--- /dev/null
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
--- /dev/null
+# Copyright © 2018
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: v1
+description: ONAP POMBA Data-Router
+name: pomba-data-router
+version: 2.0.0
--- /dev/null
+{
+ "roles": [
+ {
+ "name": "admin",
+ "functions": [
+ {
+ "name": "search", "methods": [ { "name": "GET" },{ "name": "DELETE" }, { "name": "PUT" }, { "name": "POST" } ]
+ }
+ ],
+
+ "users": [
+ {
+ "username": "CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA"
+ }
+ ]
+ }
+ ]
+}
--- /dev/null
+# Copyright © 2018 Amdocs
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+# Properties for the SchemaLocationsBean
+# The AAI Schema jar will be unpacked to bundleconfig/etc
+schemaConfig=NA
+# OXM files named aai_oxm_v*.xml are unpacked here:
+nodeDir=/opt/app/data-router/bundleconfig/etc/oxm
+# DB Edge Rules are unpacked here:
+edgeDir=
+# DB Edge Property files are copied here:
+edgePropsDir=
--- /dev/null
+<beans xmlns="http://www.springframework.org/schema/beans"\r
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"\r
+ xsi:schemaLocation="\r
+ http://www.springframework.org/schema/beans\r
+ http://www.springframework.org/schema/beans/spring-beans.xsd">\r
+\r
+\r
+ <bean id="eventPublisher" class="org.onap.aai.event.client.DMaaPEventPublisher" >\r
+ <constructor-arg name="host" value="message-router.{{.Release.Namespace}}:3904" />\r
+ <constructor-arg name="topic" value="POA-AUDIT-INIT" />\r
+ <constructor-arg name="username" value="" />\r
+ <constructor-arg name="password" value="" />\r
+ <constructor-arg name="maxBatchSize" value="100" />\r
+ <constructor-arg name="maxAgeMs" value="250" />\r
+ <constructor-arg name="delayBetweenBatchesMs" value="50" />\r
+ <constructor-arg name="transportType" value="HTTPAUTH" />\r
+ </bean>\r
+\r
+ <bean id="auditService" class="org.onap.aai.datarouter.service.AuditService" >\r
+ <constructor-arg ref="eventPublisher" />\r
+ </bean>\r
+\r
+</beans>\r
--- /dev/null
+<beans xmlns="http://www.springframework.org/schema/beans"\r
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"\r
+ xsi:schemaLocation="\r
+ http://www.springframework.org/schema/beans\r
+ http://www.springframework.org/schema/beans/spring-beans.xsd">\r
+\r
+ <bean id="poaPolicy" class="org.onap.aai.datarouter.policy.ServiceIntegrityValidationPolicy" init-method="startup" >\r
+ <constructor-arg name="searchCertPath" value="client-cert-onap.p12" />\r
+ <constructor-arg name="searchCertPassword" value="OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10" />\r
+ <constructor-arg name="searchCertTruststore" value="tomcat_keystore" />\r
+ <constructor-arg name="searchBaseURL" value="https://pomba-search-data.{{.Release.Namespace}}:9509" />\r
+ <constructor-arg name="endpoint" value="services/search-data-service/v1/search/indexes/" />\r
+ <constructor-arg name="validationIndexName" value="service-validations" />\r
+ <constructor-arg name="violationIndexName" value="service-violations" />\r
+ </bean>\r
+\r
+ <bean id="consumerBean" class="org.onap.aai.event.client.DMaaPEventConsumer" >\r
+ <constructor-arg name="host" value="message-router.{{.Release.Namespace}}:3904" />\r
+ <constructor-arg name="topic" value="POA-AUDIT-RESULT" />\r
+ <constructor-arg name="username" value="OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10" />\r
+ <constructor-arg name="password" value="OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10" />\r
+ <constructor-arg name="consumerGroup" value="poaConsumer" />\r
+ <constructor-arg name="consumerId" value="poaConsumer" />\r
+ <constructor-arg name="timeoutMs" value="15000" />\r
+ <constructor-arg name="messageLimit" value="1000" />\r
+ <constructor-arg name="transportType" value="HTTPAUTH" />\r
+ </bean>\r
+\r
+</beans>\r
--- /dev/null
+<route xmlns="http://camel.apache.org/schema/spring" trace="true">\r
+ <from uri="servlet:///data-router/v1/orchestration-event-service/?matchOnUriPrefix=true" />\r
+ <to uri="cxfbean:auditService" />\r
+</route>\r
+\r
--- /dev/null
+<route xmlns="http://camel.apache.org/schema/spring" trace="true">\r
+ <from uri="event-bus:mybus/?eventTopic=POA-AUDIT-RESULT&consumer=#consumerBean" />\r
+ <to uri="bean:poaPolicy?method=process"/>\r
+</route>\r
--- /dev/null
+# Copyright © 2018 Amdocs
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-prop
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-dynamic
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/dynamic/routes/audit.route").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/dynamic/conf/audit-bean.xml").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/dynamic/routes/poaValidation.route").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/dynamic/conf/poa-validation-bean.xml").AsConfig . | indent 2 }}
--- /dev/null
+# Copyright © 2018 Amdocs
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ name: {{ include "common.name" . }}
+ spec:
+ initContainers:
+ - command:
+ - /bin/sh
+ - -c
+ - |
+ mkdir -p /logroot/data-router/logs
+ chmod -R 777 /logroot/data-router/logs
+ chown -R root:root /logroot
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ securityContext:
+ privileged: true
+ image: {{ .Values.global.dockerhubRepository | default .Values.dockerhubRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: init-sysctl
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /logroot/
+ containers:
+ - name: {{ include "common.name" . }}
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: SERVICE_BEANS
+ value: /opt/app/data-router/dynamic/conf
+ - name: CONFIG_HOME
+ value: /opt/app/data-router/config/
+ - name: KEY_STORE_PASSWORD
+ value: {{ .Values.config.keyStorePassword }}
+ - name: DYNAMIC_ROUTES
