From 97d2d77ce5be4a3590d691edfb55ff0a11293bdc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Capucho?= Date: Mon, 28 Jul 2025 18:52:34 +0100 Subject: [PATCH 01/22] fix: Set artemis user and password in the deployment The oscreds.activemq credentials were being correctly set in the consumer services but not in the artemis broker itself. This results in the services using the wrong credentials and the broker always using the default username + password combination. This commit fixes it by defining the relevant environment variables in the deployment. --- kubernetes/helm/openslice/templates/artemis.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/kubernetes/helm/openslice/templates/artemis.yaml b/kubernetes/helm/openslice/templates/artemis.yaml index 87c75ea..9d7fa35 100644 --- a/kubernetes/helm/openslice/templates/artemis.yaml +++ b/kubernetes/helm/openslice/templates/artemis.yaml @@ -28,6 +28,11 @@ spec: - image: "{{ .Values.image.artemis.repository }}:{{ .Values.image.artemis.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.artemis.pullPolicy | default "Always" }} name: {{ include "openslice.fullname" . }}-artemis + env: + - name: ARTEMIS_USER + value: {{ .Values.oscreds.activemq.user }} + - name: ARTEMIS_PASSWORD + value: {{ .Values.oscreds.activemq.password }} resources: {{- toYaml .Values.resources | nindent 12 }} ports: -- GitLab From d3f7afce8dbe4094dc96c201bf2df9ea27af1649 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Capucho?= Date: Mon, 28 Jul 2025 21:43:30 +0100 Subject: [PATCH 02/22] chore: Use secrets for authentication data Stores authentication data (MySQL & Artemis) in secrets instead of directly templating it on the manifests. The MySQL deployment was also refactored to properly create all needed databases and update user passwords without templating the passwords in a SQL file that was then stored in a configmap. Deployments were also updated to use the correct MySQL user instead of the root user. --- .../files/mysql-init/01-databases.sql | 11 ---- .../openslice/files/mysql-init/entrypoint.sh | 53 ++++++++++++++++++ .../openslice/templates/artemis-secret.yaml | 13 +++++ .../helm/openslice/templates/artemis.yaml | 11 ++++ .../helm/openslice/templates/bugzilla.yaml | 20 +++++-- .../helm/openslice/templates/centrallog.yaml | 18 +++++- .../helm/openslice/templates/cridge.yaml | 13 ++++- .../openslice/templates/keycloak-secret.yaml | 12 ++++ .../helm/openslice/templates/keycloak.yaml | 20 +++++-- .../helm/openslice/templates/manoclient.yaml | 16 +++++- .../helm/openslice/templates/mcp-server.yaml | 31 ++++++++-- .../helm/openslice/templates/metrico.yaml | 33 +++++++++-- .../openslice/templates/mysql-config.yaml | 6 +- .../templates/mysql-keycloak-secret.yaml | 14 +++++ .../templates/mysql-metrico-secret.yaml | 14 +++++ .../templates/mysql-portal-secret.yaml | 14 +++++ .../openslice/templates/mysql-secret.yaml | 12 ++++ .../helm/openslice/templates/mysql.yaml | 56 +++++++++++++++---- .../helm/openslice/templates/oasapi.yaml | 37 +++++++++--- kubernetes/helm/openslice/templates/osom.yaml | 18 +++++- .../helm/openslice/templates/osportalapi.yaml | 29 ++++++++-- .../helm/openslice/templates/osscapi.yaml | 29 ++++++++-- kubernetes/helm/openslice/values.yaml | 6 +- 23 files changed, 412 insertions(+), 74 deletions(-) delete mode 100644 kubernetes/helm/openslice/files/mysql-init/01-databases.sql create mode 100644 kubernetes/helm/openslice/files/mysql-init/entrypoint.sh create mode 100644 kubernetes/helm/openslice/templates/artemis-secret.yaml create mode 100644 kubernetes/helm/openslice/templates/keycloak-secret.yaml create mode 100644 kubernetes/helm/openslice/templates/mysql-keycloak-secret.yaml create mode 100644 kubernetes/helm/openslice/templates/mysql-metrico-secret.yaml create mode 100644 kubernetes/helm/openslice/templates/mysql-portal-secret.yaml create mode 100644 kubernetes/helm/openslice/templates/mysql-secret.yaml diff --git a/kubernetes/helm/openslice/files/mysql-init/01-databases.sql b/kubernetes/helm/openslice/files/mysql-init/01-databases.sql deleted file mode 100644 index aa16eec..0000000 --- a/kubernetes/helm/openslice/files/mysql-init/01-databases.sql +++ /dev/null @@ -1,11 +0,0 @@ -# create databases -CREATE DATABASE IF NOT EXISTS `{{ .Values.oscreds.mysql.openslicedb | default "osdb" }}`; -CREATE DATABASE IF NOT EXISTS `{{ .Values.oscreds.mysql.keycloak.database | default "keycloak" }}`; - -# create portal user and grant rights -CREATE USER '{{ .Values.oscreds.mysql.portal.username | default "portaluser" }}'@'localhost' IDENTIFIED BY '{{ .Values.oscreds.mysql.portal.password | default "12345" }}'; -GRANT ALL PRIVILEGES ON *.* TO '{{ .Values.oscreds.mysql.portal.username | default "portaluser" }}'@'%' IDENTIFIED BY '{{ .Values.oscreds.mysql.portal.password | default "12345" }}'; - -# create keycloak user and grant rights -CREATE USER '{{ .Values.oscreds.mysql.keycloak.username | default "keycloak" }}'@'localhost' IDENTIFIED BY '{{ .Values.oscreds.mysql.keycloak.password | default "password" }}'; -GRANT ALL PRIVILEGES ON *.* TO '{{ .Values.oscreds.mysql.keycloak.username | default "keycloak" }}'@'%' IDENTIFIED BY '{{ .Values.oscreds.mysql.keycloak.password | default "password" }}'; diff --git a/kubernetes/helm/openslice/files/mysql-init/entrypoint.sh b/kubernetes/helm/openslice/files/mysql-init/entrypoint.sh new file mode 100644 index 0000000..fe7dc19 --- /dev/null +++ b/kubernetes/helm/openslice/files/mysql-init/entrypoint.sh @@ -0,0 +1,53 @@ +#!/usr/bin/env sh +set -eu + +run_mysql() { + mysql -u root -p"$MYSQL_ROOT_PASSWORD" "$@" +} + +echo "Waiting for database to be ready" + +until run_mysql -e 'SELECT 1'; do + sleep 1 +done + +echo "Creating databases and users" + +create_user() { + if ! run_mysql --execute "CREATE USER '$1'@'%' IDENTIFIED BY '$2';" 2>/dev/null; then + run_mysql --execute "ALTER USER '$1'@'%' IDENTIFIED BY '$2';" + fi +} + +PORTAL_USER="$(< /var/run/secrets/portal/username)" +PORTAL_DATABASE="$(< /var/run/secrets/portal/database)" + +KEYCLOAK_USER="$(< /var/run/secrets/keycloak/username)" +KEYCLOAK_DATABASE="$(< /var/run/secrets/keycloak/database)" + +METRICO_USER="$(< /var/run/secrets/metrico/username)" +METRICO_DATABASE="$(< /var/run/secrets/metrico/database)" + +run_mysql --execute \ +" +# create databases +CREATE DATABASE IF NOT EXISTS $PORTAL_DATABASE; +CREATE DATABASE IF NOT EXISTS $KEYCLOAK_DATABASE; +CREATE DATABASE IF NOT EXISTS $METRICO_DATABASE; +" + +create_user "$PORTAL_USER" "$(< /var/run/secrets/portal/password)" +create_user "$KEYCLOAK_USER" "$(< /var/run/secrets/keycloak/password)" +create_user "$METRICO_USER" "$(< /var/run/secrets/metrico/password)" + +run_mysql --execute \ +" +# Grant portal user rights to the portal database +GRANT ALL PRIVILEGES ON $PORTAL_DATABASE.* TO '$PORTAL_USER'@'%'; +# Grant keycloak user rights to the portal database +GRANT ALL PRIVILEGES ON $KEYCLOAK_DATABASE.* TO '$KEYCLOAK_USER'@'%'; +# Grant metrico user rights to the portal database +GRANT ALL PRIVILEGES ON $METRICO_DATABASE.* TO '$METRICO_USER'@'%'; +" + +echo "Finished creating databases and users" diff --git a/kubernetes/helm/openslice/templates/artemis-secret.yaml b/kubernetes/helm/openslice/templates/artemis-secret.yaml new file mode 100644 index 0000000..21c97d0 --- /dev/null +++ b/kubernetes/helm/openslice/templates/artemis-secret.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Secret +metadata: + namespace: {{ .Release.Namespace }} + labels: + app: {{ include "openslice.fullname" . }} + org.etsi.osl.service: mysql + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + {{- include "openslice.labels" . | nindent 4 }} + name: {{ include "openslice.fullname" . }}-artemis-secret +data: + username: {{ .Values.oscreds.activemq.user | b64enc }} + password: {{ .Values.oscreds.activemq.password | b64enc }} diff --git a/kubernetes/helm/openslice/templates/artemis.yaml b/kubernetes/helm/openslice/templates/artemis.yaml index 87c75ea..2f4cc1f 100644 --- a/kubernetes/helm/openslice/templates/artemis.yaml +++ b/kubernetes/helm/openslice/templates/artemis.yaml @@ -28,6 +28,17 @@ spec: - image: "{{ .Values.image.artemis.repository }}:{{ .Values.image.artemis.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.artemis.pullPolicy | default "Always" }} name: {{ include "openslice.fullname" . }}-artemis + env: + - name: ARTEMIS_USER + valueFrom: + secretKeyRef: + name: {{ include "openslice.fullname" . }}-artemis-secret + key: username + - name: ARTEMIS_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "openslice.fullname" . }}-artemis-secret + key: password resources: {{- toYaml .Values.resources | nindent 12 }} ports: diff --git a/kubernetes/helm/openslice/templates/bugzilla.yaml b/kubernetes/helm/openslice/templates/bugzilla.yaml index d759a25..1e63a6d 100644 --- a/kubernetes/helm/openslice/templates/bugzilla.yaml +++ b/kubernetes/helm/openslice/templates/bugzilla.yaml @@ -31,11 +31,10 @@ spec: env: - name: SPRING_APPLICATION_JSON value: >- - { + { + "spring.config.import": "configtree:/etc/config/", "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", - "spring.activemq.user": "{{ .Values.oscreds.activemq.user }}", - "spring.activemq.password": "{{ .Values.oscreds.activemq.password }}", - "bugzillaurl":"{{ .Values.bugzillaurl }}", + "bugzillaurl":"{{ .Values.bugzillaurl }}", "bugzillakey":"{{ .Values.bugzillakey }}", "main_operations_product":"{{ .Values.main_operations_product }}" } @@ -43,7 +42,20 @@ spec: {{- toYaml .Values.resources | nindent 12 }} ports: - containerPort: 13010 + volumeMounts: + - mountPath: "/etc/config/spring.activemq.user" + name: artemis-secrets + subPath: username + readOnly: true + - mountPath: "/etc/config/spring.activemq.password" + name: artemis-secrets + subPath: password + readOnly: true restartPolicy: Always + volumes: + - name: artemis-secrets + secret: + secretName: {{ include "openslice.fullname" . }}-artemis-secret --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/templates/centrallog.yaml b/kubernetes/helm/openslice/templates/centrallog.yaml index b8143fc..e3c4b0e 100644 --- a/kubernetes/helm/openslice/templates/centrallog.yaml +++ b/kubernetes/helm/openslice/templates/centrallog.yaml @@ -31,17 +31,29 @@ spec: env: - name: SPRING_APPLICATION_JSON value: >- - { + { + "spring.config.import": "configtree:/etc/config/", "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", - "spring.activemq.user": "{{ .Values.oscreds.activemq.user }}", - "spring.activemq.password": "{{ .Values.oscreds.activemq.password }}", "centrallogurl": "{{ .Values.centrallogurl }}" } resources: {{- toYaml .Values.resources | nindent 12 }} ports: - containerPort: 13013 + volumeMounts: + - mountPath: "/etc/config/spring.activemq.user" + name: artemis-secrets + subPath: username + readOnly: true + - mountPath: "/etc/config/spring.activemq.password" + name: artemis-secrets + subPath: password + readOnly: true restartPolicy: Always + volumes: + - name: artemis-secrets + secret: + secretName: {{ include "openslice.fullname" . }}-artemis-secret --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/templates/cridge.yaml b/kubernetes/helm/openslice/templates/cridge.yaml index 1065639..45dc6f3 100644 --- a/kubernetes/helm/openslice/templates/cridge.yaml +++ b/kubernetes/helm/openslice/templates/cridge.yaml @@ -32,8 +32,6 @@ spec: value: >- { "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", - "spring.activemq.user": "{{ .Values.oscreds.activemq.user }}", - "spring.activemq.password": "{{ .Values.oscreds.activemq.password }}", "logging.level.org.springframework" : "{{ .Values.cridge.spring.logLevel | default "INFO" }}", "logging.level.org.etsi.osl.cridge" : "{{ .Values.cridge.logLevel | default "INFO" }}" } @@ -43,9 +41,20 @@ spec: - name: kubeconfig readOnly: true mountPath: /root/.kube + - mountPath: "/etc/config/spring.activemq.user" + name: artemis-secrets + subPath: username + readOnly: true + - mountPath: "/etc/config/spring.activemq.password" + name: artemis-secrets + subPath: password + readOnly: true restartPolicy: Always volumes: - name: kubeconfig secret: secretName: {{ include "openslice.fullname" . }}-kubeconfig + - name: artemis-secrets + secret: + secretName: {{ include "openslice.fullname" . }}-artemis-secret {{- end }} diff --git a/kubernetes/helm/openslice/templates/keycloak-secret.yaml b/kubernetes/helm/openslice/templates/keycloak-secret.yaml new file mode 100644 index 0000000..1795c04 --- /dev/null +++ b/kubernetes/helm/openslice/templates/keycloak-secret.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Secret +metadata: + namespace: {{ .Release.Namespace }} + labels: + app: {{ include "openslice.fullname" . }} + org.etsi.osl.service: mysql + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + {{- include "openslice.labels" . | nindent 4 }} + name: {{ include "openslice.fullname" . }}-keycloak-secret +data: + admin-password: {{ .Values.oscreds.mysql.keycloak.adminpassword | b64enc }} diff --git a/kubernetes/helm/openslice/templates/keycloak.yaml b/kubernetes/helm/openslice/templates/keycloak.yaml index fca2bdb..d0f469c 100644 --- a/kubernetes/helm/openslice/templates/keycloak.yaml +++ b/kubernetes/helm/openslice/templates/keycloak.yaml @@ -39,15 +39,27 @@ spec: - name: DB_ADDR value: {{ include "openslice.fullname" . }}-mysql - name: DB_DATABASE - value: {{ .Values.oscreds.mysql.keycloak.database }} + valueFrom: + secretKeyRef: + name: {{ include "openslice.fullname" . }}-mysql-keycloak-secrets + key: database - name: DB_PASSWORD - value: {{ .Values.oscreds.mysql.keycloak.password }} + valueFrom: + secretKeyRef: + name: {{ include "openslice.fullname" . }}-mysql-keycloak-secrets + key: password - name: DB_USER - value: {{ .Values.oscreds.mysql.keycloak.username }} + valueFrom: + secretKeyRef: + name: {{ include "openslice.fullname" . }}-mysql-keycloak-secrets + key: username - name: KEYCLOAK_USER value: admin - name: KEYCLOAK_PASSWORD - value: {{ .Values.oscreds.mysql.keycloak.adminpassword }} + valueFrom: + secretKeyRef: + name: {{ include "openslice.fullname" . }}-keycloak-secret + key: admin-password - name: JDBC_PARAMS value: useSSL=false - name: JAVA_OPTS diff --git a/kubernetes/helm/openslice/templates/manoclient.yaml b/kubernetes/helm/openslice/templates/manoclient.yaml index 064c0c1..46d75ae 100644 --- a/kubernetes/helm/openslice/templates/manoclient.yaml +++ b/kubernetes/helm/openslice/templates/manoclient.yaml @@ -32,16 +32,28 @@ spec: - name: SPRING_APPLICATION_JSON value: >- { + "spring.config.import": "configtree:/etc/config/", "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", - "spring.activemq.user": "{{ .Values.oscreds.activemq.user }}", - "spring.activemq.password": "{{ .Values.oscreds.activemq.password }}", "logging.level.org.springframework" : "{{ .Values.manoclient.spring.logLevel | default "INFO" }}" } resources: {{- toYaml .Values.resources | nindent 12 }} ports: - containerPort: 13011 + volumeMounts: + - mountPath: "/etc/config/spring.activemq.user" + name: artemis-secrets + subPath: username + readOnly: true + - mountPath: "/etc/config/spring.activemq.password" + name: artemis-secrets + subPath: password + readOnly: true restartPolicy: Always + volumes: + - name: artemis-secrets + secret: + secretName: {{ include "openslice.fullname" . }}-artemis-secret --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/templates/mcp-server.yaml b/kubernetes/helm/openslice/templates/mcp-server.yaml index 942f9a9..b5bb331 100644 --- a/kubernetes/helm/openslice/templates/mcp-server.yaml +++ b/kubernetes/helm/openslice/templates/mcp-server.yaml @@ -31,9 +31,8 @@ spec: - name: SPRING_APPLICATION_JSON value: >- { - "spring.datasource.url": "jdbc:mysql://{{ include "openslice.fullname" . }}-mysql/osdb?createDatabaseIfNotExist=true", - "spring.datasource.username": "{{ .Values.oscreds.mysql.username }}", - "spring.datasource.password": "{{ .Values.oscreds.mysql.password }}", + "spring.config.import": "configtree:/etc/config/", + "spring.datasource.url": "jdbc:mysql://{{ include "openslice.fullname" . }}-mysql/{{ .Values.oscreds.mysql.portal.database }}", "spring-addons.issuers[0].uri": "{{ .Values.rooturl }}/auth/realms/openslice", "spring-addons.issuers[0].username-json-path":"$.preferred_username", "spring-addons.issuers[0].claims[0].jsonPath":"$.realm_access.roles", @@ -44,15 +43,37 @@ spec: "springdoc.oauth.client-id": "osapiWebClientId", "springdoc.oauth.clientsecret": "{{ .Values.mcpserver.springdoc.clientSecret }}", "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", - "spring.activemq.user": "{{ .Values.oscreds.activemq.user }}", - "spring.activemq.password": "{{ .Values.oscreds.activemq.password }}", "logging.level.org.springframework": "{{ .Values.mcpserver.spring.logLevel | default "INFO" }}" } ports: - containerPort: 13015 resources: {{- toYaml .Values.resources | nindent 12 }} + volumeMounts: + - mountPath: "/etc/config/spring.datasource.username" + name: mysql-portal-secrets + subPath: username + readOnly: true + - mountPath: "/etc/config/spring.datasource.password" + name: mysql-portal-secrets + subPath: password + readOnly: true + - mountPath: "/etc/config/spring.activemq.user" + name: artemis-secrets + subPath: username + readOnly: true + - mountPath: "/etc/config/spring.activemq.password" + name: artemis-secrets + subPath: password + readOnly: true restartPolicy: Always + volumes: + - name: artemis-secrets + secret: + secretName: {{ include "openslice.fullname" . }}-artemis-secret + - name: mysql-portal-secrets + secret: + secretName: {{ include "openslice.fullname" . }}-mysql-portal-secrets --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/templates/metrico.yaml b/kubernetes/helm/openslice/templates/metrico.yaml index 620ca0a..b5d1aa4 100644 --- a/kubernetes/helm/openslice/templates/metrico.yaml +++ b/kubernetes/helm/openslice/templates/metrico.yaml @@ -33,14 +33,35 @@ spec: - name: SPRING_APPLICATION_JSON value: >- { - "spring.datasource.url": "jdbc:mysql://{{ include "openslice.fullname" . }}-mysql/metricodb?createDatabaseIfNotExist=true", - "spring.datasource.username": "{{ .Values.oscreds.mysql.username }}", - "spring.datasource.password": "{{ .Values.oscreds.mysql.password }}", - "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", - "spring.activemq.user": "{{ .Values.oscreds.activemq.user }}", - "spring.activemq.password": "{{ .Values.oscreds.activemq.password }}", + "spring.config.import": "configtree:/etc/config/", + "spring.datasource.url": "jdbc:mysql://{{ include "openslice.fullname" . }}-mysql/{{ .Values.oscreds.mysql.metrico.database }}", + "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", "logging.level.org.springframework" : "{{ .Values.metrico.spring.logLevel | default "INFO" }}", "logging.level.org.etsi.osl.cridge" : "{{ .Values.metrico.logLevel | default "INFO" }}" } + volumeMounts: + - mountPath: "/etc/config/spring.datasource.username" + name: mysql-metrico-secrets + subPath: username + readOnly: true + - mountPath: "/etc/config/spring.datasource.password" + name: mysql-metrico-secrets + subPath: password + readOnly: true + - mountPath: "/etc/config/spring.activemq.user" + name: artemis-secrets + subPath: username + readOnly: true + - mountPath: "/etc/config/spring.activemq.password" + name: artemis-secrets + subPath: password + readOnly: true restartPolicy: Always + volumes: + - name: artemis-secrets + secret: + secretName: {{ include "openslice.fullname" . }}-artemis-secret + - name: mysql-metrico-secrets + secret: + secretName: {{ include "openslice.fullname" . }}-mysql-metrico-secrets {{- end }} diff --git a/kubernetes/helm/openslice/templates/mysql-config.yaml b/kubernetes/helm/openslice/templates/mysql-config.yaml index 0de0e52..5a29569 100644 --- a/kubernetes/helm/openslice/templates/mysql-config.yaml +++ b/kubernetes/helm/openslice/templates/mysql-config.yaml @@ -7,7 +7,7 @@ metadata: org.etsi.osl.service: mysql chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" {{- include "openslice.labels" . | nindent 4 }} - name: {{ include "openslice.fullname" . }}-mysql-initdb-config + name: {{ include "openslice.fullname" . }}-mysql-init-config data: - 01-databases.sql: | - {{- tpl (.Files.Get "files/mysql-init/01-databases.sql") . | nindent 4 }} + entrypoint.sh: | + {{- .Files.Get "files/mysql-init/entrypoint.sh" | nindent 4 }} diff --git a/kubernetes/helm/openslice/templates/mysql-keycloak-secret.yaml b/kubernetes/helm/openslice/templates/mysql-keycloak-secret.yaml new file mode 100644 index 0000000..eae26f4 --- /dev/null +++ b/kubernetes/helm/openslice/templates/mysql-keycloak-secret.