Modified the CSITs to use message-router for the simulator name.
Also added a Root CA so that the ssl certificates can be signed.
Removed property file overrides that are no longer needed.
Issue-ID: POLICY-3384
Change-Id: I6f1bc53f192567eeab0e71a64d9eaec814a38dd0
Signed-off-by: Jim Hahn <jrh3@att.com>
POLICY_PAP_IP=`get-instance-ip.sh policy-pap`
MARIADB_IP=`get-instance-ip.sh mariadb`
APEX_IP=`get-instance-ip.sh policy-apex-pdp`
-DMAAP_IP=`get-instance-ip.sh policy.api.simpledemo.onap.org`
+DMAAP_IP=`get-instance-ip.sh message-router`
echo PAP IP IS ${POLICY_PAP_IP}
echo MARIADB IP IS ${MARIADB_IP}
"topicParameterGroup": {
"topicSources" : [{
"topic" : "POLICY-PDP-PAP",
- "servers" : [ "policy.api.simpledemo.onap.org" ],
+ "servers" : [ "message-router" ],
"topicCommInfrastructure" : "dmaap",
- "useHttps" : true,
- "allowSelfSignedCerts" : true
+ "useHttps" : true
}],
"topicSinks" : [{
"topic" : "POLICY-PDP-PAP",
- "servers" : [ "policy.api.simpledemo.onap.org" ],
+ "servers" : [ "message-router" ],
"topicCommInfrastructure" : "dmaap",
- "useHttps" : true,
- "allowSelfSignedCerts" : true
+ "useHttps" : true
}]
}
}
--- /dev/null
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIs2vpWNNWUx8CAggA
+MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECD6yFMOdJ6QRBIIEyKJhiRJR59dk
+Jsu22pT45tGdZBG8xO97q09bxL3wydv7Iszn3jUxnWiDFa/wQ5cFd5HPii2WfFQ7
+EmBKmm6nN8aOYb/qDOi/uLwMowcCyklZVLGI5yPl2o6/Ud644r3NhB3vP3+Ov/zq
+T0fIacUHEJRfizJGZ2sqMt+bI/+Fa/Ixb21Xh/LAAt+3SHVOCDkE2Uwl4QQl/Ia9
+x8FRHxpUQEPpbsVtC8l+e6kYPiRAhUjoRsNF6UyarRiHeiGXqedpvdtVavBmb1/i
+R59wNJP8zW97ljBdoAiwVzm88CRcVSQ00AWNaclRH5z5MnpakV6OFXjlmHQl/a9t
+OY7hqzLp5Q+r0Eo2iiS75ySMsr/8rOxBs8/EzTBSBcseSmjuhmw6H+d1ccRYUMmm
+Hd0leMkm9qIfIwKXBdVqpU1GJLLRGzRe5Cvj0LXOIPT+ZUDWYD4W+p1kLI3xHzs5
+1pNML2+pTV/XDW3lT0cNl1pMzzpVUTD+G12NLLB+Df8kv310zMoxXiGduZ9IZ+Ox
+McsOpc/Y6c1w4ce6eCKeWVBrWlbx+VmUh8f0nI4ushzv9KxzG+jroD7R1oqvY7EE
+1oXj6ZPoz8cSVfaGMqFfmciZL7WrDsIsIAS+Ak37eAByD9chdGMzVPThra/KCbTD
+ak/msiSQSuPhcmyzW6PQdjlzB4U++vZCfBrYYX+rbQNRluuz3xwZgGX6J9ThTQQC
+kVhtBFf4EAciFyBK6M8DCCjDYtO+VfHEYQDwfwL85TPZrxeQJsRCQUieelsLsjyO
+hluWlARA0H+zpDGthJY2RmOgtbD8WRstFpuSvGLNhLPwiXRfdi+rakrBRAufd1K9
+WYx2CMNX5GksW1eS/CwTFO8SpGtc18S5W10Lx0d2rvZzImC9pB1LWWgp0jJZ6+Lv
+s5qsm11ThnLbvKf8EYFqD5oDaT2GHbxiQ1mau8X6ZYCthBLx0j+Efp30Veq0Fw6e
+LS43HaH3/zQC5XXp2EZoJ4tkRDtOmZDRBNUTS7JTZ/mSTggBaxQo7X1H8MaPv6fS
+HPSC/s59oPSBjYCwD/1mQz4lRpsQfLUBVIlG1IwM5k7oizAN49MoKkx/IsvKvAjL
+8q7yvb8khN/giF6VmKZSw5UWoORo5dUzZO54WjScwVgxyA5B2F7FaD3ZpM5DJuTI
+BiO1qzzQqZqr+/YVbHu+qFYxHSPE+HqfUK+oePklk9Wd6spmiqi6DBWubi7rZdfz
+qFLzxXf0amlsMEvZIoGTgJio5GDDb+LA0xPpH4kEhJnRmr6zeapLX47B5mwrY4a3
+RHCeMUwViihsWdLAbT/rwpjE7LVlUxG/vlmefgOOda8orijYEFtqoLnfE0822TWf
+BrqPJch+6CZWetR5jt3fk0ZZLoQZ75+DK38JKoNRqq2wmbROcG3yhrrjA66lswzQ
+LVT2+KAJS9kLKrFn9RCb6WxxaZWYlikhmFHbFlMyQfvBl0sNd7BB+kl7k95Yj6wz
+BOATVami77d2iOwwAUHUoF/H2dqF/auQgtMgasY4QNuMHPTxaUghx2qZ1zrph4+5
+rk27c/rqcBYeK9x3NpSnwIipXVfaOjh9k0ZkEqTBEp+eOWgZRjjYr/XoCnTuLTvO
+xbBolHwGkirh9np5dCJCTw==
+-----END ENCRYPTED PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE REQUEST-----
+MIICyTCCAbECAQAwaDELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx
+ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEhMB8GA1UEAwwYb25h
+cC5wb2xpY3kuY3NpdC5yb290LmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAo2ivC+t42ljB9/f7kaX2ZOZKCOgp/Xxo4Se4UKl3ZN0pQ1HLe5FHlef9
+oP8baP8xdHS/w9lcc+ttpNZtCqlUB507iivSh8p+IZV/wwykxsVoAyPbkWkwA2k1
+5/HgQYTBMqqD+Q8luOVqA/g8u3W1VJicTNU+IB9UAtcggqJXzmZsTXy/WuHzLNzP
+ZA2waWYrO058AeL1kWkr/U2MmQcDUy1zmKigGWlp0FY6ThFHajxuRVizIBo/9JN3
+1tcHMjKjm2d8DRRltjxyqZ84GbDEx7Z0Af9cXTQAN+E7Gk1fIeEWe2wRAxqAizIp
+ecz5wMWzaxovli/6P43NMhYphM210wIDAQABoBwwGgYJKoZIhvcNAQkHMQ0MC1Bv
+bDFjeV8wbmFwMA0GCSqGSIb3DQEBCwUAA4IBAQAdiGQNFT48LcDcS5iG3gv4sQ05
+QOL2T3Ich1GOiW1IKbNUdeiT9ogqPHGBHYPl2bcCt3srwUKolfJp5tm3cbLmOzRn
+pyarM2zRkMjlzGAY9ZTenolvkjcDOe3irKS6ogIZJBHTAbEywXVc+9jdYdXtYo1Q
+wrIZjm/KTRE1gSPFMlrrEOmTVU5R6x29Ydu/tfPZfrNBGaTRqJQG3+mm1AMy2+pH
+8w7bP4hqaGir757Eo0z9iE9XObUl+8DE2XOmjTWw9pm3zJ3kRXbi7Z4e2z6BfH0R
+IAFzPrp+dn92cNX9FwlVpe/PKUvzPooDyvtc8yFoKq91VJxzIVge8Lbl26qr
+-----END CERTIFICATE REQUEST-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIDVzCCAj8CFEeCWPdPiPmX+l+52bzikHXLgXc9MA0GCSqGSIb3DQEBCwUAMGgx
+CzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRl
+cm5ldCBXaWRnaXRzIFB0eSBMdGQxITAfBgNVBAMMGG9uYXAucG9saWN5LmNzaXQu
+cm9vdC5jYTAeFw0yMTA2MTExNDI5MjNaFw0zMTA2MDkxNDI5MjNaMGgxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQxITAfBgNVBAMMGG9uYXAucG9saWN5LmNzaXQucm9vdC5j
+YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKNorwvreNpYwff3+5Gl
+9mTmSgjoKf18aOEnuFCpd2TdKUNRy3uRR5Xn/aD/G2j/MXR0v8PZXHPrbaTWbQqp
+VAedO4or0ofKfiGVf8MMpMbFaAMj25FpMANpNefx4EGEwTKqg/kPJbjlagP4PLt1
+tVSYnEzVPiAfVALXIIKiV85mbE18v1rh8yzcz2QNsGlmKztOfAHi9ZFpK/1NjJkH
+A1Mtc5iooBlpadBWOk4RR2o8bkVYsyAaP/STd9bXBzIyo5tnfA0UZbY8cqmfOBmw
+xMe2dAH/XF00ADfhOxpNXyHhFntsEQMagIsyKXnM+cDFs2saL5Yv+j+NzTIWKYTN
+tdMCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAOraQVd0DaQI6q33zeebtTAHOcTQp
+LZVgM0eZHw1VNiDCzh1n+ZsXu2pBOjqIgvRA9TR8wZS5tWTWYgutPKdWgnp7qspN
+inngRtvgNtV0iY4J2DZqRXTwWZZgHbnnpwMEuRLmM6kq6lvBe1ebY1UogtD6Lnoa
+yfLNjF3mzcLufI8MQtMgVKmvMl1e9m3l/SNoSK2f3IYjIHpwpP/LkdcW8JR27NfL
+C/MmivAHR8Cmq95rxfGE7w5B4qKoJJED903Nx18K4rlM4eY9lv3DLlG31HrwZ6Zy
+n1dadaa9Ie8LuEtA6PzFC1IdMyVqXkocLB86RLMv5WZFiIA/kjkNFKnrdg==
+-----END CERTIFICATE-----
"password": "zb!XztG34"
},
"isHttps": true,
- "allowSelfSignedCerts": true,
"deployPolicies": true
}
}
+++ /dev/null
-DNS:policy
-DNS:drools
-DNS:drools.onap
-DNS:policy-apex-pdp
-DNS:policy-apex-pdp.onap
-DNS:policy-api
-DNS:policy-api.onap
-DNS:policy-distribution
-DNS:policy-distribution.onap
-DNS:policy-pap
-DNS:policy-pap.onap
-DNS:policy-xacml-pdp
-DNS:policy-xacml-pdp.onap
-DNS:policy.api.simpledemo.onap.org
--- /dev/null
+subjectAltName = \
+ DNS:policy, \
+ DNS:drools, \
+ DNS:drools.onap, \
+ DNS:policy-apex-pdp, \
+ DNS:policy-apex-pdp.onap, \
+ DNS:policy-api, \
+ DNS:policy-api.onap, \
+ DNS:policy-distribution, \
+ DNS:policy-distribution.onap, \
+ DNS:policy-pap, \
+ DNS:policy-pap.onap, \
+ DNS:policy-xacml-pdp, \
+ DNS:policy-xacml-pdp.onap, \
+ DNS:message-router
+++ /dev/null
-# ============LICENSE_START=======================================================
-# ONAP
