diff options
author | Gary Wu <gary.i.wu@huawei.com> | 2018-10-23 21:49:18 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2018-10-23 21:49:18 +0000 |
commit | 97f80c77d52858b2b20484703bb1f235e5fcf393 (patch) | |
tree | f72bc962fe949ffc15ec64adf77216969d0f0d42 /scripts | |
parent | 52fda040150356d2ce25bc7cdc951db23c4b7beb (diff) | |
parent | 425ba9232b52ee2d40999526ae792bbf2bf76f55 (diff) |
Merge "OOF SMS CSIT"
Diffstat (limited to 'scripts')
-rw-r--r-- | scripts/optf-has/has/has-properties/conductor.conf.onap | 47 | ||||
-rw-r--r-- | scripts/optf-has/has/has-properties/has.json | 36 | ||||
-rwxr-xr-x | scripts/optf-has/has/has_script.sh | 20 | ||||
-rw-r--r-- | scripts/optf-has/osdf/testsample.txt | 1 | ||||
-rw-r--r-- | scripts/optf-osdf/osdf/osdf-properties/aaf_root_ca.cer | 31 | ||||
-rw-r--r-- | scripts/optf-osdf/osdf/osdf-properties/osdf.json | 98 | ||||
-rwxr-xr-x | scripts/optf-osdf/osdf/osdf-properties/osdf_config.yaml | 65 | ||||
-rwxr-xr-x | scripts/optf-osdf/osdf/osdf_script.sh | 11 |
8 files changed, 223 insertions, 86 deletions
diff --git a/scripts/optf-has/has/has-properties/conductor.conf.onap b/scripts/optf-has/has/has-properties/conductor.conf.onap index c000248c..768e81b3 100644 --- a/scripts/optf-has/has/has-properties/conductor.conf.onap +++ b/scripts/optf-has/has/has-properties/conductor.conf.onap @@ -162,9 +162,12 @@ aaf_url = http://localhost:8100/authz/perms/user/ # From conductor # +# Is Secret Management service enabled (boolean value) +#is_enabled = true + # Base URL for SMS, up to and not including the version, and without a trailing # slash. (string value) -#aaf_sms_url = https://aaf-sms.onap:10443 +aaf_sms_url = http://aaf-sms.onap:10443 # Timeout for SMS API Call (integer value) #aaf_sms_timeout = 30 @@ -172,9 +175,9 @@ aaf_url = http://localhost:8100/authz/perms/user/ # Path to the cacert that will be used to verify If this is None, verify will # be False and the server certis not verified by the client. (string value) #aaf_ca_certs = AAF_RootCA.cer +aaf_ca_certs = /usr/local/bin/AAF_RootCA.cer -# Domain UUID - A unique UUID generated when the domainfor HAS is created by -# administrator during deployment (string value) +# Domain Name for HAS (string value) #secret_domain = has @@ -224,13 +227,6 @@ certificate_key_file = #certificate_authority_bundle_file = certificate_authority_bundle.pem certificate_authority_bundle_file = /usr/local/bin/AAF_RootCA.cer -# Username for AAI. (string value) -username = OOF - -# Password for AAI. (string value) -password = OOF - - [api] # @@ -254,14 +250,6 @@ password = OOF # Base URL for plans. (string value) #server_url = -# username for plans. (string value) -#username = -username = admin1 - -# password for plans. (string value) -#password = -password = plan.15 - # auth toggling. (boolean value) basic_auth_secure = false @@ -463,21 +451,6 @@ music_new_version = True #music_version = <None> music_version = "3.0.21" -# username value that used for creating basic authorization header (string -# value) -#aafuser = <None> -aafuser = conductor - -# password value that used for creating basic authorization header (string -# value) -#aafpass = <None> -aafpass = c0nduct0r - -# AAF namespace field used in MUSIC request header (string value) -#aafns = <None> -aafns = conductor - - [prometheus] # @@ -534,14 +507,6 @@ concurrent = true #server_url = https://controller:8443/restconf/ server_url = http://localhost:8083/restconf/ -# Basic Authentication Username (string value) -#username = <None> -username = admin - -# Basic Authentication Password (string value) -#password = <None> -password = Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U - # Timeout for SDNC Rest Call (string value) #sdnc_rest_timeout = 30 diff --git a/scripts/optf-has/has/has-properties/has.json b/scripts/optf-has/has/has-properties/has.json new file mode 100644 index 00000000..ae990a9e --- /dev/null +++ b/scripts/optf-has/has/has-properties/has.json @@ -0,0 +1,36 @@ +{ + "domain": { + "name": "has", + "secrets": [ + { + "name": "aai", + "values": { + "username": "oof@oof.onap.org", + "password": "demo123456!" + } + }, + { + "name": "conductor_api", + "values": { + "username": "admin1", + "password": "plan.15" + } + }, + { + "name": "sdnc", + "values": { + "username": "admin", + "password": "Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U" + } + }, + { + "name": "music_api", + "values": { + "aafuser": "conductor", + "aafpass": "c0nduct0r", + "aafns": "conductor" + } + } + ] + } +} diff --git a/scripts/optf-has/has/has_script.sh b/scripts/optf-has/has/has_script.sh index 1364c87b..08663f4e 100755 --- a/scripts/optf-has/has/has_script.sh +++ b/scripts/optf-has/has/has_script.sh @@ -35,14 +35,18 @@ IMAGE_VER=1.2.2-SNAPSHOT-latest BUNDLE=/tmp/conductor/properties/AAF_RootCA.cer mkdir -p /tmp/conductor/properties +mkdir -p /tmp/sms/properties mkdir -p /tmp/conductor/logs cp ${WORKSPACE}/scripts/optf-has/has/has-properties/conductor.conf.onap /tmp/conductor/properties/conductor.conf cp ${WORKSPACE}/scripts/optf-has/has/has-properties/log.conf.onap /tmp/conductor/properties/log.conf cp ${WORKSPACE}/scripts/optf-has/has/has-properties/AAF_RootCA.cer /tmp/conductor/properties/AAF_RootCA.cer +cp ${WORKSPACE}/scripts/optf-has/has/has-properties/has.json /tmp/sms/properties/has.json #chmod -R 777 /tmp/conductor/properties MUSIC_IP=`docker inspect --format '{{ .NetworkSettings.Networks.bridge.IPAddress}}' music-tomcat` echo "MUSIC_IP=${MUSIC_IP}" +SMS_IP=`get-instance-ip.sh sms` +echo "SMS_IP=${SMS_IP}" # change MUSIC reference to the local instance sed -i -e "s%localhost:8080/MUSIC%${MUSIC_IP}:8080/MUSIC%g" /tmp/conductor/properties/conductor.conf @@ -65,6 +69,14 @@ echo "AAFSIM_IP=${AAFSIM_IP}" # change AAF reference to the local instance sed -i -e "s%localhost:8100/%${AAFSIM_IP}:8100/%g" /tmp/conductor/properties/conductor.conf +#SMS +sed -i -e "s%aaf-sms.onap:10443%${SMS_IP}:10443%g" /tmp/conductor/properties/conductor.conf +#Preload secrets +docker exec -i sms /bin/sh -c "mkdir -p /preload/config" +docker cp /tmp/sms/properties/has.json sms:/preload/config/has.json +docker exec -i sms /bin/sh -c "/sms/bin/preload -cacert /sms/certs/aaf_root_ca.cer -jsondir /preload/config -serviceport 10443 -serviceurl http://localhost" +docker logs vault + #onboard conductor into music echo "Query MUSIC to check for reachability. Query Version" curl -vvvvv --noproxy "*" --request GET http://${MUSIC_IP}:8080/MUSIC/rest/v2/version -H "Content-Type: application/json" @@ -72,13 +84,13 @@ curl -vvvvv --noproxy "*" --request GET http://${MUSIC_IP}:8080/MUSIC/rest/v2/ve echo "Onboard conductor into music" curl -vvvvv --noproxy "*" --request POST http://${MUSIC_IP}:8080/MUSIC/rest/v2/admin/onboardAppWithMusic -H "Content-Type: application/json" -H "Authorization: Basic Y29uZHVjdG9yOmMwbmR1Y3Qwcg==" --data @${WORKSPACE}/tests/optf-has/has/data/onboard.json -docker run -d --name cond-cont -v ${COND_CONF}:/usr/local/bin/conductor.conf -v ${LOG_CONF}:/usr/local/bin/log.conf ${IMAGE_NAME}:${IMAGE_VER} python /usr/local/bin/conductor-controller --config-file=/usr/local/bin/conductor.conf +docker run -d --name cond-cont -v ${COND_CONF}:/usr/local/bin/conductor.conf -v ${LOG_CONF}:/usr/local/bin/log.conf -v ${BUNDLE}:/usr/local/bin/AAF_RootCA.cer ${IMAGE_NAME}:${IMAGE_VER} python /usr/local/bin/conductor-controller --config-file=/usr/local/bin/conductor.conf sleep 15 -docker run -d --name cond-api -p "8091:8091" -v ${COND_CONF}:/usr/local/bin/conductor.conf -v ${LOG_CONF}:/usr/local/bin/log.conf ${IMAGE_NAME}:${IMAGE_VER} python /usr/local/bin/conductor-api --port=8091 -- --config-file=/usr/local/bin/conductor.conf +docker run -d --name cond-api -p "8091:8091" -v ${COND_CONF}:/usr/local/bin/conductor.conf -v ${LOG_CONF}:/usr/local/bin/log.conf -v ${BUNDLE}:/usr/local/bin/AAF_RootCA.cer ${IMAGE_NAME}:${IMAGE_VER} python /usr/local/bin/conductor-api --port=8091 -- --config-file=/usr/local/bin/conductor.conf sleep 15 -docker run -d --name cond-solv -v ${COND_CONF}:/usr/local/bin/conductor.conf -v ${LOG_CONF}:/usr/local/bin/log.conf ${IMAGE_NAME}:${IMAGE_VER} python /usr/local/bin/conductor-solver --config-file=/usr/local/bin/conductor.conf +docker run -d --name cond-solv -v ${COND_CONF}:/usr/local/bin/conductor.conf -v ${LOG_CONF}:/usr/local/bin/log.conf -v ${BUNDLE}:/usr/local/bin/AAF_RootCA.cer ${IMAGE_NAME}:${IMAGE_VER} python /usr/local/bin/conductor-solver --config-file=/usr/local/bin/conductor.conf sleep 15 -docker run -d --name cond-resv -v ${COND_CONF}:/usr/local/bin/conductor.conf -v ${LOG_CONF}:/usr/local/bin/log.conf ${IMAGE_NAME}:${IMAGE_VER} python /usr/local/bin/conductor-reservation --config-file=/usr/local/bin/conductor.conf +docker run -d --name cond-resv -v ${COND_CONF}:/usr/local/bin/conductor.conf -v ${LOG_CONF}:/usr/local/bin/log.conf -v ${BUNDLE}:/usr/local/bin/AAF_RootCA.cer ${IMAGE_NAME}:${IMAGE_VER} python /usr/local/bin/conductor-reservation --config-file=/usr/local/bin/conductor.conf sleep 5 docker run -d --name cond-data -v ${COND_CONF}:/usr/local/bin/conductor.conf -v ${LOG_CONF}:/usr/local/bin/log.conf -v ${BUNDLE}:/usr/local/bin/AAF_RootCA.cer ${IMAGE_NAME}:${IMAGE_VER} python /usr/local/bin/conductor-data --config-file=/usr/local/bin/conductor.conf sleep 15 diff --git a/scripts/optf-has/osdf/testsample.txt b/scripts/optf-has/osdf/testsample.txt deleted file mode 100644 index 9f4e8d7d..00000000 --- a/scripts/optf-has/osdf/testsample.txt +++ /dev/null @@ -1 +0,0 @@ -#test diff --git a/scripts/optf-osdf/osdf/osdf-properties/aaf_root_ca.cer b/scripts/optf-osdf/osdf/osdf-properties/aaf_root_ca.cer new file mode 100644 index 00000000..e9a50d7e --- /dev/null +++ b/scripts/optf-osdf/osdf/osdf-properties/aaf_root_ca.cer @@ -0,0 +1,31 @@ +-----BEGIN CERTIFICATE----- +MIIFPjCCAyagAwIBAgIJAJ6u7cCnzrWdMA0GCSqGSIb3DQEBCwUAMCwxDjAMBgNV +BAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzAeFw0xODA0MDUx +NDE1MjhaFw0zODAzMzExNDE1MjhaMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQK +DARPTkFQMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC +ggIBAMA5pkgRs7NhGG4ew5JouhyYakgYUyFaG121+/h8qbSdt0hVQv56+EA41Yq7 +XGie7RYDQK9NmAFF3gruE+6X7wvJiChp+Cyd7sFMnb65uWhxEdxWTM2BJFrgfzUn +H8ZCxgaCo3XH4PzlKRy2LQQJEJECwl/RZmRCXijMt5e9h8XoZY/fKkKcZZUsWNCM +pTo266wjvA9MXLmdgReRj0+vrCjrNqy+htwJDztoiHWiYPqT6o8EvGcgjNqjlZx7 +NUNf8MfLDByqKF6+wRbHv1GKjn3/Vijd45Fv8riyRYROiFanvbV6jIfBkv8PZbXg +2VDWsYsgp8NAvMxK+iV8cO+Ck3lBI2GOPZbCEqpPVTYbLUz6sczAlCXwQoPzDIZY +wYa3eR/gYLY1gP2iEVHORag3bLPap9ZX5E8DZkzTNTjovvLk8KaCmfcaUMJsBtDd +ApcUitz10cnRyZc1sX3gE1f3DpzQM6t9C5sOVyRhDcSrKqqwb9m0Ss04XAS9FsqM +P3UWYQyqDXSxlUAYaX892u8mV1hxnt2gjb22RloXMM6TovM3sSrJS0wH+l1nznd6 +aFXftS/G4ZVIVZ/LfT1is4StoyPWZCwwwly1z8qJQ/zhip5NgZTxQw4mi7ww35DY +PdAQOCoajfSvFjqslQ/cPRi/MRCu079heVb5fQnnzVtnpFQRAgMBAAGjYzBhMB0G +A1UdDgQWBBRTVTPyS+vQUbHBeJrBKDF77+rtSTAfBgNVHSMEGDAWgBRTVTPyS+vQ +UbHBeJrBKDF77+rtSTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAN +BgkqhkiG9w0BAQsFAAOCAgEAPx/IaK94n02wPxpnYTy+LVLIxwdq/kawNd6IbiMz +L87zmNMDmHcGbfoRCj8OkhuggX9Lx1/CkhpXimuYsZOFQi5blr/u+v4mIbsgbmi9 +7j+cUHDP0zLycvSvxKHty51LwmaX9a4wkJl5zBU4O1sd/H9tWcEmwJ39ltKoBKBx +c94Zc3iMm5ytRWGj+0rKzLDAXEWpoZ5bE5PLJauA6UDCxDLfs3FwhbS7uDggxYvf +jySF5FCNET94oJ+m8s7VeHvoa8iPGKvXrIqdd7XDHnqJJlVKr7m9S0fMbyEB8ci2 +RtOXDt93ifY1uhoEtEykn4dqBSp8ezvNMnwoXdYPDvTd9uCAFeWFLVreBAWxd25h +PsBTkZA5hpa/rA+mKv6Af4VBViYr8cz4dZCsFChuioVebe9ighrfjB//qKepFjPF +CyjzKN1u0JKm/2x/ORqxkTONG8p3uDwoIOyimUcTtTMv42bfYD88RKakqSFXE9G+ +Z0LlaKABqfjK49o/tsAp+c5LoNlYllKhnetO3QAdraHwdmC36BhoghzR1jpX751A +cZn2VH3Q4XKyp01cJNCJIrua+A+bx6zh3RyW6zIIkbRCbET+UD+4mr8WIcSE3mtR +ZVlnhUDO4z9//WKMVzwS9Rh8/kuszrGFI1KQozXCHLrce3YP6RYZfOed79LXaRwX +dYY= +-----END CERTIFICATE----- diff --git a/scripts/optf-osdf/osdf/osdf-properties/osdf.json b/scripts/optf-osdf/osdf/osdf-properties/osdf.json new file mode 100644 index 00000000..0950957b --- /dev/null +++ b/scripts/optf-osdf/osdf/osdf-properties/osdf.json @@ -0,0 +1,98 @@ +{ + "domain": { + "name": "osdf", + "secrets": [ + { + "name": "so", + "values": { + "UserName": "", + "Password": "" + } + }, + { + "name": "conductor", + "values": { + "UserName": "admin1", + "Password": "plan.15" + } + }, + { + "name": "policyPlatform", + "values": { + "UserName": "testpdp", + "Password": "alpha123" + } + }, + { + "name": "policyClient", + "values": { + "UserName": "python", + "Password": "test" + } + }, + { + "name": "dmaap", + "values": { + "UserName": "NA", + "Password": "NA" + } + }, + { + "name": "sdc", + "values": { + "UserName": "NA", + "Password": "NA" + } + }, + { + "name": "osdfPlacement", + "values": { + "UserName": "test", + "Password": "testpwd" + } + }, + { + "name": "osdfPlacementSO", + "values": { + "UserName": "so_test", + "Password": "so_testpwd" + } + }, + { + "name": "osdfPlacementVFC", + "values": { + "UserName": "vfc_test", + "Password": "vfc_testpwd" + } + }, + { + "name": "osdfCMScheduler", + "values": { + "UserName": "test1", + "Password": "testpwd1" + } + }, + { + "name": "configDb", + "values": { + "UserName": "osdf", + "Password": "passwd" + } + }, + { + "name": "pciHMS", + "values": { + "UserName": "", + "Password": "" + } + }, + { + "name": "osdfPCIOpt", + "values": { + "UserName": "pci_test", + "Password": "pci_testpwd" + } + } + ] + } +}
\ No newline at end of file diff --git a/scripts/optf-osdf/osdf/osdf-properties/osdf_config.yaml b/scripts/optf-osdf/osdf/osdf-properties/osdf_config.yaml index 78399660..f8f75005 100755 --- a/scripts/optf-osdf/osdf/osdf-properties/osdf_config.yaml +++ b/scripts/optf-osdf/osdf/osdf-properties/osdf_config.yaml @@ -1,64 +1,49 @@ -osdfUserNameForSO: "" # The OSDF Manager username for MSO. -odfPasswordForSO: "" # The OSDF Manager password for MSO. +placementVersioningEnabled: False -# msoUrl: "" # The SO url for call back. This will be part of the request, so no need -soUsername: "" # SO username for call back. -soPassword: "" # SO password for call back. +# Placement API latest version numbers to be set in HTTP header +placementMajorVersion: "1" +placementMinorVersion: "0" +placementPatchVersion: "0" +# Placement API default version numbers to be set in HTTP header +placementDefaultMajorVersion: "1" +placementDefaultMinorVersion: "0" +placementDefaultPatchVersion: "0" + +# Config for Conductor conductorUrl: "http://127.0.0.1:5000/simulated/oof/has-api/flow1-success-simple/main.json" -conductorUsername: "CONDUCTOR-USER" -conductorPassword: "CONDUCTOR-PASSWD" conductorPingWaitTime: 2 # seconds to wait before calling the conductor retry URL conductorMaxRetries: 5 # if we don't get something in 30 minutes, give up +# versions to be set in HTTP header +conductorMinorVersion: 0 # Policy Platform -- requires ClientAuth, Authorization, and Environment policyPlatformUrl: http://127.0.0.1:5000/simulated/policy/pdp-has-vcpe-good/getConfig # Policy Dev platform URL policyPlatformEnv: TEST # Environment for policy platform -policyPlatformUsername: POLICY-USER # Policy platform username. -policyPlatformPassword: POLICY-PASSWD # Policy platform password. -policyClientUsername: POLICY-CLIENT-USER # For use with ClientAuth -policyClientPassword: POLICY-CLIENT-PASSWD # For use with ClientAuth +# Config for DMaaP