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Secret +metadata: + namespace: {{ .Release.Namespace }} + labels: + app: {{ include "openslice.fullname" . }} + org.etsi.osl.service: mysql + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + {{- include "openslice.labels" . | nindent 4 }} + name: {{ include "openslice.fullname" . }}-mysql-keycloak-secrets +data: + username: {{ .Values.oscreds.mysql.keycloak.username | default "keycloak" | b64enc }} + password: {{ .Values.oscreds.mysql.keycloak.password | default "password" | b64enc }} + database: {{ .Values.oscreds.mysql.keycloak.database | default "keycloak" | b64enc }} diff --git a/kubernetes/helm/openslice/templates/mysql-metrico-secret.yaml b/kubernetes/helm/openslice/templates/mysql-metrico-secret.yaml new file mode 100644 index 0000000..3aa8df0 --- /dev/null +++ b/kubernetes/helm/openslice/templates/mysql-metrico-secret.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Secret +metadata: + namespace: {{ .Release.Namespace }} + labels: + app: {{ include "openslice.fullname" . }} + org.etsi.osl.service: mysql + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + {{- include "openslice.labels" . | nindent 4 }} + name: {{ include "openslice.fullname" . }}-mysql-metrico-secrets +data: + username: {{ .Values.oscreds.mysql.metrico.username | default "metricouser" | b64enc }} + password: {{ .Values.oscreds.mysql.metrico.password | default "12345" | b64enc }} + database: {{ .Values.oscreds.mysql.metrico.database | default "metricodb" | b64enc }} diff --git a/kubernetes/helm/openslice/templates/mysql-portal-secret.yaml b/kubernetes/helm/openslice/templates/mysql-portal-secret.yaml new file mode 100644 index 0000000..58bff02 --- /dev/null +++ b/kubernetes/helm/openslice/templates/mysql-portal-secret.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Secret +metadata: + namespace: {{ .Release.Namespace }} + labels: + app: {{ include "openslice.fullname" . }} + org.etsi.osl.service: mysql + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + {{- include "openslice.labels" . | nindent 4 }} + name: {{ include "openslice.fullname" . }}-mysql-portal-secrets +data: + username: {{ .Values.oscreds.mysql.portal.username | default "portaluser" | b64enc }} + password: {{ .Values.oscreds.mysql.portal.password | default "12345" | b64enc }} + database: {{ .Values.oscreds.mysql.openslicedb | default "osdb" | b64enc }} diff --git a/kubernetes/helm/openslice/templates/mysql-secret.yaml b/kubernetes/helm/openslice/templates/mysql-secret.yaml new file mode 100644 index 0000000..a17dc36 --- /dev/null +++ b/kubernetes/helm/openslice/templates/mysql-secret.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Secret +metadata: + namespace: {{ .Release.Namespace }} + labels: + app: {{ include "openslice.fullname" . }} + org.etsi.osl.service: mysql + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + {{- include "openslice.labels" . | nindent 4 }} + name: {{ include "openslice.fullname" . }}-mysql-secrets +data: + root-password: {{ .Values.oscreds.mysql.password | default "letmein" | b64enc }} diff --git a/kubernetes/helm/openslice/templates/mysql.yaml b/kubernetes/helm/openslice/templates/mysql.yaml index b69a3f1..7f9585f 100644 --- a/kubernetes/helm/openslice/templates/mysql.yaml +++ b/kubernetes/helm/openslice/templates/mysql.yaml @@ -35,26 +35,45 @@ spec: - name: MYSQL_ROOT_HOST value: "%" - name: MYSQL_ROOT_PASSWORD - value: {{ .Values.oscreds.mysql.password | default "letmein" }} - - name: MYSQL_DATABASE - value: {{ .Values.oscreds.mysql.openslicedb | default "osdb" }} - - name: MYSQL_USER - value: {{ .Values.oscreds.mysql.portal.username | default "portaluser" }} - - name: MYSQL_PASSWORD - value: "{{ .Values.oscreds.mysql.portal.password | default 12345 }}" + valueFrom: + secretKeyRef: + name: {{ include "openslice.fullname" . }}-mysql-secrets + key: root-password resources: {{- toYaml .Values.resources | nindent 12 }} ports: - containerPort: 3306 + lifecycle: + postStart: + exec: + command: ["/init/entrypoint.sh"] volumeMounts: - mountPath: /var/lib/mysql name: mysql-portal-claim0 - - mountPath: /docker-entrypoint-initdb.d - name: mysql-initdb + - mountPath: /init + name: mysql-init + - mountPath: "/var/run/secrets/mysql" + readOnly: true + name: mysql-secrets + - mountPath: "/var/run/secrets/portal" + readOnly: true + name: mysql-portal-secrets + - mountPath: "/var/run/secrets/keycloak" + readOnly: true + name: mysql-keycloak-secrets + - mountPath: "/var/run/secrets/metrico" + readOnly: true + name: mysql-metrico-secrets + livenessProbe: + exec: + command: ["sh", "-c", "mysqladmin ping -p\"$MYSQL_ROOT_PASSWORD\""] + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 readinessProbe: exec: # Check we can execute queries over TCP (skip-networking is off). - command: ["mysql", "-h", "127.0.0.1", "-u", "{{ .Values.oscreds.mysql.username | default "root" }}", "-p{{ .Values.oscreds.mysql.password | default "letmein" }}", "-e", "SELECT 1"] + command: ["sh", "-c", "mysql -p\"$MYSQL_ROOT_PASSWORD\" -h 127.0.0.1 -e 'SELECT 1'"] initialDelaySeconds: 5 periodSeconds: 2 timeoutSeconds: 1 @@ -63,9 +82,22 @@ spec: - name: mysql-portal-claim0 persistentVolumeClaim: claimName: {{ include "openslice.fullname" . }}-mysql-portal-claim0 - - name: mysql-initdb + - name: mysql-init configMap: - name: {{ include "openslice.fullname" . }}-mysql-initdb-config + name: {{ include "openslice.fullname" . }}-mysql-init-config + defaultMode: 0755 + - name: mysql-secrets + secret: + secretName: {{ include "openslice.fullname" . }}-mysql-secrets + - name: mysql-portal-secrets + secret: + secretName: {{ include "openslice.fullname" . }}-mysql-portal-secrets + - name: mysql-keycloak-secrets + secret: + secretName: {{ include "openslice.fullname" . }}-mysql-keycloak-secrets + - name: mysql-metrico-secrets + secret: + secretName: {{ include "openslice.fullname" . }}-mysql-metrico-secrets --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/templates/oasapi.yaml b/kubernetes/helm/openslice/templates/oasapi.yaml index bf78b5d..3cb458c 100644 --- a/kubernetes/helm/openslice/templates/oasapi.yaml +++ b/kubernetes/helm/openslice/templates/oasapi.yaml @@ -36,15 +36,14 @@ spec: - image: "{{ .Values.image.oasapi.repository }}:{{ .Values.image.oasapi.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.oasapi.pullPolicy | default "Always" }} name: {{ .Release.Name }}-oasapi - env: + env: - name: SPRING_APPLICATION_JSON value: >- { - "origins":"{{ .Values.rooturl }}", - "spring.datasource.url": "jdbc:mysql://{{ include "openslice.fullname" . }}-mysql/ostmfdb?createDatabaseIfNotExist=true&useUnicode=true&nullCatalogMeansCurrent=true&characterEncoding=utf8&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=UTC", - "spring.datasource.username": "{{ .Values.oscreds.mysql.username }}", - "spring.datasource.password": "{{ .Values.oscreds.mysql.password }}", - "spring-addons.issuers[0].uri": "{{ .Values.rooturl }}/auth/realms/openslice", + "origins":"{{ .Values.rooturl }}", + "spring.config.import": "configtree:/etc/config/", + "spring.datasource.url": "jdbc:mysql://{{ include "openslice.fullname" . }}-mysql/{{ .Values.oscreds.mysql.portal.database }}", + "spring-addons.issuers[0].uri": "{{ .Values.rooturl }}/auth/realms/openslice", "spring-addons.issuers[0].username-json-path":"$.preferred_username", "spring-addons.issuers[0].claims[0].jsonPath":"$.realm_access.roles", "spring-addons.issuers[0].claims[1].jsonPath":"$.resource_access.*.roles", @@ -54,8 +53,6 @@ spec: "springdoc.oauth.client-id" : "osapiWebClientId", "springdoc.oauth.clientsecret" : "{{ .Values.spring.oauthClientSecret }}", "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", - "spring.activemq.user": "{{ .Values.oscreds.activemq.user }}", - "spring.activemq.password": "{{ .Values.oscreds.activemq.password }}", "logging.level.org.springframework" : "{{ .Values.oasapi.spring.logLevel | default "INFO" }}", "server.forward-headers-strategy":"FRAMEWORK" } @@ -67,7 +64,31 @@ spec: httpGet: path: /oas-api/swagger-ui/index.html port: 13101 + volumeMounts: + - mountPath: "/etc/config/spring.datasource.username" + name: mysql-portal-secrets + subPath: username + readOnly: true + - mountPath: "/etc/config/spring.datasource.password" + name: mysql-portal-secrets + subPath: password + readOnly: true + - mountPath: "/etc/config/spring.activemq.user" + name: artemis-secrets + subPath: username + readOnly: true + - mountPath: "/etc/config/spring.activemq.password" + name: artemis-secrets + subPath: password + readOnly: true restartPolicy: Always + volumes: + - name: artemis-secrets + secret: + secretName: {{ include "openslice.fullname" . }}-artemis-secret + - name: mysql-portal-secrets + secret: + secretName: {{ include "openslice.fullname" . }}-mysql-portal-secrets --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/templates/osom.yaml b/kubernetes/helm/openslice/templates/osom.yaml index 14c8d2d..f5a1617 100644 --- a/kubernetes/helm/openslice/templates/osom.yaml +++ b/kubernetes/helm/openslice/templates/osom.yaml @@ -31,18 +31,30 @@ spec: env: - name: SPRING_APPLICATION_JSON value: >- - { + { + "spring.config.import": "configtree:/etc/config/", "spring.datasource.url" : "{{ .Values.osom.spring.datasource.url | default "jdbc:h2:/tmp/tempdb;DB_CLOSE_DELAY=-1" }}", "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", - "spring.activemq.user": "{{ .Values.oscreds.activemq.user }}", - "spring.activemq.password": "{{ .Values.oscreds.activemq.password }}", "logging.level.org.springframework" : "{{ .Values.osom.spring.logLevel | default "INFO" }}" } resources: {{- toYaml .Values.resources | nindent 12 }} ports: - containerPort: 13100 + volumeMounts: + - mountPath: "/etc/config/spring.activemq.user" + name: artemis-secrets + subPath: username + readOnly: true + - mountPath: "/etc/config/spring.activemq.password" + name: artemis-secrets + subPath: password + readOnly: true restartPolicy: Always + volumes: + - name: artemis-secrets + secret: + secretName: {{ include "openslice.fullname" . }}-artemis-secret --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/templates/osportalapi.yaml b/kubernetes/helm/openslice/templates/osportalapi.yaml index 6df11d4..afe161a 100644 --- a/kubernetes/helm/openslice/templates/osportalapi.yaml +++ b/kubernetes/helm/openslice/templates/osportalapi.yaml @@ -42,9 +42,8 @@ spec: value: >- { "origins":"{{ .Values.rooturl }}", - "spring.datasource.url": "jdbc:mysql://{{ include "openslice.fullname" . }}-mysql/osdb?createDatabaseIfNotExist=true", - "spring.datasource.username": "{{ .Values.oscreds.mysql.username }}", - "spring.datasource.password": "{{ .Values.oscreds.mysql.password }}", + "spring.config.import": "configtree:/etc/config/", + "spring.datasource.url": "jdbc:mysql://{{ include "openslice.fullname" . }}-mysql/{{ .Values.oscreds.mysql.portal.database }}", "spring-addons.issuers[0].uri": "{{ .Values.rooturl }}/auth/realms/openslice", "spring-addons.issuers[0].username-json-path":"$.preferred_username", "spring-addons.issuers[0].claims[0].jsonPath":"$.realm_access.roles", @@ -55,8 +54,6 @@ spec: "springdoc.oauth.client-id" : "osapiWebClientId", "springdoc.oauth.clientsecret" : "{{ .Values.spring.oauthClientSecret }}", "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", - "spring.activemq.user": "{{ .Values.oscreds.activemq.user }}", - "spring.activemq.password": "{{ .Values.oscreds.activemq.password }}", "logging.level.org.springframework" : "{{ .Values.portalapi.spring.logLevel | default "INFO" }}", "logging.level.org.etsi.osl.portal.api": "{{ .Values.portalapi.logLevel | default "INFO" }}", "server.forward-headers-strategy":"FRAMEWORK" @@ -68,11 +65,33 @@ spec: volumeMounts: - name: osportalapi-claim0 mountPath: /root + - mountPath: "/etc/config/spring.datasource.username" + name: mysql-portal-secrets + subPath: username + readOnly: true + - mountPath: "/etc/config/spring.datasource.password" + name: mysql-portal-secrets + subPath: password + readOnly: true + - mountPath: "/etc/config/spring.activemq.user" + name: artemis-secrets + subPath: username + readOnly: true + - mountPath: "/etc/config/spring.activemq.password" + name: artemis-secrets + subPath: password + readOnly: true restartPolicy: Always volumes: - name: osportalapi-claim0 persistentVolumeClaim: claimName: {{ include "openslice.fullname" . }}-osportalapi-claim0 + - name: artemis-secrets + secret: + secretName: {{ include "openslice.fullname" . }}-artemis-secret + - name: mysql-portal-secrets + secret: + secretName: {{ include "openslice.fullname" . }}-mysql-portal-secrets --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/templates/osscapi.yaml b/kubernetes/helm/openslice/templates/osscapi.yaml index 758d519..2b3be8e 100644 --- a/kubernetes/helm/openslice/templates/osscapi.yaml +++ b/kubernetes/helm/openslice/templates/osscapi.yaml @@ -41,9 +41,8 @@ spec: value: >- { "origins":"{{ .Values.rooturl }}", - "spring.datasource.url": "jdbc:mysql://{{ include "openslice.fullname" . }}-mysql/osdb?createDatabaseIfNotExist=true", - "spring.datasource.username": "{{ .Values.oscreds.mysql.username }}", - "spring.datasource.password": "{{ .Values.oscreds.mysql.password }}", + "spring.config.import": "configtree:/etc/config/", + "spring.datasource.url": "jdbc:mysql://{{ include "openslice.fullname" . }}-mysql/{{ .Values.oscreds.mysql.portal.database }}", "spring-addons.issuers[0].uri":"{{ .Values.rooturl }}/auth/realms/openslice", "spring-addons.issuers[0].username-json-path":"$.preferred_username", "spring-addons.issuers[0].claims[0].jsonPath":"$.realm_access.roles", @@ -55,8 +54,6 @@ spec: "springdoc.oauth.client-id":"osapiWebClientId", "springdoc.oauth.clientsecret" : "{{ .Values.spring.oauthClientSecret }}", "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", - "spring.activemq.user": "{{ .Values.oscreds.activemq.user }}", - "spring.activemq.password": "{{ .Values.oscreds.activemq.password }}", "logging.level.org.springframework": "{{ .Values.osscapi.spring.logLevel | default "INFO" }}", "kroki.serverurl":"{{ .Values.rooturl }}/kroki", "server.forward-headers-strategy":"FRAMEWORK" @@ -68,6 +65,22 @@ spec: volumeMounts: - mountPath: /root name: osscapi-claim0 + - mountPath: "/etc/config/spring.datasource.username" + name: mysql-portal-secrets + subPath: username + readOnly: true + - mountPath: "/etc/config/spring.datasource.password" + name: mysql-portal-secrets + subPath: password + readOnly: true + - mountPath: "/etc/config/spring.activemq.user" + name: artemis-secrets + subPath: username + readOnly: true + - mountPath: "/etc/config/spring.activemq.password" + name: artemis-secrets + subPath: password + readOnly: true readinessProbe: httpGet: path: /tmf-api/serviceCatalogManagement/v4/serviceCatalog @@ -77,6 +90,12 @@ spec: - name: osscapi-claim0 persistentVolumeClaim: claimName: {{ include "openslice.fullname" . }}-osscapi-claim0 + - name: artemis-secrets + secret: + secretName: {{ include "openslice.fullname" . }}-artemis-secret + - name: mysql-portal-secrets + secret: + secretName: {{ include "openslice.fullname" . }}-mysql-portal-secrets --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/values.yaml b/kubernetes/helm/openslice/values.yaml index cc86020..405de62 100644 --- a/kubernetes/helm/openslice/values.yaml +++ b/kubernetes/helm/openslice/values.yaml @@ -113,7 +113,11 @@ oscreds: portal: database: osdb username: portaluser - password: 12345 + password: "12345" + metrico: + database: metricodb + username: metricouser + password: "12345" spring: oauthClientSecret: secret -- GitLab From 144f337a0178c3dc55ae3882450a074e5a845fdc Mon Sep 17 00:00:00 2001 From: trantzas Date: Mon, 18 Aug 2025 17:20:56 +0000 Subject: [PATCH 03/22] Preparing the develop branch for 2025Q4 Release Cycle --- pom.xml | 40 ++++++++++++++++++++-------------------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/pom.xml b/pom.xml index 4768038..bc9dc2f 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ org.etsi.osl org.etsi.osl.main - 2025Q2 + 2025Q4-SNAPSHOT pom org.etsi.osl.main @@ -33,25 +33,25 @@ 1.7.0 - 1.0.2 - 1.0.2 - 1.0.2 - 1.2.0 - 2025Q2 - 1.0.2 - 1.1.1 - 1.1.0 - 1.2.0 - 1.0.2 - 1.2.0 - 1.1.0 - 1.0.2 - 1.0.2 - 1.0.2 - 1.2.0 - 1.2.0 - 1.0.0 - 1.0.0 + 1.0.3-SNAPSHOT + 1.0.3-SNAPSHOT + 