From 69644638aa0e93c9c2c2ccea590fa02213d24a7a Mon Sep 17 00:00:00 2001 From: Remigiusz Janeczek Date: Wed, 17 Jun 2020 17:52:56 +0200 Subject: Add external tls info to bpgenerator and component spec schema Also: - Fix issue where local run without import file caused exception instead of use of default imports. - Update blueprint generator version from 1.3.2 to 1.4.0 Issue-ID: DCAEGEN2-2251 Signed-off-by: Remigiusz Janeczek Change-Id: I2f976ccc3e0b271bf9ae1357f02bd86fe0903459 --- .../blueprint_withTlsFalseAndExternalTlsFalse.yaml | 136 +++++++++++++++++++++ .../blueprint_withTlsTrueAndExternalTlsTrue.yaml | 136 +++++++++++++++++++++ .../blueprint_withTlsTrueAndNoExternalTls.yaml | 101 +++++++++++++++ .../TlsInfo/blueprint_withoutTlsInfo.yaml | 93 ++++++++++++++ ...ponentSpec_withTlsFalseAndExternalTlsFalse.json | 43 +++++++ ...omponentSpec_withTlsTrueAndExternalTlsTrue.json | 43 +++++++ ...tComponentSpec_withTlsTrueAndNoExternalTls.json | 42 +++++++ .../TlsInfo/testComponentSpec_withoutTlsInfo.json | 38 ++++++ 8 files changed, 632 insertions(+) create mode 100644 mod/bpgenerator/TestCases/TlsInfo/blueprint_withTlsFalseAndExternalTlsFalse.yaml create mode 100644 mod/bpgenerator/TestCases/TlsInfo/blueprint_withTlsTrueAndExternalTlsTrue.yaml create mode 100644 mod/bpgenerator/TestCases/TlsInfo/blueprint_withTlsTrueAndNoExternalTls.yaml create mode 100644 mod/bpgenerator/TestCases/TlsInfo/blueprint_withoutTlsInfo.yaml create mode 100644 mod/bpgenerator/TestCases/TlsInfo/testComponentSpec_withTlsFalseAndExternalTlsFalse.json create mode 100644 mod/bpgenerator/TestCases/TlsInfo/testComponentSpec_withTlsTrueAndExternalTlsTrue.json create mode 100644 mod/bpgenerator/TestCases/TlsInfo/testComponentSpec_withTlsTrueAndNoExternalTls.json create mode 100644 mod/bpgenerator/TestCases/TlsInfo/testComponentSpec_withoutTlsInfo.json (limited to 'mod/bpgenerator/TestCases') diff --git a/mod/bpgenerator/TestCases/TlsInfo/blueprint_withTlsFalseAndExternalTlsFalse.yaml b/mod/bpgenerator/TestCases/TlsInfo/blueprint_withTlsFalseAndExternalTlsFalse.yaml new file mode 100644 index 0000000..94a3f1e --- /dev/null +++ b/mod/bpgenerator/TestCases/TlsInfo/blueprint_withTlsFalseAndExternalTlsFalse.yaml @@ -0,0 +1,136 @@ + +#description: Test component spec +#blueprint_version: 1.0.1 +--- +tosca_definitions_version: cloudify_dsl_1_3 +imports: +- http://www.getcloudify.org/spec/cloudify/3.4/types.yaml +- https://nexus.onap.org/service/local/repositories/raw/content/org.onap.dcaegen2.platform.plugins/R6/k8splugin/1.7.2/k8splugin_types.yaml +- https://nexus.onap.org/service/local/repositories/raw/content/org.onap.dcaegen2.platform.plugins/R6/dcaepolicyplugin/2.4.0/dcaepolicyplugin_types.yaml +inputs: + always_pull_image: + type: boolean + description: Set to true if the image should always be pulled + default: true + envs: + default: {} + external_cert_ca_name: + type: string + description: Name of Certificate Authority configured on CertService side. + default: "RA" + external_cert_cert_type: + type: string + description: Format of provided certificates + default: "P12" + external_cert_common_name: + type: string + description: Common name which should be present in certificate. + default: "sample.onap.org" + external_cert_sans: + type: string + description: "List of Subject Alternative Names (SANs) which should be present + in certificate. Delimiter - : Should contain common_name value and other FQDNs + under which given component is accessible." + default: "sample.onap.org:component.sample.onap.org" + external_cert_use_external_tls: + type: boolean + description: Flag to indicate external tls enable/disable. + default: false + external_port_0: + type: string + default: "80" + external_port_1: + type: string + default: "99" + image: + type: string + default: "test.tester" + location_id: + type: string + default: "" + replicas: + type: integer + description: number of instances + default: 1 + service_component_name_override: + type: string + default: "" + test.component.spec_cpu_limit: + type: string + default: "250m" + test.component.spec_cpu_request: + type: string + default: "250m" + test.component.spec_memory_limit: + type: string + default: "128Mi" + test.component.spec_memory_request: + type: string + default: "128Mi" + use_tls: + type: boolean + description: flag to indicate tls enable/disable + default: false +node_templates: + test.component.spec: + type: dcae.nodes.ContainerizedServiceComponent + interfaces: + cloudify.interfaces.lifecycle: + start: + inputs: + ports: + - concat: ["80:", {get_input: external_port_0}] + - concat: ["99:", {get_input: external_port_1}] + envs: + get_input: envs + properties: + application_config: + service_calls: [] + streams_publishes: {} + streams_subscribes: {} + service_component_name_override: + get_input: service_component_name_override + docker_config: + healthcheck: + interval: 300s + timeout: 120s + script: /etc/init.d/nagios status + type: docker + image: + get_input: image + location_id: + get_input: location_id + service_component_type: test-component-spec + replicas: + get_input: replicas + tls_info: + cert_directory: /opt/app/dcae-certificate/ + use_tls: + get_input: use_tls + external_cert: + external_cert_directory: /opt/app/dcae-certificate/ + use_external_tls: + get_input: external_cert_use_external_tls + ca_name: + get_input: external_cert_ca_name + cert_type: + get_input: external_cert_cert_type + external_certificate_parameters: + common_name: + get_input: external_cert_common_name + sans: + get_input: external_cert_sans + resource_config: + limits: + cpu: + get_input: test.component.spec_cpu_limit + memory: + get_input: test.component.spec_memory_limit + requests: + cpu: + get_input: test.component.spec_cpu_request + memory: + get_input: test.component.spec_memory_request + always_pull_image: + get_input: always_pull_image + relationships: [] \ No newline at end of file diff --git a/mod/bpgenerator/TestCases/TlsInfo/blueprint_withTlsTrueAndExternalTlsTrue.yaml b/mod/bpgenerator/TestCases/TlsInfo/blueprint_withTlsTrueAndExternalTlsTrue.yaml new file mode 100644 index 0000000..4313d6b --- /dev/null +++ b/mod/bpgenerator/TestCases/TlsInfo/blueprint_withTlsTrueAndExternalTlsTrue.yaml @@ -0,0 +1,136 @@ + +#description: Test component spec +#blueprint_version: 1.0.1 +--- +tosca_definitions_version: cloudify_dsl_1_3 +imports: +- http://www.getcloudify.org/spec/cloudify/3.4/types.yaml +- https://nexus.onap.org/service/local/repositories/raw/content/org.onap.dcaegen2.platform.plugins/R6/k8splugin/1.7.2/k8splugin_types.yaml +- https://nexus.onap.org/service/local/repositories/raw/content/org.onap.dcaegen2.platform.plugins/R6/dcaepolicyplugin/2.4.0/dcaepolicyplugin_types.yaml +inputs: + always_pull_image: + type: boolean + description: Set to true if the image should always be pulled + default: true + envs: + default: {} + external_cert_ca_name: + type: string + description: Name of Certificate Authority configured on CertService side. + default: "RA" + external_cert_cert_type: + type: string + description: Format of provided certificates + default: "P12" + external_cert_common_name: + type: string + description: Common name which should be present in certificate. + default: "sample.onap.org" + external_cert_sans: + type: string + description: "List of Subject Alternative Names (SANs) which should be present + in certificate. Delimiter - : Should contain common_name value and other FQDNs + under which given component is accessible." + default: "sample.onap.org:component.sample.onap.org" + external_cert_use_external_tls: + type: boolean + description: Flag to indicate external tls enable/disable. + default: true + external_port_0: + type: string + default: "80" + external_port_1: + type: string + default: "99" + image: + type: string + default: "test.tester" + location_id: + type: string + default: "" + replicas: + type: integer + description: number of instances + default: 1 + service_component_name_override: + type: string + default: "" + test.component.spec_cpu_limit: + type: string + default: "250m" + test.component.spec_cpu_request: + type: string + default: "250m" + test.component.spec_memory_limit: + type: string + default: "128Mi" + test.component.spec_memory_request: + type: string + default: "128Mi" + use_tls: + type: boolean + description: flag to indicate tls enable/disable + default: true +node_templates: + test.component.spec: + type: dcae.nodes.ContainerizedServiceComponent + interfaces: + cloudify.interfaces.lifecycle: + start: + inputs: + ports: + - concat: ["80:", {get_input: external_port_0}] + - concat: ["99:", {get_input: external_port_1}] + envs: + get_input: envs + properties: + application_config: + service_calls: [] + streams_publishes: {} + streams_subscribes: {} + service_component_name_override: + get_input: service_component_name_override + docker_config: + healthcheck: + interval: 300s + timeout: 120s + script: /etc/init.d/nagios status + type: docker + image: + get_input: image + location_id: + get_input: location_id + service_component_type: test-component-spec + replicas: + get_input: replicas + tls_info: + cert_directory: /opt/app/dcae-certificate/ + use_tls: + get_input: use_tls + external_cert: + external_cert_directory: /opt/app/dcae-certificate/ + use_external_tls: + get_input: external_cert_use_external_tls + ca_name: + get_input: external_cert_ca_name + cert_type: + get_input: external_cert_cert_type + external_certificate_parameters: + common_name: + get_input: external_cert_common_name + sans: + get_input: external_cert_sans + resource_config: + limits: + cpu: + get_input: test.component.spec_cpu_limit + memory: + get_input: test.component.spec_memory_limit + requests: + cpu: + get_input: test.component.spec_cpu_request + memory: + get_input: test.component.spec_memory_request + always_pull_image: + get_input: always_pull_image + relationships: [] \ No newline at end of file diff --git a/mod/bpgenerator/TestCases/TlsInfo/blueprint_withTlsTrueAndNoExternalTls.yaml b/mod/bpgenerator/TestCases/TlsInfo/blueprint_withTlsTrueAndNoExternalTls.yaml new file mode 100644 index 0000000..c4515e3 --- /dev/null +++ b/mod/bpgenerator/TestCases/TlsInfo/blueprint_withTlsTrueAndNoExternalTls.yaml @@ -0,0 +1,101 @@ + +#description: Test component spec +#blueprint_version: 1.0.1 +--- +tosca_definitions_version: cloudify_dsl_1_3 +imports: +- http://www.getcloudify.org/spec/cloudify/3.4/types.yaml +- https://nexus.onap.org/service/local/repositories/raw/content/org.onap.dcaegen2.platform.plugins/R6/k8splugin/1.7.2/k8splugin_types.yaml +- https://nexus.onap.org/service/local/repositories/raw/content/org.onap.dcaegen2.platform.plugins/R6/dcaepolicyplugin/2.4.0/dcaepolicyplugin_types.yaml +inputs: + always_pull_image: + type: boolean + description: Set to true if the image should always be pulled + default: true + envs: + default: {} + external_port_0: + type: string + default: "80" + external_port_1: + type: string + default: "99" + image: + type: string + default: "test.tester" + location_id: + type: string + default: "" + replicas: + type: integer + description: number of instances + default: 1 + service_component_name_override: + type: string + default: "" + test.component.spec_cpu_limit: + type: string + default: "250m" + test.component.spec_cpu_request: + type: string + default: "250m" + test.component.spec_memory_limit: + type: string + default: "128Mi" + test.component.spec_memory_request: + type: string + default: "128Mi" + use_tls: + type: boolean + description: flag to indicate tls enable/disable + default: true +node_templates: + test.component.spec: + type: dcae.nodes.ContainerizedServiceComponent + interfaces: + cloudify.interfaces.lifecycle: + start: + inputs: + ports: + - concat: ["80:", {get_input: external_port_0}] + - concat: ["99:", {get_input: external_port_1}] + envs: + get_input: envs + properties: + application_config: + service_calls: [] + streams_publishes: {} + streams_subscribes: {} + service_component_name_override: + get_input: service_component_name_override + docker_config: + healthcheck: + interval: 300s + timeout: 120s + script: /etc/init.d/nagios status + type: docker + image: + get_input: image + location_id: + get_input: location_id + service_component_type: test-component-spec + replicas: + get_input: replicas + tls_info: + cert_directory: /opt/app/dcae-certificate/ + use_tls: + get_input: use_tls + resource_config: + limits: + cpu: + get_input: test.component.spec_cpu_limit + memory: + get_input: test.component.spec_memory_limit + requests: + cpu: + get_input: test.component.spec_cpu_request + memory: + get_input: test.component.spec_memory_request + always_pull_image: + get_input: always_pull_image + relationships: [] \ No newline at end of file diff --git a/mod/bpgenerator/TestCases/TlsInfo/blueprint_withoutTlsInfo.yaml b/mod/bpgenerator/TestCases/TlsInfo/blueprint_withoutTlsInfo.yaml new file mode 100644 index 0000000..e1f942f --- /dev/null +++ b/mod/bpgenerator/TestCases/TlsInfo/blueprint_withoutTlsInfo.yaml @@ -0,0 +1,93 @@ + +#description: Test component spec +#blueprint_version: 1.0.1 +--- +tosca_definitions_version: cloudify_dsl_1_3 +imports: +- http://www.getcloudify.org/spec/cloudify/3.4/types.yaml +- https://nexus.onap.org/service/local/repositories/raw/content/org.onap.dcaegen2.platform.plugins/R6/k8splugin/1.7.2/k8splugin_types.yaml +- https://nexus.onap.org/service/local/repositories/raw/content/org.onap.dcaegen2.platform.plugins/R6/dcaepolicyplugin/2.4.0/dcaepolicyplugin_types.yaml +inputs: + always_pull_image: + type: boolean + description: Set to true if the image should always be pulled + default: true + envs: + default: {} + external_port_0: + type: string + default: "80" + external_port_1: + type: string + default: "99" + image: + type: string + default: "test.tester" + location_id: + type: string + default: "" + replicas: + type: integer + description: number of instances + default: 1 + service_component_name_override: + type: string + default: "" + test.component.spec_cpu_limit: + type: string + default: "250m" + test.component.spec_cpu_request: + type: string + default: "250m" + test.component.spec_memory_limit: + type: string + default: "128Mi" + test.component.spec_memory_request: + type: string + default: "128Mi" +node_templates: + test.component.spec: + type: dcae.nodes.ContainerizedServiceComponent + interfaces: + cloudify.interfaces.lifecycle: + start: + inputs: + ports: + - concat: ["80:", {get_input: external_port_0}] + - concat: ["99:", {get_input: external_port_1}] + envs: + get_input: envs + properties: + application_config: + service_calls: [] + streams_publishes: {} + streams_subscribes: {} + service_component_name_override: + get_input: service_component_name_override + docker_config: + healthcheck: + interval: 300s + timeout: 120s + script: /etc/init.d/nagios status + type: docker + image: + get_input: image + location_id: + get_input: location_id + service_component_type: test-component-spec + replicas: + get_input: replicas + resource_config: + limits: + cpu: + get_input: test.component.spec_cpu_limit + memory: + get_input: test.component.spec_memory_limit + requests: + cpu: + get_input: test.component.spec_cpu_request + memory: + get_input: test.component.spec_memory_request + always_pull_image: + get_input: always_pull_image + relationships: [] \ No newline at end of file diff --git