Marco Platania [Wed, 11 Dec 2019 16:47:32 +0000 (11:47 -0500)]
Add AAI section to image override file
Issue-ID: INT-1217
Signed-off-by: Marco Platania <platania@research.att.com>
Change-Id: I4c4ba5bdc24b4e2594bdc2b3d1d272c1c3a6c3bb
Brian Freeman [Wed, 11 Dec 2019 16:15:25 +0000 (11:15 -0500)]
update staging override
Issue-ID: INT-1217
Change-Id: I3c740af530e990dc1e74746c7ecc33f1101e7b1c
Signed-off-by: Brian Freeman <bf1936@att.com>
mrichomme [Tue, 10 Dec 2019 07:36:42 +0000 (08:36 +0100)]
Add Bartek, Eric and Marcin as Integration committers
Issue-ID: INT-1386
Signed-off-by: mrichomme <morgan.richomme@orange.com>
Change-Id: I6a513da3e113da29cf1427c0ee0af2a1a5afbd73
stark, steven [Thu, 5 Dec 2019 22:14:32 +0000 (14:14 -0800)]
[INT] various updates to AKS deployment scripts
- Adding support for pluggable post-install scripts. See README.
- Adding pre_install check to validate the correct software is installed before attempting deployment.
- Updating AKS deploy command line to support azure cli 2.0.75.
Issue-ID: INT-1398
Signed-off-by: stark, steven <steven.stark@att.com>
Change-Id: I1ff819e96a3f34c88580e90e8d6f2b79979a7a61
Bartek Grzybowski [Fri, 29 Nov 2019 14:13:33 +0000 (15:13 +0100)]
Update vCPE doc in regard of customer service
Creation and distribution of vCPE customer service
should be done prior to 'vcpe.py init' stage which
fails otherwise due to the vCPEResCust service not
being populated.
Change-Id: I04388f342cfb8a3462e1d84524f55aa66ad0122f
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: TEST-204
Bartek Grzybowski [Tue, 26 Nov 2019 11:32:55 +0000 (12:32 +0100)]
Get VfModuleModelInvariantUuid from service csar at runtime
VfModuleModelInvariantUuid no longer needs manual
assignment, it will be gathered from service csar
at runtime.
Change-Id: I5d0da822dd4ce7b574dae8ce80db2a2d1e5de297
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: INT-1389
Bartek Grzybowski [Mon, 25 Nov 2019 10:39:03 +0000 (11:39 +0100)]
Insert SDNC ip pool automatically only if oom_mode is enabled
Change-Id: Ia1fe923f877cf76e51bcc1f23c9bf562a877b112
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: TEST-222
Bartek Grzybowski [Fri, 22 Nov 2019 14:02:21 +0000 (15:02 +0100)]
Insert vcpe customer service workflow into SO catalogdb
Customer service workflow entry will be automatically
inserted into catalogdb database if running with
oom_mode set to True.
So database endpoint properties were updated to
reflect current catalogdb location.
vCPE doc updated to reflect the changes made.
Change-Id: I54ef0bf94ccf2d38501c1b854cafe4d388a4b35d
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: TEST-205
Bartek Grzybowski [Thu, 21 Nov 2019 09:28:22 +0000 (10:28 +0100)]
Update vCPE doc in regard of adding SDN-ETHERNET-INTERNET customer
Adding SDN-ETHERNET-INTERNET customer is no longer
required as it's already added at 'onap init' step
by robot case InitDemo
(see Change-Id: I576093cea61fd5f77aafb6edd119c254b674a2fc)
Change-Id: I90723325ed9e8518a72cea7afaa51655322f162c
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: TEST-201
Brian Freeman [Wed, 4 Dec 2019 22:36:44 +0000 (17:36 -0500)]
Fix cds image ref
Issue-ID: INT-1217
Change-Id: I3a12608189a0489ecd19585fca157f03db13d4fa
Signed-off-by: Brian Freeman <bf1936@att.com>
wsliwka [Mon, 25 Nov 2019 10:05:39 +0000 (11:05 +0100)]
Configure netopeer to support mTLS
Issue-ID: INT-1372
Signed-off-by: wsliwka <wojciech.sliwka@nokia.com>
Change-Id: I11281c2a0703b97e1075d01bba9ec076766daf0d
gummar [Tue, 12 Nov 2019 11:26:31 +0000 (11:26 +0000)]
PNF Simulator/Netconf Simulator docker compose to use devel tag
