From 2070574bb059eb665a3f00e7cba3c1a5380c5334 Mon Sep 17 00:00:00 2001 From: "a.sreekumar" Date: Fri, 14 Feb 2020 12:03:33 +0000 Subject: CSIT fixes for frankfurt breakage CSITs as per the latest policy type validation changes. Drools and drools apps fixes. Removed policy-health. Change-Id: I086bf747059435e12d15e0481b00c97c20eaadc1 Issue-ID: POLICY-1402 Signed-off-by: a.sreekumar Signed-off-by: jhh Signed-off-by: a.sreekumar --- scripts/policy/config/db/db.sh | 2 +- .../config/drools-apps/custom/features.pre.sh | 19 + .../policy/config/drools-apps/custom/noop.pre.sh | 27 ++ .../drools-apps/custom/standalone-settings.xml | 57 +++ scripts/policy/config/drools-apps/env/base.conf | 120 +++++ .../drools-apps/env/feature-healthcheck.conf | 18 + .../drools-apps/env/feature-pooling-dmaap.conf | 17 + scripts/policy/config/drools/base.conf | 118 ----- scripts/policy/config/drools/custom/noop.pre.sh | 22 + scripts/policy/config/drools/env/base.conf | 120 +++++ .../policy/config/drools/feature-healthcheck.conf | 18 - scripts/policy/config/pe/base.conf | 43 ++ scripts/policy/config/pe/brmsgw-tweaks.sh | 40 ++ scripts/policy/config/pe/brmsgw.conf | 67 +++ scripts/policy/config/pe/console.conf | 145 ++++++ scripts/policy/config/pe/elk.conf | 16 + scripts/policy/config/pe/mysql.conf | 18 + scripts/policy/config/pe/pap-tweaks.sh | 14 + scripts/policy/config/pe/pap.conf | 68 +++ scripts/policy/config/pe/paplp.conf | 25 + scripts/policy/config/pe/pdp-tweaks.sh | 14 + scripts/policy/config/pe/pdp.conf | 69 +++ scripts/policy/config/pe/pdplp.conf | 25 + scripts/policy/config/pe/push-policies.sh | 506 +++++++++++++++++++++ scripts/policy/docker-compose-drools-apps.yml | 18 +- scripts/policy/docker-compose-drools.yml | 40 +- scripts/policy/docker-compose-engine.yml | 29 +- scripts/policy/drools-pdp-script.sh | 246 ---------- scripts/policy/engine.sh | 264 ----------- .../csar/sample_csar_with_apex_policy.csar | Bin 97010 -> 96917 bytes 30 files changed, 1482 insertions(+), 703 deletions(-) create mode 100755 scripts/policy/config/drools-apps/custom/features.pre.sh create mode 100755 scripts/policy/config/drools-apps/custom/noop.pre.sh create mode 100644 scripts/policy/config/drools-apps/custom/standalone-settings.xml create mode 100644 scripts/policy/config/drools-apps/env/base.conf create mode 100644 scripts/policy/config/drools-apps/env/feature-healthcheck.conf create mode 100644 scripts/policy/config/drools-apps/env/feature-pooling-dmaap.conf delete mode 100644 scripts/policy/config/drools/base.conf create mode 100755 scripts/policy/config/drools/custom/noop.pre.sh create mode 100644 scripts/policy/config/drools/env/base.conf delete mode 100644 scripts/policy/config/drools/feature-healthcheck.conf create mode 100644 scripts/policy/config/pe/base.conf create mode 100755 scripts/policy/config/pe/brmsgw-tweaks.sh create mode 100644 scripts/policy/config/pe/brmsgw.conf create mode 100644 scripts/policy/config/pe/console.conf create mode 100644 scripts/policy/config/pe/elk.conf create mode 100644 scripts/policy/config/pe/mysql.conf create mode 100755 scripts/policy/config/pe/pap-tweaks.sh create mode 100644 scripts/policy/config/pe/pap.conf create mode 100644 scripts/policy/config/pe/paplp.conf create mode 100755 scripts/policy/config/pe/pdp-tweaks.sh create mode 100644 scripts/policy/config/pe/pdp.conf create mode 100644 scripts/policy/config/pe/pdplp.conf create mode 100755 scripts/policy/config/pe/push-policies.sh delete mode 100755 scripts/policy/drools-pdp-script.sh delete mode 100755 scripts/policy/engine.sh (limited to 'scripts') diff --git a/scripts/policy/config/db/db.sh b/scripts/policy/config/db/db.sh index 9ab2be2f..24b04003 100755 --- a/scripts/policy/config/db/db.sh +++ b/scripts/policy/config/db/db.sh @@ -13,7 +13,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -for db in policyadmin +for db in support onap_sdk log migration operationshistory10 pooling policyadmin operationshistory do mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "CREATE DATABASE IF NOT EXISTS ${db};" mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "GRANT ALL PRIVILEGES ON \`${db}\`.* TO '${MYSQL_USER}'@'%' ;" diff --git a/scripts/policy/config/drools-apps/custom/features.pre.sh b/scripts/policy/config/drools-apps/custom/features.pre.sh new file mode 100755 index 00000000..93d6c6b9 --- /dev/null +++ b/scripts/policy/config/drools-apps/custom/features.pre.sh @@ -0,0 +1,19 @@ +#!/bin/bash -x +# ============LICENSE_START======================================================= +# Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +features disable distributed-locking +features enable controlloop-utils diff --git a/scripts/policy/config/drools-apps/custom/noop.pre.sh b/scripts/policy/config/drools-apps/custom/noop.pre.sh new file mode 100755 index 00000000..d73c5e00 --- /dev/null +++ b/scripts/policy/config/drools-apps/custom/noop.pre.sh @@ -0,0 +1,27 @@ +#!/bin/bash -x +# ============LICENSE_START======================================================= +# Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +sed -i "s/^dmaap/noop/g" \ + ${POLICY_HOME}/config/amsterdam-controller.properties \ + ${POLICY_HOME}/config/engine.properties \ + ${POLICY_HOME}/config/feature-lifecycle.properties \ + ${POLICY_HOME}/config/usecases-controller.properties + +chmod 644 ${POLICY_HOME}/config/amsterdam-controller.properties \ + ${POLICY_HOME}/config/engine.properties \ + ${POLICY_HOME}/config/feature-lifecycle.properties \ + ${POLICY_HOME}/config/usecases-controller.properties diff --git a/scripts/policy/config/drools-apps/custom/standalone-settings.xml b/scripts/policy/config/drools-apps/custom/standalone-settings.xml new file mode 100644 index 00000000..ebd6dd2a --- /dev/null +++ b/scripts/policy/config/drools-apps/custom/standalone-settings.xml @@ -0,0 +1,57 @@ + + + + + + + true + + + + + policy-local + + + + file-repository + file:${user.home}/.m2/file-repository + + true + always + + + true + always + + + + + + + + + + policy-local + + + diff --git a/scripts/policy/config/drools-apps/env/base.conf b/scripts/policy/config/drools-apps/env/base.conf new file mode 100644 index 00000000..d8d0f4ed --- /dev/null +++ b/scripts/policy/config/drools-apps/env/base.conf @@ -0,0 +1,120 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +# JVM options + +JVM_OPTIONS=-server -Xms512m -Xmx512m + +# SYSTEM software configuration + +DEBUG=y +POLICY_HOME=/opt/app/policy +POLICY_LOGS=/var/log/onap/policy/pdpd +KEYSTORE_PASSWD=Pol1cy_0nap +TRUSTSTORE_PASSWD=Pol1cy_0nap + +# Telemetry credentials + +TELEMETRY_PORT=9696 +TELEMETRY_HOST=0.0.0.0 +TELEMETRY_USER=demo@people.osaaf.org +TELEMETRY_PASSWORD=demo123456! + +# nexus repository + +SNAPSHOT_REPOSITORY_ID= +SNAPSHOT_REPOSITORY_URL= +RELEASE_REPOSITORY_ID= +RELEASE_REPOSITORY_URL= +REPOSITORY_USERNAME= +REPOSITORY_PASSWORD= +REPOSITORY_OFFLINE=true + +# Relational (SQL) DB access + +SQL_HOST=mariadb +SQL_USER=policy_user +SQL_PASSWORD=policy_user + +# AAF + +AAF=false +AAF_NAMESPACE=org.onap.policy +AAF_HOST=aaf.api.simpledemo.onap.org + +# PDP-D DMaaP configuration channel + +PDPD_CONFIGURATION_TOPIC=PDPD-CONFIGURATION +PDPD_CONFIGURATION_API_KEY= +PDPD_CONFIGURATION_API_SECRET= +PDPD_CONFIGURATION_CONSUMER_GROUP= +PDPD_CONFIGURATION_CONSUMER_INSTANCE= +PDPD_CONFIGURATION_PARTITION_KEY= + +# PAP-PDP configuration channel + +POLICY_PDP_PAP_TOPIC=POLICY-PDP-PAP +POLICY_PDP_PAP_API_KEY= +POLICY_PDP_PAP_API_SECRET= + +# PAP + +PAP_HOST=pap +PAP_USERNAME=testpap +PAP_PASSWORD=alpha123 + +# PDP-X + +PDP_HOST=pdp +PDP_USERNAME=testpdp +PDP_PASSWORD=alpha123 +PDP_CLIENT_USERNAME=python +PDP_CLIENT_PASSWORD=test +PDP_ENVIRONMENT=TEST + +# DCAE DMaaP + +DCAE_TOPIC=unauthenticated.DCAE_CL_OUTPUT +DCAE_SERVERS=mr.api.simpledemo.onap.org +DCAE_CONSUMER_GROUP=dcae.policy.shared + +# Open DMaaP + +DMAAP_SERVERS=mr.api.simpledemo.onap.org + +# AAI + +AAI_URL=https://aai.api.simpledemo.onap.org:8443 +AAI_USERNAME=policy@policy.onap.org +AAI_PASSWORD=demo123456! + +# MSO + +SO_URL=http://vm1.mso.simpledemo.onap.org:8080/onap/so/infra +SO_USERNAME=InfraPortalClient +SO_PASSWORD=password1$ + +# VFC + +VFC_URL= +VFC_USERNAME= +VFC_PASSWORD= + +# SDNC + +SDNC_URL= +SDNC_USERNAME= +SDNC_PASSWORD= diff --git a/scripts/policy/config/drools-apps/env/feature-healthcheck.conf b/scripts/policy/config/drools-apps/env/feature-healthcheck.conf new file mode 100644 index 00000000..1c710547 --- /dev/null +++ b/scripts/policy/config/drools-apps/env/feature-healthcheck.conf @@ -0,0 +1,18 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +HEALTHCHECK_USER=demo@people.osaaf.org +HEALTHCHECK_PASSWORD=demo123456! diff --git a/scripts/policy/config/drools-apps/env/feature-pooling-dmaap.conf b/scripts/policy/config/drools-apps/env/feature-pooling-dmaap.conf new file mode 100644 index 00000000..3808e3d9 --- /dev/null +++ b/scripts/policy/config/drools-apps/env/feature-pooling-dmaap.conf @@ -0,0 +1,17 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +POOLING_TOPIC=POOLING diff --git a/scripts/policy/config/drools/base.conf b/scripts/policy/config/drools/base.conf deleted file mode 100644 index 1e57226a..00000000 --- a/scripts/policy/config/drools/base.conf +++ /dev/null @@ -1,118 +0,0 @@ -# ============LICENSE_START======================================================= -# Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= - -# JVM options - -JVM_OPTIONS=-server -Xms512m -Xmx512m - -# SYSTEM software configuration - -POLICY_HOME=/opt/app/policy -POLICY_LOGS=/var/log/onap/policy/pdpd -KEYSTORE_PASSWD=Pol1cy_0nap -TRUSTSTORE_PASSWD=Pol1cy_0nap - -# Telemetry credentials - -TELEMETRY_PORT=9696 -TELEMETRY_HOST=0.0.0.0 -TELEMETRY_USER=demo@people.osaaf.org -TELEMETRY_PASSWORD=demo123456! - -# nexus repository - -SNAPSHOT_REPOSITORY_ID= -SNAPSHOT_REPOSITORY_URL= -RELEASE_REPOSITORY_ID= -RELEASE_REPOSITORY_URL= -REPOSITORY_USERNAME= -REPOSITORY_PASSWORD= - -# Relational (SQL) DB access - -SQL_HOST= -SQL_USER= -SQL_PASSWORD= - -# AAF - -AAF=false -AAF_NAMESPACE=org.onap.policy -AAF_HOST=aaf.api.simpledemo.onap.org - -# PDP-D DMaaP configuration channel - -PDPD_CONFIGURATION_TOPIC=PDPD-CONFIGURATION -PDPD_CONFIGURATION_API_KEY= -PDPD_CONFIGURATION_API_SECRET= -PDPD_CONFIGURATION_CONSUMER_GROUP= -PDPD_CONFIGURATION_CONSUMER_INSTANCE= -PDPD_CONFIGURATION_PARTITION_KEY= - -# PAP-PDP configuration channel - -POLICY_PDP_PAP_TOPIC=POLICY-PDP-PAP -POLICY_PDP_PAP_API_KEY= -POLICY_PDP_PAP_API_SECRET= - -# PAP - -PAP_HOST=pap -PAP_USERNAME=testpap -PAP_PASSWORD=alpha123 - -# PDP-X - -PDP_HOST=pdp -PDP_USERNAME=testpdp -PDP_PASSWORD=alpha123 -PDP_CLIENT_USERNAME=python -PDP_CLIENT_PASSWORD=test -PDP_ENVIRONMENT=TEST - -# DCAE DMaaP - -DCAE_TOPIC=unauthenticated.DCAE_CL_OUTPUT -DCAE_SERVERS=mr.api.simpledemo.onap.org -DCAE_CONSUMER_GROUP=dcae.policy.shared - -# Open DMaaP - -DMAAP_SERVERS=mr.api.simpledemo.onap.org - -# AAI - -AAI_URL=https://aai.api.simpledemo.onap.org:8443 -AAI_USERNAME=policy@policy.onap.org -AAI_PASSWORD=demo123456! - -# MSO - -SO_URL=http://vm1.mso.simpledemo.onap.org:8080/onap/so/infra -SO_USERNAME=InfraPortalClient -SO_PASSWORD=password1$ - -# VFC - -VFC_URL= -VFC_USERNAME= -VFC_PASSWORD= - -# SDNC - -SDNC_URL= -SDNC_USERNAME= -SDNC_PASSWORD= diff --git a/scripts/policy/config/drools/custom/noop.pre.sh b/scripts/policy/config/drools/custom/noop.pre.sh new file mode 100755 index 00000000..63bdc4cf --- /dev/null +++ b/scripts/policy/config/drools/custom/noop.pre.sh @@ -0,0 +1,22 @@ +#!/bin/bash -x +# ============LICENSE_START======================================================= +# Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +sed -i "s/^dmaap/noop/g" \ + ${POLICY_HOME}/config/engine.properties \ + ${POLICY_HOME}/config/feature-lifecycle.properties + +chmod 644 ${POLICY_HOME}/config/engine.properties ${POLICY_HOME}/config/feature-lifecycle.properties diff --git a/scripts/policy/config/drools/env/base.conf b/scripts/policy/config/drools/env/base.conf new file mode 100644 index 00000000..8fef8a28 --- /dev/null +++ b/scripts/policy/config/drools/env/base.conf @@ -0,0 +1,120 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +# JVM options + +JVM_OPTIONS=-server -Xms512m -Xmx512m + +# SYSTEM software configuration + +DEBUG=y +POLICY_HOME=/opt/app/policy +POLICY_LOGS=/var/log/onap/policy/pdpd +KEYSTORE_PASSWD=Pol1cy_0nap +TRUSTSTORE_PASSWD=Pol1cy_0nap + +# Telemetry credentials + +TELEMETRY_PORT=9696 +TELEMETRY_HOST=0.0.0.0 +TELEMETRY_USER=demo@people.osaaf.org +TELEMETRY_PASSWORD=demo123456! + +# nexus repository + +SNAPSHOT_REPOSITORY_ID=policy-nexus-snapshots +SNAPSHOT_REPOSITORY_URL=http://nexus:8081/nexus/content/repositories/snapshots/ +RELEASE_REPOSITORY_ID=policy-nexus-releases +RELEASE_REPOSITORY_URL=http://nexus:8081/nexus/content/repositories/releases/ +REPOSITORY_USERNAME=admin +REPOSITORY_PASSWORD=admin123 +REPOSITORY_OFFLINE=false + +# Relational (SQL) DB access + +SQL_HOST=mariadb +SQL_USER=policy_user +SQL_PASSWORD=policy_user + +# AAF + +AAF=false +AAF_NAMESPACE=org.onap.policy +AAF_HOST=aaf.api.simpledemo.onap.org + +# PDP-D DMaaP configuration channel + +PDPD_CONFIGURATION_TOPIC=PDPD-CONFIGURATION +PDPD_CONFIGURATION_API_KEY= +PDPD_CONFIGURATION_API_SECRET= +PDPD_CONFIGURATION_CONSUMER_GROUP= +PDPD_CONFIGURATION_CONSUMER_INSTANCE= +PDPD_CONFIGURATION_PARTITION_KEY= + +# PAP-PDP configuration channel + +POLICY_PDP_PAP_TOPIC=POLICY-PDP-PAP +POLICY_PDP_PAP_API_KEY= +POLICY_PDP_PAP_API_SECRET= + +# PAP + +PAP_HOST= +PAP_USERNAME= +PAP_PASSWORD= + +# PDP-X + +PDP_HOST= +PDP_USERNAME= +PDP_PASSWORD= +PDP_CLIENT_USERNAME= +PDP_CLIENT_PASSWORD= +PDP_ENVIRONMENT= + +# DCAE DMaaP + +DCAE_TOPIC=unauthenticated.DCAE_CL_OUTPUT +DCAE_SERVERS= +DCAE_CONSUMER_GROUP=dcae.policy.shared + +# Open DMaaP + +DMAAP_SERVERS=mr.api.simpledemo.onap.org + +# AAI + +AAI_URL=https://aai.api.simpledemo.onap.org:8443 +AAI_USERNAME=policy@policy.onap.org +AAI_PASSWORD=demo123456! + +# MSO + +SO_URL=http://vm1.mso.simpledemo.onap.org:8080/onap/so/infra +SO_USERNAME=InfraPortalClient +SO_PASSWORD=password1$ + +# VFC + +VFC_URL= +VFC_USERNAME= +VFC_PASSWORD= + +# SDNC + +SDNC_URL= +SDNC_USERNAME= +SDNC_PASSWORD= diff --git a/scripts/policy/config/drools/feature-healthcheck.conf b/scripts/policy/config/drools/feature-healthcheck.conf deleted file mode 100644 index c205e9f7..00000000 --- a/scripts/policy/config/drools/feature-healthcheck.conf +++ /dev/null @@ -1,18 +0,0 @@ -# ============LICENSE_START======================================================= -# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= - -HEALTHCHECK_USER=demo@people.osaaf.org -HEALTHCHECK_PASSWORD=demo123456! diff --git a/scripts/policy/config/pe/base.conf b/scripts/policy/config/pe/base.conf new file mode 100644 index 00000000..851234f3 --- /dev/null +++ b/scripts/policy/config/pe/base.conf @@ -0,0 +1,43 @@ +# Copyright 2020 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +JAVA_HOME=/usr/local/openjdk-11 +POLICY_HOME=/opt/app/policy +POLICY_LOGS=/var/log/onap +KEYSTORE_PASSWD=Pol1cy_0nap +TRUSTSTORE_PASSWD=Pol1cy_0nap + +JDBC_DRIVER=org.mariadb.jdbc.Driver +JDBC_URL=jdbc:mariadb://mariadb:3306/onap_sdk?connectTimeout=30000&socketTimeout=60000&log=true&sessionVariables=max_statement_time=30 +JDBC_LOG_URL=jdbc:mariadb://mariadb:3306/log?connectTimeout=30000&socketTimeout=60000&log=true&sessionVariables=max_statement_time=30 +JDBC_USER=policy_user +JDBC_PASSWORD=policy_user + +site_name=site_1 +fp_monitor_interval=30 +failed_counter_threshold=3 +test_trans_interval=20 +write_fpc_interval=5 +max_fpc_update_interval=60 +test_via_jmx=false +jmx_fqdn= + +AAF_NAMESPACE=org.onap.policy +AAF_HOST=aaf.api.simpledemo.onap.org + +ENVIRONMENT=TEST + +#Micro Service Model Properties +policy_msOnapName= +policy_msPolicyName= diff --git a/scripts/policy/config/pe/brmsgw-tweaks.sh b/scripts/policy/config/pe/brmsgw-tweaks.sh new file mode 100755 index 00000000..f74730cc --- /dev/null +++ b/scripts/policy/config/pe/brmsgw-tweaks.sh @@ -0,0 +1,40 @@ +#! /bin/bash +# Copyright 2020 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +PROPS_BUILD="${POLICY_HOME}/etc/build.info" + +PROPS_RUNTIME="${POLICY_HOME}/servers/brmsgw/config.properties" +PROPS_INSTALL="${POLICY_HOME}/install/servers/brmsgw/config.properties" + + +if [ ! -f "${PROPS_BUILD}" ]; then + echo "error: version information does not exist: ${PROPS_BUILD}" + exit 1 +fi + +source "${POLICY_HOME}/etc/build.info" + +if [ -z "${version}" ]; then + echo "error: no version information present" + exit 1 +fi + +for CONFIG in ${PROPS_RUNTIME} ${PROPS_INSTALL}; do + if [ ! -f "${CONFIG}" ]; then + echo "warning: configuration does not exist: ${CONFIG}" + else + sed -i -e "s/brms.dependency.version=.*/brms.dependency.version=${version}/g" "${CONFIG}" + fi +done diff --git a/scripts/policy/config/pe/brmsgw.conf b/scripts/policy/config/pe/brmsgw.conf new file mode 100644 index 00000000..c2db9d12 --- /dev/null +++ b/scripts/policy/config/pe/brmsgw.conf @@ -0,0 +1,67 @@ +# Copyright 2020 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# BRMSpep component installation configuration parameters +BRMSGW_JMX_PORT=9989 + +COMPONENT_X_MX_MB=512 +COMPONENT_X_MS_MB=512 + +REST_PAP_URL=https://pap:9091/pap/ +REST_PDP_ID=https://pdp:8081/pdp/ + +PDP_HTTP_USER_ID=testpdp +PDP_HTTP_PASSWORD=alpha123 +PDP_PAP_PDP_HTTP_USER_ID=testpap +PDP_PAP_PDP_HTTP_PASSWORD=alpha123 + +M2_HOME=/usr/share/java/maven-3 +snapshotRepositoryID=policy-nexus-snapshots +snapshotRepositoryName=Snapshots +snapshotRepositoryURL=http://nexus:8081/nexus/content/repositories/snapshots +releaseRepositoryID=policy-nexus-releases +releaseRepositoryName=Releases +releaseRepositoryURL=http://nexus:8081/nexus/content/repositories/releases +repositoryUsername=admin +repositoryPassword=admin123 +UEB_URL=mr.api.simpledemo.onap.org +UEB_TOPIC=PDPD-CONFIGURATION +UEB_API_KEY= +UEB_API_SECRET= + +groupID=org.onap.policy-engine +artifactID=drlPDPGroup +AMSTERDAM_GROUP_ID=org.onap.policy-engine.drools.amsterdam +AMSTERDAM_ARTIFACT_ID=policy-amsterdam-rules + +# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase +resource_name=brmsgw_1 +node_type=brms_gateway + +#Environment should be Set either DEV, TEST or PROD +ENVIRONMENT=TEST + +#Notification Properties... type can be either websocket, ueb, or dmaap +BRMS_NOTIFICATION_TYPE=websocket +BRMS_UEB_URL=mr.api.simpledemo.onap.org +BRMS_UEB_TOPIC=PDPD-CONFIGURATION +BRMS_UEB_DELAY= +BRMS_CLIENT_ID=python +BRMS_CLIENT_KEY=dGVzdA== +BRMS_UEB_API_KEY= +BRMS_UEB_API_SECRET= + +#Dependency.json file version +BRMS_DEPENDENCY_VERSION=1.5.1 +BRMS_MODELS_DEPENDENCY_VERSION=2.1.2 + diff --git a/scripts/policy/config/pe/console.conf b/scripts/policy/config/pe/console.conf new file mode 100644 index 00000000..ceaad638 --- /dev/null +++ b/scripts/policy/config/pe/console.conf @@ -0,0 +1,145 @@ +# Copyright 2020 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# configs component installation configuration parameters + +# tomcat specific parameters + +TOMCAT_JMX_PORT=9993 +TOMCAT_SHUTDOWN_PORT=8090 +SSL_HTTP_CONNECTOR_PORT=8443 +SSL_HTTP_CONNECTOR_REDIRECT_PORT=8443 +SSL_AJP_CONNECTOR_PORT=8383 +SSL_AJP_CONNECTOR_REDIRECT_PORT=8443 + +TOMCAT_X_MS_MB=2048 +TOMCAT_X_MX_MB=2048 + +# ------------------ console properties --------------------------- + +# +# Authorization Policy + +ROOT_POLICIES=admin +ADMIN_FILE=Policy-Admin.xml + + +# Set your domain here: + +REST_ADMIN_DOMAIN=com + +# +# Location where the GIT repository is located +# +REST_ADMIN_REPOSITORY=repository + +# +# Location where all the user workspaces are located. +# +REST_ADMIN_WORKSPACE=${{POLICY_HOME}}/servers/console/bin/workspace + +# +# These can be set so the Admin Console knows who is logged on. Ideally, you can run the console in a J2EE +# container and setup authentication as you please. Setting HttpSession attribute values will override these +# values set in the properties files. +# +# ((HttpServletRequest) request).getSession().setAttribute("xacml.rest.admin.user.name", "Homer"); +# +# The default policy: Policy-Admin.xml is extremely simple. +# +# You can test authorization within the Admin Console by changing the user id. +# There are 3 supported user ids: +# guest - Read only access +# editor - Read/Write access +# admin - Read/Write/Admin access +# +# An empty or null value for xacml.rest.admin.user.id results in no access to the application at all. +# +# This is for development/demonstration purposes only. A production environment should provide authentication which is +# outside the scope of this application. This application can be used to develop a XACML policy for user authorization +# within this application. +# + +REST_ADMIN_USER_NAME=Administrator +REST_ADMIN_USER_ID=super-admin + +# +# +# Property to declare the max time frame for logs. +# +LOG_TIMEFRAME=30 + +# Property to declare the number of visible rows for users in MicroService Policy +COLUMN_COUNT=3 + +# Dashboard refresh rate in miliseconds +REFRESH_RATE=40000 + +# +# URL location for the PAP servlet. +# + + +REST_PAP_URL=https://pap:9091/pap/ + +# +# Config/Action Properties location. +# + +REST_CONFIG_HOME=${{POLICY_HOME}}/servers/pap/webapps/Config/ +REST_ACTION_HOME=${{POLICY_HOME}}/servers/pap/webapps/Action/ +REST_CONFIG_URL=https://pap:9091/ +REST_CONFIG_WEBAPPS=${{POLICY_HOME}}/servers/pap/webapps/ + +# PAP account information +CONSOLE_PAP_HTTP_USER_ID=testpap +CONSOLE_PAP_HTTP_PASSWORD=alpha123 + + +node_type=pap_admin +resource_name=console_1 + +# The (optional) period of time in seconds between executions of the integrity audit. +# Value < 0 : Audit does not run (default value if property is not present = -1) +# Value = 0 : Audit runs continuously +# Value > 0 : The period of time in seconds between execution of the audit on a particular node +integrity_audit_period_seconds=-1 + +#Automatic Policy Distribution +automatic_push=false + +#Diff of policies for Firewall feature +FW_GETURL= +FW_AUTHOURL= +FW_PROXY= +FW_PORT= + +#SMTP Server Details for Java Mail +onap_smtp_host= +onap_smtp_port=25 +onap_smtp_userName= +onap_smtp_password= +onap_smtp_emailExtension= +onap_application_name= + +#-----------------------ONAP-PORTAL-Properties---------------------- + +ONAP_REDIRECT_URL=http://portal.api.simpledemo.onap.org:8989/ONAPPORTAL/login.htm +ONAP_REST_URL=http://portal.api.simpledemo.onap.org:8989/ONAPPORTAL/auxapi +ONAP_UEB_URL_LIST= +ONAP_PORTAL_INBOX_NAME= +ONAP_UEB_APP_KEY= +ONAP_UEB_APP_SECRET= +ONAP_UEB_APP_MAILBOX_NAME= +APP_DISPLAY_NAME=ONAP Policy +ONAP_SHARED_CONTEXT_REST_URL=http://portal.api.simpledemo.onap.org:8989/ONAPPORTAL/context diff --git a/scripts/policy/config/pe/elk.conf b/scripts/policy/config/pe/elk.conf new file mode 100644 index 00000000..a65fd17d --- /dev/null +++ b/scripts/policy/config/pe/elk.conf @@ -0,0 +1,16 @@ +# Copyright 2020 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# elasticsearch + +ELK_JMX_PORT=9995 \ No newline at end of file diff --git a/scripts/policy/config/pe/mysql.conf b/scripts/policy/config/pe/mysql.conf new file mode 100644 index 00000000..0f6ee8c7 --- /dev/null +++ b/scripts/policy/config/pe/mysql.conf @@ -0,0 +1,18 @@ +# Copyright 2020 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# mysql scripts component installation configuration parameters + +# Path to mysql bin +MYSQL_BIN=/usr/local/mysql/bin + diff --git a/scripts/policy/config/pe/pap-tweaks.sh b/scripts/policy/config/pe/pap-tweaks.sh new file mode 100755 index 00000000..87c6d21d --- /dev/null +++ b/scripts/policy/config/pe/pap-tweaks.sh @@ -0,0 +1,14 @@ +#! /bin/bash +# Copyright 2020 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. diff --git a/scripts/policy/config/pe/pap.conf b/scripts/policy/config/pe/pap.conf new file mode 100644 index 00000000..86f5a50c --- /dev/null +++ b/scripts/policy/config/pe/pap.conf @@ -0,0 +1,68 @@ +# Copyright 2020 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# pap component installation configuration parameters + +# tomcat specific parameters + +TOMCAT_JMX_PORT=9990 +TOMCAT_SHUTDOWN_PORT=9405 +SSL_HTTP_CONNECTOR_PORT=9091 +SSL_AJP_CONNECTOR_PORT=8380 +SSL_AJP_CONNECTOR_REDIRECT_PORT=8443 + +TOMCAT_X_MS_MB=512 +TOMCAT_X_MX_MB=512 + +# pap properties + +PAP_PDPS=${{POLICY_HOME}}/servers/pap/bin/pdps +PAP_URL=https://pap:9091/pap/ + +PAP_INITIATE_PDP=true +PAP_HEARTBEAT_INTERVAL=10000 +PAP_HEARTBEAT_TIMEOUT=10000 + +REST_ADMIN_DOMAIN=com +REST_ADMIN_REPOSITORY=repository +REST_ADMIN_WORKSPACE=workspace + +# PDP related properties + +PAP_PDP_URL=https://pdp:8081/pdp/ +PAP_PDP_HTTP_USER_ID=testpdp +PAP_PDP_HTTP_PASSWORD=alpha123 + +PAP_HTTP_USER_ID=testpap +PAP_HTTP_PASSWORD=alpha123 + +#new values added 10-21-2015 +PROP_PAP_TRANS_WAIT=500000 +PROP_PAP_TRANS_TIMEOUT=5000 +PROP_PAP_AUDIT_TIMEOUT=300000 +PROP_PAP_RUN_AUDIT_FLAG=true +PROP_PAP_AUDIT_FLAG=true + +PROP_PAP_INCOMINGNOTIFICATION_TRIES=4 + + +node_type=pap +resource_name=pap_1 +dependency_groups=paplp_1 +test_via_jmx=true + +# The (optional) period of time in seconds between executions of the integrity audit. +# Value < 0 : Audit does not run (default value if property is not present = -1) +# Value = 0 : Audit runs continuously +# Value > 0 : The period of time in seconds between execution of the audit on a particular node +integrity_audit_period_seconds=-1 diff --git a/scripts/policy/config/pe/paplp.conf b/scripts/policy/config/pe/paplp.conf new file mode 100644 index 00000000..647625cb --- /dev/null +++ b/scripts/policy/config/pe/paplp.conf @@ -0,0 +1,25 @@ +# Copyright 2020 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# JVM specific parameters +LOGPARSER_JMX_PORT=9996 +LOGPARSER_X_MS_MB=256 +LOGPARSER_X_MX_MB=256 + +SERVER=https://pap:9091/pap/ +LOGPATH=/var/log/onap/policy/pap/pap-rest.log +PARSERLOGPATH=${{POLICY_HOME}}/servers/paplp/bin/IntegrityMonitor.log + +node_type=logparser +# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase +resource_name=paplp_1 diff --git a/scripts/policy/config/pe/pdp-tweaks.sh b/scripts/policy/config/pe/pdp-tweaks.sh new file mode 100755 index 00000000..87c6d21d --- /dev/null +++ b/scripts/policy/config/pe/pdp-tweaks.sh @@ -0,0 +1,14 @@ +#! /bin/bash +# Copyright 2020 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. diff --git a/scripts/policy/config/pe/pdp.conf b/scripts/policy/config/pe/pdp.conf new file mode 100644 index 00000000..0aa6b0b6 --- /dev/null +++ b/scripts/policy/config/pe/pdp.conf @@ -0,0 +1,69 @@ +# Copyright 2020 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# pdp component installation configuration parameters + +# tomcat specific parameters + +TOMCAT_JMX_PORT=9991 +TOMCAT_SHUTDOWN_PORT=8087 +SSL_HTTP_CONNECTOR_PORT=8081 +SSL_AJP_CONNECTOR_PORT=8381 +SSL_AJP_CONNECTOR_REDIRECT_PORT=8443 + +TOMCAT_X_MS_MB=512 +TOMCAT_X_MX_MB=512 + +# pdp properties + +UEB_CLUSTER=mr.api.simpledemo.onap.org + +REST_PAP_URL=https://pap:9091/pap/ +REST_PDP_ID=https://pdp:8081/pdp/ +REST_PDP_CONFIG=${{POLICY_HOME}}/servers/pdp/bin/config +REST_PDP_WEBAPPS=${{POLICY_HOME}}/servers/pdp/webapps +REST_PDP_REGISTER=true +REST_PDP_REGISTER_SLEEP=15 +REST_PDP_REGISTER_RETRIES=-1 +REST_PDP_MAXCONTENT=999999999 + +# PDP related properties +PDP_HTTP_USER_ID=testpdp +PDP_HTTP_PASSWORD=alpha123 +PDP_PAP_PDP_HTTP_USER_ID=testpap +PDP_PAP_PDP_HTTP_PASSWORD=alpha123 + +node_type=pdp_xacml +resource_name=pdp_1 +dependency_groups=pdplp_1;brmsgw_1 +test_via_jmx=true + +# +# Notification Properties +# Notification type: websocket, ueb or dmaap... if left blank websocket is the default +PDP_NOTIFICATION_TYPE=websocket +PDP_UEB_CLUSTER= +PDP_UEB_TOPIC= +PDP_UEB_DELAY= +PDP_UEB_API_KEY= +PDP_UEB_API_SECRET= +PDP_DMAAP_AAF_LOGIN= +PDP_DMAAP_AAF_PASSWORD= + +#AAF Policy Name space +#Required only, when we use AAF +POLICY_AAF_NAMESPACE= +POLICY_AAF_RESOURCE= + +# Indeterminate resolution +DECISION_INDETERMINATE_RESPONSE=PERMIT diff --git a/scripts/policy/config/pe/pdplp.conf b/scripts/policy/config/pe/pdplp.conf new file mode 100644 index 00000000..4676b610 --- /dev/null +++ b/scripts/policy/config/pe/pdplp.conf @@ -0,0 +1,25 @@ +# Copyright 2020 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# JVM specific parameters +LOGPARSER_JMX_PORT=9997 +LOGPARSER_X_MS_MB=256 +LOGPARSER_X_MX_MB=256 + +SERVER=https://pdp:8081/pdp/ +LOGPATH=/var/log/onap/policy/pdpx/pdp-rest.log +PARSERLOGPATH=${{POLICY_HOME}}/servers/pdplp/bin/IntegrityMonitor.log + +node_type=logparser +# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase +resource_name=pdplp_1 diff --git a/scripts/policy/config/pe/push-policies.sh b/scripts/policy/config/pe/push-policies.sh new file mode 100755 index 00000000..65013138 --- /dev/null +++ b/scripts/policy/config/pe/push-policies.sh @@ -0,0 +1,506 @@ +#! /bin/bash -x +# Copyright 2020 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#########################################Upload BRMS Param Template########################################## + +echo "Upload BRMS Param Template" + +sleep 2 + +wget -O cl-amsterdam-template.drl https://git.onap.org/policy/drools-applications/plain/controlloop/templates/archetype-cl-amsterdam/src/main/resources/archetype-resources/src/main/resources/__closedLoopControlName__.drl + +sleep 2 + +curl -k -v --silent -X POST --header 'Content-Type: multipart/form-data' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -F "file=@cl-amsterdam-template.drl" -F "importParametersJson={\"serviceName\":\"ClosedLoopControlName\",\"serviceType\":\"BRMSPARAM\"}" 'https://pdp:8081/pdp/api/policyEngineImport' + +echo "PRELOAD_POLICIES is $PRELOAD_POLICIES" + +if [ "$PRELOAD_POLICIES" == "false" ]; then + exit 0 +fi + +#########################################Create BRMS Param policies########################################## + +echo "Create BRMSParam Operational Policies" + +sleep 2 + +echo "Create BRMSParamvFirewall Policy" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/html' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "policyConfigType": "BRMS_PARAM", + "policyName": "com.BRMSParamvFirewall", + "policyDescription": "BRMS Param vFirewall policy", + "policyScope": "com", + "attributes": { + "MATCHING": { + "controller" : "amsterdam" + }, + "RULE": { + "templateName": "ClosedLoopControlName", + "closedLoopControlName": "ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a", + "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a%0D%0A++trigger_policy%3A+unique-policy-id-1-modifyConfig%0D%0A++timeout%3A+1200%0D%0A++abatement%3A+false%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-modifyConfig%0D%0A++++name%3A+modify+packet+gen+config%0D%0A++++description%3A%0D%0A++++actor%3A+APPC%0D%0A++++recipe%3A+ModifyConfig%0D%0A++++target%3A%0D%0A++++++%23+TBD+-+Cannot+be+known+until+instantiation+is+done%0D%0A++++++resourceID%3A+Eace933104d443b496b8.nodes.heat.vpg%0D%0A++++++type%3A+VNF%0D%0A++++retry%3A+0%0D%0A++++timeout%3A+300%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard" + } + } +}' 'https://pdp:8081/pdp/api/createPolicy' + +sleep 2 + +echo "Create BRMSParamvDNS Policy" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/html' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "policyConfigType": "BRMS_PARAM", + "policyName": "com.BRMSParamvDNS", + "policyDescription": "BRMS Param vDNS policy", + "policyScope": "com", + "attributes": { + "MATCHING": { + "controller" : "amsterdam" + }, + "RULE": { + "templateName": "ClosedLoopControlName", + "closedLoopControlName": "ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3", + "controlLoopYaml": "controlLoop%3A%0A++version%3A+2.0.0%0A++controlLoopName%3A+ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3%0A++trigger_policy%3A+unique-policy-id-1-scale-up%0A++timeout%3A+1200%0A++abatement%3A+false%0Apolicies%3A%0A++-+id%3A+unique-policy-id-1-scale-up%0A++++name%3A+Create+a+new+VF+Module%0A++++description%3A%0A++++actor%3A+SO%0A++++recipe%3A+VF+Module+Create%0A++++target%3A%0A++++++type%3A+VNF%0A++++payload%3A%0A++++++requestParameters%3A+%27%7B%22usePreload%22%3Atrue%2C%22userParams%22%3A%5B%5D%7D%27%0A++++++configurationParameters%3A+%27%5B%7B%22ip-addr%22%3A%22%24.vf-module-topology.vf-module-parameters.param%5B9%5D%22%2C%22oam-ip-addr%22%3A%22%24.vf-module-topology.vf-module-parameters.param%5B16%5D%22%2C%22enabled%22%3A%22%24.vf-module-topology.vf-module-parameters.param%5B23%5D%22%7D%5D%27%0A++++retry%3A+0%0A++++timeout%3A+1200%0A++++success%3A+final_success%0A++++failure%3A+final_failure%0A++++failure_timeout%3A+final_failure_timeout%0A++++failure_retries%3A+final_failure_retries%0A++++failure_exception%3A+final_failure_exception%0A++++failure_guard%3A+final_failure_guard" + } + } +}' 'https://pdp:8081/pdp/api/createPolicy' + +sleep 2 + +echo "Create BRMSParamVOLTE Policy" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/html' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "policyConfigType": "BRMS_PARAM", + "policyName": "com.BRMSParamVOLTE", + "policyDescription": "BRMS Param VOLTE policy", + "policyScope": "com", + "attributes": { + "MATCHING": { + "controller" : "amsterdam" + }, + "RULE": { + "templateName": "ClosedLoopControlName", + "closedLoopControlName": "ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b", + "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b%0D%0A++trigger_policy%3A+unique-policy-id-1-restart%0D%0A++timeout%3A+3600%0D%0A++abatement%3A+false%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-restart%0D%0A++++name%3A+Restart+the+VM%0D%0A++++description%3A%0D%0A++++actor%3A+VFC%0D%0A++++recipe%3A+Restart%0D%0A++++target%3A%0D%0A++++++type%3A+VM%0D%0A++++retry%3A+3%0D%0A++++timeout%3A+1200%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard" + } + } +}' 'https://pdp:8081/pdp/api/createPolicy' + +sleep 2 + +echo "Create BRMSParamvCPE Policy" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/html' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "policyConfigType": "BRMS_PARAM", + "policyName": "com.BRMSParamvCPE", + "policyDescription": "BRMS Param vCPE policy", + "policyScope": "com", + "attributes": { + "MATCHING": { + "controller" : "amsterdam" + }, + "RULE": { + "templateName": "ClosedLoopControlName", + "closedLoopControlName": "ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e", + "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e%0D%0A++trigger_policy%3A+unique-policy-id-1-restart%0D%0A++timeout%3A+3600%0D%0A++abatement%3A+true%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-restart%0D%0A++++name%3A+Restart+the+VM%0D%0A++++description%3A%0D%0A++++actor%3A+APPC%0D%0A++++recipe%3A+Restart%0D%0A++++target%3A%0D%0A++++++type%3A+VM%0D%0A++++retry%3A+3%0D%0A++++timeout%3A+1200%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard" + } + } +}' 'https://pdp:8081/pdp/api/createPolicy' + +sleep 2 + +echo "Create BRMSParamvPCI Policy" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/html' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "policyConfigType": "BRMS_PARAM", + "policyName": "com.BRMSParamvPCI", + "policyDescription": "BRMS Param vPCI policy", + "policyScope": "com", + "attributes": { + "MATCHING": { + "controller" : "casablanca" + }, + "RULE": { + "templateName": "ClosedLoopControlName", + "closedLoopControlName": "ControlLoop-vPCI-fb41f388-a5f2-11e8-98d0-529269fb1459", + "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+3.0.0%0D%0A++controlLoopName%3A+ControlLoop-vPCI-fb41f388-a5f2-11e8-98d0-529269fb1459%0D%0A++trigger_policy%3A+unique-policy-id-123-modifyconfig%0D%0A++timeout%3A+1200%0D%0A++abatement%3A+false%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-123-modifyconfig%0D%0A++++name%3A+modify+PCI+config%0D%0A++++description%3A%0D%0A++++actor%3A+SDNR%0D%0A++++recipe%3A+ModifyConfig%0D%0A++++target%3A%0D%0A++++++%23+These+fields+are+not+used%0D%0A++++++resourceID%3A+Eace933104d443b496b8.nodes.heat.vpg%0D%0A++++++type%3A+VNF%0D%0A++++retry%3A+0%0D%0A++++timeout%3A+300%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard" + } + } +}' 'https://pdp:8081/pdp/api/createPolicy' + +sleep 2 + +echo "Create BRMSParamCCVPN Policy" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/html' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "policyConfigType": "BRMS_PARAM", + "policyName": "com.BRMSParamCCVPN", + "policyDescription": "BRMS Param CCVPN policy", + "policyScope": "com", + "attributes": { + "MATCHING": { + "controller" : "amsterdam" + }, + "RULE": { + "templateName": "ClosedLoopControlName", + "closedLoopControlName": "ControlLoop-CCVPN-2179b738-fd36-4843-a71a-a8c24c70c66b", + "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-CCVPN-2179b738-fd36-4843-a71a-a8c24c70c66b%0D%0A++trigger_policy%3A+unique-policy-id-16-Reroute%0D%0A++timeout%3A+3600%0D%0A++abatement%3A+false%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-16-Reroute%0D%0A++++name%3A+Connectivity Reroute%0D%0A++++description%3A%0D%0A++++actor%3A+SDNC%0D%0A++++recipe%3A+Reroute%0D%0A++++target%3A%0D%0A++++++type%3A+VM%0D%0A++++retry%3A+3%0D%0A++++timeout%3A+1200%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard" + } + } +}' 'https://pdp:8081/pdp/api/createPolicy' + +#########################################Create Micro Service Config policies########################################## + +echo "Create MicroService Config Policies" + +sleep 2 + +echo "Create MicroServicevFirewall Policy" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "configBody": "{ \"service\": \"tca_policy\", \"location\": \"SampleServiceLocation\", \"uuid\": \"test\", \"policyName\": \"MicroServicevFirewall\", \"description\": \"MicroService vFirewall