From bd7def7ee2098af56ce66752f59c062d7923fb69 Mon Sep 17 00:00:00 2001 From: Instrumental Date: Wed, 3 Apr 2019 08:25:28 -0500 Subject: Create Helm based Certificates for Clients Issue-ID: AAF-802 Change-Id: I5fdc4daecd6bac7f042940473784cfb05c9e338e Signed-off-by: Instrumental --- .../org/onap/aaf/auth/batch/helpers/Approval.java | 7 + .../java/org/onap/aaf/auth/batch/helpers/Cred.java | 6 + .../java/org/onap/aaf/auth/batch/helpers/Role.java | 7 + .../org/onap/aaf/auth/batch/helpers/UserRole.java | 8 + .../org/onap/aaf/auth/batch/reports/Analyze.java | 569 +++++++++++---------- .../org/onap/aaf/auth/direct/DirectAAFLocator.java | 2 +- auth/docker/Dockerfile.agent | 35 ++ auth/docker/Dockerfile.client | 35 -- auth/docker/Dockerfile.hello | 34 ++ auth/docker/dbuild.sh | 24 +- auth/helm/.gitignore | 1 + auth/helm/aaf-hello/.helmignore | 21 + auth/helm/aaf-hello/Chart.yaml | 25 + auth/helm/aaf-hello/aaf.sh | 84 +++ auth/helm/aaf-hello/templates/NOTES.txt | 1 + auth/helm/aaf-hello/templates/aaf-hello.yaml | 102 ++++ auth/helm/aaf-hello/values.yaml | 77 +++ auth/helm/aaf/aaf.sh | 84 --- auth/helm/aaf/templates/aaf-cass-pv.yaml | 44 ++ auth/helm/aaf/templates/aaf-cass-pvc.yaml | 49 ++ auth/helm/aaf/templates/aaf-config-pv.yaml | 44 ++ auth/helm/aaf/templates/aaf-config-pvc.yaml | 49 ++ auth/helm/aaf/templates/aaf-gui.yaml | 3 +- auth/helm/aaf/templates/aaf-hello.yaml | 114 ----- auth/helm/aaf/templates/aaf-status-pv.yaml | 44 ++ auth/helm/aaf/templates/aaf-status-pvc.yaml | 49 ++ auth/helm/aaf/templates/cass_pv.yaml | 44 -- auth/helm/aaf/templates/cass_pvc.yaml | 49 -- auth/helm/aaf/templates/config_pv.yaml | 44 -- auth/helm/aaf/templates/config_pvc.yaml | 49 -- auth/helm/aaf/templates/status_pv.yaml | 44 -- auth/helm/aaf/templates/status_pvc.yaml | 49 -- auth/helm/aaf/values.yaml | 19 +- auth/sample/bin/client.sh | 10 + auth/sample/etc/org.osaaf.aaf.cm.props | 2 +- auth/sample/etc/org.osaaf.aaf.fs.props | 4 +- auth/sample/etc/org.osaaf.aaf.gui.props | 4 +- auth/sample/etc/org.osaaf.aaf.hello.props | 2 +- auth/sample/etc/org.osaaf.aaf.locate.props | 2 +- auth/sample/etc/org.osaaf.aaf.oauth.props | 4 +- auth/sample/etc/org.osaaf.aaf.service.props | 2 +- auth/sample/local/initialConfig.props | 2 +- .../java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java | 2 +- .../org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java | 4 +- .../aaf/cadi/register/RegistrationCreator.java | 69 ++- .../cadi/register/test/JU_RegistrationCreator.java | 2 + .../main/java/org/onap/aaf/cadi/config/Config.java | 6 +- .../aaf/cadi/config/RegistrationPropHolder.java | 104 ++-- .../config/test/JU_RegistrationPropHolder.java | 24 +- 49 files changed, 1193 insertions(+), 866 deletions(-) create mode 100644 auth/docker/Dockerfile.agent delete mode 100644 auth/docker/Dockerfile.client create mode 100644 auth/docker/Dockerfile.hello create mode 100644 auth/helm/aaf-hello/.helmignore create mode 100644 auth/helm/aaf-hello/Chart.yaml create mode 100644 auth/helm/aaf-hello/aaf.sh create mode 100644 auth/helm/aaf-hello/templates/NOTES.txt create mode 100644 auth/helm/aaf-hello/templates/aaf-hello.yaml create mode 100644 auth/helm/aaf-hello/values.yaml delete mode 100644 auth/helm/aaf/aaf.sh create mode 100644 auth/helm/aaf/templates/aaf-cass-pv.yaml create mode 100644 auth/helm/aaf/templates/aaf-cass-pvc.yaml create mode 100644 auth/helm/aaf/templates/aaf-config-pv.yaml create mode 100644 auth/helm/aaf/templates/aaf-config-pvc.yaml delete mode 100644 auth/helm/aaf/templates/aaf-hello.yaml create mode 100644 auth/helm/aaf/templates/aaf-status-pv.yaml create mode 100644 auth/helm/aaf/templates/aaf-status-pvc.yaml delete mode 100644 auth/helm/aaf/templates/cass_pv.yaml delete mode 100644 auth/helm/aaf/templates/cass_pvc.yaml delete mode 100644 auth/helm/aaf/templates/config_pv.yaml delete mode 100644 auth/helm/aaf/templates/config_pvc.yaml delete mode 100644 auth/helm/aaf/templates/status_pv.yaml delete mode 100644 auth/helm/aaf/templates/status_pvc.yaml diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Approval.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Approval.java index 1bc82f5e..dc96a1ce 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Approval.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Approval.java @@ -211,6 +211,13 @@ public class Approval implements CacheChange.Data { } } + public static void clear() { + byApprover.clear(); + byUser.clear(); + byTicket.clear(); + list.clear(); + cache.resetLocalData(); + } // public void update(AuthzTrans trans, ApprovalDAO apprDAO, boolean dryRun) { // if (dryRun) { // trans.info().printf("Would update Approval %s, %s, last_notified %s",add.id,add.status,add.last_notified); diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Cred.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Cred.java index e51fcfdc..f5669331 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Cred.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Cred.java @@ -372,4 +372,10 @@ public class Cred { } return reason; } + + + public static void clear() { + data.clear(); + byNS.clear(); + } } \ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Role.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Role.java index ea735d2a..bb5e8c21 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Role.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Role.java @@ -179,4 +179,11 @@ public class Role implements Comparable { deleteRoles.clear(); } + public static void clear() { + data.clear(); + keys.clear(); + byName.clear(); + deleteRoles.clear(); + } + } \ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/UserRole.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/UserRole.java index a26da912..b4e1a6d3 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/UserRole.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/UserRole.java @@ -354,4 +354,12 @@ public class UserRole implements Cloneable, CacheChange.Data { public static String histSubject(List row) { return row.get(1) + '|' + row.get(2); } + + public static void clear() { + data.clear(); + byUser.clear(); + byRole.clear(); + cache.resetLocalData(); + + } } \ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/Analyze.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/Analyze.java index 0d5ad47c..60902f1e 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/Analyze.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/Analyze.java @@ -106,8 +106,6 @@ public class Analyze extends Batch { tt.done(); } - // Load Cred. We don't follow Visitor, because we have to gather up everything into Identity Anyway - Cred.load(trans, session); minOwners=1; @@ -149,8 +147,6 @@ public class Analyze extends Batch { writerList.put(EXTEND,extendCW); // Load full data of the following - Approval.load(trans, session, Approval.v2_0_17); - Role.load(trans, session); ln = new LastNotified(session); } finally { @@ -160,335 +156,356 @@ public class Analyze extends Batch { @Override protected void run(AuthzTrans trans) { + TimeTaken tt; AuthzTrans noAvg = trans.env().newTransNoAvg(); //////////////////// // Load all Notifieds, and either add to local Data, or mark for Deletion. ln.loadAll(noAvg,expireRange.approveDelete,deleteCW); - //////////////////// - final Map goodTickets = new TreeMap<>(); - TimeTaken tt = trans.start("Analyze Expired Futures",Trans.SUB); + // Hold Good Tickets to keyed User/Role for UserRole Step + Map mur = new TreeMap<>(); + try { - Future.load(noAvg, session, Future.withConstruct, fut -> { - List appls = Approval.byTicket.get(fut.id()); - if(!futureRange.inRange(fut.expires())) { - deleteCW.comment("Future %s expired", fut.id()); - Future.row(deleteCW,fut); - if(appls!=null) { - for(Approval a : appls) { - Approval.row(deleteCW, a); + Approval.load(trans, session, Approval.v2_0_17); + + //////////////////// + final Map goodTickets = new TreeMap<>(); + tt = trans.start("Analyze Expired Futures",Trans.SUB); + try { + Future.load(noAvg, session, Future.withConstruct, fut -> { + List appls = Approval.byTicket.get(fut.id()); + if(!futureRange.inRange(fut.expires())) { + deleteCW.comment("Future %s expired", fut.id()); + Future.row(deleteCW,fut); + if(appls!=null) { + for(Approval a : appls) { + Approval.row(deleteCW, a); + } } + } else if(appls==null) { // Orphaned Future (no Approvals) + deleteCW.comment("Future is Orphaned"); + Future.row(deleteCW,fut); + } else { + goodTickets.put(fut.fdd.id, new Ticket(fut)); + } + }); + } finally { + tt.done(); + } + + Set approvers = new TreeSet<>(); + tt = trans.start("Connect Approvals with Futures",Trans.SUB); + try { + for(Approval appr : Approval.list) { + Ticket ticket=null; + UUID ticketID = appr.getTicket(); + if(ticketID!=null) { + ticket = goodTickets.get(appr.getTicket()); + } + if(ticket == null) { // Orphaned Approvals, no Futures + deleteCW.comment("Approval is Orphaned"); + Approval.row(deleteCW, appr); + } else { + ticket.approvals.add(appr); // add to found Ticket + approvers.add(appr.getApprover()); } - } else if(appls==null) { // Orphaned Future (no Approvals) - deleteCW.comment("Future is Orphaned"); - Future.row(deleteCW,fut); - } else { - goodTickets.put(fut.fdd.id, new Ticket(fut)); - } - }); - } finally { - tt.done(); - } - - Set approvers = new TreeSet<>(); - tt = trans.start("Connect Approvals with Futures",Trans.SUB); - try { - for(Approval appr : Approval.list) { - Ticket ticket=null; - UUID ticketID = appr.getTicket(); - if(ticketID!