From f3b630e5abe86c47c3e581cb5318f069334c55de Mon Sep 17 00:00:00 2001 From: Sergio Gimenez Date: Thu, 19 Feb 2026 17:46:18 +0100 Subject: [PATCH 1/8] fix: deploy federation manager under oop chart --- oop-platform-chart/values.yaml | 13 +++++++++++-- scripts/helm-deploy.sh | 11 ++--------- 2 files changed, 13 insertions(+), 11 deletions(-) diff --git a/oop-platform-chart/values.yaml b/oop-platform-chart/values.yaml index 5eb028f..b0444e4 100644 --- a/oop-platform-chart/values.yaml +++ b/oop-platform-chart/values.yaml @@ -139,12 +139,12 @@ oeg: federationManagerHost: "http://federation-manager:8989/api/v1" # ==================================================================== -# Federation Manager — OWN NAMESPACE +# Federation Manager — in OOP namespace # ==================================================================== federationManager: enabled: true global: - namespace: federation-manager + namespace: oop # --- MongoDB FOR FM (THIS WAS MISSING!) mongodb: @@ -153,6 +153,7 @@ federationManager: image: repository: mongo tag: latest + pullPolicy: IfNotPresent service: type: ClusterIP port: 27017 @@ -170,6 +171,8 @@ federationManager: admin: username: admin password: admin + image: + pullPolicy: IfNotPresent service: nodePort: "" @@ -183,6 +186,12 @@ federationManager: port: "27017" partner_op: role: originating_op + image: + pullPolicy: IfNotPresent + + federationManager: + image: + pullPolicy: IfNotPresent openvpn: enabled: false diff --git a/scripts/helm-deploy.sh b/scripts/helm-deploy.sh index 0582f8e..195ac37 100755 --- a/scripts/helm-deploy.sh +++ b/scripts/helm-deploy.sh @@ -12,7 +12,6 @@ REPO_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)" CHART_DIR="$REPO_ROOT/oop-platform-chart" OOP_NS="oop" -FM_NS="federation-manager" OOP_RELEASE="oop-platform" echo "OOP Platform — Helm Deploy" @@ -44,11 +43,7 @@ helm upgrade --install $OOP_RELEASE "$CHART_DIR" \ --create-namespace \ -f "$REPO_ROOT/environments/kind/values.yaml" \ --set srm.srmcontroller.env.kubernetesMasterToken="$TOKEN" \ - --set federationManager.enabled=false - -helm upgrade --install federation-manager "$CHART_DIR/charts/federation-manager" \ - -n $FM_NS \ - --create-namespace \ + --set federationManager.enabled=true \ -f "$REPO_ROOT/environments/kind/values.fm.yaml" echo "" @@ -66,9 +61,7 @@ echo " Federation Manager: http://localhost:30989" echo "" echo "Useful commands:" echo " kubectl get pods -n $OOP_NS" -echo " kubectl get pods -n $FM_NS" echo " kubectl logs -f deployment/srmcontroller -n $OOP_NS" -echo " helm uninstall $OOP_RELEASE -n $OOP_NS # Remove SRM + OEG" -echo " helm uninstall federation-manager -n $FM_NS # Remove Federation Manager" +echo " helm uninstall $OOP_RELEASE -n $OOP_NS # Remove all components" echo " kind delete cluster --name oop-cluster # Tear down cluster" echo "" -- GitLab From 5f2eb7e508ba81b0d106f3bf649e8afab61e7f97 Mon Sep 17 00:00:00 2001 From: Sergio Gimenez Date: Thu, 19 Feb 2026 17:46:23 +0100 Subject: [PATCH 2/8] fix: complete federation manager config defaults --- .../federation-manager-deployment.yaml | 2 +- .../templates/federation-manager-secret.yaml | 2 +- .../templates/mongodb-pv.yaml | 2 +- .../charts/federation-manager/values.yaml | 22 ++++++++++++++++++- 4 files changed, 24 insertions(+), 4 deletions(-) diff --git a/oop-platform-chart/charts/federation-manager/templates/federation-manager-deployment.yaml b/oop-platform-chart/charts/federation-manager/templates/federation-manager-deployment.yaml index f84be3b..681fd60 100644 --- a/oop-platform-chart/charts/federation-manager/templates/federation-manager-deployment.yaml +++ b/oop-platform-chart/charts/federation-manager/templates/federation-manager-deployment.yaml @@ -44,7 +44,7 @@ spec: - name: KC_IMPORT value: /opt/keycloak/data/import/realm-import.json ports: - - name: http + - name: keycloak-http containerPort: 8080 protocol: TCP volumeMounts: diff --git a/oop-platform-chart/charts/federation-manager/templates/federation-manager-secret.yaml b/oop-platform-chart/charts/federation-manager/templates/federation-manager-secret.yaml index 7eab9f9..2cee1c3 100644 --- a/oop-platform-chart/charts/federation-manager/templates/federation-manager-secret.yaml +++ b/oop-platform-chart/charts/federation-manager/templates/federation-manager-secret.yaml @@ -12,5 +12,5 @@ metadata: {{- end }} type: Opaque data: - config.cfg: {{ printf "[keycloak]\nclient1_id = %s\nclient1_secret = %s\nclient2_id = %s\nclient2_secret = %s\nscope = %s\n\n[server]\nhost = %s\nport = %s\nprefix = %s\nversion = %s\nprotocol = %s\n\n[mongodb]\nhost = %s\nport = %s\n\n[i2edge]\nhost = %s\nport = %s\n\n[op_data]\npartnerOPFederationId = %s\npartnerOPCountryCode = %s\npartnerOPMobileNetworkCode_MCC = %s\npartnerOPMobileNetworkCode_MNC = %s\npartnerOPFixedNetworkCode = %s\nplatformCaps = %s\nedgeDiscoveryServiceEndPoint_port = %s\nedgeDiscoveryServiceEndPoint_fqdn = %s\nedgeDiscoveryServiceEndPoint_ipv4Addresses = %s\nedgeDiscoveryServiceEndPoint_ipv6Addresses = %s\nlcmServiceEndPoint_port = %s\nlcmServiceEndPoint_fqdn = %s\nlcmServiceEndPoint_ipv4Addresses = %s\nlcmServiceEndPoint_ipv6Addresses = %s\n\n[partner_op]\npartner_op_host = %s\npartner_op_server = %s\npartner_op_port = %s\nrole = %s\n" .Values.federationManager.config.keycloak.client1_id .Values.federationManager.config.keycloak.client1_secret .Values.federationManager.config.keycloak.client2_id .Values.federationManager.config.keycloak.client2_secret .Values.federationManager.config.keycloak.scope .Values.federationManager.config.server.host .Values.federationManager.config.server.port .Values.federationManager.config.server.prefix .Values.federationManager.config.server.version .Values.federationManager.config.server.protocol .Values.federationManager.config.mongodb.host .Values.federationManager.config.mongodb.port .Values.federationManager.config.i2edge.host .Values.federationManager.config.i2edge.port .Values.federationManager.config.op_data.partnerOPFederationId .Values.federationManager.config.op_data.partnerOPCountryCode .Values.federationManager.config.op_data.partnerOPMobileNetworkCode_MCC .Values.federationManager.config.op_data.partnerOPMobileNetworkCode_MNC .Values.federationManager.config.op_data.partnerOPFixedNetworkCode .Values.federationManager.config.op_data.platformCaps .Values.federationManager.config.op_data.edgeDiscoveryServiceEndPoint_port .Values.federationManager.config.op_data.edgeDiscoveryServiceEndPoint_fqdn .Values.federationManager.config.op_data.edgeDiscoveryServiceEndPoint_ipv4Addresses .Values.federationManager.config.op_data.edgeDiscoveryServiceEndPoint_ipv6Addresses .Values.federationManager.config.op_data.lcmServiceEndPoint_port .Values.federationManager.config.op_data.lcmServiceEndPoint_fqdn .Values.federationManager.config.op_data.lcmServiceEndPoint_ipv4Addresses .Values.federationManager.config.op_data.lcmServiceEndPoint_ipv6Addresses .Values.federationManager.config.partner_op.host .Values.federationManager.config.partner_op.server .Values.federationManager.config.partner_op.port .Values.federationManager.config.partner_op.role | b64enc }} + config.cfg: {{ printf "[keycloak]\nclient1_id = %s\nclient1_secret = %s\nclient2_id = %s\nclient2_secret = %s\nscope = %s\nhost = %s\nport = %s\nrealm = %s\n\n[server]\nhost = %s\nport = %s\nprefix = %s\nversion = %s\nprotocol = %s\n\n[mongodb]\nhost = %s\nport = %s\n\n[i2edge]\nhost = %s\nport = %s\n\n[edge_cloud_platform]\nhost = %s\nport = %s\nclient_name = %s\nflavour_id = %s\n\n[artefact_manager]\nhost = %s\nport = %s\nenabled = %s\ndst_registry = %s\ndst_username = %s\ndst_password = %s\ndst_token = %s\n\n[op_data]\npartnerOPFederationId = %s\npartnerOPCountryCode = %s\npartnerOPMobileNetworkCode_MCC = %s\npartnerOPMobileNetworkCode_MNC = %s\npartnerOPFixedNetworkCode = %s\nplatformCaps = %s\nedgeDiscoveryServiceEndPoint_port = %s\nedgeDiscoveryServiceEndPoint_fqdn = %s\nedgeDiscoveryServiceEndPoint_ipv4Addresses = %s\nedgeDiscoveryServiceEndPoint_ipv6Addresses = %s\nlcmServiceEndPoint_port = %s\nlcmServiceEndPoint_fqdn = %s\nlcmServiceEndPoint_ipv4Addresses = %s\nlcmServiceEndPoint_ipv6Addresses = %s\n\n[partner_op]\npartner_op_host = %s\npartner_op_server = %s\npartner_op_port = %s\nrole = %s\n" .Values.federationManager.config.keycloak.client1_id .Values.federationManager.config.keycloak.client1_secret .Values.federationManager.config.keycloak.client2_id .Values.federationManager.config.keycloak.client2_secret .Values.federationManager.config.keycloak.scope .Values.federationManager.config.keycloak.host .Values.federationManager.config.keycloak.port .Values.federationManager.config.keycloak.realm .Values.federationManager.config.server.host .Values.federationManager.config.server.port .Values.federationManager.config.server.prefix .Values.federationManager.config.server.version .Values.federationManager.config.server.protocol .Values.federationManager.config.mongodb.host .Values.federationManager.config.mongodb.port .Values.federationManager.config.i2edge.host .Values.federationManager.config.i2edge.port .Values.federationManager.config.edgeCloudPlatform.host .Values.federationManager.config.edgeCloudPlatform.port .Values.federationManager.config.edgeCloudPlatform.client_name .Values.federationManager.config.edgeCloudPlatform.flavour_id .Values.federationManager.config.artefactManager.host .Values.federationManager.config.artefactManager.port .Values.federationManager.config.artefactManager.enabled .Values.federationManager.config.artefactManager.dst_registry .Values.federationManager.config.artefactManager.dst_username .Values.federationManager.config.artefactManager.dst_password .Values.federationManager.config.artefactManager.dst_token .Values.federationManager.config.op_data.partnerOPFederationId .Values.federationManager.config.op_data.partnerOPCountryCode .Values.federationManager.config.op_data.partnerOPMobileNetworkCode_MCC .Values.federationManager.config.op_data.partnerOPMobileNetworkCode_MNC .Values.federationManager.config.op_data.partnerOPFixedNetworkCode .Values.federationManager.config.op_data.platformCaps .Values.federationManager.config.op_data.edgeDiscoveryServiceEndPoint_port .Values.federationManager.config.op_data.edgeDiscoveryServiceEndPoint_fqdn .Values.federationManager.config.op_data.edgeDiscoveryServiceEndPoint_ipv4Addresses .Values.federationManager.config.op_data.edgeDiscoveryServiceEndPoint_ipv6Addresses .Values.federationManager.config.op_data.lcmServiceEndPoint_port .Values.federationManager.config.op_data.lcmServiceEndPoint_fqdn .Values.federationManager.config.op_data.lcmServiceEndPoint_ipv4Addresses .Values.federationManager.config.op_data.lcmServiceEndPoint_ipv6Addresses .Values.federationManager.config.partner_op.partner_op_host .Values.federationManager.config.partner_op.partner_op_server .Values.federationManager.config.partner_op.partner_op_port .Values.federationManager.config.partner_op.role | b64enc }} {{- end }} diff --git a/oop-platform-chart/charts/federation-manager/templates/mongodb-pv.yaml b/oop-platform-chart/charts/federation-manager/templates/mongodb-pv.yaml index 6ebc6b7..be32604 100644 --- a/oop-platform-chart/charts/federation-manager/templates/mongodb-pv.yaml +++ b/oop-platform-chart/charts/federation-manager/templates/mongodb-pv.yaml @@ -13,6 +13,6 @@ spec: persistentVolumeReclaimPolicy: Retain storageClassName: {{ .Values.mongodb.persistence.storageClass | default "mongodb-fm-storage" }} hostPath: - path: {{ .Values.mongodb.persistence.hostPath | default "/mnt/data/mongodb_fm" }} + path: {{ default "/mnt/data/mongodb_fm" .Values.mongodb.persistence.hostPath.path }} type: DirectoryOrCreate {{- end }} diff --git a/oop-platform-chart/charts/federation-manager/values.yaml b/oop-platform-chart/charts/federation-manager/values.yaml index 87fd831..0142fff 100644 --- a/oop-platform-chart/charts/federation-manager/values.yaml +++ b/oop-platform-chart/charts/federation-manager/values.yaml @@ -95,7 +95,9 @@ mongodb: accessMode: ReadWriteOnce size: 1Gi storageClass: "mongodb-fm-storage" - hostPath: /mnt/data/mongodb_fm + hostPath: + enabled: true + path: /mnt/data/mongodb_fm resources: limits: @@ -140,6 +142,9 @@ federationManager: client2_id: "originating-op-2" client2_secret: "2mhznERfWclLDuVojY77Lp4Qd2r4e8Ms" scope: "fed-mgmt" + host: "keycloak" + port: "8080" + realm: "federation" server: host: "127.0.0.1" @@ -157,6 +162,21 @@ federationManager: host: "192.168.123.237" port: "30760" + edgeCloudPlatform: + host: "127.0.0.1" + port: "30499" + client_name: "federation-manager" + flavour_id: "flavour1" + + artefactManager: + host: "127.0.0.1" + port: "30499" + enabled: "true" + dst_registry: "" + dst_username: "" + dst_password: "" + dst_token: "" + op_data: partnerOPFederationId: "i2cat" partnerOPCountryCode: "ES" -- GitLab From f7a21eb5ce84e1f929b7b12475ae2c42b17a8161 Mon Sep 17 00:00:00 2001 From: Sergio Gimenez Date: Thu, 19 Feb 2026 17:46:29 +0100 Subject: [PATCH 3/8] chore: align kind overrides for local helm deploy --- environments/kind/values.fm.yaml | 38 +++++++++++++++++++++----------- environments/kind/values.yaml | 16 +++++++++++++- 2 files changed, 40 insertions(+), 14 deletions(-) diff --git a/environments/kind/values.fm.yaml b/environments/kind/values.fm.yaml index 189cde6..ad6e1dc 100644 --- a/environments/kind/values.fm.yaml +++ b/environments/kind/values.fm.yaml @@ -3,23 +3,35 @@ # ==================================================================== # Used by deploy-on-kind.sh: # helm install federation-manager ./oop-platform-chart/charts/federation-manager \ -# -f values.fm.kind.yaml +# -f environments/kind/values.fm.yaml # # Note: keys are at root level because this targets the subchart directly, # not through the umbrella chart (where they would be under federationManager:). # ==================================================================== -mongodb: - persistence: - storageClass: manual - hostPath: /mnt/data/mongodb_fm +federation-manager: + global: + namespace: oop -keycloak: - service: - type: NodePort - nodePort: 30081 + mongodb: + persistence: + storageClass: manual + hostPath: + enabled: true + path: /mnt/data/mongodb_fm + image: + pullPolicy: IfNotPresent -federationManager: - service: - type: NodePort - nodePort: 30989 + keycloak: + service: + type: NodePort + nodePort: 30081 + image: + pullPolicy: IfNotPresent + + federationManager: + service: + type: NodePort + nodePort: 30989 + image: + pullPolicy: IfNotPresent diff --git a/environments/kind/values.yaml b/environments/kind/values.yaml index 20920ea..059338f 100644 --- a/environments/kind/values.yaml +++ b/environments/kind/values.yaml @@ -2,7 +2,7 @@ # Kind-specific overrides for the OOP umbrella chart (SRM + OEG) # ==================================================================== # Used by deploy-on-kind.sh: -# helm install oop-platform ./oop-platform-chart -f values.kind.yaml +# helm install oop-platform ./oop-platform-chart -f environments/kind/values.yaml # # For other environments supply your own values file. # ==================================================================== @@ -15,14 +15,24 @@ srm: enabled: true path: /mnt/data/mongodb_srm createPV: true + image: + pullPolicy: IfNotPresent srmcontroller: service: type: NodePort nodePort: 32415 + image: + pullPolicy: IfNotPresent + env: + networkAdapterName: open5gs + networkAdapterBaseUrl: http://open5gs-webui:3000 + scsAsId: "" artifactManager: service: type: NodePort nodePort: 30080 + image: + pullPolicy: IfNotPresent oeg: mongodb: @@ -32,7 +42,11 @@ oeg: enabled: true path: /mnt/data/mongodb_oeg createPV: true + image: + pullPolicy: IfNotPresent oegcontroller: service: type: NodePort nodePort: 32263 + image: + pullPolicy: IfNotPresent -- GitLab From ea2e54a371e70409dcdd6f45079f3c35c5cb440d Mon Sep 17 00:00:00 2001 From: Sergio Gimenez Date: Thu, 19 Feb 2026 18:02:53 +0100 Subject: [PATCH 4/8] fix: populate partner op config for kind --- environments/kind/values.fm.yaml | 19 ++++++++++++------- .../templates/federation-manager-secret.yaml | 2 +- 2 files changed, 13 insertions(+), 8 deletions(-) diff --git a/environments/kind/values.fm.yaml b/environments/kind/values.fm.yaml index ad6e1dc..36983a7 100644 --- a/environments/kind/values.fm.yaml +++ b/environments/kind/values.fm.yaml @@ -13,6 +13,18 @@ federation-manager: global: namespace: oop + federationManager: + config: + partner_op: + host: "127.0.0.1" + server: "/operatorplatform/federation/v1" + port: "8992" + service: + type: NodePort + nodePort: 30989 + image: + pullPolicy: IfNotPresent + mongodb: persistence: storageClass: manual @@ -28,10 +40,3 @@ federation-manager: nodePort: 30081 image: pullPolicy: IfNotPresent - - federationManager: - service: - type: NodePort - nodePort: 30989 - image: - pullPolicy: IfNotPresent diff --git a/oop-platform-chart/charts/federation-manager/templates/federation-manager-secret.yaml b/oop-platform-chart/charts/federation-manager/templates/federation-manager-secret.yaml index 2cee1c3..1830d60 100644 --- a/oop-platform-chart/charts/federation-manager/templates/federation-manager-secret.yaml +++ b/oop-platform-chart/charts/federation-manager/templates/federation-manager-secret.yaml @@ -12,5 +12,5 @@ metadata: {{- end }} type: Opaque data: - config.cfg: {{ printf "[keycloak]\nclient1_id = %s\nclient1_secret = %s\nclient2_id = %s\nclient2_secret = %s\nscope = %s\nhost = %s\nport = %s\nrealm = %s\n\n[server]\nhost = %s\nport = %s\nprefix = %s\nversion = %s\nprotocol = %s\n\n[mongodb]\nhost = %s\nport = %s\n\n[i2edge]\nhost = %s\nport = %s\n\n[edge_cloud_platform]\nhost = %s\nport = %s\nclient_name = %s\nflavour_id = %s\n\n[artefact_manager]\nhost = %s\nport = %s\nenabled = %s\ndst_registry = %s\ndst_username = %s\ndst_password = %s\ndst_token = %s\n\n[op_data]\npartnerOPFederationId = %s\npartnerOPCountryCode = %s\npartnerOPMobileNetworkCode_MCC = %s\npartnerOPMobileNetworkCode_MNC = %s\npartnerOPFixedNetworkCode = %s\nplatformCaps = %s\nedgeDiscoveryServiceEndPoint_port = %s\nedgeDiscoveryServiceEndPoint_fqdn = %s\nedgeDiscoveryServiceEndPoint_ipv4Addresses = %s\nedgeDiscoveryServiceEndPoint_ipv6Addresses = %s\nlcmServiceEndPoint_port = %s\nlcmServiceEndPoint_fqdn = %s\nlcmServiceEndPoint_ipv4Addresses = %s\nlcmServiceEndPoint_ipv6Addresses = %s\n\n[partner_op]\npartner_op_host = %s\npartner_op_server = %s\npartner_op_port = %s\nrole = %s\n" .Values.federationManager.config.keycloak.client1_id .Values.federationManager.config.keycloak.client1_secret .Values.federationManager.config.keycloak.client2_id .Values.federationManager.config.keycloak.client2_secret .Values.federationManager.config.keycloak.scope .Values.federationManager.config.keycloak.host .Values.federationManager.config.keycloak.port .Values.federationManager.config.keycloak.realm .Values.federationManager.config.server.host .Values.federationManager.config.server.port .Values.federationManager.config.server.prefix .Values.federationManager.config.server.version .Values.federationManager.config.server.protocol .Values.federationManager.config.mongodb.host .Values.federationManager.config.mongodb.port .Values.federationManager.config.i2edge.host .Values.federationManager.config.i2edge.port .Values.federationManager.config.edgeCloudPlatform.host .Values.federationManager.config.edgeCloudPlatform.port .Values.federationManager.config.edgeCloudPlatform.client_name .Values.federationManager.config.edgeCloudPlatform.flavour_id .Values.federationManager.config.artefactManager.host .Values.federationManager.config.artefactManager.port .Values.federationManager.config.artefactManager.enabled .Values.federationManager.config.artefactManager.dst_registry .Values.federationManager.config.artefactManager.dst_username .Values.federationManager.config.artefactManager.dst_password .Values.federationManager.config.artefactManager.dst_token .Values.federationManager.config.op_data.partnerOPFederationId .Values.federationManager.config.op_data.partnerOPCountryCode .Values.federationManager.config.op_data.partnerOPMobileNetworkCode_MCC .Values.federationManager.config.op_data.partnerOPMobileNetworkCode_MNC .Values.federationManager.config.op_data.partnerOPFixedNetworkCode .Values.federationManager.config.op_data.platformCaps .Values.federationManager.config.op_data.edgeDiscoveryServiceEndPoint_port .Values.federationManager.config.op_data.edgeDiscoveryServiceEndPoint_fqdn .Values.federationManager.config.op_data.edgeDiscoveryServiceEndPoint_ipv4Addresses .Values.federationManager.config.op_data.edgeDiscoveryServiceEndPoint_ipv6Addresses .Values.federationManager.config.op_data.lcmServiceEndPoint_port .Values.federationManager.config.op_data.lcmServiceEndPoint_fqdn .Values.federationManager.config.op_data.lcmServiceEndPoint_ipv4Addresses .Values.federationManager.config.op_data.lcmServiceEndPoint_ipv6Addresses .Values.federationManager.config.partner_op.partner_op_host .Values.federationManager.config.partner_op.partner_op_server .Values.federationManager.config.partner_op.partner_op_port .Values.federationManager.config.partner_op.role | b64enc }} + config.cfg: {{ printf "[keycloak]\nclient1_id = %s\nclient1_secret = %s\nclient2_id = %s\nclient2_secret = %s\nscope = %s\nhost = %s\nport = %s\nrealm = %s\n\n[server]\nhost = %s\nport = %s\nprefix = %s\nversion = %s\nprotocol = %s\n\n[mongodb]\nhost = %s\nport = %s\n\n[i2edge]\nhost = %s\nport = %s\n\n[edge_cloud_platform]\nhost = %s\nport = %s\nclient_name = %s\nflavour_id = %s\n\n[artefact_manager]\nhost = %s\nport = %s\nenabled = %s\ndst_registry = %s\ndst_username = %s\ndst_password = %s\ndst_token = %s\n\n[op_data]\npartnerOPFederationId = %s\npartnerOPCountryCode = %s\npartnerOPMobileNetworkCode_MCC = %s\npartnerOPMobileNetworkCode_MNC = %s\npartnerOPFixedNetworkCode = %s\nplatformCaps = %s\nedgeDiscoveryServiceEndPoint_port = %s\nedgeDiscoveryServiceEndPoint_fqdn = %s\nedgeDiscoveryServiceEndPoint_ipv4Addresses = %s\nedgeDiscoveryServiceEndPoint_ipv6Addresses = %s\nlcmServiceEndPoint_port = %s\nlcmServiceEndPoint_fqdn = %s\nlcmServiceEndPoint_ipv4Addresses = %s\nlcmServiceEndPoint_ipv6Addresses = %s\n\n[partner_op]\npartner_op_host = %s\npartner_op_server = %s\npartner_op_port = %s\nrole = %s\n" .Values.federationManager.config.keycloak.client1_id .Values.federationManager.config.keycloak.client1_secret .Values.federationManager.config.keycloak.client2_id .Values.federationManager.config.keycloak.client2_secret .Values.federationManager.config.keycloak.scope .Values.federationManager.config.keycloak.host .Values.federationManager.config.keycloak.port .Values.federationManager.config.keycloak.realm .Values.federationManager.config.server.host .Values.federationManager.config.server.port .Values.federationManager.config.server.prefix .Values.federationManager.config.server.version .Values.federationManager.config.server.protocol .Values.federationManager.config.mongodb.host .Values.federationManager.config.mongodb.port .Values.federationManager.config.i2edge.host .Values.federationManager.config.i2edge.port .Values.federationManager.config.edgeCloudPlatform.host .Values.federationManager.config.edgeCloudPlatform.port .Values.federationManager.config.edgeCloudPlatform.client_name .Values.federationManager.config.edgeCloudPlatform.flavour_id .Values.federationManager.config.artefactManager.host .Values.federationManager.config.artefactManager.port .Values.federationManager.config.artefactManager.enabled .Values.federationManager.config.artefactManager.dst_registry .Values.federationManager.config.artefactManager.dst_username .Values.federationManager.config.artefactManager.dst_password .Values.federationManager.config.artefactManager.dst_token .Values.federationManager.config.op_data.partnerOPFederationId .Values.federationManager.config.op_data.partnerOPCountryCode .Values.federationManager.config.op_data.partnerOPMobileNetworkCode_MCC .Values.federationManager.config.op_data.partnerOPMobileNetworkCode_MNC .Values.federationManager.config.op_data.partnerOPFixedNetworkCode .Values.federationManager.config.op_data.platformCaps .Values.federationManager.config.op_data.edgeDiscoveryServiceEndPoint_port .Values.federationManager.config.op_data.edgeDiscoveryServiceEndPoint_fqdn .Values.federationManager.config.op_data.edgeDiscoveryServiceEndPoint_ipv4Addresses .Values.federationManager.config.op_data.edgeDiscoveryServiceEndPoint_ipv6Addresses .Values.federationManager.config.op_data.lcmServiceEndPoint_port .Values.federationManager.config.op_data.lcmServiceEndPoint_fqdn .Values.federationManager.config.op_data.lcmServiceEndPoint_ipv4Addresses .Values.federationManager.config.op_data.lcmServiceEndPoint_ipv6Addresses .Values.federationManager.config.partner_op.host .Values.federationManager.config.partner_op.server .Values.federationManager.config.partner_op.port .Values.federationManager.config.partner_op.role | b64enc }} {{- end }} -- GitLab From 48f1188c4a03809f1f10a9f29db65b5db9ef2ba3 Mon Sep 17 00:00:00 2001 From: Sergio Gimenez Date: Tue, 24 Feb 2026 09:57:28 +0100 Subject: [PATCH 5/8] fix: split federation manager config into configmap+secret --- .../federation-manager-configmap.yaml | 76 +++++++++++++++++++ .../federation-manager-deployment.yaml | 42 +++++++++- .../templates/federation-manager-secret.yaml | 5 +- 3 files changed, 118 insertions(+), 5 deletions(-) create mode 100644 oop-platform-chart/charts/federation-manager/templates/federation-manager-configmap.yaml diff --git a/oop-platform-chart/charts/federation-manager/templates/federation-manager-configmap.yaml b/oop-platform-chart/charts/federation-manager/templates/federation-manager-configmap.yaml new file mode 100644 index 0000000..f0e2e54 --- /dev/null +++ b/oop-platform-chart/charts/federation-manager/templates/federation-manager-configmap.yaml @@ -0,0 +1,76 @@ +{{- if .Values.federationManager.