- simulator
- kafka
- pap
+ - opa-pdp
ports:
- ${APEX_PORT}:6969
- ${APEX_EVENTS_PORT}:23324
- policytypes/onap.policies.controlloop.operational.common.Drools.yaml
- policytypes/onap.policies.native.opa.yaml
policies:
+ - policies/opa.policy.slice.capacity.check.tosca.yaml
- policies/sdnc.policy.naming.input.tosca.yaml
management:
"currentInstanceCount": 0,
"desiredInstanceCount": 1,
"policies": []
+ },
+ {
+ "name": "opaGroup",
+ "pdpGroupState": "ACTIVE",
+ "properties": {},
+ "pdpSubgroups": [
+ {
+ "pdpType": "opa",
+ "desiredInstanceCount": 1,
+ "properties": {},
+ "supportedPolicyTypes": [
+ {
+ "name": "onap.policies.native.opa",
+ "version": "1.0.0"
+ }
+ ],
+ "policies": [
+ {
+ "name": "slice.capacity.check",
+ "version": "1.0.0"
+ }
+ ]
}
]
}
+ ]
+ }
]
}
+++ /dev/null
-{
- "sensor_data": [
- {
- "id": "0001",
- "location": "Sri Lanka",
- "temperature": "28 C",
- "precipitation": "1000 mm",
- "windspeed": "5.5 m/s",
- "humidity": "40%",
- "particle_density": "1.3 g/l",
- "timestamp": "2024-02-26"
- },
- {
- "id": "0002",
- "location": "Colombo",
- "temperature": "30 C",
- "precipitation": "1200 mm",
- "windspeed": "6.0 m/s",
- "humidity": "45%",
- "particle_density": "1.5 g/l",
- "timestamp": "2024-02-26"
- },
- {
- "id": "0003",
- "location": "Kandy",
- "temperature": "25 C",
- "precipitation": "800 mm",
- "windspeed": "4.5 m/s",
- "humidity": "60%",
- "particle_density": "1.1 g/l",
- "timestamp": "2024-02-26"
- },
- {
- "id": "0004",
- "location": "Galle",
- "temperature": "35 C",
- "precipitation": "500 mm",
- "windspeed": "7.2 m/s",
- "humidity": "30%",
- "particle_density": "1.8 g/l",
- "timestamp": "2024-02-27"
- },
- {
- "id": "0005",
- "location": "Jaffna",
- "temperature": "-5 C",
- "precipitation": "300 mm",
- "windspeed": "3.8 m/s",
- "humidity": "20%",
- "particle_density": "0.9 g/l",
- "timestamp": "2024-02-27"
- },
- {
- "id": "0006",
- "location": "Trincomalee",
- "temperature": "20 C",
- "precipitation": "1000 mm",
- "windspeed": "5.0 m/s",
- "humidity": "55%",
- "particle_density": "1.2 g/l",
- "timestamp": "2024-02-28"
- },
- {
- "id": "0007",
- "location": "Nuwara Eliya",
- "temperature": "25 C",
- "precipitation": "600 mm",
- "windspeed": "4.0 m/s",
- "humidity": "50%",
- "particle_density": "1.3 g/l",
- "timestamp": "2024-02-28"
- },
- {
- "id": "0008",
- "location": "Anuradhapura",
- "temperature": "28 C",
- "precipitation": "700 mm",
- "windspeed": "5.8 m/s",
- "humidity": "40%",
- "particle_density": "1.4 g/l",
- "timestamp": "2024-02-29"
- },
- {
- "id": "0009",
- "location": "Matara",
- "temperature": "32 C",
- "precipitation": "900 mm",
- "windspeed": "6.5 m/s",
- "humidity": "65%",
- "particle_density": "1.6 g/l",
- "timestamp": "2024-02-29"
- }
- ]
-}
+++ /dev/null
-{
- "account_attributes":{
- "11111":{
- "owner":"alice",
- "amount":10000
- },
- "22222":{
- "owner":"bob",
- "amount":10000
- },
- "33333":{
- "owner":"cam",
- "amount":10000
- }
- }
-}
+++ /dev/null
-{
- "user_roles": {
- "alice": [
- "admin"
- ],
- "bob": [
- "editor"
- ],
- "charlie": [
- "viewer"
