:
+ - "-c"
+ - |
+ export $(grep '^c' {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
+ export KEYSTORE_PASS=$cadi_keystore_password_p12
+ export KEYMANAGER_PASS=$cadi_keystore_password_p12
+ export TRUSTSTORE_PASS=$cadi_truststore_password
+ cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }} /config-output
+ cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }} /config-output
+ cd /config-input && \
+ for PFILE in `find . -not -type d | grep -v -F ..`
+ do
+ envsubst <${PFILE} >/config-output/${PFILE}
+ chmod 0755 /config-output/${PFILE}
+ done
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- name: {{ include "common.fullname" . }}-environments
mountPath: /config-input/
- name: sdc-environments-output
mountPath: /config-output/
+ {{- end }}
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
@@ -108,7 +111,7 @@
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- name: ENVNAME
- value: {{ .Values.global.env.name }}
+ value: {{ .Values.env.name }}
- name: JAVA_OPTIONS
value: {{ .Values.config.javaOptions }}
- name: HOST_IP
@@ -118,10 +121,10 @@
volumeMounts:
- name: sdc-environments-output
mountPath: /var/lib/jetty/chef-solo/environments/
- - name: sdc-cert
+ - name: sdc-environments-output
mountPath: /var/lib/jetty/chef-solo/cookbooks/dcae-dt/files/default/org.onap.sdc.p12
subPath: org.onap.sdc.p12
- - name: sdc-cert
+ - name: sdc-environments-output
mountPath: /var/lib/jetty/chef-solo/cookbooks/dcae-dt/files/default/org.onap.sdc.trust.jks
subPath: org.onap.sdc.trust.jks
- name: {{ include "common.fullname" . }}-localtime
@@ -155,13 +158,10 @@
mountPath: /var/log/onap
- name: {{ include "common.fullname" . }}-data-filebeat
mountPath: /usr/share/filebeat/data
- volumes:
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: {{ include "common.fullname" . }}-localtime
hostPath:
path: /etc/localtime
- - name: sdc-cert
- secret:
- secretName: sdc-cert
- name: {{ include "common.fullname" . }}-filebeat-conf
configMap:
name: {{ include "common.release" . }}-sdc-filebeat-configmap
diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/templates/ingress.yaml b/kubernetes/sdc/components/sdc-dcae-dt/templates/ingress.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-dt/templates/ingress.yaml
rename to kubernetes/sdc/components/sdc-dcae-dt/templates/ingress.yaml
diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/templates/service.yaml b/kubernetes/sdc/components/sdc-dcae-dt/templates/service.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-dt/templates/service.yaml
rename to kubernetes/sdc/components/sdc-dcae-dt/templates/service.yaml
diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml b/kubernetes/sdc/components/sdc-dcae-dt/values.yaml
similarity index 73%
rename from kubernetes/sdc/charts/sdc-dcae-dt/values.yaml
rename to kubernetes/sdc/components/sdc-dcae-dt/values.yaml
index 96ba894..1782671 100644
--- a/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml
+++ b/kubernetes/sdc/components/sdc-dcae-dt/values.yaml
@@ -20,6 +20,30 @@
readinessImage: onap/oom/readiness:3.0.1
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
+ aafEnabled: true
+
+#################################################################
+# AAF Part
+#################################################################
+certInitializer:
+ nameOverride: sdc-dcae-dt-cert-init
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ fqdn: sdc
+ fqi: sdc@sdc.onap.org
+ public_fqdn: sdc.onap.org
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ app_ns: org.osaaf.aaf
+ credsPath: /opt/app/osaaf/local
+ addconfig: true
+ keystoreFile: "org.onap.sdc.p12"
+ truststoreFile: "org.onap.sdc.trust.jks"
+ permission_user: 352070
+ permission_group: 35953
+ aaf_add_config: >
+ /opt/app/aaf_config/bin/agent.sh local showpass
+ {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
#################################################################
# Application configuration defaults.
@@ -31,6 +55,10 @@
config:
javaOptions: -XX:MaxPermSize=256m -Xmx1024m -Dconfig.home=config -Dlog.home=/var/lib/jetty/logs/ -Dlogging.config=config/dcae-dt/logback-spring.xml
+#environment file
+env:
+ name: AUTO
+
# default number of instances
replicaCount: 1
diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/.helmignore b/kubernetes/sdc/components/sdc-dcae-fe/.helmignore
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-fe/.helmignore
rename to kubernetes/sdc/components/sdc-dcae-fe/.helmignore
diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/Chart.yaml b/kubernetes/sdc/components/sdc-dcae-fe/Chart.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-fe/Chart.yaml
rename to kubernetes/sdc/components/sdc-dcae-fe/Chart.yaml
diff --git a/kubernetes/sdc/components/sdc-dcae-fe/requirements.yaml b/kubernetes/sdc/components/sdc-dcae-fe/requirements.yaml
new file mode 100644
index 0000000..b1d52ae
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-dcae-fe/requirements.yaml
@@ -0,0 +1,23 @@
+# ============LICENSE_START=======================================================
+# Copyright (C) 2018 Ericsson. All rights reserved.