a/mod/bpgenerator/TestCases/TlsInfo/testComponentSpec_withTlsFalseAndExternalTlsFalse.json b/mod/bpgenerator/TestCases/TlsInfo/testComponentSpec_withTlsFalseAndExternalTlsFalse.json new file mode 100644 index 0000000..da75ab8 --- /dev/null +++ b/mod/bpgenerator/TestCases/TlsInfo/testComponentSpec_withTlsFalseAndExternalTlsFalse.json @@ -0,0 +1,43 @@ +{ + "self": { + "component_type": "docker", + "description": "Test component spec", + "name": "test.component.spec", + "version": "1.0.1" + }, + + "services": { + "calls": [], + "provides": [] + }, + + "streams": { + "publishes": [], + "subscribes": [] + }, + + "parameters": [], + + "auxilary": { + "healthcheck": { + "type": "docker", + "interval": "300s", + "timeout": "120s", + "script": "/etc/init.d/nagios status" + }, + "ports": [ + "80:80", + "99:99" + ], + "tls_info": { + "cert_directory": "/opt/app/dcae-certificate/", + "use_tls": false, + "use_external_tls": false + } + }, + "artifacts": [{ + "type": "docker image", + "uri": "test.tester" + }] + +} diff --git a/mod/bpgenerator/TestCases/TlsInfo/testComponentSpec_withTlsTrueAndExternalTlsTrue.json b/mod/bpgenerator/TestCases/TlsInfo/testComponentSpec_withTlsTrueAndExternalTlsTrue.json new file mode 100644 index 0000000..f13e3fd --- /dev/null +++ b/mod/bpgenerator/TestCases/TlsInfo/testComponentSpec_withTlsTrueAndExternalTlsTrue.json @@ -0,0 +1,43 @@ +{ + "self": { + "component_type": "docker", + "description": "Test component spec", + "name": "test.component.spec", + "version": "1.0.1" + }, + + "services": { + "calls": [], + "provides": [] + }, + + "streams": { + "publishes": [], + "subscribes": [] + }, + + "parameters": [], + + "auxilary": { + "healthcheck": { + "type": "docker", + "interval": "300s", + "timeout": "120s", + "script": "/etc/init.d/nagios status" + }, + "ports": [ + "80:80", + "99:99" + ], + "tls_info": { + "cert_directory": "/opt/app/dcae-certificate/", + "use_tls": true, + "use_external_tls": true + } + }, + "artifacts": [{ + "type": "docker image", + "uri": "test.tester" + }] + +} diff --git a/mod/bpgenerator/TestCases/TlsInfo/testComponentSpec_withTlsTrueAndNoExternalTls.json b/mod/bpgenerator/TestCases/TlsInfo/testComponentSpec_withTlsTrueAndNoExternalTls.json new file mode 100644 index 0000000..517c461 --- /dev/null +++ b/mod/bpgenerator/TestCases/TlsInfo/testComponentSpec_withTlsTrueAndNoExternalTls.json @@ -0,0 +1,42 @@ +{ + "self": { + "component_type": "docker", + "description": "Test component spec", + "name": "test.component.spec", + "version": "1.0.1" + }, + + "services": { + "calls": [], + "provides": [] + }, + + "streams": { + "publishes": [], + "subscribes": [] + }, + + "parameters": [], + + "auxilary": { + "healthcheck": { + "type": "docker", + "interval": "300s", + "timeout": "120s", + "script": "/etc/init.d/nagios status" + }, + "ports": [ + "80:80", + "99:99" + ], + "tls_info": { + "cert_directory": "/opt/app/dcae-certificate/", + "use_tls": true + } + }, + "artifacts": [{ + "type": "docker image", + "uri": "test.tester" + }] + +} diff --git a/mod/bpgenerator/TestCases/TlsInfo/testComponentSpec_withoutTlsInfo.json b/mod/bpgenerator/TestCases/TlsInfo/testComponentSpec_withoutTlsInfo.json new file mode 100644 index 0000000..a94c987 --- /dev/null +++ b/mod/bpgenerator/TestCases/TlsInfo/testComponentSpec_withoutTlsInfo.json @@ -0,0 +1,38 @@ +{ + "self": { + "component_type": "docker", + "description": "Test component spec", + "name": "test.component.spec", + "version": "1.0.1" + }, + + "services": { + "calls": [], + "provides": [] + }, + + "streams": { + "publishes": [], + "subscribes": [] + }, + + "parameters": [], + + "auxilary": { + "healthcheck": { + "type": "docker", + "interval": "300s", + "timeout": "120s", + "script": "/etc/init.d/nagios status" + }, + "ports": [ + "80:80", + "99:99" + ] + }, + "artifacts": [{ + "type": "docker image", + "uri": "test.tester" + }] + +} -- cgit 1.2.3-korg