Policy\", \"configName\": \"SampleConfigName\", \"templateVersion\": \"OpenSource.version.1\", \"version\": \"1.1.0\", \"priority\": \"1\", \"policyScope\": \"resource=SampleResource,service=SampleService,type=SampleType,closedLoopControlName=ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a\", \"riskType\": \"SampleRiskType\", \"riskLevel\": \"1\", \"guard\": \"False\", \"content\": { \"tca_policy\": { \"domain\": \"measurementsForVfScaling\", \"metricsPerEventName\": [{ \"eventName\": \"vFirewallBroadcastPackets\", \"controlLoopSchemaType\": \"VNF\", \"policyScope\": \"DCAE\", \"policyName\": \"DCAE.Config_tca-hi-lo\", \"policyVersion\": \"v0.0.1\", \"thresholds\": [{ \"closedLoopControlName\": \"ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a\", \"version\": \"1.0.2\", \"fieldPath\": \"$.event.measurementsForVfScalingFields.vNicUsageArray[*].receivedTotalPacketsDelta\", \"thresholdValue\": 300, \"direction\": \"LESS_OR_EQUAL\", \"severity\": \"MAJOR\", \"closedLoopEventStatus\": \"ONSET\" }, { \"closedLoopControlName\": \"ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a\", \"version\": \"1.0.2\", \"fieldPath\": \"$.event.measurementsForVfScalingFields.vNicUsageArray[*].receivedTotalPacketsDelta\", \"thresholdValue\": 700, \"direction\": \"GREATER_OR_EQUAL\", \"severity\": \"CRITICAL\", \"closedLoopEventStatus\": \"ONSET\" } ] }] } } }", + "policyConfigType": "MicroService", + "policyName": "com.MicroServicevFirewall", + "onapName": "DCAE" +}' 'https://pdp:8081/pdp/api/createPolicy' + + +sleep 2 + +echo "Create MicroServicevDNS Policy" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "configBody": "{ \"service\": \"tca_policy\", \"location\": \"SampleServiceLocation\", \"uuid\": \"test\", \"policyName\": \"MicroServicevDNS\", \"description\": \"MicroService vDNS Policy\", \"configName\": \"SampleConfigName\", \"templateVersion\": \"OpenSource.version.1\", \"version\": \"1.1.0\", \"priority\": \"1\", \"policyScope\": \"resource=SampleResource,service=SampleService,type=SampleType,closedLoopControlName=ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3\", \"riskType\": \"SampleRiskType\", \"riskLevel\": \"1\", \"guard\": \"False\", \"content\": { \"tca_policy\": { \"domain\": \"measurementsForVfScaling\", \"metricsPerEventName\": [{ \"eventName\": \"vLoadBalancer\", \"controlLoopSchemaType\": \"VM\", \"policyScope\": \"DCAE\", \"policyName\": \"DCAE.Config_tca-hi-lo\", \"policyVersion\": \"v0.0.1\", \"thresholds\": [{ \"closedLoopControlName\": \"ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3\", \"version\": \"1.0.2\", \"fieldPath\": \"$.event.measurementsForVfScalingFields.vNicUsageArray[*].receivedTotalPacketsDelta\", \"thresholdValue\": 300, \"direction\": \"GREATER_OR_EQUAL\", \"severity\": \"CRITICAL\", \"closedLoopEventStatus\": \"ONSET\" }] }] } } }", + "policyConfigType": "MicroService", + "policyName": "com.MicroServicevDNS", + "onapName": "DCAE" +}' 'https://pdp:8081/pdp/api/createPolicy' + + +sleep 2 + +echo "Create MicroServicevCPE Policy" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "configBody": "{ \"service\": \"tca_policy\", \"location\": \"SampleServiceLocation\", \"uuid\": \"test\", \"policyName\": \"MicroServicevCPE\", \"description\": \"MicroService vCPE Policy\", \"configName\": \"SampleConfigName\", \"templateVersion\": \"OpenSource.version.1\", \"version\": \"1.1.0\", \"priority\": \"1\", \"policyScope\": \"resource=SampleResource,service=SampleService,type=SampleType,closedLoopControlName=ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e\", \"riskType\": \"SampleRiskType\", \"riskLevel\": \"1\", \"guard\": \"False\", \"content\": { \"tca_policy\": { \"domain\": \"measurementsForVfScaling\", \"metricsPerEventName\": [{ \"eventName\": \"Measurement_vGMUX\", \"controlLoopSchemaType\": \"VNF\", \"policyScope\": \"DCAE\", \"policyName\": \"DCAE.Config_tca-hi-lo\", \"policyVersion\": \"v0.0.1\", \"thresholds\": [{ \"closedLoopControlName\": \"ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e\", \"version\": \"1.0.2\", \"fieldPath\": \"$.event.measurementsForVfScalingFields.additionalMeasurements[*].arrayOfFields[0].value\", \"thresholdValue\": 0, \"direction\": \"EQUAL\", \"severity\": \"MAJOR\", \"closedLoopEventStatus\": \"ABATED\" }, { \"closedLoopControlName\": \"ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e\", \"version\": \"1.0.2\", \"fieldPath\": \"$.event.measurementsForVfScalingFields.additionalMeasurements[*].arrayOfFields[0].value\", \"thresholdValue\": 0, \"direction\": \"GREATER\", \"severity\": \"CRITICAL\", \"closedLoopEventStatus\": \"ONSET\" }] }] } } }", + "policyConfigType": "MicroService", + "policyName": "com.MicroServicevCPE", + "onapName": "DCAE" +}' 'https://pdp:8081/pdp/api/createPolicy' + +#########################################Create SDNC Naming Policies########################################## + +echo "Create SDNC Naming Policies" + +sleep 2 + +echo "Create SDNC vFW Naming Policy" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "configBody": "{\"service\":\"SDNC-GenerateName\",\"version\":\"CSIT\",\"content\":{\"policy-instance-name\":\"ONAP_VFW_NAMING_TIMESTAMP\",\"naming-models\":[{\"naming-properties\":[{\"property-name\":\"AIC_CLOUD_REGION\"},{\"property-name\":\"nfRole\"},{\"property-name\":\"TIMESTAMP\"},{\"property-value\":\"_\",\"property-name\":\"DELIMITER\"}],\"naming-type\":\"VNF\",\"nfRole\":\"vFW\",\"naming-recipe\":\"AIC_CLOUD_REGION|DELIMITER|nfRole|DELIMITER|TIMESTAMP\"},{\"naming-properties\":[{\"property-name\":\"VNF_NAME\"},{\"property-name\":\"SEQUENCE\",\"increment-sequence\":{\"max\":\"zzz\",\"scope\":\"ENTIRETY\",\"start-value\":\"001\",\"length\":\"3\",\"increment\":\"1\",\"sequence-type\":\"alpha-numeric\"}},{\"property-name\":\"NFC_NAMING_CODE\"},{\"property-value\":\"_\",\"property-name\":\"DELIMITER\"}],\"naming-type\":\"VNFC\",\"nfRole\":\"vFW\",\"naming-recipe\":\"VNF_NAME|DELIMITER|NFC_NAMING_CODE|DELIMITER|SEQUENCE\"},{\"naming-properties\":[{\"property-name\":\"VNF_NAME\"},{\"property-value\":\"_\",\"property-name\":\"DELIMITER\"},{\"property-name\":\"VF_MODULE_LABEL\"},{\"property-name\":\"VF_MODULE_TYPE\"},{\"property-name\":\"SEQUENCE\",\"increment-sequence\":{\"max\":\"zzz\",\"scope\":\"PRECEEDING\",\"start-value\":\"01\",\"length\":\"3\",\"increment\":\"1\",\"sequence-type\":\"alpha-numeric\"}}],\"naming-type\":\"VF-MODULE\",\"nfRole\":\"vFW\",\"naming-recipe\":\"VNF_NAME|DELIMITER|VF_MODULE_LABEL|DELIMITER|VF_MODULE_TYPE|DELIMITER|SEQUENCE\"},{\"naming-properties\":[{\"property-name\":\"VNF_NAME\"}],\"naming-type\":\"KEY\",\"nfRole\":\"vFW\",\"naming-recipe\":\"VNF_NAME\"},{\"naming-properties\":[{\"property-name\":\"VNF_NAME\"},{\"property-value\":\"protected\",\"property-name\":\"CONSTANT\"},{\"property-value\":\"_\",\"property-name\":\"DELIMITER\"}],\"naming-type\":\"protected_private_net_id\",\"nfRole\":\"vFW\",\"naming-recipe\":\"VNF_NAME|DELIMITER|CONSTANT\"},{\"naming-properties\":[{\"property-name\":\"VNF_NAME\"},{\"property-value\":\"unprotected\",\"property-name\":\"CONSTANT\"},{\"property-value\":\"_\",\"property-name\":\"DELIMITER\"}],\"naming-type\":\"unprotected_private_net_id\",\"nfRole\":\"vFW\",\"naming-recipe\":\"VNF_NAME|DELIMITER|CONSTANT\"}]}}", + "policyName": "SDNC_Policy.ONAP_VFW_NAMING_TIMESTAMP", + "policyConfigType": "MicroService", + "onapName": "SDNC", + "riskLevel": "4", + "riskType": "test", + "guard": "false", + "priority": "4", + "description": "ONAP_VFW_NAMING_TIMESTAMP" + }' 'https://pdp:8081/pdp/api/createPolicy' + + sleep 2 + + echo "Create SDNC vPG Naming Policy" + curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "configBody": "{\"service\":\"SDNC-GenerateName\",\"version\":\"CSIT\",\"content\":{\"policy-instance-name\":\"ONAP_VPG_NAMING_TIMESTAMP\",\"naming-models\":[{\"naming-properties\":[{\"property-name\":\"AIC_CLOUD_REGION\"},{\"property-name\":\"nfRole\"},{\"property-name\":\"TIMESTAMP\"},{\"property-value\":\"_\",\"property-name\":\"DELIMITER\"}],\"naming-type\":\"VNF\",\"nfRole\":\"vPG\",\"naming-recipe\":\"AIC_CLOUD_REGION|DELIMITER|nfRole|DELIMITER|TIMESTAMP\"},{\"naming-properties\":[{\"property-name\":\"VNF_NAME\"},{\"property-name\":\"SEQUENCE\",\"increment-sequence\":{\"max\":\"zzz\",\"scope\":\"ENTIRETY\",\"start-value\":\"001\",\"length\":\"3\",\"increment\":\"1\",\"sequence-type\":\"alpha-numeric\"}},{\"property-name\":\"NFC_NAMING_CODE\"},{\"property-value\":\"_\",\"property-name\":\"DELIMITER\"}],\"naming-type\":\"VNFC\",\"nfRole\":\"vPG\",\"naming-recipe\":\"VNF_NAME|DELIMITER|NFC_NAMING_CODE|DELIMITER|SEQUENCE\"},{\"naming-properties\":[{\"property-name\":\"VNF_NAME\"},{\"property-value\":\"_\",\"property-name\":\"DELIMITER\"},{\"property-name\":\"VF_MODULE_LABEL\"},{\"property-name\":\"VF_MODULE_TYPE\"},{\"property-name\":\"SEQUENCE\",\"increment-sequence\":{\"max\":\"zzz\",\"scope\":\"PRECEEDING\",\"start-value\":\"01\",\"length\":\"3\",\"increment\":\"1\",\"sequence-type\":\"alpha-numeric\"}}],\"naming-type\":\"VF-MODULE\",\"nfRole\":\"vPG\",\"naming-recipe\":\"VNF_NAME|DELIMITER|VF_MODULE_LABEL|DELIMITER|VF_MODULE_TYPE|DELIMITER|SEQUENCE\"},{\"naming-properties\":[{\"property-name\":\"VNF_NAME\"}],\"naming-type\":\"KEY\",\"nfRole\":\"vPG\",\"naming-recipe\":\"VNF_NAME\"},{\"naming-properties\":[{\"property-name\":\"VNF_NAME\"},{\"property-value\":\"protected\",\"property-name\":\"CONSTANT\"},{\"property-value\":\"_\",\"property-name\":\"DELIMITER\"}],\"naming-type\":\"protected_private_net_id\",\"nfRole\":\"vPG\",\"naming-recipe\":\"VNF_NAME|DELIMITER|CONSTANT\"},{\"naming-properties\":[{\"property-name\":\"VNF_NAME\"},{\"property-value\":\"unprotected\",\"property-name\":\"CONSTANT\"},{\"property-value\":\"_\",\"property-name\":\"DELIMITER\"}],\"naming-type\":\"unprotected_private_net_id\",\"nfRole\":\"vPG\",\"naming-recipe\":\"VNF_NAME|DELIMITER|CONSTANT\"}]}}", + "policyName": "SDNC_Policy.ONAP_VPG_NAMING_TIMESTAMP", + "policyConfigType": "MicroService", + "onapName": "SDNC", + "riskLevel": "4", + "riskType": "test", + "guard": "false", + "priority": "4", + "description": "ONAP_VPG_NAMING_TIMESTAMP" + }' 