Issue-ID: INT-1320
Signed-off-by: gummar <raj.gumma@est.tech>
Change-Id: Iadc7a6bebef9302ae711a3227789f603f19270cd
mrichomme [Fri, 8 Nov 2019 17:01:13 +0000 (18:01 +0100)]
Clean xtesting repo from integration
all xtesting activities should be in a dedicated respository
Issue-ID: INT-1366
Signed-off-by: mrichomme <morgan.richomme@orange.com>
Change-Id: Iec8fbf0b24eb18496a49eccb79af9fb85d29dc1f
mrichomme [Fri, 22 Nov 2019 07:32:46 +0000 (08:32 +0100)]
Remove Gary from the committer list
mail received from Gary on the 2019/11/21
Issue-ID: INT-1386
Signed-off-by: mrichomme <morgan.richomme@orange.com>
Change-Id: I053195a6997dc4d7e45ea3cf0781c5304ac5c0fe
Bartek Grzybowski [Wed, 20 Nov 2019 14:43:26 +0000 (15:43 +0100)]
Fix logic for finding brg vnf template file
Change-Id: I0e31cc0a0a71a08a74ec56f4aa17321eb8d8c7ba
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: INT-1345
Bartek Grzybowski [Wed, 30 Oct 2019 12:46:43 +0000 (13:46 +0100)]
Add identity-url to region data in AAI
This change automates the process of updating
region data with identity-url
Change-Id: Ibda9ac8d1bbe1a489d496a5f293aafdebb73d416
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: SO-2308
Bartek Grzybowski [Thu, 7 Nov 2019 11:44:46 +0000 (12:44 +0100)]
Get the BRG MAC address automatically
Sdnc db port was also adjusted as there's no sdnc-db
service anymore (since OOM-1651)
Change-Id: I154463224777f6fd76f5380253aa9130224fe3e4
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: INT-1365
Bartek Grzybowski [Wed, 6 Nov 2019 14:26:37 +0000 (15:26 +0100)]
Update to vCPE doc regarding service csars download
Service csars no longer need to be manually transferred
from robot container as they are automatically downloaded
by vcpe scripts and ete-k8s.sh at distributevCPEResCust
distribution.
Change-Id: I9163972df974828083e3204b5b8786d4bcce2848
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: TEST-228
Bartek Grzybowski [Mon, 18 Nov 2019 13:58:00 +0000 (14:58 +0100)]
Set gra_api to 'False' by default
It can be True only after DGs are updated
for GRA-API infrastructure.
Change-Id: Ibda82ae14680387e07c5bd5525259b7cc9dfd092
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: INT-1345
andreasgeissler [Mon, 18 Nov 2019 09:21:12 +0000 (10:21 +0100)]
Added missing parameters for cleanup.sh call
Fixed trailing space
Issue-ID: INT-1368
Signed-off-by: andreasgeissler <andreas-geissler@telekom.de>
Change-Id: I72e6fc1133a16cb2cd33e44666f11f9919620bbe
Bartek Grzybowski [Thu, 31 Oct 2019 11:49:46 +0000 (12:49 +0100)]
Disable InsecureRequestWarning from requests library
Globally disable InsecureRequestWarning coming
from requests library for both pre 2.16.0 and
for >= 2.16.0 versions.
Change-Id: Ibf4e749086265e8726e90a2f8b4c1c9df3b2c55d
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: TEST-227
Brian Freeman [Fri, 15 Nov 2019 15:50:03 +0000 (10:50 -0500)]
Add missing networkgra
Issue-ID: INT-1345
Change-Id: I18c48a9f716c3a4c0bd6e7756f5df325aaee39e3
Signed-off-by: Brian Freeman <bf1936@att.com>
Brian Freeman [Fri, 8 Nov 2019 15:09:27 +0000 (10:09 -0500)]
Fix verbose flag
Issue-ID: INT-1217
Change-Id: I231786a0f58475920e339d201824859d9932e037
Signed-off-by: Brian Freeman <bf1936@att.com>
Brian Freeman [Wed, 6 Nov 2019 18:22:53 +0000 (13:22 -0500)]
Initial GRA_API Support
Updated after testing in integration-release-daily
Issue-ID: INT-1345
Change-Id: I61410e97d244ec7a736722727e11764fb5f3f5a9
Signed-off-by: Brian Freeman <bf1936@att.com>
yangyan [Wed, 6 Nov 2019 03:01:17 +0000 (11:01 +0800)]
Update postman data about pnf package onboard in VFC
