From a7f99d50c4a7f7603bbc84865209fe2178a49df7 Mon Sep 17 00:00:00 2001
From: arvindpatel <arvind.patel@huawei.com>
Date: Sun, 8 Nov 2020 13:48:43 +0530
Subject: [PATCH] Config file extra parameters removed

Signed-off-by: arvindpatel <arvind.patel@huawei.com>
Change-Id: I3437286a0de7265d6976504f193dd00ef14c689f
---
 ocd/infra/playbooks/config.yml                     | 33 ++++++++++++++++++----
 .../playbooks/roles/eg_appstore/tasks/install.yml  |  2 +-
 .../playbooks/roles/eg_certs/tasks/install.yml     |  2 +-
 .../playbooks/roles/eg_developer/tasks/install.yml |  2 +-
 .../playbooks/roles/eg_mecm-fe/tasks/install.yml   |  2 +-
 .../playbooks/roles/eg_mecm-meo/tasks/install.yml  |  6 ++--
 .../playbooks/roles/eg_mecm-mepm/tasks/install.yml |  2 +-
 ocd/infra/playbooks/roles/eg_mep/tasks/install.yml | 12 ++++----
 .../playbooks/roles/eg_secret/tasks/install.yml    |  2 +-
 .../playbooks/roles/eg_user-mgmt/tasks/install.yml |  4 +--
 10 files changed, 45 insertions(+), 22 deletions(-)

diff --git a/ocd/infra/playbooks/config.yml b/ocd/infra/playbooks/config.yml
index 83f8344..f7b8821 100644
--- a/ocd/infra/playbooks/config.yml
+++ b/ocd/infra/playbooks/config.yml
@@ -37,7 +37,21 @@ eg-dataplane-address:
   name: 200.1.1.2/24
 
 # All Edge related password which needs to be specified if user doesn't
-# need common password for security purpose #
+# need common password for security purpose
+mep_pg_admin_pwd:
+  name:
+mep_kong_pg_pwd:
+  name:
+mep_cert_pwd:
+  name:
+generate_cert_pass:
+  name:
+mecm_mepm_postgresPassword:
+  name:
+mecm_mepm_postgresLcmCntlrPassword:
+  name:
+mecm_mepm_postgresk8sPluginPassword:
+  name:
 
 ########### Center config ###########
 ######### Mandatory #########
@@ -45,8 +59,6 @@ mecm_meo_edgeRepoUserName:
   name:
 mecm_meo_edgeRepoPassword:
   name:
-center_node_ip:
-  name:
 
 ######### Optional #########
 usermgmt_port:
@@ -59,5 +71,16 @@ mecm_port:
   name: 30093
 
 # All Center related password which needs to be specified if user
-# doesn't need common password for security purpose #
-# yamllint disable rule:new-line-at-end-of-file
\ No newline at end of file
+# doesn't need common password for security purpose
+mecm_meo_keystorePassword:
+  name:
+mecm_meo_truststorePassword:
+  name:
+mecm_meo_postgresPassword:
+  name:
+mecm_meo_postgresApmPassword:
+  name:
+mecm_meo_postgresAppoPassword:
+  name:
+mecm_meo_postgresInventoryPassword:
+  name:
diff --git a/ocd/infra/playbooks/roles/eg_appstore/tasks/install.yml b/ocd/infra/playbooks/roles/eg_appstore/tasks/install.yml
index be7900d..b5d3680 100644
--- a/ocd/infra/playbooks/roles/eg_appstore/tasks/install.yml
+++ b/ocd/infra/playbooks/roles/eg_appstore/tasks/install.yml
@@ -23,4 +23,4 @@
 
 - name: Helm install appstore
   # yamllint disable rule:line-length
-  command: helm install --wait appstore-edgegallery edgegallery/appstore --set global.oauth2.authServerAddress=https://{{vardata.appstore_centernodeip.name}}:30067 --set images.appstoreFe.tag={{vardata.eg_image_tag.name}} --set images.appstoreBe.tag={{vardata.eg_image_tag.name}} --set global.ssl.enabled=true --set global.ssl.secretName=edgegallery-ssl-secret
+  command: helm install --wait appstore-edgegallery edgegallery/appstore --set global.oauth2.authServerAddress=https://{{ ansible_host }}:30067 --set images.appstoreFe.tag={{vardata.eg_image_tag.name}} --set images.appstoreBe.tag={{vardata.eg_image_tag.name}} --set global.ssl.enabled=true --set global.ssl.secretName=edgegallery-ssl-secret
diff --git a/ocd/infra/playbooks/roles/eg_certs/tasks/install.yml b/ocd/infra/playbooks/roles/eg_certs/tasks/install.yml
index 1e15a02..4aa99bf 100644
--- a/ocd/infra/playbooks/roles/eg_certs/tasks/install.yml
+++ b/ocd/infra/playbooks/roles/eg_certs/tasks/install.yml
@@ -33,5 +33,5 @@
 