+# Modifications Copyright © 2020 AT&T. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+dependencies:
+ - name: certInitializer
+ version: ~6.x-0
+ repository: '@local'
\ No newline at end of file
diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/resources/config/logging/logback.xml b/kubernetes/sdc/components/sdc-dcae-fe/resources/config/logging/logback.xml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-fe/resources/config/logging/logback.xml
rename to kubernetes/sdc/components/sdc-dcae-fe/resources/config/logging/logback.xml
diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/templates/NOTES.txt b/kubernetes/sdc/components/sdc-dcae-fe/templates/NOTES.txt
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-fe/templates/NOTES.txt
rename to kubernetes/sdc/components/sdc-dcae-fe/templates/NOTES.txt
diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/templates/configmap.yaml b/kubernetes/sdc/components/sdc-dcae-fe/templates/configmap.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-fe/templates/configmap.yaml
rename to kubernetes/sdc/components/sdc-dcae-fe/templates/configmap.yaml
diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/templates/deployment.yaml b/kubernetes/sdc/components/sdc-dcae-fe/templates/deployment.yaml
similarity index 84%
rename from kubernetes/sdc/charts/sdc-dcae-fe/templates/deployment.yaml
rename to kubernetes/sdc/components/sdc-dcae-fe/templates/deployment.yaml
index 4f3f700..f916ce5 100644
--- a/kubernetes/sdc/charts/sdc-dcae-fe/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-dcae-fe/templates/deployment.yaml
@@ -33,7 +33,7 @@
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
spec:
- initContainers:
+ initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
- name: {{ include "common.name" . }}-readiness
command:
- /app/ready.py
@@ -62,30 +62,33 @@
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
+ {{- if .Values.global.aafEnabled }}
- name: {{ include "common.name" . }}-update-config
image: "{{ .Values.global.envsubstImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command:
- - sh
+ - sh
args:
- - -c
- - "cd /config-input && for PFILE in `find . -not -type d | grep -v -F ..`; do envsubst <${PFILE} >/config-output/${PFILE}; chmod 0755 /config-output/${PFILE}; done"
- env:
- - name: KEYSTORE_PASS
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-sdc-cs-secrets
- key: keystore_password
- - name: TRUSTSTORE_PASS
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-sdc-cs-secrets
- key: truststore_password
- volumeMounts:
+ - "-c"
+ - |
+ export $(grep '^c' {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
+ export KEYSTORE_PASS=$cadi_keystore_password_p12
+ export KEYMANAGER_PASS=$cadi_keystore_password_p12
+ export TRUSTSTORE_PASS=$cadi_truststore_password
+ cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }} /config-output
+ cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }} /config-output
+ cd /config-input && \
+ for PFILE in `find . -not -type d | grep -v -F ..`
+ do
+ envsubst <${PFILE} >/config-output/${PFILE}
+ chmod 0755 /config-output/${PFILE}
+ done
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- name: {{ include "common.fullname" . }}-environments
mountPath: /config-input/
- name: sdc-environments-output
mountPath: /config-output/
+ {{- end }}
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
@@ -108,7 +111,7 @@
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- name: ENVNAME
- value: {{ .Values.global.env.name }}
+ value: {{ .Values.env.name }}
- name: JAVA_OPTIONS
value: {{ .Values.config.javaOptions }}
- name: HOST_IP
@@ -118,10 +121,10 @@
volumeMounts:
- name: sdc-environments-output
mountPath: /var/lib/jetty/chef-solo/environments/
- - name: sdc-cert
+ - name: sdc-environments-output
mountPath: /var/lib/jetty/chef-solo/cookbooks/Deploy-DCAE/files/default/org.onap.sdc.p12
subPath: org.onap.sdc.p12
- - name: sdc-cert
+ - name: sdc-environments-output
mountPath: /var/lib/jetty/chef-solo/cookbooks/Deploy-DCAE/files/default/org.onap.sdc.trust.jks
subPath: org.onap.sdc.trust.jks
- name: {{ include "common.fullname" . }}-localtime
@@ -159,13 +162,10 @@
mountPath: /var/log/onap
- name: {{ include "common.fullname" . }}-data-filebeat
mountPath: /usr/share/filebeat/data
- volumes:
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: {{ include "common.fullname" . }}-localtime
hostPath:
path: /etc/localtime
- - name: sdc-cert
- secret:
- secretName: sdc-cert
- name: {{ include "common.fullname" . }}-filebeat-conf
configMap:
name: {{ include "common.release" . }}-sdc-filebeat-configmap
diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/templates/ingress.yaml b/kubernetes/sdc/components/sdc-dcae-fe/templates/ingress.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-fe/templates/ingress.yaml
rename to kubernetes/sdc/components/sdc-dcae-fe/templates/ingress.yaml
diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/templates/service.yaml b/kubernetes/sdc/components/sdc-dcae-fe/templates/service.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-fe/templates/service.yaml
rename to kubernetes/sdc/components/sdc-dcae-fe/templates/service.yaml
diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml b/kubernetes/sdc/components/sdc-dcae-fe/values.yaml
similarity index 75%
rename from kubernetes/sdc/charts/sdc-dcae-fe/values.yaml
rename to kubernetes/sdc/components/sdc-dcae-fe/values.yaml
index f4a9dfb..f4d0645 100644
--- a/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml
+++ b/kubernetes/sdc/components/sdc-dcae-fe/values.yaml
@@ -20,6 +20,30 @@
readinessImage: onap/oom/readiness:3.0.1
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
+ aafEnabled: true
+
+#################################################################
+# AAF Part
+#################################################################
+certInitializer:
+ nameOverride: sdc-dcae-fe-cert-init
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ fqdn: sdc
+ fqi: sdc@sdc.onap.org
+ public_fqdn: sdc.onap.org
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ app_ns: org.osaaf.aaf
+ credsPath: /opt/app/osaaf/local
+ addconfig: true
+ keystoreFile: "org.onap.sdc.p12"
+ truststoreFile: "org.onap.sdc.trust.jks"
+ permission_user: 352070
+ permission_group: 35953
+ aaf_add_config: >
+ /opt/app/aaf_config/bin/agent.sh local showpass
+ {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
#################################################################
# Application configuration defaults.
@@ -31,6 +55,10 @@
config:
javaOptions: -XX:MaxPermSize=256m -Xmx1024m -Dconfig.home=config -Dlog.home=/var/lib/jetty/logs/ -Dlogging.config=config/dcae-fe/logback-spring.xml
+#environment file
+env:
+ name: AUTO
+
# default number of instances
replicaCount: 1
diff --git a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/.helmignore b/kubernetes/sdc/components/sdc-dcae-tosca-lab/.helmignore
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-tosca-lab/.helmignore
rename to kubernetes/sdc/components/sdc-dcae-tosca-lab/.helmignore
diff --git a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/Chart.yaml b/kubernetes/sdc/components/sdc-dcae-tosca-lab/Chart.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-tosca-lab/Chart.yaml
rename to kubernetes/sdc/components/sdc-dcae-tosca-lab/Chart.yaml
diff --git a/kubernetes/sdc/components/sdc-dcae-tosca-lab/requirements.yaml b/kubernetes/sdc/components/sdc-dcae-tosca-lab/requirements.yaml
new file mode 100644
index 0000000..5969143
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-dcae-tosca-lab/requirements.yaml
@@ -0,0 +1,23 @@
+# ============LICENSE_START=======================================================
+# Copyright (C) 2018 Ericsson. All rights reserved.