- ]
- },
- "role_permissions": {
- "admin": {
- "actions": [
- "read",
- "write",
- "delete"
- ],
- "resources": [
- "server",
- "database"
- ]
- },
- "editor": {
- "actions": [
- "read",
- "write"
- ],
- "resources": [
- "server"
- ]
- },
- "viewer": {
- "actions": [
- "read"
- ],
- "resources": [
- "server"
- ]
- }
- }
-}
--- /dev/null
+{
+ "blacklist" : [
+ "the-vfmodule-where-root-is-true",
+ "another-vfmodule-where-root-is-true"
+]
+}
--- /dev/null
+{
+ "allowedCellId" : 445611193265040129,
+ "minPCI": 1,
+ "maxPCI": 3000
+}
--- /dev/null
+{ "domain": "measurementsForVfScaling",
+ "metricsPerEventName": [{
+ "eventName": "Measurement_vGMUX",
+ "controlLoopSchemaType": "VNF",
+ "policyScope": "DCAE",
+ "policyName": "DCAE.Config_tca-hi-lo",
+ "policyVersion": "v0.0.1",
+ "thresholds" : [{"version": "1.0.2",
+ "closedLoopControlName": "ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e",
+ "thresholdValue": 0
+ }]
+}]
+}
+++ /dev/null
-{
- "acls": [
- {
- "user": "alice",
- "actions": [
- "edit",
- "read"
- ],
- "component": "component_A",
- "project": "project_A",
- "organization": "org_A"
- },
- {
- "user": "bob",
- "actions": ["read"],
- "organization": "org_A"
- },
- {
- "user": "bob",
- "action": ["edit"],
- "component": "component_A",
- "project": "project_B",
- "organization": "org_A"
- },
- {
- "user": "charlie",
- "action": ["read"],
- "project": "project_B",
- "organization": "org_A"
- }
- ]
-}
+++ /dev/null
-{
- "groups": [
- {
- "name": "opaGroup",
- "version": "1.0.0",
- "description": "The default group that registers all supported policy types and pdps.",
- "pdpGroupState": "ACTIVE",
- "pdpSubgroups": [
- {
- "pdpType": "opa",
- "desiredInstanceCount": 1,
- "properties": {},
- "supportedPolicyTypes": [
- {
- "name": "onap.policies.native.opa",
- "version": "1.0.0"
- }
- ],
- "policies": []
- }
- ]
- }
- ]
-}
+++ /dev/null
-package abac
-
-import rego.v1
-
-default allow := false
-
-allow if {
- viewable_sensor_data
- action_is_read
-}
-
-action_is_read if "read" in input.actions
-
-viewable_sensor_data contains view_data if {
- some sensor_data in data.abac.sensor_data
- sensor_data.timestamp >= input.time_period.from
- sensor_data.timestamp < input.time_period.to
-
- view_data := {datatype: sensor_data[datatype] | datatype in input.datatypes}
-}
-package example
+package access_method
import rego.v1
+++ /dev/null
-package account
-
-import rego.v1
-
-default allow := false
-
-allow if {
- creditor_is_valid
- debtor_is_valid
- period_is_valid
- amount_is_valid
-}
-creditor_is_valid if data.account.account_attributes[input.creditor_account].owner == input.creditor
-debtor_is_valid if data.account.account_attributes[input.debtor_account].owner == input.debtor
-
-period_is_valid if input.period <= 30
-amount_is_valid if data.account.account_attributes[input.debtor_account].amount >= input.amount
+++ /dev/null
-package action
-
-import rego.v1
-
-# By default, deny requests.
-default allow := false
-
-
-# Allow the action if admin role is granted permission to perform the action.