 - name: generate cert
   # yamllint disable rule:line-length
-  command: docker run -e CERT_VALIDITY_IN_DAYS={{ vardata.cert_validity_in_days.name}} -v /tmp/ssl-eg-keys-certs:/certs swr.ap-southeast-1.myhuaweicloud.com/edgegallery/deploy-tool:latest
+  command: docker run -e CERT_VALIDITY_IN_DAYS=365 -v /tmp/ssl-eg-keys-certs:/certs swr.ap-southeast-1.myhuaweicloud.com/edgegallery/deploy-tool:latest
   # yamllint disable rule:line-length
diff --git a/ocd/infra/playbooks/roles/eg_developer/tasks/install.yml b/ocd/infra/playbooks/roles/eg_developer/tasks/install.yml
index 278385c..d594815 100644
--- a/ocd/infra/playbooks/roles/eg_developer/tasks/install.yml
+++ b/ocd/infra/playbooks/roles/eg_developer/tasks/install.yml
@@ -23,4 +23,4 @@
 
 - name: Developer chart installing
   # yamllint disable rule:line-length
-  command: helm install --wait developer-edgegallery edgegallery/developer --set global.oauth2.authServerAddress=https://{{vardata.developer_centernodeip.name}}:{{ vardata.developer_centernode_port.name}} --set images.developerFe.tag={{vardata.eg_image_tag.name}} --set images.developerBe.tag={{vardata.eg_image_tag.name}} --set global.ssl.enabled=true --set global.ssl.secretName=edgegallery-ssl-secret
+  command: helm install --wait developer-edgegallery edgegallery/developer --set global.oauth2.authServerAddress=https://{{ ansible_host }}:{{ vardata.usermgmt_port.name}} --set images.developerFe.tag={{vardata.eg_image_tag.name}} --set images.developerBe.tag={{vardata.eg_image_tag.name}} --set global.ssl.enabled=true --set global.ssl.secretName=edgegallery-ssl-secret
diff --git a/ocd/infra/playbooks/roles/eg_mecm-fe/tasks/install.yml b/ocd/infra/playbooks/roles/eg_mecm-fe/tasks/install.yml
index 206fd96..2ddc0d7 100644
--- a/ocd/infra/playbooks/roles/eg_mecm-fe/tasks/install.yml
+++ b/ocd/infra/playbooks/roles/eg_mecm-fe/tasks/install.yml
@@ -23,4 +23,4 @@
 
 - name: Install mecm-fe
   # yamllint disable rule:line-length
-  command: helm install --wait mecm-fe-edgegallery edgegallery/mecm-fe --set global.oauth2.authServerAddress=https://{{vardata.mecm_fe_centernodeip.name}}:{{vardata.mecm_fe_centernodeport.name}} --set images.mecmFe.tag={{vardata.eg_image_tag.name}} --set global.ssl.enabled=true --set global.ssl.secretName=edgegallery-ssl-secret
+  command: helm install --wait mecm-fe-edgegallery edgegallery/mecm-fe --set global.oauth2.authServerAddress=https://{{ ansible_host }}:{{vardata.usermgmt_port.name}} --set images.mecmFe.tag={{vardata.eg_image_tag.name}} --set global.ssl.enabled=true --set global.ssl.secretName=edgegallery-ssl-secret
diff --git a/ocd/infra/playbooks/roles/eg_mecm-meo/tasks/install.yml b/ocd/infra/playbooks/roles/eg_mecm-meo/tasks/install.yml
index 5ebc98a..c6308b7 100644
--- a/ocd/infra/playbooks/roles/eg_mecm-meo/tasks/install.yml
+++ b/ocd/infra/playbooks/roles/eg_mecm-meo/tasks/install.yml
@@ -34,12 +34,12 @@
 
