[SO] Cleanup of SO charts
Remove AAF and TLS related chart entries
Use OOM templates for deployment and service definitions
Remove so-appc-orchestrator, as it is not supported anymore
Issue-ID: OOM-3106
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I6256aa0fbbe172752cc3d8f83edde0880de7f629
diff --git a/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml
index 016b3f5..633ac7d 100755
--- a/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml
+++ b/kubernetes/so/components/so-nssmf-adapter/resources/config/overrides/override.yaml
@@ -14,12 +14,8 @@
# limitations under the License.
*/}}
aai:
- auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.aai.auth )}}
- {{ if (include "common.needTLS" .) }}
- endpoint: https://aai.{{ include "common.namespace" . }}:8443
- {{ else }}
+ auth: {{ .Values.aai.auth }}
endpoint: http://aai.{{ include "common.namespace" . }}:80
- {{ end }}
logging:
path: logs
spring:
@@ -58,12 +54,8 @@
msb-port: 80
adapters:
requestDb:
- {{ if (include "common.needTLS" .) }}
- endpoint: https://so-request-db-adapter.{{ include "common.namespace" . }}:8083
- {{ else }}
endpoint: http://so-request-db-adapter.{{ include "common.namespace" . }}:8083
- {{ end }}
- auth: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" .Values.global.aaf.auth.header "value2" .Values.mso.adapters.requestDb.auth )}}
+ auth: {{ .Values.mso.adapters.requestDb.auth }}
#Actuator
management:
endpoints:
diff --git a/kubernetes/so/components/so-nssmf-adapter/templates/configmap.yaml b/kubernetes/so/components/so-nssmf-adapter/templates/configmap.yaml
index 03a3df4..35baef1 100755
--- a/kubernetes/so/components/so-nssmf-adapter/templates/configmap.yaml
+++ b/kubernetes/so/components/so-nssmf-adapter/templates/configmap.yaml
@@ -19,7 +19,7 @@
data:
LOG_PATH: {{ index .Values.logPath }}
APP: {{ index .Values.app }}
- ACTIVE_PROFILE: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}}
+ ACTIVE_PROFILE: "basic"
---
apiVersion: v1
kind: ConfigMap
diff --git a/kubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml b/kubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml
index f41352e..32a9eff 100755
--- a/kubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml
@@ -26,11 +26,9 @@
maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }}
maxSurge: {{ index .Values.updateStrategy.maxSurge }}
template:
- metadata:
- labels: {{- include "common.labels" . | nindent 8 }}
+ metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
initContainers:
- {{ include "so.certificate.container_importer" . | indent 6 | trim }}
{{ include "common.readinessCheck.waitFor" . | indent 6 | trim }}
containers:
- name: {{ include "common.name" . }}
@@ -41,12 +39,6 @@
- |
export BPEL_PASSWORD=`htpasswd -bnBC 10 "" $BPEL_PASSWORD_INPUT | tr -d ':\n' | sed 's/\$2y/\$2a/'`
export ACTUATOR_PASSWORD=`htpasswd -bnBC 10 "" $ACTUATOR_PASSWORD_INPUT | tr -d ':\n' | sed 's/\$2y/\$2a/'`
- {{- if .Values.global.aafEnabled }}
- export $(cat {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0)
- {{- if .Values.global.security.aaf.enabled }}
- export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}"
- {{- end }}
- {{- end }}
./start-app.sh
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
resources: {{ include "common.resources" . | nindent 12 }}
@@ -72,12 +64,11 @@
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-actuator-creds" "key" "login") | indent 14 }}
- name: ACTUATOR_PASSWORD_INPUT
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-actuator-creds" "key" "password") | indent 14 }}
- {{ include "so.certificates.env" . | nindent 12 }}
envFrom:
- configMapRef:
name: {{ include "common.fullname" . }}-env
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 12 }}
+ volumeMounts:
- name: logs
mountPath: /app/logs
- name: config
@@ -94,7 +85,7 @@
successThreshold: {{ index .Values.livenessProbe.successThreshold}}
failureThreshold: {{ index .Values.livenessProbe.failureThreshold}}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
- volumes: {{ include "so.certificate.volumes" . | nindent 8 }}
+ volumes:
- name: logs
emptyDir: {}
- name: config
diff --git a/kubernetes/so/components/so-nssmf-adapter/values.yaml b/kubernetes/so/components/so-nssmf-adapter/values.yaml
index 29f9f4e..ecf9b04 100755
--- a/kubernetes/so/components/so-nssmf-adapter/values.yaml
+++ b/kubernetes/so/components/so-nssmf-adapter/values.yaml
@@ -19,12 +19,6 @@
nodePortPrefixExt: 304
persistence:
mountPath: /dockerdata-nfs
- security:
- aaf:
- enabled: false
- aaf:
- auth:
- header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo=
mariadbGalera:
serviceName: mariadb-galera
servicePort: '3306'
@@ -110,17 +104,14 @@
- name: http
port: *containerPort
updateStrategy:
- type: RollingUpdate
- maxUnavailable: 1
- maxSurge: 1
+ type: RollingUpdate
+ maxUnavailable: 1
+ maxSurge: 1
+#################################################################
+# soHelpers part
+#################################################################
soHelpers:
- nameOverride: so-nssmf-cert-init
- certInitializer:
- nameOverride: so-nssmf-cert-init
- credsPath: /opt/app/osaaf/local
- cadi:
- apiEnforcement: org.onap.so.nssmfAdapterPerm
containerPort: *containerPort
# Resource Limit flavor -By Default using small
@@ -143,14 +134,14 @@
cpu: 1000m
unlimited: {}
livenessProbe:
- path: /manage/health
- port: 8088
- scheme: HTTP
- initialDelaySeconds: 600
- periodSeconds: 60
- timeoutSeconds: 10
- successThreshold: 1
- failureThreshold: 3
+ path: /manage/health
+ port: 8088
+ scheme: HTTP
+ initialDelaySeconds: 600
+ periodSeconds: 60
+ timeoutSeconds: 10
+ successThreshold: 1
+ failureThreshold: 3
ingress:
enabled: false
nodeSelector: {}