-allow if {
- some i
- data.action.user_roles[input.user][i] == role
- some j
- data.action.role_permissions[role].actions[j] == input.action
- some k
- data.action.role_permissions[role].resources[k] == input.type
-}
-# * Rego comparison to other systems: https://www.openpolicyagent.org/docs/latest/comparison-to-other-systems/
-# * Rego Iteration: https://www.openpolicyagent.org/docs/latest/#iteration
-
-
--- /dev/null
+package blacklist
+import future.keywords.in
+import rego.v1
+
+# Define a rule to check if the operation should be allowed
+module_allow[module] := false if {
+ some module in input.vfmodule
+ not validate(module)
+}
+
+module_allow[module] := true if{
+ some module in input.vfmodule
+ validate(module)
+}
+
+validate(module) if {
+ module in data.node.blacklist.blacklist
+}
--- /dev/null
+package cell.consistency
+import rego.v1
+default allow = false
+# Rule to check cell consistency
+check_cell_consistency if {
+ input.cell != data.node.cell.consistency.allowedCellId
+}
+# Rule to allow if PCI is within range 1-3000
+allow_if_pci_in_range if {
+ input.PCI >= data.node.cellconsistency.minPCI
+ input.PCI <= data.node.cellconsistency.maxPCI
+}
+# Main rule to determine the final decision
+allow if{
+ check_cell_consistency
+ allow_if_pci_in_range
+}
--- /dev/null
+package cell.consistency.topology
+import rego.v1
+# Rule to check cell consistency
+check_cell_consistency if {
+ input.cell != data.node.cell.consistency.allowedCellId
+}
+++ /dev/null
-{
- "sensor_data": [
- {
- "id": "0001",
- "location": "Sri Lanka",
- "temperature": "28 C",
- "precipitation": "1000 mm",
- "windspeed": "5.5 m/s",
- "humidity": "40%",
- "particle_density": "1.3 g/l",
- "timestamp": "2024-02-26"
- },
- {
- "id": "0002",
- "location": "Colombo",
- "temperature": "30 C",
- "precipitation": "1200 mm",
- "windspeed": "6.0 m/s",
- "humidity": "45%",
- "particle_density": "1.5 g/l",
- "timestamp": "2024-02-26"
- },
- {
- "id": "0003",
- "location": "Kandy",
- "temperature": "25 C",
- "precipitation": "800 mm",
- "windspeed": "4.5 m/s",
- "humidity": "60%",
- "particle_density": "1.1 g/l",
- "timestamp": "2024-02-26"
- },
- {
- "id": "0004",
- "location": "Galle",
- "temperature": "35 C",
- "precipitation": "500 mm",
- "windspeed": "7.2 m/s",
- "humidity": "30%",
- "particle_density": "1.8 g/l",
- "timestamp": "2024-02-27"
- },
- {
- "id": "0005",
- "location": "Jaffna",
- "temperature": "-5 C",
- "precipitation": "300 mm",
- "windspeed": "3.8 m/s",
- "humidity": "20%",
- "particle_density": "0.9 g/l",
- "timestamp": "2024-02-27"
- },
- {
- "id": "0006",
- "location": "Trincomalee",
- "temperature": "20 C",
- "precipitation": "1000 mm",
- "windspeed": "5.0 m/s",
- "humidity": "55%",
- "particle_density": "1.2 g/l",
- "timestamp": "2024-02-28"
- },
- {
- "id": "0007",
- "location": "Nuwara Eliya",
- "temperature": "25 C",
- "precipitation": "600 mm",
- "windspeed": "4.0 m/s",
- "humidity": "50%",
- "particle_density": "1.3 g/l",
- "timestamp": "2024-02-28"
- },
- {
- "id": "0008",
- "location": "Anuradhapura",
- "temperature": "28 C",
- "precipitation": "700 mm",