+# Modifications Copyright © 2020 AT&T. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
\ No newline at end of file
diff --git a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/templates/NOTES.txt b/kubernetes/sdc/components/sdc-dcae-tosca-lab/templates/NOTES.txt
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-tosca-lab/templates/NOTES.txt
rename to kubernetes/sdc/components/sdc-dcae-tosca-lab/templates/NOTES.txt
diff --git a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/templates/deployment.yaml b/kubernetes/sdc/components/sdc-dcae-tosca-lab/templates/deployment.yaml
similarity index 98%
rename from kubernetes/sdc/charts/sdc-dcae-tosca-lab/templates/deployment.yaml
rename to kubernetes/sdc/components/sdc-dcae-tosca-lab/templates/deployment.yaml
index 0c886a0..6eb1b3b 100644
--- a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-dcae-tosca-lab/templates/deployment.yaml
@@ -71,7 +71,7 @@
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- name: ENVNAME
- value: {{ .Values.global.env.name }}
+ value: {{ .Values.env.name }}
- name: JAVA_OPTIONS
value: {{ .Values.config.javaOptions }}
- name: HOST_IP
diff --git a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/templates/service.yaml b/kubernetes/sdc/components/sdc-dcae-tosca-lab/templates/service.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-tosca-lab/templates/service.yaml
rename to kubernetes/sdc/components/sdc-dcae-tosca-lab/templates/service.yaml
diff --git a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/values.yaml b/kubernetes/sdc/components/sdc-dcae-tosca-lab/values.yaml
similarity index 98%
rename from kubernetes/sdc/charts/sdc-dcae-tosca-lab/values.yaml
rename to kubernetes/sdc/components/sdc-dcae-tosca-lab/values.yaml
index ec5dc98..c714ec8 100644
--- a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/values.yaml
+++ b/kubernetes/sdc/components/sdc-dcae-tosca-lab/values.yaml
@@ -36,6 +36,10 @@
javaOptions: -XX:MaxPermSize=256m -Xmx1024m
cassandraSslEnabled: "false"
+#environment file
+env:
+ name: AUTO
+
# default number of instances
replicaCount: 1
diff --git a/kubernetes/sdc/charts/sdc-fe/.helmignore b/kubernetes/sdc/components/sdc-fe/.helmignore
similarity index 100%
rename from kubernetes/sdc/charts/sdc-fe/.helmignore
rename to kubernetes/sdc/components/sdc-fe/.helmignore
diff --git a/kubernetes/sdc/charts/sdc-fe/Chart.yaml b/kubernetes/sdc/components/sdc-fe/Chart.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-fe/Chart.yaml
rename to kubernetes/sdc/components/sdc-fe/Chart.yaml
diff --git a/kubernetes/sdc/components/sdc-fe/requirements.yaml b/kubernetes/sdc/components/sdc-fe/requirements.yaml
new file mode 100644
index 0000000..b1d52ae
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-fe/requirements.yaml
@@ -0,0 +1,23 @@
+# ============LICENSE_START=======================================================
+# Copyright (C) 2018 Ericsson. All rights reserved.
+# Modifications Copyright © 2020 AT&T. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+dependencies:
+ - name: certInitializer
+ version: ~6.x-0
+ repository: '@local'
\ No newline at end of file
diff --git a/kubernetes/sdc/charts/sdc-fe/resources/config/logging/logback.xml b/kubernetes/sdc/components/sdc-fe/resources/config/logging/logback.xml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-fe/resources/config/logging/logback.xml
rename to kubernetes/sdc/components/sdc-fe/resources/config/logging/logback.xml
diff --git a/kubernetes/sdc/charts/sdc-fe/resources/config/plugins/plugins-configuration.yaml b/kubernetes/sdc/components/sdc-fe/resources/config/plugins/plugins-configuration.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-fe/resources/config/plugins/plugins-configuration.yaml
rename to kubernetes/sdc/components/sdc-fe/resources/config/plugins/plugins-configuration.yaml
diff --git a/kubernetes/sdc/charts/sdc-fe/templates/NOTES.txt b/kubernetes/sdc/components/sdc-fe/templates/NOTES.txt
similarity index 100%
rename from kubernetes/sdc/charts/sdc-fe/templates/NOTES.txt
rename to kubernetes/sdc/components/sdc-fe/templates/NOTES.txt
diff --git a/kubernetes/sdc/charts/sdc-fe/templates/configmap.yaml b/kubernetes/sdc/components/sdc-fe/templates/configmap.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-fe/templates/configmap.yaml
rename to kubernetes/sdc/components/sdc-fe/templates/configmap.yaml
diff --git a/kubernetes/sdc/charts/sdc-fe/templates/deployment.yaml b/kubernetes/sdc/components/sdc-fe/templates/deployment.yaml
similarity index 82%
rename from kubernetes/sdc/charts/sdc-fe/templates/deployment.yaml
rename to kubernetes/sdc/components/sdc-fe/templates/deployment.yaml
index 8b3d4e7..0571f4b 100644
--- a/kubernetes/sdc/charts/sdc-fe/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-fe/templates/deployment.yaml
@@ -34,7 +34,7 @@
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
spec:
- initContainers:
+ initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
- name: {{ include "common.name" . }}-job-completion
image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: "{{ .Values.global.pullPolicy | default .Values.pullPolicy }}"
@@ -49,34 +49,46 @@
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
+ {{- if .Values.global.aafEnabled }}
- name: {{ include "common.name" . }}-update-config
image: "{{ .Values.global.envsubstImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command:
- - sh
+ - sh
args:
- - -c
- - "cd /config-input && for PFILE in `find . -not -type d | grep -v -F ..`; do envsubst <${PFILE} >/config-output/${PFILE}; chmod 0755 /config-output/${PFILE}; done"
- env:
- - name: KEYSTORE_PASS
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-sdc-cs-secrets
- key: keystore_password
- - name: TRUSTSTORE_PASS
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-sdc-cs-secrets
- key: truststore_password
- volumeMounts:
+ - "-c"
+ - |
+ export $(grep '^c' {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
+ export KEYSTORE_PASS=$cadi_keystore_password_p12
+ export KEYMANAGER_PASS=$cadi_keystore_password_p12
+ export TRUSTSTORE_PASS=$cadi_truststore_password
+ cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }} /config-output
+ cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }} /config-output
+ cd /config-input && \
+ for PFILE in `find . -not -type d | grep -v -F ..`
+ do
+ envsubst <${PFILE} >/config-output/${PFILE}
+ chmod 0755 /config-output/${PFILE}
+ done
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- name: {{ include "common.fullname" . }}-environments
mountPath: /config-input/
- name: sdc-environments-output
mountPath: /config-output/
+ {{- end }}
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- if .Values.global.aafEnabled }}
+ command:
+ - sh
+ args:
+ - "-c"
+ - |
+ sed -i '/trustStorePassword/d' ${JETTY_BASE}/startup.sh
+ ${JETTY_BASE}/startup.sh
+ {{- end }}
ports:
- containerPort: {{ .Values.service.internalPort }}
- containerPort: {{ .Values.service.internalPort2 }}