 - name: Generates certificate mecm-ssl-secret
   # yamllint disable rule:line-length
-  command: kubectl create secret generic mecm-ssl-secret --from-file=keystore.p12=/tmp/ssl-eg-keys-certs/keystore.p12 --from-file=keystore.jks=/tmp/ssl-eg-keys-certs/keystore.jks --from-literal=keystorePassword={{ vardata.secret_pwd.name}} --from-literal=keystoreType=PKCS12 --from-literal=keyAlias=edgegallery --from-literal=truststorePassword={{ vardata.secret_pwd.name}}
+  command: kubectl create secret generic mecm-ssl-secret --from-file=keystore.p12=/tmp/ssl-eg-keys-certs/keystore.p12 --from-file=keystore.jks=/tmp/ssl-eg-keys-certs/keystore.jks --from-literal=keystorePassword={{ vardata.common_pwd.name}} --from-literal=keystoreType=PKCS12 --from-literal=keyAlias=edgegallery --from-literal=truststorePassword={{ vardata.common_pwd.name}}
   # yamllint disable rule:line-length
 
 - name: Generates certificate edgegallery-mecm-secret
   # yamllint disable rule:line-length
-  command: kubectl create secret generic edgegallery-mecm-secret --from-file=postgres_init.sql=/tmp/eg_mecm-meo/deploy/conf/keys/postgres_init.sql --from-literal=postgresPassword={{ vardata.secret_pwd.name}} --from-literal=postgresApmPassword={{ vardata.secret_pwd.name}} --from-literal=postgresAppoPassword={{ vardata.secret_pwd.name}} --from-literal=postgresInventoryPassword={{ vardata.secret_pwd.name}} --from-literal=edgeRepoUserName={{ vardata.mecm_meo_edgeRepoUserName.name}}  --from-literal=edgeRepoPassword={{ vardata.mecm_meo_edgeRepoPassword.name}}
+  command: kubectl create secret generic edgegallery-mecm-secret --from-file=postgres_init.sql=/tmp/eg_mecm-meo/deploy/conf/keys/postgres_init.sql --from-literal=postgresPassword={{ vardata.common_pwd.name}} --from-literal=postgresApmPassword={{ vardata.common_pwd.name}} --from-literal=postgresAppoPassword={{ vardata.common_pwd.name}} --from-literal=postgresInventoryPassword={{ vardata.common_pwd.name}} --from-literal=edgeRepoUserName={{ vardata.mecm_meo_edgeRepoUserName.name}}  --from-literal=edgeRepoPassword={{ vardata.mecm_meo_edgeRepoPassword.name}}
   # yamllint disable rule:line-length
   args:
     chdir: /tmp/eg_mecm-meo/deploy/
@@ -50,5 +50,5 @@
 
 - name: Helm install
   # yamllint disable rule:line-length
-  command: helm install --wait mecm-meo-edgegallery edgegallery/mecm-meo --set ssl.secretName=mecm-ssl-secret --set mecm.secretName=edgegallery-mecm-secret --set images.inventory.tag={{ vardata.eg_image_tag.name}} --set images.appo.tag={{ vardata.eg_image_tag.name}} --set images.apm.tag={{ vardata.eg_image_tag.name}} --set images.postgres.tag={{ vardata.postgres_image_tag.name}} --set mecm.docker.fsgroup=result.stdout
+  command: helm install --wait mecm-meo-edgegallery edgegallery/mecm-meo --set ssl.secretName=mecm-ssl-secret --set mecm.secretName=edgegallery-mecm-secret --set images.inventory.tag={{ vardata.eg_image_tag.name}} --set images.appo.tag={{ vardata.eg_image_tag.name}} --set images.apm.tag={{ vardata.eg_image_tag.name}} --set images.postgres.tag=12.3 --set mecm.docker.fsgroup=result.stdout
   # yamllint disable rule:line-length
diff --git a/ocd/infra/playbooks/roles/eg_mecm-mepm/tasks/install.yml b/ocd/infra/playbooks/roles/eg_mecm-mepm/tasks/install.yml
index 4e01876..559f150 100644
--- a/ocd/infra/playbooks/roles/eg_mecm-mepm/tasks/install.yml
+++ b/ocd/infra/playbooks/roles/eg_mecm-mepm/tasks/install.yml
@@ -58,5 +58,5 @@
 