-# ================================================================================
-# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-
-http.client.services=AAI
-
-http.client.services.AAI.managed=true
-http.client.services.AAI.https=true
-http.client.services.AAI.host=${envd:AAI_HOST}
-http.client.services.AAI.port=${envd:AAI_PORT}
-http.client.services.AAI.userName=${envd:AAI_USERNAME}
-http.client.services.AAI.password=${envd:AAI_PASSWORD}
-http.client.services.AAI.contextUriPath=${envd:AAI_CONTEXT_URI}
-http.client.services.AAI.selfSignedCertificates=true
+++ /dev/null
-# ============LICENSE_START=======================================================
-# ONAP
-# ================================================================================
-# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-
-dmaap.source.topics=APPC-CL
-dmaap.sink.topics=APPC-CL
-
-dmaap.source.topics.APPC-CL.servers=${env:DMAAP_SERVERS}
-dmaap.source.topics.APPC-CL.https=true
-dmaap.source.topics.APPC-CL.selfSignedCertificates=true
-
-dmaap.sink.topics.APPC-CL.servers=${env:DMAAP_SERVERS}
-dmaap.sink.topics.APPC-CL.https=true
-dmaap.sink.topics.APPC-CL.selfSignedCertificates=true
+++ /dev/null
-# ============LICENSE_START=======================================================
-# ONAP
-# ================================================================================
-# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-
-dmaap.sink.topics=APPC-LCM-READ
-
-dmaap.sink.topics.APPC-LCM-READ.servers=${env:DMAAP_SERVERS}
-dmaap.sink.topics.APPC-LCM-READ.https=true
-dmaap.sink.topics.APPC-LCM-READ.selfSignedCertificates=true
+++ /dev/null
-# ============LICENSE_START=======================================================
-# ONAP
-# ================================================================================
-# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-
-dmaap.source.topics=APPC-LCM-WRITE
-
-dmaap.source.topics.APPC-LCM-WRITE.servers=${env:DMAAP_SERVERS}
-dmaap.source.topics.APPC-LCM-WRITE.https=true
-dmaap.source.topics.APPC-LCM-WRITE.selfSignedCertificates=true
+++ /dev/null
-# ============LICENSE_START=======================================================
-# ONAP
-# ================================================================================
-# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-
-dmaap.sink.topics=DCAE_CL_RSP
-
-dmaap.sink.topics.DCAE_CL_RSP.servers=${env:DMAAP_SERVERS}
-dmaap.sink.topics.DCAE_CL_RSP.https=true
-dmaap.sink.topics.DCAE_CL_RSP.selfSignedCertificates=true
+++ /dev/null
-# ============LICENSE_START=======================================================
-# ONAP
-# ================================================================================
-# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-
-dmaap.source.topics=DCAE_TOPIC
-
-dmaap.source.topics.DCAE_TOPIC.effectiveTopic=${env:DCAE_TOPIC}
-dmaap.source.topics.DCAE_TOPIC.servers=${env:DMAAP_SERVERS}
-dmaap.source.topics.DCAE_TOPIC.consumerGroup=${env:DCAE_CONSUMER_GROUP}
-dmaap.source.topics.DCAE_TOPIC.https=true
-dmaap.source.topics.DCAE_TOPIC.selfSignedCertificates=true
+++ /dev/null
