-Subproject commit 1b28e45136d5096ef4c07f4142c76b45224b3cf4
+Subproject commit e67a94e6be333271c8237d6ebd5fb0f489401350
baseUrl: http://cds-controller-blueprints:8080/api/v1
authToken: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw==
processor:
- baseUrl: http://cds-blueprints-processor:8080/api/v1
+ baseUrl: http://cds-blueprints-processor-http:8080/api/v1
authToken: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw==
# default number of instances
# application image
repository: nexus3.onap.org:10001
-image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.15
+image: onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.4.16
default_k8s_location: central
# DCAE component images to be deployed via Cloudify Manager
"interval": 600
},
"policy_engine": {
- "url": "https://{{ .Values.config.address.policy_pdp }}.{{include "common.namespace" . }}:8081",
- "path_decision": "/decision/v1",
+ "url": "https://{{ .Values.config.address.policy_xacml_pdp }}:6969",
+ "path_decision": "/policy/pdpx/v1/decision"
"path_notifications": "/pdp/notifications",
"path_api": "/pdp/api/",
"headers": {
"Accept": "application/json",
"Content-Type": "application/json",
"ClientAuth": "cHl0aG9uOnRlc3Q=",
- "Authorization": "Basic dGVzdHBkcDphbHBoYTEyMw==",
+ "Authorization": "Basic aGVhbHRoY2hlY2s6emIhWHp0RzM0",
"Environment": "TEST"
},
"target_entity": "policy_engine",
consul:
host: consul-server
port: 8500
+ policy_xacml_pdp: policy-xacml-pdp
#################################################################
# Application configuration defaults.
# application images
repository: nexus3.onap.org:10001
-image: onap/dmaap/dmaap-bc:1.1.4-STAGING-latest
+image: onap/dmaap/dmaap-bc:1.1.5
# application configuration
readinessImage: readiness-check:2.0.0
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
- clientImage: onap/dmaap/dbc-client:1.0.8-STAGING-latest
+ clientImage: onap/dmaap/dbc-client:1.0.9
# application configuration
config:
logstashServiceName: log-ls
--- /dev/null
+#
+# Properties that the embedded PDP engine uses to configure and load
+#
+# Standard API Factories
+#
+xacml.dataTypeFactory=com.att.research.xacml.std.StdDataTypeFactory
+xacml.pdpEngineFactory=com.att.research.xacmlatt.pdp.ATTPDPEngineFactory
+xacml.pepEngineFactory=com.att.research.xacml.std.pep.StdEngineFactory
+xacml.pipFinderFactory=com.att.research.xacml.std.pip.StdPIPFinderFactory
+xacml.traceEngineFactory=com.att.research.xacml.std.trace.LoggingTraceEngineFactory
+#
+# AT&T PDP Implementation Factories
+#
+xacml.att.evaluationContextFactory=com.att.research.xacmlatt.pdp.std.StdEvaluationContextFactory
+xacml.att.combiningAlgorithmFactory=com.att.research.xacmlatt.pdp.std.StdCombiningAlgorithmFactory
+xacml.att.functionDefinitionFactory=com.att.research.xacmlatt.pdp.std.StdFunctionDefinitionFactory
+#
+# ONAP PDP Implementation Factories
+#
+xacml.att.policyFinderFactory=org.onap.policy.pdp.xacml.application.common.OnapPolicyFinderFactory
+
+#
+# Use a root combining algorithm
+#
+xacml.att.policyFinderFactory.combineRootPolicies=urn:oasis:names:tc:xacml:3.0:policy-combining-algorithm:deny-overrides
+
+#
+# PIP Engine Definitions
+#
+count-recent-operations.classname=org.onap.policy.pdp.xacml.application.common.operationshistory.CountRecentOperationsPip
+count-recent-operations.issuer=urn:org:onap:xacml:guard:count-recent-operations
+count-recent-operations.name=CountRecentOperations
+count-recent-operations.description=Returns operation counts based on time window
+count-recent-operations.persistenceunit=OperationsHistoryPU
+
+get-operation-outcome.classname=org.onap.policy.pdp.xacml.application.common.operationshistory.GetOperationOutcomePip
+get-operation-outcome.issuer=urn:org:onap:xacml:guard:get-operation-outcome
+get-operation-outcome.name=GetOperationOutcome
+get-operation-outcome.description=Returns operation outcome
+get-operation-outcome.persistenceunit=OperationsHistoryPU
+
+#
+# Make pips available to finder
+#
+xacml.pip.engines=count-recent-operations,get-operation-outcome
+
+#
+# JPA Properties
+#
+javax.persistence.jdbc.driver=org.mariadb.jdbc.Driver
+javax.persistence.jdbc.url=jdbc:mariadb://{{ .Values.global.mariadb.nameOverride }}:3306/operationshistory
+javax.persistence.jdbc.user=policy_user
+javax.persistence.jdbc.password=cG9saWN5X3VzZXI=
\ No newline at end of file
#!/bin/bash
#
-# Run the testsuite for the passed tag. Valid tags are ete, health, closedloop, instantiate