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: federation-manager-config + namespace: {{ include "federation-manager.namespace" . }} + labels: + {{- include "federation-manager.fm.labels" . | nindent 4 }} + {{- with .Values.commonAnnotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +data: + config.cfg: | + [keycloak] + client1_id = {{ .Values.federationManager.config.keycloak.client1_id }} + client1_secret = ${CLIENT1_SECRET} + client2_id = {{ .Values.federationManager.config.keycloak.client2_id }} + client2_secret = ${CLIENT2_SECRET} + scope = {{ .Values.federationManager.config.keycloak.scope }} + host = {{ .Values.federationManager.config.keycloak.host }} + port = {{ .Values.federationManager.config.keycloak.port }} + realm = {{ .Values.federationManager.config.keycloak.realm }} + + [server] + host = {{ .Values.federationManager.config.server.host }} + port = {{ .Values.federationManager.config.server.port }} + prefix = {{ .Values.federationManager.config.server.prefix }} + version = {{ .Values.federationManager.config.server.version }} + protocol = {{ .Values.federationManager.config.server.protocol }} + + [mongodb] + host = {{ .Values.federationManager.config.mongodb.host }} + port = {{ .Values.federationManager.config.mongodb.port }} + + [i2edge] + host = {{ .Values.federationManager.config.i2edge.host }} + port = {{ .Values.federationManager.config.i2edge.port }} + + [edge_cloud_platform] + host = {{ .Values.federationManager.config.edgeCloudPlatform.host }} + port = {{ .Values.federationManager.config.edgeCloudPlatform.port }} + client_name = {{ .Values.federationManager.config.edgeCloudPlatform.client_name }} + flavour_id = {{ .Values.federationManager.config.edgeCloudPlatform.flavour_id }} + + [artefact_manager] + host = {{ .Values.federationManager.config.artefactManager.host }} + port = {{ .Values.federationManager.config.artefactManager.port }} + enabled = {{ .Values.federationManager.config.artefactManager.enabled }} + dst_registry = {{ .Values.federationManager.config.artefactManager.dst_registry }} + dst_username = {{ .Values.federationManager.config.artefactManager.dst_username }} + dst_password = {{ .Values.federationManager.config.artefactManager.dst_password }} + dst_token = {{ .Values.federationManager.config.artefactManager.dst_token }} + + [op_data] + partnerOPFederationId = {{ .Values.federationManager.config.op_data.partnerOPFederationId }} + partnerOPCountryCode = {{ .Values.federationManager.config.op_data.partnerOPCountryCode }} + partnerOPMobileNetworkCode_MCC = {{ .Values.federationManager.config.op_data.partnerOPMobileNetworkCode_MCC }} + partnerOPMobileNetworkCode_MNC = {{ .Values.federationManager.config.op_data.partnerOPMobileNetworkCode_MNC }} + partnerOPFixedNetworkCode = {{ .Values.federationManager.config.op_data.partnerOPFixedNetworkCode }} + platformCaps = {{ .Values.federationManager.config.op_data.platformCaps }} + edgeDiscoveryServiceEndPoint_port = {{ .Values.federationManager.config.op_data.edgeDiscoveryServiceEndPoint_port }} + edgeDiscoveryServiceEndPoint_fqdn = {{ .Values.federationManager.config.op_data.edgeDiscoveryServiceEndPoint_fqdn }} + edgeDiscoveryServiceEndPoint_ipv4Addresses = {{ .Values.federationManager.config.op_data.edgeDiscoveryServiceEndPoint_ipv4Addresses }} + edgeDiscoveryServiceEndPoint_ipv6Addresses = {{ .Values.federationManager.config.op_data.edgeDiscoveryServiceEndPoint_ipv6Addresses }} + lcmServiceEndPoint_port = {{ .Values.federationManager.config.op_data.lcmServiceEndPoint_port }} + lcmServiceEndPoint_fqdn = {{ .Values.federationManager.config.op_data.lcmServiceEndPoint_fqdn }} + lcmServiceEndPoint_ipv4Addresses = {{ .Values.federationManager.config.op_data.lcmServiceEndPoint_ipv4Addresses }} + lcmServiceEndPoint_ipv6Addresses = {{ .Values.federationManager.config.op_data.lcmServiceEndPoint_ipv6Addresses }} + + [partner_op] + partner_op_host = {{ .Values.federationManager.config.partner_op.host }} + partner_op_server = {{ .Values.federationManager.config.partner_op.server }} + partner_op_port = {{ .Values.federationManager.config.partner_op.port }} + role = {{ .Values.federationManager.config.partner_op.role }} +{{- end }} diff --git a/oop-platform-chart/charts/federation-manager/templates/federation-manager-deployment.yaml b/oop-platform-chart/charts/federation-manager/templates/federation-manager-deployment.yaml index 681fd60..3047327 100644 --- a/oop-platform-chart/charts/federation-manager/templates/federation-manager-deployment.yaml +++ b/oop-platform-chart/charts/federation-manager/templates/federation-manager-deployment.yaml @@ -25,6 +25,35 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} + initContainers: + - name: config-merge + image: alpine:3.20 + imagePullPolicy: IfNotPresent + command: + - /bin/sh + - -c + args: + - | + apk add --no-cache gettext \ + && envsubst < /configmap/config.cfg > /work/config.cfg + env: + - name: CLIENT1_SECRET + valueFrom: + secretKeyRef: + name: federation-manager-secrets + key: client1_secret + - name: CLIENT2_SECRET + valueFrom: + secretKeyRef: + name: federation-manager-secrets + key: client2_secret + volumeMounts: + - name: configmap + mountPath: /configmap + readOnly: true + - name: config + mountPath: /work + containers: ##################################################################### @@ -63,7 +92,7 @@ spec: protocol: TCP volumeMounts: - name: config - readOnly: false + readOnly: true mountPath: /usr/app/src/conf/ resources: {{- toYaml .Values.federationManager.resources | nindent 12 }} @@ -119,10 +148,17 @@ spec: # VOLUME DEFINITIONS ####################################################################### volumes: - # Mount federation-manager config.yml - name: config + emptyDir: {} + + - name: configmap + configMap: + name: federation-manager-config + defaultMode: 420 + + - name: secrets secret: - secretName: federation-manager-config + secretName: federation-manager-secrets defaultMode: 420 # Keycloak realm import ConfigMap diff --git a/oop-platform-chart/charts/federation-manager/templates/federation-manager-secret.yaml b/oop-platform-chart/charts/federation-manager/templates/federation-manager-secret.yaml index 1830d60..fd2c2e4 100644 --- a/oop-platform-chart/charts/federation-manager/templates/federation-manager-secret.yaml +++ b/oop-platform-chart/charts/federation-manager/templates/federation-manager-secret.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: - name: federation-manager-config + name: federation-manager-secrets namespace: {{ include "federation-manager.namespace" . }} labels: {{- include "federation-manager.fm.labels" . | nindent 4 }} @@ -12,5 +12,6 @@ metadata: {{- end }} type: Opaque data: - config.cfg: {{ printf "[keycloak]\nclient1_id = %s\nclient1_secret = %s\nclient2_id = %s\nclient2_secret = %s\nscope = %s\nhost = %s\nport = %s\nrealm = %s\n\n[server]\nhost = %s\nport = %s\nprefix = %s\nversion = %s\nprotocol = %s\n\n[mongodb]\nhost = %s\nport = %s\n\n[i2edge]\nhost = %s\nport = %s\n\n[edge_cloud_platform]\nhost = %s\nport = %s\nclient_name = %s\nflavour_id = %s\n\n[artefact_manager]\nhost = %s\nport = %s\nenabled = %s\ndst_registry = %s\ndst_username = %s\ndst_password = %s\ndst_token = %s\n\n[op_data]\npartnerOPFederationId = %s\npartnerOPCountryCode = %s\npartnerOPMobileNetworkCode_MCC = %s\npartnerOPMobileNetworkCode_MNC = %s\npartnerOPFixedNetworkCode = %s\nplatformCaps = %s\nedgeDiscoveryServiceEndPoint_port = %s\nedgeDiscoveryServiceEndPoint_fqdn = %s\nedgeDiscoveryServiceEndPoint_ipv4Addresses = %s\nedgeDiscoveryServiceEndPoint_ipv6Addresses = %s\nlcmServiceEndPoint_port = %s\nlcmServiceEndPoint_fqdn = %s\nlcmServiceEndPoint_ipv4Addresses = %s\nlcmServiceEndPoint_ipv6Addresses = %s\n\n[partner_op]\npartner_op_host = %s\npartner_op_server = %s\npartner_op_port = %s\nrole = %s\n" .Values.federationManager.config.keycloak.client1_id .Values.federationManager.config.keycloak.client1_secret .Values.federationManager.config.keycloak.client2_id .Values.federationManager.config.keycloak.client2_secret .Values.federationManager.config.keycloak.scope .Values.federationManager.config.keycloak.host .Values.federationManager.config.keycloak.port .Values.federationManager.config.keycloak.realm .Values.federationManager.config.server.host .Values.federationManager.config.server.port .Values.federationManager.config.server.prefix .Values.federationManager.config.server.version .Values.federationManager.config.server.protocol .Values.federationManager.config.mongodb.host .Values.federationManager.config.mongodb.port .Values.federationManager.config.i2edge.host .Values.federationManager.config.i2edge.port .Values.federationManager.config.edgeCloudPlatform.host .Values.federationManager.config.edgeCloudPlatform.port .Values.federationManager.config.edgeCloudPlatform.client_name .Values.federationManager.config.edgeCloudPlatform.flavour_id .Values.federationManager.config.artefactManager.host .Values.federationManager.config.artefactManager.port .Values.federationManager.config.artefactManager.enabled .Values.federationManager.config.artefactManager.dst_registry .Values.federationManager.config.artefactManager.dst_username .Values.federationManager.config.artefactManager.dst_password .Values.federationManager.config.artefactManager.dst_token .Values.federationManager.config.op_data.partnerOPFederationId .Values.federationManager.config.op_data.partnerOPCountryCode .Values.federationManager.config.op_data.partnerOPMobileNetworkCode_MCC .Values.federationManager.config.op_data.partnerOPMobileNetworkCode_MNC .Values.federationManager.config.op_data.partnerOPFixedNetworkCode .Values.federationManager.config.op_data.platformCaps .Values.federationManager.config.op_data.edgeDiscoveryServiceEndPoint_port .Values.federationManager.config.op_data.edgeDiscoveryServiceEndPoint_fqdn .Values.federationManager.config.op_data.edgeDiscoveryServiceEndPoint_ipv4Addresses .Values.federationManager.config.op_data.edgeDiscoveryServiceEndPoint_ipv6Addresses .Values.federationManager.config.op_data.lcmServiceEndPoint_port .Values.federationManager.config.op_data.lcmServiceEndPoint_fqdn .Values.federationManager.config.op_data.lcmServiceEndPoint_ipv4Addresses .Values.federationManager.config.op_data.lcmServiceEndPoint_ipv6Addresses .Values.federationManager.config.partner_op.host .Values.federationManager.config.partner_op.server .Values.federationManager.config.partner_op.port .Values.federationManager.config.partner_op.role | b64enc }} + client1_secret: {{ .Values.federationManager.config.keycloak.client1_secret | b64enc }} + client2_secret: {{ .Values.federationManager.config.keycloak.client2_secret | b64enc }} {{- end }} -- GitLab From e14045d134c077e5f45fd570681933f1b0601ab7 Mon Sep 17 00:00:00 2001 From: Sergio Gimenez Date: Tue, 24 Feb 2026 09:59:05 +0100 Subject: [PATCH 6/8] chore: fold kind federation manager overrides into main values --- environments/kind/values.fm.yaml | 42 -------------------------------- environments/kind/values.yaml | 29 ++++++++++++++++++++++ 2 files changed, 29 insertions(+), 42 deletions(-) delete mode 100644 environments/kind/values.fm.yaml diff --git a/environments/kind/values.fm.yaml b/environments/kind/values.fm.yaml deleted file mode 100644 index 36983a7..0000000 --- a/environments/kind/values.fm.yaml +++ /dev/null @@ -1,42 +0,0 @@ -# ==================================================================== -# Kind-specific overrides for the Federation Manager subchart -# ==================================================================== -# Used by deploy-on-kind.sh: -# helm install federation-manager ./oop-platform-chart/charts/federation-manager \ -# -f environments/kind/values.fm.yaml -# -# Note: keys are at root level because this targets the subchart directly, -# not through the umbrella chart (where they would be under federationManager:). -# ==================================================================== - -federation-manager: - global: - namespace: oop - - federationManager: - config: - partner_op: - host: "127.0.0.1" - server: "/operatorplatform/federation/v1" - port: "8992" - service: - type: NodePort - nodePort: 30989 - image: - pullPolicy: IfNotPresent - - mongodb: - persistence: - storageClass: manual - hostPath: - enabled: true - path: /mnt/data/mongodb_fm - image: - pullPolicy: IfNotPresent - - keycloak: - service: - type: NodePort - nodePort: 30081 - image: - pullPolicy: IfNotPresent diff --git a/environments/kind/values.yaml b/environments/kind/values.yaml index 059338f..fbaea64 100644 --- a/environments/kind/values.yaml +++ b/environments/kind/values.yaml @@ -50,3 +50,32 @@ oeg: nodePort: 32263 image: pullPolicy: IfNotPresent + +federationManager: + federationManager: + config: + partner_op: + host: "127.0.0.1" + server: "/operatorplatform/federation/v1" + port: "8992" + service: + type: NodePort + nodePort: 30989 + image: + pullPolicy: IfNotPresent + + mongodb: + persistence: + storageClass: manual + hostPath: + enabled: true + path: /mnt/data/mongodb_fm + image: + pullPolicy: IfNotPresent + + keycloak: + service: + type: NodePort + nodePort: 30081 + image: + pullPolicy: IfNotPresent -- GitLab From dbbd53302b4e91258097144f58b9c320bc111788 Mon Sep 17 00:00:00 2001 From: Sergio Gimenez Date: Tue, 24 Feb 2026 10:03:17 +0100 Subject: [PATCH 7/8] chore: drop kind fm values file reference --- scripts/helm-deploy.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/scripts/helm-deploy.sh b/scripts/helm-deploy.sh index 195ac37..2d43f5d 100755 --- a/scripts/helm-deploy.sh +++ b/scripts/helm-deploy.sh @@ -43,8 +43,7 @@ helm upgrade --install $OOP_RELEASE "$CHART_DIR" \ --create-namespace \ -f "$REPO_ROOT/environments/kind/values.yaml" \ --set srm.srmcontroller.env.kubernetesMasterToken="$TOKEN" \ - --set federationManager.enabled=true \ - -f "$REPO_ROOT/environments/kind/values.fm.yaml" + --set federationManager.enabled=true echo "" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" -- GitLab From bd61e3346d3c3cffa28c36bd07b625f92006e662 Mon Sep 17 00:00:00 2001 From: dimi Date: Tue, 24 Feb 2026 20:43:08 +0000 Subject: [PATCH 8/8] fix: use busybox image and sed for federation-manager init container --- .../templates/federation-manager-deployment.yaml | 6 +++--- scripts/kind-bootstrap.sh | 1 - 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/oop-platform-chart/charts/federation-manager/templates/federation-manager-deployment.yaml b/oop-platform-chart/charts/federation-manager/templates/federation-manager-deployment.yaml index 3047327..8eaa711 100644 --- a/oop-platform-chart/charts/federation-manager/templates/federation-manager-deployment.yaml +++ b/oop-platform-chart/charts/federation-manager/templates/federation-manager-deployment.yaml @@ -27,15 +27,15 @@ spec: initContainers: - name: config-merge - image: alpine:3.20 + image: busybox:stable imagePullPolicy: IfNotPresent command: - /bin/sh - -c args: - | - apk add --no-cache gettext \ - && envsubst < /configmap/config.cfg > /work/config.cfg + sed "s|\${CLIENT1_SECRET}|$CLIENT1_SECRET|g; s|\${CLIENT2_SECRET}|$CLIENT2_SECRET|g" \ + /configmap/config.cfg > /work/config.cfg env: - name: CLIENT1_SECRET valueFrom: diff --git a/scripts/kind-bootstrap.sh b/scripts/kind-bootstrap.sh index dcabbd9..72f5743 100755 --- a/scripts/kind-bootstrap.sh +++ b/scripts/kind-bootstrap.sh @@ -69,7 +69,6 @@ echo "Step 4/4: Waiting for cluster and setting up namespaces + RBAC..." kubectl wait --for=condition=Ready nodes --all --timeout=120s kubectl create namespace $OOP_NS 2>/dev/null || echo " Namespace $OOP_NS already exists" -kubectl create namespace $FM_NS 2>/dev/null || echo " Namespace $FM_NS already exists" kubectl create serviceaccount oop-user -n $OOP_NS 2>/dev/null || echo " Service account already exists" kubectl create clusterrolebinding oop-user-binding \ -- GitLab