@@ -98,7 +110,7 @@
{{ include "common.resources" . | indent 12 }}
env:
- name: ENVNAME
- value: {{ .Values.global.env.name }}
+ value: {{ .Values.env.name }}
- name: HOST_IP
valueFrom:
fieldRef:
@@ -108,10 +120,10 @@
volumeMounts:
- name: sdc-environments-output
mountPath: /var/lib/jetty/chef-solo/environments/
- - name: sdc-cert
+ - name: sdc-environments-output
mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-catalog-fe/files/default/org.onap.sdc.p12
subPath: org.onap.sdc.p12
- - name: sdc-cert
+ - name: sdc-environments-output
mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-catalog-fe/files/default/org.onap.sdc.trust.jks
subPath: org.onap.sdc.trust.jks
- name: {{ include "common.fullname" . }}-localtime
@@ -141,13 +153,10 @@
mountPath: /var/log/onap
- name: {{ include "common.fullname" . }}-data-filebeat
mountPath: /usr/share/filebeat/data
- volumes:
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: {{ include "common.fullname" . }}-localtime
hostPath:
path: /etc/localtime
- - name: sdc-cert
- secret:
- secretName: sdc-cert
- name: {{ include "common.fullname" . }}-filebeat-conf
configMap:
name: {{ include "common.release" . }}-sdc-filebeat-configmap
diff --git a/kubernetes/sdc/charts/sdc-fe/templates/ingress.yaml b/kubernetes/sdc/components/sdc-fe/templates/ingress.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-fe/templates/ingress.yaml
rename to kubernetes/sdc/components/sdc-fe/templates/ingress.yaml
diff --git a/kubernetes/sdc/charts/sdc-fe/templates/service.yaml b/kubernetes/sdc/components/sdc-fe/templates/service.yaml
similarity index 97%
rename from kubernetes/sdc/charts/sdc-fe/templates/service.yaml
rename to kubernetes/sdc/components/sdc-fe/templates/service.yaml
index 2133990..efcde57 100644
--- a/kubernetes/sdc/charts/sdc-fe/templates/service.yaml
+++ b/kubernetes/sdc/components/sdc-fe/templates/service.yaml
@@ -37,7 +37,7 @@
spec:
type: {{ .Values.service.type }}
ports:
- {{ if not .Values.global.security.disableHttp }}
+ {{ if not .Values.security.disableHttp }}
# setting http port only if enabled
{{if eq .Values.service.type "NodePort" -}}
- port: {{ .Values.service.internalPort }}
diff --git a/kubernetes/sdc/charts/sdc-fe/values.yaml b/kubernetes/sdc/components/sdc-fe/values.yaml
similarity index 78%
rename from kubernetes/sdc/charts/sdc-fe/values.yaml
rename to kubernetes/sdc/components/sdc-fe/values.yaml
index 63c8ce7..e9ff284 100644
--- a/kubernetes/sdc/charts/sdc-fe/values.yaml
+++ b/kubernetes/sdc/components/sdc-fe/values.yaml
@@ -21,6 +21,30 @@
readinessImage: onap/oom/readiness:3.0.1
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
+ aafEnabled: true
+
+#################################################################
+# AAF Part
+#################################################################
+certInitializer:
+ nameOverride: sdc-fe-cert-init
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ fqdn: sdc
+ fqi: sdc@sdc.onap.org
+ public_fqdn: sdc.onap.org
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ app_ns: org.osaaf.aaf
+ credsPath: /opt/app/osaaf/local
+ addconfig: true
+ keystoreFile: "org.onap.sdc.p12"
+ truststoreFile: "org.onap.sdc.trust.jks"
+ permission_user: 352070
+ permission_group: 35953
+ aaf_add_config: >
+ /opt/app/aaf_config/bin/agent.sh local showpass
+ {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
#################################################################
# Application configuration defaults.
@@ -40,6 +64,13 @@
workflow_discovery_url: "https://sdc-wfd-fe:8443/workflows"
workflow_source_url: "https://sdc.workflow.plugin.simpledemo.onap.org:30256/workflows/"
+#environment file
+env:
+ name: AUTO
+
+security:
+ disableHttp: true
+
# default number of instances
replicaCount: 1
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/.helmignore b/kubernetes/sdc/components/sdc-onboarding-be/.helmignore
similarity index 100%
rename from kubernetes/sdc/charts/sdc-onboarding-be/.helmignore
rename to kubernetes/sdc/components/sdc-onboarding-be/.helmignore
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/Chart.yaml b/kubernetes/sdc/components/sdc-onboarding-be/Chart.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-onboarding-be/Chart.yaml
rename to kubernetes/sdc/components/sdc-onboarding-be/Chart.yaml
diff --git a/kubernetes/sdc/components/sdc-onboarding-be/requirements.yaml b/kubernetes/sdc/components/sdc-onboarding-be/requirements.yaml
new file mode 100644
index 0000000..aad984e
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-onboarding-be/requirements.yaml
@@ -0,0 +1,23 @@
+# ============LICENSE_START=======================================================
+# Copyright (C) 2018 Ericsson. All rights reserved.
+# Modifications Copyright © 2020 AT&T. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+dependencies:
+ - name: certInitializer
+ version: ~6.x-0
+ repository: '@local'
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/resources/config/logging/logback.xml b/kubernetes/sdc/components/sdc-onboarding-be/resources/config/logging/logback.xml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-onboarding-be/resources/config/logging/logback.xml
rename to kubernetes/sdc/components/sdc-onboarding-be/resources/config/logging/logback.xml
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/NOTES.txt b/kubernetes/sdc/components/sdc-onboarding-be/templates/NOTES.txt
similarity index 100%
rename from kubernetes/sdc/charts/sdc-onboarding-be/templates/NOTES.txt
rename to kubernetes/sdc/components/sdc-onboarding-be/templates/NOTES.txt
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/configmap.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/configmap.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-onboarding-be/templates/configmap.yaml
rename to kubernetes/sdc/components/sdc-onboarding-be/templates/configmap.yaml
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml
similarity index 79%
rename from kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml
rename to kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml
index f2baa1f..6f1e2a9 100644
--- a/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml
@@ -34,7 +34,7 @@
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
spec:
- initContainers:
+ initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
- name: {{ include "common.name" . }}-job-completion
image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: "{{ .Values.global.pullPolicy | default .Values.pullPolicy }}"
@@ -49,43 +49,33 @@
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
+ {{- if .Values.global.aafEnabled }}
- name: {{ include "common.name" . }}-update-config
image: "{{ .Values.global.envsubstImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command:
- - sh
+ - sh
args:
- - -c
- - "cd /config-input && for PFILE in `find . -not -type d | grep -v -F ..`; do envsubst <${PFILE} >/config-output/${PFILE}; chmod 0755 /config-output/${PFILE}; done"
- env:
- - name: KEYSTORE_PASS