+# Run the testsuite for the passed tag. Valid tags are listed in usage help
# Please clean up logs when you are done...
-# Note: Do not run multiple concurrent ete.sh as the --display is not parameterized and tests will collide
#
if [ "$1" == "" ] || [ "$2" == "" ]; then
- echo "Usage: ete-k8s.sh [namespace] [ health | healthdist | distribute | instantiate | instantiateVFWCL | instantiateDemoVFWCL | | portal ]"
+ echo "Usage: ete-k8s.sh [namespace] [tag]"
+ echo ""
+ echo " List of test case tags (filename for intent: tag)"
+ echo ""
+ echo " cds.robot: cds"
+ echo ""
+ echo " clamp.robot: clamp"
+ echo ""
+ echo " demo.robot: InitDemo, InitCustomer, APPCCDTPreloadDemo, APPCMountPointDemo, DistributeDemoVFWDT, DistributeVFWNG,"
+ echo " InitDistribution, PreloadDemo, deleteVNF, heatbridge, instantiateDemoVFWCL, instantiateVFW, instantiateVFWCL, instantiateVFWDT"
+ echo ""
+ echo " health-check.robot: health, core, small, medium, 3rdparty, api, datarouter, externalapi, health-aaf, health-aai, health-appc,"
+ echo " health-clamp, health-cli, health-dcae, health-dmaap, health-log, health-modeling, health-msb,"
+ echo " health-multicloud, health-oof, health-policy, health-pomba, health-portal, health-sdc, health-sdnc,"
+ echo " health-so, health-uui, health-vfc, health-vid, health-vnfsdk, healthdist, healthlogin, healthmr,"
+ echo " healthportalapp, multicloud, oom"
+ echo ""
+ echo " hvves.robot: HVVES, ete"
+ echo ""
+ echo " model-distribution-vcpe.robot: distributevCPEResCust"
+ echo ""
+ echo " model-distribution.robot: distribute, distributeVFWDT, distributeVLB"
+ echo ""
+ echo " oof-*.robot: cmso, has, homing"
+ echo ""
+ echo " pnf-registration.robot: ete, pnf_registrate"
echo ""
- echo " List of test case tags (filename for intent: tag) "
- echo " "
- echo " cds.robot: cds "
- echo " "
- echo " clamp.robot: clamp "
- echo " "
- echo " demo.robot: InitDemo, InitCustomer , APPCCDTPreloadDemo, APPCMountPointDemo, DistributeDemoVFWDT, DistributeVFWNG, "
- echo " InitDistribution, PreloadDemo, deleteVNF, heatbridge, instantiateDemoVFWCL, instantiateVFW, instantiateVFWCL, instantiateVFWDT "
- echo " "
- echo " health-check.robot: health , core, small, medium, 3rdparty, api, datarouter, externalapi, health-aaf, health-aai, health-appc, "
- echo " health-clamp, health-cli, health-dcae, health-dmaap, health-log, health-modeling, health-msb, "
- echo " health-multicloud, health-oof, health-policy, health-pomba, health-portal, health-sdc, health-sdnc, "
- echo " health-so, health-uui, health-vfc, health-vid, health-vnfsdk, healthdist, healthlogin, healthmr, "
- echo " healthportalapp, multicloud, oom "
- echo " "
- echo " hvves.robot: :HVVES, ete "
- echo " "