messageReaderHosts: https://DMAAP-HOST1:3905,https://DMAAP-HOST2:3905,https://DMAAP-HOST3:3905 messageReaderTopic: org.onap.oof.osdf.multicloud -messageReaderAafUserId: DMAAP-OSDF-MC-USER -messageReaderAafPassword: DMAAP-OSDF-MC-PASSWD +# Config for SDC sdcUrl: https://SDC-HOST:8443/sdc/v1/catalog -sdcUsername: SDC-OSDF-USER -sdcPassword: SDC-OSDF-PASSWD sdcONAPInstanceID: ONAP-OSDF osdfPlacementUrl: "http://127.0.0.1:24699/osdf/api/v2/placement" -# Credentials for the OOF placement service - Generic -osdfPlacementUsername: test -osdfPlacementPassword: testpwd - -# Credentials for the OOF placement service - SO -osdfPlacementSOUsername: so_test -osdfPlacementSOPassword: so_testpwd - -# Credentials for the OOF placement service - VFC -osdfPlacementVFCUsername: vfc_test -osdfPlacementVFCPassword: vfc_testpwd +is_aaf_enabled: False +aaf_cache_expiry_hrs: 3 +aaf_url: https://aaftest.simpledemo.onap.org:8095 +aaf_user_roles: + - /api/oof/v1/placement:org.onap.osdf.access|*|read ALL -# Credentials for the OOF CM scheduling service - Generic -osdfCMSchedulerUsername: test1 -osdfCMSchedulerPassword: testpwd1 +# Secret Management Service from AAF +aaf_sms_url: http://aaf-sms.onap:10443 +aaf_sms_timeout: 30 +secret_domain: osdf +aaf_ca_certs: ssl_certs/aaf_root_ca.cer # config db api configDbUrl: http://127.0.0.1:5000/simulated/configdb -configDbUserName: osdf -configDbPassword: passwd configDbGetCellListUrl: 'getCellList' configDbGetNbrListUrl: 'getNbrList' - -# Credentials for PCIHandler -pciHMSUsername: "" # pcihandler username for call back. -pciHMSPassword: "" # pcihandler password for call back. - -#Credentials for the OOF PCI Opt Service -osdfPCIOptUsername: pci_test -osdfPCIOptPassword: pci_testpwd - diff --git a/scripts/optf-osdf/osdf/osdf_script.sh b/scripts/optf-osdf/osdf/osdf_script.sh index 435e44f5..77359696 100755 --- a/scripts/optf-osdf/osdf/osdf_script.sh +++ b/scripts/optf-osdf/osdf/osdf_script.sh @@ -37,15 +37,26 @@ IMAGE_NAME=nexus3.onap.org:10001/onap/optf-osdf IMAGE_VER=1.2.2-SNAPSHOT-latest mkdir -p /tmp/osdf/properties +mkdir -p /tmp/sms/properties cp ${WORKSPACE}/scripts/optf-osdf/osdf/osdf-properties/*.yaml /tmp/osdf/properties/. +cp ${WORKSPACE}/scripts/optf-osdf/osdf/osdf-properties/osdf.json /tmp/sms/properties/. #change conductor/configdb simulator urls OSDF_SIM_IP=`get-instance-ip.sh osdf_sim` echo "OSDF_SIM_IP=${OSDF_SIM_IP}" +SMS_IP=`get-instance-ip.sh sms` +echo "SMS_IP=${SMS_IP}" sed -i -e "s%127.0.0.1:5000%${OSDF_SIM_IP}:5000%g" $OSDF_CONF +sed -i -e "s%aaf-sms.onap:10443%${SMS_IP}:10443%g" $OSDF_CONF +#Preload secrets +docker exec -i sms /bin/sh -c "mkdir -p /preload/config" +docker cp /tmp/sms/properties/osdf.json sms:/preload/config/osdf.json +docker exec -i sms /bin/sh -c "/sms/bin/preload -cacert /sms/certs/aaf_root_ca.cer -jsondir /preload/config -serviceport 10443 -serviceurl http://localhost" + +docker logs vault docker run -d --name optf-osdf -v ${OSDF_CONF}:/opt/osdf/config/osdf_config.yaml -p "8698:8699" ${IMAGE_NAME}:${IMAGE_VER} sleep 20 |