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-sdc-cs-secrets
- key: keystore_password
- - name: TRUSTSTORE_PASS
- valueFrom:
- secretKeyRef:
- name: {{ include "common.release" . }}-sdc-cs-secrets
- key: truststore_password
- volumeMounts:
+ - "-c"
+ - |
+ export $(grep '^c' {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
+ export KEYSTORE_PASS=$cadi_keystore_password_p12
+ export KEYMANAGER_PASS=$cadi_keystore_password_p12
+ export TRUSTSTORE_PASS=$cadi_truststore_password
+ cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }} /config-output
+ cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }} /config-output
+ cd /config-input && \
+ for PFILE in `find . -not -type d | grep -v -F ..`
+ do
+ envsubst <${PFILE} >/config-output/${PFILE}
+ chmod 0755 /config-output/${PFILE}
+ done
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- name: {{ include "common.fullname" . }}-environments
mountPath: /config-input/
- name: sdc-environments-output
mountPath: /config-output/
- - name: volume-permissions
- image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command:
- - /bin/sh
- - -c
- - |
- chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }} //onboard/cert
- securityContext:
- runAsUser: 0
- volumeMounts:
- - name: {{ include "common.fullname" . }}-cert-storage
- mountPath: "/onboard/cert"
+ {{- end }}
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
@@ -113,11 +103,11 @@
{{ include "common.resources" . | indent 12 }}
env:
- name: ENVNAME
- value: {{ .Values.global.env.name }}
+ value: {{ .Values.env.name }}
- name: JAVA_OPTIONS
value: {{ .Values.config.javaOptions }}
- name: SDC_CLUSTER_NAME
- value: "SDC-CS-{{ .Values.global.env.name }}"
+ value: "SDC-CS-{{ .Values.env.name }}"
- name: cassandra_ssl_enabled
value: {{ .Values.config.cassandraSslEnabled | quote }}
- name: HOST_IP
@@ -135,10 +125,10 @@
volumeMounts:
- name: sdc-environments-output
mountPath: /var/lib/jetty/chef-solo/environments/
- - name: sdc-cert
+ - name: sdc-environments-output
mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.p12
subPath: org.onap.sdc.p12
- - name: sdc-cert
+ - name: sdc-environments-output
mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.trust.jks
subPath: org.onap.sdc.trust.jks
- name: {{ include "common.fullname" . }}-localtime
@@ -149,8 +139,6 @@
- name: {{ include "common.fullname" . }}-logback
mountPath: /tmp/logback.xml
subPath: logback.xml
- - name: {{ include "common.fullname" . }}-cert-storage
- mountPath: "{{ .Values.cert.certDir }}"
lifecycle:
postStart:
exec:
@@ -167,13 +155,10 @@
mountPath: /var/log/onap
- name: {{ include "common.fullname" . }}-data-filebeat
mountPath: /usr/share/filebeat/data
- volumes:
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
- name: {{ include "common.fullname" . }}-localtime
hostPath:
path: /etc/localtime
- - name: sdc-cert
- secret:
- secretName: sdc-cert
- name: {{ include "common.fullname" . }}-filebeat-conf
configMap:
name: {{ include "common.release" . }}-sdc-filebeat-configmap
@@ -190,8 +175,5 @@
emptyDir: { medium: "Memory" }
- name: {{ include "common.fullname" . }}-logs
emptyDir: {}
- - name: {{ include "common.fullname" . }}-cert-storage
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}-cert
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/job.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml
similarity index 98%
rename from kubernetes/sdc/charts/sdc-onboarding-be/templates/job.yaml
rename to kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml
index 39758bc..936c7c4 100644
--- a/kubernetes/sdc/charts/sdc-onboarding-be/templates/job.yaml
+++ b/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml
@@ -56,7 +56,7 @@
mountPath: /home/sdc/chef-solo/environments/
env:
- name: ENVNAME
- value: {{ .Values.global.env.name }}
+ value: {{ .Values.env.name }}
- name: HOST_IP
valueFrom:
fieldRef:
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/service.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/service.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-onboarding-be/templates/service.yaml
rename to kubernetes/sdc/components/sdc-onboarding-be/templates/service.yaml
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml
similarity index 73%
rename from kubernetes/sdc/charts/sdc-onboarding-be/values.yaml
rename to kubernetes/sdc/components/sdc-onboarding-be/values.yaml
index f42b500..2e5d91e 100644
--- a/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml
+++ b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml
@@ -21,6 +21,42 @@
readinessImage: onap/oom/readiness:3.0.1
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
+ aafEnabled: true
+ persistence: {}
+ cassandra:
+ #This flag allows SDC to instantiate its own cluster, serviceName
+ #should be sdc-cs if this flag is enabled
+ localCluster: false
+ #The cassandra service name to connect to (default: shared cassandra service)
+ serviceName: cassandra
+ #Shared cassandra cluster replicaCount, should be changed if localCluster is enabled
+ #to match with its own cluster replica
+ replicaCount: 3
+ clusterName: cassandra
+ dataCenter: Pod
+
+#################################################################
+# AAF Part
+#################################################################
+certInitializer:
+ nameOverride: sdc-onboarding-be-cert-init
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ fqdn: sdc
+ fqi: sdc@sdc.onap.org
+ public_fqdn: sdc.onap.org
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ app_ns: org.osaaf.aaf
+ credsPath: /opt/app/osaaf/local
+ addconfig: true
+ keystoreFile: "org.onap.sdc.p12"
+ truststoreFile: "org.onap.sdc.trust.jks"
+ permission_user: 352070
+ permission_group: 35953
+ aaf_add_config: >
+ /opt/app/aaf_config/bin/agent.sh local showpass
+ {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
#################################################################
# Application configuration defaults.
@@ -38,6 +74,10 @@
javaOptions: "-Xmx1g -Xms1g"
cassandraSslEnabled: "false"
+#environment file
+env:
+ name: AUTO
+
# default number of instances
replicaCount: 1
diff --git a/kubernetes/sdc/charts/sdc-wfd-be/.helmignore b/kubernetes/sdc/components/sdc-wfd-be/.helmignore
similarity index 100%
rename from kubernetes/sdc/charts/sdc-wfd-be/.helmignore
rename to kubernetes/sdc/components/sdc-wfd-be/.helmignore
diff --git a/kubernetes/sdc/charts/sdc-wfd-be/Chart.yaml b/kubernetes/sdc/components/sdc-wfd-be/Chart.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-wfd-be/Chart.yaml
rename to kubernetes/sdc/components/sdc-wfd-be/Chart.yaml
diff --git a/kubernetes/sdc/components/sdc-wfd-be/requirements.yaml b/kubernetes/sdc/components/sdc-wfd-be/requirements.yaml
new file mode 100644
index 0000000..b1d52ae
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-wfd-be/requirements.yaml
@@ -0,0 +1,23 @@
+# ============LICENSE_START=======================================================
+# Copyright (C) 2018 Ericsson. All rights reserved.
