[CPS] Rolling update and prometheus changes

1. Rolling update for cps-core
2. Prometheus configuration
3. Image version update to I release
4. Only configurable parameters kept in application.yml

Issue-ID: CPS-536, CPS-365, CPS-664
Signed-off-by: puthuparambil.aditya <aditya.puthuparambil@bell.ca>
Change-Id: I33f47750bd3899f9a420256a1d9cef4cb63dff9e
diff --git a/kubernetes/cps/components/cps-core/resources/config/application-helm.yml b/kubernetes/cps/components/cps-core/resources/config/application-helm.yml
index f181b82..0bc7d5b 100644
--- a/kubernetes/cps/components/cps-core/resources/config/application-helm.yml
+++ b/kubernetes/cps/components/cps-core/resources/config/application-helm.yml
@@ -16,25 +16,7 @@
 # limitations under the License.
 */}}
 
-server:
-  port: 8080
-
-rest:
-  api:
-    cps-base-path: /cps/api
-    xnf-base-path: /cps-nf-proxy/api
-
 spring:
-  main:
-    banner-mode: "off"
-  jpa:
-    ddl-auto: create
-    open-in-view: false
-    properties:
-      hibernate:
-        enable_lazy_load_no_trans: true
-        dialect: org.hibernate.dialect.PostgreSQLDialect
-
   datasource:
     url: jdbc:postgresql://{{ .Values.postgres.service.name2 }}:5432/{{ .Values.postgres.config.pgDatabase }}
     username: ${DB_USERNAME}
@@ -42,46 +24,32 @@
     driverClassName: org.postgresql.Driver
     initialization-mode: always
 
-  cache:
-    type: caffeine
-    cache-names: yangSchema
-    caffeine:
-      spec: maximumSize=10000,expireAfterAccess=10m
-
   liquibase:
     change-log: classpath:changelog/changelog-master.yaml
     labels: {{ .Values.config.liquibaseLabels }}
 
 security:
-  # comma-separated uri patterns which do not require authorization
-  permit-uri: /manage/health/**,/manage/info,/swagger-ui/**,/swagger-resources/**,/v3/api-docs
-  auth:
-    username: ${CPS_USERNAME}
-    password: ${CPS_PASSWORD}
-
-# Actuator
-management:
-  endpoints:
-    web:
-      base-path: /manage
-    exposure:
-      include: info,health,loggers
-  endpoint:
-    health:
-      show-details: always
-      # kubernetes probes: liveness and readiness
-      probes:
-        enabled: true
-    loggers:
-      enabled: true
-
+    # comma-separated uri patterns which do not require authorization
+    permit-uri: /manage/**,/swagger-ui/**,/swagger-resources/**,/api-docs
+    auth:
+        username: ${CPS_USERNAME}
+        password: ${CPS_PASSWORD}
 logging:
   level:
     org:
       springframework: {{ .Values.logging.level }}
 
