$IT_DEP_FOLDER/scripts/layer-0/0-setup-charts-museum.sh
$IT_DEP_FOLDER/scripts/layer-0/0-setup-helm3.sh
+git -C $IT_DEP_FOLDER submodule init
+git -C $IT_DEP_FOLDER submodule update
+# Some ORAN charts have onap dependencies (for AAF)
+$IT_DEP_FOLDER/scripts/sub-scripts/build-onap.sh
$IT_DEP_FOLDER/scripts/sub-scripts/build-oran.sh
ARG TGT=/tmp/it-dep
COPY . $TGT
+RUN ls -latr /tmp/it-dep
# Remove the smo-install as this one will be verified in another verify job
RUN $TGT/bin/verify-smo-install
-Subproject commit 865cde019d04f0d470c4a3064c5a0c619c25636b
+Subproject commit 50c285b56ae6198420ea3afcfe37086b8a4e9fcf
version: ~1.0.0
repository: "@local"
condition: nonrtric.installDmaapadapterservice
+
+ - name: cert-wrapper
+ version: ~9.x-0
+ repository: '@local'
+ condition: cert-wrapper.enabled
\ No newline at end of file
installCRDs: false
admin:
enabled: true
+cert-wrapper:
+ enabled: true
\ No newline at end of file
--- /dev/null
+# Copyright © 2021 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~9.x-0
+ repository: '@local'
+ - name: certInitializer
+ version: ~9.x-0
+ repository: '@local'
+ - name: repositoryGenerator
+ version: ~9.x-0
+ repository: '@local'
+ - name: serviceAccount
+ version: ~9.x-0
+ repository: '@local'
name: oru-app
release: {{ .Release.Name }}
chart: {{ .Chart.Name }}
- spec:
+ spec:
+ initContainers:
+ {{- if .Values.global.aafEnabled }}
+ {{ include "common.certInitializer.initContainer" . | indent 6 }}
+ {{- end }}
containers:
- name: {{ .Chart.Name }}
image: "{{ .Values.image.repository }}/{{ .Values.image.name}}:{{ .Values.image.tag }}"
tty: true
stdin: true
env:
- - name: CURL_CA_BUNDLE
- value: ''
+ - name: REQUESTS_CA_BUNDLE
+ value: "{{ .Values.conf.caCertificate }}"
envFrom:
- configMapRef:
name: oru-app-configmapenv
volumeMounts:
- - name: oru-app-config-volume
- subPath: o-ru-to-o-du-map.txt
- mountPath: /usr/src/app/o-ru-to-o-du-map.txt
+ {{- if .Values.global.aafEnabled }}
+ {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
+ {{- end }}
+ - name: oru-app-config-volume
+ subPath: o-ru-to-o-du-map.txt
+ mountPath: /usr/src/app/o-ru-to-o-du-map.txt
securityContext:
capabilities:
add:
- SYS_ADMIN
- SYS_PTRACE
- volumes:
- - name: oru-app-config-volume
- configMap:
- name: oru-app-configmap
- items:
- - key: o-ru-to-o-du-map.txt
- path: o-ru-to-o-du-map.txt
+ {{- if .Values.global.aafEnabled }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . ) }}
+ {{- end }}
+ volumes:
+ {{- if .Values.global.aafEnabled }}
+ {{ include "common.certInitializer.volumes" . | nindent 6 }}
+ {{- end }}
+ - name: oru-app-config-volume
+ configMap:
+ name: oru-app-configmap
+ items:
+ - key: o-ru-to-o-du-map.txt
+ path: o-ru-to-o-du-map.txt
tag: 1.0.0
pullPolicy: IfNotPresent
+global:
+ aafEnabled: true
+
service:
type: NodePort
ports:
port: 830
nodePort: 30835
+certInitializer:
+ readinessCheck:
+ namespace: "onap"
+ aaf_namespace: "onap"
+ nameOverride: oru-app-cert-initializer
+ fqdn: "sdnc"
+ app_ns: "org.osaaf.aaf"
+ fqi: "sdnc@sdnc.onap.org"
+ fqi_namespace: "org.onap.sdnc"
+ public_fqdn: "sdnc.onap.org"
+ aafDeployFqi: "deployer@people.osaaf.org"
+ aafDeployPass: demo123456!
+ cadi_latitude: "38.0"
+ cadi_longitude: "-72.0"
+ addconfig: true
+ credsPath: /opt/app/osaaf/local
+ aaf_add_config: >
+ cd /opt/app/osaaf/local;
+ mkdir -p certs;
+ export $(/opt/app/aaf_config/bin/agent.sh local showpass | grep '^c' | xargs -0);
+ keytool -exportcert -rfc -file certs/cacert.pem -keystore {{ .Values.fqi_namespace }}.trust.jks -alias ca_local_0 -storepass $cadi_truststore_password;
+ openssl pkcs12 -in {{ .Values.fqi_namespace }}.p12 -out certs/cert.pem -passin pass:$cadi_keystore_password_p12 -passout pass:$cadi_keystore_password_p12;
+ cp {{ .Values.fqi_namespace }}.key certs/key.pem;
+ chmod -R 755 certs;
+
simulators:
- simRu: o-ru-11221
simDu: o-du-1122
sdnrHost: https://sdnc.onap
sdnrPort: 8443
verbose: on
-
+ caCertificate: /opt/app/osaaf/local/certs/cacert.pem
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: oru-app
+ roles:
+ - read
\ No newline at end of file