- echo " model-distribution-vcpe.robot: distributevCPEResCust "
- echo " "
- echo " model-distribution.robot: distribute, distributeVFWDT, distributeVLB "
- echo " "
- echo " oof-*.robot: cmso , has, homing "
- echo " "
- echo " pnf-registration.robot: ete, pnf_registrate "
- echo " "
echo " post-install-tests.robot dmaapacl, postinstall"
- echo " "
- echo " update_onap_page.robot: UpdateWebPage "
- echo " "
- echo " vnf-orchestration-direct-so.robot: instantiateVFWdirectso "
- echo " "
+ echo ""
+ echo " update_onap_page.robot: UpdateWebPage"
+ echo ""
+ echo " vnf-orchestration-direct-so.robot: instantiateVFWdirectso"
+ echo ""
echo " vnf-orchestration.robot: instantiate, instantiateNoDelete, stability72hr"
exit
fi
POD=$(kubectl --namespace $NAMESPACE get pods | sed 's/ .*//'| grep robot)
-
TAGS="-i $2"
ETEHOME=/var/opt/ONAP
#!/bin/bash
#
-# Run the testsuite for the passed tag. Valid tags are ete, health, closedloop, instantiate
+# Run the health-check testsuites for the tags discovered by helm list
# Please clean up logs when you are done...
-# Note: Do not run multiple concurrent ete.sh as the --display is not parameterized and tests will collide
#
if [ "$1" == "" ] ; then
- echo "Usage: eteHelm-k8s.sh namespace "
- echo " list projects via helm list and runs health-check with those tags except dev and dev-consul "
+ echo "Usage: eteHelm-k8s.sh [namespace]"
+ echo " list projects via helm list and runs health-check with those tags except dev and dev-consul"
exit
fi
GLOBAL_DCAE_HEALTH_SERVER_PORT = "80"
GLOBAL_DCAE_USERNAME = '{{ .Values.dcaeUsername }}'
GLOBAL_DCAE_PASSWORD = '{{ .Values.dcaePassword}}'
+# dcae hv-ves info
+GLOBAL_DCAE_HVVES_SERVER_NAME = 'dcae-hv-ves-collector.{{include "common.namespace" .}}'
+GLOBAL_DCAE_HVVES_SERVER_PORT = "6061"
# data router info - everything is from the private oam network (also called onap private network)
GLOBAL_DMAAP_DR_PROV_SERVER_PROTOCOL = "http"
GLOBAL_DMAAP_DR_PROV_SERVER_PORT = "8080"
GLOBAL_DMAAP_DR_NODE_SERVER_PROTOCOL = "http"
GLOBAL_DMAAP_DR_NODE_SERVER_PORT = "8080"
+# dmaap message router info
+GLOBAL_DMAAP_MESSAGE_ROUTER_SERVER_NAME = 'message-router.{{include "common.namespace" .}}'
+GLOBAL_DMAAP_MESSAGE_ROUTER_SERVER_PORT = "3904"
+# dmaap kafka info
+GLOBAL_DMAAP_KAFKA_SERVER_NAME = 'message-router-kafka.{{include "common.namespace" .}}'
+GLOBAL_DMAAP_KAFKA_SERVER_PORT = "9092"
+GLOBAL_DMAAP_KAFKA_JAAS_USERNAME = '{{ .Values.kafkaJaasUsername }}'
+GLOBAL_DMAAP_KAFKA_JAAS_PASSWORD = '{{ .Values.kafkaJaasPassword }}'
# DROOL server port and credentials
GLOBAL_DROOLS_SERVER_PORT = "9696"
GLOBAL_DROOLS_USERNAME = '{{ .Values.droolsUsername }}'
# DMAAP BC
bcUsername: "dmaap-bc@dmaap-bc.onap.org"
bcPassword: "demo123456!"