1.0.3-SNAPSHOT + 1.3.0-SNAPSHOT + 2025Q4-SNAPSHOT + 1.0.3-SNAPSHOT + 1.1.2-SNAPSHOT + 1.1.1-SNAPSHOT + 1.3.0-SNAPSHOT + 1.0.3-SNAPSHOT + 1.3.0-SNAPSHOT + 1.2.0-SNAPSHOT + 1.1.0-SNAPSHOT + 1.0.3-SNAPSHOT + 1.0.3-SNAPSHOT + 1.3.0-SNAPSHOT + 1.3.0-SNAPSHOT + 1.0.1-SNAPSHOT + 1.1.0-SNAPSHOT -- GitLab From e0ed1f011c0b9496c982cff4abb94a169d96eb5c Mon Sep 17 00:00:00 2001 From: Kostis Trantzas Date: Wed, 8 Oct 2025 17:09:04 +0300 Subject: [PATCH 04/22] Adding the OSL_AUTOACK_ORDER role at OpenSlice realm in Keycloak --- compose/keycloak-init/realm-export.json | 15 +++++++++++++++ .../files/keycloak-init/realm-export.json | 15 +++++++++++++++ 2 files changed, 30 insertions(+) diff --git a/compose/keycloak-init/realm-export.json b/compose/keycloak-init/realm-export.json index f74761a..5134737 100644 --- a/compose/keycloak-init/realm-export.json +++ b/compose/keycloak-init/realm-export.json @@ -39,6 +39,20 @@ "failureFactor": 30, "roles": { "realm": [ + { + "id": "4f485a21-80c6-466e-8241-b3942aadf93a", + "name": "OSL_AUTOACK_ORDER", + "description": "This OSL role is used to allow issuing Service Orders, which are auto-acknowledged, without the need for approval", + "composite": true, + "composites": { + "realm": [ + "USER" + ] + }, + "clientRole": false, + "containerId": "openslice", + "attributes": {} + }, { "id": "1741dd77-ee50-4fd7-bec6-1a6d3d9d778a", "name": "MENTOR", @@ -77,6 +91,7 @@ { "id": "a2685809-e874-4009-8435-92ded0c7180d", "name": "ADMIN", + "description": "This OSL role is used to access the admin views and perform administrative tasks (you need at least one user at this role to setup the system)", "composite": true, "composites": { "realm": [ diff --git a/kubernetes/helm/openslice/files/keycloak-init/realm-export.json b/kubernetes/helm/openslice/files/keycloak-init/realm-export.json index 0be17ce..16043a4 100644 --- a/kubernetes/helm/openslice/files/keycloak-init/realm-export.json +++ b/kubernetes/helm/openslice/files/keycloak-init/realm-export.json @@ -39,6 +39,20 @@ "failureFactor": 30, "roles": { "realm": [ + { + "id": "4f485a21-80c6-466e-8241-b3942aadf93a", + "name": "OSL_AUTOACK_ORDER", + "description": "This OSL role is used to allow issuing Service Orders, which are auto-acknowledged, without the need for approval", + "composite": true, + "composites": { + "realm": [ + "USER" + ] + }, + "clientRole": false, + "containerId": "openslice", + "attributes": {} + }, { "id": "1741dd77-ee50-4fd7-bec6-1a6d3d9d778a", "name": "MENTOR", @@ -77,6 +91,7 @@ { "id": "a2685809-e874-4009-8435-92ded0c7180d", "name": "ADMIN", + "description": "This OSL role is used to access the admin views and perform administrative tasks (you need at least one user at this role to setup the system)", "composite": true, "composites": { "realm": [ -- GitLab From 551ea5e253564799eb6f9d7ad51c468176fd0afe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Capucho?= Date: Mon, 4 Aug 2025 16:21:57 +0100 Subject: [PATCH 05/22] fix: Remove oauth client secret values These values despite the name don't actually configure client secrets for use in openslice but instead the client secret displayed in the API documentation. So at best they are not useful and at worst a terrible footgun to leak client secrets. --- kubernetes/helm/openslice/templates/mcp-server.yaml | 2 -- kubernetes/helm/openslice/templates/oasapi.yaml | 2 -- kubernetes/helm/openslice/templates/osportalapi.yaml | 2 -- kubernetes/helm/openslice/templates/osscapi.yaml | 2 -- kubernetes/helm/openslice/values.yaml | 5 ----- 5 files changed, 13 deletions(-) diff --git a/kubernetes/helm/openslice/templates/mcp-server.yaml b/kubernetes/helm/openslice/templates/mcp-server.yaml index b5bb331..d834a8d 100644 --- a/kubernetes/helm/openslice/templates/mcp-server.yaml +++ b/kubernetes/helm/openslice/templates/mcp-server.yaml @@ -40,8 +40,6 @@ spec: "spring.security.oauth2.resourceserver.jwt.issuer-uri": "{{ .Values.rooturl }}/auth/realms/openslice", "springdoc.oAuthFlow.authorizationUrl": "{{ .Values.rooturl }}/auth/realms/openslice/protocol/openid-connect/auth", "springdoc.oAuthFlow.tokenUrl": "{{ .Values.rooturl }}/auth/realms/openslice/protocol/openid-connect/token", - "springdoc.oauth.client-id": "osapiWebClientId", - "springdoc.oauth.clientsecret": "{{ .Values.mcpserver.springdoc.clientSecret }}", "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", "logging.level.org.springframework": "{{ .Values.mcpserver.spring.logLevel | default "INFO" }}" } diff --git a/kubernetes/helm/openslice/templates/oasapi.yaml b/kubernetes/helm/openslice/templates/oasapi.yaml index 3cb458c..871bf76 100644 --- a/kubernetes/helm/openslice/templates/oasapi.yaml +++ b/kubernetes/helm/openslice/templates/oasapi.yaml @@ -50,8 +50,6 @@ spec: "spring.security.oauth2.resourceserver.jwt.issuer-uri": "{{ .Values.rooturl }}/auth/realms/openslice", "springdoc.oAuthFlow.authorizationUrl": "{{ .Values.rooturl }}/auth/realms/openslice/protocol/openid-connect/auth", "springdoc.oAuthFlow.tokenUrl": "{{ .Values.rooturl }}/auth/realms/openslice/protocol/openid-connect/token", - "springdoc.oauth.client-id" : "osapiWebClientId", - "springdoc.oauth.clientsecret" : "{{ .Values.spring.oauthClientSecret }}", "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", "logging.level.org.springframework" : "{{ .Values.oasapi.spring.logLevel | default "INFO" }}", "server.forward-headers-strategy":"FRAMEWORK" diff --git a/kubernetes/helm/openslice/templates/osportalapi.yaml b/kubernetes/helm/openslice/templates/osportalapi.yaml index afe161a..4a68160 100644 --- a/kubernetes/helm/openslice/templates/osportalapi.yaml +++ b/kubernetes/helm/openslice/templates/osportalapi.yaml @@ -51,8 +51,6 @@ spec: "spring.security.oauth2.resourceserver.jwt.issuer-uri": "{{ .Values.rooturl }}/auth/realms/openslice", "springdoc.oAuthFlow.authorizationUrl": "{{ .Values.rooturl }}/auth/realms/openslice/protocol/openid-connect/auth", "springdoc.oAuthFlow.tokenUrl": "{{ .Values.rooturl }}/auth/realms/openslice/protocol/openid-connect/token", - "springdoc.oauth.client-id" : "osapiWebClientId", - "springdoc.oauth.clientsecret" : "{{ .Values.spring.oauthClientSecret }}", "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", "logging.level.org.springframework" : "{{ .Values.portalapi.spring.logLevel | default "INFO" }}", "logging.level.org.etsi.osl.portal.api": "{{ .Values.portalapi.logLevel | default "INFO" }}", diff --git a/kubernetes/helm/openslice/templates/osscapi.yaml b/kubernetes/helm/openslice/templates/osscapi.yaml index 2b3be8e..2a0b703 100644 --- a/kubernetes/helm/openslice/templates/osscapi.yaml +++ b/kubernetes/helm/openslice/templates/osscapi.yaml @@ -51,8 +51,6 @@ spec: "spring.security.oauth2.resourceserver.jwt.jwk-set-uri":"{{ .Values.rooturl }}/auth/realms/openslice/.well-known/openid-configuration", "springdoc.oAuthFlow.authorizationUrl":"{{ .Values.rooturl }}/auth/realms/openslice/protocol/openid-connect/auth", "springdoc.oAuthFlow.tokenUrl":"{{ .Values.rooturl }}/auth/realms/openslice/protocol/openid-connect/token", - "springdoc.oauth.client-id":"osapiWebClientId", - "springdoc.oauth.clientsecret" : "{{ .Values.spring.oauthClientSecret }}", "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", "logging.level.org.springframework": "{{ .Values.osscapi.spring.logLevel | default "INFO" }}", "kroki.serverurl":"{{ .Values.rooturl }}/kroki", diff --git a/kubernetes/helm/openslice/values.yaml b/kubernetes/helm/openslice/values.yaml index 405de62..2155e86 100644 --- a/kubernetes/helm/openslice/values.yaml +++ b/kubernetes/helm/openslice/values.yaml @@ -119,9 +119,6 @@ oscreds: username: metricouser password: "12345" -spring: - oauthClientSecret: secret - mysql: storage: 10Gi @@ -165,8 +162,6 @@ osscapi: mcpserver: enabled: true - springdoc: - clientSecret: secret spring: logLevel: INFO -- GitLab From 31fa266ceb4d313fb743f1394c524d7e3cb06e57 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Capucho?= Date: Mon, 4 Aug 2025 19:09:39 +0100 Subject: [PATCH 06/22] feat: Allow specifying existing secrets in helm chart --- .../helm/openslice/templates/_helpers.tpl | 51 +++++++++++++++++++ .../openslice/templates/artemis-secret.yaml | 2 + .../helm/openslice/templates/artemis.yaml | 4 +- .../helm/openslice/templates/bugzilla.yaml | 2 +- .../helm/openslice/templates/centrallog.yaml | 2 +- .../helm/openslice/templates/cridge.yaml | 2 +- .../openslice/templates/keycloak-secret.yaml | 2 + .../helm/openslice/templates/keycloak.yaml | 8 +-- .../helm/openslice/templates/manoclient.yaml | 2 +- .../helm/openslice/templates/mcp-server.yaml | 4 +- .../helm/openslice/templates/metrico.yaml | 4 +- .../templates/mysql-keycloak-secret.yaml | 2 + .../templates/mysql-metrico-secret.yaml | 2 + .../templates/mysql-portal-secret.yaml | 4 +- .../openslice/templates/mysql-secret.yaml | 2 + .../helm/openslice/templates/mysql.yaml | 10 ++-- .../helm/openslice/templates/oasapi.yaml | 4 +- kubernetes/helm/openslice/templates/osom.yaml | 2 +- .../helm/openslice/templates/osportalapi.yaml | 4 +- .../helm/openslice/templates/osscapi.yaml | 4 +- kubernetes/helm/openslice/values.yaml | 48 +++++++++++++++-- 21 files changed, 135 insertions(+), 30 deletions(-) diff --git a/kubernetes/helm/openslice/templates/_helpers.tpl b/kubernetes/helm/openslice/templates/_helpers.tpl index 89f9f71..fa5e591 100644 --- a/kubernetes/helm/openslice/templates/_helpers.tpl +++ b/kubernetes/helm/openslice/templates/_helpers.tpl @@ -60,3 +60,54 @@ Create the name of the service account to use {{- default "default" .Values.serviceAccount.name }} {{- end }} {{- end }} + +{{/* +Secrets +*/}} +{{- define "openslice.secrets.activemq" -}} +{{- if .Values.oscreds.activemq.existingSecret }} +{{- .Values.oscreds.activemq.existingSecret }} +{{- else }} +{{- include "openslice.fullname" . }}-artemis-secret +{{- end }} +{{- end }} + +{{- define "openslice.secrets.mysql" -}} +{{- if .Values.oscreds.mysql.existingSecret }} +{{- .Values.oscreds.mysql.existingSecret }} +{{- else }} +{{- include "openslice.fullname" . }}-mysql-secrets +{{- end }} +{{- end }} + +{{- define "openslice.secrets.keycloak.mysql" -}} +{{- if .Values.oscreds.mysql.keycloak.existingMySQLSecret }} +{{- .Values.oscreds.mysql.keycloak.existingMySQLSecret }} +{{- else }} +{{- include "openslice.fullname" . }}-mysql-keycloak-secrets +{{- end }} +{{- end }} + +{{- define "openslice.secrets.keycloak.admin" -}} +{{- if .Values.oscreds.mysql.keycloak.existingSecret }} +{{- .Values.oscreds.mysql.keycloak.existingSecret }} +{{- else }} +{{- include "openslice.fullname" . }}-keycloak-secret +{{- end }} +{{- end }} + +{{- define "openslice.secrets.portal.mysql" -}} +{{- if .Values.oscreds.mysql.portal.existingSecret }} +{{- .Values.oscreds.mysql.portal.existingSecret }} +{{- else }} +{{- include "openslice.fullname" . }}-mysql-portal-secrets +{{- end }} +{{- end }} + +{{- define "openslice.secrets.metrico.mysql" -}} +{{- if .Values.oscreds.mysql.metrico.existingSecret }} +{{- .Values.oscreds.mysql.metrico.existingSecret }} +{{- else }} +{{- include "openslice.fullname" . }}-mysql-metrico-secrets +{{- end }} +{{- end }} diff --git a/kubernetes/helm/openslice/templates/artemis-secret.yaml b/kubernetes/helm/openslice/templates/artemis-secret.yaml index 21c97d0..cceefc2 100644 --- a/kubernetes/helm/openslice/templates/artemis-secret.yaml +++ b/kubernetes/helm/openslice/templates/artemis-secret.yaml @@ -1,3 +1,4 @@ +{{- if not .Values.oscreds.activemq.existingSecret -}} apiVersion: v1 kind: Secret metadata: @@ -11,3 +12,4 @@ metadata: data: username: {{ .Values.oscreds.activemq.user | b64enc }} password: {{ .Values.oscreds.activemq.password | b64enc }} +{{- end -}} diff --git a/kubernetes/helm/openslice/templates/artemis.yaml b/kubernetes/helm/openslice/templates/artemis.yaml index 2f4cc1f..17e18a0 100644 --- a/kubernetes/helm/openslice/templates/artemis.yaml +++ b/kubernetes/helm/openslice/templates/artemis.yaml @@ -32,12 +32,12 @@ spec: - name: ARTEMIS_USER valueFrom: secretKeyRef: - name: {{ include "openslice.fullname" . }}-artemis-secret + name: {{ include "openslice.secrets.activemq" . }} key: username - name: ARTEMIS_PASSWORD valueFrom: secretKeyRef: - name: {{ include "openslice.fullname" . }}-artemis-secret + name: {{ include "openslice.secrets.activemq" . }} key: password resources: {{- toYaml .Values.resources | nindent 12 }} diff --git a/kubernetes/helm/openslice/templates/bugzilla.yaml b/kubernetes/helm/openslice/templates/bugzilla.yaml index 1e63a6d..09323cf 100644 --- a/kubernetes/helm/openslice/templates/bugzilla.yaml +++ b/kubernetes/helm/openslice/templates/bugzilla.yaml @@ -55,7 +55,7 @@ spec: volumes: - name: artemis-secrets secret: - secretName: {{ include "openslice.fullname" . }}-artemis-secret + secretName: {{ include "openslice.secrets.activemq" . }} --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/templates/centrallog.yaml b/kubernetes/helm/openslice/templates/centrallog.yaml index e3c4b0e..e61dc66 100644 --- a/kubernetes/helm/openslice/templates/centrallog.yaml +++ b/kubernetes/helm/openslice/templates/centrallog.yaml @@ -53,7 +53,7 @@ spec: volumes: - name: artemis-secrets secret: - secretName: {{ include "openslice.fullname" . }}-artemis-secret + secretName: {{ include "openslice.secrets.activemq" . }} --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/templates/cridge.yaml b/kubernetes/helm/openslice/templates/cridge.yaml index 45dc6f3..bb32c67 100644 --- a/kubernetes/helm/openslice/templates/cridge.yaml +++ b/kubernetes/helm/openslice/templates/cridge.yaml @@ -56,5 +56,5 @@ spec: secretName: {{ include "openslice.fullname" . }}-kubeconfig - name: artemis-secrets secret: - secretName: {{ include "openslice.fullname" . }}-artemis-secret + secretName: {{ include "openslice.secrets.activemq" . }} {{- end }} diff --git a/kubernetes/helm/openslice/templates/keycloak-secret.yaml b/kubernetes/helm/openslice/templates/keycloak-secret.yaml index 1795c04..c6b7d4f 100644 --- a/kubernetes/helm/openslice/templates/keycloak-secret.yaml +++ b/kubernetes/helm/openslice/templates/keycloak-secret.yaml @@ -1,3 +1,4 @@ +{{- if not .Values.oscreds.mysql.keycloak.existingSecret -}} apiVersion: v1 kind: Secret metadata: @@ -10,3 +11,4 @@ metadata: name: {{ include "openslice.fullname" . }}-keycloak-secret data: admin-password: {{ .Values.oscreds.mysql.keycloak.adminpassword | b64enc }} +{{- end -}} diff --git a/kubernetes/helm/openslice/templates/keycloak.yaml b/kubernetes/helm/openslice/templates/keycloak.yaml index d0f469c..843f1df 100644 --- a/kubernetes/helm/openslice/templates/keycloak.yaml +++ b/kubernetes/helm/openslice/templates/keycloak.yaml @@ -41,24 +41,24 @@ spec: - name: DB_DATABASE valueFrom: secretKeyRef: - name: {{ include "openslice.fullname" . }}-mysql-keycloak-secrets + name: {{ include "openslice.secrets.keycloak.mysql" . }} key: database - name: DB_PASSWORD valueFrom: secretKeyRef: - name: {{ include "openslice.fullname" . }}-mysql-keycloak-secrets + name: {{ include "openslice.secrets.keycloak.mysql" . }} key: password - name: DB_USER valueFrom: secretKeyRef: - name: {{ include "openslice.fullname" . }}-mysql-keycloak-secrets + name: {{ include "openslice.secrets.keycloak.mysql" . }} key: username - name: KEYCLOAK_USER value: admin - name: KEYCLOAK_PASSWORD valueFrom: secretKeyRef: - name: {{ include "openslice.fullname" . }}-keycloak-secret + name: {{ include "openslice.secrets.keycloak.admin" . }} key: admin-password - name: JDBC_PARAMS value: useSSL=false diff --git a/kubernetes/helm/openslice/templates/manoclient.yaml b/kubernetes/helm/openslice/templates/manoclient.yaml index 46d75ae..c773eba 100644 --- a/kubernetes/helm/openslice/templates/manoclient.yaml +++ b/kubernetes/helm/openslice/templates/manoclient.yaml @@ -53,7 +53,7 @@ spec: volumes: - name: artemis-secrets secret: - secretName: {{ include "openslice.fullname" . }}-artemis-secret + secretName: {{ include "openslice.secrets.activemq" . }} --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/templates/mcp-server.yaml b/kubernetes/helm/openslice/templates/mcp-server.yaml index b5bb331..8db6f33 100644 --- a/kubernetes/helm/openslice/templates/mcp-server.yaml +++ b/kubernetes/helm/openslice/templates/mcp-server.yaml @@ -70,10 +70,10 @@ spec: volumes: - name: artemis-secrets secret: - secretName: {{ include "openslice.fullname" . }}-artemis-secret + secretName: {{ include "openslice.secrets.activemq" . }} - name: mysql-portal-secrets secret: - secretName: {{ include "openslice.fullname" . }}-mysql-portal-secrets + secretName: {{ include "openslice.secrets.portal.mysql" . }} --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/templates/metrico.yaml b/kubernetes/helm/openslice/templates/metrico.yaml index b5d1aa4..d894b50 100644 --- a/kubernetes/helm/openslice/templates/metrico.yaml +++ b/kubernetes/helm/openslice/templates/metrico.yaml @@ -60,8 +60,8 @@ spec: volumes: - name: artemis-secrets secret: - secretName: {{ include "openslice.fullname" . }}-artemis-secret + secretName: {{ include "openslice.secrets.activemq" . }} - name: mysql-metrico-secrets secret: - secretName: {{ include "openslice.fullname" . }}-mysql-metrico-secrets + secretName: {{ include "openslice.secrets.metrico.mysql" . }} {{- end }} diff --git a/kubernetes/helm/openslice/templates/mysql-keycloak-secret.yaml b/kubernetes/helm/openslice/templates/mysql-keycloak-secret.yaml index eae26f4..3f3035c 100644 --- a/kubernetes/helm/openslice/templates/mysql-keycloak-secret.yaml +++ b/kubernetes/helm/openslice/templates/mysql-keycloak-secret.yaml @@ -1,3 +1,4 @@ +{{- if not .Values.oscreds.mysql.keycloak.existingMySQLSecret -}} apiVersion: v1 kind: Secret metadata: @@ -12,3 +13,4 @@ data: username: {{ .Values.oscreds.mysql.keycloak.username | default "keycloak" | b64enc }} password: {{ .Values.oscreds.mysql.keycloak.password | default "password" | b64enc }} database: {{ .Values.oscreds.mysql.keycloak.database | default "keycloak" | b64enc }} +{{- end -}} diff --git a/kubernetes/helm/openslice/templates/mysql-metrico-secret.yaml b/kubernetes/helm/openslice/templates/mysql-metrico-secret.yaml index 3aa8df0..4685b05 100644 --- a/kubernetes/helm/openslice/templates/mysql-metrico-secret.yaml +++ b/kubernetes/helm/openslice/templates/mysql-metrico-secret.yaml @@ -1,3 +1,4 @@ +{{- if not .Values.oscreds.mysql.metrico.existingSecret -}} apiVersion: v1 kind: Secret metadata: @@ -12,3 +13,4 @@ data: username: {{ .Values.oscreds.mysql.metrico.username | default "metricouser" | b64enc }} password: {{ .Values.oscreds.mysql.metrico.password | default "12345" | b64enc }} database: {{ .Values.oscreds.mysql.metrico.database | default "metricodb" | b64enc }} +{{- end -}} diff --git a/kubernetes/helm/openslice/templates/mysql-portal-secret.yaml b/kubernetes/helm/openslice/templates/mysql-portal-secret.yaml index 58bff02..99afd54 100644 --- a/kubernetes/helm/openslice/templates/mysql-portal-secret.yaml +++ b/kubernetes/helm/openslice/templates/mysql-portal-secret.yaml @@ -1,3 +1,4 @@ +{{- if not .Values.oscreds.mysql.portal.existingSecret -}} apiVersion: v1 kind: Secret metadata: @@ -11,4 +12,5 @@ metadata: data: username: {{ .Values.oscreds.mysql.portal.username | default "portaluser" | b64enc }} password: {{ .Values.oscreds.mysql.portal.password | default "12345" | b64enc }} - database: {{ .Values.oscreds.mysql.openslicedb | default "osdb" | b64enc }} + database: {{ .Values.oscreds.mysql.portal.database | default "osdb" | b64enc }} +{{- end -}} diff --git a/kubernetes/helm/openslice/templates/mysql-secret.yaml b/kubernetes/helm/openslice/templates/mysql-secret.yaml index a17dc36..9db23d4 100644 --- a/kubernetes/helm/openslice/templates/mysql-secret.yaml +++ b/kubernetes/helm/openslice/templates/mysql-secret.yaml @@ -1,3 +1,4 @@ +{{- if not .Values.oscreds.mysql.existingSecret -}} apiVersion: v1 kind: Secret metadata: @@ -10,3 +11,4 @@ metadata: name: {{ include "openslice.fullname" . }}-mysql-secrets data: root-password: {{ .Values.oscreds.mysql.password | default "letmein" | b64enc }} +{{- end -}} diff --git a/kubernetes/helm/openslice/templates/mysql.yaml b/kubernetes/helm/openslice/templates/mysql.yaml index 7f9585f..e0cc23d 100644 --- a/kubernetes/helm/openslice/templates/mysql.yaml +++ b/kubernetes/helm/openslice/templates/mysql.yaml @@ -37,7 +37,7 @@ spec: - name: MYSQL_ROOT_PASSWORD valueFrom: secretKeyRef: - name: {{ include "openslice.fullname" . }}-mysql-secrets + name: {{ include "openslice.secrets.mysql" . }} key: root-password resources: {{- toYaml .Values.resources | nindent 12 }} @@ -88,16 +88,16 @@ spec: defaultMode: 0755 - name: mysql-secrets secret: - secretName: {{ include "openslice.fullname" . }}-mysql-secrets + secretName: {{ include "openslice.secrets.mysql" . }} - name: mysql-portal-secrets secret: - secretName: {{ include "openslice.fullname" . }}-mysql-portal-secrets + secretName: {{ include "openslice.secrets.portal.mysql" . }} - name: mysql-keycloak-secrets secret: - secretName: {{ include "openslice.fullname" . }}-mysql-keycloak-secrets + secretName: {{ include "openslice.secrets.keycloak.mysql" . }} - name: mysql-metrico-secrets secret: - secretName: {{ include "openslice.fullname" . }}-mysql-metrico-secrets + secretName: {{ include "openslice.secrets.metrico.mysql" . }} --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/templates/oasapi.yaml b/kubernetes/helm/openslice/templates/oasapi.yaml index 3cb458c..fa143dc 100644 --- a/kubernetes/helm/openslice/templates/oasapi.yaml +++ b/kubernetes/helm/openslice/templates/oasapi.yaml @@ -85,10 +85,10 @@ spec: volumes: - name: artemis-secrets secret: - secretName: {{ include "openslice.fullname" . }}-artemis-secret + secretName: {{ include "openslice.secrets.activemq" . }} - name: mysql-portal-secrets secret: - secretName: {{ include "openslice.fullname" . }}-mysql-portal-secrets + secretName: {{ include "openslice.secrets.portal.mysql" . }} --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/templates/osom.yaml b/kubernetes/helm/openslice/templates/osom.yaml index f5a1617..31a8ab9 100644 --- a/kubernetes/helm/openslice/templates/osom.yaml +++ b/kubernetes/helm/openslice/templates/osom.yaml @@ -54,7 +54,7 @@ spec: volumes: - name: artemis-secrets secret: - secretName: {{ include "openslice.fullname" . }}-artemis-secret + secretName: {{ include "openslice.secrets.activemq" . }} --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/templates/osportalapi.yaml b/kubernetes/helm/openslice/templates/osportalapi.yaml index afe161a..5f77364 100644 --- a/kubernetes/helm/openslice/templates/osportalapi.yaml +++ b/kubernetes/helm/openslice/templates/osportalapi.yaml @@ -88,10 +88,10 @@ spec: claimName: {{ include "openslice.fullname" . }}-osportalapi-claim0 - name: artemis-secrets secret: - secretName: {{ include "openslice.fullname" . }}-artemis-secret + secretName: {{ include "openslice.secrets.activemq" . }} - name: mysql-portal-secrets secret: - secretName: {{ include "openslice.fullname" . }}-mysql-portal-secrets + secretName: {{ include "openslice.secrets.portal.mysql" . }} --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/templates/osscapi.yaml b/kubernetes/helm/openslice/templates/osscapi.yaml index 2b3be8e..e292335 100644 --- a/kubernetes/helm/openslice/templates/osscapi.yaml +++ b/kubernetes/helm/openslice/templates/osscapi.yaml @@ -92,10 +92,10 @@ spec: claimName: {{ include "openslice.fullname" . }}-osscapi-claim0 - name: artemis-secrets secret: - secretName: {{ include "openslice.fullname" . }}-artemis-secret + secretName: {{ include "openslice.secrets.activemq" . }} - name: mysql-portal-secrets secret: - secretName: {{ include "openslice.fullname" . }}-mysql-portal-secrets + secretName: {{ include "openslice.secrets.portal.mysql" . }} --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/values.yaml b/kubernetes/helm/openslice/values.yaml index 405de62..546672a 100644 --- a/kubernetes/helm/openslice/values.yaml +++ b/kubernetes/helm/openslice/values.yaml @@ -99,22 +99,64 @@ rooturl: ~ # This is the ingress LB IP or domain - ex. http://openslice.com:port oscreds: activemq: + # The name of an existing secret to use for the activemq broker. + # + # The secret requires the following keys: + # - `username` the broker user + # - `password` the broker password + existingSecret: "" + user: artemis password: artemis mysql: - username: root + # The name of an existing secret to use for the mysql root user. + # + # The secret requires the following keys: + # - `root-password` containing the mysql root password. + existingSecret: "" + password: letmein - openslicedb: osdb - keycloak: + + keycloak: + # The name of an existing secret to use for the mysql keycloak user. + # + # The secret requires the following keys: + # - `username` the database user + # - `password` the database user's password + # - `database` the database to use for keycloak + existingMySQLSecret: "" + + # The name of an existing secret to use for keycloak. + # + # The secret requires the following keys: + # - `admin-password` the adminstrator password for keycloak + existingSecret: "" + database: keycloak username: keycloak password: password adminpassword: Pa55w0rd portal: + # The name of an existing secret to use for the mysql portal user. + # + # The secret requires the following keys: + # - `username` the database user + # - `password` the database user's password + # - `database` the database to use for the portal + existingSecret: "" + database: osdb username: portaluser password: "12345" metrico: + # The name of an existing secret to use for the mysql metrico user. + # + # The secret requires the following keys: + # - `username` the database user + # - `password` the database user's password + # - `database` the database to use for metrico + existingSecret: "" + database: metricodb username: metricouser password: "12345" -- GitLab From e62987433cdb5ba05bd5a6dd1992ea90d940ef65 Mon Sep 17 00:00:00 2001 From: Kostis Trantzas Date: Fri, 21 Nov 2025 15:20:04 +0000 Subject: [PATCH 07/22] Reverting the prepopulation of the oauth client id --- kubernetes/helm/openslice/templates/mcp-server.yaml | 3 ++- kubernetes/helm/openslice/templates/oasapi.yaml | 3 ++- kubernetes/helm/openslice/templates/osportalapi.yaml | 1 + kubernetes/helm/openslice/templates/osscapi.yaml | 1 + 4 files changed, 6 insertions(+), 2 deletions(-) diff --git a/kubernetes/helm/openslice/templates/mcp-server.yaml b/kubernetes/helm/openslice/templates/mcp-server.yaml index d834a8d..4b2e44a 100644 --- a/kubernetes/helm/openslice/templates/mcp-server.yaml +++ b/kubernetes/helm/openslice/templates/mcp-server.yaml @@ -39,7 +39,8 @@ spec: "spring-addons.issuers[0].claims[1].jsonPath":"$.resource_access.*.roles", "spring.security.oauth2.resourceserver.jwt.issuer-uri": "{{ .Values.rooturl }}/auth/realms/openslice", "springdoc.oAuthFlow.authorizationUrl": "{{ .Values.rooturl }}/auth/realms/openslice/protocol/openid-connect/auth", - "springdoc.oAuthFlow.tokenUrl": "{{ .Values.rooturl }}/auth/realms/openslice/protocol/openid-connect/token", + "springdoc.oAuthFlow.tokenUrl": "{{ .Values.rooturl }}/auth/realms/openslice/protocol/openid-connect/token", + "springdoc.oauth.client-id": "osapiWebClientId", "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", "logging.level.org.springframework": "{{ .Values.mcpserver.spring.logLevel | default "INFO" }}" } diff --git a/kubernetes/helm/openslice/templates/oasapi.yaml b/kubernetes/helm/openslice/templates/oasapi.yaml index 871bf76..11d547c 100644 --- a/kubernetes/helm/openslice/templates/oasapi.yaml +++ b/kubernetes/helm/openslice/templates/oasapi.yaml @@ -49,7 +49,8 @@ spec: "spring-addons.issuers[0].claims[1].jsonPath":"$.resource_access.*.roles", "spring.security.oauth2.resourceserver.jwt.issuer-uri": "{{ .Values.rooturl }}/auth/realms/openslice", "springdoc.oAuthFlow.authorizationUrl": "{{ .Values.rooturl }}/auth/realms/openslice/protocol/openid-connect/auth", - "springdoc.oAuthFlow.tokenUrl": "{{ .Values.rooturl }}/auth/realms/openslice/protocol/openid-connect/token", + "springdoc.oAuthFlow.tokenUrl": "{{ .Values.rooturl }}/auth/realms/openslice/protocol/openid-connect/token", + "springdoc.oauth.client-id": "osapiWebClientId", "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", "logging.level.org.springframework" : "{{ .Values.oasapi.spring.logLevel | default "INFO" }}", "server.forward-headers-strategy":"FRAMEWORK" diff --git a/kubernetes/helm/openslice/templates/osportalapi.yaml b/kubernetes/helm/openslice/templates/osportalapi.yaml index 4a68160..7cae88e 100644 --- a/kubernetes/helm/openslice/templates/osportalapi.yaml +++ b/kubernetes/helm/openslice/templates/osportalapi.yaml @@ -51,6 +51,7 @@ spec: "spring.security.oauth2.resourceserver.jwt.issuer-uri": "{{ .Values.rooturl }}/auth/realms/openslice", "springdoc.oAuthFlow.authorizationUrl": "{{ .Values.rooturl }}/auth/realms/openslice/protocol/openid-connect/auth", "springdoc.oAuthFlow.tokenUrl": "{{ .Values.rooturl }}/auth/realms/openslice/protocol/openid-connect/token", + "springdoc.oauth.client-id": "osapiWebClientId", "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", "logging.level.org.springframework" : "{{ .Values.portalapi.spring.logLevel | default "INFO" }}", "logging.level.org.etsi.osl.portal.api": "{{ .Values.portalapi.logLevel | default "INFO" }}", diff --git a/kubernetes/helm/openslice/templates/osscapi.yaml b/kubernetes/helm/openslice/templates/osscapi.yaml index 2a0b703..abfcbba 100644 --- a/kubernetes/helm/openslice/templates/osscapi.yaml +++ b/kubernetes/helm/openslice/templates/osscapi.yaml @@ -51,6 +51,7 @@ spec: "spring.security.oauth2.resourceserver.jwt.jwk-set-uri":"{{ .Values.rooturl }}/auth/realms/openslice/.well-known/openid-configuration", "springdoc.oAuthFlow.authorizationUrl":"{{ .Values.rooturl }}/auth/realms/openslice/protocol/openid-connect/auth", "springdoc.oAuthFlow.tokenUrl":"{{ .Values.rooturl }}/auth/realms/openslice/protocol/openid-connect/token", + "springdoc.oauth.client-id": "osapiWebClientId", "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", "logging.level.org.springframework": "{{ .Values.osscapi.spring.logLevel | default "INFO" }}", "kroki.serverurl":"{{ .Values.rooturl }}/kroki", -- GitLab From 4ef80f194cc818189b825797f3b55cd0ac020c7d Mon Sep 17 00:00:00 2001 From: Kostis Trantzas Date: Thu, 27 Nov 2025 12:24:46 +0000 Subject: [PATCH 08/22] Using the 'develop' tagged images towards the preparation for Release 2025Q4 --- compose/docker-compose.yaml.configure | 20 ++++++++++---------- kubernetes/helm/openslice/values.yaml | 24 ++++++++++++------------ 2 files changed, 22 insertions(+), 22 deletions(-) diff --git a/compose/docker-compose.yaml.configure b/compose/docker-compose.yaml.configure index 5026f35..905739d 100644 --- a/compose/docker-compose.yaml.configure +++ b/compose/docker-compose.yaml.configure @@ -105,7 +105,7 @@ services: build: context: ../../org.etsi.osl.portal.api/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.portal.api:latest + image: labs.etsi.org:5050/osl/code/org.etsi.osl.portal.api:develop environment: SPRING_APPLICATION_JSON: '{ "origins": "http://localhost", @@ -153,7 +153,7 @@ services: build: context: ../../org.etsi.osl.mano/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.mano:latest + image: labs.etsi.org:5050/osl/code/org.etsi.osl.mano:develop environment: SPRING_APPLICATION_JSON: '{ "spring.activemq.brokerUrl": "tcp://anartemis:61616?jms.watchTopicAdvisories=false", @@ -179,7 +179,7 @@ services: build: context: ../../org.etsi.osl.bugzilla/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.bugzilla:latest + image: labs.etsi.org:5050/osl/code/org.etsi.osl.bugzilla:develop environment: SPRING_APPLICATION_JSON: '{ "spring.activemq.brokerUrl": "tcp://anartemis:61616?jms.watchTopicAdvisories=false", @@ -210,7 +210,7 @@ services: build: context: ../../org.etsi.osl.tmf.api/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.tmf.api:latest + image: labs.etsi.org:5050/osl/code/org.etsi.osl.tmf.api:develop environment: SPRING_APPLICATION_JSON: '{ "origins": "http://localhost", @@ -258,7 +258,7 @@ services: build: context: ../../org.etsi.osl.osom/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.osom:latest + image: labs.etsi.org:5050/osl/code/org.etsi.osl.osom:develop environment: SPRING_APPLICATION_JSON: '{ "spring.datasource.url" : "jdbc:h2:/tmp/tempdb;DB_CLOSE_DELAY=-1", @@ -289,7 +289,7 @@ services: build: context: ../../org.etsi.osl.oas/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.oas:latest + image: labs.etsi.org:5050/osl/code/org.etsi.osl.oas:develop environment: SPRING_APPLICATION_JSON: '{ "origins": "http://localhost", @@ -331,7 +331,7 @@ services: build: context: ../../org.etsi.osl.cridge/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.cridge:latest + image: labs.etsi.org:5050/osl/code/org.etsi.osl.cridge:develop environment: SPRING_APPLICATION_JSON: '{ "spring.activemq.brokerUrl": "tcp://anartemis:61616?jms.watchTopicAdvisories=false", @@ -360,7 +360,7 @@ services: build: context: ../../org.etsi.osl.metrico/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.metrico:latest + image: labs.etsi.org:5050/osl/code/org.etsi.osl.metrico:develop environment: SPRING_APPLICATION_JSON: '{ "spring.datasource.url": "jdbc:mysql://amysql/metricodb?createDatabaseIfNotExist=true&useUnicode=true&characterEncoding=utf8&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=UTC", @@ -391,7 +391,7 @@ services: build: context: ../../org.etsi.osl.mcp.server/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.mcp.server:latest + image: labs.etsi.org:5050/osl/code/org.etsi.osl.mcp.server:develop environment: SPRING_APPLICATION_JSON: '{ "spring.datasource.url": "jdbc:mysql://amysql/osdb?createDatabaseIfNotExist=true", @@ -447,7 +447,7 @@ services: build: context: ../../org.etsi.osl.centrallog.service/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.centrallog.service:latest + image: labs.etsi.org:5050/osl/code/org.etsi.osl.centrallog.service:develop environment: SPRING_APPLICATION_JSON: '{ "spring.activemq.brokerUrl": "tcp://anartemis:61616?jms.watchTopicAdvisories=false", diff --git a/kubernetes/helm/openslice/values.yaml b/kubernetes/helm/openslice/values.yaml index 2a66cd8..353f10f 100644 --- a/kubernetes/helm/openslice/values.yaml +++ b/kubernetes/helm/openslice/values.yaml @@ -19,12 +19,12 @@ image: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.bugzilla pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "latest" + tag: "develop" centrallog: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.centrallog.service pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "latest" + tag: "develop" keycloak: repository: quay.io/keycloak/keycloak pullPolicy: Always @@ -39,22 +39,22 @@ image: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.mano pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "latest" + tag: "develop" osom: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.osom pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "latest" + tag: "develop" portalapi: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.portal.api pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "latest" + tag: "develop" osscapi: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.tmf.api pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "latest" + tag: "develop" mysql: repository: mysql pullPolicy: Always @@ -64,31 +64,31 @@ image: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.oas pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "latest" + tag: "develop" portalweb: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.portal.web pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "latest" + tag: "develop" tmfweb: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.tmf.web pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "latest" + tag: "develop" cridge: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.cridge pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "latest" + tag: "develop" metrico: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.metrico pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "latest" + tag: "develop" mcpserver: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.mcp.server # Overrides the image tag whose default is the chart appVersion. - tag: latest + tag: develop pullPolicy: Always bugzillaurl: example.com:443/bugzilla -- GitLab From 562590750167d125daf8cc82235fb94e3887c327 Mon Sep 17 00:00:00 2001 From: trantzas Date: Thu, 27 Nov 2025 19:18:13 +0200 Subject: [PATCH 09/22] APIs using correct dbs (fix for #58) --- .gitignore | 5 +++++ .../openslice/files/mysql-init/entrypoint.sh | 7 +++++++ kubernetes/helm/openslice/templates/_helpers.tpl | 8 ++++++++ .../openslice/templates/mysql-tmf-secret.yaml | 16 ++++++++++++++++ kubernetes/helm/openslice/templates/mysql.yaml | 6 ++++++ kubernetes/helm/openslice/templates/oasapi.yaml | 12 ++++++------ .../helm/openslice/templates/osportalapi.yaml | 2 +- kubernetes/helm/openslice/templates/osscapi.yaml | 12 ++++++------ kubernetes/helm/openslice/values.yaml | 12 ++++++++++++ 9 files changed, 67 insertions(+), 13 deletions(-) create mode 100644 kubernetes/helm/openslice/templates/mysql-tmf-secret.yaml diff --git a/.gitignore b/.gitignore index 01d35d6..c62d1f0 100644 --- a/.gitignore +++ b/.gitignore @@ -4,3 +4,8 @@ .classpath /.settings +compose/kubedir/config +kubernetes/helm/openslice/files/org.etsi.osl.cridge/kubeconfig.yaml +kubernetes/helm/openslice/files/org.etsi.osl.portal.web/src/js/config.js +kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.prod.json +kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/theming.scss diff --git a/kubernetes/helm/openslice/files/mysql-init/entrypoint.sh b/kubernetes/helm/openslice/files/mysql-init/entrypoint.sh index fe7dc19..e9e6bcd 100644 --- a/kubernetes/helm/openslice/files/mysql-init/entrypoint.sh +++ b/kubernetes/helm/openslice/files/mysql-init/entrypoint.sh @@ -22,6 +22,9 @@ create_user() { PORTAL_USER="$(< /var/run/secrets/portal/username)" PORTAL_DATABASE="$(< /var/run/secrets/portal/database)" +TMF_USER="$(< /var/run/secrets/tmf/username)" +TMF_DATABASE="$(< /var/run/secrets/tmf/database)" + KEYCLOAK_USER="$(< /var/run/secrets/keycloak/username)" KEYCLOAK_DATABASE="$(< /var/run/secrets/keycloak/database)" @@ -32,11 +35,13 @@ run_mysql --execute \ " # create databases CREATE DATABASE IF NOT EXISTS $PORTAL_DATABASE; +CREATE DATABASE IF NOT EXISTS $TMF_DATABASE; CREATE DATABASE IF NOT EXISTS $KEYCLOAK_DATABASE; CREATE DATABASE IF NOT EXISTS $METRICO_DATABASE; " create_user "$PORTAL_USER" "$(< /var/run/secrets/portal/password)" +create_user "$TMF_USER" "$(< /var/run/secrets/tmf/password)" create_user "$KEYCLOAK_USER" "$(< /var/run/secrets/keycloak/password)" create_user "$METRICO_USER" "$(< /var/run/secrets/metrico/password)" @@ -44,6 +49,8 @@ run_mysql --execute \ " # Grant portal user rights to the portal database GRANT ALL PRIVILEGES ON $PORTAL_DATABASE.