Change-Id: Icc9b004e99c330bb24ec864d85039366ce9dd55c
Issue-ID: INT-1364
Signed-off-by: yangyan <yangyanyj@chinamobile.com>
yangyan [Wed, 6 Nov 2019 02:59:05 +0000 (10:59 +0800)]
Update postman data about vnf package onboard in VFC
Change-Id: I9d15f923f39dbdb93b3aea9888cc8cd780e09172
Issue-ID: INT-1364
Signed-off-by: yangyan <yangyanyj@chinamobile.com>
yangyan [Wed, 6 Nov 2019 02:27:06 +0000 (10:27 +0800)]
Update postman data about ns package onboard in VFC
Change-Id: I89f51d25c55c12d3c394e86852f6bf58dc333956
Issue-ID: INT-1364
Signed-off-by: yangyan <yangyanyj@chinamobile.com>
yangyan [Wed, 6 Nov 2019 03:03:43 +0000 (11:03 +0800)]
Update postman data about catalog package onboard in VFC
Change-Id: I83798b06f37f7f1cc88e18e1ddd17141105b9fe7
Issue-ID: INT-1364
Signed-off-by: yangyan <yangyanyj@chinamobile.com>
yangyan [Wed, 6 Nov 2019 02:22:04 +0000 (10:22 +0800)]
Update postman data about ns_instance in VFC
Change-Id: I89978b74fb278948f0deb459ed726f83392b48cd
Issue-ID: INT-1364
Signed-off-by: yangyan <yangyanyj@chinamobile.com>
Brian Freeman [Fri, 1 Nov 2019 16:03:29 +0000 (11:03 -0500)]
add env variable
Issue-ID: INT-1217
Change-Id: Ibc46dc631edc2738b730d77c2a1c045c17d24dee
Signed-off-by: Brian Freeman <bf1936@att.com>
Brian Freeman [Fri, 1 Nov 2019 15:37:33 +0000 (10:37 -0500)]
Fix if/fi on stack create
Issue-ID: INT-1217
Change-Id: I94a9d2a4f3e98a2c08ee7dc2af40c6fc718c23f4
Signed-off-by: Brian Freeman <bf1936@att.com>
Brian Freeman [Thu, 31 Oct 2019 17:28:25 +0000 (12:28 -0500)]
Fix for staging override deployment
Issue-ID: INT-1217
Change-Id: I35f14f04b6e11b22747c9fb71d11ad4d3c1ddcf9
Signed-off-by: Brian Freeman <bf1936@att.com>
Brian Freeman [Mon, 28 Oct 2019 19:28:31 +0000 (14:28 -0500)]
Frankfurt Staging override
Add script to automatically generate the file as a test
Issue-ID: INT-1217
Change-Id: I9e1dc9b4b2d409ce162e098c90786e3ddce72146
Signed-off-by: Brian Freeman <bf1936@att.com>
mrichomme [Tue, 29 Oct 2019 15:34:10 +0000 (16:34 +0100)]
Update INFO.yaml
remove committers with no activity referenced in the repository since 1 year
https://git.onap.org/integration/stats/?period=q&ofs=-1
Issue-ID: INT-1349
Change-Id: I71f309432c47e6d5c89a471edcf593032e45cea8
Signed-off-by: mrichomme <morgan.richomme@orange.com>
Bartek Grzybowski [Wed, 30 Oct 2019 09:55:55 +0000 (10:55 +0100)]
Fix failures return codes in vcpe scripts
Conditional exits on failures should return
with non zero exit code for better behavior
in testing pipelines.
Change-Id: Ied2e699a2cd38cc741e6d9d9a5c88082f09fa549
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: TEST-226
Eric Debeau [Thu, 24 Oct 2019 12:55:23 +0000 (12:55 +0000)]
Update release note
Correct system Warning
Correct Doc8 errors
Modify section level to avoid bad behavior in toctree
Issue-ID: INT-1249
Signed-off-by: Eric Debeau <eric.debeau@orange.com>
Change-Id: I44c027ec9b8a14cad455bc981994f3c7dab48140
Bartek Grzybowski [Thu, 24 Oct 2019 10:49:04 +0000 (12:49 +0200)]
Make SDNC ip pool insertion idempotent
This ensures that subsequent 'vcpe.py init'
invocations do not complain about duplicate
entry in sdnctl databse (entries are not
reinserted, INSERT statement is just noop in
this case).
Change-Id: I8def8eab1e04026e8ee2206aa11fe2644b35d609
Issue-ID: TEST-222
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Bartek Grzybowski [Thu, 24 Oct 2019 11:26:21 +0000 (13:26 +0200)]
Use VcpeCommon.host_names in get_oom_onap_vm_ip routine
List of host names to iterate over in search for
a vm ip in get_oom_onap_vm_ip() should be identical
to the globally defined host names.