+# Modifications Copyright © 2020 AT&T. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+dependencies:
+ - name: certInitializer
+ version: ~6.x-0
+ repository: '@local'
\ No newline at end of file
diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/NOTES.txt b/kubernetes/sdc/components/sdc-wfd-be/templates/NOTES.txt
similarity index 100%
rename from kubernetes/sdc/charts/sdc-wfd-be/templates/NOTES.txt
rename to kubernetes/sdc/components/sdc-wfd-be/templates/NOTES.txt
diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl b/kubernetes/sdc/components/sdc-wfd-be/templates/_helper.tpl
similarity index 100%
rename from kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl
rename to kubernetes/sdc/components/sdc-wfd-be/templates/_helper.tpl
diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml
similarity index 82%
rename from kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml
rename to kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml
index 92fe5f2..b188cda 100644
--- a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml
@@ -34,7 +34,7 @@
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
spec:
- initContainers:
+ initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
{{- if .Values.initJob.enabled }}
- name: {{ include "common.name" . }}-job-completion
image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
@@ -55,6 +55,20 @@
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- if .Values.global.aafEnabled }}
+ command:
+ - sh
+ args:
+ - "-c"
+ - |
+ export $(grep '^c' {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
+ export SERVER_SSL_KEY_PASSWORD=$cadi_keystore_password_p12
+ export KEYMANAGER_PASS=$cadi_keystore_password_p12
+ export SERVER_SSL_TRUST_PASSWORD=$cadi_truststore_password
+ export SERVER_SSL_KEYSTORE_PATH={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }}
+ export SERVER_SSL_TRUSTSTORE_PATH={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }}
+ ./startup.sh
+ {{- end }}
ports:
- containerPort: {{ template "wfd-be.internalPort" . }}
# disable liveness probe when breakpoints set in debugger
@@ -106,28 +120,9 @@
value: "{{ .Values.config.serverSSLEnabled }}"
- name: SERVER_SSL_KEYSTORE_TYPE
value: "{{ .Values.config.serverSSLKeyStoreType }}"
- - name: SERVER_SSL_KEYSTORE_PATH
- value: "{{ .Values.config.serverSSLKeyStorePath }}"
- - name: SERVER_SSL_KEY_PASSWORD
- valueFrom:
- secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: keystore_password}
- name: SERVER_SSL_TRUSTSTORE_TYPE
value: "{{ .Values.config.serverSSLTrustStoreType }}"
- - name: SERVER_SSL_TRUSTSTORE_PATH
- value: "{{ .Values.config.serverSSLTrustStorePath }}"
- - name: SERVER_SSL_TRUST_PASSWORD
- valueFrom:
- secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: truststore_password}
- volumeMounts:
- - name: sdc-cert
- mountPath: /keystore
- subPath: org.onap.sdc.p12
- - name: sdc-cert
- mountPath: /truststore
- subPath: org.onap.sdc.trust.jks
- volumes:
- - name: sdc-cert
- secret:
- secretName: sdc-cert
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/ingress.yaml b/kubernetes/sdc/components/sdc-wfd-be/templates/ingress.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-wfd-be/templates/ingress.yaml
rename to kubernetes/sdc/components/sdc-wfd-be/templates/ingress.yaml
diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml b/kubernetes/sdc/components/sdc-wfd-be/templates/job.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml
rename to kubernetes/sdc/components/sdc-wfd-be/templates/job.yaml
diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/service.yaml b/kubernetes/sdc/components/sdc-wfd-be/templates/service.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-wfd-be/templates/service.yaml
rename to kubernetes/sdc/components/sdc-wfd-be/templates/service.yaml
diff --git a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml b/kubernetes/sdc/components/sdc-wfd-be/values.yaml
similarity index 71%
rename from kubernetes/sdc/charts/sdc-wfd-be/values.yaml
rename to kubernetes/sdc/components/sdc-wfd-be/values.yaml
index 4ab9504..da5ae38 100644
--- a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-be/values.yaml
@@ -21,6 +21,41 @@
readinessImage: onap/oom/readiness:3.0.1
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
+ aafEnabled: true
+ cassandra:
+ #This flag allows SDC to instantiate its own cluster, serviceName
+ #should be sdc-cs if this flag is enabled
+ localCluster: false
+ #The cassandra service name to connect to (default: shared cassandra service)
+ serviceName: cassandra
+ #Shared cassandra cluster replicaCount, should be changed if localCluster is enabled
+ #to match with its own cluster replica
+ replicaCount: 3
+ clusterName: cassandra
+ dataCenter: Pod
+
+#################################################################
+# AAF Part
+#################################################################
+certInitializer:
+ nameOverride: sdc-wfd-be-cert-init
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ fqdn: sdc
+ fqi: sdc@sdc.onap.org
+ public_fqdn: sdc.onap.org
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ app_ns: org.osaaf.aaf
+ credsPath: /opt/app/osaaf/local
+ addconfig: true
+ keystoreFile: "org.onap.sdc.p12"
+ truststoreFile: "org.onap.sdc.trust.jks"
+ permission_user: 352070
+ permission_group: 35953
+ aaf_add_config: >
+ /opt/app/aaf_config/bin/agent.sh local showpass
+ {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
#################################################################
# Application configuration defaults.
@@ -38,22 +73,19 @@
javaOptions: "-Xmx1536m -Xms1536m"
cassandraAuthenticationEnabled: true
cassandraClientPort: 9042
-
sdcProtocol: HTTPS
sdcEndpoint: sdc-be:8443
sdcExternalUser: workflow
-
serverSSLEnabled: true
-
serverSSLKeyStoreType: jks
- serverSSLKeyStorePath: /home/sdc/etc/keystore
-
serverSSLTrustStoreType: jks
- serverSSLTrustStorePath: /home/sdc/etc/truststore
-
cassandraSSLEnabled: false
cassandraTrustStorePath: /home/sdc/etc/truststore
+# environment file
+env:
+ name: AUTO
+
# default number of instances
replicaCount: 1
@@ -82,7 +114,6 @@
externalPort2: 8443
nodePort: "57" # only one node port. set to http or https port depending on isHttpsEnabled property
-
ingress:
enabled: false
service:
@@ -91,7 +122,7 @@
port: 8443
config:
ssl: "redirect"
-
+
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/.helmignore b/kubernetes/sdc/components/sdc-wfd-fe/.helmignore
similarity index 100%
rename from kubernetes/sdc/charts/sdc-wfd-fe/.helmignore
rename to kubernetes/sdc/components/sdc-wfd-fe/.helmignore
diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/Chart.yaml b/kubernetes/sdc/components/sdc-wfd-fe/Chart.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-wfd-fe/Chart.yaml
rename to kubernetes/sdc/components/sdc-wfd-fe/Chart.yaml
diff --git a/kubernetes/sdc/components/sdc-wfd-fe/requirements.yaml b/kubernetes/sdc/components/sdc-wfd-fe/requirements.yaml
new file mode 100644
index 0000000..b1d52ae
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-wfd-fe/requirements.yaml
@@ -0,0 +1,23 @@
+# ============LICENSE_START=======================================================
+# Copyright (C) 2018 Ericsson. All rights reserved.