+ value: /opt/app/data-router/dynamic/routes
+ - name: KEY_MANAGER_PASSWORD
+ value: {{ .Values.config.keyManagerPassword }}
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: /opt/app/data-router/config/auth
+ name: {{ include "common.fullname" . }}-auth
+ - mountPath: /opt/app/data-router/config/data-router.properties
+ subPath: data-router.properties
+ name: {{ include "common.fullname" . }}-properties
+ - mountPath: /opt/app/data-router/config/schemaIngest.properties
+ subPath: schemaIngest.properties
+ name: {{ include "common.fullname" . }}-properties
+ - mountPath: /opt/app/data-router/dynamic/routes/audit.route
+ subPath: audit.route
+ name: {{ include "common.fullname" . }}-dynamic-route
+ - mountPath: /opt/app/data-router/dynamic/routes/poaValidation.route
+ subPath: poaValidation.route
+ name: {{ include "common.fullname" . }}-dynamic-route
+ - mountPath: /opt/app/data-router/dynamic/conf/audit-bean.xml
+ subPath: audit-bean.xml
+ name: {{ include "common.fullname" . }}-dynamic-policy
+ - mountPath: /opt/app/data-router/dynamic/conf/poa-validation-bean.xml
+ subPath: poa-validation-bean.xml
+ name: {{ include "common.fullname" . }}-dynamic-policy
+ - mountPath: /logs/
+ name: {{ include "common.fullname" . }}-logs
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end -}}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: {{ include "common.fullname" . }}-auth
+ secret:
+ secretName: {{ include "common.fullname" . }}
+ - name: {{ include "common.fullname" . }}-properties
+ configMap:
+ name: {{ include "common.fullname" . }}-prop
+ items:
+ - key: data-router.properties
+ path: data-router.properties
+ - key: schemaIngest.properties
+ path: schemaIngest.properties
+ - name: {{ include "common.fullname" . }}-dynamic-route
+ configMap:
+ name: {{ include "common.fullname" . }}-dynamic
+ - name: {{ include "common.fullname" . }}-dynamic-policy
+ configMap:
+ name: {{ include "common.fullname" . }}-dynamic
+ - name: {{ include "common.fullname" . }}-logs
+ persistentVolumeClaim:
+ claimName: {{ include "common.fullname" . }}
+ restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+ name: {{ include "common.fullname" . }}
+spec:
+ capacity:
+ storage: {{ .Values.persistence.size}}
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ hostPath:
+ path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
+{{- end -}}
--- /dev/null
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ .Release.Name }}"
+ heritage: "{{ .Release.Service }}"
+{{- if .Values.persistence.annotations }}
+ annotations:
+{{ toYaml .Values.persistence.annotations | indent 4 }}
+{{- end }}
+spec:
+ selector:
+ matchLabels:
+ name: {{ include "common.fullname" . }}
+ accessModes:
+ - {{ .Values.persistence.accessMode }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size }}
+{{- if .Values.persistence.storageClass }}
+{{- if (eq "-" .Values.persistence.storageClass) }}
+ storageClassName: ""
+{{- else }}
+ storageClassName: "{{ .Values.persistence.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
--- /dev/null
+# Copyright © 2018 Amdocs
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/auth/*").AsSecrets . | indent 2 }}
--- /dev/null
+# Copyright © 2018 Amdocs
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ .Values.service.name }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ annotations:
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.name }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.name }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
--- /dev/null
+# Copyright © 2018 Amdocs
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+# Default values for data-router.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+
+# Global configuration defaults
+global:
+ nodePortPrefix: 302
+ persistence: {}
+
+# application image
+repository: nexus3.onap.org:10001
+image: onap/data-router:1.3-STAGING-latest
+pullPolicy: Always
+restartPolicy: Always
+
+# BusyBox image
+busyboxRepository: registry.hub.docker.com
+busyboxImage: library/busybox:latest
+
+
+# application configuration
+config:
+ keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+ keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+
+readiness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+
+service:
+ name: pomba-data-router
+ type: NodePort
+ externalPort: 9502
+ internalPort: 9502
+ nodePort: 49
+
+ingress:
+ enabled: false
+
+persistence:
+ enabled: true
+
+ ## A manually managed Persistent Volume and Claim
+ ## Requires persistence.enabled: true
+ ## If defined, PVC must be created manually before volume will be bound
+ # existingClaim:
+ volumeReclaimPolicy: Retain
+
+ ## database data Persistent Volume Storage Class
+ ## If defined, storageClassName: <storageClass>
+ ## If set to "-", storageClassName: "", which disables dynamic provisioning
+ ## If undefined (the default) or set to null, no storageClassName spec is
+ ## set, choosing the default provisioner. (gp2 on AWS, standard on
+ ## GKE, AWS & OpenStack)
+ ##
+ ## storageClass: "-"
+ accessMode: ReadWriteMany
+ size: 2Gi
+ mountPath: /dockerdata-nfs
+ mountSubPath: pomba/data-router/logs
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ #
+ # Example:
+ # Configure resource requests and limits
+ # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+ # Minimum memory for development is 2 CPU cores and 4GB memory
+ # Minimum memory for production is 4 CPU cores and 8GB memory
+#resources:
+# limits:
+# cpu: 2
+# memory: 4Gi
+# requests:
+# cpu: 2
+# memory: 4Gi
readinessRepository: oomk8s
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
+ repository: nexus3.onap.org:10001
+ dockerhubRepository: docker.io
# application configuration
config: