From 16bdf241133bc2b448b89b445e489cbab76fcf25 Mon Sep 17 00:00:00 2001 From: Sylvain Desbureaux Date: Mon, 7 Dec 2020 10:28:24 +0100 Subject: [PATCH] [ROBOT] Reintegrate robot in main repository Robot chart is currently in its own directory. As a lot will be done in the charts with tight coordination between "common" part and components parts, it's a lot easier to have everything in a same place for now. we're using commit 85b5af5058bbda19b557add185d917f60c2188ee from robot Issue-ID: OOM-2645 Signed-off-by: Sylvain Desbureaux Change-Id: I7c187b616d3436ed2eab7bf7e95cb6a1a90edf31 --- .gitmodules | 5 - kubernetes/robot | 1 - kubernetes/robot/.gitignore | 3 + kubernetes/robot/.helmignore | 21 + kubernetes/robot/Chart.yaml | 18 + kubernetes/robot/INFO.yaml | 141 +++++++ kubernetes/robot/demo-k8s.sh | 235 +++++++++++ kubernetes/robot/ete-k8s.sh | 106 +++++ kubernetes/robot/eteHelm-k8s.sh | 60 +++ kubernetes/robot/instantiate-k8s.sh | 150 +++++++ kubernetes/robot/onap_dev.pvt | 27 ++ kubernetes/robot/requirements.yaml | 22 + .../config/eteshare/config/robot_properties.py | 345 ++++++++++++++++ .../robot/resources/config/lighttpd/authorization | 1 + .../robot/resources/config/lighttpd/lighttpd.conf | 57 +++ .../robot/resources/config/lighttpd/ssl/README.TXT | 13 + .../config/lighttpd/ssl/onap-robot.onap.crt | 22 + .../config/lighttpd/ssl/onap-robot.onap.csr | 18 + .../config/lighttpd/ssl/onap-robot.onap.key | 28 ++ .../config/lighttpd/ssl/onap-robot.onap.pem | 50 +++ kubernetes/robot/scripts/demoscript/README | 1 + kubernetes/robot/scripts/etescript/README | 1 + .../robot/scripts/etescript/hvves-etescript.sh | 77 ++++ .../robot/scripts/etescript/security-etescript.sh | 57 +++ .../robot/scripts/etescript/vnfsdk-etescript.sh | 49 +++ kubernetes/robot/scripts/helmscript/README | 1 + kubernetes/robot/templates/NOTES.txt | 25 ++ .../robot/templates/_ingress_svc_hostname.tpl | 157 +++++++ kubernetes/robot/templates/configmap.yaml | 52 +++ kubernetes/robot/templates/deployment.yaml | 117 ++++++ kubernetes/robot/templates/ingress.yaml | 1 + kubernetes/robot/templates/pv.yaml | 40 ++ kubernetes/robot/templates/pvc.yaml | 39 ++ kubernetes/robot/templates/service.yaml | 39 ++ kubernetes/robot/values.yaml | 453 +++++++++++++++++++++ 35 files changed, 2426 insertions(+), 6 deletions(-) delete mode 100644 .gitmodules delete mode 160000 kubernetes/robot create mode 100644 kubernetes/robot/.gitignore create mode 100644 kubernetes/robot/.helmignore create mode 100644 kubernetes/robot/Chart.yaml create mode 100644 kubernetes/robot/INFO.yaml create mode 100755 kubernetes/robot/demo-k8s.sh create mode 100755 kubernetes/robot/ete-k8s.sh create mode 100755 kubernetes/robot/eteHelm-k8s.sh create mode 100755 kubernetes/robot/instantiate-k8s.sh create mode 100644 kubernetes/robot/onap_dev.pvt create mode 100644 kubernetes/robot/requirements.yaml create mode 100644 kubernetes/robot/resources/config/eteshare/config/robot_properties.py create mode 100644 kubernetes/robot/resources/config/lighttpd/authorization create mode 100644 kubernetes/robot/resources/config/lighttpd/lighttpd.conf create mode 100644 kubernetes/robot/resources/config/lighttpd/ssl/README.TXT create mode 100644 kubernetes/robot/resources/config/lighttpd/ssl/onap-robot.onap.crt create mode 100644 kubernetes/robot/resources/config/lighttpd/ssl/onap-robot.onap.csr create mode 100644 kubernetes/robot/resources/config/lighttpd/ssl/onap-robot.onap.key create mode 100644 kubernetes/robot/resources/config/lighttpd/ssl/onap-robot.onap.pem create mode 100644 kubernetes/robot/scripts/demoscript/README create mode 100644 kubernetes/robot/scripts/etescript/README create mode 100755 kubernetes/robot/scripts/etescript/hvves-etescript.sh create mode 100755 kubernetes/robot/scripts/etescript/security-etescript.sh create mode 100755 kubernetes/robot/scripts/etescript/vnfsdk-etescript.sh create mode 100644 kubernetes/robot/scripts/helmscript/README create mode 100644 kubernetes/robot/templates/NOTES.txt create mode 100644 kubernetes/robot/templates/_ingress_svc_hostname.tpl create mode 100644 kubernetes/robot/templates/configmap.yaml create mode 100644 kubernetes/robot/templates/deployment.yaml create mode 100644 kubernetes/robot/templates/ingress.yaml create mode 100644 kubernetes/robot/templates/pv.yaml create mode 100644 kubernetes/robot/templates/pvc.yaml create mode 100644 kubernetes/robot/templates/service.yaml create mode 100644 kubernetes/robot/values.yaml diff --git a/.gitmodules b/.gitmodules deleted file mode 100644 index 3f0f4efe38..0000000000 --- a/.gitmodules +++ /dev/null @@ -1,5 +0,0 @@ -[submodule "kubernetes/robot"] - path = kubernetes/robot - url = ../testsuite/oom - branch = master - ignore = dirty diff --git a/kubernetes/robot b/kubernetes/robot deleted file mode 160000 index 85b5af5058..0000000000 --- a/kubernetes/robot +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 85b5af5058bbda19b557add185d917f60c2188ee diff --git a/kubernetes/robot/.gitignore b/kubernetes/robot/.gitignore new file mode 100644 index 0000000000..97a5360f8e --- /dev/null +++ b/kubernetes/robot/.gitignore @@ -0,0 +1,3 @@ +/.project +/.pydevproject +*.pyc \ No newline at end of file diff --git a/kubernetes/robot/.helmignore b/kubernetes/robot/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/robot/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/robot/Chart.yaml b/kubernetes/robot/Chart.yaml new file mode 100644 index 0000000000..577d2abc34 --- /dev/null +++ b/kubernetes/robot/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: A helm Chart for kubernetes-ONAP Robot +name: robot +version: 7.0.0 diff --git a/kubernetes/robot/INFO.yaml b/kubernetes/robot/INFO.yaml new file mode 100644 index 0000000000..6f159134b7 --- /dev/null +++ b/kubernetes/robot/INFO.yaml @@ -0,0 +1,141 @@ +--- +project: 'testsuite/oom' +project_creation_date: '2017-02-15' +lifecycle_state: 'Incubation' +project_lead: &onap_integration_ptl + name: 'Morgan Richomme' + email: 'morgan.richomme@orange.com' + id: 'mrichomme' + company: 'Orange' + timezone: 'France/Paris' +primary_contact: *onap_integration_ptl +project_category: '' +issue_tracking: + type: 'jira' + url: 'https://jira.onap.org/projects/TEST' + key: 'TEST' +mailing_list: + type: 'groups.io' + url: 'lists.onap.org' + tag: '<[sub-project_name]>' +realtime_discussion: '' +meetings: + - type: 'zoom' + agenda: 'https://wiki.onap.org/display/DW/Integration+Meeting+Minutes' + url: 'https://wiki.onap.org/pages/viewpage.action?pageId=6593670' + server: 'n/a' + channel: 'n/a' + repeats: 'weekly' + time: '14:00 UTC' +repositories: + - 'testsuite/oom' +committers: + - <<: *onap_integration_ptl + - name: 'Christophe Closset' + email: 'cc697w@intl.att.com' + company: 'ATT' + id: 'ChrisC' + timezone: 'Belgium/Namur' + - name: 'Daniel Rose' + email: 'DR695H@att.com' + company: 'ATT' + id: 'DR695H' + timezone: 'America/New_York' + - name: 'Marco Platania' + email: 'platania@research.att.com' + company: 'ATT' + id: 'platania' + timezone: 'America/New_York' + - name: 'Chengli Wang' + email: 'wangchengli@chinamobile.com' + company: 'China Mobile' + id: 'wangchengli' + timezone: 'China/Beijing' + - name: 'Brian Freeman' + email: 'bf1936@att.com' + company: 'AT&T' + id: 'bdfreeman1421' + timezone: 'America/New_York' + - name: 'Morgan Richomme' + email: 'morgan.richomme@orange.com' + company: 'orange' + id: 'mrichomme' + timezone: 'France/Paris' + - name: 'Bartek Grzybowski' + email: 'b.grzybowski@partner.samsung.com' + company: 'samsung' + id: 'bgrzybowski' + timezone: 'Poland/Warsaw' + - name: 'Marcin Przybysz' + email: 'marcin.przybysz@nokia.com' + company: 'nokia' + id: 'mprzybys' + timezone: 'Poland/Warsaw' + - name: 'Krzysztof Kuzmicki' + email: 'krzysztof.kuzmicki@nokia.com' + company: 'nokia' + id: 'kkuzmick' + timezone: 'Europe/Warsaw' + - name: 'Pawel Wieczorek' + email: 'p.wieczorek2@samsung.com' + company: 'samsung' + id: 'pwieczorek' + timezone: 'Europe/Warsaw' + - name: 'Andreas Geissler' + email: 'andreas-geissler@telekom.de' + company: 'Deutsche Telekom' + id: 'andreasgeissler' + timezone: 'Europe/Berlin' + - name: 'Michal Jagiello' + email: 'Michal.Jagiello@t-mobile.pl' + company: 'T-Mobile' + id: 'MichalJagielloTMPL' + timezone: 'Europe/Warsaw' + - name: 'Lukasz Rajewski' + email: 'lukasz.rajewski@orange.com' + company: 'Orange' + id: 'rajewluk' + timezone: 'Europe/Warsaw' + - name: 'Thierry Hardy' + email: 'thierry.hardy@orange.com' + company: 'orange' + id: 'jardellos' + timezone: 'Europe/Paris' + - name: 'Lasse Kaihlavirta' + email: 