- "windspeed": "5.8 m/s",
- "humidity": "40%",
- "particle_density": "1.4 g/l",
- "timestamp": "2024-02-29"
- },
- {
- "id": "0009",
- "location": "Matara",
- "temperature": "32 C",
- "precipitation": "900 mm",
- "windspeed": "6.5 m/s",
- "humidity": "65%",
- "particle_density": "1.6 g/l",
- "timestamp": "2024-02-29"
- }
- ]
-}
+++ /dev/null
-{
- "account_attributes":{
- "11111":{
- "owner":"alice",
- "amount":10000
- },
- "22222":{
- "owner":"bob",
- "amount":10000
- },
- "33333":{
- "owner":"cam",
- "amount":10000
- }
- }
-}
+++ /dev/null
-{
- "user_roles": {
- "alice": [
- "admin"
- ],
- "bob": [
- "editor"
- ],
- "charlie": [
- "viewer"
- ]
- },
- "role_permissions": {
- "admin": {
- "actions": [
- "read",
- "write",
- "delete"
- ],
- "resources": [
- "server",
- "database"
- ]
- },
- "editor": {
- "actions": [
- "read",
- "write"
- ],
- "resources": [
- "server"
- ]
- },
- "viewer": {
- "actions": [
- "read"
- ],
- "resources": [
- "server"
- ]
- }
- }
-}
+++ /dev/null
-{
- "acls": [
- {
- "user": "alice",
- "actions": [
- "edit",
- "read"
- ],
- "component": "component_A",
- "project": "project_A",
- "organization": "org_A"
- },
- {
- "user": "bob",
- "actions": ["read"],
- "organization": "org_A"
- },
- {
- "user": "bob",
- "action": ["edit"],
- "component": "component_A",
- "project": "project_B",
- "organization": "org_A"
- },
- {
- "user": "charlie",
- "action": ["read"],
- "project": "project_B",
- "organization": "org_A"
- }
- ]
-}
+++ /dev/null
-{
- "user_roles": {
- "alice": [
- "admin"
- ],
- "bob": [
- "employee",
- "billing"
- ],
- "eve": [
- "customer"
- ]
- },
- "role_grants": {
- "customer": [
- {
- "action": "read",
- "type": "dog"
- },
- {
- "action": "read",
- "type": "cat"
- },
- {
- "action": "adopt",
- "type": "dog"
- },
- {
- "action": "adopt",
- "type": "cat"
- }
- ],
- "employee": [
- {
- "action": "read",
- "type": "dog"
- },
- {
- "action": "read",
- "type": "cat"
- },
- {
- "action": "update",
- "type": "dog"
- },
- {
- "action": "update",
- "type": "cat"
- }
- ],
- "billing": [
- {
- "action": "read",
- "type": "finance"
- },
- {
- "action": "update",
- "type": "finance"
- }
- ]
- }
-}
-
--- /dev/null
+package monitor
+
+# Policy allows if a matching threshold is met
+result contains output if {
+ input.domain = data.node.monitor.domain
+ some events in data.node.monitor.metricsPerEventName
+ events.eventName == input.eventName
+ events.controlLoopSchemaType == input.controlLoopSchemaType
+ events.policyScope == input.policyScope
+ events.policyName == input.policyName
+ events.policyVersion == input.policyVersion
+ some value in events.thresholds
+ input.controlname == value.closedLoopControlName
+ input.version == value.version
+ input.thresholdValue == value.thresholdValue
+ output := {
+ "severity" : "MAJOR",
+ "closedLoopEventStatus" : "ABATED"
+ }
+}
+
+# Policy allows if a matching threshold is met
+result contains output if {
+ input.domain = data.node.monitor.domain
+ some events in data.node.monitor.metricsPerEventName
+ events.eventName == input.eventName
+ events.controlLoopSchemaType == input.controlLoopSchemaType