=null) { - ticket = goodTickets.get(appr.getTicket()); - } - if(ticket == null) { // Orphaned Approvals, no Futures - deleteCW.comment("Approval is Orphaned"); - Approval.row(deleteCW, appr); - } else { - ticket.approvals.add(appr); // add to found Ticket - approvers.add(appr.getApprover()); } - } - } finally { - tt.done(); - } - - /* Run through all Futures, and see if - * 1) they have been executed (no longer valid) - * 2) The current Approvals indicate they can proceed - */ - Map pendingApprs = new HashMap<>(); - Map pendingTemp = new HashMap<>(); - - // Convert Good Tickets to keyed User/Role for UserRole Step - Map mur = new TreeMap<>(); - String approver; - - tt = trans.start("Analyze Good Tickets",Trans.SUB); - try { - for(Ticket ticket : goodTickets.values()) { - try { - pendingTemp.clear(); - switch(ticket.f.target()) { - case "user_role": - int state[][] = new int[3][3]; - int type; - - for(Approval appr : ticket.approvals) { - switch(appr.getType()) { - case "owner": - type=owner; - break; - case "supervisor": - type=supervisor; - break; - default: - type=0; + } finally { + tt.done(); + } + + /* Run through all Futures, and see if + * 1) they have been executed (no longer valid) + * 2) The current Approvals indicate they can proceed + */ + Map pendingApprs = new HashMap<>(); + Map pendingTemp = new HashMap<>(); + + String approver; + + tt = trans.start("Analyze Good Tickets",Trans.SUB); + try { + for(Ticket ticket : goodTickets.values()) { + try { + pendingTemp.clear(); + switch(ticket.f.target()) { + case "user_role": + int state[][] = new int[3][3]; + int type; + + for(Approval appr : ticket.approvals) { + switch(appr.getType()) { + case "owner": + type=owner; + break; + case "supervisor": + type=supervisor; + break; + default: + type=0; + } + ++state[type][total]; // count per type + switch(appr.getStatus()) { + case "pending": + ++state[type][pending]; + approver = appr.getApprover(); + Pending n = pendingTemp.get(approver); + if(n==null) { + Date lastNotified = ln.lastNotified(approver,"ur",ticket.f.fdd.target_key); + pendingTemp.put(approver,new Pending(lastNotified)); + } else { + n.inc(); + } + break; + case "approved": + ++state[type][approved]; + break; + default: + ++state[type][unknown]; + } } - ++state[type][total]; // count per type - switch(appr.getStatus()) { - case "pending": - ++state[type][pending]; - approver = appr.getApprover(); - Pending n = pendingTemp.get(approver); - if(n==null) { - Date lastNotified = ln.lastNotified(approver,"ur",ticket.f.fdd.target_key); - pendingTemp.put(approver,new Pending(lastNotified)); - } else { - n.inc(); + + // To Approve: + // Always must have at least 1 owner + if((state[owner][total]>0 && state[owner][approved]>0) && + // If there are no Supervisors, that's ok + (state[supervisor][total]==0 || + // But if there is a Supervisor, they must have approved + (state[supervisor][approved]>0))) { + UserRoleDAO.Data urdd = new UserRoleDAO.Data(); + try { + urdd.reconstitute(ticket.f.fdd.construct); + if(urdd.expires.before(ticket.f.expires())) { + extendCW.row("extend_ur",urdd.user,urdd.role,ticket.f.expires()); + } + } catch (IOException e) { + trans.error().log("Could not reconstitute UserRole"); } - break; - case "approved": - ++state[type][approved]; - break; - default: - ++state[type][unknown]; - } - } - - // To Approve: - // Always must have at least 1 owner - if((state[owner][total]>0 && state[owner][approved]>0) && - // If there are no Supervisors, that's ok - (state[supervisor][total]==0 || - // But if there is a Supervisor, they must have approved - (state[supervisor][approved]>0))) { - UserRoleDAO.Data urdd = new UserRoleDAO.Data(); - try { - urdd.reconstitute(ticket.f.fdd.construct); - if(urdd.expires.before(ticket.f.expires())) { - extendCW.row("extend_ur",urdd.user,urdd.role,ticket.f.expires()); + } else { // Load all the Pending. + for(Entry es : pendingTemp.entrySet()) { + Pending p = pendingApprs.get(es.getKey()); + if(p==null) { + pendingApprs.put(es.getKey(), es.getValue()); + } else { + p.inc(es.getValue()); } - } catch (IOException e) { - trans.error().log("Could not reconstitute UserRole"); - } - } else { // Load all the Pending. - for(Entry es : pendingTemp.entrySet()) { - Pending p = pendingApprs.get(es.getKey()); - if(p==null) { - pendingApprs.put(es.getKey(), es.getValue()); - } else { - p.inc(es.getValue()); } } + break; + } + } finally { + if("user_role".equals(ticket.f.fdd.target)) { + String key = ticket.f.fdd.target_key; + if(key!=null) { + mur.put(key, ticket); } - break; - } - } finally { - if("user_role".equals(ticket.f.fdd.target)) { - String key = ticket.f.fdd.target_key; - if(key!=null) { - mur.put(key, ticket); } } } + } finally { + tt.done(); } - } finally { - tt.done(); - } - - // Good Tickets no longer needed - goodTickets.clear(); - - /** - * Decide to Notify about Approvals, based on activity/last Notified - */ - tt = trans.start("Analyze Approval Reminders", Trans.SUB); - try { - GregorianCalendar gc = new GregorianCalendar(); - gc.add(GregorianCalendar.DAY_OF_WEEK, 5); - Date remind = gc.getTime(); - - for(Entry es : pendingApprs.entrySet()) { - Pending p = es.getValue(); - if(p.newApprovals() - || p.earliest() == null - || p.earliest().after(remind)) { - p.row(needApproveCW,es.getKey()); + // Good Tickets no longer needed + goodTickets.clear(); + + /** + * Decide to Notify about Approvals, based on activity/last Notified + */ + tt = trans.start("Analyze Approval Reminders", Trans.SUB); + try { + GregorianCalendar gc = new GregorianCalendar(); + gc.add(GregorianCalendar.DAY_OF_WEEK, 5); + Date remind = gc.getTime(); + + for(Entry es : pendingApprs.entrySet()) { + Pending p = es.getValue(); + if(p.newApprovals() + || p.earliest() == null + || p.earliest().after(remind)) { + p.row(needApproveCW,es.getKey()); + } } + } finally { + tt.done(); } - } finally { - tt.done(); - } - - // clear out Approval Intermediates - pendingTemp = null; - pendingApprs = null; - + + // clear out Approval Intermediates + pendingTemp = null; + pendingApprs = null; + } finally { + Approval.clear(); + } + /** Run through User Roles. Owners are treated specially in next section. Regular roles are checked against Date Ranges. If match Date Range, write out to appropriate file. - */ - try { - tt = trans.start("Analyze UserRoles, storing Owners",Trans.SUB); - Set specialCommented = new HashSet<>(); - Map> owners = new TreeMap<>(); - try { - UserRole.load(noAvg, session, UserRole.v2_0_11, ur -> { - Identity identity; - try { - identity = trans.org().getIdentity(noAvg,ur.user()); - if(identity==null) { - // Candidate for Delete, but not Users if Special - String id = ur.user(); - for(String s : specialDomains) { - if(id.endsWith(s)) { + */ + + try { + Role.load(trans, session); + + try { + tt = trans.start("Analyze UserRoles, storing Owners",Trans.SUB); + Set specialCommented = new HashSet<>(); + Map> owners = new TreeMap<>(); + try { + UserRole.load(noAvg, session, UserRole.v2_0_11, ur -> { + Identity identity; + try { + identity = trans.org().getIdentity(noAvg,ur.user()); + if(identity==null) { + // Candidate for Delete, but not Users if Special + String id = ur.user(); + for(String s : specialDomains) { + if(id.endsWith(s)) { + if(!specialCommented.contains(id)) { + deleteCW.comment("ID %s is part of special Domain %s (UR Org Check)", id,s); + specialCommented.add(id); + } + return; + } + } + if(specialNames.contains(id)) { if(!specialCommented.contains(id)) { - deleteCW.comment("ID %s is part of special Domain %s (UR Org Check)", id,s); + deleteCW.comment("ID %s is a special ID (UR Org Check)", id); specialCommented.add(id); } return; } - } - if(specialNames.contains(id)) { - if(!specialCommented.contains(id)) { - deleteCW.comment("ID %s is a special ID (UR Org Check)", id); - specialCommented.add(id); - } + ur.row(deleteCW, UserRole.UR,"Not in Organization"); + return; + } else if(Role.byName.get(ur.role())==null) { + ur.row(deleteCW, UserRole.UR,String.format("Role %s does not exist", ur.role())); return; } - ur.row(deleteCW, UserRole.UR,"Not in Organization"); - return; - } else if(Role.byName.get(ur.role())==null) { - ur.row(deleteCW, UserRole.UR,String.format("Role %s does not exist", ur.role())); - return; - } - // Just let expired UserRoles sit until deleted - if(futureRange.inRange(ur.expires())) { - if(!mur.containsKey(ur.user() + '|' + ur.role())) { - // Cannot just delete owners, unless there is at least one left. Process later - if ("owner".equals(ur.rname())) { - Set urs = owners.get(ur.role()); - if (urs == null) { - urs = new HashSet(); - owners.put(ur.role(), urs); - } - urs.add(ur); - } else { - Range r = writeAnalysis(noAvg,ur); - if(r!=null) { - Approval existing = findApproval(ur); - if(existing==null) { - ur.row(needApproveCW,UserRole.APPROVE_UR); + // Just let expired UserRoles sit until deleted + if(futureRange.inRange(ur.expires())) { + if(!mur.containsKey(ur.user() + '|' + ur.role())) { + // Cannot just delete owners, unless there is at least one left. Process later + if ("owner".equals(ur.rname())) { + Set urs = owners.get(ur.role()); + if (urs == null) { + urs = new HashSet(); + owners.put(ur.role(), urs); + } + urs.add(ur); + } else { + Range r = writeAnalysis(noAvg,ur); + if(r!=null) { + Approval existing = findApproval(ur); + if(existing==null) { + ur.row(needApproveCW,UserRole.APPROVE_UR); + } } } } } + } catch (OrganizationException e) { + noAvg.error().log(e); } - } catch (OrganizationException e) { - noAvg.error().log(e); - } - }); - } finally { - tt.done(); - } - - /** - Now Process Owners, one owner Role at a time, ensuring one is left, - preferably a good one. If so, process the others as normal. - - Otherwise, write to ExpiredOwners Report - */ - tt = trans.start("Analyze Owners Separately",Trans.SUB); - try { - if (!owners.values().isEmpty()) { - File file = new File(logDir(), EXPIRED_OWNERS + sdate + CSV); - final CSV ownerCSV = new CSV(env.access(),file); - CSV.Writer expOwner = ownerCSV.writer(); - expOwner.row(INFO,EXPIRED_OWNERS,sdate,2); - - try { - for (Set sur : owners.values()) { - int goodOwners = 0; - for (UserRole ur : sur) { - if (ur.expires().after(now)) { - ++goodOwners; - } - } + }); + } finally { + tt.done(); + } + mur.clear(); + + /** + Now Process Owners, one owner Role at a time, ensuring one is left, + preferably a good one. If so, process the others as normal. + + Otherwise, write to ExpiredOwners Report + */ + tt = trans.start("Analyze Owners Separately",Trans.SUB); + try { + if (!owners.values().isEmpty()) { + File file = new File(logDir(), EXPIRED_OWNERS + sdate + CSV); + final CSV ownerCSV = new CSV(env.access(),file); + CSV.Writer expOwner = ownerCSV.writer(); + expOwner.row(INFO,EXPIRED_OWNERS,sdate,2); - for (UserRole ur : sur) { - if (goodOwners >= minOwners) { - Range r = writeAnalysis(noAvg, ur); - if(r!=null) { + try { + for (Set sur : owners.values()) { + int goodOwners = 0; + for (UserRole ur : sur) { + if (ur.expires().after(now)) { + ++goodOwners; + } + } + + for (UserRole ur : sur) { + if (goodOwners >= minOwners) { + Range r = writeAnalysis(noAvg, ur); + if(r!=null) { + Approval existing = findApproval(ur); + if(existing==null) { + ur.row(needApproveCW,UserRole.APPROVE_UR); + } + } + } else { + expOwner.row("owner",ur.role(), ur.user(), Chrono.dateOnlyStamp(ur.expires())); Approval existing = findApproval(ur); if(existing==null) { ur.row(needApproveCW,UserRole.APPROVE_UR); } } - } else { - expOwner.row("owner",ur.role(), ur.user(), Chrono.dateOnlyStamp(ur.expires())); - Approval existing = findApproval(ur); - if(existing==null) { - ur.row(needApproveCW,UserRole.APPROVE_UR); - } } } - } - } finally { - if(expOwner!=null) { - expOwner.close(); + } finally { + if(expOwner!=null) { + expOwner.close(); + } } } - } - } finally { - tt.done(); - } + } finally { + tt.done(); + } + } finally { + Role.clear(); + UserRole.clear(); + } /** * Check for Expired Credentials - * - * */ - tt = trans.start("Analyze Expired Credentials",Trans.SUB); try { - for (Cred cred : Cred.data.values()) { - List linst = cred.instances; - if(linst!