Change-Id: I60e1a2d77d683b81ae480499ce357dd812e8694f
Issue-ID: TEST-225
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Brian Freeman [Thu, 24 Oct 2019 13:16:24 +0000 (08:16 -0500)]
Up rev 6.0.0 Frankfurt
Issue-ID: INT-1322
Change-Id: I49835a8d5ddb8c4043cc85c65a9ee0e669c9c678
Signed-off-by: Brian Freeman <bf1936@att.com>
Rene_Robert [Tue, 22 Oct 2019 15:27:21 +0000 (17:27 +0200)]
update Postman collections and doc,with corrections
Issue-ID: INT-1340
Signed-off-by: Rene_Robert <rene.robert@orange.com>
Change-Id: Idcb5ef7669805f0d8c4266ee45310078d33260c2
mrichomme [Fri, 18 Oct 2019 16:54:16 +0000 (18:54 +0200)]
release note update
Issue-ID: INT-1249
Change-Id: Iadcfbb83cea8826e5af14f965f8b4b3aa24352d4
Signed-off-by: mrichomme <morgan.richomme@orange.com>
Bartek Grzybowski [Thu, 17 Oct 2019 08:44:39 +0000 (10:44 +0200)]
Add usage description for 'noloss' option
Change-Id: I454d21fe90511d20e1e25a62bb2943ccd59e52c6
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: INT-1325
Bartek Grzybowski [Fri, 18 Oct 2019 11:54:21 +0000 (13:54 +0200)]
Switch oom_mode to False by default
Vcpe scripts should be run from Rancher node
where it has direct access to k8s cluster ips
and service endpoints so that calls for oom_mode
to be set to 'False'.
Change-Id: I8edc0f363d7d32f28b070b0de87a3e2eab8223ff
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: INT-1339
Brian Freeman [Wed, 16 Oct 2019 19:45:04 +0000 (14:45 -0500)]
Minor edits on 5G RTPM
Issue-ID: INT-1322
Change-Id: I822c972506aa54850d66813084b5205e61820d8d
Signed-off-by: Brian Freeman <bf1936@att.com>
Krzysztof Kuzmicki [Tue, 15 Oct 2019 11:17:47 +0000 (13:17 +0200)]
Integration doc for 5g pnp pnf use case
Issue-ID: INT-1333
Signed-off-by: krzysztof kuzmicki <krzysztof.kuzmicki@nokia.com>
Change-Id: Iaeac6337bd37a2b2e5e66b0a400c4f67d8fd7d85
Marco Platania [Wed, 16 Oct 2019 16:10:52 +0000 (12:10 -0400)]
Improve scale out doc
Issue-ID: INT-1171
Signed-off-by: Marco Platania <platania@research.att.com>
Change-Id: I84791cb6e01f0f5f80bdec68cd9910bba5b81122
Bartek Grzybowski [Wed, 16 Oct 2019 13:28:23 +0000 (15:28 +0200)]
Automate SDNC ip pool insertion into database
This patch automates SDNC ip pool generation in
sdnctl database in the scope of vcpe.py 'init'
stage.
Change-Id: I6322ff2dadb069991be0eddbb0cf415baa7984f6
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: TEST-222
Marco Platania [Sun, 13 Oct 2019 14:47:19 +0000 (10:47 -0400)]
Update demo artifacts version number to 1.6.0-SNAPSHOT
Issue-ID: INT-1073
Signed-off-by: Marco Platania <platania@research.att.com>
Change-Id: Idbbebf9984f091c32347cdea2faf82ffa90918dd
mrichomme [Mon, 14 Oct 2019 15:41:12 +0000 (17:41 +0200)]
Update Change Management Flexible Designer and Orchestrator doc
to integrate it in official documentation
Issue-ID: INT-1287
Change-Id: Ied366b0112a2a4d6557942f01f49d4c1939bc008
Signed-off-by: mrichomme <morgan.richomme@orange.com>
mrichomme [Tue, 15 Oct 2019 16:21:58 +0000 (18:21 +0200)]
Review K8S based Cloud Region Support - EdgeXFoundry Use case doc
Issue-ID: INT-1287
Change-Id: I9f1797f23c3d386b953af548bfe6640149cfe917
Signed-off-by: mrichomme <morgan.richomme@orange.com>
mrichomme [Tue, 15 Oct 2019 09:34:19 +0000 (11:34 +0200)]
Update vFW use case documentation
Issue-ID: INT-1287
Change-Id: I643febd15fbb9cc4b66202edda2915d4d0219ea6
Signed-off-by: mrichomme <morgan.richomme@orange.com>
Itohan [Mon, 7 Oct 2019 21:21:19 +0000 (21:21 +0000)]
Fixed Bugs in HPA automtion script
Signed-off-by: Itohan Ukponmwan <itohan.ukponmwan@intel.com>
Issue-ID: INT-1137
Change-Id: Ib681f797bb9ed631cfe36507425bcbd1fc2b5561
AndyWalshe [Tue, 8 Oct 2019 15:33:14 +0000 (16:33 +0100)]
Update ONAP probe script to cater for nfs node and use of local docker repository
Issue-ID: INT-1321
Change-Id: I150324b147f01e6455dccc19c0be748dcf67286a
Signed-off-by: AndyWalshe <andy.walshe@est.tech>
Bartek Grzybowski [Thu, 10 Oct 2019 12:57:13 +0000 (14:57 +0200)]
Fix setting onap namespace and environment name separately
Onap namespace and environment name can be distinct
on a per deployment basis and this allows to set
them accordingly.