+ events.policyScope == input.policyScope
+ events.policyName == input.policyName
+ events.policyVersion == input.policyVersion
+ some value in events.thresholds
+ input.controlname == value.closedLoopControlName
+ input.version == value.version
+ input.thresholdValue > value.thresholdValue
+ output := {
+ "severity" : "CRITICAL",
+ "closedLoopEventStatus" : "ONSET"
+ }
+}
+++ /dev/null
-package organization
-
-import rego.v1
-
-default allow := false
-
-# organization level access
-allow if {
- some acl in data.organization.acls
- acl.user == input.user
- acl.organization == input.organization
- acl.project == input.project
- acl.component == input.component
-
- some action in acl.actions
- action == input.action
-}
-
-# project level access
-allow if {
- some acl in data.organization.acls
- acl.user == input.user
- acl.organization == input.organization
- acl.project == input.project
-
- some action in acl.actions
- action == input.action
-}
-
-# component level access
-allow if {
- some acl in data.organization.acls
- acl.user == input.user
- acl.organization == input.organization
-
- some action in acl.actions
- action == input.action
-}
"policies": []
}
]
+ },
+ {
+ "name": "opaGroup",
+ "pdpGroupState": "ACTIVE",
+ "properties": {},
+ "pdpSubgroups": [
+ {
+ "pdpType": "opa",
+ "desiredInstanceCount": 1,
+ "properties": {},
+ "supportedPolicyTypes": [
+ {
+ "name": "onap.policies.native.opa",
+ "version": "1.0.0"
+ }
+ ],
+ "policies": [
+ {
+ "name": "slice.capacity.check",
+ "version": "1.0.0"
+ }
+ ]
+ }
+ ]
}
]
}
getDockerVersion xacml-pdp
export POLICY_XACML_PDP_VERSION="$docker_image_version"
- export POLICY_OPA_PDP_VERSION="1.0.2-SNAPSHOT"
+ getDockerVersion opa-pdp
+ export POLICY_OPA_PDP_VERSION="$docker_image_version"
getDockerVersion distribution
export POLICY_DISTRIBUTION_VERSION="$docker_image_version"
RetrieveAllPolicies
[Documentation] Retrieve all policies
- FetchPolicies /policy/api/v1/policies 3
+ FetchPolicies /policy/api/v1/policies 4
RetrieveSpecificPolicy
[Documentation] Retrieve a policy named 'onap.restart.tca' and version '1.0.0' using generic api
QueryPdpGroups
[Documentation] Verify pdp group query - suphosts upto 2 groups
- [Arguments] ${groupsLength} ${group1Name} ${group1State} ${policiesLengthInGroup1} ${group2Name} ${group2State} ${policiesLengthInGroup2}
+ [Arguments] ${groupsLength} ${group1Name} ${group1State} ${policiesLengthInGroup1} ${group2Name} ${group2State} ${policiesLengthInGroup2} ${group3Name} ${group3State} ${policiesLengthInGroup3}
${policyadmin}= PolicyAdminAuth
${resp}= PerformGetRequest ${POLICY_PAP_IP} /policy/pap/v1/pdps 200 null ${policyadmin}
Length Should Be ${resp.json()['groups']} ${groupsLength}
Run Keyword If ${groupsLength}>1 Should Be Equal As Strings ${resp.json()['groups'][1]['name']} ${group2Name}
Run Keyword If ${groupsLength}>1 Should Be Equal As Strings ${resp.json()['groups'][1]['pdpGroupState']} ${group2State}
Run Keyword If ${groupsLength}>1 Length Should Be ${resp.json()['groups'][1]['pdpSubgroups'][0]['policies']} ${policiesLengthInGroup2}