-# ============LICENSE_START=======================================================
-# ONAP
-# ================================================================================
-# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-
-http.client.services=GUARD
-
-http.client.services.GUARD.managed=true
-http.client.services.GUARD.https=true
-http.client.services.GUARD.host=${envd:PDP_HOST}
-http.client.services.GUARD.port=${envd:PDP_PORT}
-http.client.services.GUARD.userName=${envd:PDP_USERNAME}
-http.client.services.GUARD.password=${envd:PDP_PASSWORD}
-http.client.services.GUARD.contextUriPath=${envd:PDP_CONTEXT_URI:policy/pdpx/v1/}
-http.client.services.GUARD.selfSignedCertificates=true
+++ /dev/null
-# ============LICENSE_START=======================================================
-# ONAP
-# ================================================================================
-# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-
-dmaap.sink.topics=POLICY-CL-MGT
-dmaap.sink.topics.POLICY-CL-MGT.servers=${env:DMAAP_SERVERS}
-dmaap.sink.topics.POLICY-CL-MGT.https=true
-dmaap.sink.topics.POLICY-CL-MGT.selfSignedCertificates=true
+++ /dev/null
-# ============LICENSE_START=======================================================
-# ONAP
-# ================================================================================
-# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-
-http.client.services=SDNC
-
-http.client.services.SDNC.managed=true
-http.client.services.SDNC.https=true
-http.client.services.SDNC.host=${envd:SDNC_HOST}
-http.client.services.SDNC.port=${envd:SDNC_PORT}
-http.client.services.SDNC.userName=${envd:SDNC_USERNAME}
-http.client.services.SDNC.password=${envd:SDNC_PASSWORD}
-http.client.services.SDNC.contextUriPath=${envd:SDNC_CONTEXT_URI}
-http.client.services.SDNC.selfSignedCertificates=true
+++ /dev/null
-# ============LICENSE_START=======================================================
-# ONAP
-# ================================================================================
-# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-
-dmaap.source.topics=SDNR-CL-RSP
-dmaap.source.topics.SDNR-CL-RSP.servers=${env:DMAAP_SERVERS}
-dmaap.source.topics.SDNR-CL-RSP.https=true
-dmaap.source.topics.SDNR-CL-RSP.selfSignedCertificates=true
+++ /dev/null
-# ============LICENSE_START=======================================================
-# ONAP
-# ================================================================================
-# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-
-dmaap.sink.topics=SDNR-CL
-
-dmaap.sink.topics.SDNR-CL.servers=${env:DMAAP_SERVERS}
-dmaap.sink.topics.SDNR-CL.https=true
-dmaap.sink.topics.SDNR-CL.selfSignedCertificates=true
+++ /dev/null
-# ============LICENSE_START=======================================================
-# ONAP
-# ================================================================================
-# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-
-http.client.services=SO
-
-http.client.services.SO.managed=true
-http.client.services.SO.https=false
-http.client.services.SO.host=${envd:SO_HOST}