=null) { - Instance lastBath = null; - for(Instance inst : linst) { - // if(inst.attn>0) { - // writeAnalysis(trans, cred, inst); - // // Special Behavior: only eval the LAST Instance - // } else - // All Creds go through Life Cycle - if(deleteDate!=null && inst.expires.before(deleteDate)) { - writeAnalysis(noAvg, cred, inst); // will go to Delete - // Basic Auth has Pre-EOL notifications IF there is no Newer Credential - } else if (inst.type == CredDAO.BASIC_AUTH || inst.type == CredDAO.BASIC_AUTH_SHA256) { - if(lastBath==null || lastBath.expires.before(inst.expires)) { - lastBath = inst; - } - } - } - if(lastBath!=null) { - writeAnalysis(noAvg, cred, lastBath); + // Load Cred. We don't follow Visitor, because we have to gather up everything into Identity Anyway + Cred.load(trans, session); + + tt = trans.start("Analyze Expired Credentials",Trans.SUB); + try { + for (Cred cred : Cred.data.values()) { + List linst = cred.instances; + if(linst!=null) { + Instance lastBath = null; + for(Instance inst : linst) { + // if(inst.attn>0) { + // writeAnalysis(trans, cred, inst); + // // Special Behavior: only eval the LAST Instance + // } else + // All Creds go through Life Cycle + if(deleteDate!=null && inst.expires.before(deleteDate)) { + writeAnalysis(noAvg, cred, inst); // will go to Delete + // Basic Auth has Pre-EOL notifications IF there is no Newer Credential + } else if (inst.type == CredDAO.BASIC_AUTH || inst.type == CredDAO.BASIC_AUTH_SHA256) { + if(lastBath==null || lastBath.expires.before(inst.expires)) { + lastBath = inst; + } + } + } + if(lastBath!=null) { + writeAnalysis(noAvg, cred, lastBath); + } } - } + } + } finally { + tt.done(); } } finally { - tt.done(); + Cred.clear(); } - + //////////////////// tt = trans.start("Analyze Expired X509s",Trans.SUB); try { diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLocator.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLocator.java index cc9ee66c..81debc05 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLocator.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLocator.java @@ -74,7 +74,7 @@ public class DirectAAFLocator extends AbsAAFLocator { try { RegistrationPropHolder rph = new RegistrationPropHolder(access,0); - String aaf_url = rph.replacements("https://"+Config.AAF_LOCATE_URL_TAG+"/%CNS."+name, null,null); + String aaf_url = rph.replacements(getClass().getSimpleName(),"https://"+Config.AAF_LOCATE_URL_TAG+"/%CNS."+name, null,null); //access.getProperty("/locate/"+name+':'+version; access.printf(Level.INIT,"Creating DirectAAFLocator to %s",aaf_url); uri = new URI(aaf_url); diff --git a/auth/docker/Dockerfile.agent b/auth/docker/Dockerfile.agent new file mode 100644 index 00000000..b62f7b4f --- /dev/null +++ b/auth/docker/Dockerfile.agent @@ -0,0 +1,35 @@ +######### +# ============LICENSE_START==================================================== +# org.onap.aaf +# =========================================================================== +# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +# =========================================================================== +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END==================================================== +# +FROM ${DOCKER_REPOSITORY}/onap/aaf/aaf_base:${AAF_VERSION} +MAINTAINER AAF Team, AT&T 2018 +ENV VERSION=${AAF_VERSION} + +LABEL description="aaf_agent" +LABEL version=${AAF_VERSION} + +COPY bin/client.sh /opt/app/aaf_config/bin/agent.sh +COPY bin/aaf-auth-cmd-${AAF_VERSION}-full.jar /opt/app/aaf_config/bin/ +COPY bin/aaf-cadi-servlet-sample-*-sample.jar /opt/app/aaf_config/bin/ +COPY logs /opt/app/aaf_config/logs +COPY cert/*trust*.b64 /opt/app/aaf_config/cert/ + +RUN if [ -n "${DUSER}" ]; then chown -R ${DUSER}:${DUSER} /opt/app/aaf_config; fi + +CMD [] diff --git a/auth/docker/Dockerfile.client b/auth/docker/Dockerfile.client deleted file mode 100644 index b62f7b4f..00000000 --- a/auth/docker/Dockerfile.client +++ /dev/null @@ -1,35 +0,0 @@ -######### -# ============LICENSE_START==================================================== -# org.onap.aaf -# =========================================================================== -# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. -# =========================================================================== -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END==================================================== -# -FROM ${DOCKER_REPOSITORY}/onap/aaf/aaf_base:${AAF_VERSION} -MAINTAINER AAF Team, AT&T 2018 -ENV VERSION=${AAF_VERSION} - -LABEL description="aaf_agent" -LABEL version=${AAF_VERSION} - -COPY bin/client.sh /opt/app/aaf_config/bin/agent.sh -COPY bin/aaf-auth-cmd-${AAF_VERSION}-full.jar /opt/app/aaf_config/bin/ -COPY bin/aaf-cadi-servlet-sample-*-sample.jar /opt/app/aaf_config/bin/ -COPY logs /opt/app/aaf_config/logs -COPY cert/*trust*.b64 /opt/app/aaf_config/cert/ - -RUN if [ -n "${DUSER}" ]; then chown -R ${DUSER}:${DUSER} /opt/app/aaf_config; fi - -CMD [] diff --git a/auth/docker/Dockerfile.hello b/auth/docker/Dockerfile.hello new file mode 100644 index 00000000..0d2a062c --- /dev/null +++ b/auth/docker/Dockerfile.hello @@ -0,0 +1,34 @@ +######### +# ============LICENSE_START==================================================== +# org.onap.aaf +# =========================================================================== +# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +# =========================================================================== +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END==================================================== +# +FROM ${DOCKER_REPOSITORY}/onap/aaf/aaf_core:${AAF_VERSION} +MAINTAINER AAF Team, AT&T 2018 +ENV VERSION=${AAF_VERSION} + +LABEL description="aaf_hello" +LABEL version=${AAF_VERSION} + +COPY bin/pod_wait.sh /opt/app/aaf/bin/ +COPY etc /opt/app/osaaf/etc +RUN mkdir -p /opt/app/aaf/status +RUN if [ -n "${DUSER}" ]; then chown ${DUSER}:${DUSER} /opt/app/aaf/status \ + && chown ${DUSER}:${DUSER} /opt/app/osaaf \ + && chown -R ${DUSER}:${DUSER} /opt/app/aaf; fi + +CMD [] diff --git a/auth/docker/dbuild.sh b/auth/docker/dbuild.sh index b2a5d510..1b4e5eee 100755 --- a/auth/docker/dbuild.sh +++ b/auth/docker/dbuild.sh @@ -76,7 +76,6 @@ cp auth-cmd/target/aaf-auth-cmd-$VERSION-full.jar sample/bin cp auth-batch/target/aaf-auth-batch-$VERSION-full.jar sample/bin cp -Rf ../conf/CA sample - # AAF Config image (for AAF itself) sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \ -e 's/${AAF_COMPONENT}/'${AAF_COMPONENT}'/g' \ @@ -93,7 +92,7 @@ sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \ -e 's/${AAF_COMPONENT}/'${AAF_COMPONENT}'/g' \ -e 's/${DOCKER_REPOSITORY}/'${DOCKER_REPOSITORY}'/g' \ -e 's/${DUSER}/'${DUSER}'/g' \ - docker/Dockerfile.client > sample/Dockerfile + docker/Dockerfile.agent > sample/Dockerfile $DOCKER build -t ${ORG}/${PROJECT}/aaf_agent:${VERSION} sample $DOCKER tag ${ORG}/${PROJECT}/aaf_agent:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_agent:${VERSION} $DOCKER tag ${ORG}/${PROJECT}/aaf_agent:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_agent:latest @@ -113,6 +112,9 @@ sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \ -e 's/${DUSER}/'${DUSER}'/g' \ Dockerfile.core >../aaf_${VERSION}/Dockerfile cd .. +echo "#######" +pwd +echo "#######" $DOCKER build -t ${ORG}/${PROJECT}/aaf_core:${VERSION} aaf_${VERSION} $DOCKER tag ${ORG}/${PROJECT}/aaf_core:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_core:${VERSION} $DOCKER tag ${ORG}/${PROJECT}/aaf_core:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_core:latest @@ -123,24 +125,34 @@ cd - # Do all the Containers related to AAF Services ####### if [ $AAF_COMPONENTS == "ALL" ]; then - AAF_COMPONENTS=$(ls ../aaf_${VERSION}/bin | grep -v '\.') + AAF_COMPONENTS=$(cat components) fi -echo "$0: AAF_COMPONENTS=$AAF_COMPONENTS" cp ../sample/bin/pod_wait.sh ../aaf_${VERSION}/bin for AAF_COMPONENT in ${AAF_COMPONENTS}; do echo Building aaf_$AAF_COMPONENT... + if [ "hello" = "${AAF_COMPONENT}" ]; then + echo Building Hello separately + DF="Dockerfile.hello" + cp -Rf ../sample/etc ../aaf_${VERSION}/etc + else + DF="Dockerfile.ms" + fi sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \ -e 's/${AAF_COMPONENT}/'${AAF_COMPONENT}'/g' \ -e 's/${DOCKER_REPOSITORY}/'${DOCKER_REPOSITORY}'/g' \ -e 's/${DUSER}/'${DUSER}'/g' \ - Dockerfile.ms >../aaf_${VERSION}/Dockerfile + $DF >../aaf_${VERSION}/Dockerfile cd .. $DOCKER build -t ${ORG}/${PROJECT}/aaf_${AAF_COMPONENT}:${VERSION} aaf_${VERSION} $DOCKER tag ${ORG}/${PROJECT}/aaf_${AAF_COMPONENT}:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_${AAF_COMPONENT}:${VERSION} $DOCKER tag ${ORG}/${PROJECT}/aaf_${AAF_COMPONENT}:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_${AAF_COMPONENT}:latest rm aaf_${VERSION}/Dockerfile + if [ -e aaf_${VERSION}/etc ]; then + rm -Rf aaf_${VERSION}/etc + fi cd - - done + +# Final cleanup rm ../aaf_${VERSION}/bin/pod_wait.sh diff --git a/auth/helm/.gitignore b/auth/helm/.gitignore index 1c5fad92..44cae669 100644 --- a/auth/helm/.gitignore +++ b/auth/helm/.gitignore @@ -1,3 +1,4 @@ aaf.orig/ pause/ aaf.new/ +aaf.props diff --git a/auth/helm/aaf-hello/.helmignore b/auth/helm/aaf-hello/.helmignore new file mode 100644 index 00000000..f0c13194 --- /dev/null +++ b/auth/helm/aaf-hello/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/auth/helm/aaf-hello/Chart.yaml b/auth/helm/aaf-hello/Chart.yaml new file mode 100644 index 00000000..3b23f6d0 --- /dev/null +++ b/auth/helm/aaf-hello/Chart.yaml @@ -0,0 +1,25 @@ +######### +## ============LICENSE_START==================================================== +## org.onap.aaf +## =========================================================================== +## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +## =========================================================================== +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## ============LICENSE_END==================================================== +## + +apiVersion: v1 +appVersion: "1.0" +description: AAF Hello Helm Chart +name: aaf-hello +version: 2.1.11-SNAPSHOT diff --git a/auth/helm/aaf-hello/aaf.sh b/auth/helm/aaf-hello/aaf.sh new file mode 100644 index 00000000..5bb83515 --- /dev/null +++ b/auth/helm/aaf-hello/aaf.sh @@ -0,0 +1,84 @@ +. ../../docker/d.props +IMAGE=onap/aaf/aaf_agent:$VERSION + +kubectl -n onap run -it --rm aaf-agent-$USER --image=$IMAGE --overrides=' +{ + "spec": { + "containers": [ + { + "name": "aaf-agent-'$USER'", + "image": "'$IMAGE'", + "imagePullPolicy": "IfNotPresent", + "command": [ + "bash", + "-c", + "/opt/app/aaf_config/bin/agent.sh && cd /opt/app/osaaf/local && exec bash" + ], + "env": [ + { + "name": "aaf_locator_container", + "value": "helm" + },{ + "name": "aaf_locator_fqdn", + "value": "'$HOSTNAME'" + },{ + "name": "aaf_locator_url", + "value": "https://aaf-locate:8095" + },{ + "name": "aaf_locator_public_hostname", + "value": "'$HOSTNAME'" + },{ + "name": "AAF_ENV", + "value": "'$AAF_ENV'" + },{ + "name": "LATITUDE", + "value": "'$LATITUDE'" + },{ + "name": "LONGITUDE", + "value": "'$LONGITUDE'" + },{ + "name": "CASSANDRA_CLUSTER", + "value": "'$CASSANDRA_CLUSTER'" + },{ + "name": "CASSANDRA_USER", + "value": "'$CASSANDRA_USER'" + },{ + "name": "CASSANDRA_PASSWORD", + "value": "'$CASSANDRA_PASSWORD'" + },{ + "name": "CASSANDRA_PORT", + "value": "'$CASSANDRA_PORT'" + } + ], + "stdin": true, + "stdinOnce": true, + "tty": true, + "volumeMounts": [ + { + "mountPath": "/opt/app/osaaf", + "name": "aaf-config-vol" + }, + { + "mountPath": "/opt/app/aaf/status", + "name": "aaf-status-vol" + } + ] + } + ], + "volumes": [ + { + "name": "aaf-config-vol", + "persistentVolumeClaim": { + "claimName": "aaf-config-pvc" + } + }, + { + "name": "aaf-status-vol", + "persistentVolumeClaim": { + "claimName": "aaf-status-pvc" + } + } + ] + } +} +' --restart=Never -- bash diff --git a/auth/helm/aaf-hello/templates/NOTES.txt b/auth/helm/aaf-hello/templates/NOTES.txt new file mode 100644 index 00000000..a6805571 --- /dev/null +++ b/auth/helm/aaf-hello/templates/NOTES.txt @@ -0,0 +1 @@ +AAF Persistence basics loaded diff --git a/auth/helm/aaf-hello/templates/aaf-hello.yaml b/auth/helm/aaf-hello/templates/aaf-hello.yaml new file mode 100644 index 00000000..c114e5eb --- /dev/null +++ b/auth/helm/aaf-hello/templates/aaf-hello.yaml @@ -0,0 +1,102 @@ +######### +## ============LICENSE_START==================================================== +## org.onap.aaf +## =========================================================================== +## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +## =========================================================================== +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## ============LICENSE_END==================================================== +## +### +### AAF-HELLO +### +kind: Service +apiVersion: v1 +metadata: + name: aaf-hello +spec: + selector: + app: aaf-hello + type: NodePort + ports: + - name: aaf-hello + protocol: TCP + port: 8130 + nodePort: 30086 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: aaf-hello + labels: + app: aaf-hello +spec: + replicas: {{ .Values.replicas.hello }} + selector: + matchLabels: + app: aaf-hello + template: + metadata: + labels: + app: aaf-hello + spec: + volumes: + # Use this Pod Sharing dir to declare various States of starting + - name: hello-config-vol + emptyDir: {} + initContainers: + - name: hello-config-container + image: {{ .Values.image.repository }}onap/aaf/aaf_agent:{{ .Values.image.version }} + imagePullPolicy: IfNotPresent + volumeMounts: + - mountPath: "/opt/app/osaaf/local" + name: hello-config-vol + command: ["bash","-c","cd /opt/app/osaaf/local && /opt/app/aaf_config/bin/agent.sh place aaf@aaf.osaaf.org aaf"] + env: + - name: "AAF_ENV" + value: "DEV" + - name: "AAF_FQDN" + value: "aaf-locate.onap" + - name: "APP_FQDN" + value: "aaf" + - name: "APP_FQI" + value: "aaf@aaf.osaaf.org" + - name: LATITUDE + value: "{{ .Values.cadi.cadi_latitude }}" + - name: LONGITUDE + value: "{{ .Values.cadi.cadi_longitude }}" + - name: "CONTAINER_NS" + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: "DEPLOY_FQI" + value: "deployer@people.osaaf.org" + - name: "DEPLOY_PASSWORD" + value: "demo123456!" + +### +### AAF-HELLO +### + containers: + - name: aaf-hello + image: {{ .Values.image.repository }}onap/aaf/aaf_hello:{{ .Values.image.version }} + imagePullPolicy: IfNotPresent + command: ["/bin/bash","-c","cd /opt/app/aaf && exec bin/hello"] + volumeMounts: + - mountPath: "/opt/app/osaaf/local" + name: hello-config-vol + ports: + - name: aaf-hello + protocol: TCP + containerPort: 8130 + diff --git a/auth/helm/aaf-hello/values.yaml b/auth/helm/aaf-hello/values.yaml new file mode 100644 index 00000000..d5fa7476 --- /dev/null +++ b/auth/helm/aaf-hello/values.yaml @@ -0,0 +1,77 @@ +######### +## ============LICENSE_START==================================================== +## org.onap.aaf +## =========================================================================== +## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +## =========================================================================== +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## ============LICENSE_END==================================================== +## +# +# Default values for aaf. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +global: + persistence: + enabled: true + common: + namespace: "onap" + +replicas: + hello: 1 + +ingress: + enabled: false + +cadi: + hostname: "aaf.onap" + cadi_latitude: "38.0" + cadi_longitude: "-72.0" + aaf_env: "DEV" + +persistence: + # Note: Minikube will persist to /data on your host machine + mountPath: "/data/aaf" + hello: + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + size: 1Gi + mountSubPath: "config" + storageClass: "manual" + +image: + # When using locally built Docker Container, set Repository to "" + repository: "" + # When using Docker Repo, add, and include trailing "/" + # repository: nexus3.onap.org:10003/ + # repository: localhost:5000/ + version: 2.1.11-SNAPSHOT + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/auth/helm/aaf/aaf.sh b/auth/helm/aaf/aaf.sh deleted file mode 100644 index 5bb83515..00000000 --- a/auth/helm/aaf/aaf.sh +++ /dev/null @@ -1,84 +0,0 @@ -. ../../docker/d.props -IMAGE=onap/aaf/aaf_agent:$VERSION - -kubectl -n onap run -it --rm aaf-agent-$USER --image=$IMAGE --overrides=' -{ - "spec": { - "containers": [ - { - "name": "aaf-agent-'$USER'", - "image": "'$IMAGE'", - "imagePullPolicy": "IfNotPresent", - "command": [ - "bash", - "-c", - "/opt/app/aaf_config/bin/agent.sh && cd /opt/app/osaaf/local && exec bash" - ], - "env": [ - { - "name": "aaf_locator_container", - "value": "helm" - },{ - "name": "aaf_locator_fqdn", - "value": "'$HOSTNAME'" - },{ - "name": "aaf_locator_url", - "value": "https://aaf-locate:8095" - },{ - "name": "aaf_locator_public_hostname", - "value": "'$HOSTNAME'" - },{ - "name": "AAF_ENV", - "value": "'$AAF_ENV'" - },{ - "name": "LATITUDE", - "value": "'$LATITUDE'" - },{ - "name": "LONGITUDE", - "value": "'$LONGITUDE'" - },{ - "name": "CASSANDRA_CLUSTER", - "value": "'$CASSANDRA_CLUSTER'" - },{ - "name": "CASSANDRA_USER", - "value": "'$CASSANDRA_USER'" - },{ - "name": "CASSANDRA_PASSWORD", - "value": "'$CASSANDRA_PASSWORD'" - },{ - "name": "CASSANDRA_PORT", - "value": "'$CASSANDRA_PORT'" - } - ], - "stdin": true, - "stdinOnce": true, - "tty": true, - "volumeMounts": [ - { - "mountPath": "/opt/app/osaaf", - "name": "aaf-config-vol" - }, - { - "mountPath": "/opt/app/aaf/status", - "name": "aaf-status-vol" - } - ] - } - ], - "volumes": [ - { - "name": "aaf-config-vol", - "persistentVolumeClaim": { - "claimName": "aaf-config-pvc" - } - }, - { - "name": "aaf-status-vol", - "persistentVolumeClaim": { - "claimName": "aaf-status-pvc" - } - } - ] - } -} -' --restart=Never -- bash diff --git a/auth/helm/aaf/templates/aaf-cass-pv.yaml b/auth/helm/aaf/templates/aaf-cass-pv.yaml new file mode 100644 index 00000000..48633a21 --- /dev/null +++ b/auth/helm/aaf/templates/aaf-cass-pv.yaml @@ -0,0 +1,44 @@ +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +######### +## ============LICENSE_START==================================================== +## org.onap.aaf +## =========================================================================== +## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +## =========================================================================== +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## ============LICENSE_END==================================================== +## + +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ .Chart.Name }}-cass-pv + namespace: {{ .Values.global.common.namespace }} + labels: + app: {{ .Chart.Name }}-cass +spec: + capacity: + storage: {{ .Values.persistence.cass.size}} + accessModes: + - {{ .Values.persistence.cass.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.cass.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.persistence.mountPath }}/{{ .Values.persistence.cass.mountSubPath }} +{{- if .Values.persistence.cass.storageClass }} +{{- if (eq "-" .Values.persistence.cass.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.cass.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/auth/helm/aaf/templates/aaf-cass-pvc.yaml b/auth/helm/aaf/templates/aaf-cass-pvc.yaml new file mode 100644 index 00000000..9fcbe339 --- /dev/null +++ b/auth/helm/aaf/templates/aaf-cass-pvc.yaml @@ -0,0 +1,49 @@ +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +######### +## ============LICENSE_START==================================================== +## org.onap.aaf +## =========================================================================== +## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +## =========================================================================== +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## ============LICENSE_END==================================================== +## + +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ .Chart.Name }}-cass-pvc + namespace: {{ .Values.global.common.namespace }} + labels: + app: {{ .Chart.Name }}-cass +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + app: {{ .Chart.Name }}-cass + accessModes: + - {{ .Values.persistence.cass.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.cass.size }} +{{- if .Values.persistence.cass.storageClass }} +{{- if (eq "-" .Values.persistence.cass.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.cass.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/auth/helm/aaf/templates/aaf-config-pv.yaml b/auth/helm/aaf/templates/aaf-config-pv.yaml new file mode 100644 index 00000000..7066f520 --- /dev/null +++ b/auth/helm/aaf/templates/aaf-config-pv.yaml @@ -0,0 +1,44 @@ +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +######### +## ============LICENSE_START==================================================== +## org.onap.aaf +## =========================================================================== +## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +## =========================================================================== +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## ============LICENSE_END==================================================== +## + +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ .Chart.Name }}-config-pv + namespace: {{ .Values.global.common.namespace }} + labels: + app: {{ .Chart.Name }}-config +spec: + capacity: + storage: {{ .Values.persistence.config.size}} + accessModes: + - {{ .Values.persistence.config.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.config.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.persistence.mountPath }}/{{ .Values.persistence.config.mountSubPath }} +{{- if .Values.persistence.config.storageClass }} +{{- if (eq "-" .Values.persistence.config.