* TO '$PORTAL_USER'@'%'; +# Grant tmf user rights to the tmf database +GRANT ALL PRIVILEGES ON $TMF_DATABASE.* TO '$TMF_USER'@'%'; # Grant keycloak user rights to the portal database GRANT ALL PRIVILEGES ON $KEYCLOAK_DATABASE.* TO '$KEYCLOAK_USER'@'%'; # Grant metrico user rights to the portal database diff --git a/kubernetes/helm/openslice/templates/_helpers.tpl b/kubernetes/helm/openslice/templates/_helpers.tpl index fa5e591..b4dd9c5 100644 --- a/kubernetes/helm/openslice/templates/_helpers.tpl +++ b/kubernetes/helm/openslice/templates/_helpers.tpl @@ -104,6 +104,14 @@ Secrets {{- end }} {{- end }} +{{- define "openslice.secrets.tmf.mysql" -}} +{{- if .Values.oscreds.mysql.tmf.existingSecret }} +{{- .Values.oscreds.mysql.tmf.existingSecret }} +{{- else }} +{{- include "openslice.fullname" . }}-mysql-tmf-secrets +{{- end }} +{{- end }} + {{- define "openslice.secrets.metrico.mysql" -}} {{- if .Values.oscreds.mysql.metrico.existingSecret }} {{- .Values.oscreds.mysql.metrico.existingSecret }} diff --git a/kubernetes/helm/openslice/templates/mysql-tmf-secret.yaml b/kubernetes/helm/openslice/templates/mysql-tmf-secret.yaml new file mode 100644 index 0000000..8d5a50c --- /dev/null +++ b/kubernetes/helm/openslice/templates/mysql-tmf-secret.yaml @@ -0,0 +1,16 @@ +{{- if not .Values.oscreds.mysql.tmf.existingSecret -}} +apiVersion: v1 +kind: Secret +metadata: + namespace: {{ .Release.Namespace }} + labels: + app: {{ include "openslice.fullname" . }} + org.etsi.osl.service: mysql + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + {{- include "openslice.labels" . | nindent 4 }} + name: {{ include "openslice.fullname" . }}-mysql-tmf-secrets +data: + username: {{ .Values.oscreds.mysql.tmf.username | default "tmfuser" | b64enc }} + password: {{ .Values.oscreds.mysql.tmf.password | default "12345" | b64enc }} + database: {{ .Values.oscreds.mysql.tmf.database | default "ostmfdb" | b64enc }} +{{- end -}} diff --git a/kubernetes/helm/openslice/templates/mysql.yaml b/kubernetes/helm/openslice/templates/mysql.yaml index e0cc23d..aebd6fb 100644 --- a/kubernetes/helm/openslice/templates/mysql.yaml +++ b/kubernetes/helm/openslice/templates/mysql.yaml @@ -58,6 +58,9 @@ spec: - mountPath: "/var/run/secrets/portal" readOnly: true name: mysql-portal-secrets + - mountPath: "/var/run/secrets/tmf" + readOnly: true + name: mysql-tmf-secrets - mountPath: "/var/run/secrets/keycloak" readOnly: true name: mysql-keycloak-secrets @@ -92,6 +95,9 @@ spec: - name: mysql-portal-secrets secret: secretName: {{ include "openslice.secrets.portal.mysql" . }} + - name: mysql-tmf-secrets + secret: + secretName: {{ include "openslice.secrets.tmf.mysql" . }} - name: mysql-keycloak-secrets secret: secretName: {{ include "openslice.secrets.keycloak.mysql" . }} diff --git a/kubernetes/helm/openslice/templates/oasapi.yaml b/kubernetes/helm/openslice/templates/oasapi.yaml index 0efc1ab..427e2ff 100644 --- a/kubernetes/helm/openslice/templates/oasapi.yaml +++ b/kubernetes/helm/openslice/templates/oasapi.yaml @@ -28,7 +28,7 @@ spec: - name: init-keycloak image: busybox:1.28 command: ['sh', '-c', "until nslookup {{ include "openslice.fullname" . }}-keycloak; do echo waiting for keycloak; sleep 2; done"] - - name: init-mysql-portal + - name: init-mysql image: busybox:1.28 command: ['sh', '-c', "until nslookup {{ include "openslice.fullname" . }}-mysql; do echo waiting for mysql; sleep 2; done"] hostNetwork: {{ .Values.hostNetwork }} @@ -42,7 +42,7 @@ spec: { "origins":"{{ .Values.rooturl }}", "spring.config.import": "configtree:/etc/config/", - "spring.datasource.url": "jdbc:mysql://{{ include "openslice.fullname" . }}-mysql/{{ .Values.oscreds.mysql.portal.database }}", + "spring.datasource.url": "jdbc:mysql://{{ include "openslice.fullname" . }}-mysql/{{ .Values.oscreds.mysql.tmf.database }}", "spring-addons.issuers[0].uri": "{{ .Values.rooturl }}/auth/realms/openslice", "spring-addons.issuers[0].username-json-path":"$.preferred_username", "spring-addons.issuers[0].claims[0].jsonPath":"$.realm_access.roles", @@ -65,11 +65,11 @@ spec: port: 13101 volumeMounts: - mountPath: "/etc/config/spring.datasource.username" - name: mysql-portal-secrets + name: mysql-tmf-secrets subPath: username readOnly: true - mountPath: "/etc/config/spring.datasource.password" - name: mysql-portal-secrets + name: mysql-tmf-secrets subPath: password readOnly: true - mountPath: "/etc/config/spring.activemq.user" @@ -85,9 +85,9 @@ spec: - name: artemis-secrets secret: secretName: {{ include "openslice.secrets.activemq" . }} - - name: mysql-portal-secrets + - name: mysql-tmf-secrets secret: - secretName: {{ include "openslice.secrets.portal.mysql" . }} + secretName: {{ include "openslice.secrets.tmf.mysql" . }} --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/templates/osportalapi.yaml b/kubernetes/helm/openslice/templates/osportalapi.yaml index 25d2b41..5612e67 100644 --- a/kubernetes/helm/openslice/templates/osportalapi.yaml +++ b/kubernetes/helm/openslice/templates/osportalapi.yaml @@ -30,7 +30,7 @@ spec: - name: init-keycloak image: busybox:1.28 command: ['sh', '-c', "until nslookup {{ include "openslice.fullname" . }}-keycloak; do echo waiting for keycloak; sleep 2; done"] - - name: init-mysql-portal + - name: init-mysql image: busybox:1.28 command: ['sh', '-c', "until nslookup {{ include "openslice.fullname" . }}-mysql; do echo waiting for mysql; sleep 2; done"] containers: diff --git a/kubernetes/helm/openslice/templates/osscapi.yaml b/kubernetes/helm/openslice/templates/osscapi.yaml index 924cdaf..ab1b72d 100644 --- a/kubernetes/helm/openslice/templates/osscapi.yaml +++ b/kubernetes/helm/openslice/templates/osscapi.yaml @@ -29,7 +29,7 @@ spec: - name: init-keycloak image: busybox:1.28 command: ['sh', '-c', "until nslookup {{ include "openslice.fullname" . }}-keycloak; do echo waiting for keycloak; sleep 2; done"] - - name: init-mysql-portal + - name: init-mysql image: busybox:1.28 command: ['sh', '-c', "until nslookup {{ include "openslice.fullname" . }}-mysql; do echo waiting for mysql; sleep 2; done"] containers: @@ -42,7 +42,7 @@ spec: { "origins":"{{ .Values.rooturl }}", "spring.config.import": "configtree:/etc/config/", - "spring.datasource.url": "jdbc:mysql://{{ include "openslice.fullname" . }}-mysql/{{ .Values.oscreds.mysql.portal.database }}", + "spring.datasource.url": "jdbc:mysql://{{ include "openslice.fullname" . }}-mysql/{{ .Values.oscreds.mysql.tmf.database }}", "spring-addons.issuers[0].uri":"{{ .Values.rooturl }}/auth/realms/openslice", "spring-addons.issuers[0].username-json-path":"$.preferred_username", "spring-addons.issuers[0].claims[0].jsonPath":"$.realm_access.roles", @@ -65,11 +65,11 @@ spec: - mountPath: /root name: osscapi-claim0 - mountPath: "/etc/config/spring.datasource.username" - name: mysql-portal-secrets + name: mysql-tmf-secrets subPath: username readOnly: true - mountPath: "/etc/config/spring.datasource.password" - name: mysql-portal-secrets + name: mysql-tmf-secrets subPath: password readOnly: true - mountPath: "/etc/config/spring.activemq.user" @@ -92,9 +92,9 @@ spec: - name: artemis-secrets secret: secretName: {{ include "openslice.secrets.activemq" . }} - - name: mysql-portal-secrets + - name: mysql-tmf-secrets secret: - secretName: {{ include "openslice.secrets.portal.mysql" . }} + secretName: {{ include "openslice.secrets.tmf.mysql" . }} --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/values.yaml b/kubernetes/helm/openslice/values.yaml index 353f10f..68c48ab 100644 --- a/kubernetes/helm/openslice/values.yaml +++ b/kubernetes/helm/openslice/values.yaml @@ -136,6 +136,18 @@ oscreds: username: keycloak password: password adminpassword: Pa55w0rd + tmf: + # The name of an existing secret to use for the tmf portal user. + # + # The secret requires the following keys: + # - `username` the database user + # - `password` the database user's password + # - `database` the database to use for the tmf apis + existingSecret: "" + + database: ostmfdb + username: tmfuser + password: "12345" portal: # The name of an existing secret to use for the mysql portal user. # -- GitLab From c5bd8fdeacea092a8302245967b4f0f13bd97509 Mon Sep 17 00:00:00 2001 From: Kostis Trantzas Date: Mon, 22 Dec 2025 12:53:05 +0000 Subject: [PATCH 10/22] Adding mcp.backend version to the main pom (fix for #59) --- pom.xml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pom.xml b/pom.xml index bc9dc2f..e9b8cf3 100644 --- a/pom.xml +++ b/pom.xml @@ -52,6 +52,8 @@ 1.3.0-SNAPSHOT 1.0.1-SNAPSHOT 1.1.0-SNAPSHOT + 1.0.0-SNAPSHOT + -- GitLab From c72f2acccabc14eb411eaba841604d6d2926ae78 Mon Sep 17 00:00:00 2001 From: denazi Date: Tue, 23 Dec 2025 14:35:04 +0200 Subject: [PATCH 11/22] Main #60: Addition of OpenSlice Observability Dashboard and readme --- kubernetes/observability/README.md | 24 + .../openslice_observability_dashboard.json | 2956 +++++++++++++++++ 2 files changed, 2980 insertions(+) create mode 100644 kubernetes/observability/README.md create mode 100644 kubernetes/observability/openslice_observability_dashboard.json diff --git a/kubernetes/observability/README.md b/kubernetes/observability/README.md new file mode 100644 index 0000000..d0c1635 --- /dev/null +++ b/kubernetes/observability/README.md @@ -0,0 +1,24 @@ +# Openslice Pod Metrics and Logs Dashboard (Grafana) + +A dashboard to visualize Kubernetes pod metrics and logs. + +## Prerequisites + +- **Grafana** + A running Grafana instance (v7.0+ recommended). +- **Prometheus data source** + - Must be added in Grafana and scraping your cluster’s metrics (e.g. via kube-prometheus or another Prometheus setup). +- **Loki data source** + - Must be added in Grafana to include pod logs alongside metrics. +- **Kubernetes metrics exposure** + - Metrics-server or Prometheus exporters installed so that Prometheus can scrape pod-level metrics. + +## Import Dashboard from JSON + +1. In your Grafana UI, click **“Import”**. +2. Under **“Upload JSON file”**, select + `kubernetes/helm/observability/openslice_observability_dashboard.json`. +3. Choose your **Prometheus** data source. +4. Choose your **Loki** data source. +5. Click **“Import”**. +6. In the **“namespace”** variable dropdown, select `openslice`. diff --git a/kubernetes/observability/openslice_observability_dashboard.json b/kubernetes/observability/openslice_observability_dashboard.json new file mode 100644 index 0000000..3120d42 --- /dev/null +++ b/kubernetes/observability/openslice_observability_dashboard.json @@ -0,0 +1,2956 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": 30, + "links": [], + "panels": [ + { + "collapsed": false, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 0 + }, + "id": 34, + "panels": [], + "title": "Overview", + "type": "row" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 6, + "x": 0, + "y": 1 + }, + "id": 35, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "percentChangeColorMode": "inverted", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showPercentChange": true, + "textMode": "auto", + "wideLayout": true + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "editorMode": "code", + "expr": "100 * sum(rate(container_cpu_usage_seconds_total{namespace=\"$namespace\", container!=\"\", container!=\"POD\"}[5m]))\r\n /\r\nsum(machine_cpu_cores)\r\n", + "legendFormat": "__auto", + "range": true, + "refId": "A" + } + ], + "title": "% CPU Usage", + "type": "stat" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 6, + "x": 6, + "y": 1 + }, + "id": 36, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "percentChangeColorMode": "inverted", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showPercentChange": true, + "textMode": "auto", + "wideLayout": true + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "editorMode": "code", + "expr": "100 * sum(container_memory_usage_bytes{namespace=\"$namespace\", container!=\"\", container!=\"POD\"})\r\n /\r\nsum(machine_memory_bytes)\r\n\r\n", + "legendFormat": "__auto", + "range": true, + "refId": "A" + } + ], + "title": "% Memory Usage", + "type": "stat" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "fixedColor": "red", + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 1 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 6, + "x": 12, + "y": 1 + }, + "id": 37, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "percentChangeColorMode": "standard", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showPercentChange": true, + "textMode": "auto", + "wideLayout": true + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "editorMode": "code", + "exemplar": false, + "expr": "count(kube_pod_container_status_waiting_reason{namespace=\"$namespace\", reason=~\"CrashLoopBackOff|ImagePullBackOff|ErrImagePull|Error\"}) or on() vector(0)\r\n", + "instant": true, + "legendFormat": "__auto", + "range": false, + "refId": "A" + } + ], + "title": "Pods with Errors", + "type": "stat" + }, + { + "datasource": { + "type": "loki", + "uid": "bezqj2szkivi8d" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 1 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 6, + "x": 18, + "y": 1 + }, + "id": 38, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "percentChangeColorMode": "inverted", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showPercentChange": true, + "textMode": "auto", + "wideLayout": true + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "bezqj2szkivi8d" + }, + "direction": "backward", + "editorMode": "code", + "expr": "sum(count_over_time(({namespace=\"$namespace\"} |~ \"(?i)Error\")[$__range])) ", + "queryType": "range", + "refId": "A" + } + ], + "title": "Number of Errors in Logs", + "type": "stat" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 8, + "x": 0, + "y": 9 + }, + "id": 28, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "hideZeros": false, + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "editorMode": "code", + "expr": "avg_over_time(node_cpu_seconds_total{mode=\"iowait\"}[5m])\r\n", + "legendFormat": "{{cpu}}, {{instance}}", + "range": true, + "refId": "A" + } + ], + "title": "CPU Pressure", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 8, + "x": 8, + "y": 9 + }, + "id": 29, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "hideZeros": false, + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "editorMode": "code", + "expr": "node_memory_MemAvailable_bytes / node_memory_MemTotal_bytes\r\n", + "legendFormat": "{{instance}}", + "range": true, + "refId": "A" + } + ], + "title": "Memory Pressure", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 8, + "x": 16, + "y": 9 + }, + "id": 33, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "hideZeros": false, + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "editorMode": "code", + "expr": "100 * (1 - (node_filesystem_avail_bytes{fstype!=\"tmpfs\",fstype!=\"overlay\"} / node_filesystem_size_bytes{fstype!=\"tmpfs\",fstype!=\"overlay\"}))\r\n", + "legendFormat": "{{device}}: {{instance}}", + "range": true, + "refId": "A" + } + ], + "title": "Disk pressure", + "type": "timeseries" + }, + { + "collapsed": false, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 17 + }, + "id": 2, + "panels": [], + "title": "Memory Usage", + "type": "row" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "decbytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 15, + "x": 0, + "y": 18 + }, + "id": 1, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "hideZeros": false, + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "editorMode": "code", + "expr": "sum(\r\n container_memory_working_set_bytes{namespace=\"$namespace\", container!=\"\", container!=\"POD\"}\r\n)\r\n", + "hide": false, + "instant": false, + "legendFormat": "Total memory usage", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "editorMode": "code", + "expr": "sum by (pod) (\r\n container_memory_working_set_bytes{namespace=\"$namespace\", container!=\"\", container!=\"POD\"}\r\n)\r\n", + "hide": false, + "instant": false, + "legendFormat": "__auto", + "range": true, + "refId": "B" + } + ], + "title": "Memory Usage in namespace $namespace", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "max": 100, + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 9, + "x": 15, + "y": 18 + }, + "id": 3, + "options": { + "minVizHeight": 75, + "minVizWidth": 75, + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showThresholdLabels": false, + "showThresholdMarkers": true, + "sizing": "auto" + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "editorMode": "code", + "expr": "(\r\n sum(container_memory_usage_bytes{namespace=\"$namespace\", container!