+ Run Keyword If ${groupsLength}>2 Should Be Equal As Strings ${resp.json()['groups'][2]['name']} ${group3Name}
+ Run Keyword If ${groupsLength}>2 Should Be Equal As Strings ${resp.json()['groups'][2]['pdpGroupState']} ${group3State}
+ Run Keyword If ${groupsLength}>2 Length Should Be ${resp.json()['groups'][2]['pdpSubgroups'][0]['policies']} ${policiesLengthInGroup3}
QueryPolicyAudit
[Arguments] ${url} ${expectedstatus} ${pdpGroup} ${pdpType} ${policyName} ${expectedAction}
{
"data": {
+ "node": {
+ "slice": {
+ "capacity": {
+ "check": {
+ "threshold": 70
+ }
+ }
+ }
+ },
"system": {
"version": {
"build_commit": "",
"onapName": "CDS",
"onapComponent": "CDS",
"onapInstance": "CDS",
- "currentDate": "2024-11-22",
+ "currentDate": "2025-01-17",
+ "currentTime": "08:26:41.857Z",
+ "timeZone": "UTC",
+ "timeOffset": "+05:30",
+ "currentDateTime": "2025-01-17T08:26:41.857Z",
"policyName": "zoneB",
- "policyFilter": ["has_ze_access"],
+ "policyFilter": [
+ "has_ze_access"
+ ],
"input": {
- "actions": ["view"],
+ "actions": [
+ "view"
+ ],
"log_id": "log1",
- "datatypes": ["access", "user"],
+ "datatypes": [
+ "access",
+ "user"
+ ],
"time_period": {
"from": "2024-11-01T09:00:00Z",
"to": "2024-11-01T10:00:00Z"
"zone_id": "zoneA"
}
}
-
"onapName": "CDS",
"onapComponent": "CDS",
"onapInstance": "CDS",
- "currentDate": "2024-11-22",
+ "currentDate": "2025-01-17",
+ "currentTime": "08:26:41.857Z",
+ "timeZone": "UTC",
+ "timeOffset": "+05:30",
+ "currentDateTime": "2025-01-17T08:26:41.857Z",
"policyName": "zoeB",
- "policyFilter": ["has_zone_access"],
+ "policyFilter": [
+ "has_zone_access"
+ ],
"input": {
- "actions": ["view"],
+ "actions": [
+ "view"
+ ],
"log_id": "log1",
- "datatypes": ["access", "user"],
+ "datatypes": [
+ "access",
+ "user"
+ ],
"time_period": {
"from": "2024-11-01T09:00:00Z",
"to": "2024-11-01T10:00:00Z"
"zone_id": "zoneA"
}
}
-
"onapName": "CDS",
"onapComponent": "CDS",
"onapInstance": "CDS",
- "currentDate": "2024-11-22",
+ "currentDate": "2025-01-17",
+ "currentTime": "08:26:41.857Z",
+ "timeZone": "UTC",
+ "timeOffset": "+05:30",
+ "currentDateTime": "2025-01-17T08:26:41.857Z",
"policyName": "abac",
- "policyFilter": ["viewable_sesor_data"],
+ "policyFilter": [
+ "viewable_sesor_data"
+ ],
"input": {
- "actions": ["read"],
- "datatypes": ["location", "temperature", "precipitation", "windspeed"],
+ "actions": [
+ "read"
+ ],
+ "datatypes": [
+ "location",
+ "temperature",
+ "precipitation",
+ "windspeed"
+ ],
"time_period": {
"from": "2024-02-27",
"to": "2024-02-29"
"onapName": "CDS",
"onapComponent": "CDS",
"onapInstance": "CDS",
- "currentDate": "2024-11-22",
+ "currentDate": "2025-01-17",
+ "currentTime": "08:26:41.857Z",
+ "timeZone": "UTC",
+ "timeOffset": "+05:30",
+ "currentDateTime": "2025-01-17T08:26:41.857Z",
"policyName": "abc",
- "policyFilter": ["viewable_sensor_data"],
+ "policyFilter": [
+ "viewable_sensor_data"
+ ],
"input": {
- "actions": ["read"],
- "datatypes": ["location", "temperature", "precipitation", "windspeed"],
+ "actions": [
+ "read"
+ ],
+ "datatypes": [
+ "location",
+ "temperature",
+ "precipitation",
+ "windspeed"
+ ],
"time_period": {