'https://pdp:8081/pdp/api/createPolicy' + +#########################################Creating OOF PCI Policies########################################## +sleep 2 + +echo "Create MicroServicevPCI Policy" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "configBody": "{ \"service\": \"tca_policy\", \"location\": \"SampleServiceLocation_pci\", \"uuid\": \"test_pci\", \"policyName\": \"MicroServicevPCI\", \"description\": \"MicroService vPCI Policy\", \"configName\": \"SampleConfigName\", \"templateVersion\": \"OpenSource.version.1\", \"version\": \"1.1.0\", \"priority\": \"1\", \"policyScope\": \"resource=SampleResource,service=SampleService,type=SampleType,closedLoopControlName=ControlLoop-vPCI-fb41f388-a5f2-11e8-98d0-529269fb1459\", \"riskType\": \"SampleRiskType\", \"riskLevel\": \"1\", \"guard\": \"False\", \"content\": { \"tca_policy\": { \"domain\": \"measurementsForVfScaling\", \"metricsPerEventName\": [{ \"eventName\": \"vFirewallBroadcastPackets\", \"controlLoopSchemaType\": \"VNF\", \"policyScope\": \"DCAE\", \"policyName\": \"DCAE.Config_tca-hi-lo\", \"policyVersion\": \"v0.0.1\", \"thresholds\": [{ \"closedLoopControlName\": \"ControlLoop-vPCI-fb41f388-a5f2-11e8-98d0-529269fb1459\", \"version\": \"1.0.2\", \"fieldPath\": \"$.event.executePolicy\", \"thresholdValue\": 1, \"direction\": \"GREATER_OR_EQUAL\", \"severity\": \"MAJOR\", \"closedLoopEventStatus\": \"ONSET\" } ] }] } } }", + "policyConfigType": "MicroService", + "policyName": "com.MicroServicevPCI", + "onapName": "DCAE" +}' 'https://pdp:8081/pdp/api/createPolicy' + +sleep 2 + +echo "Create PCI MS Config Policy" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "policyName": "com.PCIMS_CONFIG_POLICY", + "configBody": "{ \"PCI_NEIGHBOR_CHANGE_CLUSTER_TIMEOUT_IN_SECS\":60, \"PCI_MODCONFIG_POLICY_NAME\":\"ControlLoop-vPCI-fb41f388-a5f2-11e8-98d0-529269fb1459\", \"PCI_OPTMIZATION_ALGO_CATEGORY_IN_OOF\":\"OOF-PCI-OPTIMIZATION\", \"PCI_SDNR_TARGET_NAME\":\"SDNR\" }", + "policyType": "Config", + "attributes" : { "matching" : { "key1" : "value1" } }, + "policyConfigType": "Base", + "onapName": "DCAE", + "configName": "PCIMS_CONFIG_POLICY", + "configBodyType": "JSON" +}' 'https://pdp:8081/pdp/api/createPolicy' + +sleep 2 + +echo "Create OOF Config Policy" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "policyName": "com.OOF_PCI_CONFIG_POLICY", + "configBody": "{ \"ALGO_CATEGORY\":\"OOF-PCI-OPTIMIZATION\", \"PCI_OPTMIZATION_ALGO_NAME\":\"OOF-PCI-OPTIMIZATION-LEVEL1\", \"PCI_OPTIMIZATION_NW_CONSTRAINT\":\"MAX5PCICHANGESONLY\", \"PCI_OPTIMIZATION_PRIORITY\": 2, \"PCI_OPTIMIZATION_TIME_CONSTRAINT\":\"ONLYATNIGHT\" }", + "attributes" : { "matching" : { "key1" : "value1" } }, + "policyType": "Config", + "policyConfigType": "Base", + "onapName": "DCAE", + "configName": "OOF_PCI_CONFIG_POLICY", + "configBodyType": "JSON" +}' 'https://pdp:8081/pdp/api/createPolicy' + +#########################################Creating Decision Guard policies######################################### + +sleep 2 + +echo "Creating Decision Guard policy" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "policyClass": "Decision", + "policyName": "com.AllPermitGuard", + "policyDescription": "Testing all Permit YAML Guard Policy", + "onapName": "PDPD", + "ruleProvider": "GUARD_YAML", + "attributes": { + "MATCHING": { + "actor": ".*", + "recipe": ".*", + "targets": ".*", + "clname": ".*", + "limit": "10", + "timeWindow": "1", + "timeUnits": "minute", + "guardActiveStart": "00:00:01-05:00", + "guardActiveEnd": "23:59:59-05:00" + } + } +}' 'https://pdp:8081/pdp/api/createPolicy' + +sleep 2 + +echo "Creating Decision vDNS Guard - Frequency Limiter policy" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "policyClass": "Decision", + "policyName": "com.vDNS_Frequency", + "policyDescription": "Limit vDNS Scale Up over time period", + "onapName": "PDPD", + "ruleProvider": "GUARD_YAML", + "attributes": { + "MATCHING": { + "actor": "SO", + "recipe": "scaleOut", + "targets": ".*", + "clname": "ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3", + "limit": "1", + "timeWindow": "10", + "timeUnits": "minute", + "guardActiveStart": "00:00:01-05:00", + "guardActiveEnd": "23:59:59-05:00" + } + } +}' 'https://pdp:8081/pdp/api/createPolicy' + +sleep 2 + +echo "Creating Decision vDNS Guard - Min/Max policy" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "policyClass": "Decision", + "policyName": "com.vDNS_MinMax", + "policyDescription": "Ensure number of instances within a range", + "onapName": "SampleDemo", + "ruleProvider": "GUARD_MIN_MAX", + "attributes": { + "MATCHING": { + "actor": "SO", + "recipe": "scaleOut", + "targets": ".*", + "clname": "ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3", + "min": "1", + "max": "5", + "guardActiveStart": "00:00:01-05:00", + "guardActiveEnd": "23:59:59-05:00" + } + } +}' 'https://pdp:8081/pdp/api/createPolicy' + +#########################################Push Decision policy######################################### + +sleep 2 + +echo "Push Decision policy" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.AllPermitGuard", + "policyType": "DECISION" +}' 'https://pdp:8081/pdp/api/pushPolicy' + +sleep 2 + +echo "Push Decision policy" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.vDNS_Frequency", + "policyType": "DECISION" +}' 'https://pdp:8081/pdp/api/pushPolicy' + +sleep 2 + +echo "Push Decision policy" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.vDNS_MinMax", + "policyType": "DECISION" +}' 'https://pdp:8081/pdp/api/pushPolicy' + +#########################################Pushing BRMS Param policies########################################## + +echo "Pushing BRMSParam Operational policies" + +sleep 2 + +echo "pushPolicy : PUT : com.BRMSParamvFirewall" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.BRMSParamvFirewall", + "policyType": "BRMS_Param" +}' 'https://pdp:8081/pdp/api/pushPolicy' + +sleep 2 + +echo "pushPolicy : PUT : com.BRMSParamvDNS" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.BRMSParamvDNS", + "policyType": "BRMS_Param" +}' 'https://pdp:8081/pdp/api/pushPolicy' + +sleep 2 + +echo "pushPolicy : PUT : com.BRMSParamVOLTE" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.BRMSParamVOLTE", + "policyType": "BRMS_Param" +}' 'https://pdp:8081/pdp/api/pushPolicy' + +sleep 2 + +echo "pushPolicy : PUT : com.BRMSParamvCPE" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.BRMSParamvCPE", + "policyType": "BRMS_Param" +}' 'https://pdp:8081/pdp/api/pushPolicy' + +sleep 2 + +echo "pushPolicy : PUT : com.BRMSParamvPCI" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.BRMSParamvPCI", + "policyType": "BRMS_Param" +}' 'https://pdp:8081/pdp/api/pushPolicy' + +sleep 2 + +echo "pushPolicy : PUT : com.BRMSParamCCVPN" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.BRMSParamCCVPN", + "policyType": "BRMS_Param" +}' 'https://pdp:8081/pdp/api/pushPolicy' + +#########################################Pushing MicroService Config policies########################################## + +echo "Pushing MicroService Config policies" + +sleep 2 + +echo "pushPolicy : PUT : com.MicroServicevFirewall" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.MicroServicevFirewall", + "policyType": "MicroService" +}' 'https://pdp:8081/pdp/api/pushPolicy' + +sleep 10 + +echo "pushPolicy : PUT : com.MicroServicevDNS" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.MicroServicevDNS", + "policyType": "MicroService" +}' 'https://pdp:8081/pdp/api/pushPolicy' + +sleep 10 + +echo "pushPolicy : PUT : com.MicroServicevCPE" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.MicroServicevCPE", + "policyType": "MicroService" +}' 'https://pdp:8081/pdp/api/pushPolicy' + +#########################################Pushing SDNC Naming Policies########################################## +echo "Pushing SDNC Naming Policies" + +sleep 2 + +echo "pushPolicy : PUT : SDNC_Policy.ONAP_VFW_NAMING_TIMESTAMP" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "SDNC_Policy.ONAP_VFW_NAMING_TIMESTAMP", + "policyType": "MicroService" +}' 'https://pdp:8081/pdp/api/pushPolicy' + +sleep 10 + +echo "pushPolicy : PUT : SDNC_Policy.ONAP_VPG_NAMING_TIMESTAMP" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "SDNC_Policy.ONAP_VPG_NAMING_TIMESTAMP", + "policyType": "MicroService" +}' 'https://pdp:8081/pdp/api/pushPolicy' + + +#########################################Pushing OOF PCI Policies########################################## +sleep 10 + +echo "pushPolicy : PUT : com.MicroServicevPCI" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.MicroServicevPCI", + "policyType": "MicroService" +}' 'https://pdp:8081/pdp/api/pushPolicy' + +sleep 10 + +echo "pushPolicy : PUT : com.PCIMS_CONFIG_POLICY" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.PCIMS_CONFIG_POLICY", + "policyType": "Base" +}' 