Change-Id: Id1b6fdc4f3b4c159117536187197cb308527f8d2
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: INT-1323
mrichomme [Wed, 9 Oct 2019 12:02:17 +0000 (14:02 +0200)]
WIP Update integration documentation for El Alto
Issue-ID: INT-1322
Change-Id: Idd1d5f7bd2f57e1acb2e3c050a631cc52e212e1e
Signed-off-by: mrichomme <morgan.richomme@orange.com>
stark, steven [Thu, 19 Sep 2019 22:43:00 +0000 (15:43 -0700)]
[INT] Adding deployments scripts for ONAP on AKS
Patch 2 - updating readme and removing dash character from BUILD parameter
Patch 3 - updating image url to amd instead of arm, fixing NFS os disk parameter
Issue-ID: INT-1270
Signed-off-by: stark, steven <steven.stark@att.com>
Change-Id: I1d8824b3c098855c9094e27fad8c820e4df42677
Bartek Grzybowski [Mon, 7 Oct 2019 12:25:30 +0000 (14:25 +0200)]
Automate curl installation in sdnc container (vCPE)
Curl package will be automatically installed be the
healthcheck-k8s.py script.
Change-Id: I7fc5579524c7519f6153b02d0de0000dc0138992
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: INT-1313
Brian Freeman [Thu, 3 Oct 2019 20:25:39 +0000 (15:25 -0500)]
Fix SSL cert verify for SDNC
Issue-ID: INT-1265
Change-Id: I7c36dc479b73a8b663cae4472ed29182d0f6672b
Signed-off-by: Brian Freeman <bf1936@att.com>
Pawel Wieczorek [Mon, 30 Sep 2019 13:27:43 +0000 (15:27 +0200)]
k8s: Validate controller manager flags requiring specific values
This patch verifies if CIS Kubernetes Benchmark v1.3.0 sections
regarding master node configuration are satisfied (1.3.2 - 1.3.3
and 1.3.6).
Issue-ID: SECCOM-235
Change-Id: I9c2921faf40ad9445e983f2b9bd0610e556cfe15
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Ruoyu Ying [Sun, 29 Sep 2019 11:55:47 +0000 (19:55 +0800)]
(WIP)Fix automation issues due to cli change
Fix several changes due to cli change
Issue-ID: INT-1289
Signed-off-by: Ruoyu Ying <ruoyu.ying@intel.com>
Change-Id: Ib07d9be8ace77270046c8aa02f162a9ad7994370
Bartek Grzybowski [Mon, 30 Sep 2019 13:01:16 +0000 (15:01 +0200)]
Refactor setup script for preparing vCPE tools runtime env
Script is now more generic and allows proper setup
of vcpe scripts runtime environment on Ubuntu 16.04/18.04
and on Centos/Rhel 7.6.
Change-Id: I7b7d944f5a6a7a9dc45921082f908a1f8aa185a1
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: TEST-203
Brian Freeman [Mon, 30 Sep 2019 18:28:30 +0000 (13:28 -0500)]
Loosen sdc liveness readiness probe
Issue-ID: INT-1290
Change-Id: Iac5a16dae644a61de04bca00f49f14ae98dac995
Signed-off-by: Brian Freeman <bf1936@att.com>
Pawel Wieczorek [Mon, 30 Sep 2019 12:39:32 +0000 (14:39 +0200)]
k8s: Resolve Docker response formatting issue
Checker collects information on cluster by Docker queries:
$ docker ps ARGS... # Casablanca
$ docker inspect ARGS... # Dublin
Arrays of values are then filtered from those. They include:
* opening bracket ('['),
* closing bracket (']'),
* new line.
Additional characters affect check results if last flag (including
"]\n") requires specific value.