'l.kaihlavirt@partner.samsung.com' + company: 'samsung' + id: 'kaihlavi' + timezone: 'Europe/Helsinki' +tsc: + approval: 'https://lists.onap.org/pipermail/onap-tsc' + changes: + - type: 'Addition' + name: 'Morgan Richomme' + link: 'https://wiki.onap.org/display/DW/TSC+2019-10-17' + - type: 'Deletion' + name: 'Xiaolong Kong, Hector Anapan-Lavalle' + link: 'https://lists.onap.org/g/onap-discuss/message/19277' + - type: 'Addition' + name: 'Bartek, Marcin, Eric' + link: 'https://wiki.onap.org/display/DW/Integration+Team' + - type: 'Addition' + name: 'Krzysztof Kuzmicki' + link: 'https://lists.onap.org/g/onap-tsc/message/6232' + - type: 'Addition' + name: 'Pawel Wieczorek' + link: 'https://lists.onap.org/g/onap-tsc/message/6341' + - type: 'Addition' + name: 'Andreas Geissler' + link: 'https://lists.onap.org/g/onap-tsc/message/6342' + - type: 'Addition' + name: 'Michal Jagiello' + link: 'https://lists.onap.org/g/onap-tsc/message/7102' + - type: 'Addition' + name: 'Lukasz Rajewski' + link: 'https://lists.onap.org/g/onap-tsc/message/7102' + - type: 'Addition' + name: 'Thierry Hardy' + link: 'https://lists.onap.org/g/onap-tsc/message/7102' + - type: 'Addition' + name: 'Lasse Kaihlavirta' + link: 'https://lists.onap.org/g/onap-tsc/message/7280' diff --git a/kubernetes/robot/demo-k8s.sh b/kubernetes/robot/demo-k8s.sh new file mode 100755 index 0000000000..5d8fed829c --- /dev/null +++ b/kubernetes/robot/demo-k8s.sh @@ -0,0 +1,235 @@ +#!/bin/bash +# Copyright (C) 2018 Amdocs, Bell Canada +# Modifications Copyright (C) 2019 Samsung +# Modifications Copyright (C) 2020 Nokia +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Execute tags built to support the hands-on demo +# +function usage +{ + echo "Usage: demo-k8s.sh [] [execscript]" + echo " " + echo " demo-k8s.sh init" + echo " - Execute both init_customer + distribute" + echo " " + echo " demo-k8s.sh init_customer" + echo " - Create demo customer (Demonstration) and services, etc." + echo " " + echo " demo-k8s.sh distribute []" + echo " - Distribute demo models (demoVFW and demoVLB)" + echo " " + echo " demo-k8s.sh preload " + echo " - Preload data for VNF for the " + echo " " + echo " demo-k8s.sh appc " + echo " - provide APPC with vFW module mount point for closed loop" + echo " " + echo " demo-k8s.sh init_robot [ ]" + echo " - Initialize robot after all ONAP VMs have started" + echo " " + echo " demo-k8s.sh instantiateVFW" + echo " - Instantiate vFW module for the demo customer (DemoCust)" + echo " " + echo " demo-k8s.sh instantiateVFWdirectso csar_filename" + echo " - Instantiate vFW module using direct SO interface using previously distributed model " + echo " that is in /tmp/csar in robot container" + echo " " + echo " demo-k8s.sh instantiateVLB_CDS" + echo " - Instantiate vLB module using CDS with a preloaded CBA " + echo " " + echo " demo-k8s.sh deleteVNF " + echo " - Delete the module created by instantiateVFW" + echo " " + echo " demo-k8s.sh vfwclosedloop " + echo " - vFWCL: Sets the packet generator to high and low rates, and checks whether the policy " + echo " kicks in to modulate the rates back to medium" + echo " " + echo " demo-k8s.sh [] execscript" + echo " - Optional parameter to execute user custom scripts located in scripts/demoscript directory" + echo " " +} + +# Check if execscript flag is used and drop it from input arguments + +if [[ "${!#}" == "execscript" ]]; then + set -- "${@:1:$#-1}" + execscript=true +fi + +# Set the defaults + +echo "Number of parameters:" +echo $# + +if [ $# -lt 2 ];then + usage + exit +fi + +NAMESPACE=$1 +shift + +## +## if more than 1 tag is supplied, the must be provided with -i or -e +## +while [ $# -gt 0 ] +do + key="$1" + echo "KEY:" + echo $key + + case $key in + init_robot) + TAG="UpdateWebPage" + read -s -p "WEB Site Password for user 'test': " WEB_PASSWORD + if [ "$WEB_PASSWORD" = "" ]; then + echo "" + echo "WEB Password is required for user 'test'" + exit + fi + VARIABLES="$VARIABLES -v WEB_PASSWORD:$WEB_PASSWORD" + shift + if [ $# -eq 2 ];then + VARIABLES="$VARIABLES -v HOSTS_PREFIX:$1" + fi + shift + ;; + init) + TAG="InitDemo" + shift + ;; + vescollector) + TAG="vescollector" + shift + ;; + distribute_vcpe) + TAG="distributeVCPE" + shift + ;; + init_customer) + TAG="InitCustomer" + shift + ;; + distribute) + TAG="InitDistribution" + shift + if [ $# -eq 1 ];then + VARIABLES="$VARIABLES -v DEMO_PREFIX:$1" + fi + shift + ;; + preload) + TAG="PreloadDemo" + shift + if [ $# -ne 2 ];then + echo "Usage: demo-k8s.sh preload " + exit + fi + VARIABLES="$VARIABLES -v VNF_NAME:$1" + shift + VARIABLES="$VARIABLES -v MODULE_NAME:$1" + shift + ;; + appc) + TAG="APPCMountPointDemo" + shift + if [ $# -ne 1 ];then + echo "Usage: demo-k8s.sh appc " + exit + fi + VARIABLES="$VARIABLES -v MODULE_NAME:$1" + shift + ;; + instantiateVFW) + TAG="instantiateVFW" + VARIABLES="$VARIABLES -v GLOBAL_BUILD_NUMBER:$$" + shift + ;; + instantiateVFWdirectso) + TAG="instantiateVFWdirectso" + shift + if [ $# -ne 1 ];then + echo "Usage: demo-k8s.sh instantiateVFWdirectso " + exit + fi + VARIABLES="$VARIABLES -v CSAR_FILE:$1 -v GLOBAL_BUILD_NUMBER:$$" + shift + ;; + instantiateVLB_CDS) + TAG="instantiateVLB_CDS" + VARIABLES="$VARIABLES -v GLOBAL_BUILD_NUMBER:$$" + shift + ;; + deleteVNF) + TAG="deleteVNF" + shift + if [ $# -ne 1 ];then + echo "Usage: demo-k8s.sh deleteVNF " + exit + fi + VARFILE=$1.py + VARIABLES="$VARIABLES -V /share/${VARFILE}" + shift + ;; + cds) + TAG="cds" + shift + ;; + distributeVFWNG) + TAG="distributeVFWNG" + shift + ;; + distributeDemoVFWDT) + TAG="DistributeDemoVFWDT" + shift + ;; + instantiateDemoVFWDT) + TAG="instantiateVFWDT" + shift + ;; + vfwclosedloop) + TAG="vfwclosedloop" + shift + VARIABLES="$VARIABLES -v PACKET_GENERATOR_HOST:$1 -v pkg_host:$1" + shift + ;; + *) + usage + exit + esac +done + +set -x + +POD=$(kubectl --namespace $NAMESPACE get pods | sed 's/ .*//'| grep robot) + +DIR=$(dirname "$0") +SCRIPTDIR=scripts/demoscript + +ETEHOME=/var/opt/ONAP + +if [ $execscript ]; then + for script in $(ls -1 "$DIR/$SCRIPTDIR"); do + [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && source "$DIR/$SCRIPTDIR/$script" + done +fi + +export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l") +OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_demo_$key +DISPLAY_NUM=$(($GLOBAL_BUILD_NUMBER + 90)) + +VARIABLEFILES="-V /share/config/robot_properties.py" + +kubectl --namespace $NAMESPACE exec ${POD} -- ${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} -i ${TAG} --display $DISPLAY_NUM 2> ${TAG}.out diff --git a/kubernetes/robot/ete-k8s.sh b/kubernetes/robot/ete-k8s.sh new file mode 100755 index 0000000000..e3d05df0ef --- /dev/null +++ b/kubernetes/robot/ete-k8s.sh @@ -0,0 +1,106 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#!/bin/bash + +# +# Run the testsuite for the passed tag. Valid tags are listed in usage help +# Please clean up logs when you are done... +# +if [ "$1" == "" ] || [ "$2" == "" ]; then + echo "Usage: ete-k8s.sh [namespace] [tag] [execscript]" + echo "" + echo " List of test case tags (filename for intent: tag)" + echo "" + echo " cds.robot: cds" + echo "" + echo " clamp.robot: clamp" + echo "" + echo " demo.robot: InitDemo, InitCustomer, APPCCDTPreloadDemo, APPCMountPointDemo, DistributeDemoVFWDT, DistributeVFWNG," + echo " InitDistribution, PreloadDemo, deleteVNF, instantiateDemoVFWCL, instantiateVFW, " + echo " instantiateVFWCL, instantiateVFWDT, instantiateVFWCLDN" + echo "" + echo " health-check.robot: health, core, small, medium, 3rdparty, api, datarouter, externalapi, health-aaf, health-aai, health-appc," + echo " health-clamp, health-cli, health-dcae, health-dmaap, health-log, health-modeling, health-msb," + echo " health-multicloud, health-oof, health-policy, health-pomba, health-portal, health-sdc, health-sdnc," + echo " health-so, health-uui, health-vfc, health-vid, health-vnfsdk, healthdist, healthlogin, healthmr," + echo " healthportalapp, multicloud, oom" + echo "" + echo " hvves.robot: HVVES, ete" + echo "" + echo " model-distribution-vcpe.robot: distributevCPEResCust" + echo "" + echo " model-distribution.robot: distribute, distributeVFWDT, distributeVLB" + echo "" + echo " oof-*.robot: cmso, has, homing" + echo "" + echo " pnf-registration.robot: ete, pnf_registrate" + echo "" + echo " post-install-tests.robot: dmaapacl, postinstall" + echo "" + echo " sdc-dcae-d.robot: sdc-dcae-d" + echo "" + echo " security.robot: security" + echo "" + echo " update_onap_page.robot: UpdateWebPage" + echo "" + echo " vnf-orchestration-direct-so.robot: instantiateVFWdirectso" + echo "" + echo " vnf-orchestration.robot: instantiate, instantiateNoDelete, stability72hr" + echo "" + echo " [execscript] - optional parameter to execute user custom scripts located in scripts/etescript directory" + exit +fi + +set -x + +export NAMESPACE="$1" + +POD=$(kubectl --namespace $NAMESPACE get pods | sed 's/ .