'https://pdp:8081/pdp/api/pushPolicy' + +sleep 10 + +echo "pushPolicy : PUT : com.OOF_PCI_CONFIG_POLICY" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.OOF_PCI_CONFIG_POLICY", + "policyType": "Base" +}' 'https://pdp:8081/pdp/api/pushPolicy' diff --git a/scripts/policy/docker-compose-drools-apps.yml b/scripts/policy/docker-compose-drools-apps.yml index 14a2161f..704de81b 100644 --- a/scripts/policy/docker-compose-drools-apps.yml +++ b/scripts/policy/docker-compose-drools-apps.yml @@ -1,4 +1,4 @@ -# Copyright 2019 AT&T Intellectual Property. All rights reserved +# Copyright 2019-2020 AT&T Intellectual Property. All rights reserved # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -34,14 +34,8 @@ services: - 6969 - 9696 volumes: - - ${WORKSPACE}/scripts/policy/config/drools:/tmp/policy-install/config - environment: - - DEBUG=y - start_dependencies: - image: dadarek/wait-for-dependencies - container_name: policy-wait - depends_on: - - mariadb - hostname: policy-wait - command: mariadb:3306 - + - ${WORKSPACE}/scripts/policy/config/drools-apps/custom:/tmp/policy-install/config + env_file: + - ${WORKSPACE}/scripts/policy/config/drools-apps/env/base.conf + - ${WORKSPACE}/scripts/policy/config/drools-apps/env/feature-healthcheck.conf + - ${WORKSPACE}/scripts/policy/config/drools-apps/env/feature-pooling-dmaap.conf diff --git a/scripts/policy/docker-compose-drools.yml b/scripts/policy/docker-compose-drools.yml index ffee9cdc..974b465f 100644 --- a/scripts/policy/docker-compose-drools.yml +++ b/scripts/policy/docker-compose-drools.yml @@ -1,4 +1,4 @@ -# Copyright 2018 AT&T Intellectual Property. All rights reserved +# Copyright 2018-2020 AT&T Intellectual Property. All rights reserved # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,42 +14,34 @@ version: '2' services: mariadb: - image: mariadb:10.2.14 + image: mariadb:${POLICY_MARIADB_VER} container_name: mariadb hostname: mariadb command: ['--lower-case-table-names=1', '--wait_timeout=28800'] - env_file: config/db/db.conf + env_file: + - ${WORKSPACE}/scripts/policy/config/db/db.conf volumes: - - ./config/db:/docker-entrypoint-initdb.d + - ${WORKSPACE}/scripts/policy/config/db:/docker-entrypoint-initdb.d expose: - - 3306 + - 3306 nexus: image: sonatype/nexus:2.14.8-01 container_name: nexus hostname: nexus - pap: - image: onap/policy-pe - environment: - - PRELOAD_POLICIES=${PRELOAD_POLICIES} - container_name: pap - depends_on: - - mariadb - hostname: pap expose: - - 8443 - - 9091 - command: pap - volumes: - - ./config/pe:/tmp/policy-install/config + - 8081 drools: - image: onap/policy-drools + image: nexus3.onap.org:10001/onap/policy-drools:${POLICY_DROOLS_VERSION} + user: 1000:1000 container_name: drools depends_on: - - mariadb - - nexus + - mariadb + - nexus hostname: drools expose: - - 6969 - - 9696 + - 6969 + - 9696 volumes: - - ./config/drools:/tmp/policy-install/config + - ${WORKSPACE}/scripts/policy/config/drools/custom:/tmp/policy-install/config + env_file: + - ${WORKSPACE}/scripts/policy/config/drools/env/base.conf diff --git a/scripts/policy/docker-compose-engine.yml b/scripts/policy/docker-compose-engine.yml index e67729e2..1fc5f9f3 100644 --- a/scripts/policy/docker-compose-engine.yml +++ b/scripts/policy/docker-compose-engine.yml @@ -14,13 +14,14 @@ version: '2' services: mariadb: - image: mariadb:10.2.14 + image: mariadb:${POLICY_MARIADB_VER} container_name: mariadb hostname: mariadb command: ['--lower-case-table-names=1', '--wait_timeout=28800'] - env_file: config/db/db.conf + env_file: + - ${WORKSPACE}/scripts/policy/config/db/db.conf volumes: - - ./config/db:/docker-entrypoint-initdb.d + - ${WORKSPACE}/scripts/policy/config/db:/docker-entrypoint-initdb.d expose: - 3306 nexus: @@ -28,7 +29,7 @@ services: container_name: nexus hostname: nexus pap: - image: onap/policy-pe + image: nexus3.onap.org:10001/onap/policy-pe:${POLICY_ENGINE_VERSION} environment: - PRELOAD_POLICIES=${PRELOAD_POLICIES} container_name: pap @@ -40,9 +41,9 @@ services: - 9091 command: pap volumes: - - ./config/pe:/tmp/policy-install/config + - ${WORKSPACE}/scripts/policy/config/pe:/tmp/policy-install/config pdp: - image: onap/policy-pe + image: nexus3.onap.org:10001/onap/policy-pe:${POLICY_ENGINE_VERSION} container_name: pdp depends_on: - pap @@ -53,23 +54,11 @@ services: volumes: - ./config/pe:/tmp/policy-install/config brmsgw: - image: onap/policy-pe + image: nexus3.onap.org:10001/onap/policy-pe:${POLICY_ENGINE_VERSION} container_name: brmsgw depends_on: - pap hostname: brmsgw command: brmsgw volumes: - - ./config/pe:/tmp/policy-install/config - drools: - image: onap/policy-drools - container_name: drools - depends_on: - - mariadb - - nexus - hostname: drools - expose: - - 6969 - - 9696 - volumes: - - ./config/drools:/tmp/policy-install/config + - ${WORKSPACE}/scripts/policy/config/pe:/tmp/policy-install/config diff --git a/scripts/policy/drools-pdp-script.sh b/scripts/policy/drools-pdp-script.sh deleted file mode 100755 index 6e14931f..00000000 --- a/scripts/policy/drools-pdp-script.sh +++ /dev/null @@ -1,246 +0,0 @@ -#!/bin/bash -x -# -# Copyright 2017-2019 AT&T Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -echo "This is ${WORKSPACE}/scripts/policy/drools-pdp-script.sh" - - -# the directory of the script -DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" -echo ${DIR} - -# the temp directory used, within $DIR -# omit the -p parameter to create a temporal directory in the default location -WORK_DIR=`mktemp -d -p "$DIR"` -echo ${WORK_DIR} - -cd ${WORK_DIR} - -# check if tmp dir was created -if [[ ! "$WORK_DIR" || ! -d "$WORK_DIR" ]]; then - echo "Could not create temp dir" - exit 1 -fi - -# bring down maven -mkdir maven -cd maven -# download maven from automatically selected mirror server -curl -vLO "https://www.apache.org/dyn/mirrors/mirrors.cgi?cca2=us&preferred=http://apache.claz.org/&action=download&filename=maven/maven-3/3.3.9/binaries/apache-maven-3.3.9-bin.tar.gz" -if ! tar -xzvf apache-maven-3.3.9-bin.tar.gz ; then - echo "Installation of maven has failed!" - exit 1 -fi -ls -l -export PATH=${PATH}:${WORK_DIR}/maven/apache-maven-3.3.9/bin -${WORK_DIR}/maven/apache-maven-3.3.9/bin/mvn -v -cd .. - -ifconfig - -export IP=`ip route get 8.8.8.8 | awk '/8.8.8.8/ {print $NF}'` -if [ -z "$IP" ]; then - echo "Could not determine IP address" - exit 1 -fi -echo $IP - -if ! ifconfig docker0; then - export DOCKER_IP="$IP" -else - export DOCKER_IP=`ifconfig docker0 | awk -F: '/inet addr/ {gsub(/ .*/,"",$2); print $2}'` -fi -echo $DOCKER_IP - -git clone http://gerrit.onap.org/r/oparent - -git clone http://gerrit.onap.org/r/policy/engine -cd engine/packages/docker -${WORK_DIR}/maven/apache-maven-3.3.9/bin/mvn prepare-package --settings ${WORK_DIR}/oparent/settings.xml -docker build -t onap/policy-pe target/policy-pe - -cd ${WORK_DIR} -git clone http://gerrit.onap.org/r/policy/drools-pdp -cd drools-pdp/packages/docker -${WORK_DIR}/maven/apache-maven-3.3.9/bin/mvn prepare-package --settings ${WORK_DIR}/oparent/settings.xml -docker build -t onap/policy-drools target/policy-drools - -cd ${WORK_DIR} -git clone http://gerrit.onap.org/r/policy/docker -cd docker - -chmod +x config/drools/drools-tweaks.sh - -echo $IP > config/pe/ip_addr.txt -ls -l config/pe/ip_addr.txt -cat config/pe/ip_addr.txt - -export MTU=9126 - -export PRELOAD_POLICIES=false -docker-compose -f docker-compose-integration.yml up -d - -if [ ! $? -eq 0 ]; then - echo "Docker compose failed" - exit 1 -fi - -docker ps - -POLICY_IP=`docker inspect --format '{{ .NetworkSettings.Networks.docker_default.IPAddress}}' drools` -echo ${POLICY_IP} - -PDP_IP=`docker inspect --format '{{ .NetworkSettings.Networks.docker_default.IPAddress}}' pdp` -echo ${PDP_IP} - -PAP_IP=`docker inspect --format '{{ .NetworkSettings.Networks.docker_default.IPAddress}}' pap` -echo ${PAP_IP} - -BRMS_IP=`docker inspect --format '{{ .NetworkSettings.Networks.docker_default.IPAddress}}' brmsgw` -echo ${BRMS_IP} - -NEXUS_IP=`docker inspect --format '{{ .NetworkSettings.Networks.docker_default.IPAddress}}' nexus` -echo ${NEXUS_IP} - -MARIADB_IP=`docker inspect --format '{{ .NetworkSettings.Networks.docker_default.IPAddress}}' mariadb` -echo ${MARIADB_IP} - -sleep 3m - -docker logs mariadb 2>&1 | grep -q "mysqld: ready for connections" -if [ $? -eq 0 ]; then - # mariadb is ok - sleep a little longer for others - sleep 2m - -else - echo mariadb is not ready - echo Restarting... - - docker kill drools pdp pap brmsgw nexus mariadb - docker rm -f drools pdp pap brmsgw nexus mariadb - - docker-compose -f docker-compose-integration.yml up -d - - if [ ! $? -eq 0 ]; then - echo "Docker compose failed" - exit 1 - fi - - docker ps - - POLICY_IP=`docker inspect --format '{{ .NetworkSettings.Networks.docker_default.IPAddress}}' drools` - echo ${POLICY_IP} - - PDP_IP=`docker inspect --format '{{ .NetworkSettings.Networks.docker_default.IPAddress}}' pdp` - echo ${PDP_IP} - - PAP_IP=`docker inspect --format '{{ .NetworkSettings.Networks.docker_default.IPAddress}}' pap` - echo ${PAP_IP} - - BRMS_IP=`docker inspect --format '{{ .NetworkSettings.Networks.docker_default.IPAddress}}' brmsgw` - echo ${BRMS_IP} - - NEXUS_IP=`docker inspect --format '{{ .NetworkSettings.Networks.docker_default.IPAddress}}' nexus` - echo ${NEXUS_IP} - - MARIADB_IP=`docker inspect --format '{{ .NetworkSettings.Networks.docker_default.IPAddress}}' mariadb` - echo ${MARIADB_IP} - - sleep 5m -fi - -netstat -tnl - -${DIR}/wait_for_port.sh ${MARIADB_IP} 3306 -rc=$? -if [[ $rc != 0 ]]; then - echo "cannot open ${MARIADB_IP} 3306" - telnet ${MARIADB_IP} 3306 < /dev/null - nc -vz ${MARIADB_IP} 3306 - docker logs mariadb - exit $rc -fi - -${DIR}/wait_for_port.sh ${NEXUS_IP} 8081 -rc=$? -if [[ $rc != 0 ]]; then - echo "cannot open ${NEXUS_IP} 8081" - telnet ${NEXUS_IP} 8081 < /dev/null - nc -vz ${NEXUS_IP} 8081 - docker logs nexus - exit $rc -fi - -${DIR}/wait_for_port.sh ${POLICY_IP} 9696 -rc=$? -if [[ $rc != 0 ]]; then - echo "cannot open ${POLICY_IP} 9696" - telnet ${POLICY_IP} 9696 < /dev/null - nc -vz ${POLICY_IP} 9696 - docker logs drools - exit $rc -fi - -${DIR}/wait_for_port.sh ${PAP_IP} 9091 -rc=$? -if [[ $rc != 0 ]]; then - echo "cannot open ${PAP_IP} 9091" - telnet ${PAP_IP} 9091 < /dev/null - nc -vz ${PAP_IP} 9091 - docker logs pap - exit $rc -fi - -${DIR}/wait_for_port.sh ${PDP_IP} 8081 -rc=$? -if [[ $rc != 0 ]]; then - echo "cannot open ${PDP_IP} 8081" - telnet ${PDP_IP} 8081 < /dev/null - nc -vz ${PDP_IP} 8081 - docker logs pdp - exit $rc -fi - -${DIR}/wait_for_port.sh ${BRMS_IP} 9989 -rc=$? -if [[ $rc != 0 ]]; then - echo "cannot open ${BRMS_IP} 9989" - telnet ${BRMS_IP} 9989" < /dev/null - nc -vz ${BRMS_IP} 9989" - docker logs brmsgw - exit $rc -fi - -docker logs drools -docker logs pap -docker logs pdp -docker logs brmsgw - -TIME_OUT=300 -INTERVAL=20 -TIME=0 -while [ "$TIME" -lt "$TIME_OUT" ]; do - curl -k -i --user "demo@people.osaaf.org:demo123456!" -H "ContentType: application/json" -H "Accept: application/json" https://${POLICY_IP}:9696/healthcheck && break - - echo Sleep: $INTERVAL seconds before testing if Policy is up. Total wait time up now is: $TIME seconds. Timeout is: $TIME_OUT seconds - sleep $INTERVAL - TIME=$(($TIME+$INTERVAL)) - -done - -# -# Add more sleep for everything to settle -# -sleep 3m diff --git a/scripts/policy/engine.sh b/scripts/policy/engine.sh deleted file mode 100755 index 3e9f3d42..00000000 --- a/scripts/policy/engine.sh +++ /dev/null @@ -1,264 +0,0 @@ -#!/bin/bash -x -# -# Copyright 2017-2019 AT&T Intellectual Property. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -echo "This is ${WORKSPACE}/scripts/policy/engine.sh" - - -# the directory of the script -DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" -echo ${DIR} - -# the temp directory used, within $DIR -# omit the -p parameter to create a temporal directory in the default location -WORK_DIR=`mktemp -d -p "$DIR"` -echo ${WORK_DIR} - -cd ${WORK_DIR} - -# check if tmp dir was created -if [[ ! "$WORK_DIR" || ! -d "$WORK_DIR" ]]; then - echo "Could not create temp dir" - exit 1 -fi - -# bring down maven -mkdir maven -cd maven -# download maven from automatically selected mirror server -curl -vLO "https://www.apache.org/dyn/mirrors/mirrors.cgi?cca2=us&preferred=http://apache.claz.org/&action=download&filename=maven/maven-3/3.3.9/binaries/apache-maven-3.3.9-bin.tar.gz" -if ! tar -xzvf apache-maven-3.3.9-bin.tar.gz ; then - echo "Installation of maven has failed!" - exit 1 -fi -ls -l -export PATH=${PATH}:${WORK_DIR}/maven/apache-maven-3.3.9/bin -${WORK_DIR}/maven/apache-maven-3.3.9/bin/mvn -v -cd .. - -ifconfig - -export IP=`ip route get 8.8.8.8 | awk '/8.8.8.8/ {print $NF}'` -if [ -z "$IP" ]; then - echo "Could not determine IP address" - exit 1 -fi -echo $IP - -if ! ifconfig docker0; then - export DOCKER_IP="$IP" -else - export DOCKER_IP=`ifconfig docker0 | awk -F: '/inet addr/ {gsub(/ .*/,"",$2); print $2}'` -fi -echo $DOCKER_IP - -git clone http://gerrit.onap.org/r/oparent - -git clone http://gerrit.onap.org/r/policy/engine -cd engine/packages/docker -${WORK_DIR}/maven/apache-maven-3.3.9/bin/mvn prepare-package --settings ${WORK_DIR}/oparent/settings.xml -docker build -t onap/policy-pe target/policy-pe - -cd ${WORK_DIR} -git clone http://gerrit.onap.org/r/policy/drools-pdp -cd drools-pdp/packages/docker -${WORK_DIR}/maven/apache-maven-3.3.9/bin/mvn prepare-package --settings ${WORK_DIR}/oparent/settings.xml -docker build -t onap/policy-drools target/policy-drools - -cd ${WORK_DIR} -git clone http://gerrit.onap.org/r/policy/docker -cd docker - -chmod +x config/drools/drools-tweaks.sh - -echo $IP > config/pe/ip_addr.txt -ls -l config/pe/ip_addr.txt -cat config/pe/ip_addr.txt - -export MTU=9126 - -export PRELOAD_POLICIES=false -docker-compose -f docker-compose-integration.yml up -d - -if [ ! $? -eq 0 ]; then - echo "Docker compose failed" - exit 1 -fi - -docker ps - -POLICY_IP=`docker inspect --format '{{ .NetworkSettings.Networks.docker_default.IPAddress}}' drools` -echo ${POLICY_IP} - -PDP_IP=`docker inspect --format '{{ .NetworkSettings.Networks.docker_default.IPAddress}}' pdp` -echo ${PDP_IP} - -PAP_IP=`docker inspect --format '{{ .NetworkSettings.Networks.docker_default.IPAddress}}' pap` -echo ${PAP_IP} - -BRMS_IP=`docker inspect --format '{{ .NetworkSettings.Networks.docker_default.IPAddress}}' brmsgw` -echo ${BRMS_IP} - -NEXUS_IP=`docker inspect --format '{{ .NetworkSettings.Networks.docker_default.IPAddress}}' nexus` -echo ${NEXUS_IP} - -MARIADB_IP=`docker inspect --format '{{ .NetworkSettings.Networks.docker_default.IPAddress}}' mariadb` -echo ${MARIADB_IP} - -sleep 3m - -docker logs mariadb 2>&1 | grep -q "mysqld: ready for connections" -if [ $? -eq 0 ]; then - # mariadb is ok - sleep a little longer for others - sleep 2m - -else - echo mariadb is not ready - echo Restarting... - - docker kill drools pdp pap brmsgw nexus mariadb - docker rm -f drools pdp pap brmsgw nexus mariadb - - docker-compose -f docker-compose-integration.yml up -d - - if [ ! $? -eq 0 ]; then - echo "Docker compose failed" - exit 1 - fi - - docker ps - - POLICY_IP=`docker inspect --format '{{ .NetworkSettings.Networks.docker_default.IPAddress}}' drools` - echo ${POLICY_IP} - - PDP_IP=`docker inspect --format '{{ .NetworkSettings.Networks.docker_default.IPAddress}}' pdp` - echo ${PDP_IP} - - PAP_IP=`docker inspect --format '{{ .NetworkSettings.Networks.docker_default.IPAddress}}' pap` - echo ${PAP_IP} - - BRMS_IP=`docker inspect --format '{{ .NetworkSettings.Networks.docker_default.IPAddress}}' brmsgw` - echo ${BRMS_IP} - - NEXUS_IP=`docker inspect --format '{{ .NetworkSettings.Networks.docker_default.IPAddress}}' nexus` - echo ${NEXUS_IP} - - MARIADB_IP=`docker inspect --format '{{ .NetworkSettings.Networks.docker_default.IPAddress}}' mariadb` - echo ${MARIADB_IP} - - sleep 5m -fi - -netstat -tnl - -${DIR}/wait_for_port.sh ${MARIADB_IP} 3306 -rc=$? -if [[ $rc != 0 ]]; then - echo "cannot open ${MARIADB_IP} 3306" - telnet ${MARIADB_IP} 3306 < /dev/null - nc -vz ${MARIADB_IP} 3306 - docker logs mariadb - exit $rc -fi - -${DIR}/wait_for_port.sh ${NEXUS_IP} 8081 -rc=$? -if [[ $rc != 0 ]]; then - echo "cannot open ${NEXUS_IP} 8081" - netstat -tnl - telnet ${NEXUS_IP} 8081 < /dev/null - nc -vz ${NEXUS_IP} 8081 - docker logs nexus - exit $rc -fi - -${DIR}/wait_for_port.sh ${POLICY_IP} 9696 -rc=$? -if [[ $rc != 0 ]]; then - echo "cannot open ${POLICY_IP} 9696" - netstat -tnl - telnet ${POLICY_IP} 9696 < /dev/null - nc -vz ${POLICY_IP} 9696 - docker logs drools - exit $rc -fi - -${DIR}/wait_for_port.sh ${PAP_IP} 9091 -rc=$? -if [[ $rc != 0 ]]; then - echo "cannot open ${PAP_IP} 9091" - netstat -tnl - telnet ${PAP_IP} 9091 < /dev/null - nc -vz ${PAP_IP} 9091 - docker logs pap - exit $rc -fi - -${DIR}/wait_for_port.sh ${PDP_IP} 8081 -rc=$? -if [[ $rc != 0 ]]; then - echo "cannot open ${PDP_IP} 8081" - netstat -tnl - telnet ${PDP_IP} 8081 < /dev/null - nc -vz ${PDP_IP} 8081 - docker logs pdp - exit $rc -fi - -${DIR}/wait_for_port.sh ${BRMS_IP} 9989 -rc=$? -if [[ $rc != 0 ]]; then - echo "cannot open ${BRMS_IP} 9989" - netstat -tnl - telnet ${BRMS_IP} 9989" < /dev/null - nc -vz ${BRMS_IP} 9989" - docker logs brmsgw - exit $rc -fi - -docker logs drools -docker logs pap -docker logs pdp -docker logs brmsgw - -TIME_OUT=300 -INTERVAL=20 -TIME=0 -while [ "$TIME" -lt "$TIME_OUT" ]; do - curl -k -i --user "demo@people.osaaf.org:demo123456!" -H "ContentType: application/json" -H "Accept: application/json" https://${POLICY_IP}:6969/healthcheck && break - - echo Sleep: $INTERVAL seconds before testing if Policy is up. Total wait time up now is: $TIME seconds. Timeout is: $TIME_OUT seconds - sleep $INTERVAL - TIME=$(($TIME+$INTERVAL)) - -done - -TIME_OUT=300 -INTERVAL=20 -TIME=0 -while [ "$TIME" -lt "$TIME_OUT" ]; do - - curl -k -i -v -H 'Content-Type: application/json' -H 'Accept: application/json' -H 'ClientAuth: cHl0aG9uOnRlc3Q=' -H 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' -H 'Environment: TEST' -d '{"policyName": ".*"}' https://${PDP_IP}:8081/pdp/api/getConfig && break - -echo Sleep: $INTERVAL seconds before testing if Policy is up. Total wait time up now is: $TIME seconds. Timeout is: $TIME_OUT seconds - sleep $INTERVAL - TIME=$(($TIME+$INTERVAL)) - -done - -# -# Add more sleep for everything to settle -# -sleep 3m diff --git a/scripts/policy/policy-distribution/config/distribution/csar/sample_csar_with_apex_policy.csar b/scripts/policy/policy-distribution/config/distribution/csar/sample_csar_with_apex_policy.csar index 76f45ea5..3b1ed6f3 100644 Binary files a/scripts/policy/policy-distribution/config/distribution/csar/sample_csar_with_apex_policy.csar and b/scripts/policy/policy-distribution/config/distribution/csar/sample_csar_with_apex_policy.csar differ -- cgit 1.2.3-korg