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.config.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/auth/helm/aaf/templates/aaf-config-pvc.yaml b/auth/helm/aaf/templates/aaf-config-pvc.yaml new file mode 100644 index 00000000..9136712b --- /dev/null +++ b/auth/helm/aaf/templates/aaf-config-pvc.yaml @@ -0,0 +1,49 @@ +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +######### +## ============LICENSE_START==================================================== +## org.onap.aaf +## =========================================================================== +## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +## =========================================================================== +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## ============LICENSE_END==================================================== +## + +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ .Chart.Name }}-config-pvc + namespace: {{ .Values.global.common.namespace }} + labels: + app: {{ .Chart.Name }}-config +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + app: {{ .Chart.Name }}-config + accessModes: + - {{ .Values.persistence.config.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.config.size }} +{{- if .Values.persistence.config.storageClass }} +{{- if (eq "-" .Values.persistence.config.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.config.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/auth/helm/aaf/templates/aaf-gui.yaml b/auth/helm/aaf/templates/aaf-gui.yaml index 2a509b76..dcff5e7b 100644 --- a/auth/helm/aaf/templates/aaf-gui.yaml +++ b/auth/helm/aaf/templates/aaf-gui.yaml @@ -31,8 +31,9 @@ spec: ports: - name: aaf-gui protocol: TCP - port: 8200 nodePort: 30083 + port: 8200 + targetPort: 8200 --- apiVersion: apps/v1 kind: Deployment diff --git a/auth/helm/aaf/templates/aaf-hello.yaml b/auth/helm/aaf/templates/aaf-hello.yaml deleted file mode 100644 index 7c91c856..00000000 --- a/auth/helm/aaf/templates/aaf-hello.yaml +++ /dev/null @@ -1,114 +0,0 @@ -######### -## ============LICENSE_START==================================================== -## org.onap.aaf -## =========================================================================== -## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. -## =========================================================================== -## Licensed under the Apache License, Version 2.0 (the "License"); -## you may not use this file except in compliance with the License. -## You may obtain a copy of the License at -## -## http://www.apache.org/licenses/LICENSE-2.0 -## -## Unless required by applicable law or agreed to in writing, software -## distributed under the License is distributed on an "AS IS" BASIS, -## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -## See the License for the specific language governing permissions and -## limitations under the License. -## ============LICENSE_END==================================================== -## -### -### AAF-HELLO -### -kind: Service -apiVersion: v1 -metadata: - name: aaf-hello -spec: - selector: - app: aaf-hello - type: NodePort - ports: - - name: aaf-hello - protocol: TCP - port: 8130 - nodePort: 30086 ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: aaf-hello - labels: - app: aaf-hello -spec: - replicas: {{ .Values.replicas.hello }} - selector: - matchLabels: - app: aaf-hello - template: - metadata: - labels: - app: aaf-hello - spec: - volumes: - # Use this Pod Sharing dir to declare various States of starting - - name: {{ .Chart.Name }}-config-vol - persistentVolumeClaim: - claimName: {{ .Chart.Name }}-config-pvc - - name: {{ .Chart.Name }}-status-vol - persistentVolumeClaim: - claimName: {{ .Chart.Name }}-status-pvc - initContainers: - - name: {{ .Chart.Name }}-config-container - image: {{ .Values.image.repository }}onap/aaf/aaf_config:{{ .Values.image.version }} - imagePullPolicy: IfNotPresent - command: ["bash","/opt/app/aaf_config/bin/agent.sh"] - volumeMounts: - - mountPath: "/opt/app/osaaf" - name: {{ .Chart.Name }}-config-vol - env: - - name: AAF_ENV - value: "{{ .Values.cadi.aaf_env }}" - - name: LATITUDE - value: "{{ .Values.cadi.cadi_latitude }}" - - name: LONGITUDE - value: "{{ .Values.cadi.cadi_longitude }}" - - name: aaf_locator_container - value: "helm" - - name: aaf_locator_container_ns - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: aaf_locate_url - value: "https://aaf-locate.onap:8095" - - name: aaf_locator_public_hostname - value: "aaf.osaaf.org" -# - name: CASSANDRA_USER -# value: "" -# - name: CASSANDRA_PASSWORD -# value: "" -# - name: CASSANDRA_PORT -# value: "" - containers: -### -### AAF-HELLO -### - - name: {{ .Chart.Name }}-hello - image: {{ .Values.image.repository }}onap/aaf/aaf_hello:{{ .Values.image.version }} - imagePullPolicy: IfNotPresent - command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-hello aaf-locate && exec bin/hello"] - volumeMounts: - - mountPath: "/opt/app/osaaf" - name: {{ .Chart.Name }}-config-vol - - mountPath: "/opt/app/aaf/status" - name: {{ .Chart.Name }}-status-vol - ports: - - name: aaf-hello - protocol: TCP - containerPort: 8130 - env: - - name: aaf_locator_ns - valueFrom: - fieldRef: - fieldPath: metadata.namespace - diff --git a/auth/helm/aaf/templates/aaf-status-pv.yaml b/auth/helm/aaf/templates/aaf-status-pv.yaml new file mode 100644 index 00000000..418a368b --- /dev/null +++ b/auth/helm/aaf/templates/aaf-status-pv.yaml @@ -0,0 +1,44 @@ +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +######### +## ============LICENSE_START==================================================== +## org.onap.aaf +## =========================================================================== +## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +## =========================================================================== +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## ============LICENSE_END==================================================== +## + +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ .Chart.Name }}-status-pv + namespace: {{ .Values.global.common.namespace }} + labels: + app: {{ .Chart.Name }}-status +spec: + capacity: + storage: {{ .Values.persistence.status.size}} + accessModes: + - {{ .Values.persistence.status.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.status.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.persistence.mountPath }}/{{ .Values.persistence.status.mountSubPath }} +{{- if .Values.persistence.status.storageClass }} +{{- if (eq "-" .Values.persistence.status.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.status.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/auth/helm/aaf/templates/aaf-status-pvc.yaml b/auth/helm/aaf/templates/aaf-status-pvc.yaml new file mode 100644 index 00000000..2a402ff9 --- /dev/null +++ b/auth/helm/aaf/templates/aaf-status-pvc.yaml @@ -0,0 +1,49 @@ +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +######### +## ============LICENSE_START==================================================== +## org.onap.aaf +## =========================================================================== +## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +## =========================================================================== +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## ============LICENSE_END==================================================== +## + +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ .Chart.Name }}-status-pvc + namespace: {{ .Values.global.common.namespace }} + labels: + app: {{ .Chart.Name }}-status +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + app: {{ .Chart.Name }}-status + accessModes: + - {{ .Values.persistence.status.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.status.size }} +{{- if .Values.persistence.status.storageClass }} +{{- if (eq "-" .Values.persistence.status.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.status.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/auth/helm/aaf/templates/cass_pv.yaml b/auth/helm/aaf/templates/cass_pv.yaml deleted file mode 100644 index 48633a21..00000000 --- a/auth/helm/aaf/templates/cass_pv.yaml +++ /dev/null @@ -1,44 +0,0 @@ -{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} -######### -## ============LICENSE_START==================================================== -## org.onap.aaf -## =========================================================================== -## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. -## =========================================================================== -## Licensed under the Apache License, Version 2.0 (the "License"); -## you may not use this file except in compliance with the License. -## You may obtain a copy of the License at -## -## http://www.apache.org/licenses/LICENSE-2.0 -## -## Unless required by applicable law or agreed to in writing, software -## distributed under the License is distributed on an "AS IS" BASIS, -## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -## See the License for the specific language governing permissions and -## limitations under the License. -## ============LICENSE_END==================================================== -## - -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ .Chart.Name }}-cass-pv - namespace: {{ .Values.global.common.namespace }} - labels: - app: {{ .Chart.Name }}-cass -spec: - capacity: - storage: {{ .Values.persistence.cass.size}} - accessModes: - - {{ .Values.persistence.cass.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.cass.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.persistence.mountPath }}/{{ .Values.persistence.cass.mountSubPath }} -{{- if .Values.persistence.cass.storageClass }} -{{- if (eq "-" .Values.persistence.cass.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.cass.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} diff --git a/auth/helm/aaf/templates/cass_pvc.yaml b/auth/helm/aaf/templates/cass_pvc.yaml deleted file mode 100644 index 9fcbe339..00000000 --- a/auth/helm/aaf/templates/cass_pvc.yaml +++ /dev/null @@ -1,49 +0,0 @@ -{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} -######### -## ============LICENSE_START==================================================== -## org.onap.aaf -## =========================================================================== -## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. -## =========================================================================== -## Licensed under the Apache License, Version 2.0 (the "License"); -## you may not use this file except in compliance with the License. -## You may obtain a copy of the License at -## -## http://www.apache.org/licenses/LICENSE-2.0 -## -## Unless required by applicable law or agreed to in writing, software -## distributed under the License is distributed on an "AS IS" BASIS, -## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -## See the License for the specific language governing permissions and -## limitations under the License. -## ============LICENSE_END==================================================== -## - -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ .Chart.Name }}-cass-pvc - namespace: {{ .Values.global.common.namespace }} - labels: - app: {{ .Chart.Name }}-cass -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - app: {{ .Chart.Name }}-cass - accessModes: - - {{ .Values.persistence.cass.