[SDC] Chart cleanup for AAF/TLS removal
Use latest helm templates and remove TLS/AAF related parts
Issue-ID: OOM-3121
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I453d9bfb471462a3c2f4825a3a542c61df353cf5
diff --git a/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml
index 8180cc7..6c392ef 100644
--- a/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml
@@ -18,26 +18,14 @@
apiVersion: apps/v1
kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
+ selector: {{- include "common.selectors" . | nindent 4 }}
replicas: {{ .Values.replicaCount }}
template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
+ metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
- initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
+ initContainers:
- name: {{ include "common.name" . }}-job-completion
image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: "{{ .Values.global.pullPolicy | default .Values.pullPolicy }}"
@@ -45,7 +33,7 @@
- /app/ready.py
args:
- --job-name
- - {{ include "common.release" . }}-sdc-onboarding-be-cassandra-init
+ - {{ include "common.release" . }}-sdc-onboarding-be
env:
- name: NAMESPACE
valueFrom:
@@ -59,73 +47,16 @@
requests:
cpu: 3m
memory: 20Mi
- {{- if .Values.global.aafEnabled }}
- - name: {{ include "common.name" . }}-update-config
- image: {{ include "repositoryGenerator.image.envsubst" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command:
- - sh
- args:
- - "-c"
- - |
- export $(grep '^c' {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
- export KEYSTORE_PASS=$cadi_keystore_password_p12
- export KEYMANAGER_PASS=$cadi_keystore_password_p12
- export TRUSTSTORE_PASS=$cadi_truststore_password
- cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }} /config-output
- cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }} /config-output
- cd /config-input && \
- for PFILE in `find . -not -type d | grep -v -F ..`
- do
- envsubst <${PFILE} >/config-output/${PFILE}
- chmod 0755 /config-output/${PFILE}
- done
- volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- - name: sdc-environments-input
- mountPath: /config-input/
- - name: sdc-environments
- mountPath: /config-output/
- resources:
- limits:
- cpu: 100m
- memory: 100Mi
- requests:
- cpu: 3m
- memory: 20Mi
- {{- end }}
- - name: volume-permissions
- image: {{ include "repositoryGenerator.image.busybox" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command:
- - sh
- args:
- - "-c"
- - |
- chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }} //onboard/cert
- securityContext:
- runAsUser: 0
- volumeMounts:
- - name: cert-storage
- mountPath: "/onboard/cert"
- resources:
- limits:
- cpu: 100m
- memory: 100Mi
- requests:
- cpu: 3m
- memory: 20Mi
containers:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- - containerPort: {{ .Values.service.internalPort2 }}
+ ports: {{ include "common.containerPorts" . | nindent 12 }}
{{ if eq .Values.liveness.enabled true }}
livenessProbe:
httpGet:
path: /onboarding-api/v1.0/healthcheck
- port: {{ .Values.service.internalPort2 }}
+ port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
@@ -135,7 +66,7 @@
readinessProbe:
httpGet:
path: /onboarding-api/v1.0/healthcheck
- port: {{ .Values.service.internalPort2 }}
+ port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
@@ -144,7 +75,7 @@
startupProbe:
httpGet:
path: /onboarding-api/v1.0/healthcheck
- port: {{ .Values.service.internalPort2 }}
+ port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }}
periodSeconds: {{ .Values.startup.periodSeconds }}
timeoutSeconds: {{ .Values.startup.timeoutSeconds }}
@@ -171,25 +102,15 @@
valueFrom:
secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_password}
- name: SDC_CERT_DIR
- value: {{ .Values.cert.certDir }}
+ value: ""
volumeMounts:
- name: sdc-environments
mountPath: /app/jetty/chef-solo/environments/
- {{- if .Values.global.aafEnabled }}
- - name: sdc-environments
- mountPath: /app/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.p12
- subPath: org.onap.sdc.p12
- - name: sdc-environments
- mountPath: /app/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.trust.jks
- subPath: org.onap.sdc.trust.jks
- {{- end }}
- name: localtime
mountPath: /etc/localtime
readOnly: true
- name: logs
mountPath: /var/log/onap
- - name: cert-storage
- mountPath: "{{ .Values.cert.certDir }}"
- name: logback
mountPath: /tmp/logback.xml
subPath: logback.xml
@@ -200,27 +121,19 @@
# side car containers
{{ include "common.log.sidecar" . | nindent 8 }}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
- volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
+ volumes:
- name: localtime
hostPath:
path: /etc/localtime
-
{{ include "common.log.volumes" (dict "dot" . "configMapNamePrefix" (tpl .Values.logConfigMapNamePrefix .)) | nindent 6 }}