=\"\", container!=\"POD\"})\r\n /\r\n (sum(kube_node_status_allocatable_memory_bytes) or sum(node_memory_MemTotal_bytes))\r\n) * 100\r\n", + "legendFormat": "__auto", + "range": true, + "refId": "A" + } + ], + "title": "% Memory Usage in namespace $namespace", + "type": "gauge" + }, + { + "collapsed": false, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 26 + }, + "id": 4, + "panels": [], + "title": "CPU Usage", + "type": "row" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "cores" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 27 + }, + "id": 5, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "hideZeros": false, + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "editorMode": "code", + "expr": "sum(\r\n rate(container_cpu_usage_seconds_total{namespace=\"$namespace\", container!=\"\", container!=\"POD\"}[5m])\r\n)\r\n", + "hide": false, + "instant": false, + "legendFormat": "Total CPU usage", + "range": true, + "refId": "B" + }, + { + "editorMode": "code", + "expr": "sum by(pod) (\r\n rate(container_cpu_usage_seconds_total{namespace=\"$namespace\", container!=\"\", container!=\"POD\"}[5m])\r\n)\r\n", + "legendFormat": "__auto", + "range": true, + "refId": "A" + } + ], + "title": "CPU Usage in namespace $namespace", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 27 + }, + "id": 6, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "hideZeros": false, + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "editorMode": "code", + "expr": "node_load5{instance=~\".*\"}", + "legendFormat": "5m load average on {{instance}}", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "editorMode": "code", + "expr": "node_load1{instance=~\".*\"}", + "hide": false, + "instant": false, + "legendFormat": "1m load average on {{instance}}", + "range": true, + "refId": "B" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "editorMode": "code", + "expr": "count(node_cpu_seconds_total{instance=~\".*\", mode=\"idle\"})", + "hide": false, + "instant": false, + "legendFormat": "logical cores", + "range": true, + "refId": "C" + } + ], + "title": "Load Average per Instance", + "type": "timeseries" + }, + { + "collapsed": false, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 35 + }, + "id": 7, + "panels": [], + "title": "Disk Usage", + "type": "row" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "ops" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 36 + }, + "id": 8, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "hideZeros": false, + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "editorMode": "code", + "expr": "sum by (pod) (\r\n rate(container_fs_reads_total{\r\n namespace=\"$namespace\",\r\n container!=\"\", \r\n container!=\"POD\"\r\n }[5m])\r\n)\r\n", + "legendFormat": "__auto", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "editorMode": "code", + "expr": "sum(\r\n rate(container_fs_reads_total{\r\n namespace=\"$namespace\",\r\n container!=\"\", \r\n container!=\"POD\"\r\n }[5m])\r\n)\r\n", + "hide": false, + "instant": false, + "legendFormat": "total disk input operations", + "range": true, + "refId": "B" + } + ], + "title": "Disk Input Operations per pod in namespace $namespace", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "ops" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 36 + }, + "id": 9, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "hideZeros": false, + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "editorMode": "code", + "expr": "sum by (pod) (\r\n rate(container_fs_writes_total{\r\n namespace=\"$namespace\",\r\n container!=\"\", \r\n container!=\"POD\"\r\n }[5m])\r\n)\r\n", + "legendFormat": "__auto", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "editorMode": "code", + "expr": "sum(\r\n rate(container_fs_writes_total{\r\n namespace=\"$namespace\",\r\n container!=\"\", \r\n container!=\"POD\"\r\n }[5m])\r\n)\r\n", + "hide": false, + "instant": false, + "legendFormat": "total disk output operations", + "range": true, + "refId": "B" + } + ], + "title": "Disk Output Operations per pod in namespace $namespace", + "type": "timeseries" + }, + { + "collapsed": false, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 44 + }, + "id": 10, + "panels": [], + "title": "Network", + "type": "row" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "deckbytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 45 + }, + "id": 12, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "hideZeros": false, + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "editorMode": "code", + "expr": "sum(avg(irate(container_network_receive_bytes_total{namespace=~\"$namespace\"}[$__interval])) by (pod, container))", + "hide": false, + "instant": false, + "legendFormat": "total bytes received", + "range": true, + "refId": "B" + }, + { + "editorMode": "code", + "expr": "avg(irate(container_network_receive_bytes_total{namespace=~\"$namespace\"}[$__interval])) by (pod, container)", + "legendFormat": "__auto", + "range": true, + "refId": "A" + } + ], + "title": "Network Received (bytes)", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "deckbytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 45 + }, + "id": 11, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "hideZeros": false, + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "editorMode": "code", + "expr": "sum(avg(irate(container_network_transmit_bytes_total{namespace=~\"$namespace\"}[$__interval])) by (pod, container))", + "hide": false, + "instant": false, + "legendFormat": "total bytes transmitted", + "range": true, + "refId": "B" + }, + { + "editorMode": "code", + "expr": "avg(irate(container_network_transmit_bytes_total{namespace=~\"$namespace\"}[$__interval])) by (pod, container)", + "legendFormat": "__auto", + "range": true, + "refId": "A" + } + ], + "title": "Network Transmitted (bytes)", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "MBs" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 53 + }, + "id": 18, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "hideZeros": false, + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "editorMode": "code", + "expr": "sum by(pod) (\r\n rate(container_network_receive_bytes_total{\r\n namespace=\"$namespace\",\r\n pod!=\"\",\r\n interface!~\"lo\"\r\n }[$__interval])\r\n)\r\n", + "hide": false, + "instant": false, + "legendFormat": "__auto", + "range": true, + "refId": "B" + } + ], + "title": "Traffic In (Bytes/sec per interface)", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "MBs" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 53 + }, + "id": 19, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "hideZeros": false, + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "editorMode": "code", + "expr": "sum by(pod) (\r\n rate(container_network_transmit_bytes_total{\r\n namespace=\"$namespace\",\r\n pod!=\"\",\r\n interface!~\"lo\"\r\n }[$__interval])\r\n)\r\n", + "legendFormat": "__auto", + "range": true, + "refId": "A" + } + ], + "title": "Traffic Out (Bytes/sec per interface)", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 61 + }, + "id": 20, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "hideZeros": false, + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "editorMode": "code", + "expr": "sum by(pod) (\r\n rate(container_network_receive_errors_total{\r\n namespace=\"$namespace\",\r\n pod!=\"\",\r\n interface!~\"lo\"\r\n }[$__interval])\r\n)\r\n", + "legendFormat": "__auto", + "range": true, + "refId": "A" + } + ], + "title": "Errors Rx per pods", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 61 + }, + "id": 21, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "hideZeros": false, + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "editorMode": "code", + "expr": "sum by(pod) (\r\n rate(container_network_transmit_errors_total{\r\n namespace=\"$namespace\",\r\n pod!=\"\",\r\n interface!~\"lo\"\r\n }[$__interval])\r\n)\r\n", + "legendFormat": "__auto", + "range": true, + "refId": "A" + } + ], + "title": "Errors Tx per pod", + "type": "timeseries" + }, + { + "collapsed": false, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 69 + }, + "id": 13, + "panels": [], + "title": "Namespace Workload Summary", + "type": "row" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 9, + "x": 0, + "y": 70 + }, + "id": 14, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "percentChangeColorMode": "standard", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showPercentChange": false, + "textMode": "auto", + "wideLayout": true + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "editorMode": "code", + "exemplar": false, + "expr": "count(\r\n kube_pod_info{namespace=\"$namespace\"}\r\n)\r\n", + "format": "time_series", + "instant": false, + "legendFormat": "__auto", + "range": true, + "refId": "A" + } + ], + "title": "Pods Count in namespace $namespace", + "type": "stat" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 8, + "x": 9, + "y": 70 + }, + "id": 15, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "percentChangeColorMode": "standard", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showPercentChange": false, + "textMode": "auto", + "wideLayout": true + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "editorMode": "code", + "exemplar": false, + "expr": "count(\r\n kube_deployment_created{namespace=\"$namespace\"}\r\n)\r\n", + "format": "time_series", + "instant": false, + "legendFormat": "__auto", + "range": true, + "refId": "A" + } + ], + "title": "Deployments Count in namespace $namespace", + "type": "stat" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 7, + "x": 17, + "y": 70 + }, + "id": 16, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "percentChangeColorMode": "standard", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showPercentChange": false, + "textMode": "auto", + "wideLayout": true + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "editorMode": "code", + "expr": "count(\r\n kube_replicaset_created{namespace=\"$namespace\"}\r\n)\r\n", + "legendFormat": "__auto", + "range": true, + "refId": "A" + } + ], + "title": "ReplicaSet Count in namespace $namespace", + "type": "stat" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 78 + }, + "id": 17, + "options": { + "minVizHeight": 75, + "minVizWidth": 75, + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showThresholdLabels": false, + "showThresholdMarkers": true, + "sizing": "auto" + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "editorMode": "code", + "expr": "sum(\r\n kube_pod_status_ready{namespace=\"$namespace\", condition=\"true\"}\r\n)\r\n", + "legendFormat": "Ready Pods", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "editorMode": "code", + "expr": "sum(\r\n kube_deployment_spec_replicas{namespace=\"$namespace\"}\r\n)\r\n", + "hide": false, + "instant": false, + "legendFormat": "Desired pods", + "range": true, + "refId": "B" + } + ], + "title": "Ready Pods vs Desired Pods", + "type": "gauge" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "custom": { + "align": "auto", + "cellOptions": { + "type": "auto" + }, + "inspect": false + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "pod" + }, + "properties": [ + { + "id": "custom.width", + "value": 335 + } + ] + } + ] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 78 + }, + "id": 22, + "options": { + "cellHeight": "sm", + "footer": { + "countRows": false, + "fields": "", + "reducer": [ + "sum" + ], + "show": false + }, + "frameIndex": 1, + "showHeader": true, + "sortBy": [ + { + "desc": true, + "displayName": "Number of restarts" + } + ] + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "editorMode": "code", + "exemplar": false, + "expr": "sum by (pod) (\r\n kube_pod_container_status_restarts_total{namespace=\"$namespace\"}\r\n)\r\n", + "format": "table", + "hide": false, + "instant": true, + "legendFormat": "__auto", + "range": false, + "refId": "B" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "editorMode": "code", + "exemplar": false, + "expr": "kube_pod_status_phase{namespace=\"$namespace\", phase!=\"Unknown\"}==1\r\n", + "format": "table", + "hide": false, + "instant": true, + "legendFormat": "__auto", + "range": false, + "refId": "A" + } + ], + "title": "Pod States in Namespace $namespace", + "transformations": [ + { + "id": "joinByField", + "options": { + "byField": "pod", + "mode": "outer" + } + }, + { + "id": "organize", + "options": { + "excludeByName": { + "Time 1": true, + "Time 2": true, + "Value #A": true, + "__name__": true, + "container": true, + "endpoint": true, + "instance": true, + "job": true, + "namespace": true, + "phase": false, + "service": true, + "uid": true + }, + "includeByName": {}, + "indexByName": { + "Time 1": 1, + "Time 2": 2, + "Value #A": 13, + "Value #B": 10, + "__name__": 3, + "container": 4, + "endpoint": 5, + "instance": 6, + "job": 7, + "namespace": 8, + "phase": 9, + "pod": 0, + "service": 11, + "uid": 12 + }, + "renameByName": { + "Time 2": "", + "Value #B": "Number of restarts", + "phase": "State" + } + } + } + ], + "type": "table" + }, + { + "collapsed": false, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 86 + }, + "id": 23, + "panels": [], + "title": "Resource Saturation", + "type": "row" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "custom": { + "align": "auto", + "cellOptions": { + "applyToRow": false, + "type": "color-background", + "wrapText": false + }, + "inspect": false + }, + "mappings": [], + "thresholds": { + "mode": "percentage", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 0 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 87 + }, + "id": 26, + "options": { + "cellHeight": "sm", + "footer": { + "countRows": false, + "fields": "", + "reducer": [ + "sum" + ], + "show": false + }, + "showHeader": true + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "editorMode": "code", + "exemplar": false, + "expr": "kube_pod_container_status_waiting_reason{\r\n namespace=\"$namespace\",\r\n reason=~\"CrashLoopBackOff|Error|ImagePullBackOff|ErrImagePull|CreateContainerError\"\r\n}\r\nor\r\nkube_pod_status_phase{namespace=\"$namespace\", phase=\"Failed\"} ==1\r\n", + "format": "table", + "instant": true, + "legendFormat": "__auto", + "range": false, + "refId": "A" + } + ], + "title": "Unhealthy Pods in namespace $namespace", + "transformations": [ + { + "id": "organize", + "options": { + "excludeByName": { + "Time": true, + "Value": true, + "__name__": true, + "endpoint": true, + "instance": true, + "job": true, + "namespace": true, + "reason": false, + "service": true, + "uid": true + }, + "includeByName": {}, + "indexByName": {}, + "orderByMode": "manual", + "renameByName": { + "container": "Container Name", + "pod": "Pod Name", + "reason": "Reason" + } + } + } + ], + "type": "table" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 1 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 87 + }, + "id": 27, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "percentChangeColorMode": "standard", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showPercentChange": false, + "textMode": "auto", + "wideLayout": true + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "editorMode": "code", + "expr": "sum by (pod) (\r\n rate(container_cpu_cfs_throttled_periods_total{\r\n namespace=\"$namespace\", container!=\"\", container!=\"POD\"\r\n }[5m])\r\n) or on() vector(0)\r\n", + "legendFormat": "__auto", + "range": true, + "refId": "A" + } + ], + "title": "Throttled Containers", + "type": "stat" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "fillOpacity": 80, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineWidth": 1, + "scaleDistribution": { + "type": "linear" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "cores" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 95 + }, + "id": 24, + "options": { + "barRadius": 0, + "barWidth": 0.97, + "fullHighlight": false, + "groupWidth": 0.7, + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "orientation": "auto", + "showValue": "auto", + "stacking": "none", + "tooltip": { + "hideZeros": false, + "mode": "single", + "sort": "none" + }, + "xTickLabelRotation": 0, + "xTickLabelSpacing": 0 + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "editorMode": "code", + "exemplar": false, + "expr": "topk(5,\r\n sum by (pod) (\r\n rate(container_cpu_usage_seconds_total{\r\n namespace=\"$namespace\", container!=\"\", container!=\"POD\"\r\n }[$__interval])\r\n )\r\n)\r\n", + "instant": true, + "legendFormat": "__auto", + "range": false, + "refId": "A" + } + ], + "title": "Top 5-CPU Hungry Pods in namespace $namespace", + "type": "barchart" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "fillOpacity": 80, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineWidth": 1, + "scaleDistribution": { + "type": "linear" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "decbytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 95 + }, + "id": 25, + "options": { + "barRadius": 0, + "barWidth": 0.97, + "fullHighlight": false, + "groupWidth": 0.7, + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "orientation": "auto", + "showValue": "auto", + "stacking": "none", + "tooltip": { + "hideZeros": false, + "mode": "single", + "sort": "none" + }, + "xTickLabelRotation": 0, + "xTickLabelSpacing": 0 + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "editorMode": "code", + "exemplar": false, + "expr": "topk(5,\r\n sum by (pod) (\r\n container_memory_usage_bytes{\r\n namespace=\"$namespace\", container!=\"\", container!