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.cass.size }} -{{- if .Values.persistence.cass.storageClass }} -{{- if (eq "-" .Values.persistence.cass.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.cass.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} diff --git a/auth/helm/aaf/templates/config_pv.yaml b/auth/helm/aaf/templates/config_pv.yaml deleted file mode 100644 index 7066f520..00000000 --- a/auth/helm/aaf/templates/config_pv.yaml +++ /dev/null @@ -1,44 +0,0 @@ -{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} -######### -## ============LICENSE_START==================================================== -## org.onap.aaf -## =========================================================================== -## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. -## =========================================================================== -## Licensed under the Apache License, Version 2.0 (the "License"); -## you may not use this file except in compliance with the License. -## You may obtain a copy of the License at -## -## http://www.apache.org/licenses/LICENSE-2.0 -## -## Unless required by applicable law or agreed to in writing, software -## distributed under the License is distributed on an "AS IS" BASIS, -## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -## See the License for the specific language governing permissions and -## limitations under the License. -## ============LICENSE_END==================================================== -## - -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ .Chart.Name }}-config-pv - namespace: {{ .Values.global.common.namespace }} - labels: - app: {{ .Chart.Name }}-config -spec: - capacity: - storage: {{ .Values.persistence.config.size}} - accessModes: - - {{ .Values.persistence.config.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.config.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.persistence.mountPath }}/{{ .Values.persistence.config.mountSubPath }} -{{- if .Values.persistence.config.storageClass }} -{{- if (eq "-" .Values.persistence.config.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.config.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} diff --git a/auth/helm/aaf/templates/config_pvc.yaml b/auth/helm/aaf/templates/config_pvc.yaml deleted file mode 100644 index 9136712b..00000000 --- a/auth/helm/aaf/templates/config_pvc.yaml +++ /dev/null @@ -1,49 +0,0 @@ -{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} -######### -## ============LICENSE_START==================================================== -## org.onap.aaf -## =========================================================================== -## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. -## =========================================================================== -## Licensed under the Apache License, Version 2.0 (the "License"); -## you may not use this file except in compliance with the License. -## You may obtain a copy of the License at -## -## http://www.apache.org/licenses/LICENSE-2.0 -## -## Unless required by applicable law or agreed to in writing, software -## distributed under the License is distributed on an "AS IS" BASIS, -## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -## See the License for the specific language governing permissions and -## limitations under the License. -## ============LICENSE_END==================================================== -## - -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ .Chart.Name }}-config-pvc - namespace: {{ .Values.global.common.namespace }} - labels: - app: {{ .Chart.Name }}-config -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - app: {{ .Chart.Name }}-config - accessModes: - - {{ .Values.persistence.config.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.config.size }} -{{- if .Values.persistence.config.storageClass }} -{{- if (eq "-" .Values.persistence.config.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.config.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} diff --git a/auth/helm/aaf/templates/status_pv.yaml b/auth/helm/aaf/templates/status_pv.yaml deleted file mode 100644 index 418a368b..00000000 --- a/auth/helm/aaf/templates/status_pv.yaml +++ /dev/null @@ -1,44 +0,0 @@ -{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} -######### -## ============LICENSE_START==================================================== -## org.onap.aaf -## =========================================================================== -## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. -## =========================================================================== -## Licensed under the Apache License, Version 2.0 (the "License"); -## you may not use this file except in compliance with the License. -## You may obtain a copy of the License at -## -## http://www.apache.org/licenses/LICENSE-2.0 -## -## Unless required by applicable law or agreed to in writing, software -## distributed under the License is distributed on an "AS IS" BASIS, -## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -## See the License for the specific language governing permissions and -## limitations under the License. -## ============LICENSE_END==================================================== -## - -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ .Chart.Name }}-status-pv - namespace: {{ .Values.global.common.namespace }} - labels: - app: {{ .Chart.Name }}-status -spec: - capacity: - storage: {{ .Values.persistence.status.size}} - accessModes: - - {{ .Values.persistence.status.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.status.volumeReclaimPolicy }} - hostPath: - path: {{ .Values.persistence.mountPath }}/{{ .Values.persistence.status.mountSubPath }} -{{- if .Values.persistence.status.storageClass }} -{{- if (eq "-" .Values.persistence.status.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.status.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} diff --git a/auth/helm/aaf/templates/status_pvc.yaml b/auth/helm/aaf/templates/status_pvc.yaml deleted file mode 100644 index 2a402ff9..00000000 --- a/auth/helm/aaf/templates/status_pvc.yaml +++ /dev/null @@ -1,49 +0,0 @@ -{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} -######### -## ============LICENSE_START==================================================== -## org.onap.aaf -## =========================================================================== -## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. -## =========================================================================== -## Licensed under the Apache License, Version 2.0 (the "License"); -## you may not use this file except in compliance with the License. -## You may obtain a copy of the License at -## -## http://www.apache.org/licenses/LICENSE-2.0 -## -## Unless required by applicable law or agreed to in writing, software -## distributed under the License is distributed on an "AS IS" BASIS, -## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -## See the License for the specific language governing permissions and -## limitations under the License. -## ============LICENSE_END==================================================== -## - -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ .Chart.Name }}-status-pvc - namespace: {{ .Values.global.common.namespace }} - labels: - app: {{ .Chart.Name }}-status -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - selector: - matchLabels: - app: {{ .Chart.Name }}-status - accessModes: - - {{ .Values.persistence.status.accessMode }} - resources: - requests: - storage: {{ .Values.persistence.status.size }} -{{- if .Values.persistence.status.storageClass }} -{{- if (eq "-" .Values.persistence.status.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.status.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} diff --git a/auth/helm/aaf/values.yaml b/auth/helm/aaf/values.yaml index 7556f251..abea8902 100644 --- a/auth/helm/aaf/values.yaml +++ b/auth/helm/aaf/values.yaml @@ -35,7 +35,6 @@ replicas: oauth: 1 cm: 1 gui: 1 - hello: 0 ingress: enabled: false @@ -49,11 +48,11 @@ cadi: persistence: # Note: Minikube will persist to /data on your host machine mountPath: "/data/aaf" - config: + cass: volumeReclaimPolicy: Retain accessMode: ReadWriteOnce - size: 2Gi - mountSubPath: "config" + size: 10Gi + mountSubPath: "cass" storageClass: "manual" status: volumeReclaimPolicy: Delete @@ -61,11 +60,17 @@ persistence: size: 10M mountSubPath: "status" storageClass: "manual" - cass: + config: volumeReclaimPolicy: Retain accessMode: ReadWriteOnce - size: 10Gi - mountSubPath: "cass" + size: 2Gi + mountSubPath: "config" + storageClass: "manual" + hello: + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + size: 1Gi + mountSubPath: "config" storageClass: "manual" image: diff --git a/auth/sample/bin/client.sh b/auth/sample/bin/client.sh index 9b146c5f..42fe4d94 100755 --- a/auth/sample/bin/client.sh +++ b/auth/sample/bin/client.sh @@ -80,6 +80,12 @@ if [ ! -e "$DOT_AAF/keyfile" ]; then if [ ! "${DEPLOY_PASSWORD}" = "" ]; then echo aaf_password=enc:$(sso_encrypt ${DEPLOY_PASSWORD}) >> ${SSO} fi + if [ ! -z "${CONTAINER_NS}" ]; then + echo "aaf_locator_container_ns=${CONTAINER_NS}" >> ${SSO} + fi + if [ ! -z "${AAF_ENV}" ]; then + echo "aaf_env=${AAF_ENV}" >> ${SSO} + fi echo aaf_locate_url=https://${AAF_FQDN}:8095 >> ${SSO} echo aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:${AAF_INTERFACE_VERSION} >> ${SSO} @@ -228,6 +234,10 @@ else taillog) sh /opt/app/osaaf/logs/taillog ;; + testConnectivity|testconnectivity) + echo "--- Test Connectivity ---" + $JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar org.onap.aaf.cadi.aaf.TestConnectivity $LOCAL/org.osaaf.aaf.props + ;; --help | -?) case "$1" in "") diff --git a/auth/sample/etc/org.osaaf.aaf.cm.props b/auth/sample/etc/org.osaaf.aaf.cm.props index 8d113711..c8e383c2 100644 --- a/auth/sample/etc/org.osaaf.aaf.cm.props +++ b/auth/sample/etc/org.osaaf.aaf.cm.props @@ -26,7 +26,7 @@ cadi_prop_files=/opt/app/osaaf/local/org.osaaf.aaf.props:/opt/app/osaaf/etc/org. aaf_locator_entries=cm port=8150 aaf_locator_public_port.helm=30084 -# aaf_locator_public_port.oom= +aaf_locator_public_port.oom=31114 #Certman cm_public_dir=/opt/app/osaaf/public diff --git a/auth/sample/etc/org.osaaf.aaf.fs.props b/auth/sample/etc/org.osaaf.aaf.fs.props index 02dc0ac9..8233d020 100644 --- a/auth/sample/etc/org.osaaf.aaf.fs.props +++ b/auth/sample/etc/org.osaaf.aaf.fs.props @@ -24,7 +24,7 @@ cadi_prop_files=/opt/app/osaaf/local/org.osaaf.aaf.props:/opt/app/osaaf/etc/org.osaaf.aaf.log4j.props aaf_locator_entries=fs port=8096 -aaf_locator_port.helm=30085 -# aaf_locator_port.oom= +aaf_locator_public_port.helm=30085 +aaf_locator_public_port.oom=31115 aaf_public_dir=/opt/app/osaaf/public diff --git a/auth/sample/etc/org.osaaf.aaf.gui.props b/auth/sample/etc/org.osaaf.aaf.gui.props index caad2080..ce2b6bee 100644 --- a/auth/sample/etc/org.osaaf.aaf.gui.props +++ b/auth/sample/etc/org.osaaf.aaf.gui.props @@ -24,8 +24,8 @@ cadi_prop_files=/opt/app/osaaf/local/org.osaaf.aaf.props:/opt/app/osaaf/etc/org.osaaf.aaf.log4j.props:/opt/app/osaaf/etc/org.osaaf.aaf.orgs.props aaf_locator_entries=gui port=8200 -aaf_locator_port.helm=30083 -#aaf_locator_port.oom= +aaf_locator_public_port.helm=30083 +aaf_locator_public_port.oom=31113 aaf_gui_title=AAF aaf_gui_copyright=(c) 2018 AT&T Intellectual Property. All rights reserved. diff --git a/auth/sample/etc/org.osaaf.aaf.hello.props b/auth/sample/etc/org.osaaf.aaf.hello.props index ea31b3a6..89434685 100644 --- a/auth/sample/etc/org.osaaf.aaf.hello.props +++ b/auth/sample/etc/org.osaaf.aaf.hello.props @@ -25,5 +25,5 @@ cadi_prop_files=/opt/app/osaaf/local/org.osaaf.aaf.props:/opt/app/osaaf/etc/org. aaf_locator_entries=hello port=8130 aaf_locator_public_port.helm=30086 -#aaf_locator_public_port.oom= +aaf_locator_public_port.oom=31116 diff --git a/auth/sample/etc/org.osaaf.aaf.locate.props b/auth/sample/etc/org.osaaf.aaf.locate.props index a132abd6..0290a2ec 100644 --- a/auth/sample/etc/org.osaaf.aaf.locate.props +++ b/auth/sample/etc/org.osaaf.aaf.locate.props @@ -25,6 +25,6 @@ cadi_prop_files=/opt/app/osaaf/local/org.osaaf.aaf.props:/opt/app/osaaf/etc/org. aaf_locator_entries=locate port=8095 aaf_locator_public_port.helm=30081 -#aaf_locator_public_port.oom= +aaf_locator_public_port.oom=31111 diff --git a/auth/sample/etc/org.osaaf.aaf.oauth.props b/auth/sample/etc/org.osaaf.aaf.oauth.props index d9b17064..8c813898 100644 --- a/auth/sample/etc/org.osaaf.aaf.oauth.props +++ b/auth/sample/etc/org.osaaf.aaf.oauth.props @@ -22,8 +22,10 @@ ## cadi_prop_files=/opt/app/osaaf/local/org.osaaf.aaf.props:/opt/app/osaaf/etc/org.osaaf.aaf.log4j.props:/opt/app/osaaf/local/org.osaaf.aaf.cassandra.props aaf_locator_entries=oauth,token,introspect +aaf_locator_fqdn.helm=%CNS.aaf-oauth +aaf_locator_fqdn.oom=%CNS.aaf-oauth port=8140 aaf_locator_public_port.helm=30082 -#aaf_locator_public_port.oom= +aaf_locator_public_port.oom=31112 diff --git a/auth/sample/etc/org.osaaf.aaf.service.props b/auth/sample/etc/org.osaaf.aaf.service.props index 87924ba8..3af5f808 100644 --- a/auth/sample/etc/org.osaaf.aaf.service.props +++ b/auth/sample/etc/org.osaaf.aaf.service.props @@ -25,5 +25,5 @@ cadi_prop_files=/opt/app/osaaf/local/org.osaaf.aaf.props:/opt/app/osaaf/etc/org. aaf_locator_entries=service port=8100 aaf_locator_public_port.helm=30080 -#aaf_locator_public_port.oom= +aaf_locator_public_port.oom=31110 diff --git a/auth/sample/local/initialConfig.props b/auth/sample/local/initialConfig.props index 93cfae56..2bcaf7c4 100644 --- a/auth/sample/local/initialConfig.props +++ b/auth/sample/local/initialConfig.props @@ -28,7 +28,7 @@ cadi_protocols=TLSv1.1,TLSv1.2 # 3) Helm (Kubernetes and Helm) # 4) OOM (Kubernetes with OOM) ################################ -aaf_locator_ns=AAF_NS +aaf_locator_app_ns=%AAF_NS aaf_locator_name=%NS.%N aaf_locator_name.docker=%CNS.%NS.%N aaf_locator_name.helm=%CNS.%NS.%N diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java index 4fe05f71..9e21f6cd 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java @@ -111,7 +111,7 @@ public abstract class AAFCon implements Connector { } try { RegistrationPropHolder rph = new RegistrationPropHolder(access, 0); - str = rph.replacements(str, null,null); + str = rph.replacements("AAFCon",str, null,null); } catch (UnknownHostException e) { throw new CadiException(e); } diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java index 14878d38..5214ddba 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java @@ -73,14 +73,14 @@ public abstract class AbsAAFLocator implements Locator throw new LocatorException(e1); } try { - aaf_locator_host = rph.replacements("https://"+Config.AAF_LOCATE_URL_TAG,null,null); + aaf_locator_host = rph.replacements(getClass().getSimpleName(),"https://"+Config.AAF_LOCATE_URL_TAG,null,null); aaf_locator_uri = new URI(aaf_locator_host); access.printf(Level.INFO, "AbsAAFLocator AAF URI is %s",aaf_locator_uri); } catch (URISyntaxException e) { throw new LocatorException(e); } - name = rph.replacements(name, null,null); + name = rph.replacements(getClass().getSimpleName(),name, null,null); access.printf(Level.INFO, "AbsAAFLocator name is %s",aaf_locator_uri); epList = new LinkedList<>(); diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/RegistrationCreator.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/RegistrationCreator.java index aba13fb4..ac715163 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/RegistrationCreator.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/RegistrationCreator.java @@ -24,6 +24,7 @@ import java.net.UnknownHostException; import java.util.List; import org.onap.aaf.cadi.Access; +import org.onap.aaf.cadi.Access.Level; import org.onap.aaf.cadi.CadiException; import org.onap.aaf.cadi.aaf.Defaults; import org.onap.aaf.cadi.config.Config; @@ -31,6 +32,7 @@ import org.onap.aaf.cadi.config.RegistrationPropHolder; import org.onap.aaf.cadi.util.Split; import locate.v1_0.MgmtEndpoint; +import locate.v1_0.MgmtEndpoint.SpecialPorts; import locate.v1_0.MgmtEndpoints; public class RegistrationCreator { @@ -110,10 +112,75 @@ public class RegistrationCreator { } catch (NumberFormatException | UnknownHostException e) { throw new CadiException("Error extracting Data from Properties for Registrar",e); } - + + if(access.willLog(Level.INFO)) { + access.log(Level.INFO, print(new StringBuilder(),me.getMgmtEndpoint())); + } return me; } + private StringBuilder print(StringBuilder sb, List lme) { + int cnt = 0; + for(MgmtEndpoint m : lme) { + print(sb,cnt++,m); + } + return sb; + } + + private void print(StringBuilder out, int cnt, MgmtEndpoint mep) { + out.append("\nManagement Endpoint - "); + out.append(cnt); + out.append("\n\tName: "); + out.append(mep.getName()); + out.append("\n\tHostname: "); + out.append(mep.getHostname()); + out.append("\n\tLatitude: "); + out.append(mep.getLatitude()); + out.append("\n\tLongitude: "); + out.append(mep.getLongitude()); + out.append("\n\tVersion: "); + out.append(mep.getMajor()); + out.append('.'); + out.append(mep.getMinor()); + out.append('.'); + out.append(mep.getPkg()); + out.append('.'); + out.append(mep.getPatch()); + out.append("\n\tPort: "); + out.append(mep.getPort()); + out.append("\n\tProtocol: "); + out.append(mep.getProtocol()); + out.append("\n\tSpecial Ports:"); + for( SpecialPorts sp : mep.getSpecialPorts()) { + out.append("\n\t\tName: "); + out.append(sp.getName()); + out.append("\n\t\tPort: "); + out.append(sp.getPort()); + out.append("\n\t\tProtocol: "); + out.append(sp.getProtocol()); + out.append("\n\t\t Versions: "); + boolean first = true; + for(String s : sp.getProtocolVersions()) { + if(first) { + first = false; + } else { + out.append(','); + } + out.append(s); + } + } + boolean first = true; + out.append("\n\tSubProtocol: "); + for(String s : mep.getSubprotocol()) { + if(first) { + first = false; + } else { + out.append(','); + } + out.append(s); + } + } + private MgmtEndpoint copy(MgmtEndpoint mep) { MgmtEndpoint out = new MgmtEndpoint(); out.setName(mep.getName()); diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/register/test/JU_RegistrationCreator.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/register/test/JU_RegistrationCreator.java index dc671c83..06ef0ca5 100644 --- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/register/test/JU_RegistrationCreator.java +++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/register/test/JU_RegistrationCreator.java @@ -27,6 +27,7 @@ import java.net.Inet4Address; import java.net.UnknownHostException; import org.junit.Test; +import org.mockito.internal.configuration.DefaultInjectionEngine; import org.onap.aaf.cadi.CadiException; import org.onap.aaf.cadi.PropAccess; import org.onap.aaf.cadi.config.Config; @@ -142,6 +143,7 @@ public class JU_RegistrationCreator { pa.setProperty(Config.AAF_LOCATOR_PUBLIC_HOSTNAME,k8s_public_hostname); pa.setProperty(Config.AAF_LOCATOR_PUBLIC_PORT+DOT_OOM,Integer.toString(public_port)); + pa.setProperty(Config.AAF_LOCATOR_APP_NS, Config.AAF_ROOT_NS_DEF); rc = new RegistrationCreator(pa); for(MgmtEndpoint me : rc.create(port).getMgmtEndpoint()) { switch(me.getName()) { diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java index 26305e91..3dc7f06c 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java @@ -175,7 +175,7 @@ public class Config { public static final String AAF_LOCATOR_VERSION = "aaf_locator_version"; public static final String AAF_LOCATOR_PROTOCOL = "aaf_locator_protocol"; public static final String AAF_LOCATOR_SUBPROTOCOL = "aaf_locator_subprotocol"; - public static final String AAF_LOCATOR_NS = "aaf_locator_ns"; + public static final String AAF_LOCATOR_APP_NS = "aaf_locator_app_ns"; public static final String AAF_LOCATOR_ENTRIES = "aaf_locator_entries"; public static final String AAF_LOCATOR_FQDN = "aaf_locator_fqdn"; public static final String AAF_LOCATOR_NAME = "aaf_locator_name"; @@ -574,7 +574,7 @@ public class Config { if (rv == null) { rph.access().log(Level.INIT,tag,"is not explicitly set"); } else { - rv = rph.replacements(rv, null, null); + rv = rph.replacements("Config.logProp",rv, null, null); rph.access().log(Level.INIT,tag,"is set to",rv); } return rv; @@ -848,7 +848,7 @@ public class Config { RegistrationPropHolder rph; try { rph = new RegistrationPropHolder(access, 0); - url = rph.replacements(_url, null, null); + url = rph.replacements("Config.loadLocator",_url, null, null); access.printf(Level.INFO, "loadLocator URL is %s",url); } catch (UnknownHostException | CadiException e1) { throw new LocatorException(e1); diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/RegistrationPropHolder.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/RegistrationPropHolder.java index 68a018d6..87abb963 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/RegistrationPropHolder.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/RegistrationPropHolder.java @@ -25,10 +25,12 @@ import java.net.UnknownHostException; import org.onap.aaf.cadi.Access; import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.Access.Level; import org.onap.aaf.cadi.util.Split; public class RegistrationPropHolder { private final String PUBLIC_NAME="%NS.%N"; + private final String REGI="RegistrationProperty: %s='%s'"; private final Access access; public String hostname; private int port; @@ -42,6 +44,7 @@ public class RegistrationPropHolder { public final String lentries; public final String lcontainer; public final String default_container; + private static boolean firstlog = true; public RegistrationPropHolder(final Access access, final int port) throws UnknownHostException, CadiException { this.access = access; @@ -50,8 +53,10 @@ public class RegistrationPropHolder { this.port = port; lentries=access.getProperty(Config.AAF_LOCATOR_ENTRIES,""); - default_container = access.getProperty(Config.AAF_LOCATOR_CONTAINER, ""); + if(firstlog) { + access.printf(Level.INIT, REGI,"default_container",default_container); + } if(!default_container.isEmpty()) { lcontainer=',' + default_container; // "" makes a blank default Public Entry str = access.getProperty(Config.AAF_LOCATOR_PUBLIC_PORT+'.'+default_container, null); @@ -65,7 +70,10 @@ public class RegistrationPropHolder { if(str!=null) { public_port=Integer.decode(str); } - + if(firstlog) { + access.printf(Level.INIT, "RegistrationProperty: public_port='%d'",public_port); + } + hostname = access.getProperty(Config.HOSTNAME, null); if (hostname==null) { hostname = Inet4Address.getLocalHost().getHostName(); @@ -73,10 +81,19 @@ public class RegistrationPropHolder { if (hostname==null) { mustBeDefined(errs,Config.HOSTNAME); } + if(firstlog) { + access.printf(Level.INIT, REGI,"hostname",hostname); + } public_hostname = access.getProperty(Config.AAF_LOCATOR_PUBLIC_HOSTNAME, hostname); + if(firstlog) { + access.printf(Level.INIT, REGI,"public_hostname",public_hostname); + } - default_name = access.getProperty(Config.AAF_LOCATOR_NAME, "%CNS.%NS.%N"); + default_name = access.getProperty(Config.AAF_LOCATOR_NAME, PUBLIC_NAME); + if(firstlog) { + access.printf(Level.INIT, REGI,"default_name",default_name); + } latitude=null; String slatitude = access.getProperty(Config.CADI_LATITUDE, null); @@ -85,6 +102,9 @@ public class RegistrationPropHolder { } else { latitude = Float.parseFloat(slatitude); } + if(firstlog) { + access.printf(Level.INIT, REGI,"latitude",slatitude); + } longitude=null; String slongitude = access.getProperty(Config.CADI_LONGITUDE, null); @@ -93,23 +113,35 @@ public class RegistrationPropHolder { } else { longitude = Float.parseFloat(slongitude); } + if(firstlog) { + access.printf(Level.INIT, REGI,"longitude",slongitude); + } String dot_le; // Note: only one of the ports can be public... Therefore, only the last for(String le : Split.splitTrim(',', lcontainer)) { - dot_le = le.isEmpty()?"":"."+le; + dot_le = le.isEmpty()?le :"."+le; str = access.getProperty(Config.AAF_LOCATOR_PUBLIC_HOSTNAME+dot_le,null); - if( str != null) { + if( str != null && !str.isEmpty()) { public_hostname=str; + if(firstlog) { + access.printf(Level.INIT, "RegistrationProperty: public_hostname(overloaded by %s)='%s'",dot_le,public_hostname); + } } } default_fqdn = access.getProperty(Config.AAF_LOCATOR_FQDN, hostname); + if(firstlog) { + access.printf(Level.INIT, REGI,"default_fqdn",default_fqdn); + } default_container_ns = access.getProperty(Config.AAF_LOCATOR_CONTAINER_NS,""); - + if(firstlog) { + access.printf(Level.INIT, REGI,"default_container_ns",default_container_ns); + } if(errs.length()>0) { throw new CadiException(errs.toString()); } + firstlog = false; } private void mustBeDefined(StringBuilder errs, String propname) { @@ -126,7 +158,7 @@ public class RegistrationPropHolder { } else { str = access.getProperty(Config.AAF_LOCATOR_FQDN+dot_le, default_fqdn); } - return replacements(str,entry,dot_le); + return replacements("RegistrationPropHolder.getEntryFQDN",str,entry,dot_le); } public String getEntryName(final String entry, final String dot_le) { @@ -136,27 +168,27 @@ public class RegistrationPropHolder { } else { str = access.getProperty(Config.AAF_LOCATOR_NAME+dot_le, default_name); } - return replacements(str,entry,dot_le); + return replacements("RegistrationPropHolder.getEntryName",str,entry,dot_le); } private String getNS(String dot_le) { String ns; - ns = access.getProperty(Config.AAF_LOCATOR_NS+dot_le,null); + ns = access.getProperty(Config.AAF_LOCATOR_APP_NS+dot_le,null); if(ns==null) { - ns = access.getProperty(Config.AAF_ROOT_NS, ""); + ns = access.getProperty(Config.AAF_LOCATOR_APP_NS, ""); } return ns; } - public String replacements(String source, final String name, final String _dot_le) { + public String replacements(final String fromCode, final String source, final String name, final String _dot_le) { if(source == null) { return ""; } else if(source.isEmpty()) { return source; } - + String value = source; String dot_le; if(_dot_le==null) { dot_le = default_container.isEmpty()?"":'.'+default_container; @@ -171,71 +203,75 @@ public class RegistrationPropHolder { String str; if(aaf_locator_host!=null) { - if("https://AAF_LOCATE_URL".equals(source)) { - source = aaf_locator_host; + if("https://AAF_LOCATE_URL".equals(value)) { + value = aaf_locator_host; } else { str = aaf_locator_host; - if(source.indexOf(Config.AAF_LOCATE_URL_TAG)>=0) { + if(value.indexOf(Config.AAF_LOCATE_URL_TAG)>=0) { if(!str.endsWith("/")) { str+='/'; } if(!str.endsWith("/locate/")) { str+="locate/"; } - source = source.replace("https://AAF_LOCATE_URL/", str); + value = value.replace("https://AAF_LOCATE_URL/", str); } } } - int atC = source.indexOf("%C"); + int atC = value.indexOf("%C"); if(atC>=0) { // aaf_locator_container_ns str = access.getProperty(Config.AAF_LOCATOR_CONTAINER_NS+dot_le, default_container_ns); if(str.isEmpty()) { - source = source.replace("%CNS"+'.', str); + value = value.replace("%CNS"+'.', str); } - source = source.replace("%CNS", str); + value = value.replace("%CNS", str); str = access.getProperty(Config.AAF_LOCATOR_CONTAINER+dot_le,default_container); if(str.isEmpty()) { - source = source.replace("%C"+'.', str); + value = value.replace("%C"+'.', str); } - source = source.replace("%C", str); + value = value.replace("%C", str); } - if(source.indexOf("%NS")>=0) { + if(value.indexOf("%NS")>=0) { str = getNS(dot_le); if(str==null || str.isEmpty()) { - source = source.replace("%NS"+'.', str); + value = value.replace("%NS"+'.', str); } - source = source.replace("%NS", str); + value = value.replace("%NS", str); } // aaf_root_ns - if(source.indexOf("AAF_NS")>=0) { + if(value.indexOf("AAF_NS")>=0) { str = access.getProperty(Config.AAF_ROOT_NS, Config.AAF_ROOT_NS_DEF); - String temp = source.replace("%AAF_NS", str); - if(temp.equals(source)) { // intended - source = source.replace("AAF_NS", str); // Backward Compatibility + String temp = value.replace("%AAF_NS", str); + if(temp.equals(value)) { // intended + value = value.replace("AAF_NS", str); // Backward Compatibility } else { - source = temp; + value = temp; } } - if(source.indexOf('%')>=0) { + if(value.indexOf('%')>=0) { // These shouldn't be expected to have dot elements if(name!=null) { - source = source.replace("%N", name); + value = value.replace("%N", name); } if(default_fqdn!=null) { - source = source.replace("%DF", default_fqdn); + value = value.replace("%DF", default_fqdn); } if(public_hostname!=null) { - source = source.replace("%PH", public_hostname); + value = value.replace("%PH", public_hostname); } } - return source; + access.printf(Level.DEBUG, + "RegistrationReplacement from %s, source: %s, dot_le: %s, value: %s", + fromCode,source,dot_le,value); + + return value; } public int getEntryPort(final String dot_le) { diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_RegistrationPropHolder.java b/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_RegistrationPropHolder.java index 18e26f55..359b3c2d 100644 --- a/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_RegistrationPropHolder.java +++ b/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_RegistrationPropHolder.java @@ -73,7 +73,7 @@ public class JU_RegistrationPropHolder { } String ns = "myns"; - pa.setProperty(Config.AAF_LOCATOR_NS, ns); + pa.setProperty(Config.AAF_LOCATOR_APP_NS, ns); for(String dot_le : new String[] {"",".helm"}) { assertEquals(rph.hostname,rph.default_fqdn); assertEquals("",rph.lcontainer); @@ -83,7 +83,7 @@ public class JU_RegistrationPropHolder { } String ns2 = "onap"; - pa.setProperty(Config.AAF_LOCATOR_NS+".helm", ns2); + pa.setProperty(Config.AAF_LOCATOR_APP_NS+".helm", ns2); for(String dot_le : new String[] {"",".helm"}) { assertEquals(rph.hostname,rph.default_fqdn); assertEquals("",rph.lcontainer); @@ -106,37 +106,37 @@ public class JU_RegistrationPropHolder { final String url = "https://aaf.osaaf.org:8095/org.osaaf.aaf.service:2.1"; String name="theName"; - assertEquals(url,rph.replacements(url, name, "")); + assertEquals(url,rph.replacements(getClass().getSimpleName(),url, name, "")); String alu = "aaf.osaaf.org:8095"; String curl = url.replace(alu, Config.AAF_LOCATE_URL_TAG); pa.setProperty(Config.AAF_LOCATE_URL,"https://"+alu); - assertEquals(url.replace("8095","8095/locate"),rph.replacements(curl, name, "")); + assertEquals(url.replace("8095","8095/locate"),rph.replacements(getClass().getSimpleName(),curl, name, "")); String root_ns = "org.osaaf.aaf"; curl = url.replace(root_ns, "AAF_NS"); pa.setProperty(Config.AAF_ROOT_NS,root_ns); - assertEquals(url,rph.replacements(curl, name, "")); + assertEquals(url,rph.replacements(getClass().getSimpleName(),curl, name, "")); curl = url.replace(root_ns, "%AAF_NS"); pa.setProperty(Config.AAF_ROOT_NS,root_ns); - assertEquals(url,rph.replacements(curl, name, "")); + assertEquals(url,rph.replacements(getClass().getSimpleName(),curl, name, "")); final String fqdn = "%C.%CNS.%NS.%N"; String target = "myns.theName"; - assertEquals(target,rph.replacements(fqdn, name, "")); + assertEquals(target,rph.replacements(getClass().getSimpleName(),fqdn, name, "")); pa.setProperty(Config.AAF_LOCATOR_CONTAINER_NS+".hello", "mycontns"); - target = "mycontns.org.osaaf.aaf.theName"; - assertEquals(target,rph.replacements(fqdn, name, ".hello")); + target = "mycontns.myns.theName"; + assertEquals(target,rph.replacements(getClass().getSimpleName(),fqdn, name, ".hello")); pa.setProperty(Config.AAF_LOCATOR_CONTAINER+".hello","helloC"); - target = "helloC.mycontns.org.osaaf.aaf.theName"; - assertEquals(target,rph.replacements(fqdn, name, ".hello")); + target = "helloC.mycontns.myns.theName"; + assertEquals(target,rph.replacements(getClass().getSimpleName(),fqdn, name, ".hello")); pa.setProperty(Config.AAF_LOCATOR_CONTAINER_NS,"c_ns"); target = "c_ns.myns.theName"; - assertEquals(target,rph.replacements(fqdn, name, "")); + assertEquals(target,rph.replacements(getClass().getSimpleName(),fqdn, name, "")); } catch (UnknownHostException | CadiException e) { -- cgit 1.2.3-korg