-http.client.services.SO.port=${envd:SO_PORT}
-http.client.services.SO.userName=${envd:SO_USERNAME}
-http.client.services.SO.password=${envd:SO_PASSWORD}
-http.client.services.SO.contextUriPath=${envd:SO_CONTEXT_URI}
-http.client.services.SO.selfSignedCertificates=true
+++ /dev/null
-# ============LICENSE_START=======================================================
-# ONAP
-# ================================================================================
-# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-
-http.client.services=VFC
-
-http.client.services.VFC.managed=true
-http.client.services.VFC.https=true
-http.client.services.VFC.host=${envd:VFC_HOST}
-http.client.services.VFC.port=${envd:VFC_PORT}
-http.client.services.VFC.userName=${envd:VFC_USERNAME}
-http.client.services.VFC.password=${envd:VFC_PASSWORD}
-http.client.services.VFC.contextUriPath=${envd:VFC_CONTEXT_URI:api/nslcm/v1/}
-http.client.services.VFC.selfSignedCertificates=true
dmaap.source.topics.PDPD-CONFIGURATION.consumerInstance=${envd:PDPD_CONFIGURATION_CONSUMER_INSTANCE}
dmaap.source.topics.PDPD-CONFIGURATION.managed=false
dmaap.source.topics.PDPD-CONFIGURATION.https=true
-dmaap.source.topics.PDPD-CONFIGURATION.selfSignedCertificates=true
http.server.services=SECURED-CONFIG
dmaap.source.topics.POLICY-PDP-PAP.apiKey=${envd:POLICY_PDP_PAP_API_KEY}
dmaap.source.topics.POLICY-PDP-PAP.apiSecret=${envd:POLICY_PDP_PAP_API_SECRET}
dmaap.source.topics.POLICY-PDP-PAP.https=true
-dmaap.source.topics.POLICY-PDP-PAP.selfSignedCertificates=true
dmaap.sink.topics.POLICY-PDP-PAP.servers=${envd:DMAAP_SERVERS}
dmaap.sink.topics.POLICY-PDP-PAP.effectiveTopic=${envd:POLICY_PDP_PAP_TOPIC}
dmaap.sink.topics.POLICY-PDP-PAP.apiKey=${envd:POLICY_PDP_PAP_API_KEY}
dmaap.sink.topics.POLICY-PDP-PAP.apiSecret=${envd:POLICY_PDP_PAP_API_SECRET}
dmaap.sink.topics.POLICY-PDP-PAP.https=true
-dmaap.sink.topics.POLICY-PDP-PAP.selfSignedCertificates=true
# ============LICENSE_START==================================================
# Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
# ===========================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# DCAE DMaaP
DCAE_TOPIC=unauthenticated.DCAE_CL_OUTPUT
-DCAE_SERVERS=policy.api.simpledemo.onap.org
+DCAE_SERVERS=message-router
DCAE_CONSUMER_GROUP=dcae.policy.shared
# Open DMaaP
-DMAAP_SERVERS=policy.api.simpledemo.onap.org
+DMAAP_SERVERS=message-router
# AAI
-AAI_HOST=policy.api.simpledemo.onap.org
+AAI_HOST=message-router
AAI_PORT=6666
AAI_CONTEXT_URI=
AAI_USERNAME=policy@policy.onap.org
# MSO
-SO_HOST=policy.api.simpledemo.onap.org
+SO_HOST=message-router
SO_PORT=6669
SO_CONTEXT_URI=
-SO_URL=https://policy.api.simpledemo.onap.org:6669/
+SO_URL=https://message-router:6669/
SO_USERNAME=InfraPortalClient
SO_PASSWORD=password1$
# VFC
-VFC_HOST=policy.api.simpledemo.onap.org
+VFC_HOST=message-router
VFC_PORT=6670
VFC_CONTEXT_URI=
VFC_USERNAME=
# SDNC
-SDNC_HOST=policy.api.simpledemo.onap.org
+SDNC_HOST=message-router
SDNC_PORT=6668
SDNC_CONTEXT_URI=
SDNC_USERNAME=
"topicParameterGroup": {
"topicSources" : [{
"topic" : "POLICY-PDP-PAP",
- "servers" : [ "policy.api.simpledemo.onap.org" ],