+# Modifications Copyright © 2020 AT&T. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+dependencies:
+ - name: certInitializer
+ version: ~6.x-0
+ repository: '@local'
\ No newline at end of file
diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/NOTES.txt b/kubernetes/sdc/components/sdc-wfd-fe/templates/NOTES.txt
similarity index 100%
rename from kubernetes/sdc/charts/sdc-wfd-fe/templates/NOTES.txt
rename to kubernetes/sdc/components/sdc-wfd-fe/templates/NOTES.txt
diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/_helper.tpl b/kubernetes/sdc/components/sdc-wfd-fe/templates/_helper.tpl
similarity index 100%
rename from kubernetes/sdc/charts/sdc-wfd-fe/templates/_helper.tpl
rename to kubernetes/sdc/components/sdc-wfd-fe/templates/_helper.tpl
diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml b/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml
similarity index 66%
rename from kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml
rename to kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml
index 061b765..ad10480 100644
--- a/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml
@@ -33,7 +33,7 @@
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
spec:
- initContainers:
+ initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
- name: {{ include "common.name" . }}-readiness
command:
- /app/ready.py
@@ -48,10 +48,39 @@
fieldPath: metadata.namespace
image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- if .Values.global.aafEnabled }}
+ - name: {{ include "common.fullname" . }}-move-cert
+ command:
+ - /bin/sh
+ args:
+ - -c
+ - |
+ cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }} /sdc-certs/{{ .Values.certInitializer.keystoreFile }}
+ cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }} /sdc-certs/{{ .Values.certInitializer.truststoreFile }}
+ cp {{ .Values.certInitializer.credsPath }}/mycreds.prop /sdc-certs/mycreds.prop
+ image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
+ - name: sdc-certs
+ mountPath: /sdc-certs
+ {{- end }}
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- if .Values.global.aafEnabled }}
+ command:
+ - sh
+ args:
+ - "-c"
+ - |
+ export $(grep '^c' /sdc-certs/mycreds.prop | xargs -0)
+ export KEYSTORE_PASS=$cadi_keystore_password_p12
+ export TRUSTSTORE_PASS=$cadi_truststore_password
+ export KEYSTORE_PATH=/etc/{{ .Values.certInitializer.keystoreFile }}
+ export TRUSTSTORE_PATH=/etc/{{ .Values.certInitializer.truststoreFile }}
+ ./startup.sh
+ {{- end }}
ports:
- containerPort: {{ template "wfd-fe.internalPort" . }}
{{ if .Values.liveness.enabled }}
@@ -68,7 +97,7 @@
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- name: ENVNAME
- value: {{ .Values.global.env.name }}
+ value: {{ .Values.env.name }}
- name: JAVA_OPTIONS
value: {{ .Values.config.javaOptions }}
- name: BACKEND
@@ -76,16 +105,6 @@
- name: IS_HTTPS
value: "{{ .Values.config.isHttpsEnabled}}"
{{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }}
- - name: KEYSTORE_PASS
- valueFrom:
- secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: keystore_password}
- - name: TRUSTSTORE_PASS
- valueFrom:
- secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: truststore_password}
- - name: TRUSTSTORE_PATH
- value: "{{ .Values.security.storePath }}/{{ .Values.security.truststoreFilename }}"
- - name: KEYSTORE_PATH
- value: "{{ .Values.security.storePath }}/{{ .Values.security.keystoreFilename }}"
- name: TRUST_ALL
value: "{{ .Values.config.isTrustAll}}"
{{ end }}
@@ -93,12 +112,17 @@
- name: {{ include "common.fullname" . }}-localtime
mountPath: /etc/localtime
readOnly: true
- - name: sdc-cert
- mountPath: /var/lib/jetty/etc/org.onap.sdc.p12
- subPath: org.onap.sdc.p12
- - name: sdc-cert
- mountPath: /var/lib/jetty/etc/org.onap.sdc.trust.jks
- subPath: org.onap.sdc.trust.jks
+ {{- if .Values.global.aafEnabled }}
+ - name: sdc-certs
+ mountPath: /sdc-certs
+ subpath: mycreds.prop
+ - name: sdc-certs
+ mountPath: /var/lib/jetty/etc/{{ .Values.certInitializer.keystoreFile }}
+ subPath: {{ .Values.certInitializer.keystoreFile }}
+ - name: sdc-certs
+ mountPath: /var/lib/jetty/etc/{{ .Values.certInitializer.truststoreFile }}
+ subPath: {{ .Values.certInitializer.truststoreFile }}
+ {{ end }}
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -121,13 +145,15 @@
mountPath: /var/log/onap
- name: {{ include "common.fullname" . }}-data-filebeat
mountPath: /usr/share/filebeat/data
- volumes:
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: {{ include "common.fullname" . }}-localtime
hostPath:
path: /etc/localtime
- - name: sdc-cert
- secret:
- secretName: sdc-cert
+ {{- if .Values.global.aafEnabled }}
+ - name: sdc-certs
+ emptyDir:
+ medium: "Memory"
+ {{- end }}
- name: {{ include "common.fullname" . }}-filebeat-conf
configMap:
name: {{ include "common.release" . }}-sdc-filebeat-configmap
diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/ingress.yaml b/kubernetes/sdc/components/sdc-wfd-fe/templates/ingress.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-wfd-fe/templates/ingress.yaml
rename to kubernetes/sdc/components/sdc-wfd-fe/templates/ingress.yaml
diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/service.yaml b/kubernetes/sdc/components/sdc-wfd-fe/templates/service.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-wfd-fe/templates/service.yaml
rename to kubernetes/sdc/components/sdc-wfd-fe/templates/service.yaml
diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml b/kubernetes/sdc/components/sdc-wfd-fe/values.yaml
similarity index 81%
rename from kubernetes/sdc/charts/sdc-wfd-fe/values.yaml
rename to kubernetes/sdc/components/sdc-wfd-fe/values.yaml
index 1e6e3fe..7bb1b24 100644
--- a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-fe/values.yaml
@@ -21,6 +21,30 @@
readinessImage: onap/oom/readiness:3.0.1
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
+ aafEnabled: true
+
+#################################################################
+# AAF Part
+#################################################################
+certInitializer:
+ nameOverride: sdc-wfd-fe-cert-init
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ fqdn: sdc
+ fqi: sdc@sdc.onap.org
+ public_fqdn: sdc.onap.org
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ app_ns: org.osaaf.aaf
+ credsPath: /opt/app/osaaf/local
+ addconfig: true
+ keystoreFile: "org.onap.sdc.p12"
+ truststoreFile: "org.onap.sdc.trust.jks"