+dmi:
+  auth:
+    username: ${DMI_USERNAME}
+    password: ${DMI_PASSWORD}
+
+{{- if .Values.config.eventPublisher }}
+{{ toYaml .Values.config.eventPublisher | nindent 2 }}
+{{- end }}
+
 {{- if .Values.config.additional }}
 {{ toYaml .Values.config.additional | nindent 2 }}
 {{- end }}
-
 # Last empty line is required otherwise the last property will be missing from application.yml file in the pod.
+
diff --git a/kubernetes/cps/components/cps-core/templates/deployment.yaml b/kubernetes/cps/components/cps-core/templates/deployment.yaml
index 2047a39..e6ee161 100644
--- a/kubernetes/cps/components/cps-core/templates/deployment.yaml
+++ b/kubernetes/cps/components/cps-core/templates/deployment.yaml
@@ -21,6 +21,12 @@
 metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
 spec:
   replicas: {{ .Values.replicaCount }}
+  minReadySeconds: {{ index .Values.minReadySeconds }}
+  strategy:
+    type: {{ index .Values.updateStrategy.type }}
+    rollingUpdate:
+      maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }}
+      maxSurge: {{ index .Values.updateStrategy.maxSurge }}
   selector: {{- include "common.selectors" . | nindent 4 }}
   template:
     metadata: {{- include "common.templateMetadata" . | nindent 6 }}
@@ -47,6 +53,11 @@
             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "login") | indent 12 }}
           - name: CPS_PASSWORD
             {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "password") | indent 12 }}
+          - name: DMI_USERNAME
+            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmi-plugin-user-creds" "key" "login") | indent 12 }}
+          - name: DMI_PASSWORD
+            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmi-plugin-user-creds" "key" "password") | indent 12 }}
+
         volumeMounts:
           - mountPath: /config-input
             name: init-data-input
diff --git a/kubernetes/cps/components/cps-core/templates/serviceMonitor.yaml b/kubernetes/cps/components/cps-core/templates/serviceMonitor.yaml
new file mode 100644
index 0000000..a49a662
--- /dev/null
+++ b/kubernetes/cps/components/cps-core/templates/serviceMonitor.yaml
@@ -0,0 +1,23 @@
+{{/*
+# ============LICENSE_START=======================================================
+#  Copyright (c) 2021 Bell Canada
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+
+#       http://www.apache.org/licenses/LICENSE-2.0
+
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+#  SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+*/}}
+
+{{- if .Values.prometheus.enabled }}
+{{ include "common.serviceMonitor" . }}
+{{- end }}
\ No newline at end of file
diff --git a/kubernetes/cps/components/cps-core/values.yaml b/kubernetes/cps/components/cps-core/values.yaml
index ae8bccd..4f788e7 100644
--- a/kubernetes/cps/components/cps-core/values.yaml
+++ b/kubernetes/cps/components/cps-core/values.yaml
@@ -17,15 +17,15 @@
 #################################################################
 secrets:
   - uid: pg-root-pass
-    name: &pgRootPassSecretName '{{ include "common.release" . }}-cps-pg-root-pass'
+    name: &pgRootPassSecretName '{{ include "common.release" . }}-cps-core-pg-root-pass'
     type: password
-    externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgRootPasswordExternalSecret) .) (hasSuffix "cps-pg-root-pass" .Values.postgres.config.pgRootPasswordExternalSecret) }}'
+    externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgRootPasswordExternalSecret) .) (hasSuffix "cps-core-pg-root-pass" .Values.postgres.config.pgRootPasswordExternalSecret) }}'
     password: '{{ .Values.postgres.config.pgRootpassword }}'
     policy: generate
   - uid: pg-user-creds
-    name: &pgUserCredsSecretName '{{ include "common.release" . }}-cps-pg-user-creds'
+    name: &pgUserCredsSecretName '{{ include "common.release" . }}-cps-core-pg-user-creds'
     type: basicAuth
-    externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "cps-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}'
+    externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "cps-core-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}'
     login: '{{ .Values.postgres.config.pgUserName }}'
     password: '{{ .Values.postgres.config.pgUserPassword }}'
     passwordPolicy: generate
@@ -35,6 +35,12 @@
     login: '{{ .Values.config.appUserName }}'
     password: '{{ .Values.config.appUserPassword }}'
     passwordPolicy: generate
+  - uid: dmi-plugin-user-creds
+    type: basicAuth
+    externalSecret: '{{ tpl (default "" .Values.config.dmiPluginUserExternalSecret) . }}'
+    login: '{{ .Values.config.dmiPluginUserName }}'
+    password: '{{ .Values.config.dmiPluginUserPassword }}'
+    passwordPolicy: generate
 
 #################################################################
 # Global configuration defaults.
@@ -47,8 +53,9 @@
     virtualhost:
       baseurl: "simpledemo.onap.org"
 
-image: onap/cps-and-nf-proxy:1.0.1
+image: onap/cps-and-ncmp:2.0.0
 containerPort: &svc_port 8080
+managementPort: &mgt_port 8081
 
 service:
   type: ClusterIP
@@ -56,6 +63,24 @@
   ports:
     - name: &port http
       port: *svc_port
+    - name: management
+      port: *mgt_port
+      targetPort: *mgt_port
+
+prometheus:
+  enabled: true
+
+metrics:
+  serviceMonitor:
+    enabled: true
+    port: management
+      ## specify target port if name is not given to the port in the service definition
+      ##
+    # targetPort: 8080
+    path: /manage/prometheus
+    interval: 60s
+    basicAuth:
+      enabled: false
 
 pullPolicy: Always
 # flag to enable debugging - application support required
@@ -91,13 +116,13 @@
   # in debugger so K8s doesn't restart unresponsive container
   enabled: true
   path: /manage/health
-  port: *port
+  port: *mgt_port
 
 readiness:
   initialDelaySeconds: 15
   periodSeconds: 15
   path: /manage/health
-  port: *port
+  port: *mgt_port
 
 ingress:
   enabled: true
@@ -130,13 +155,31 @@
   spring:
     profile: helm
   #appUserPassword:
-
+  dmiPluginUserName: dmiuser
 # Any new property can be added in the env by setting in overrides in the format mentioned below
 # All the added properties must be in "key: value" format insead of yaml.
 #  additional:
 #    spring.config.max-size: 200
 #    spring.config.min-size: 10
 