+ "servers" : [ "message-router" ],
"topicCommInfrastructure" : "dmaap",
- "useHttps": true,
- "allowSelfSignedCerts" : true
+ "useHttps": true
}],
"topicSinks" : [{
"topic" : "POLICY-PDP-PAP",
- "servers" : [ "policy.api.simpledemo.onap.org" ],
+ "servers" : [ "message-router" ],
"topicCommInfrastructure" : "dmaap",
- "useHttps": true,
- "allowSelfSignedCerts" : true
+ "useHttps": true
},
{
"topic" : "POLICY-NOTIFICATION",
- "servers" : [ "policy.api.simpledemo.onap.org" ],
+ "servers" : [ "message-router" ],
"topicCommInfrastructure" : "dmaap",
- "useHttps": true,
- "allowSelfSignedCerts" : true
+ "useHttps": true
}]
},
"healthCheckRestClientParameters":[{
"userName": "healthcheck",
"password": "zb!XztG34",
"useHttps": true,
- "allowSelfSignedCerts" : true,
"basePath": "policy/api/v1/healthcheck"
}]
}
"servers": ["${HOST_NAME}"],
"topicCommInfrastructure": "DMAAP",
"useHttps": true,
- "allowSelfSignedCerts": true,
"apiKey": "some-key",
"apiSecret": "some-secret"
},
"servers": ["${HOST_NAME}"],
"topicCommInfrastructure": "DMAAP",
"useHttps": true,
- "allowSelfSignedCerts": true,
"apiKey": "some-key",
"apiSecret": "some-secret"
}
"servers": ["${HOST_NAME}"],
"topicCommInfrastructure": "DMAAP",
"useHttps": true,
- "allowSelfSignedCerts": true,
"apiKey": "some-key",
"apiSecret": "some-secret"
},
"servers": ["${HOST_NAME}"],
"topicCommInfrastructure": "DMAAP",
"useHttps": true,
- "allowSelfSignedCerts": true,
"apiKey": "some-key",
"apiSecret": "some-secret"
}
"userName": "healthcheck",
"password": "zb!XztG34",
"useHttps": true,
- "allowSelfSignedCerts" : true,
"aaf": false
},
"applicationPath": "/opt/app/policy/pdpx/apps",
"topicParameterGroup": {
"topicSources" : [{
"topic" : "POLICY-PDP-PAP",
- "servers" : [ "policy.api.simpledemo.onap.org" ],
+ "servers" : [ "message-router" ],
"topicCommInfrastructure" : "dmaap",
- "useHttps" : true,
- "allowSelfSignedCerts" : true
+ "useHttps" : true
}],
"topicSinks" : [{
"topic" : "POLICY-PDP-PAP",
- "servers" : [ "policy.api.simpledemo.onap.org" ],
+ "servers" : [ "message-router" ],
"topicCommInfrastructure" : "dmaap",
- "useHttps" : true,
- "allowSelfSignedCerts" : true
+ "useHttps" : true
}]
}
}
POLICY_PAP_IP=`get-instance-ip.sh policy-pap`
MARIADB_IP=`get-instance-ip.sh mariadb`
APEX_IP=`get-instance-ip.sh policy-apex-pdp`
-DMAAP_IP=`get-instance-ip.sh policy.api.simpledemo.onap.org`
+DMAAP_IP=`get-instance-ip.sh message-router`
POLICY_DISTRIBUTION_IP=`get-instance-ip.sh policy-distribution`
echo PAP IP IS ${POLICY_PAP_IP}
- ./config/db:/docker-entrypoint-initdb.d:ro
expose:
- 3306
- policy.api.simpledemo.onap.org:
+ message-router:
image: nexus3.onap.org:10001/onap/policy-models-simulator:${POLICY_MODELS_VERSION}
- container_name: policy.api.simpledemo.onap.org
- hostname: policy.api.simpledemo.onap.org
+ container_name: message-router
+ hostname: message-router
volumes:
- ./config/sim-all:/opt/app/policy/simulators/etc/mounted:ro
- ./config/ks.jks:/opt/app/policy/simulators/etc/ssl/policy-keystore:ro
+ - ./config/policy-truststore:/opt/app/policy/simulators/etc/ssl/policy-truststore:ro
expose:
- 6666
- 6668
- 6969
volumes:
