diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
new file mode 100644
index 0000000000..9609b080a3
--- /dev/null
+++ b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,70 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+ push:
+ branches: [ master ]
+ pull_request:
+ # The branches below must be a subset of the branches above
+ branches: [ master ]
+ schedule:
+ - cron: '24 2 * * 2'
+
+jobs:
+ analyze:
+ name: Analyze
+ runs-on: ubuntu-latest
+ permissions:
+ actions: read
+ contents: read
+ security-events: write
+
+ strategy:
+ fail-fast: false
+ matrix:
+ language: [ 'javascript', 'python' ]
+ # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+ # Learn more about CodeQL language support at https://git.io/codeql-language-support
+
+ steps:
+ - name: Checkout repository
+ uses: actions/checkout@v2
+
+ # Initializes the CodeQL tools for scanning.
+ - name: Initialize CodeQL
+ uses: github/codeql-action/init@v1
+ with:
+ languages: ${{ matrix.language }}
+ # If you wish to specify custom queries, you can do so here or in a config file.
+ # By default, queries listed here will override any specified in a config file.
+ # Prefix the list here with "+" to use these queries and those in the config file.
+ # queries: ./path/to/local/query, your-org/your-repo/queries@main
+
+ # Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
+ # If this step fails, then you should remove it and run the build manually (see below)
+ - name: Autobuild
+ uses: github/codeql-action/autobuild@v1
+
+ # âšī¸ Command-line programs to run using the OS shell.
+ # đ https://git.io/JvXDl
+
+ # âī¸ If the Autobuild fails above, remove it and uncomment the following three lines
+ # and modify them (or add more) to build your code if your project
+ # uses a compiled language
+
+ #- run: |
+ # make bootstrap
+ # make release
+
+ - name: Perform CodeQL Analysis
+ uses: github/codeql-action/analyze@v1
diff --git a/kubernetes/robot/resources/config/eteshare/config/credentials.py b/kubernetes/robot/resources/config/eteshare/config/credentials.py
new file mode 100644
index 0000000000..e9de0270db
--- /dev/null
+++ b/kubernetes/robot/resources/config/eteshare/config/credentials.py
@@ -0,0 +1,29 @@
+import base64
+
+def Nexus_Pass():
+ message = "Docker"
+ message_bytes = message.encode('ascii')
+ base64_bytes = base64.b64encode(message_bytes)
+ base64_message = base64_bytes.decode('ascii')
+ return base64_message
+
+def generator_pass():
+ message = "admin"
+ message_bytes = message.encode('ascii')
+ base64_bytes = base64.b64encode(message_bytes)
+ base64_message = base64_bytes.decode('ascii')
+ return base64_message
+
+def Ves_pass():
+ message = "sample1"
+ message_bytes = message.encode('ascii')
+ base64_bytes = base64.b64encode(message_bytes)
+ base64_message = base64_bytes.decode('ascii')
+ return base64_message
+
+def CDS_pass():
+ message = "ccsdkapps"
+ message_bytes = message.encode('ascii')
+ base64_bytes = base64.b64encode(message_bytes)
+ base64_message = base64_bytes.decode('ascii')
+ return base64_message
diff --git a/kubernetes/robot/resources/config/eteshare/config/robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/robot_properties.py
index c2d1c48fe8..293cd2eafd 100644
--- a/kubernetes/robot/resources/config/eteshare/config/robot_properties.py
+++ b/kubernetes/robot/resources/config/eteshare/config/robot_properties.py
@@ -14,6 +14,17 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+import base64
+
+from credentials import *
+
+def decode(s):
+ base64_message = s
+ base64_bytes = base64_message.encode('ascii')
+ message_bytes = base64.b64decode(base64_bytes)
+ message = message_bytes.decode('ascii')
+ return message
+
GLOBAL_INJECTED_AAF_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "aaf-service") }}'
GLOBAL_INJECTED_AAI_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "aai") }}'
GLOBAL_INJECTED_APPC_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "appc") }}'
@@ -52,7 +63,7 @@
GLOBAL_INJECTED_NBI_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "nbi") }}'
GLOBAL_INJECTED_NETWORK = '{{ .Values.openStackPrivateNetId }}'
GLOBAL_INJECTED_NEXUS_DOCKER_REPO = '{{ include "common.repository" . }}'
-GLOBAL_INJECTED_NEXUS_PASSWORD = 'docker'
+GLOBAL_INJECTED_NEXUS_PASSWORD = decode(Nexus_Pass())
GLOBAL_INJECTED_NEXUS_REPO ='https://nexus.onap.org/content/sites/raw'
GLOBAL_INJECTED_NEXUS_USERNAME = 'docker'
GLOBAL_INJECTED_OOF_IP_ADDR = 'N/A'
@@ -309,7 +320,7 @@
# packet generate vnf info - everything is from the private oam network (also called onap private network)
GLOBAL_PACKET_GENERATOR_PORT = "8183"
GLOBAL_PACKET_GENERATOR_USERNAME = "admin"
-GLOBAL_PACKET_GENERATOR_PASSWORD = "admin"
+GLOBAL_PACKET_GENERATOR_PASSWORD = decode(generator_pass())
GLOBAL_PGN_PORT = "2831"
# policy info - everything is from the private oam network (also called onap private network)
GLOBAL_POLICY_SERVER_PROTOCOL = "https"
@@ -355,7 +366,7 @@
GLOBAL_DCAE_VES_HTTPS_PROTOCOL = "https"
GLOBAL_DCAE_VES_HTTPS_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dcae-ves-collector-https" "port" 8443) }}'
GLOBAL_DCAE_VES_USERNAME = 'sample1'
-GLOBAL_DCAE_VES_PASSWORD = 'sample1'
+GLOBAL_DCAE_VES_PASSWORD = decode(Ves_pass())
#global selenium info
@@ -374,7 +385,7 @@
GLOBAL_CCSDK_CDS_SERVER_PROTOCOL = "http"
GLOBAL_CCSDK_CDS_HEALTH_SERVER_PORT = "8080"
GLOBAL_CCSDK_CDS_USERNAME = 'ccsdkapps'
-GLOBAL_CCSDK_CDS_PASSWORD = 'ccsdkapps'
+GLOBAL_CCSDK_CDS_PASSWORD = decode(CDS_pass())
GLOBAL_CCSDK_CDS_AUTHENTICATION = [GLOBAL_CCSDK_CDS_USERNAME, GLOBAL_CCSDK_CDS_PASSWORD]
GLOBAL_CDS_AUTH = "Y2NzZGthcHBzOmNjc2RrYXBwcw=="
diff --git a/kubernetes/so/resources/config/mso/standalone-full-ha-mso.xml b/kubernetes/so/resources/config/mso/standalone-full-ha-mso.xml
index d3ff84fc26..4c92e080d3 100755
--- a/kubernetes/so/resources/config/mso/standalone-full-ha-mso.xml
+++ b/kubernetes/so/resources/config/mso/standalone-full-ha-mso.xml
@@ -159,7 +159,7 @@
mso
- mso123
+ bXNvMTIzCg==
@@ -189,7 +189,7 @@
catalog
- catalog123
+ Y2F0YWxvZzEyMwo=
@@ -220,7 +220,7 @@
camunda
- camunda123
+ Y2FtdW5kYTEyMwo=
@@ -236,7 +236,7 @@
h2
sa
- sa
+ c2EK