 - name: Install mecm-mepm
   # yamllint disable rule:line-length
-  command: helm install mecm-mepm-edgegallery edgegallery/mecm-mepm --set jwt.publicKeySecretName=mecm-mepm-jwt-public-secret --set mepm.secretName=edgegallery-mepm-secret --set ssl.secretName=mecm-mepm-ssl-secret --set images.lcmcontroller.tag={{ vardata.eg_image_tag.name}} --set images.k8splugin.tag={{ vardata.eg_image_tag.name}} --set images.postgres.tag={{ vardata.postgres_image_tag.name}}
+  command: helm install mecm-mepm-edgegallery edgegallery/mecm-mepm --set jwt.publicKeySecretName=mecm-mepm-jwt-public-secret --set mepm.secretName=edgegallery-mepm-secret --set ssl.secretName=mecm-mepm-ssl-secret --set images.lcmcontroller.tag={{ vardata.eg_image_tag.name}} --set images.k8splugin.tag={{ vardata.eg_image_tag.name}} --set images.postgres.tag=12.3
   # yamllint disable rule:line-length
diff --git a/ocd/infra/playbooks/roles/eg_mep/tasks/install.yml b/ocd/infra/playbooks/roles/eg_mep/tasks/install.yml
index 324427c..2f38693 100644
--- a/ocd/infra/playbooks/roles/eg_mep/tasks/install.yml
+++ b/ocd/infra/playbooks/roles/eg_mep/tasks/install.yml
@@ -61,7 +61,7 @@
 
 - name: Openssl rsa mep tls
   # yamllint disable rule:line-length
-  command: openssl rsa -in mepserver_tls.key -aes256 -passout pass:{{ vardata.secret_pwd.name}} -out mepserver_encryptedtls.key
+  command: openssl rsa -in mepserver_tls.key -aes256 -passout pass:{{ vardata.common_pwd.name}} -out mepserver_encryptedtls.key
   # yamllint disable rule:line-length
   args:
     chdir: /tmp/.mep_tmp_cer/
@@ -92,7 +92,7 @@
 
 - name: Openssl rsa in jwt
   # yamllint disable rule:line-length
-  command: openssl rsa -in jwt_privatekey -aes256 -passout pass:{{ vardata.secret_pwd.name}} -out jwt_encrypted_privatekey
+  command: openssl rsa -in jwt_privatekey -aes256 -passout pass:{{ vardata.common_pwd.name}} -out jwt_encrypted_privatekey
   # yamllint disable rule:line-length
   args:
     chdir: /tmp/.mep_tmp_cer/
@@ -104,7 +104,7 @@
 
 - name: Create generic pg secret
   # yamllint disable rule:line-length
-  command: kubectl -n mep create secret generic pg-secret --from-literal=pg_admin_pwd={{ vardata.secret_pwd.name}} --from-literal=kong_pg_pwd={{ vardata.secret_pwd.name}}
+  command: kubectl -n mep create secret generic pg-secret --from-literal=pg_admin_pwd={{ vardata.common_pwd.name}} --from-literal=kong_pg_pwd={{ vardata.common_pwd.name}}
            --from-file=server.key=/tmp/.mep_tmp_cer/mepserver_tls.key --from-file=server.crt=/tmp/.mep_tmp_cer/mepserver_tls.crt
   # yamllint disable rule:line-length
   args:
@@ -112,7 +112,7 @@
 
 - name: Create mep generic for mep ssl
   # yamllint disable rule:line-length
-  command: kubectl -n mep create secret generic mep-ssl --from-literal=cert_pwd={{ vardata.secret_pwd.name}} --from-file=server.cer=/tmp/.mep_tmp_cer/mepserver_tls.crt
+  command: kubectl -n mep create secret generic mep-ssl --from-literal=cert_pwd={{ vardata.common_pwd.name}} --from-file=server.cer=/tmp/.mep_tmp_cer/mepserver_tls.crt
            --from-file=server_key.pem=/tmp/.mep_tmp_cer/mepserver_encryptedtls.key --from-file=trust.cer=/tmp/.mep_tmp_cer/ca.crt
   # yamllint disable rule:line-length
   args:
@@ -193,7 +193,7 @@
   no_log: True
 
 - name: Link eg mep macvlan
-  command: ip addr add {{ vardata.eg-mp1-address.name}} dev eg-mp1
+  command: ip addr add {{ vardata.eg-management-address.name}} dev eg-mp1
   args:
     chdir: /tmp/eg_mep/deploy/
   ignore_errors: yes
@@ -215,7 +215,7 @@
   no_log: True
 
 - name: Link eg eg mm5 ip addr
-  command: ip addr add {{ vardata.eg-mm5-address.name}} dev eg-mm5
+  command: ip addr add {{ vardata.eg-dataplane-address.name}} dev eg-mm5
   args:
     chdir: /tmp/eg_mep/deploy/
   ignore_errors: yes
diff --git a/ocd/infra/playbooks/roles/eg_secret/tasks/install.yml b/ocd/infra/playbooks/roles/eg_secret/tasks/install.yml
index 2e43df8..4ee1012 100644
--- a/ocd/infra/playbooks/roles/eg_secret/tasks/install.yml
+++ b/ocd/infra/playbooks/roles/eg_secret/tasks/install.yml
@@ -23,5 +23,5 @@
 