Issue-ID: SECCOM-235
Change-Id: I6838342b7e2ecdc44a47ffe02286266003e0b4d3
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Mon, 30 Sep 2019 12:23:30 +0000 (14:23 +0200)]
k8s: Resolve address conflicts in virtual environments
Running Casablanca and Dublin virtual environments at the same time led
to networking issues - the same IP had been assigned to cluster nodes.
Issue-ID: SECCOM-235
Change-Id: I2a59d023115326f5b132782a32190fd8f7dc1f48
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Fri, 27 Sep 2019 17:00:46 +0000 (19:00 +0200)]
k8s: Validate controller manager address flag
This patch verifies if CIS Kubernetes Benchmark v1.3.0 section
regarding master node configuration is satisfied (1.3.7).
Issue-ID: SECCOM-235
Change-Id: Id3f4bcb9a506dae3c7c0a884ad6c704dfae2a6d8
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Fri, 27 Sep 2019 16:26:13 +0000 (18:26 +0200)]
k8s: Add controller manager information collection
Issue-ID: SECCOM-235
Change-Id: Ieceb6337f935e6a5a6b94248ccf072229116510a
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Fri, 27 Sep 2019 14:26:39 +0000 (16:26 +0200)]
k8s: Validate scheduler flags
Issue-ID: SECCOM-235
Change-Id: I61df142e99a7f1da335471acab88e5a47d72df15
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Fri, 27 Sep 2019 14:10:33 +0000 (16:10 +0200)]
k8s: Add scheduler information collection
Issue-ID: SECCOM-235
Change-Id: I7da645737440172d3cf11f33069daa2697f83056
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Fri, 27 Sep 2019 15:09:49 +0000 (17:09 +0200)]
k8s: Extract common validators for DRY code
Issue-ID: SECCOM-235
Change-Id: Ic5997b67d0512bea51c3b4a4c71805987fa6f011
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Thu, 26 Sep 2019 14:43:01 +0000 (16:43 +0200)]
k8s: Extract common interface to simplify development
Common command and service name extraction is intended to limit
execution to small set of allowed processes.
This patch also drops unnecessary use of "Kubernetes" name because this
whole subproject concerns its clusters.
Issue-ID: SECCOM-235
Change-Id: I8babfeb4f24cf3baa4d236ca622c21170ab6205e
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Thu, 26 Sep 2019 12:50:16 +0000 (14:50 +0200)]
k8s: Change default cluster access method choice logic
Previous way of choosing it led to impractical calls, e.g.
$ ./check -rke # (works fine)
$ ./check -ranchercli # "Not supported."
$ ./check -ranchercli -rke=false # (works fine)
Disabling default cluster access method is no longer necessary.
Issue-ID: SECCOM-235
Change-Id: I2b4d5bff10c5470e567351abeac0431bed3b7938
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Thu, 26 Sep 2019 10:31:56 +0000 (12:31 +0200)]
k8s: Declutter checker by dividing it into smaller packages
Issue-ID: SECCOM-235
Change-Id: I7d4efd08b8c0258f2f9c33772bf1b1b02cedebfa
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Wed, 25 Sep 2019 16:36:06 +0000 (18:36 +0200)]
k8s: Call correct methods for API server auditing flags validation
Issue-ID: SECCOM-235
Change-Id: Ia5d75628b1c5211f378c239f84e9689d45697a04
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Wed, 25 Sep 2019 16:30:10 +0000 (18:30 +0200)]
k8s: Validate API server request timeout
This patch verifies if CIS Kubernetes Benchmark v1.3.0 section
regarding master node configuration is satisfied (1.1.38).
Issue-ID: SECCOM-235
Change-Id: Ic1f175d577c79013ddb49e02b8de69137535c964
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Wed, 25 Sep 2019 14:37:24 +0000 (16:37 +0200)]
k8s: Validate API server included authorization mode
This patch verifies if CIS Kubernetes Benchmark v1.3.0 section
regarding master node configuration is satisfied (1.1.32).
It also fixes wrong documentation comment for similar validator
(1.1.19).
Issue-ID: SECCOM-235
Change-Id: I00cb8a458871b091b16fe60fc0087b7972aa3b6b
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Fri, 20 Sep 2019 09:42:58 +0000 (11:42 +0200)]
k8s: Validate API server crypto ciphers in use
This patch verifies if CIS Kubernetes Benchmark v1.3.0 section
regarding master node configuration is satisfied (1.1.30).
It also covers its duplicate (1.1.39).