*//'| grep robot) + +TAGS="-i $2" + +DIR=$(dirname "$0") +SCRIPTDIR=scripts/etescript + +ETEHOME=/var/opt/ONAP + +if [[ "${!#}" == "execscript" ]]; then + for script in $(ls -1 "$DIR/$SCRIPTDIR"); do + [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && source "$DIR/$SCRIPTDIR/$script" + done +fi + +export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l") +OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_ete_$2 +DISPLAY_NUM=$(($GLOBAL_BUILD_NUMBER + 90)) + +VARIABLEFILES="-V /share/config/robot_properties.py" +VARIABLES="-v GLOBAL_BUILD_NUMBER:$$" + +case $2 in + security) + if [ -z "$NODEPORTS_FILE" ]; then + echo "Security tests require gathering additional information on ONAP cluster." + echo "It is unavailable from within Robot pod." + echo "" + echo "Rerun command with \"execscript\" argument, e.g." + echo "$ $0 onap security execscript" + exit + fi + VARIABLES="${VARIABLES} -v ACTUAL_NODEPORTS_FILE:${NODEPORTS_FILE}" + ;; +esac + +kubectl --namespace $NAMESPACE exec ${POD} -- ${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} ${TAGS} --display $DISPLAY_NUM diff --git a/kubernetes/robot/eteHelm-k8s.sh b/kubernetes/robot/eteHelm-k8s.sh new file mode 100755 index 0000000000..9f8cbb2faf --- /dev/null +++ b/kubernetes/robot/eteHelm-k8s.sh @@ -0,0 +1,60 @@ +# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#!/bin/bash + +# +# Run the health-check testsuites for the tags discovered by helm list +# Please clean up logs when you are done... +# +if [ "$1" == "" ] ; then + echo "Usage: eteHelm-k8s.sh [namespace] [execscript]" + echo " list projects via helm list and runs health-check with those tags except dev and dev-consul" + echo " [execscript] - optional parameter to execute user custom scripts located in scripts/helmscript directory" + exit +fi + +set -x + +export NAMESPACE="$1" + +POD=$(kubectl --namespace $NAMESPACE get pods | sed 's/ .*//'| grep robot) + +PROJECTS=$(helm list | tail -n +3 | grep '-' | cut -d' ' -f1 | sed -E 's/\w+-(\w+)/health-\1/g' | grep -v consul | grep -v nfs-provision) + +TAGS="" +for project in $PROJECTS ; +do +TAGS="$TAGS -i $project" +done + +DIR=$(dirname "$0") +SCRIPTDIR=scripts/helmscript + +ETEHOME=/var/opt/ONAP + +if [[ "${!#}" == "execscript" ]]; then + for script in $(ls -1 "$DIR/$SCRIPTDIR"); do + [ -f "$DIR/$SCRIPTDIR/$script" ] && [ -x "$DIR/$SCRIPTDIR/$script" ] && source "$DIR/$SCRIPTDIR/$script" + done +fi + +export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l") +OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_ete_helmlist +DISPLAY_NUM=$(($GLOBAL_BUILD_NUMBER + 90)) + +VARIABLEFILES="-V /share/config/robot_properties.py" +VARIABLES="-v GLOBAL_BUILD_NUMBER:$$" + +kubectl --namespace $NAMESPACE exec ${POD} -- ${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} ${TAGS} --display $DISPLAY_NUM diff --git a/kubernetes/robot/instantiate-k8s.sh b/kubernetes/robot/instantiate-k8s.sh new file mode 100755 index 0000000000..67fd403a12 --- /dev/null +++ b/kubernetes/robot/instantiate-k8s.sh @@ -0,0 +1,150 @@ +#!/bin/bash +# Copyright 2019 AT&T Intellectual Property. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +THIS_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" + +NAMESPACE= +FOLDER= +POLL=0 + +function check_required_parameter() { + # arg1 = parameter + # arg2 = parameter name + if [ -z "$1" ]; then + echo "$2 was not was provided. This parameter is required." + exit 1 + fi +} + +function check_optional_paramater() { + # arg1 = parameter + # arg2 = parameter name + if [ -z $1 ]; then + echo "$2" + else + echo "$1" + fi +} + +while test $# -gt 0; do + case "$1" in + -h|--help) + echo "./instantiate-k8s.sh [options]" + echo " " + echo "required:" + echo "-n, --namespace namespace that robot pod is running under." + echo "-f, --folder path to folder containing heat templates, preloads, and vnf-details.json." + echo " " + echo "additional options:" + echo "-p, --poll some cloud environments (like azure) have a short time out value when executing" + echo " kubectl. If your shell exits before the testsuite finishes, using this option" + echo " will poll the testsuite logs every 30 seconds until the test finishes." + echo " " + echo "This script executes the VNF instantiation robot testsuite." + echo "- It copies the VNF folder to the robot container that is part of the ONAP deployment." + echo "- It models, distributes, and instantiates a heat-based VNF." + echo "- It copies the logs to an output directory, and creates a tarball for upload to the OVP portal." + echo "" + exit 0 + ;; + -n|--namespace) + shift + NAMESPACE=$1 + shift + ;; + -f|--folder) + shift + FOLDER=$1 + shift + ;; + -p|--poll) + shift + POLL=1 + ;; + *) + echo "Unknown Argument $1. Try running with --help." + exit 0 + ;; + esac +done + +check_required_parameter "$NAMESPACE" "--namespace" +check_required_parameter "$FOLDER" "--folder" + +TAG="instantiate_vnf_ovp" + +if [ ! -d "$FOLDER" ]; then + echo "VNF folder $FOLDER does not exist, exiting." + exit 1 +fi + +BUILDNUM="$$" +OUTPUT_DIRECTORY=/tmp/vnfdata.${BUILDNUM} + +set -x + +POD=$(kubectl --namespace $NAMESPACE get pods | sed 's/ .*//'| grep robot) +export GLOBAL_BUILD_NUMBER=$(kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "ls -1q /share/logs/ | wc -l") +TAGS="-i $TAG" +ETEHOME=/var/opt/ONAP +OUTPUT_FOLDER=$(printf %04d $GLOBAL_BUILD_NUMBER)_ete_instantiate_vnf +DISPLAY_NUM=$(($GLOBAL_BUILD_NUMBER + 90)) +VARIABLEFILES="-V /share/config/robot_properties.py" +VARIABLES="$VARIABLES -v GLOBAL_BUILD_NUMBER:${BUILDNUM}" + +echo "Copying the VNF folder into robot pod..." +kubectl --namespace $NAMESPACE cp $FOLDER ${POD}:/tmp/vnfdata.${BUILDNUM} + + +echo "Executing instantiation..." + +if [ $POLL = 1 ]; then + kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} ${TAGS} --listener ${ETEHOME}/testsuite/eteutils/robotframework-onap/listeners/OVPListener.py --display $DISPLAY_NUM > /tmp/vnf_instantiation.$BUILDNUM.log 2>&1 &" + + pid=`kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "pgrep runTags.sh -n"` + + if [ -z "$pid" ]; then + echo "robot testsuite unable to start" + exit 1 + fi + + kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "while ps -p \"$pid\" --no-headers | grep -v defunct; do echo \$'\n\n'; echo \"Testsuite still running \"\`date\`; echo \"LOG FILE: \"; tail -10 /tmp/vnf_instantiation.$BUILDNUM.log; sleep 30; done" + +else + kubectl --namespace $NAMESPACE exec ${POD} -- bash -c "${ETEHOME}/runTags.sh ${VARIABLEFILES} ${VARIABLES} -d /share/logs/${OUTPUT_FOLDER} ${TAGS} --listener ${ETEHOME}/testsuite/eteutils/robotframework-onap/listeners/OVPListener.py --display $DISPLAY_NUM" +fi + +set +x + +echo "testsuite has finished" + +mkdir -p "$OUTPUT_DIRECTORY" +echo "Copying Results from pod..." + +kubectl --namespace $NAMESPACE cp ${POD}:share/logs/$OUTPUT_FOLDER/summary/report.json "$OUTPUT_DIRECTORY"/report.json +kubectl --namespace $NAMESPACE cp ${POD}:share/logs/$OUTPUT_FOLDER/summary/stack_report.json "$OUTPUT_DIRECTORY"/stack_report.json +kubectl --namespace $NAMESPACE cp ${POD}:share/logs/$OUTPUT_FOLDER/summary/results.json "$OUTPUT_DIRECTORY"/results.json +kubectl --namespace $NAMESPACE cp ${POD}:share/logs/$OUTPUT_FOLDER/log.html "$OUTPUT_DIRECTORY"/log.html + +pushd . + +# echo -e "import hashlib\nwith open(\"README.md\", \"r\") as f: bytes = f.read()\nreadable_hash = hashlib.sha256(bytes).hexdigest()\nprint(readable_hash)" | python + +cd "$OUTPUT_DIRECTORY" +tar -czvf vnf_heat_results.tar.gz * + +popd + +echo "VNF test results: $OUTPUT_DIRECTORY/vnf_heat_results.tar.gz" diff --git a/kubernetes/robot/onap_dev.pvt b/kubernetes/robot/onap_dev.pvt new file mode 100644 index 0000000000..81e334a684 --- /dev/null +++ b/kubernetes/robot/onap_dev.pvt @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpQIBAAKCAQEAylw4KKN/ljqnFBvP+blG5PNfsnM4MAuGPMsE5rkKmzcZWNaE +NGMXTFKlJ4YrUl7OUv8kbgFTmB8BoNpgrNtKACDaz/psQSOeOADCG/YrT4wrYKrR +NhFqOjJpxRmxweEsd14qBOxeFT7Ie42qbCMMzo260HvjLmtUxkOXeJ3xDkGmoJVy +yzxX7nO1m4WyWyukO6x6mX0XDsADF4A6AapcqinoisJ7pnXaNkcjU/JY2Jrwem7s ++ypzIp86O6gdLpLVU9ORR/UYNAk1h+Z6K5Rual4D9mrpC9IJNaYfIgLe7mC39ZLa +fiySNoGhei9P6pYvRJlQki69bid/EPAgX5YZIQIDAQABAoIBAQClDekkhI9ZqseC +qFjPuKaxsizZMg+faJb6WSHLSxzyk1OSWY6F6FklgLeC8HW/fuLNYZyGOYDEsG20 +lMqL02Wdiy7OutS3oOS5iyzIf9a90HfFJi706el6RIpvINETcaXCS0T8tQrcS1Rd +KqTaBRC6HXJGAPbBcvw3pwQSdskatU6a/Kt2a3x6DsqqinQcgEB/SbrDaJCUX9sb +F2HVUwdq7aZK1Lk0ozr1FID9mrhjwWuQ6XC+vjG0FqtyXeMpR5iaQ73hex3FXQ8z +OjkFbMwuHWSh1DSx70r5yFrrBqwQKnMsBqx4QDRf3fIENUnWviaL+n+gwcXA07af +4kaNUFUtAoGBAPuNNRAGhZnyZ9zguns9PM56nmeMUikV5dPN2DTbQb79cpfV+7pC +6PeSH/dTKFLz62d6qAM2EsNXQvewf8fipBVBRPsRqKOv+uepd01dHNy62I5B+zRm +be9Kbe+EN60qdzvyPM+2hV6CnvGv1dirimS9pu6RrxD2Rmz1ectnJE+rAoGBAM3w +UbSEemyZ6EKjck2RfdipzY0MNBnIZ2cUqHh8mmPXjdTLzpXb9vmPbHb01Qwo8MP+ +gMnTbTBOzyNAaHdIrCO9FHW6C85j3ot5Yzcr+EcBVcua+7KHU0Sgn44JNH8DisJ7 +Y63UP/1Xb4d1/QvHfxYy3WOvvRdVZ7pPo8JNX95jAoGAIe5CIg8/JizUZa7KeKUh +9pgDleQPkQsrHQ6/AyIwFBsLwf9THSS5V+uV9D57SfUs46Bf2U8J6N90YQSlt8iS +aWuManFPVgT+yxDIzt6obf2mCEpOIBtQ6N4ZRh2HhQwdWTCrkzkDdGQaHG+jYL6C +xGPwiG2ON7OAfGIAM7eN5lECgYEAhoRLWlaOgRGnHKAWsYQvZ67CjTdDcPPuVu6v +fMQnNMA/7JeTwV+E205L0wfpgZ/cZKmBBlQMJlnUA3q2wfO+PTnse1mjDJU/cGtB +22/lJLxChlQdxGeQhGtGzUhF+hEeOhrO6WSSx7CtMRZoy6Dr6lwfMFZCdVNcBd6v +YOOZk3ECgYEAseUKGb6E80XTVVNziyuiVbQCsI0ZJuRfqMZ2IIDQJU9u6AnGAway +itqHbkGsmDT+4HUz01+1JKnnw42RdSrHdU/LaOonD+RIGqe2x800QXzqASKLdCXr +y7RoiFqJtkdFQykzJemA+xOXvHLgKi/MXFsU90PCD0VJKLj8vwpX78Y= +-----END RSA PRIVATE KEY----- diff --git a/kubernetes/robot/requirements.yaml b/kubernetes/robot/requirements.yaml new file mode 100644 index 0000000000..cac9ba506f --- /dev/null +++ b/kubernetes/robot/requirements.yaml @@ -0,0 +1,22 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~7.x-0 + # local reference to common chart, as it is + # a part of this chart's package and will not + # be published independently to a repo (at this point) + repository: '@local' + diff --git a/kubernetes/robot/resources/config/eteshare/config/robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/robot_properties.py new file mode 100644 index 0000000000..ef12c9a848 --- /dev/null +++ b/kubernetes/robot/resources/config/eteshare/config/robot_properties.py @@ -0,0 +1,345 @@ +# Copyright (c) 2018 Amdocs, Bell Canada, and others +# Modifications Copyright (c) 2020 AT&T Intellectual Property +# Modifications Copyright (c) 2020 NOKIA Intellectual Property +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +GLOBAL_INJECTED_AAF_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "aaf-service") }}' +GLOBAL_INJECTED_AAI_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "aai") }}' +GLOBAL_INJECTED_APPC_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "appc") }}' +GLOBAL_INJECTED_APPC_CDT_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "appc-cdt") }}' +GLOBAL_INJECTED_ARTIFACTS_VERSION = '{{.Values.demoArtifactsVersion}}' +GLOBAL_INJECTED_ARTIFACTS_REPO_URL = "{{ .Values.demoArtifactsRepoUrl }}" +GLOBAL_INJECTED_CLAMP_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "clamp") }}' +GLOBAL_INJECTED_CLI_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "cli") }}' +GLOBAL_INJECTED_CLOUD_ENV = 'openstack' +GLOBAL_INJECTED_DCAE_COLLECTOR_IP = "{{ .Values.dcaeCollectorIp }}" +GLOBAL_INJECTED_DCAE_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "dcae-healthcheck") }}' +GLOBAL_INJECTED_DCAE_VES_HOST = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "dcae-ves-collector") }}' +GLOBAL_INJECTED_DMAAP_DR_PROV_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "dmaap-dr-prov") }}' +GLOBAL_INJECTED_DMAAP_DR_NODE_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "dmaap-dr-node") }}' +GLOBAL_INJECTED_DNS_IP_ADDR = 'N/A' +GLOBAL_INJECTED_DOCKER_VERSION = '1.2-STAGING-latest' +GLOBAL_INJECTED_EXTERNAL_DNS = 'N/A' +GLOBAL_INJECTED_LOG_ELASTICSEARCH_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "log-es") }}' +GLOBAL_INJECTED_LOG_KIBANA_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "log-kibana") }}' +GLOBAL_INJECTED_LOG_LOGSTASH_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "log-ls-http") }}' +GLOBAL_INJECTED_POMBA_AAI_CONTEXT_BUILDER_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "pomba-aaictxbuilder") }}' +GLOBAL_INJECTED_POMBA_SDC_CONTEXT_BUILDER_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "pomba-sdcctxbuilder") }}' +GLOBAL_INJECTED_POMBA_NETWORK_DISC_CONTEXT_BUILDER_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "pomba-networkdiscoveryctxbuilder") }}' +GLOBAL_INJECTED_POMBA_SERVICE_DECOMPOSITION_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "pomba-servicedecomposition") }}' +GLOBAL_INJECTED_POMBA_SDNC_CTX_BUILDER_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "pomba-sdncctxbuilder") }}' +GLOBAL_INJECTED_POMBA_NETWORKDISCOVERY_MICROSERVICE_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "pomba-networkdiscovery") }}' +GLOBAL_INJECTED_POMBA_VALIDATION_SERVICE_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "pomba-validation-service") }}' +GLOBAL_INJECTED_POMBA_KIBANA_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "pomba-kibana") }}' +GLOBAL_INJECTED_POMBA_ELASTIC_SEARCH_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "pomba-es") }}' +GLOBAL_INJECTED_POMBA_CONTEX_TAGGREGATOR_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "pomba-contextaggregator") }}' +GLOBAL_INJECTED_KEYSTONE = '{{ .Values.openStackKeyStoneUrl }}' +GLOBAL_INJECTED_MR_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "message-router") }}' +GLOBAL_INJECTED_BC_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "dmaap-bc") }}' +GLOBAL_INJECTED_MUSIC_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "music") }}' +GLOBAL_INJECTED_NBI_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "nbi") }}' +GLOBAL_INJECTED_NETWORK = '{{ .Values.openStackPrivateNetId }}' +GLOBAL_INJECTED_NEXUS_DOCKER_REPO = '{{ include "common.repository" . }}' +GLOBAL_INJECTED_NEXUS_PASSWORD = 'docker' +GLOBAL_INJECTED_NEXUS_REPO ='https://nexus.onap.org/content/sites/raw' +GLOBAL_INJECTED_NEXUS_USERNAME = 'docker' +GLOBAL_INJECTED_OOF_IP_ADDR = 'N/A' +GLOBAL_INJECTED_OOF_HOMING_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "oof-has-api") }}' +GLOBAL_INJECTED_OOF_SNIRO_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "oof-osdf") }}' +GLOBAL_INJECTED_OOF_CMSO_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "oof-cmso") }}' +GLOBAL_INJECTED_MSB_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "msb-iag") }}' +GLOBAL_INJECTED_OPENSTACK_API_KEY = '{{ .Values.config.openStackEncryptedPasswordHere}}' +GLOBAL_INJECTED_OPENSTACK_TENANT_ID = '{{ .Values.openStackTenantId }}' +GLOBAL_INJECTED_OPENSTACK_USERNAME = '{{ .Values.openStackUserName }}' +GLOBAL_INJECTED_OPENSTACK_PROJECT_NAME = '{{ .Values.openStackProjectName }}' +GLOBAL_INJECTED_OPENSTACK_DOMAIN_ID = '{{ .Values.openStackDomainId }}' +GLOBAL_INJECTED_OPENSTACK_USER_DOMAIN = '{{ .Values.openStackUserDomain }}' +GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION = '{{ .Values.openStackKeystoneAPIVersion }}' +GLOBAL_INJECTED_REGION_THREE = '{{ .Values.openStackRegionRegionThree }}' +GLOBAL_INJECTED_KEYSTONE_REGION_THREE = '{{ .Values.openStackKeyStoneUrlRegionThree }}' +GLOBAL_INJECTED_OPENSTACK_KEYSTONE_API_VERSION_REGION_THREE = '{{ .Values.openStackKeystoneAPIVersionRegionThree }}' +GLOBAL_INJECTED_OPENSTACK_USERNAME_REGION_THREE = '{{ .Values.openStackUserNameRegionThree }}' +GLOBAL_INJECTED_OPENSTACK_SO_ENCRYPTED_PASSWORD_REGION_THREE = '{{ .Values.openSackMsoEncryptdPasswordRegionThree }}' +GLOBAL_INJECTED_OPENSTACK_SO_ENCRYPTED_PASSWORD = '{{ .Values.config.openStackSoEncryptedPassword}}' +GLOBAL_INJECTED_OPENSTACK_TENANT_ID_REGION_THREE = '{{ .Values.openStackTenantIdRegionThree }}' +GLOBAL_INJECTED_OPENSTACK_PROJECT_DOMAIN_REGION_THREE = '{{ .Values.openStackProjectNameRegionThree }}' +GLOBAL_INJECTED_OPENSTACK_USER_DOMAIN_REGION_THREE = '{{ .Values.openStackDomainIdRegionThree }}' +GLOBAL_INJECTED_OPENSTACK_OAM_NETWORK_CIDR_PREFIX = '{{ .Values.openStackOamNetworkCidrPrefix }}' +GLOBAL_INJECTED_OPENSTACK_OAM_NETWORK_3RD_OCTET = '{{ .Values.openStackOamNetwork3rdOctet}}' +GLOBAL_INJECTED_OPENSTACK_PUBLIC_NETWORK = '{{ .Values.openStackPublicNetworkName }}' +GLOBAL_INJECTED_OPENSTACK_SECURITY_GROUP = '{{ .Values.openStackSecurityGroup }}' +GLOBAL_INJECTED_OPENSTACK_PRIVATE_SUBNET_ID = "{{ .Values.openStackPrivateSubnetId }}" +GLOBAL_INJECTED_OPENSTACK_PRIVATE_NET_CIDR = "{{ .Values.openStackPrivateNetCidr }}" +GLOBAL_INJECTED_POLICY_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "pdp") }}' +GLOBAL_INJECTED_POLICY_DROOLS_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "policy-drools-pdp") }}' +GLOBAL_INJECTED_PORTAL_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "portal-app") }}' +GLOBAL_INJECTED_POLICY_API_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "policy-api") }}' +GLOBAL_INJECTED_POLICY_PAP_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "policy-pap") }}' +GLOBAL_INJECTED_POLICY_DISTRIBUTION_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "policy-distribution") }}' +GLOBAL_INJECTED_POLICY_PDPX_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "policy-xacml-pdp") }}' +GLOBAL_INJECTED_POLICY_APEX_PDP_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "policy-apex-pdp") }}' +GLOBAL_INJECTED_PUBLIC_NET_ID = '{{ .Values.openStackPublicNetId }}' +GLOBAL_INJECTED_PRIVATE_KEY = "{{ .Files.Get .Values.vnfPrivateKey }}" +GLOBAL_INJECTED_PUBLIC_KEY = "{{ .Values.vnfPubKey }}" +GLOBAL_INJECTED_REGION = '{{ .Values.openStackRegion }}' +GLOBAL_INJECTED_SCRIPT_VERSION = '{{ .Values.scriptVersion }}' +GLOBAL_INJECTED_SDC_BE_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "sdc-be") }}' +GLOBAL_INJECTED_SDC_BE_ONBOARD_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "sdc-onboarding-be") }}' +GLOBAL_INJECTED_SDC_FE_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "sdc-fe") }}' +GLOBAL_INJECTED_SDC_DCAE_BE_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "sdc-dcae-be") }}' +GLOBAL_INJECTED_SDC_IP_ADDR = 'N/A' +GLOBAL_INJECTED_SDNC_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "sdnc") }}' +GLOBAL_INJECTED_SDNC_PORTAL_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "sdnc-portal") }}' +GLOBAL_INJECTED_SO_APIHAND_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "so") }}' +GLOBAL_INJECTED_SO_SDCHAND_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "so-sdc-controller") }}' +GLOBAL_INJECTED_SO_BPMN_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "so-bpmn-infra") }}' +GLOBAL_INJECTED_SO_CATDB_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "so-catalog-db-adapter") }}' +GLOBAL_INJECTED_SO_OPENSTACK_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "so-openstack-adapter") }}' +GLOBAL_INJECTED_SO_REQDB_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "so-request-db-adapter") }}' +GLOBAL_INJECTED_SO_SDNC_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "so-sdnc-adapter") }}' +GLOBAL_INJECTED_SO_VFC_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "so-vfc-adapter") }}' +GLOBAL_INJECTED_SO_VNFM_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "so-vnfm-adapter") }}' +GLOBAL_INJECTED_SO_NSSMF_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "so-nssmf-adapter") }}' +GLOBAL_INJECTED_UBUNTU_1404_IMAGE = '{{ .Values.ubuntu14Image }}' +GLOBAL_INJECTED_UBUNTU_1604_IMAGE = '{{ .Values.ubuntu16Image }}' +GLOBAL_INJECTED_VM_IMAGE_NAME = '{{ .Values.ubuntu14Image }}' +GLOBAL_INJECTED_DANOS_IMAGE_NAME = '{{ .Values.danosImage }}' +GLOBAL_INJECTED_DANOS_FLAVOR = '{{ .Values.danosFlavor }}' +GLOBAL_INJECTED_VID_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "vid") }}' +GLOBAL_INJECTED_VM_FLAVOR = '{{ .Values.openStackFlavourMedium }}' +GLOBAL_INJECTED_VNFSDK_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "refrepo") }}' +GLOBAL_INJECTED_CCSDK_CDS_BLUEPRINT_PROCESSOR_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "cds-blueprints-processor-http") }}' + +# aaf info - everything is from the private oam network (also called onap private network) +GLOBAL_AAF_SERVER = 'https://{{include "robot.ingress.svchost" (dict "root" . "hostname" "aaf-service") }}:{{include "robot.ingress.port" (dict "root" . "hostname" "aaf-service" "port" 8100) }}' +GLOBAL_AAF_USERNAME = '{{ .Values.aafUsername }}' +GLOBAL_AAF_PASSWORD = '{{ .Values.aafPassword }}' +GLOBAL_AAF_AUTHENTICATION = [GLOBAL_AAF_USERNAME, GLOBAL_AAF_PASSWORD] +# aai info - everything is from the private oam network (also called onap private network) +GLOBAL_AAI_SERVER_PROTOCOL = "https" +GLOBAL_AAI_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "aai" "port" 8443) }}' +GLOBAL_AAI_USERNAME = '{{ .Values.aaiUsername }}' +GLOBAL_AAI_PASSWORD = '{{ .Values.aaiPassword}}' +GLOBAL_AAI_AUTHENTICATION = [GLOBAL_AAI_USERNAME, GLOBAL_AAI_PASSWORD] +# appc info - everything is from the private oam network (also called onap private network) +GLOBAL_APPC_SERVER_PROTOCOL = "https" +GLOBAL_APPC_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "appc" "port" 8443) }}' +GLOBAL_APPC_USERNAME = '{{ .Values.appcUsername }}' +GLOBAL_APPC_PASSWORD = '{{ .Values.appcPassword }}' +GLOBAL_APPC_AUTHENTICATION = [GLOBAL_APPC_USERNAME, GLOBAL_APPC_PASSWORD] +GLOBAL_APPC_CDT_SERVER_PROTOCOL = "https" +GLOBAL_APPC_CDT_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "appc-cdt" "port" 18080) }}' +GLOBAL_APPC_CDT_USERNAME = "demo" +# sdc info - everything is from the private oam network (also called onap private network) +GLOBAL_SDC_SERVER_PROTOCOL = "https" +GLOBAL_SDC_FE_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "sdc-fe" "port" 9443) }}' +GLOBAL_SDC_BE_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "sdc-be" "port" 8443) }}' +GLOBAL_SDC_BE_ONBOARD_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "sdc-onboarding-be" "port" 8445) }}' +GLOBAL_SDC_DCAE_BE_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "sdc-dcae-be" "port" 8444) }}' +GLOBAL_SDC_USERNAME = "beep" +GLOBAL_SDC_PASSWORD = "boop" +GLOBAL_SDC_AUTHENTICATION = [GLOBAL_SDC_USERNAME, GLOBAL_SDC_PASSWORD] +# clamp info - everything is from the private oam network (also called onap private network) +GLOBAL_CLAMP_SERVER_PROTOCOL = "https" +GLOBAL_CLAMP_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "clamp" "port" 8443) }}' +# nbi info - everything is from the private oam network (also called onap private network) +GLOBAL_NBI_SERVER_PROTOCOL = "https" +GLOBAL_NBI_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "nbi" "port" 8443) }}' +# cli info - everything is from the private oam network (also called onap private network) +GLOBAL_CLI_SERVER_PROTOCOL = "https" +GLOBAL_CLI_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "cli" "port" 443) }}' +# dcae info - everything is from the private oam network (also called onap private network) +GLOBAL_DCAE_SERVER_PROTOCOL = "http" +GLOBAL_DCAE_HEALTH_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dcae-healthcheck" "port" 80) }}' +GLOBAL_DCAE_USERNAME = '{{ .Values.dcaeUsername }}' +GLOBAL_DCAE_PASSWORD = '{{ .Values.dcaePassword}}' +GLOBAL_DCAE_AUTHENTICATION = [GLOBAL_DCAE_USERNAME, GLOBAL_DCAE_PASSWORD] +# dcae hv-ves info +GLOBAL_DCAE_HVVES_SERVER_NAME = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "dcae-hv-ves-collector") }}' +GLOBAL_DCAE_HVVES_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dcae-hv-ves-collector" "port" 6061) }}' +# data router info - everything is from the private oam network (also called onap private network) +GLOBAL_DMAAP_DR_PROV_SERVER_PROTOCOL = "https" +GLOBAL_DMAAP_DR_PROV_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dmaap-dr-prov" "port" 443) }}' +GLOBAL_DMAAP_DR_NODE_SERVER_PROTOCOL = "https" +GLOBAL_DMAAP_DR_NODE_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dmapp-dr-node" "port" 8443) }}' +# dmaap message router info +GLOBAL_DMAAP_MESSAGE_ROUTER_SERVER_NAME = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "message-router") }}' +GLOBAL_DMAAP_MESSAGE_ROUTER_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "message-router" "port" 3904) }}' +# dmaap kafka info +GLOBAL_DMAAP_KAFKA_SERVER_NAME = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "message-router-kafka") }}' +GLOBAL_DMAAP_KAFKA_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "message-router-kafka" "port" 9092) }}' +GLOBAL_DMAAP_KAFKA_JAAS_USERNAME = '{{ .Values.kafkaJaasUsername }}' +GLOBAL_DMAAP_KAFKA_JAAS_PASSWORD = '{{ .Values.kafkaJaasPassword }}' +# DROOL server port and credentials +GLOBAL_DROOLS_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "policy-drools-pdp" "port" 9696) }}' +GLOBAL_DROOLS_USERNAME = '{{ .Values.droolsUsername }}' +GLOBAL_DROOLS_PASSWORD = '{{ .Values.droolsPassword }}' +GLOBAL_DROOLS_AUTHENTICATION = [GLOBAL_DROOLS_USERNAME, GLOBAL_DROOLS_PASSWORD] +# log server config - NOTE: no log server is run in HEAT; only on OOM +GLOBAL_LOG_SERVER_PROTOCOL = "http" +GLOBAL_LOG_ELASTICSEARCH_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "log-es" "port" 9200) }}' +GLOBAL_LOG_LOGSTASH_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "log-ls-http" "port" 9600) }}' +GLOBAL_LOG_KIBANA_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "log-kibana" "port" 5601) }}' +# pomba info - NOTE: no pomba is run in HEAT; only on OOM +GLOBAL_POMBA_SERVER_PROTOCOL_HTTP = "http" +GLOBAL_POMBA_SERVER_PROTOCOL_HTTPS = "https" +GLOBAL_POMBA_AAICONTEXTBUILDER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "pomba-aaictxbuilder" "port" 9530) }}' +GLOBAL_POMBA_SDCCONTEXTBUILDER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "pomba-sdcctxbuilder" "port" 9530) }}' +GLOBAL_POMBA_NETWORKDISCCONTEXTBUILDER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "pomba-networkdiscoveryctxbuilder" "port" 9530) }}' +GLOBAL_POMBA_SERVICEDECOMPOSITION_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "pomba-servicedecomposition" "port" 9532) }}' +GLOBAL_POMBA_SDNCCXTBUILDER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "pomba-sdncctxbuilder" "port" 9530) }}' +GLOBAL_POMBA_NETWORKDISCOVERY_MICROSERVICE_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "pomba-networkdiscovery" "port" 9531) }}' +GLOBAL_POMBA_VALIDATIONSERVICE_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "pomba-validation-service" "port" 9529) }}' +GLOBAL_POMBA_KIBANA_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "pomba-kibana" "port" 5601) }}' +GLOBAL_POMBA_ELASTICSEARCH_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "pomba-es" "port" 9200) }}' +GLOBAL_POMBA_CONTEXTAGGREGATOR_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "pomba-contextaggregator" "port" 9529) }}' + +# microservice bus info - everything is from the private oam network (also called onap private network) +GLOBAL_MSB_SERVER_PROTOCOL = "https" +GLOBAL_MSB_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "clamp" "port" 443) }}' +# message router info - everything is from the private oam network (also called onap private network) +GLOBAL_MR_SERVER_PROTOCOL = "http" +GLOBAL_MR_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "message-router" "port" 3904) }}' +# bus controller info +GLOBAL_BC_SERVER_PROTOCOL = "https" +GLOBAL_BC_HTTPS_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dmaap-bc" "port" 8443) }}' +GLOBAL_BC_USERNAME = '{{ .Values.bcUsername }}' +GLOBAL_BC_PASSWORD = '{{ .Values.bcPassword }}' +# dcae inventory and deployment handler info +GLOBAL_INVENTORY_SERVER_NAME = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "inventory") }}' +GLOBAL_INVENTORY_SERVER_PROTOCOL = "https" +GLOBAL_INVENTORY_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "inventory" "port" 8080) }}' +GLOBAL_DEPLOYMENT_HANDLER_SERVER_NAME = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "deployment-handler") }}' +GLOBAL_DEPLOYMENT_HANDLER_SERVER_PROTOCOL = "https" +GLOBAL_DEPLOYMENT_HANDLER_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "deployment-handler" "port" 8443) }}' +# SO containers - everything is from the private oam network (also called onap private network) +GLOBAL_SO_APIHAND_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "so" "port" 8080) }}' +GLOBAL_SO_SDCHAND_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "so-sdc-controller" "port" 8085) }}' +GLOBAL_SO_BPMN_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "so-bpmn-infra" "port" 8081) }}' +GLOBAL_SO_CATDB_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "so-catalog-db-adapter" "port" 8082) }}' +GLOBAL_SO_OPENSTACK_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "so-openstack-adapter" "port" 8087) }}' +GLOBAL_SO_REQDB_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "so-request-db-adapter" "port" 8083) }}' +GLOBAL_SO_SDNC_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "so-sdnc-adapter" "port" 8086) }}' +GLOBAL_SO_VFC_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "so-vfc-adapter" "port" 8084) }}' +GLOBAL_SO_VNFM_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "so-vnfm-adapter" "port" 9092) }}' +GLOBAL_SO_NSSMF_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "so-nssmf-adapter" "port" 8088) }}' +GLOBAL_SO_USERNAME = '{{ .Values.soUsername }}' +GLOBAL_SO_CATDB_USERNAME = '{{ .Values.soCatdbUsername }}' +# robot uses SO_PASSWORD for both SO and CATDB +GLOBAL_SO_PASSWORD = '{{ .Values.soPassword }}' +GLOBAL_SO_ENDPOINT = 'http://' + GLOBAL_INJECTED_SO_APIHAND_IP_ADDR + ':' + GLOBAL_SO_APIHAND_SERVER_PORT +GLOBAL_SO_APIHAND_ENDPOINT = GLOBAL_SO_ENDPOINT +GLOBAL_SO_SDCHAND_ENDPOINT = 'http://' + GLOBAL_INJECTED_SO_SDCHAND_IP_ADDR + ':' + GLOBAL_SO_SDCHAND_SERVER_PORT +GLOBAL_SO_BPMN_ENDPOINT = 'http://' + GLOBAL_INJECTED_SO_BPMN_IP_ADDR + ':' + GLOBAL_SO_BPMN_SERVER_PORT +GLOBAL_SO_CATDB_ENDPOINT = 'http://' + GLOBAL_INJECTED_SO_CATDB_IP_ADDR + ':' + GLOBAL_SO_CATDB_SERVER_PORT +GLOBAL_SO_OPENSTACK_ENDPOINT = 'http://' + GLOBAL_INJECTED_SO_OPENSTACK_IP_ADDR + ':' + GLOBAL_SO_OPENSTACK_SERVER_PORT +GLOBAL_SO_REQDB_ENDPOINT = 'http://' + GLOBAL_INJECTED_SO_REQDB_IP_ADDR + ':' + GLOBAL_SO_REQDB_SERVER_PORT +GLOBAL_SO_SDNC_ENDPOINT = 'http://' + GLOBAL_INJECTED_SO_SDNC_IP_ADDR + ':' + GLOBAL_SO_SDNC_SERVER_PORT +GLOBAL_SO_VFC_ENDPOINT = 'http://' + GLOBAL_INJECTED_SO_VFC_IP_ADDR + ':' + GLOBAL_SO_VFC_SERVER_PORT +GLOBAL_SO_VNFM_ENDPOINT = 'http://' + GLOBAL_INJECTED_SO_VNFM_IP_ADDR + ':' + GLOBAL_SO_VNFM_SERVER_PORT +GLOBAL_SO_NSSMF_ENDPOINT = 'http://' + GLOBAL_INJECTED_SO_NSSMF_IP_ADDR + ':' + GLOBAL_SO_NSSMF_SERVER_PORT +#GLOBAL_SO_VNFM_ENDPOINT = 'http://' + GLOBAL_INJECTED_SO_VNFM_IP_ADDR + ':' + GLOBAL_SO_VNFM_SERVER_PORT +# music info - everything is from the private oam network (also called onap private network) +GLOBAL_MUSIC_SERVER_PROTOCOL = "https" +GLOBAL_MUSIC_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "music" "port" 8443) }}' +# oof global info - everything is from the private oam network (also called onap private network) +GLOBAL_OOF_SERVER_PROTOCOL = "https" +# oof-homing info - everything is from the private oam network (also called onap private network) +GLOBAL_OOF_HOMING_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "oof-has-api" "port" 8091) }}' +GLOBAL_OOF_HOMING_USERNAME="{{ .Values.oofHomingUsername }}" +GLOBAL_OOF_HOMING_PASSWORD="{{ .Values.oofHomingPassword }}" +# oof-sniro info - everything is from the private oam network (also called onap private network) +GLOBAL_OOF_SNIRO_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "oof-osdf" "port" 8698) }}' +#oof user +GLOBAL_OOF_OSDF_USERNAME="{{ .Values.oofUsername }}" +GLOBAL_OOF_OSDF_PASSWORD="{{ .Values.oofPassword }}" +#oof pci user +GLOBAL_OOF_PCI_USERNAME="{{ .Values.oofOsdfPciOptUsername }}" +GLOBAL_OOF_PCI_PASSWORD="{{ .Values.oofOsdfPciOptPassword }}" +# oof cmso global info - everything is from the private oam network (also called onap private network) +GLOBAL_OOF_CMSO_PROTOCOL = "https" +GLOBAL_OOF_CMSO_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "oof-cmso" "port" 8080) }}' +GLOBAL_OOF_CMSO_USERNAME = "{{ .Values.oofCmsoUsername }}" +GLOBAL_OOF_CMSO_PASSWORD = "{{ .Values.oofCmsoPassword }}" +# openstack info - info to select right info in environment +# packet generate vnf info - everything is from the private oam network (also called onap private network) +GLOBAL_PACKET_GENERATOR_PORT = "8183" +GLOBAL_PACKET_GENERATOR_USERNAME = "admin" +GLOBAL_PACKET_GENERATOR_PASSWORD = "admin" +GLOBAL_PGN_PORT = "2831" +# policy info - everything is from the private oam network (also called onap private network) +GLOBAL_POLICY_SERVER_PROTOCOL = "https" +GLOBAL_POLICY_SERVER_PORT = "8081" +GLOBAL_POLICY_HEALTHCHECK_PORT = "6969" +GLOBAL_POLICY_AUTH = '{{ .Values.policyAuth}}' +GLOBAL_POLICY_CLIENTAUTH = '{{ .Values.policyClientAuth}}' +GLOBAL_POLICY_USERNAME = '{{ .Values.policyUsername }}' +GLOBAL_POLICY_PASSWORD = '{{ .Values.policyPassword }}' +GLOBAL_POLICY_HEALTHCHECK_USERNAME = '{{ .Values.policyComponentUsername }}' +GLOBAL_POLICY_HEALTHCHECK_PASSWORD = '{{ .Values.policyComponentPassword }}' +# portal info - everything is from the private oam network (also called onap private network) +GLOBAL_PORTAL_SERVER_PROTOCOL = "https" +GLOBAL_PORTAL_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "portal-app" "port" 8443) }}' +GLOBAL_PORTAL_USERNAME = '{{ .Values.portalUsername }}' +GLOBAL_PORTAL_PASSWORD = '{{ .Values.portalPassword }}' +# sdnc info - everything is from the private oam network (also called onap private network) +GLOBAL_SDNC_SERVER_PROTOCOL = "https" +GLOBAL_SDNC_REST_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "sdnc" "port" 8443) }}' +GLOBAL_SDNC_ADMIN_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "sdnc-portal" "port" 8443) }}' +GLOBAL_SDNC_USERNAME = '{{ .Values.sdncUsername }}' +GLOBAL_SDNC_PASSWORD = '{{ .Values.sdncPassword }}' +GLOBAL_SDNC_AUTHENTICATION = [GLOBAL_SDNC_USERNAME, GLOBAL_SDNC_PASSWORD] +# sms (AAF) info +GLOBAL_SMS_SERVER_PROTOCOL = "https" +GLOBAL_SMS_SERVER_NAME = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "aaf-sms") }}' +GLOBAL_SMS_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "aaf-sms" "port" 10443) }}' +# vid info - everything is from the private oam network (also called onap private network) +GLOBAL_VID_SERVER_PROTOCOL = '{{ .Values.vidServerProtocol }}' +GLOBAL_VID_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "clamp" "port" (.Values.vidServerPort | default 0 | int)) }}' +GLOBAL_VID_USERNAME = '{{ .Values.vidUsername }}' +GLOBAL_VID_PASSWORD = '{{ .Values.vidPassword}}' +GLOBAL_VID_HEALTH_USERNAME = '{{ .Values.vidHealthUsername }}' +GLOBAL_VID_HEALTH_PASSWORD = '{{ .Values.vidHealthPassword }}' +# vnfsdk info - everything is from the private oam network (also called onap private network) +GLOBAL_VNFSDK_SERVER_PROTOCOL = "https" +GLOBAL_VNFSDK_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "refrepo" "port" 8703) }}' + +GLOBAL_DCAE_VES_PROTOCOL = "http" +GLOBAL_DCAE_VES_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dcae-ves-collector" "port" 8080) }}' +GLOBAL_DCAE_VES_HTTPS_PROTOCOL = "https" +GLOBAL_DCAE_VES_HTTPS_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "dcae-ves-collector-https" "port" 8443) }}' +GLOBAL_DCAE_VES_USERNAME = 'sample1' +GLOBAL_DCAE_VES_PASSWORD = 'sample1' + + +#global selenium info +GLOBAL_PROXY_WARNING_TITLE="" +GLOBAL_PROXY_WARNING_CONTINUE_XPATH="" +# dns info +GLOBAL_DNS_TRAFFIC_DURATION = "600" +# location where heat templates and data are loaded from +GLOBAL_HEAT_TEMPLATES_FOLDER = "/var/opt/ONAP/demo/heat" +GLOBAL_PRELOAD_DATA_FOLDER = "/var/opt/ONAP/demo/preload-data" +# location where TOSCA artifacts are loaded from +GLOBAL_TOSCA_ONBOARDING_PACKAGES_FOLDER = "/var/opt/ONAP/demo/tosca" + + +# cds info - everything is from the private oam network (also called onap private network) +GLOBAL_CCSDK_CDS_SERVER_PROTOCOL = "http" +GLOBAL_CCSDK_CDS_HEALTH_SERVER_PORT = "8080" +GLOBAL_CCSDK_CDS_USERNAME = 'ccsdkapps' +GLOBAL_CCSDK_CDS_PASSWORD = 'ccsdkapps' +GLOBAL_CCSDK_CDS_AUTHENTICATION = [GLOBAL_CCSDK_CDS_USERNAME, GLOBAL_CCSDK_CDS_PASSWORD] +GLOBAL_CDS_AUTH = "Y2NzZGthcHBzOmNjc2RrYXBwcw==" + diff --git a/kubernetes/robot/resources/config/lighttpd/authorization b/kubernetes/robot/resources/config/lighttpd/authorization new file mode 100644 index 0000000000..9d6ff7fc29 --- /dev/null +++ b/kubernetes/robot/resources/config/lighttpd/authorization @@ -0,0 +1 @@ +{{ .Values.config.robotWebUser }}:{{ .Values.config.robotWebPassword }} diff --git a/kubernetes/robot/resources/config/lighttpd/lighttpd.conf b/kubernetes/robot/resources/config/lighttpd/lighttpd.conf new file mode 100644 index 0000000000..6c781a240b --- /dev/null +++ b/kubernetes/robot/resources/config/lighttpd/lighttpd.conf @@ -0,0 +1,57 @@ +server.document-root = "/var/opt/ONAP/html/" + +server.port = 88 + +server.username = "www-data" +server.groupname = "www-data" +server.errorlog = "/var/log/lighttpd/error.log" +accesslog.filename = "/var/log/lighttpd/access.log" + + +$SERVER["socket"] == ":443" { + ssl.engine = "enable" + ssl.pemfile = "/etc/lighttpd/ssl/onap-robot.onap.pem" + # ssl.ca-file = "/etc/lighttpd/ssl/CA_issuing.crt" + server.name = "robot-onap.onap.org" + #server.document-root = "/var/opt/ONAP/html/" + #server.errorlog = "/var/log/lighttpd/robot_onap.onap.org.error.log" + #accesslog.filename = "/var/log/lighttpd/robot_onap.onap.org.access.log" +} + + + +dir-listing.activate = "disable" + +alias.url = ( "/logs/" => "/share/logs/" ) +$HTTP["url"] =~ "^/logs/" { + dir-listing.activate = "enable" +} + +mimetype.assign = ( + ".log" => "text/plain", + ".txt" => "text/plain", + ".png" => "image/png", + ".html" => "text/html", + ".xml" => "text/xml" +) + +static-file.exclude-extensions = ( ".fcgi", ".php", ".rb", "~", ".inc", ".cgi" ) +index-file.names = ( "index.html" ) + +server.modules += ( "mod_auth" ) +server.modules += ( "mod_alias" ) +server.modules += ( "mod_compress" ) +server.modules += ( "mod_accesslog" ) +auth.debug = 2 +auth.backend = "plain" +auth.backend.plain.userfile = "/etc/lighttpd/authorization" +auth.require = ( "/" => +( +"method" => "basic", +"realm" => "Password protected area", +"require" => "valid-user" +) +) + +compress.cache-dir = "/var/cache/lighttpd/compress/" +compress.filetype = ("application/x-javascript", "text/css", "text/html", "text/plain") diff --git a/kubernetes/robot/resources/config/lighttpd/ssl/README.TXT b/kubernetes/robot/resources/config/lighttpd/ssl/README.TXT new file mode 100644 index 0000000000..4a56cb5dfa --- /dev/null +++ b/kubernetes/robot/resources/config/lighttpd/ssl/README.TXT @@ -0,0 +1,13 @@ +The following self-signed certificates were created for testing only. +You can replace them with your own if appropriate using this process or official certificates using what ever process is appropriate. + + +# create key and csr +openssl req -new -newkey rsa:2048 -nodes -keyout onap-robot.onap.key -out onap-robot.onap.csr + +# sign csr +# 10 year self signed certificate +openssl x509 -req -days 3650 -in onap-robot.onap.csr -signkey onap-robot.onap.key -out onap-robot.onap.crt + +# create PEM for lighttpd server +cat onap-robot.onap.key onap-robot.onap.crt > onap-robot.onap.pem diff --git a/kubernetes/robot/resources/config/lighttpd/ssl/onap-robot.onap.crt b/kubernetes/robot/resources/config/lighttpd/ssl/onap-robot.onap.crt new file mode 100644 index 0000000000..e5db8b2abc --- /dev/null +++ b/kubernetes/robot/resources/config/lighttpd/ssl/onap-robot.onap.crt @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDnzCCAocCFHlPuTueraFMC0IbbHUFBUlD/79aMA0GCSqGSIb3DQEBCwUAMIGL +MQswCQYDVQQGEwJVUzELMAkGA1UECAwCTkoxEzARBgNVBAcMCk1pZGRsZXRvd24x +DTALBgNVBAoMBE9OQVAxDjAMBgNVBAsMBXJvYm90MRwwGgYDVQQDDBNyb2JvdC1v +bmFwLm9uYXAub3JnMR0wGwYJKoZIhvcNAQkBFg5yb2JvdEBvbmFwLm9yZzAeFw0y +MDAzMzAxNDM5MzlaFw0zMDAzMjgxNDM5MzlaMIGLMQswCQYDVQQGEwJVUzELMAkG +A1UECAwCTkoxEzARBgNVBAcMCk1pZGRsZXRvd24xDTALBgNVBAoMBE9OQVAxDjAM +BgNVBAsMBXJvYm90MRwwGgYDVQQDDBNyb2JvdC1vbmFwLm9uYXAub3JnMR0wGwYJ +KoZIhvcNAQkBFg5yb2JvdEBvbmFwLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBALxJ/YnjSMMLyY+DoGXEOi57AuVMNWJ6L43FJoy4MUGlWw1BT/gM +0yXDlEYX7rFcP+/74CtK5VwL/T5WyGYehj4JanxeS+Debyx4iLR3Ge0So1TGVcLg +wSwvU2Yt3GIpWSDsui6fBJLaH9ka4phf0mu55WljoA8814pyd2HCu/4MdPuWGISE +PPeH6DzUDIQ8srUF3i9EkDwBtQtlj4XLSOeGaEo6DQNPABr5Ft8EkJ3jwi9uw92G +ofU+PQeXszWGUcHMN12yEJErqsmlGJEi9Fr9c3tyWk7LLj0NPtdaPKAE2R9AUvFW +1WmJ/Lb8lkHezj23V8+wlCbJJkcV8+E3c90CAwEAATANBgkqhkiG9w0BAQsFAAOC +AQEAIW7KCq4gqjVQQ5aFqSEmbS65pAeyrt58NQxj6UgOYrHe+IJ5EHLiKmRW6XGe +RbtYXSrBhj6E0wF7mWda5sd5r+GZuMjx3BkRKCo59yQnHKYheuuoXIFx1odkmBdl +uq8ccVsL3W+xoBuMdhW3E7Q83xvE+0lINki9rhrmdGItHee3y5KyBYopf0BjZtCS +EV601NnSBDktlMPSt4pFfptr4+lUh/6MDj548cygwk9NexFCwY7+YhjEAPfqH6p3 +BI3QlDYQslBCv8By4JtQqhFs3t6OAjSILfwQfxdS4OT2FK6NZyEBpd1mdbS3CyS7 +qke87AT49x1wbGgsSeldZShErg== +-----END CERTIFICATE----- diff --git a/kubernetes/robot/resources/config/lighttpd/ssl/onap-robot.onap.csr b/kubernetes/robot/resources/config/lighttpd/ssl/onap-robot.onap.csr new file mode 100644 index 0000000000..5e4cc9ff5c --- /dev/null +++ b/kubernetes/robot/resources/config/lighttpd/ssl/onap-robot.onap.csr @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIC0TCCAbkCAQAwgYsxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJOSjETMBEGA1UE +BwwKTWlkZGxldG93bjENMAsGA1UECgwET05BUDEOMAwGA1UECwwFcm9ib3QxHDAa +BgNVBAMME3JvYm90LW9uYXAub25hcC5vcmcxHTAbBgkqhkiG9w0BCQEWDnJvYm90 +QG9uYXAub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEn9ieNI +wwvJj4OgZcQ6LnsC5Uw1YnovjcUmjLgxQaVbDUFP+AzTJcOURhfusVw/7/vgK0rl +XAv9PlbIZh6GPglqfF5L4N5vLHiItHcZ7RKjVMZVwuDBLC9TZi3cYilZIOy6Lp8E +ktof2RrimF/Sa7nlaWOgDzzXinJ3YcK7/gx0+5YYhIQ894foPNQMhDyytQXeL0SQ +PAG1C2WPhctI54ZoSjoNA08AGvkW3wSQnePCL27D3Yah9T49B5ezNYZRwcw3XbIQ +kSuqyaUYkSL0Wv1ze3JaTssuPQ0+11o8oATZH0BS8VbVaYn8tvyWQd7OPbdXz7CU +JskmRxXz4Tdz3QIDAQABoAAwDQYJKoZIhvcNAQELBQADggEBAJYVG3C4fgHb7Vip +aqsyRI6kQNjxFwwjnHY0AEwuzr1K+D2dGXXDtTP9RPZQIp3PZyvKrZNqs4O45290 +lvY+bytW1WLQ6h3cZqKgIUEXU2tycLITPQDz+Fu45R20a1RT65EWv523mpgzJoOY +61V9aVB1KKfPr4cddMHbq9fYvUKz2KVDTNBVQSYcO2125hv1xpUa1ZbZN15SJazH +JWW9FMTCSgWp6yYTBYKAl8S8WTNBeAKJq1ZVw1q/KhHpj+jqjm7rn6lgIQi9gTES +DNP4j5SBdL0O5HIk5KqW/3uhS0YlL9Yi9Cqxo35RAbMkUMKDdqtlTObU3tH/jtXC +2YPImm4= +-----END CERTIFICATE REQUEST----- diff --git a/kubernetes/robot/resources/config/lighttpd/ssl/onap-robot.onap.key b/kubernetes/robot/resources/config/lighttpd/ssl/onap-robot.onap.key new file mode 100644 index 0000000000..7bf9fc0c3a --- /dev/null +++ b/kubernetes/robot/resources/config/lighttpd/ssl/onap-robot.onap.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC8Sf2J40jDC8mP +g6BlxDouewLlTDViei+NxSaMuDFBpVsNQU/4DNMlw5RGF+6xXD/v++ArSuVcC/0+ +VshmHoY+CWp8Xkvg3m8seIi0dxntEqNUxlXC4MEsL1NmLdxiKVkg7LounwSS2h/Z +GuKYX9JrueVpY6APPNeKcndhwrv+DHT7lhiEhDz3h+g81AyEPLK1Bd4vRJA8AbUL +ZY+Fy0jnhmhKOg0DTwAa+RbfBJCd48IvbsPdhqH1Pj0Hl7M1hlHBzDddshCRK6rJ +pRiRIvRa/XN7clpOyy49DT7XWjygBNkfQFLxVtVpify2/JZB3s49t1fPsJQmySZH +FfPhN3PdAgMBAAECggEAXqbPRm60GCCnzXY8vou7N7xswznhKEUF/L2b2GeLk1V9 +hRdNDQPdbQF5WxcSzaPzHD/A++JllDUOtDTJ/tPfZfYzyptYh40p0/AvwJCSvuN8 +qdQeLp3vXbfYs+ff/pSMkomOOnuDwBLYqbnjKPgafj7v/V+wiZhrPdS3ALT07gsW +MKb4MjAYKwFCbENgMurb4VNL+LgwJFXJNvlRW3r1IO37aXdGiHO5XdrQ6aNDzfmR +ljaAndScwpleRwZorl4Gh0JPn46fpkJPQPNAcejKs1zzxbdjtd/xBS84DuOMryfT +hEfiyU0t5kfir4XufLxtUB9M0FkmpPUQ24Rt5x8/4QKBgQDjYCMbxRNw3o+p1jgR +TsWx2hExhvQJHKPT1MwFcOTqA+VoaPyMUsT5tdkVr2xdqyVjZDbUWQOd5hll6urL +thvYSJz09eGGPuHTMvsktwer/oW3FAIbkPEA0a7EHaNuGbacLVtPn79vJ9IyQl1B +J4DALDW3mU05FV83PWZwDQe1hQKBgQDT/iwnALH7P5IC6dLwSfqFZU8BJ3BrTMs0 +708Oak+iHOWWWkTEpR1PF3EPkM1sdrscLcV6IiqNNRIjOKTbNtloSGMPAyVAxDxb +NiJseP0a3w/XzDiO5H1x3HmYvf2tYLss9cjUKG5ikeVZhfgcUY3pypJ9BcCuCHjg +vkk0dtSIeQKBgQDcQLhBojoez7jij/xn56JhkhetnkiuuuuHu06WxrE4buW+qlRZ +qaPdMGZFN1UFt0/UY7MpJ8D1J3va2iDvjEyUymIgeD4qSKeAapYVDqeD2F225s7T +3SdX38Yne35gnM/joZweGWTbS/u1a8vh3V4+yZSPcRT5AtblL7kXOcgJ8QKBgDbH +nFMry9IX2DwmfdqX00O7LRIoRdWET5JLMIuSDyfd/bm/c7u4yv0QGqgiC+M2Px2F ++lyYDZTVnO07CuaWotFeuzI65tp4mvwa3gRXs1fJQkfKPuc1xfCxPz6oAbBWqadx +j8a69+NCvhhHFRkEPf6m2Pmzjdmq2MmCglorRrpJAoGBAMNRu3it7Pp+9xgj3aFe +IfcnVwd3vwzXyw2ABinHXOqSRx52Dm4J7QDY9d+vOrcbwZyEIt5QdBJesAREAuLf +GsM0FH2qi02kJ679P/fhnbq9B9dPYxpGFV5LlZWN/ulW74fFzIuVB3yPsS3POnm1 +xDhKSqihCH6X84ub/5Qz9boQ +-----END PRIVATE KEY----- diff --git a/kubernetes/robot/resources/config/lighttpd/ssl/onap-robot.onap.pem b/kubernetes/robot/resources/config/lighttpd/ssl/onap-robot.onap.pem new file mode 100644 index 0000000000..abf8f81c58 --- /dev/null +++ b/kubernetes/robot/resources/config/lighttpd/ssl/onap-robot.onap.pem @@ -0,0 +1,50 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC8Sf2J40jDC8mP +g6BlxDouewLlTDViei+NxSaMuDFBpVsNQU/4DNMlw5RGF+6xXD/v++ArSuVcC/0+ +VshmHoY+CWp8Xkvg3m8seIi0dxntEqNUxlXC4MEsL1NmLdxiKVkg7LounwSS2h/Z +GuKYX9JrueVpY6APPNeKcndhwrv+DHT7lhiEhDz3h+g81AyEPLK1Bd4vRJA8AbUL +ZY+Fy0jnhmhKOg0DTwAa+RbfBJCd48IvbsPdhqH1Pj0Hl7M1hlHBzDddshCRK6rJ +pRiRIvRa/XN7clpOyy49DT7XWjygBNkfQFLxVtVpify2/JZB3s49t1fPsJQmySZH +FfPhN3PdAgMBAAECggEAXqbPRm60GCCnzXY8vou7N7xswznhKEUF/L2b2GeLk1V9 +hRdNDQPdbQF5WxcSzaPzHD/A++JllDUOtDTJ/tPfZfYzyptYh40p0/AvwJCSvuN8 +qdQeLp3vXbfYs+ff/pSMkomOOnuDwBLYqbnjKPgafj7v/V+wiZhrPdS3ALT07gsW +MKb4MjAYKwFCbENgMurb4VNL+LgwJFXJNvlRW3r1IO37aXdGiHO5XdrQ6aNDzfmR +ljaAndScwpleRwZorl4Gh0JPn46fpkJPQPNAcejKs1zzxbdjtd/xBS84DuOMryfT +hEfiyU0t5kfir4XufLxtUB9M0FkmpPUQ24Rt5x8/4QKBgQDjYCMbxRNw3o+p1jgR +TsWx2hExhvQJHKPT1MwFcOTqA+VoaPyMUsT5tdkVr2xdqyVjZDbUWQOd5hll6urL +thvYSJz09eGGPuHTMvsktwer/oW3FAIbkPEA0a7EHaNuGbacLVtPn79vJ9IyQl1B +J4DALDW3mU05FV83PWZwDQe1hQKBgQDT/iwnALH7P5IC6dLwSfqFZU8BJ3BrTMs0 +708Oak+iHOWWWkTEpR1PF3EPkM1sdrscLcV6IiqNNRIjOKTbNtloSGMPAyVAxDxb +NiJseP0a3w/XzDiO5H1x3HmYvf2tYLss9cjUKG5ikeVZhfgcUY3pypJ9BcCuCHjg +vkk0dtSIeQKBgQDcQLhBojoez7jij/xn56JhkhetnkiuuuuHu06WxrE4buW+qlRZ +qaPdMGZFN1UFt0/UY7MpJ8D1J3va2iDvjEyUymIgeD4qSKeAapYVDqeD2F225s7T +3SdX38Yne35gnM/joZweGWTbS/u1a8vh3V4+yZSPcRT5AtblL7kXOcgJ8QKBgDbH +nFMry9IX2DwmfdqX00O7LRIoRdWET5JLMIuSDyfd/bm/c7u4yv0QGqgiC+M2Px2F ++lyYDZTVnO07CuaWotFeuzI65tp4mvwa3gRXs1fJQkfKPuc1xfCxPz6oAbBWqadx +j8a69+NCvhhHFRkEPf6m2Pmzjdmq2MmCglorRrpJAoGBAMNRu3it7Pp+9xgj3aFe +IfcnVwd3vwzXyw2ABinHXOqSRx52Dm4J7QDY9d+vOrcbwZyEIt5QdBJesAREAuLf +GsM0FH2qi02kJ679P/fhnbq9B9dPYxpGFV5LlZWN/ulW74fFzIuVB3yPsS3POnm1 +xDhKSqihCH6X84ub/5Qz9boQ +-----END PRIVATE KEY----- +-----BEGIN CERTIFICATE----- +MIIDnzCCAocCFHlPuTueraFMC0IbbHUFBUlD/79aMA0GCSqGSIb3DQEBCwUAMIGL +MQswCQYDVQQGEwJVUzELMAkGA1UECAwCTkoxEzARBgNVBAcMCk1pZGRsZXRvd24x +DTALBgNVBAoMBE9OQVAxDjAMBgNVBAsMBXJvYm90MRwwGgYDVQQDDBNyb2JvdC1v +bmFwLm9uYXAub3JnMR0wGwYJKoZIhvcNAQkBFg5yb2JvdEBvbmFwLm9yZzAeFw0y +MDAzMzAxNDM5MzlaFw0zMDAzMjgxNDM5MzlaMIGLMQswCQYDVQQGEwJVUzELMAkG +A1UECAwCTkoxEzARBgNVBAcMCk1pZGRsZXRvd24xDTALBgNVBAoMBE9OQVAxDjAM +BgNVBAsMBXJvYm90MRwwGgYDVQQDDBNyb2JvdC1vbmFwLm9uYXAub3JnMR0wGwYJ +KoZIhvcNAQkBFg5yb2JvdEBvbmFwLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBALxJ/YnjSMMLyY+DoGXEOi57AuVMNWJ6L43FJoy4MUGlWw1BT/gM +0yXDlEYX7rFcP+/74CtK5VwL/T5WyGYehj4JanxeS+Debyx4iLR3Ge0So1TGVcLg +wSwvU2Yt3GIpWSDsui6fBJLaH9ka4phf0mu55WljoA8814pyd2HCu/4MdPuWGISE +PPeH6DzUDIQ8srUF3i9EkDwBtQtlj4XLSOeGaEo6DQNPABr5Ft8EkJ3jwi9uw92G +ofU+PQeXszWGUcHMN12yEJErqsmlGJEi9Fr9c3tyWk7LLj0NPtdaPKAE2R9AUvFW +1WmJ/Lb8lkHezj23V8+wlCbJJkcV8+E3c90CAwEAATANBgkqhkiG9w0BAQsFAAOC +AQEAIW7KCq4gqjVQQ5aFqSEmbS65pAeyrt58NQxj6UgOYrHe+IJ5EHLiKmRW6XGe +RbtYXSrBhj6E0wF7mWda5sd5r+GZuMjx3BkRKCo59yQnHKYheuuoXIFx1odkmBdl +uq8ccVsL3W+xoBuMdhW3E7Q83xvE+0lINki9rhrmdGItHee3y5KyBYopf0BjZtCS +EV601NnSBDktlMPSt4pFfptr4+lUh/6MDj548cygwk9NexFCwY7+YhjEAPfqH6p3 +BI3QlDYQslBCv8By4JtQqhFs3t6OAjSILfwQfxdS4OT2FK6NZyEBpd1mdbS3CyS7 +qke87AT49x1wbGgsSeldZShErg== +-----END CERTIFICATE----- diff --git a/kubernetes/robot/scripts/demoscript/README b/kubernetes/robot/scripts/demoscript/README new file mode 100644 index 0000000000..aad63f4b24 --- /dev/null +++ b/kubernetes/robot/scripts/demoscript/README @@ -0,0 +1 @@ +Directory contains scripts that will be run before 'demo' tests. diff --git a/kubernetes/robot/scripts/etescript/README b/kubernetes/robot/scripts/etescript/README new file mode 100644 index 0000000000..380787e16e --- /dev/null +++ b/kubernetes/robot/scripts/etescript/README @@ -0,0 +1 @@ +Directory contains scripts that will be run before 'ete' tests. diff --git a/kubernetes/robot/scripts/etescript/hvves-etescript.sh b/kubernetes/robot/scripts/etescript/hvves-etescript.sh new file mode 100755 index 0000000000..5d22c4b4fe --- /dev/null +++ b/kubernetes/robot/scripts/etescript/hvves-etescript.sh @@ -0,0 +1,77 @@ +# Copyright © 2019 Nokia +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#!/bin/bash + +# +# Generate HV-VES SSL related certs. +# Copy the stuff to HV-VES and Robot pods. +# + + +HVVESPOD=$(kubectl -n $NAMESPACE get pods --no-headers=true -o custom-columns=:metadata.name | grep hv-ves) + + +generate_ca_key_cert () { + openssl genrsa -out $1/ca.key 2048 + openssl req -new -x509 -days 36500 -key $1/ca.key -out $1/ca.pem -subj /CN=dcae-hv-ves-ca.onap +} + +generate_server_key_csr () { + openssl genrsa -out $1/server.key 2048 + openssl req -new -key $1/server.key -out $1/server.csr -subj /CN=dcae-hv-ves-collector.onap +} + +generate_client_key_csr () { + openssl genrsa -out $1/client.key 2048 + openssl req -new -key $1/client.key -out $1/client.csr -subj /CN=dcae-hv-ves-client.onap +} + +sign_server_and_client_cert () { + openssl x509 -req -days 36500 -in $1/server.csr -CA $1/ca.pem -CAkey $1/ca.key -out $1/server.pem -set_serial 00 + openssl x509 -req -days 36500 -in $1/client.csr -CA $1/ca.pem -CAkey $1/ca.key -out $1/client.pem -set_serial 00 +} + +create_pkcs12_ca_and_server () { + openssl pkcs12 -export -out $1/ca.p12 -inkey $1/ca.key -in $1/ca.pem -passout pass: + openssl pkcs12 -export -out $1/server.p12 -inkey $1/server.key -in $1/server.pem -passout pass: +} + +copy_server_certs_to_hvves () { + for f in {ca.p12,server.p12} + do + kubectl cp $1/$f $2/$3:$4 + done +} + +copy_client_certs_to_robot () { + for f in {ca.pem,client.key,client.pem} + do + kubectl cp $1/$f $2/$3:$4 + done +} + +cleanup () { + rm -f $1/{ca,server,client}.??? +} + + +generate_ca_key_cert "$DIR/$SCRIPTDIR" +generate_server_key_csr "$DIR/$SCRIPTDIR" +generate_client_key_csr "$DIR/$SCRIPTDIR" +sign_server_and_client_cert "$DIR/$SCRIPTDIR" +create_pkcs12_ca_and_server "$DIR/$SCRIPTDIR" +copy_server_certs_to_hvves "$DIR/$SCRIPTDIR" "$NAMESPACE" "$HVVESPOD" "/tmp" +copy_client_certs_to_robot "$DIR/$SCRIPTDIR" "$NAMESPACE" "$POD" "/tmp" +cleanup "$DIR/$SCRIPTDIR" diff --git a/kubernetes/robot/scripts/etescript/security-etescript.sh b/kubernetes/robot/scripts/etescript/security-etescript.sh new file mode 100755 index 0000000000..1cd911ca60 --- /dev/null +++ b/kubernetes/robot/scripts/etescript/security-etescript.sh @@ -0,0 +1,57 @@ +#!/usr/bin/env bash + +# Copyright 2019 Samsung Electronics Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# +# Gather information on ONAP cluster required by security tests. +# Copy results to Robot pod. +# + + +TMPDIR='/tmp' +TMPTPL='onap_security' +CSV2JSON='import csv; import json; import sys; print(json.dumps({i[0]: i[1] for i in csv.reader(sys.stdin)}))' +FILTER="$(tr -d [:space:] <