 - name: Generate secret
   # yamllint disable rule:line-length
-  command: kubectl create secret generic edgegallery-ssl-secret --from-file=keystore.p12=/tmp/ssl-eg-keys-certs/keystore.p12 --from-literal=keystorePassword={{ vardata.secret_pwd.name}} --from-literal=keystoreType=PKCS12 --from-literal=keyAlias=edgegallery --from-file=trust.cer=/tmp/ssl-eg-keys-certs/ca.crt --from-file=server.cer=/tmp/ssl-eg-keys-certs/tls.crt --from-file=server_key.pem=/tmp/ssl-eg-keys-certs/encryptedtls.key --from-literal=cert_pwd={{ vardata.secret_pwd.name}}
+  command: kubectl create secret generic edgegallery-ssl-secret --from-file=keystore.p12=/tmp/ssl-eg-keys-certs/keystore.p12 --from-literal=keystorePassword={{ vardata.common_pwd.name}} --from-literal=keystoreType=PKCS12 --from-literal=keyAlias=edgegallery --from-file=trust.cer=/tmp/ssl-eg-keys-certs/ca.crt --from-file=server.cer=/tmp/ssl-eg-keys-certs/tls.crt --from-file=server_key.pem=/tmp/ssl-eg-keys-certs/encryptedtls.key --from-literal=cert_pwd={{ vardata.common_pwd.name}}
   # yamllint disable rule:line-length
diff --git a/ocd/infra/playbooks/roles/eg_user-mgmt/tasks/install.yml b/ocd/infra/playbooks/roles/eg_user-mgmt/tasks/install.yml
index dec9d25..61615a1 100644
--- a/ocd/infra/playbooks/roles/eg_user-mgmt/tasks/install.yml
+++ b/ocd/infra/playbooks/roles/eg_user-mgmt/tasks/install.yml
@@ -23,10 +23,10 @@
 
 - name: Generating certificates for usermanagment
   # yamllint disable rule:line-length
-  command: kubectl create secret generic user-mgmt-jwt-secret --from-file=publicKey=/tmp/ssl-eg-keys-certs/rsa_public_key.pem --from-file=encryptedPrivateKey=/tmp/ssl-eg-keys-certs/encrypted_rsa_private_key.pem --from-literal=encryptPassword={{ vardata.secret_pwd.name}}
+  command: kubectl create secret generic user-mgmt-jwt-secret --from-file=publicKey=/tmp/ssl-eg-keys-certs/rsa_public_key.pem --from-file=encryptedPrivateKey=/tmp/ssl-eg-keys-certs/encrypted_rsa_private_key.pem --from-literal=encryptPassword={{ vardata.common_pwd.name}}
   # yamllint disable rule:line-length
 
 - name: Install user-mgmt
   # yamllint disable rule:line-length
-  command: helm install --wait user-mgmt-edgegallery edgegallery/usermgmt --set global.oauth2.clients.appstore.clientUrl=https://{{ vardata.user_mgmt_oauth_appstore_client_ip.name}}:{{vardata.user_mgmt_oauth_appstore_client_port.name}},global.oauth2.clients.developer.clientUrl=https://{{ vardata.user_mgmt_oauth_developer_client_ip.name}}:{{vardata.user_mgmt_oauth_developer_client_port.name}},global.oauth2.clients.mecm.clientUrl=https://{{ vardata.user_mgmt_oauth_mecm_client_ip.name}}:{{vardata.user_mgmt_oauth_mecm_client_port.name}}, --set jwt.secretName=user-mgmt-jwt-secret --set images.usermgmt.tag={{ vardata.eg_image_tag.name}} --set global.ssl.enabled=true --set global.ssl.secretName=edgegallery-ssl-secret
+  command: helm install --wait user-mgmt-edgegallery edgegallery/usermgmt --set global.oauth2.clients.appstore.clientUrl=https://{{ vardata.user_mgmt_oauth_appstore_client_ip.name}}:{{vardata.appstore_port.name}},global.oauth2.clients.developer.clientUrl=https://{{ vardata.user_mgmt_oauth_developer_client_ip.name}}:{{vardata.developer_port.name}},global.oauth2.clients.mecm.clientUrl=https://{{ vardata.user_mgmt_oauth_mecm_client_ip.name}}:{{vardata.mecm_port.name}}, --set jwt.secretName=user-mgmt-jwt-secret --set images.usermgmt.tag={{ vardata.eg_image_tag.name}} --set global.ssl.enabled=true --set global.ssl.secretName=edgegallery-ssl-secret
   # yamllint disable rule:line-length
-- 
2.16.6