Issue-ID: SECCOM-235
Change-Id: I0f3031c080cf225e7c2c03e65dd0bfc780326307
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Bartek Grzybowski [Wed, 25 Sep 2019 14:37:05 +0000 (16:37 +0200)]
Fix hashbang in vCPE Python scripts
Change-Id: Id2b7ec151e1a006a5a85b8544e478fd9cf282715
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: TEST-220
Bartek Grzybowski [Wed, 25 Sep 2019 09:21:42 +0000 (11:21 +0200)]
Automate vCPE closed loop policy pushing
Added a library routine to set up CL policy
in an idempotent fashion.
Description of CL pushing related manual step
was removed from documentation.
Change-Id: I1fad5d71481252ce803dd58c6ccbbcfa0a4d246f
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: INT-1267
yangyan [Tue, 24 Sep 2019 02:51:44 +0000 (10:51 +0800)]
add terminate and del function to hpy_automation scripts
Change-Id: Ie669261bde3723d892706d3d767c08b325afc3e0
Issue-ID: INT-1239
Signed-off-by: yangyan <yangyanyj@chinamobile.com>
yangyan [Fri, 20 Sep 2019 07:47:40 +0000 (15:47 +0800)]
fix the typo error of hpy_automation scripts
Change-Id: I27b43d63042bdb46f1ff362335a26bf6726674a0
Issue-ID: INT-1239
Signed-off-by: yangyan <yangyanyj@chinamobile.com>
Brian Freeman [Fri, 20 Sep 2019 13:29:22 +0000 (08:29 -0500)]
SDNC SSL port, BRG category, DEBUG
Issue-ID: INT-1265
Change-Id: I4ea7bf282b7d8aad58645784317dea9edf373cff
Signed-off-by: Brian Freeman <bf1936@att.com>
Yang Xu [Thu, 19 Sep 2019 16:16:45 +0000 (12:16 -0400)]
Update INFO.yaml
Signed-off-by: Yang Xu <xuyang11@gmail.com>
Issue-ID: INT-1269
Change-Id: I9f76cdd3b53f9519017da851a59b8c7000334797
Pawel Wieczorek [Thu, 19 Sep 2019 14:06:13 +0000 (16:06 +0200)]
k8s: Validate API server certificates and keys
This patch verifies if CIS Kubernetes Benchmark v1.3.0 sections
regarding master node configuration are satisfied (1.1.22, 1.1.25 -
1.1.26 and 1.1.28).
Issue-ID: SECCOM-235
Change-Id: Ic61a796653dc868d20fe69c3ed508e7fa8ba52db
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Thu, 19 Sep 2019 13:27:14 +0000 (15:27 +0200)]
k8s: Validate API server Certificate Authorities
This patch verifies if CIS Kubernetes Benchmark v1.3.0 sections
regarding master node configuration are satisfied (1.1.21, 1.1.29
and 1.1.31).
Issue-ID: SECCOM-235
Change-Id: Ia2f55f6962885a7aa878c970a406189902cfab10
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Tue, 17 Sep 2019 16:47:43 +0000 (18:47 +0200)]
k8s: Validate API server auditing flags
This patch verifies if CIS Kubernetes Benchmark v1.3.0 sections
regarding master node configuration are satisfied (1.1.16 - 1.1.18).
Issue-ID: SECCOM-235
Change-Id: I27b63e37fc3203cf3574b9e1cdc43333041f2a36
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Tue, 17 Sep 2019 16:45:41 +0000 (18:45 +0200)]
k8s: Validate API server auditing is enabled
This patch verifies if CIS Kubernetes Benchmark v1.3.0 section
regarding master node configuration is satisfied (1.1.15).
Issue-ID: SECCOM-235
Change-Id: Ia1d27ed7a9e439bb0abf4bd8941bdd4573a50bd5
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Tue, 17 Sep 2019 15:17:48 +0000 (17:17 +0200)]
k8s: Group tests by flag type
Issue-ID: SECCOM-235
Change-Id: I25ebd2930afec6eb259f0a678fffbf7727eb315b
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Tue, 17 Sep 2019 15:09:37 +0000 (17:09 +0200)]
k8s: Validate API server not excluded authorization mode
This patch verifies if CIS Kubernetes Benchmark v1.3.0 section
regarding master node configuration is satisfied (1.1.19).
Issue-ID: SECCOM-235
Change-Id: I00c9600fd0d351afb7141a5fa16f348eab67b12d
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Tue, 17 Sep 2019 14:31:47 +0000 (16:31 +0200)]
k8s: Validate API server not excluded admission plugins
This patch verifies if CIS Kubernetes Benchmark v1.3.0 section
regarding master node configuration is satisfied (1.1.14).
Issue-ID: SECCOM-235
Change-Id: I63c2f8a5b94bfd6c9963805aae85595e6b6ad6d7
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Brian Freeman [Wed, 18 Sep 2019 17:14:21 +0000 (12:14 -0500)]
Fix rev level in license
Issue-ID: INT-1266
Change-Id: I822becff87484b79d3e7c744038b55943c1dddcb
Signed-off-by: Brian Freeman <bf1936@att.com>
Brian Freeman [Wed, 18 Sep 2019 14:30:05 +0000 (09:30 -0500)]
Updates for ssl sdc
Issue-ID: INT-1265
Change-Id: I64971740c8ae9aee60a06ca1d0e5ff02ccbc9a88
Signed-off-by: Brian Freeman <bf1936@att.com>
ecaiyanlinux [Mon, 16 Sep 2019 07:56:21 +0000 (09:56 +0200)]
Add mr-sim log to console
Change-Id: I9697360d2ee5b8e95dacdb74a9a1a025a1a45e3c
Signed-off-by: ecaiyanlinux <martin.c.yan@est.tech>
Issue-ID: DCAEGEN2-1702
Pawel Wieczorek [Tue, 17 Sep 2019 13:47:24 +0000 (15:47 +0200)]
k8s: Validate API server included admission plugins
This patch verifies if CIS Kubernetes Benchmark v1.3.0 sections
regarding master node configuration are satisfied (1.1.11 - 1.1.13,
1.1.24, 1.1.27, 1.1.33 and 1.1.36).
Issue-ID: SECCOM-235
Change-Id: I920bfd42014b8458126be251648f5bf3dcd84c16
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Mon, 16 Sep 2019 15:51:39 +0000 (17:51 +0200)]
k8s: Validate API server excluded admission plugins
This patch verifies if CIS Kubernetes Benchmark v1.3.0 section
regarding master node configuration is satisfied (1.1.10).
However, CIS Kubernetes Benchmark v1.3.0 mismatches official
documentation: Kubernetes 1.10+ already provides safe defaults from
security standpoint [1] (ONAP Casablanca uses 1.11).
Deprecated admission control plugin flag has also been validated since
it was still available in Kubernetes provided by Rancher [2].
[1] https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#is-there-a-recommended-set-of-admission-controllers-to-use
[2] https://github.com/rancher/rancher/issues/15064
Issue-ID: SECCOM-235
Change-Id: I0e8fe9f885861f155cb8265df085fa93dbdff6d2
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Pawel Wieczorek [Fri, 30 Aug 2019 14:59:37 +0000 (16:59 +0200)]
k8s: Add note on release-specific dependencies
Issue-ID: SECCOM-235
Change-Id: I35d3e3f413542c69718d17ae25f227275270c8cf
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Marco Platania [Mon, 16 Sep 2019 16:16:54 +0000 (12:16 -0400)]
Improve description of scale out use case
- Describe the ONAP flows
- Describe SO workflow
- Describe how to obtain a TOSCA template from SDC
Issue-ID: INT-1171
Signed-off-by: Marco Platania <platania@research.att.com>
Change-Id: I901ae1a85becbb549804f8307991cb592a251d6d
Marco Platania [Mon, 16 Sep 2019 13:14:35 +0000 (09:14 -0400)]
Fix DCAE cleanup process
Issue-ID: INT-479
Signed-off-by: Marco Platania <platania@research.att.com>
Change-Id: I360d9887842ac8e86e3a52f7a549367dc63ccb7d
Brian Freeman [Fri, 13 Sep 2019 14:23:55 +0000 (09:23 -0500)]
Add sdc keyspaces and longer timeout
Issue-ID: INT-1244
Change-Id: I5bc0f4e02ac3d2d8df867f76327e588353c76da8
Signed-off-by: Brian Freeman <bf1936@att.com>
Lukasz Rajewski [Thu, 12 Sep 2019 07:03:47 +0000 (09:03 +0200)]
Modified vFW DT Use case description
Description of policy configuration and typos fixed
Change-Id: Ib11df95b79987b85c15452d74a5644c152dcbfde
Signed-off-by: Lukasz Rajewski <lukasz.rajewski@orange.com>
Issue-ID: INT-751
Bartek Grzybowski [Fri, 13 Sep 2019 10:50:59 +0000 (12:50 +0200)]
Refactor healthcheck-k8s.py
Error reporting was improved by returning actual
error message from subprocess call to 'kubectl' command.
Code readability was improved by defining a dictionary
of endpoint names to check and their IPs.
Unsecure 'shell=True' property in Popen constructor for
kubectl command in SDNC DB was removed and command string
itself sanitized.
Overall code readability was improved by reusing common
commands in a loop.
Change-Id: I19f8f71e27196bb55a9be3d58cd0885ceba3af0c
Issue-ID: TEST-213
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Code Review / integration.git / log