"from": "2024-02-27",
"to": "2024-02-29"
{
- "onapName": "CDS",
- "onapComponent": "CDS",
- "onapInstance": "CDS",
- "currentDate": "2024-11-22",
- "policyName": "abac",
- "policyFilter": ["viewable_sensor_data"],
- "input": {
- "actions": ["read"],
- "datatypes": ["location", "temperature", "precipitation", "windspeed"],
- "time_period": {
- "from": "2024-02-27",
- "to": "2024-02-29"
- }
+ "onapName": "CDS",
+ "onapComponent": "CDS",
+ "onapInstance": "CDS",
+ "currentDate": "2025-01-17",
+ "currentTime": "08:26:41.857Z",
+ "timeZone": "UTC",
+ "timeOffset": "+05:30",
+ "currentDateTime": "2025-01-17T08:26:41.857Z",
+ "policyName": "abac",
+ "policyFilter": [
+ "viewable_sensor_data"
+ ],
+ "input": {
+ "actions": [
+ "read"
+ ],
+ "datatypes": [
+ "location",
+ "temperature",
+ "precipitation",
+ "windspeed"
+ ],
+ "time_period": {
+ "from": "2024-02-27",
+ "to": "2024-02-29"
}
+ }
}
"onapName": "CDS",
"onapComponent": "CDS",
"onapInstance": "CDS",
- "currentDate": "2024-11-22",
+ "currentDate": "2025-01-17",
+ "currentTime": "08:26:41.857Z",
+ "timeZone": "UTC",
+ "timeOffset": "+05:30",
+ "currentDateTime": "2025-01-17T08:26:41.857Z",
"policyName": "vehicle",
- "policyFilter": ["user_has_vecle_access"],
+ "policyFilter": [
+ "user_has_vecle_access"
+ ],
"input": {
- "actions": ["use"],
+ "actions": [
+ "use"
+ ],
"user": "user1",
"vehicle_id": "v1",
- "attributes": ["type", "status"]
+ "attributes": [
+ "type",
+ "status"
+ ]
}
}
-
"onapName": "CDS",
"onapComponent": "CDS",
"onapInstance": "CDS",
- "currentDate": "2024-11-22",
+ "currentDate": "2025-01-17",
+ "currentTime": "08:26:41.857Z",
+ "timeZone": "UTC",
+ "timeOffset": "+05:30",
+ "currentDateTime": "2025-01-17T08:26:41.857Z",
"policyName": "vehile",
- "policyFilter": ["user_has_vehicle_access"],
+ "policyFilter": [
+ "user_has_vehicle_access"
+ ],
"input": {
- "actions": ["use"],
+ "actions": [
+ "use"
+ ],
"user": "user1",
"vehicle_id": "v1",
- "attributes": ["type", "status"]
+ "attributes": [
+ "type",
+ "status"
+ ]
}
}
-
"onapName": "CDS",
"onapComponent": "CDS",
"onapInstance": "CDS",
- "currentDate": "2024-11-22",
+ "currentDate": "2025-01-17",
+ "currentTime": "08:26:41.857Z",
+ "timeZone": "UTC",
+ "timeOffset": "+05:30",
+ "currentDateTime": "2025-01-17T08:26:41.857Z",
"policyName": "vehicle",
- "policyFilter": ["user_has_vehicle_access"],
+ "policyFilter": [
+ "user_has_vehicle_access"
+ ],
"input": {
- "actions": ["use"],
+ "actions": [
+ "use"
+ ],
"user": "user1",
"vehicle_id": "v1",
- "attributes": ["type", "status"]
+ "attributes": [
+ "type",
+ "status"
+ ]
}
}
"onapName": "CDS",
"onapComponent": "CDS",
"onapInstance": "CDS",
- "currentDate": "2024-11-22",
+ "currentDate": "2025-01-17",
+ "currentTime": "08:26:41.857Z",
+ "timeZone": "UTC",
+ "timeOffset": "+05:30",
+ "currentDateTime": "2025-01-17T08:26:41.857Z",
"policyName": "zoneB",
- "policyFilter": ["has_zone_access"],
+ "policyFilter": [
+ "has_zone_access"
+ ],
"input": {
- "actions": ["view"],
+ "actions": [
+ "view"
+ ],
"log_id": "log1",
- "datatypes": ["access", "user"],
+ "datatypes": [
+ "access",
+ "user"
+ ],
"time_period": {