- ./config/ks.jks:/opt/app/policy/api/etc/ssl/policy-keystore:ro
+ - ./config/policy-truststore:/opt/app/policy/api/etc/ssl/policy-truststore:ro
- ./wait_for_port.sh:/opt/app/policy/api/bin/wait_for_port.sh:ro
entrypoint: ./wait_for_port.sh
command: [
container_name: policy-pap
depends_on:
- mariadb
- - policy.api.simpledemo.onap.org
+ - message-router
- api
hostname: policy-pap
expose:
volumes:
- ./config/pap/defaultConfig.json:/opt/app/policy/pap/etc/defaultConfig.json:ro
- ./config/ks.jks:/opt/app/policy/pap/etc/ssl/policy-keystore:ro
+ - ./config/policy-truststore:/opt/app/policy/pap/etc/ssl/policy-truststore:ro
- ./wait_for_port.sh:/opt/app/policy/pap/bin/wait_for_port.sh:ro
entrypoint: ./wait_for_port.sh
command: [
'-c', './policy-pap.sh',
'mariadb', '3306',
- 'policy.api.simpledemo.onap.org', '3905',
+ 'message-router', '3905',
'api', '6969'
]
xacml-pdp:
container_name: policy-xacml-pdp
depends_on:
- mariadb
- - policy.api.simpledemo.onap.org
+ - message-router
- pap
hostname: policy-xacml-pdp
expose:
volumes:
- ./config/xacml-pdp/defaultConfig.json:/opt/app/policy/pdpx/etc/defaultConfig.json:ro
- ./config/ks.jks:/opt/app/policy/pdpx/etc/ssl/policy-keystore:ro
+ - ./config/policy-truststore:/opt/app/policy/pdpx/etc/ssl/policy-truststore:ro
- ./wait_for_port.sh:/opt/app/policy/pdpx/bin/wait_for_port.sh:ro
entrypoint: ./wait_for_port.sh
command: [
'-c', './policy-pdpx.sh',
'mariadb', '3306',
- 'policy.api.simpledemo.onap.org', '3905',
+ 'message-router', '3905',
'pap', '6969'
]
drools:
container_name: drools
depends_on:
- mariadb
- - policy.api.simpledemo.onap.org
+ - message-router
- pap
hostname: drools
expose:
command: [
'-c', '/opt/app/policy/bin/pdpd-entrypoint.sh boot',
'mariadb', '3306',
- 'policy.api.simpledemo.onap.org', '3905'
+ 'message-router', '3905'
]
drools-apps:
image: nexus3.onap.org:10001/onap/policy-pdpd-cl:${POLICY_DROOLS_APPS_VERSION}
container_name: drools-apps
depends_on:
- mariadb
- - policy.api.simpledemo.onap.org
+ - message-router
- pap
- xacml-pdp
hostname: drools-apps
command: [
'-c', '/opt/app/policy/bin/pdpd-cl-entrypoint.sh boot',
'mariadb', '3306',
- 'policy.api.simpledemo.onap.org', '3905',
+ 'message-router', '3905',
'pap', '6969',
- 'policy.api.simpledemo.onap.org', '6666',
- 'policy.api.simpledemo.onap.org', '6668',
- 'policy.api.simpledemo.onap.org', '6669',
- 'policy.api.simpledemo.onap.org', '6670'
+ 'message-router', '6666',
+ 'message-router', '6668',
+ 'message-router', '6669',
+ 'message-router', '6670'
]
apex-pdp:
image: nexus3.onap.org:10001/onap/policy-apex-pdp:${POLICY_APEX_PDP_VERSION}
container_name: policy-apex-pdp
depends_on:
- mariadb
- - policy.api.simpledemo.onap.org
+ - message-router
- pap
hostname: policy-apex-pdp
expose:
volumes:
- ./config/apex-pdp/OnapPfConfig.json:/opt/app/policy/apex-pdp/etc/onappf/config/OnapPfConfig.json:ro
- ./config/ks.jks:/opt/app/policy/apex-pdp/etc/ssl/policy-keystore:ro
+ - ./config/policy-truststore:/opt/app/policy/apex-pdp/etc/ssl/policy-truststore:ro
- ./wait_for_port.sh:/opt/app/policy/bin/wait_for_port.sh:ro
entrypoint: /opt/app/policy/bin/wait_for_port.sh
command: [
'-c', '/opt/app/policy/apex-pdp/bin/apexOnapPf.sh -c /opt/app/policy/apex-pdp/etc/onappf/config/OnapPfConfig.json',
'mariadb', '3306',
- 'policy.api.simpledemo.onap.org', '3905',
+ 'message-router', '3905',
'pap', '6969'
]
distribution:
volumes:
- ./config/distribution/defaultConfig.json:/opt/app/policy/distribution/etc/defaultConfig.json:ro
- ./config/ks.jks:/opt/app/policy/distribution/etc/ssl/policy-keystore:ro
+ - ./config/policy-truststore:/opt/app/policy/distribution/etc/ssl/policy-truststore:ro
- ./distribution/config/temp/:/opt/app/policy/distribution/etc/temp/:ro
- ./wait_for_port.sh:/opt/app/policy/bin/wait_for_port.sh:ro
entrypoint: /opt/app/policy/bin/wait_for_port.sh
command: [
'-c', './policy-dist.sh',
'mariadb', '3306',
- 'policy.api.simpledemo.onap.org', '3905',
+ 'message-router', '3905',
'pap', '6969',
'apex-pdp', '6969'
]
API_IP=`get-instance-ip.sh policy-api`
PAP_IP=`get-instance-ip.sh policy-pap`
XACML_IP=`get-instance-ip.sh policy-xacml-pdp`
-SIM_IP=`get-instance-ip.sh policy.api.simpledemo.onap.org`
+SIM_IP=`get-instance-ip.sh message-router`
export SIM_IP
echo DROOLS IP IS ${DROOLS_IP}
#
DIR="${0%/*}/config"
-DNSFILE="${DIR}/dns_keystore.txt"
-OUTFILE="${DIR}/ks.jks"
+cd "${DIR}"
+
+OUTFILE=ks.jks
+
+ALIAS="policy@policy.onap.org"
+PASS=Pol1cy_0nap
dn="C=US, O=ONAP, OU=OSAAF, OU=policy@policy.onap.org:DEV, CN=policy"
-san=`paste -sd , "${DNSFILE}"`
-rm -f "$OUTFILE"
+rm -f "${OUTFILE}"
+
+keytool -genkeypair -alias "${ALIAS}" -validity 30 \
+ -keyalg RSA -dname "${dn}" -keystore "${OUTFILE}" \
+ -keypass "${PASS}" -storepass "${PASS}"
+
+keytool -certreq -alias "${ALIAS}" -keystore ks.jks -file ks.csr \
+ -storepass "${PASS}"
+
+openssl x509 -CA caroot.cer -CAkey cakey.pem -CAserial caserial.txt \
+ -req -in ks.csr -out ks.cer -passin "pass:${PASS}" \
+ -extfile dns_ssl.txt -days 30
+
+keytool -import -noprompt -file caroot.cer -keystore ks.jks \
+ -storepass "${PASS}"
-keytool -genkeypair -alias "policy@policy.onap.org" -validity 30 \
- -keyalg RSA -dname "$dn" -keystore "$OUTFILE" \
- -keypass Pol1cy_0nap -storepass Pol1cy_0nap -ext "SAN=$san"
+keytool -import -alias "${ALIAS}" -file ks.cer -keystore ks.jks \
+ -storepass "${PASS}"
chmod 644 "$OUTFILE"
${SCRIPTS}/gen_keystore.sh
cp ${SCRIPTS}/config/ks.jks ${SCRIPTS}/config/drools/custom/policy-keystore
cp ${SCRIPTS}/config/ks.jks ${SCRIPTS}/config/drools-apps/custom/policy-keystore
+cp ${SCRIPTS}/config/policy-truststore \
+ ${SCRIPTS}/config/drools/custom/policy-truststore
+cp ${SCRIPTS}/config/policy-truststore \
+ ${SCRIPTS}/config/drools-apps/custom/policy-truststore
+chmod 644 \
+ ${SCRIPTS}/config/drools/custom/policy-* \
+ ${SCRIPTS}/config/drools-apps/custom/policy-*
# Run setup script plan if it exists
cd "${TESTPLANDIR}/plans/"
POLICY_API_IP=`get-instance-ip.sh policy-api`
MARIADB_IP=`get-instance-ip.sh mariadb`
POLICY_PDPX_IP=`get-instance-ip.sh policy-xacml-pdp`
-SIM_IP=`get-instance-ip.sh policy.api.simpledemo.onap.org`
+SIM_IP=`get-instance-ip.sh message-router`
POLICY_PAP_IP=`get-instance-ip.sh policy-pap`
echo PDP IP IS ${POLICY_PDPX_IP}
Code Review / policy / docker.git / commitdiff