+ permission_user: 352070
+ permission_group: 35953
+ aaf_add_config: >
+ /opt/app/aaf_config/bin/agent.sh local showpass
+ {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
#################################################################
# Application configuration defaults.
@@ -40,11 +64,13 @@
# following flag decides whether to check the certificate on the outgoing proxy request or whether to trust all parties
isTrustAll: true
# https relevant settings. Change in case you have other trust files then default ones.
+
+#environment file
+env:
+ name: AUTO
+
security:
isDefaultStore: false
- truststoreFilename: "org.onap.sdc.trust.jks"
- keystoreFilename: "org.onap.sdc.p12"
- storePath: "etc"
# default number of instances
replicaCount: 1
diff --git a/kubernetes/sdc/requirements.yaml b/kubernetes/sdc/requirements.yaml
index 2ce7b9d..fc27a7b 100644
--- a/kubernetes/sdc/requirements.yaml
+++ b/kubernetes/sdc/requirements.yaml
@@ -14,15 +14,39 @@
# limitations under the License.
dependencies:
- - name: common
+ - name: sdc-be
version: ~6.x-0
- repository: '@local'
-
- - name: cassandra
+ repository: 'file://components/sdc-be'
+ - name: sdc-cs
version: ~6.x-0
- # local reference to common chart, as it is
- # a part of this chart's package and will not
- # be published independently to a repo (at this point)
- repository: '@local'
- condition: global.cassandra.localCluster
-
+ repository: 'file://components/sdc-cs'
+ - name: sdc-fe
+ version: ~6.x-0
+ repository: 'file://components/sdc-fe'
+ - name: sdc-onboarding-be
+ version: ~6.x-0
+ repository: 'file://components/sdc-onboarding-be'
+ - name: sdc-wfd-be
+ version: ~6.x-0
+ repository: 'file://components/sdc-wfd-be'
+ condition: sdc-wfd.enabled
+ - name: sdc-wfd-fe
+ version: ~6.x-0
+ repository: 'file://components/sdc-wfd-fe'
+ condition: sdc-wfd.enabled
+ - name: sdc-dcae-be
+ version: ~6.x-0
+ repository: 'file://components/sdc-dcae-be'
+ condition: sdc-dcaed.enabled
+ - name: sdc-dcae-dt
+ version: ~6.x-0
+ repository: 'file://components/sdc-dcae-dt'
+ condition: sdc-dcaed.enabled
+ - name: sdc-dcae-tosca-lab
+ version: ~6.x-0
+ repository: 'file://components/sdc-dcae-tosca-lab'
+ condition: sdc-dcaed.enabled
+ - name: sdc-dcae-fe
+ version: ~6.x-0
+ repository: 'file://components/sdc-dcae-fe'
+ condition: sdc-dcaed.enabled
\ No newline at end of file
diff --git a/kubernetes/sdc/resources/cert/org.onap.sdc.p12 b/kubernetes/sdc/resources/cert/org.onap.sdc.p12
deleted file mode 100644
index 4468560..0000000
--- a/kubernetes/sdc/resources/cert/org.onap.sdc.p12
+++ /dev/null
Binary files differ
diff --git a/kubernetes/sdc/resources/cert/org.onap.sdc.trust.jks b/kubernetes/sdc/resources/cert/org.onap.sdc.trust.jks
deleted file mode 100644
index e6686cc..0000000
--- a/kubernetes/sdc/resources/cert/org.onap.sdc.trust.jks
+++ /dev/null
Binary files differ
diff --git a/kubernetes/sdc/resources/config/environments/AUTO.json b/kubernetes/sdc/resources/config/environments/AUTO.json
index 2bd165b..b38b1f6 100755
--- a/kubernetes/sdc/resources/config/environments/AUTO.json
+++ b/kubernetes/sdc/resources/config/environments/AUTO.json
@@ -1,6 +1,6 @@
{
- "name": "{{ .Values.global.env.name }}",
- "description": "OpenSource-{{ .Values.global.env.name }}",
+ "name": "{{ .Values.env.name }}",
+ "description": "OpenSource-{{ .Values.env.name }}",
"cookbook_versions": {
"Deploy-SDandC": "= 1.0.0"
},
@@ -107,7 +107,8 @@
},
"jetty": {
"keystore_pwd": "${KEYSTORE_PASS}",
- "truststore_pwd": "${TRUSTSTORE_PASS}"
+ "truststore_pwd": "${TRUSTSTORE_PASS}",
+ "keymanager_pwd": "${KEYMANAGER_PASS}"
}
}
}
diff --git a/kubernetes/sdc/templates/secrets.yaml b/kubernetes/sdc/templates/secrets.yaml
index 6187104..dd61412 100644
--- a/kubernetes/sdc/templates/secrets.yaml
+++ b/kubernetes/sdc/templates/secrets.yaml
@@ -36,17 +36,3 @@
keystore_password: "{{ .Values.global.secrets.keystore_password }}"
# workflow
wf_external_user_password: "{{ .Values.global.secrets.wf_external_user_password }}"
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: sdc-cert
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/cert/*").AsSecrets . | indent 2 }}
diff --git a/kubernetes/sdc/values.yaml b/kubernetes/sdc/values.yaml
index 2694b5d..af0d2a9 100644
--- a/kubernetes/sdc/values.yaml
+++ b/kubernetes/sdc/values.yaml
@@ -15,8 +15,6 @@
global:
persistence: {}
- env:
- name: AUTO
secrets:
sdc_user: YXNkY191c2Vy
sdc_password: QWExMjM0JV4h
@@ -30,6 +28,7 @@
ubuntuInitImage: ubuntu-init:1.0.0
busyboxRepository: registry.hub.docker.com
busyboxImage: library/busybox:latest
+ aafEnabled: true
cassandra:
#This flag allows SDC to instantiate its own cluster, serviceName
#should be sdc-cs if this flag is enabled
@@ -44,6 +43,11 @@
security:
disableHttp: true
envsubstImage: dibi/envsubst
+
+# Environment file
+env:
+ name: AUTO
+
config:
logstashServiceName: log-ls
logstashPort: 5044
@@ -60,3 +64,9 @@
persistence:
mountSubPath: sdc/sdc-cs/CS
enabled: true
+
+# dependency / sub-chart configuration
+sdc-wfd:
+ enabled: true
+sdc-dcaed:
+ enabled: true
\ No newline at end of file