=\"POD\"\r\n }\r\n )\r\n)\r\n", + "instant": true, + "legendFormat": "__auto", + "range": false, + "refId": "A" + } + ], + "title": "Top 5-Memory Hungry Pods in namespace $namespace", + "type": "barchart" + }, + { + "collapsed": false, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 103 + }, + "id": 39, + "panels": [], + "title": "Logs Overview", + "type": "row" + }, + { + "datasource": { + "type": "loki", + "uid": "bezqj2szkivi8d" + }, + "fieldConfig": { + "defaults": { + "color": { + "fixedColor": "green", + "mode": "fixed" + }, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 104 + }, + "id": 41, + "options": { + "displayMode": "gradient", + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "maxVizHeight": 300, + "minVizHeight": 16, + "minVizWidth": 238, + "namePlacement": "auto", + "orientation": "vertical", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showUnfilled": true, + "sizing": "auto", + "valueMode": "color" + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "bezqj2szkivi8d" + }, + "direction": "backward", + "editorMode": "code", + "expr": "topk(5, sum by (pod) (count_over_time(({namespace=\"$namespace\"} |~ \"(?i)error\")[$__range])))", + "legendFormat": "{{pod}}", + "queryType": "range", + "refId": "A" + } + ], + "title": "Top 5 Error Producing Pods", + "type": "bargauge" + }, + { + "datasource": { + "type": "loki", + "uid": "bezqj2szkivi8d" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": 0 + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 104 + }, + "id": 42, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "hideZeros": false, + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "bezqj2szkivi8d" + }, + "direction": "backward", + "editorMode": "code", + "expr": "sum by (pod) (\r\n count_over_time({namespace=\"$namespace\"} |~ \"(?i)error\" [$__range])\r\n)\r\n", + "legendFormat": "{{pod}}", + "queryType": "range", + "refId": "A" + } + ], + "title": "Error Trends over Time", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "bezqj2szkivi8d" + }, + "fieldConfig": { + "defaults": {}, + "overrides": [] + }, + "gridPos": { + "h": 20, + "w": 24, + "x": 0, + "y": 112 + }, + "id": 40, + "options": { + "dedupStrategy": "none", + "enableInfiniteScrolling": true, + "enableLogDetails": true, + "prettifyLogMessage": false, + "showCommonLabels": false, + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": true + }, + "pluginVersion": "12.1.1", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "bezqj2szkivi8d" + }, + "direction": "backward", + "editorMode": "code", + "expr": "{namespace=\"$namespace\", pod=~\"$pod\"} |~ \"(?i)$log_pattern\"", + "queryType": "range", + "refId": "A" + } + ], + "title": "Namespace Logs", + "type": "logs" + } + ], + "preload": false, + "schemaVersion": 41, + "tags": [], + "templating": { + "list": [ + { + "current": { + "text": "monitoring", + "value": "monitoring" + }, + "definition": "label_values(kube_pod_info,namespace)", + "name": "namespace", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(kube_pod_info,namespace)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 1, + "regex": "", + "type": "query" + }, + { + "current": { + "text": "", + "value": "" + }, + "description": "Log Pattern to filter logs. Applies only to log section", + "label": "Log Pattern", + "name": "log_pattern", + "options": [ + { + "selected": true, + "text": "", + "value": "" + } + ], + "query": "", + "type": "textbox" + }, + { + "current": { + "text": "All", + "value": "$__all" + }, + "definition": "label_values(kube_pod_info{namespace=\"$namespace\"},pod)", + "description": "Pod filter. This applies only to the Log Section", + "includeAll": true, + "label": "Pod", + "name": "pod", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(kube_pod_info{namespace=\"$namespace\"},pod)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 1, + "regex": "", + "type": "query" + } + ] + }, + "time": { + "from": "now-6h", + "to": "now" + }, + "timepicker": {}, + "timezone": "browser", + "title": "OpenSlice Observability Dashboard", + "uid": "940f84f4-9844-422d-9308-670b8dfdf46e", + "version": 17 +} \ No newline at end of file -- GitLab From 13bfe18638dab06ae97202482d4aa89d1f9afde7 Mon Sep 17 00:00:00 2001 From: Kostis Trantzas Date: Fri, 9 Jan 2026 20:25:01 +0000 Subject: [PATCH 12/22] update tmf web config to prepare for new release (kubernetes external files) --- .../src/assets/config/config.prod.default.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.prod.default.json b/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.prod.default.json index 1d0bb9b..92af948 100644 --- a/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.prod.default.json +++ b/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.prod.default.json @@ -1,6 +1,6 @@ { "TITLE": "OpenSlice by ETSI", - "PORTALVERSION":"2024Q2", + "PORTALVERSION":"2025Q4-SNAPSHOT", "WIKI": "https://osl.etsi.org/documentation", "BUGZILLA": "{BASEURL}/bugzilla/", "STATUS": "{BASEURL}/healthstatus/", -- GitLab From 095585c168f9d9c33b15739f62f1c8c7c58f332c Mon Sep 17 00:00:00 2001 From: Kostis Trantzas Date: Thu, 22 Jan 2026 13:22:50 +0000 Subject: [PATCH 13/22] Adding MCP Backend to docker compose artifacts (fix for #61) --- compose/docker-compose.yaml.configure | 58 ++++++++++++++++++++++++++- compose/nginx/nginx.conf.default | 8 ++++ 2 files changed, 64 insertions(+), 2 deletions(-) diff --git a/compose/docker-compose.yaml.configure b/compose/docker-compose.yaml.configure index 905739d..ece8dd9 100644 --- a/compose/docker-compose.yaml.configure +++ b/compose/docker-compose.yaml.configure @@ -387,7 +387,7 @@ services: oslmcp: container_name: openslice-mcp restart: always - profiles: ["prod"] + profiles: ["prod", "mcp-server", "mcp"] build: context: ../../org.etsi.osl.mcp.server/ dockerfile: Dockerfile @@ -416,12 +416,66 @@ services: logging: driver: "json-file" options: - max-size: "500m" + max-size: "250m" max-file: "2" networks: - front - back + + + oslmcpbackend: + container_name: openslice-mcp-backend + restart: always + profiles: ["prod", "mcp-backend", "mcp"] + build: + context: ../../org.etsi.osl.mcp.backend/ + dockerfile: Dockerfile + image: labs.etsi.org:5050/osl/code/org.etsi.osl.mcp.backend:develop + ports: + - "11880:11880" + environment: + SPRING_APPLICATION_JSON: '{ + "server.forward-headers-strategy":"FRAMEWORK" + }' + + SERVER_PORT: 11880 + SPRING_APPLICATION_NAME: osl-mcp-backend + + # AI Configuration + SPRING_AI_OLLAMA_BASE_URL: http://ollama:11434 # Change the Ollama API here + SPRING_AI_OLLAMA_CHAT_MODEL: mygpt:20b # Change the used model here + SPRING_AI_OLLAMA_CHAT_TEMPERATURE: 0.5 + SPRING_AI_CHAT_SYSTEM_PROMPT: "You are an OpenSlice AI Assistant." # Customize your initial Assistant prompt + SPRING_AI_CHAT_MAX_MESSAGES: 100 + + # MCP Client Configuration + SPRING_AI_MCP_CLIENT_TYPE: SYNC + SPRING_AI_MCP_CLIENT_STREAMABLE_HTTP_CONNECTIONS_OPENSLICE_SERVER_URL: http://openslice-mcp:13015/sse + + # OAuth2/Keycloak Configuration + SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUER_URI: http://keycloak:8080/auth/realms/openslice + SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_KEYCLOAK_ISSUER_URI: http://keycloak:8080/auth/realms/openslice + SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_KEYCLOAK_CLIENT_ID: osapiWebClientId + + # ActiveMQ Configuration + SPRING_ACTIVEMQ_BROKER_URL: tcp://anartemis:61616?jms.watchTopicAdvisories=false + SPRING_ACTIVEMQ_USER: artemis + SPRING_ACTIVEMQ_PASSWORD: artemis + + # Logging Configuration + LOGGING_LEVEL_ROOT: INFO + LOGGING_LEVEL_OSL: INFO + LOGGING_LEVEL_SPRING_AI: INFO + logging: + driver: "json-file" + options: + max-size: "250m" + max-file: "2" + networks: + - back + - front + portainer: container_name: portainer image: portainer/portainer-ce:2.18.4 diff --git a/compose/nginx/nginx.conf.default b/compose/nginx/nginx.conf.default index c2478c4..7e72ecd 100644 --- a/compose/nginx/nginx.conf.default +++ b/compose/nginx/nginx.conf.default @@ -98,6 +98,14 @@ http { # proxy_set_header X-Forwarded-Proto $scheme; # proxy_set_header X-Forwarded-Port 443; # } + + location /ask { + proxy_pass http://oslmcpbackend:11880/ask; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + proxy_set_header X-Forwarded-Proto $scheme; + } } -- GitLab From c4255d3f4770672700f5250b8c61099f0fae0b5a Mon Sep 17 00:00:00 2001 From: Kostis Trantzas Date: Thu, 22 Jan 2026 15:10:36 +0000 Subject: [PATCH 14/22] changing default model name at MCP backend service --- compose/docker-compose.yaml.configure | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/compose/docker-compose.yaml.configure b/compose/docker-compose.yaml.configure index ece8dd9..0804ae3 100644 --- a/compose/docker-compose.yaml.configure +++ b/compose/docker-compose.yaml.configure @@ -86,8 +86,8 @@ services: logging: driver: "json-file" options: - max-size: "200m" - max-file: "5" + max-size: "400m" + max-file: "3" ports: - 8080:8080 - 8443:8443 @@ -164,7 +164,7 @@ services: logging: driver: "json-file" options: - max-size: "800m" + max-size: "500m" max-file: "3" ports: - 13011:13011 @@ -239,7 +239,7 @@ services: driver: "json-file" options: max-size: "1g" - max-file: "3" + max-file: "2" volumes: - ./repo:/root ports: @@ -272,7 +272,7 @@ services: driver: "json-file" options: max-size: "1g" - max-file: "3" + max-file: "2" ports: - 13100:13100 networks: @@ -443,7 +443,7 @@ services: # AI Configuration SPRING_AI_OLLAMA_BASE_URL: http://ollama:11434 # Change the Ollama API here - SPRING_AI_OLLAMA_CHAT_MODEL: mygpt:20b # Change the used model here + SPRING_AI_OLLAMA_CHAT_MODEL: gpt-oss:20b # Change the used model here SPRING_AI_OLLAMA_CHAT_TEMPERATURE: 0.5 SPRING_AI_CHAT_SYSTEM_PROMPT: "You are an OpenSlice AI Assistant." # Customize your initial Assistant prompt SPRING_AI_CHAT_MAX_MESSAGES: 100 @@ -533,7 +533,7 @@ services: driver: "json-file" options: max-size: "500m" - max-file: "3" + max-file: "2" ports: - "8000:8000" networks: -- GitLab From ea7e83b412a45b5df173cf0c73aa97b2d4fb748a Mon Sep 17 00:00:00 2001 From: Kostis Trantzas Date: Fri, 23 Jan 2026 16:30:05 +0200 Subject: [PATCH 15/22] Adding MCP Backend to the OpenSlice HELM chart --- .../assets/config/config.prod.default.json | 1 + .../helm/openslice/templates/mcp-backend.yaml | 108 ++++++++++++++++++ ...ress.yaml.yaml => mcp-server-ingress.yaml} | 0 kubernetes/helm/openslice/values.yaml | 25 +++- 4 files changed, 133 insertions(+), 1 deletion(-) create mode 100644 kubernetes/helm/openslice/templates/mcp-backend.yaml rename kubernetes/helm/openslice/templates/{mcp-server-ingress.yaml.yaml => mcp-server-ingress.yaml} (100%) diff --git a/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.prod.default.json b/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.prod.default.json index 92af948..20473ce 100644 --- a/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.prod.default.json +++ b/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.prod.default.json @@ -5,6 +5,7 @@ "BUGZILLA": "{BASEURL}/bugzilla/", "STATUS": "{BASEURL}/healthstatus/", "WEBURL": "{BASEURL}", + "ASSISTANT_URL": "{BASEURL}/ask", "PORTAL_REPO_APIURL": "{BASEURL}/osapi", "ASSURANCE_SERVICE_MGMT_APIURL": "{BASEURL}/oas-api", "APITMFURL": "{BASEURL}/tmf-api", diff --git a/kubernetes/helm/openslice/templates/mcp-backend.yaml b/kubernetes/helm/openslice/templates/mcp-backend.yaml new file mode 100644 index 0000000..b60eff6 --- /dev/null +++ b/kubernetes/helm/openslice/templates/mcp-backend.yaml @@ -0,0 +1,108 @@ +{{- if .Values.mcpbackend.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + namespace: {{ .Release.Namespace }} + labels: + app: {{ include "openslice.fullname" . }} + org.etsi.osl.service: mcpbackend + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + {{- include "openslice.labels" . | nindent 4 }} + name: {{ include "openslice.fullname" . }}-mcpbackend +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "openslice.fullname" . }} + org.etsi.osl.service: mcpbackend + {{- include "openslice.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + app: {{ include "openslice.fullname" . }} + org.etsi.osl.service: mcpbackend + {{- include "openslice.selectorLabels" . | nindent 8 }} + spec: + containers: + - name: {{ include "openslice.fullname" . }}-mcpbackend + image: "{{ .Values.image.mcpbackend.repository }}:{{ .Values.image.mcpbackend.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.mcpbackend.pullPolicy | default "Always" }} + env: + - name: SPRING_APPLICATION_JSON + value: >- + { + "origins":"{{ .Values.rooturl }}", + "spring.config.import": "configtree:/etc/config/", + "server.forward-headers-strategy":"FRAMEWORK" + } + - name: SERVER_PORT + value: "11880" + - name: SPRING_APPLICATION_NAME + value: "osl-mcp-backend" + - name: SPRING_AI_OLLAMA_BASE_URL + value: "{{ .Values.mcpbackend.spring.ai.ollama.apiUrl }}" + - name: SPRING_AI_OLLAMA_CHAT_MODEL + value: "{{ .Values.mcpbackend.spring.ai.ollama.model }}" + - name: SPRING_AI_OLLAMA_CHAT_TEMPERATURE + value: "{{ .Values.mcpbackend.spring.ai.ollama.temperature }}" + - name: SPRING_AI_CHAT_SYSTEM_PROMPT + value: "{{ .Values.mcpbackend.spring.ai.chat.systemPrompt }}" + - name: SPRING_AI_CHAT_MAX_MESSAGES + value: "{{ .Values.mcpbackend.spring.ai.chat.maxMessages }}" + - name: SPRING_AI_MCP_CLIENT_TYPE + value: "SYNC" + - name: SPRING_AI_MCP_CLIENT_STREAMABLE_HTTP_CONNECTIONS_OPENSLICE_SERVER_URL + value: "http://{{ include "openslice.fullname" . }}-mcpserver:13015/sse" + - name: SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUER_URI + value: "{{ .Values.rooturl }}/auth/realms/openslice" + - name: SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_KEYCLOAK_ISSUER_URI + value: "{{ .Values.rooturl }}/auth/realms/openslice" + - name: SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_KEYCLOAK_CLIENT_ID + value: "osapiWebClientId" + - name: SPRING_ACTIVEMQ_BROKER_URL + value: "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false" + - name: LOGGING_LEVEL_ROOT + value: "{{ .Values.mcpbackend.logLevelRoot | default "INFO" }}" + - name: LOGGING_LEVEL_OSL + value: "{{ .Values.mcpbackend.logLevelOSL | default "INFO" }}" + - name: LOGGING_LEVEL_SPRING_AI + value: "{{ .Values.mcpbackend.spring.logLevel | default "INFO" }}" + ports: + - containerPort: 11880 + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumeMounts: + - mountPath: "/etc/config/spring.activemq.user" + name: artemis-secrets + subPath: username + readOnly: true + - mountPath: "/etc/config/spring.activemq.password" + name: artemis-secrets + subPath: password + readOnly: true + restartPolicy: Always + volumes: + - name: artemis-secrets + secret: + secretName: {{ include "openslice.secrets.activemq" . }} +--- +apiVersion: v1 +kind: Service +metadata: + namespace: {{ .Release.Namespace }} + labels: + app: {{ include "openslice.fullname" . }} + org.etsi.osl.service: mcpbackend + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + {{- include "openslice.labels" . | nindent 4 }} + name: {{ include "openslice.fullname" . }}-mcpbackend +spec: + ports: + - name: "11880" + port: 11880 + targetPort: 11880 + selector: + app: {{ include "openslice.fullname" . }} + org.etsi.osl.service: mcpbackend + {{- include "openslice.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/kubernetes/helm/openslice/templates/mcp-server-ingress.yaml.yaml b/kubernetes/helm/openslice/templates/mcp-server-ingress.yaml similarity index 100% rename from kubernetes/helm/openslice/templates/mcp-server-ingress.yaml.yaml rename to kubernetes/helm/openslice/templates/mcp-server-ingress.yaml diff --git a/kubernetes/helm/openslice/values.yaml b/kubernetes/helm/openslice/values.yaml index 68c48ab..0129c95 100644 --- a/kubernetes/helm/openslice/values.yaml +++ b/kubernetes/helm/openslice/values.yaml @@ -1,4 +1,4 @@ -# Default values for openslice. +# Default values for OpenSlice. # This is a YAML-formatted file. # Declare variables to be passed into your templates. @@ -90,6 +90,11 @@ image: # Overrides the image tag whose default is the chart appVersion. tag: develop pullPolicy: Always + mcpbackend: + repository: labs.etsi.org:5050/osl/code/org.etsi.osl.mcp.backend + # Overrides the image tag whose default is the chart appVersion. + tag: develop + pullPolicy: Always bugzillaurl: example.com:443/bugzilla bugzillakey: VH2Vw0iI5aYgALFFzVDWqhACwt6Hu3bXla9kSC1Z @@ -219,6 +224,21 @@ mcpserver: spring: logLevel: INFO +mcpbackend: + enabled: true + logLevelRoot: INFO + logLevelOSL: INFO + spring: + logLevel: INFO + ai: # AI Configuration + ollama: + model: "gtp-oss:20b" # Change the used model here + temperature: 0.5 + apiUrl: "http://ollama:11434" # Change the Ollama API here + chat: + systemPrompt: "You are an OpenSlice AI Assistant." # Customize your initial Assistant prompt + maxMessages: 100 # Maximum number of messages to keep in context + # Storage class to be used for provisioning. Default is manual # storageClass: ~ @@ -278,6 +298,9 @@ ingress: - path: "/" service: "tmfweb" port: 80 + - path: "/ask" + service: "mcpbackend" + port: 11880 annotations: {} -- GitLab From 9d1d1c6f57726ddebbcded6c73ce6a271981274b Mon Sep 17 00:00:00 2001 From: Kostis Trantzas Date: Fri, 23 Jan 2026 15:08:00 +0000 Subject: [PATCH 16/22] CRIDGE importing configtree path (fix for #63) --- kubernetes/helm/openslice/templates/cridge.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/kubernetes/helm/openslice/templates/cridge.yaml b/kubernetes/helm/openslice/templates/cridge.yaml index bb32c67..bcbf674 100644 --- a/kubernetes/helm/openslice/templates/cridge.yaml +++ b/kubernetes/helm/openslice/templates/cridge.yaml @@ -31,6 +31,7 @@ spec: - name: SPRING_APPLICATION_JSON value: >- { + "spring.config.import": "configtree:/etc/config/", "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", "logging.level.org.springframework" : "{{ .Values.cridge.spring.logLevel | default "INFO" }}", "logging.level.org.etsi.osl.cridge" : "{{ .Values.cridge.logLevel | default "INFO" }}" -- GitLab From f58fe8aa3d6051c1cb8c5398234b47c3d9c978b6 Mon Sep 17 00:00:00 2001 From: Kostis Trantzas Date: Fri, 23 Jan 2026 15:42:58 +0000 Subject: [PATCH 17/22] Updating the default theme file for TMF web project (Helm Chart) --- .../assets/config/config.theming.default.json | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.theming.default.json b/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.theming.default.json index 0db3bf0..fd2c59e 100644 --- a/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.theming.default.json +++ b/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.theming.default.json @@ -1,9 +1,9 @@ { -"THEME_ID":"default", -"DEPLOYMENT_LOGO_PATH":"assets/images/logo_clear.png", -"DEFAULT_SERVICE_LOGO_PATH":"assets/images/logo_icon_original.png", -"FAVICON_PATH":"favicon.ico", -"WHO_WE_ARE_HTML":"
ETSI SDG OpenSlice|https://osl.etsi.org
The ETSI Software Development Group for OpenSlice (SDG OSL) is developing an open source service based Operations Support System (OSS) to deliver Network Slice as a Service (NSaaS).
OpenSlice by ETSI|http://portal.openslice.io
A portal that allows 5G experimenters to design and deploy network services towards the infrastructure.