"from": "2024-11-01T09:00:00Z",
"to": "2024-11-01T10:00:00Z"
Consolidated Healthcheck
[Documentation] Verify policy consolidated health check
- sleep 20
+ sleep 60
${resp}= GetReq /policy/pap/v1/components/healthcheck
Should Be Equal As Strings ${resp.json()['healthy']} True
${resp}= GetMetrics ${POLICY_PAP_IP} ${auth} /policy/pap/v1/
Should Contain ${resp.text} http_server_requests_seconds_count{error="none",exception="none",method="GET",outcome="SUCCESS",status="200",uri="/healthcheck"}
Should Contain ${resp.text} http_server_requests_seconds_count{error="none",exception="none",method="GET",outcome="SUCCESS",status="200",uri="/components/healthcheck"} 1
- Should Contain ${resp.text} spring_data_repository_invocations_seconds_count{exception="None",method="save",repository="PdpGroupRepository",state="SUCCESS"} 1
+ Should Contain ${resp.text} spring_data_repository_invocations_seconds_count{exception="None",method="save",repository="PdpGroupRepository",state="SUCCESS"} 2
Should Contain ${resp.text} spring_data_repository_invocations_seconds_count{exception="None",method="findByKeyName",repository="PdpGroupRepository",state="SUCCESS"} 1
Should Contain ${resp.text} spring_data_repository_invocations_seconds_count{exception="None",method="findAll",repository="PolicyStatusRepository",state="SUCCESS"}
QueryPdpGroupsBeforeActivation
[Documentation] Verify PdpGroups before activation
- QueryPdpGroups 2 defaultGroup ACTIVE 0 testGroup PASSIVE 0
+ QueryPdpGroups 3 defaultGroup ACTIVE 0 opaGroup ACTIVE 1 testGroup PASSIVE 0
ActivatePdpGroup
[Documentation] Change the state of PdpGroup named 'testGroup' to ACTIVE
QueryPdpGroupsAfterActivation
[Documentation] Verify PdpGroups after activation
- QueryPdpGroups 2 defaultGroup ACTIVE 0 testGroup ACTIVE 0
+ QueryPdpGroups 3 defaultGroup ACTIVE 0 opaGroup ACTIVE 1 testGroup ACTIVE 0
DeployPdpGroups
[Documentation] Deploy policies in PdpGroups
QueryPdpGroupsAfterDeploy
[Documentation] Verify PdpGroups after undeploy
- QueryPdpGroups 2 defaultGroup ACTIVE 0 testGroup ACTIVE 1
+ QueryPdpGroups 3 defaultGroup ACTIVE 0 opaGroup ACTIVE 1 testGroup ACTIVE 1
QueryPolicyAuditAfterDeploy
[Documentation] Verify policy audit record after deploy
QueryPdpGroupsAfterUndeploy
[Documentation] Verify PdpGroups after undeploy
- QueryPdpGroups 2 defaultGroup ACTIVE 0 testGroup ACTIVE 0
+ QueryPdpGroups 3 defaultGroup ACTIVE 0 opaGroup ACTIVE 1 testGroup ACTIVE 0
QueryPolicyAuditAfterUnDeploy
[Documentation] Verify policy audit record after undeploy
QueryPdpGroupsAfterDelete
[Documentation] Verify PdpGroups after delete
- QueryPdpGroups 1 defaultGroup ACTIVE 0 null null null
+ QueryPdpGroups 2 defaultGroup ACTIVE 0 opaGroup ACTIVE 1 null null null
function setup_pap() {
export ROBOT_FILES="pap-test.robot pap-slas.robot"
+ export PROJECT="pap"
source "${DOCKER_COMPOSE_DIR}"/start-compose.sh apex-pdp --grafana
echo "Waiting 1 minute for policy-pap to start..."
sleep 60
check_rest_endpoint "${PAP_PORT}"
check_rest_endpoint "${APEX_PORT}"
+ check_rest_endpoint "${OPA_PDP_PORT}"
apex_healthcheck
}
Code Review / policy / docker.git / commitdiff