+  eventPublisher:
+    spring.kafka.bootstrap-servers: message-router-kafka:9092
+    spring.kafka.security.protocol: SASL_PLAINTEXT
+    spring.kafka.properties.sasl.mechanism: PLAIN
+    spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.plain.PlainLoginModule required username=admin password=admin_secret;
+    spring.kafka.producer.client-id: cps-core
+
+  additional:
+    notification.data-updated.enabled: true
+    notification.data-updated.topic: cps.data-updated-events
+    notification.data-updated.filters.enabled-dataspaces: ""
+    notification.async.enabled: false
+    notification.async.executor.core-pool-size: 2
+    notification.async.executor.max-pool-size: 1
+    notification.async.executor.queue-capacity: 500
+    notification.async.executor.wait-for-tasks-to-complete-on-shutdown: true
+    notification.async.executor.thread-name-prefix: Async-
+
 logging:
   level: INFO
   path: /tmp
@@ -145,18 +188,18 @@
 # Postgres overriding defaults in the postgres
 #################################################################
 postgres:
-  nameOverride: &postgresName cps-postgres
+  nameOverride: &postgresName cps-core-postgres
   service:
     name: *postgresName
-    name2: cps-pg-primary
-    name3: cps-pg-replica
+    name2: cps-core-pg-primary
+    name3: cps-core-pg-replica
   container:
     name:
-      primary: cps-pg-primary
-      replica: cps-pg-replica
+      primary: cps-core-pg-primary
+      replica: cps-core-pg-replica
   persistence:
-    mountSubPath: cps/data
-    mountInitPath: cps
+    mountSubPath: cps-core/data
+    mountInitPath: cps-core
   config:
     pgUserName: cps
     pgDatabase: cpsdb
@@ -165,4 +208,10 @@
 
 readinessCheck:
   wait_for:
-    - cps-postgres
+    - *postgresName
+
+minReadySeconds: 10
+updateStrategy:
+  type: RollingUpdate
+  maxUnavailable: 0
+  maxSurge: 1
diff --git a/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml b/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml
index 390a545..d4319a1 100644
--- a/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml
+++ b/kubernetes/cps/components/ncmp-dmi-plugin/values.yaml
@@ -154,4 +154,4 @@
 
 readinessCheck:
   wait_for:
-    - cps-postgres
+    - cps-core
diff --git a/kubernetes/cps/values.yaml b/kubernetes/cps/values.yaml
index cda726d..28f904a 100755
--- a/kubernetes/cps/values.yaml
+++ b/kubernetes/cps/values.yaml
@@ -23,6 +23,13 @@
     login: '{{ .Values.config.coreUserName }}'
     password: '{{ .Values.config.coreUserPassword }}'
     passwordPolicy: generate
+  - uid: dmi-plugin-user-creds
+    name: &dmi-plugin-creds-secret '{{ include "common.release" . }}-cps-dmi-plugin-user-creds'
+    type: basicAuth
+    externalSecret: '{{ tpl (default "" .Values.config.dmiPluginUserExternalSecret) . }}'
+    login: '{{ .Values.config.dmiPluginUserName }}'
+    password: '{{ .Values.config.dmiPluginUserPassword }}'
+    passwordPolicy: generate
 
 passwordStrengthOverride: basic
 global:
@@ -32,12 +39,14 @@
 
 config:
   coreUserName: cpsuser
+  dmiPluginUserName: dmiuser
 
 # Enable all CPS components by default
 cps-core:
   enabled: true
   config:
     appUserExternalSecret: *core-creds-secret
+    dmiPluginUserExternalSecret: *dmi-plugin-creds-secret
 
 cps-temporal:
   enabled: true
@@ -46,3 +55,4 @@
   enabled: true
   config:
     coreCredsExternalSecret: *core-creds-secret
+    appUserExternalSecret: *dmi-plugin-creds-secret