OpenSlice by ETSI wiki|https://osl.etsi.org/documentation
A wiki containing OpenSlice software documentation.
", -"CONNECT_WITH_US_HTML":"
", -"FOOTER_HTML":"
OpenSlice has received funding from various projects under European Programmes for research, technological development and demonstration. You may refer to our extensive ecosystem for further details.
Openslice by ETSI running OSL version 2024Q2 | Terms and Conditions | © 2024 on behalf of osl.etsi.org
" -} + "THEME_ID":"default", + "DEPLOYMENT_LOGO_PATH":"assets/images/logo_clear.png", + "DEFAULT_SERVICE_LOGO_PATH":"assets/images/logo_icon_original.png", + "FAVICON_PATH":"favicon.ico", + "WHO_WE_ARE_HTML":"
OpenSlice By ETSI Portal
OpenSlice By ETSI Wiki
ETSI SDG OpenSlice

OpenSlice by ETSI is powered by OpenSlice, an open-source prototype Operations Support System (OSS) built on TM Forum's Open Digital Architecture (ODA) principles. It provides extensive support for TMF Open APIs, enabling comprehensive Catalog Management, Ordering, and Inventory for Products, Services, and Resources. OpenSlice also integrates natively with leading technologies and resource controllers, including Kubernetes, ETSI MANO, LF Sylva, CAMARA, 3GPP CAPIF, and open-source monitoring stacks.

", + "CONNECT_WITH_US_HTML":"
", + "FOOTER_HTML":"
OpenSlice has received funding from various projects under European Programmes for research, technological development and demonstration. You may refer to our extensive ecosystem for further details.
OpenSlice by ETSI running OSL version 2025Q4-SNAPSHOT | Terms and Conditions | © 2026 on behalf of osl.etsi.org
" + } \ No newline at end of file -- GitLab From 1454cb10059dfb356cbfb2636373bba42b90fddd Mon Sep 17 00:00:00 2001 From: Kostis Trantzas Date: Sat, 24 Jan 2026 20:52:23 +0000 Subject: [PATCH 18/22] Updating internal component files to final pre-release (2025Q4) versions --- pom.xml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pom.xml b/pom.xml index e9b8cf3..4a47853 100644 --- a/pom.xml +++ b/pom.xml @@ -44,13 +44,13 @@ 1.3.0-SNAPSHOT 1.0.3-SNAPSHOT 1.3.0-SNAPSHOT - 1.2.0-SNAPSHOT - 1.1.0-SNAPSHOT + 1.1.1-SNAPSHOT + 1.0.3-SNAPSHOT 1.0.3-SNAPSHOT 1.0.3-SNAPSHOT 1.3.0-SNAPSHOT 1.3.0-SNAPSHOT - 1.0.1-SNAPSHOT + 1.1.0-SNAPSHOT 1.1.0-SNAPSHOT 1.0.0-SNAPSHOT -- GitLab From 6262e270c2b05d6a46c8bd210452bb87f2795ad7 Mon Sep 17 00:00:00 2001 From: Kostis Trantzas Date: Sat, 24 Jan 2026 20:57:03 +0000 Subject: [PATCH 19/22] Preparation for Release 2025Q4 --- pom.xml | 42 +++++++++++++++++++++--------------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/pom.xml b/pom.xml index 4a47853..f947c05 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ org.etsi.osl org.etsi.osl.main - 2025Q4-SNAPSHOT + 2025Q4 pom org.etsi.osl.main @@ -33,26 +33,26 @@ 1.7.0 - 1.0.3-SNAPSHOT - 1.0.3-SNAPSHOT - 1.0.3-SNAPSHOT - 1.3.0-SNAPSHOT - 2025Q4-SNAPSHOT - 1.0.3-SNAPSHOT - 1.1.2-SNAPSHOT - 1.1.1-SNAPSHOT - 1.3.0-SNAPSHOT - 1.0.3-SNAPSHOT - 1.3.0-SNAPSHOT - 1.1.1-SNAPSHOT - 1.0.3-SNAPSHOT - 1.0.3-SNAPSHOT - 1.0.3-SNAPSHOT - 1.3.0-SNAPSHOT - 1.3.0-SNAPSHOT - 1.1.0-SNAPSHOT - 1.1.0-SNAPSHOT - 1.0.0-SNAPSHOT + 1.0.3 + 1.0.3 + 1.0.3 + 1.3.0 + 2025Q4 + 1.0.3 + 1.1.2 + 1.1.1 + 1.3.0 + 1.0.3 + 1.3.0 + 1.1.1 + 1.0.3 + 1.0.3 + 1.0.3 + 1.3.0 + 1.3.0 + 1.1.0 + 1.1.0 + 1.0.0 -- GitLab From e6c194875036e9fe8346b5cb678414119cbb2184 Mon Sep 17 00:00:00 2001 From: Kostis Trantzas Date: Sat, 24 Jan 2026 22:22:44 +0000 Subject: [PATCH 20/22] change the images tag at the RC branch --- compose/docker-compose.yaml.configure | 22 ++++++++-------- kubernetes/helm/openslice/Chart.yaml | 4 +-- .../assets/config/config.prod.default.json | 2 +- .../assets/config/config.theming.default.json | 2 +- kubernetes/helm/openslice/values.yaml | 26 +++++++++---------- 5 files changed, 28 insertions(+), 28 deletions(-) diff --git a/compose/docker-compose.yaml.configure b/compose/docker-compose.yaml.configure index 0804ae3..cc6f67c 100644 --- a/compose/docker-compose.yaml.configure +++ b/compose/docker-compose.yaml.configure @@ -105,7 +105,7 @@ services: build: context: ../../org.etsi.osl.portal.api/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.portal.api:develop + image: labs.etsi.org:5050/osl/code/org.etsi.osl.portal.api:2025Q4 environment: SPRING_APPLICATION_JSON: '{ "origins": "http://localhost", @@ -153,7 +153,7 @@ services: build: context: ../../org.etsi.osl.mano/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.mano:develop + image: labs.etsi.org:5050/osl/code/org.etsi.osl.mano:2025Q4 environment: SPRING_APPLICATION_JSON: '{ "spring.activemq.brokerUrl": "tcp://anartemis:61616?jms.watchTopicAdvisories=false", @@ -179,7 +179,7 @@ services: build: context: ../../org.etsi.osl.bugzilla/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.bugzilla:develop + image: labs.etsi.org:5050/osl/code/org.etsi.osl.bugzilla:2025Q4 environment: SPRING_APPLICATION_JSON: '{ "spring.activemq.brokerUrl": "tcp://anartemis:61616?jms.watchTopicAdvisories=false", @@ -210,7 +210,7 @@ services: build: context: ../../org.etsi.osl.tmf.api/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.tmf.api:develop + image: labs.etsi.org:5050/osl/code/org.etsi.osl.tmf.api:2025Q4 environment: SPRING_APPLICATION_JSON: '{ "origins": "http://localhost", @@ -258,7 +258,7 @@ services: build: context: ../../org.etsi.osl.osom/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.osom:develop + image: labs.etsi.org:5050/osl/code/org.etsi.osl.osom:2025Q4 environment: SPRING_APPLICATION_JSON: '{ "spring.datasource.url" : "jdbc:h2:/tmp/tempdb;DB_CLOSE_DELAY=-1", @@ -289,7 +289,7 @@ services: build: context: ../../org.etsi.osl.oas/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.oas:develop + image: labs.etsi.org:5050/osl/code/org.etsi.osl.oas:2025Q4 environment: SPRING_APPLICATION_JSON: '{ "origins": "http://localhost", @@ -331,7 +331,7 @@ services: build: context: ../../org.etsi.osl.cridge/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.cridge:develop + image: labs.etsi.org:5050/osl/code/org.etsi.osl.cridge:2025Q4 environment: SPRING_APPLICATION_JSON: '{ "spring.activemq.brokerUrl": "tcp://anartemis:61616?jms.watchTopicAdvisories=false", @@ -360,7 +360,7 @@ services: build: context: ../../org.etsi.osl.metrico/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.metrico:develop + image: labs.etsi.org:5050/osl/code/org.etsi.osl.metrico:2025Q4 environment: SPRING_APPLICATION_JSON: '{ "spring.datasource.url": "jdbc:mysql://amysql/metricodb?createDatabaseIfNotExist=true&useUnicode=true&characterEncoding=utf8&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=UTC", @@ -391,7 +391,7 @@ services: build: context: ../../org.etsi.osl.mcp.server/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.mcp.server:develop + image: labs.etsi.org:5050/osl/code/org.etsi.osl.mcp.server:2025Q4 environment: SPRING_APPLICATION_JSON: '{ "spring.datasource.url": "jdbc:mysql://amysql/osdb?createDatabaseIfNotExist=true", @@ -430,7 +430,7 @@ services: build: context: ../../org.etsi.osl.mcp.backend/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.mcp.backend:develop + image: labs.etsi.org:5050/osl/code/org.etsi.osl.mcp.backend:2025Q4 ports: - "11880:11880" environment: @@ -501,7 +501,7 @@ services: build: context: ../../org.etsi.osl.centrallog.service/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.centrallog.service:develop + image: labs.etsi.org:5050/osl/code/org.etsi.osl.centrallog.service:2025Q4 environment: SPRING_APPLICATION_JSON: '{ "spring.activemq.brokerUrl": "tcp://anartemis:61616?jms.watchTopicAdvisories=false", diff --git a/kubernetes/helm/openslice/Chart.yaml b/kubernetes/helm/openslice/Chart.yaml index 506eb59..14eaee8 100644 --- a/kubernetes/helm/openslice/Chart.yaml +++ b/kubernetes/helm/openslice/Chart.yaml @@ -15,9 +15,9 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 2.1.0 +version: 3.0.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. -appVersion: 2025Q2 +appVersion: 2025Q4 diff --git a/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.prod.default.json b/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.prod.default.json index 20473ce..34e1731 100644 --- a/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.prod.default.json +++ b/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.prod.default.json @@ -1,6 +1,6 @@ { "TITLE": "OpenSlice by ETSI", - "PORTALVERSION":"2025Q4-SNAPSHOT", + "PORTALVERSION":"2025Q4", "WIKI": "https://osl.etsi.org/documentation", "BUGZILLA": "{BASEURL}/bugzilla/", "STATUS": "{BASEURL}/healthstatus/", diff --git a/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.theming.default.json b/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.theming.default.json index fd2c59e..2b9445b 100644 --- a/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.theming.default.json +++ b/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.theming.default.json @@ -5,5 +5,5 @@ "FAVICON_PATH":"favicon.ico", "WHO_WE_ARE_HTML":"
OpenSlice By ETSI Portal
OpenSlice By ETSI Wiki
ETSI SDG OpenSlice

OpenSlice by ETSI is powered by OpenSlice, an open-source prototype Operations Support System (OSS) built on TM Forum's Open Digital Architecture (ODA) principles. It provides extensive support for TMF Open APIs, enabling comprehensive Catalog Management, Ordering, and Inventory for Products, Services, and Resources. OpenSlice also integrates natively with leading technologies and resource controllers, including Kubernetes, ETSI MANO, LF Sylva, CAMARA, 3GPP CAPIF, and open-source monitoring stacks.

", "CONNECT_WITH_US_HTML":"
", - "FOOTER_HTML":"
OpenSlice has received funding from various projects under European Programmes for research, technological development and demonstration. You may refer to our extensive ecosystem for further details.
OpenSlice by ETSI running OSL version 2025Q4-SNAPSHOT | Terms and Conditions | © 2026 on behalf of osl.etsi.org
" + "FOOTER_HTML":"
OpenSlice has received funding from various projects under European Programmes for research, technological development and demonstration. You may refer to our extensive ecosystem for further details.
OpenSlice by ETSI running OSL version 2025Q4 | Terms and Conditions | © 2026 on behalf of osl.etsi.org
" } \ No newline at end of file diff --git a/kubernetes/helm/openslice/values.yaml b/kubernetes/helm/openslice/values.yaml index 0129c95..4d30327 100644 --- a/kubernetes/helm/openslice/values.yaml +++ b/kubernetes/helm/openslice/values.yaml @@ -19,12 +19,12 @@ image: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.bugzilla pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "develop" + tag: "2025Q4" centrallog: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.centrallog.service pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "develop" + tag: "2025Q4" keycloak: repository: quay.io/keycloak/keycloak pullPolicy: Always @@ -39,22 +39,22 @@ image: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.mano pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "develop" + tag: "2025Q4" osom: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.osom pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "develop" + tag: "2025Q4" portalapi: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.portal.api pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "develop" + tag: "2025Q4" osscapi: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.tmf.api pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "develop" + tag: "2025Q4" mysql: repository: mysql pullPolicy: Always @@ -64,36 +64,36 @@ image: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.oas pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "develop" + tag: "2025Q4" portalweb: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.portal.web pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "develop" + tag: "2025Q4" tmfweb: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.tmf.web pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "develop" + tag: "2025Q4" cridge: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.cridge pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "develop" + tag: "2025Q4" metrico: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.metrico pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "develop" + tag: "2025Q4" mcpserver: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.mcp.server # Overrides the image tag whose default is the chart appVersion. - tag: develop + tag: 2025Q4 pullPolicy: Always mcpbackend: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.mcp.backend # Overrides the image tag whose default is the chart appVersion. - tag: develop + tag: 2025Q4 pullPolicy: Always bugzillaurl: example.com:443/bugzilla -- GitLab From 48e7e54bac588bbe39b9bc1427a5df556d2f21ea Mon Sep 17 00:00:00 2001 From: Kostis Trantzas Date: Sat, 24 Jan 2026 23:53:22 +0000 Subject: [PATCH 21/22] Preparing RC branch to merge to main --- compose/docker-compose.yaml.configure | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/compose/docker-compose.yaml.configure b/compose/docker-compose.yaml.configure index cc6f67c..ad992e7 100644 --- a/compose/docker-compose.yaml.configure +++ b/compose/docker-compose.yaml.configure @@ -105,7 +105,7 @@ services: build: context: ../../org.etsi.osl.portal.api/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.portal.api:2025Q4 + image: labs.etsi.org:5050/osl/code/org.etsi.osl.portal.api:latest environment: SPRING_APPLICATION_JSON: '{ "origins": "http://localhost", @@ -153,7 +153,7 @@ services: build: context: ../../org.etsi.osl.mano/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.mano:2025Q4 + image: labs.etsi.org:5050/osl/code/org.etsi.osl.mano:latest environment: SPRING_APPLICATION_JSON: '{ "spring.activemq.brokerUrl": "tcp://anartemis:61616?jms.watchTopicAdvisories=false", @@ -179,7 +179,7 @@ services: build: context: ../../org.etsi.osl.bugzilla/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.bugzilla:2025Q4 + image: labs.etsi.org:5050/osl/code/org.etsi.osl.bugzilla:latest environment: SPRING_APPLICATION_JSON: '{ "spring.activemq.brokerUrl": "tcp://anartemis:61616?jms.watchTopicAdvisories=false", @@ -210,7 +210,7 @@ services: build: context: ../../org.etsi.osl.tmf.api/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.tmf.api:2025Q4 + image: labs.etsi.org:5050/osl/code/org.etsi.osl.tmf.api:latest environment: SPRING_APPLICATION_JSON: '{ "origins": "http://localhost", @@ -258,7 +258,7 @@ services: build: context: ../../org.etsi.osl.osom/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.osom:2025Q4 + image: labs.etsi.org:5050/osl/code/org.etsi.osl.osom:latest environment: SPRING_APPLICATION_JSON: '{ "spring.datasource.url" : "jdbc:h2:/tmp/tempdb;DB_CLOSE_DELAY=-1", @@ -289,7 +289,7 @@ services: build: context: ../../org.etsi.osl.oas/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.oas:2025Q4 + image: labs.etsi.org:5050/osl/code/org.etsi.osl.oas:latest environment: SPRING_APPLICATION_JSON: '{ "origins": "http://localhost", @@ -331,7 +331,7 @@ services: build: context: ../../org.etsi.osl.cridge/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.cridge:2025Q4 + image: labs.etsi.org:5050/osl/code/org.etsi.osl.cridge:latest environment: SPRING_APPLICATION_JSON: '{ "spring.activemq.brokerUrl": "tcp://anartemis:61616?jms.watchTopicAdvisories=false", @@ -360,7 +360,7 @@ services: build: context: ../../org.etsi.osl.metrico/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.metrico:2025Q4 + image: labs.etsi.org:5050/osl/code/org.etsi.osl.metrico:latest environment: SPRING_APPLICATION_JSON: '{ "spring.datasource.url": "jdbc:mysql://amysql/metricodb?createDatabaseIfNotExist=true&useUnicode=true&characterEncoding=utf8&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=UTC", @@ -391,7 +391,7 @@ services: build: context: ../../org.etsi.osl.mcp.server/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.mcp.server:2025Q4 + image: labs.etsi.org:5050/osl/code/org.etsi.osl.mcp.server:latest environment: SPRING_APPLICATION_JSON: '{ "spring.datasource.url": "jdbc:mysql://amysql/osdb?createDatabaseIfNotExist=true", @@ -430,7 +430,7 @@ services: build: context: ../../org.etsi.osl.mcp.backend/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.mcp.backend:2025Q4 + image: labs.etsi.org:5050/osl/code/org.etsi.osl.mcp.backend:latest ports: - "11880:11880" environment: @@ -501,7 +501,7 @@ services: build: context: ../../org.etsi.osl.centrallog.service/ dockerfile: Dockerfile - image: labs.etsi.org:5050/osl/code/org.etsi.osl.centrallog.service:2025Q4 + image: labs.etsi.org:5050/osl/code/org.etsi.osl.centrallog.service:latest environment: SPRING_APPLICATION_JSON: '{ "spring.activemq.brokerUrl": "tcp://anartemis:61616?jms.watchTopicAdvisories=false", -- GitLab From f464824b3d01dafac2019bff9dfde5b35431ee9d Mon Sep 17 00:00:00 2001 From: Kostis Trantzas Date: Sat, 24 Jan 2026 23:56:27 +0000 Subject: [PATCH 22/22] Preparing RC branch to merge to main (Helm image tags) --- kubernetes/helm/openslice/values.yaml | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/kubernetes/helm/openslice/values.yaml b/kubernetes/helm/openslice/values.yaml index 4d30327..53e849d 100644 --- a/kubernetes/helm/openslice/values.yaml +++ b/kubernetes/helm/openslice/values.yaml @@ -19,12 +19,12 @@ image: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.bugzilla pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "2025Q4" + tag: "latest" centrallog: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.centrallog.service pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "2025Q4" + tag: "latest" keycloak: repository: quay.io/keycloak/keycloak pullPolicy: Always @@ -39,22 +39,22 @@ image: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.mano pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "2025Q4" + tag: "latest" osom: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.osom pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "2025Q4" + tag: "latest" portalapi: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.portal.api pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "2025Q4" + tag: "latest" osscapi: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.tmf.api pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "2025Q4" + tag: "latest" mysql: repository: mysql pullPolicy: Always @@ -64,36 +64,36 @@ image: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.oas pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "2025Q4" + tag: "latest" portalweb: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.portal.web pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "2025Q4" + tag: "latest" tmfweb: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.tmf.web pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "2025Q4" + tag: "latest" cridge: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.cridge pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "2025Q4" + tag: "latest" metrico: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.metrico pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "2025Q4" + tag: "latest" mcpserver: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.mcp.server # Overrides the image tag whose default is the chart appVersion. - tag: 2025Q4 + tag: latest pullPolicy: Always mcpbackend: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.mcp.backend # Overrides the image tag whose default is the chart appVersion. - tag: 2025Q4 + tag: latest pullPolicy: Always bugzillaurl: example.com:443/bugzilla -- GitLab