- name: logback
configMap:
name : {{ include "common.fullname" . }}-logging-configmap
- name: sdc-environments
- {{- if .Values.global.aafEnabled }}
- emptyDir: { medium: "Memory" }
- - name: sdc-environments-input
- {{- end }}
configMap:
name: {{ include "common.release" . }}-sdc-environments-configmap
defaultMode: 0755
- name: logs
emptyDir: {}
- - name: cert-storage
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}-cert
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml
index bfc1ef8..41996ff 100644
--- a/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml
+++ b/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml
@@ -17,14 +17,7 @@
apiVersion: batch/v1
kind: Job
-metadata:
- name: {{ include "common.fullname" . }}-cassandra-init
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}-job
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
backoffLimit: 20
template:
@@ -42,7 +35,7 @@
- /app/ready.py
args:
- --job-name
- - {{ include "common.release" . }}-sdc-cs-config-cassandra
+ - {{ include "common.release" . }}-sdc-cs
- "-t"
- "20"
env:
diff --git a/kubernetes/sdc/components/sdc-onboarding-be/templates/pv.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/pv.yaml
deleted file mode 100644
index bc110c3..0000000
--- a/kubernetes/sdc/components/sdc-onboarding-be/templates/pv.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-{{/*
-# ================================================================================
-# Copyright (C) 2019, Nordix Foundation. All rights reserved.
-# ================================================================================
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-{{- if and .Values.persistence.enabled (not .Values.cert.persistence.existingClaim) -}}
-{{- if eq "True" (include "common.needPV" .) -}}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
- name: {{ include "common.fullname" . }}
-spec:
- capacity:
- storage: {{ .Values.cert.persistence.size}}
- accessModes:
- - {{ .Values.cert.persistence.accessMode }}
- persistentVolumeReclaimPolicy: {{ .Values.cert.persistence.volumeReclaimPolicy }}
- storageClassName: "{{ include "common.fullname" . }}-data"
- hostPath:
- path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.cert.persistence.mountSubPath }}
-{{- end -}}
-{{- end -}}
diff --git a/kubernetes/sdc/components/sdc-onboarding-be/templates/pvc.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/pvc.yaml
deleted file mode 100644
index 006d736..0000000
--- a/kubernetes/sdc/components/sdc-onboarding-be/templates/pvc.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-{{/*
-# ================================================================================
-# Copyright (C) 2019, Nordix Foundation. All rights reserved.
-# ================================================================================
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-{{- if and .Values.cert.persistence.enabled (not .Values.cert.persistence.existingClaim) -}}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname" . }}-cert
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
- release: "{{ include "common.release" . }}"
- heritage: "{{ .Release.Service }}"
-{{- if .Values.cert.persistence.annotations }}
- annotations:
-{{ toYaml .Values.cert.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
- accessModes:
- - {{ .Values.cert.persistence.accessMode }}
- storageClassName: {{ include "common.storageClass" . }}
- resources:
- requests:
- storage: {{ .Values.cert.persistence.size }}
-{{- end -}}
diff --git a/kubernetes/sdc/components/sdc-onboarding-be/templates/service.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/service.yaml
index ece5a43..0a34983 100644
--- a/kubernetes/sdc/components/sdc-onboarding-be/templates/service.yaml
+++ b/kubernetes/sdc/components/sdc-onboarding-be/templates/service.yaml
@@ -1,6 +1,7 @@
{{/*
# Copyright © 2017 Amdocs, Bell Canada
# Modifications Copyright © 2018 AT&T, ZTE
+# Modifications Copyright © 2023 Deutsche Telekom
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -15,35 +16,4 @@
# limitations under the License.
*/}}
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.externalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName | default "http" }}s
-
- - port: {{ .Values.service.externalPort2 }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
- name: {{ .Values.service.portName | default "http" }}}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName | default "http" }}s
- - port: {{ .Values.service.externalPort2 }}
- targetPort: {{ .Values.service.internalPort2 }}
- name: {{ .Values.service.portName | default "http" }}
- {{- end}}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
+{{ include "common.service" . }}
\ No newline at end of file