+# DMAAP KAFKA JAAS
+kafkaJaasUsername: "admin"
+kafkaJaasPassword: "admin_secret"
# default number of instances
replicaCount: 1
value: {{ .Values.config.javaOptions }}
- name: BACKEND
value: {{ .Values.config.backendServerURL }}
+ - name: IS_HTTPS
+ value: "{{ .Values.config.isHttpsEnabled}}"
+ {{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }}
+ - name: KEYSTORE_PASS
+ {{- if .Values.global.security.keysFromCa }}
+ valueFrom:
+ secretKeyRef:
+ name: mft-sdc
+ key: keystore-password.txt
+ {{ else }}
+ value: {{ .Values.global.security.keyStorePass}}
+ {{- end }}
+ - name: TRUSTSTORE_PASS
+ {{- if .Values.global.security.keysFromCa }}
+ valueFrom:
+ secretKeyRef:
+ name: mft-catruststore
+ key: keystore-password.txt
+ {{ else }}
+ value: {{ .Values.global.security.trustStorePass}}
+ {{- end }}
+ - name: TRUSTSTORE_PATH
+ value: "{{ .Values.security.storePath }}/{{ .Values.security.truststoreFilename }}"
+ - name: KEYSTORE_PATH
+ value: "{{ .Values.security.storePath }}/{{ .Values.security.keystoreFilename }}"
+ - name: TRUSTSTORE_TYPE
+ value: {{ .Values.security.truststore.type }}
+ - name: KEYSTORE_TYPE
+ value: {{ .Values.security.keystore.type }}
+ {{ end }}
volumeMounts:
+ {{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }}
+ - name: {{ include "common.fullname" . }}-jetty-https-truststore
+ mountPath: /var/lib/jetty/{{ .Values.security.storePath }}/{{ .Values.security.truststoreFilename }}
+ subPath: {{ .Values.security.truststoreFilename }}
+ - name: {{ include "common.fullname" . }}-jetty-https-keystore
+ mountPath: /var/lib/jetty/etc/{{ .Values.security.storePath }}/{{ .Values.security.keystoreFilename }}
+ subPath: {{ .Values.security.keystoreFilename }}
+ {{ end }}
- name: {{ include "common.fullname" . }}-localtime
mountPath: /etc/localtime
readOnly: true
- port: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
name: {{ .Values.service.portName | default "http" }}
+ - port: {{ .Values.service.internalPort2 }}
+ nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort2 }}
+ name: {{ .Values.service.portName2 | default "https" }}
{{- else -}}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
name: {{ .Values.service.portName | default "http" }}
+ - port: {{ .Values.service.externalPort2 }}
+ targetPort: {{ .Values.service.internalPort2 }}
+ name: {{ .Values.service.portName2 | default "https" }}
{{- end}}
selector:
app: {{ include "common.name" . }}
#################################################################
global:
nodePortPrefix: 302
+ nodePortPrefixExt: 304
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.2
loggingRepository: docker.elastic.co
config:
javaOptions: "-Xdebug -agentlib:jdwp=transport=dt_socket,address=7000,server=y,suspend=n -Xmx256m -Xms256m"
backendServerURL: "http://sdc-wfd-be:8080"
+ isHttpsEnabled: false
+
+# https relevant settings. Change in case you have other trust files then default ones.
+security:
+ isDefaultStore: true
+ truststoreType: "JKS"
+ keystoreType: "JKS"
+ truststoreFilename: "truststore"
+ keystoreFilename: "keystore"
+ storePath: "etc"
# default number of instances
replicaCount: 1
externalPort: 8080
portName: sdc-wfd-fe
nodePort: "56"
+ portName2: sdc-wfd-fe2
+ internalPort2: 8443
+ externalPort2: 8443
+ nodePort2: "31"
ingress:
enabled: false
workflowAaiDistributionDelay: PT30S
pnfEntryNotificationTimeout: P14D
cds:
- endpoint: cds-blueprints-processor
+ endpoint: cds-blueprints-processor-grpc
port: 9111
auth: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw==
timeout: 600
{
"serviceName": "usecaseui-server",
"version": "v1",
- "url": "/api/usecaseui/server/v1",
+ "url": "/api/usecaseui-server/v1",
"protocol": "REST",
"port": "{{.Values.service.internalPort}}",
"visualRange":"1"
Code Review / oom.git / commitdiff