From 1449bbe36e44315fa6e74375e7ab0607dd182344 Mon Sep 17 00:00:00 2001 From: ChenjieXu Date: Wed, 1 Apr 2020 13:26:54 +0800 Subject: Integrate Openness EAA Openness EAA provides application/service registration and authentication. EAA is integrated by running EAA via ONAP4K8S. Issue-ID: MULTICLOUD-1044 Signed-off-by: ChenjieXu Change-Id: I66dffc5bcfc66675f6b62672e32496ec7f71454c --- kud/tests/openness/eaa/helm/eaa/Chart.yaml | 18 +++++ .../eaa/helm/eaa/templates/eaa-deployment.yaml | 56 ++++++++++++++++ .../eaa/helm/eaa/templates/eaa-service.yaml | 18 +++++ .../openness/eaa/helm/eaa/templates/eaa-tls.yaml | 7 ++ kud/tests/openness/eaa/helm/eaa/values.yaml | 77 ++++++++++++++++++++++ kud/tests/openness/eaa/profile/manifest.yaml | 4 ++ .../openness/eaa/profile/override_values.yaml | 0 .../openness/sample-app/helm/sample-app/Chart.yaml | 18 +++++ .../sample-app/templates/consumer-deployment.yaml | 22 +++++++ .../sample-app/templates/prod-cons-policy.yaml | 18 +++++ .../sample-app/templates/producer-deployment.yaml | 22 +++++++ .../sample-app/helm/sample-app/values.yaml | 42 ++++++++++++ .../openness/sample-app/profile/manifest.yaml | 4 ++ .../sample-app/profile/override_values.yaml | 0 14 files changed, 306 insertions(+) create mode 100644 kud/tests/openness/eaa/helm/eaa/Chart.yaml create mode 100644 kud/tests/openness/eaa/helm/eaa/templates/eaa-deployment.yaml create mode 100644 kud/tests/openness/eaa/helm/eaa/templates/eaa-service.yaml create mode 100644 kud/tests/openness/eaa/helm/eaa/templates/eaa-tls.yaml create mode 100644 kud/tests/openness/eaa/helm/eaa/values.yaml create mode 100644 kud/tests/openness/eaa/profile/manifest.yaml create mode 100644 kud/tests/openness/eaa/profile/override_values.yaml create mode 100644 kud/tests/openness/sample-app/helm/sample-app/Chart.yaml create mode 100644 kud/tests/openness/sample-app/helm/sample-app/templates/consumer-deployment.yaml create mode 100644 kud/tests/openness/sample-app/helm/sample-app/templates/prod-cons-policy.yaml create mode 100644 kud/tests/openness/sample-app/helm/sample-app/templates/producer-deployment.yaml create mode 100644 kud/tests/openness/sample-app/helm/sample-app/values.yaml create mode 100644 kud/tests/openness/sample-app/profile/manifest.yaml create mode 100644 kud/tests/openness/sample-app/profile/override_values.yaml (limited to 'kud/tests/openness') diff --git a/kud/tests/openness/eaa/helm/eaa/Chart.yaml b/kud/tests/openness/eaa/helm/eaa/Chart.yaml new file mode 100644 index 00000000..b1875305 --- /dev/null +++ b/kud/tests/openness/eaa/helm/eaa/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Openness EAA Helm Charts for version 19.12 +name: eaa +version: 1.0.0 diff --git a/kud/tests/openness/eaa/helm/eaa/templates/eaa-deployment.yaml b/kud/tests/openness/eaa/helm/eaa/templates/eaa-deployment.yaml new file mode 100644 index 00000000..69f4cb3a --- /dev/null +++ b/kud/tests/openness/eaa/helm/eaa/templates/eaa-deployment.yaml @@ -0,0 +1,56 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Values.deployment.eaa.name }} + namespace: {{ .Release.Namespace }} +spec: + replicas: 1 + selector: + matchLabels: + name: {{ .Values.deployment.eaa.name }} + template: + metadata: + labels: + name: {{ .Values.deployment.eaa.name }} + spec: + initContainers: + - name: {{ .Values.initContainer.name }} + image: {{ .Values.initContainer.image }} + command: ["/bin/sh"] + args: ["-c", "pwd"] + imagePullPolicy: IfNotPresent + resources: + requests: + cpu: {{ .Values.initContainer.resource.requests.cpu }} + limits: + cpu: {{ .Values.initContainer.resource.limits.cpu }} + memory: {{ .Values.initContainer.resource.limits.memory }} + volumeMounts: + - name: {{ .Values.initContainer.volumeMounts.certsSec.name }} + mountPath: {{ .Values.initContainer.volumeMounts.certsSec.mountPath }} + - name: {{ .Values.initContainer.volumeMounts.certs.name }} + mountPath: {{ .Values.initContainer.volumeMounts.certs.mountPath }} + containers: + - name: {{ .Values.container.name }} + image: {{ .Values.container.image }} + imagePullPolicy: IfNotPresent + securityContext: + readOnlyRootFilesystem: true + resources: + requests: + cpu: {{ .Values.container.resource.requests.cpu }} + limits: + cpu: {{ .Values.container.resource.limits.cpu }} + memory: {{ .Values.container.resource.limits.memory }} + volumeMounts: + - name: {{ .Values.container.volumeMounts.certs.name }} + mountPath: {{ .Values.container.volumeMounts.certs.mountPath }} + - name: {{ .Values.container.volumeMounts.certsSec.name }} + mountPath: {{ .Values.container.volumeMounts.certsSec.mountPath }} + volumes: + - name: {{ .Values.volumes.certsSec.name }} + secret: + secretName: {{ .Values.volumes.certsSec.secret.secretName }} + - name: {{ .Values.volumes.certs.name }} + hostPath: + path: {{ .Values.volumes.certs.hostPath.path }} diff --git a/kud/tests/openness/eaa/helm/eaa/templates/eaa-service.yaml b/kud/tests/openness/eaa/helm/eaa/templates/eaa-service.yaml new file mode 100644 index 00000000..d9ee90dd --- /dev/null +++ b/kud/tests/openness/eaa/helm/eaa/templates/eaa-service.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.eaa.name }} + namespace: {{ .Release.Namespace }} +spec: + clusterIP: {{ .Values.service.eaa.clusterIP }} + selector: + name: eaa + ports: + - name: {{ .Values.service.eaa.httpPortName}} + protocol: {{ .Values.service.eaa.httpProtocol}} + port: {{ .Values.service.eaa.httpPort }} + targetPort: {{ .Values.service.eaa.httpTargetPort }} + - name: {{ .Values.service.eaa.httpsPortName }} + protocol: {{ .Values.service.eaa.httpsProtocol }} + port: {{ .Values.service.eaa.httpsPort }} + targetPort: {{ .Values.service.eaa.httpsTargetPort }} diff --git a/kud/tests/openness/eaa/helm/eaa/templates/eaa-tls.yaml b/kud/tests/openness/eaa/helm/eaa/templates/eaa-tls.yaml new file mode 100644 index 00000000..52de1ce0 --- /dev/null +++ b/kud/tests/openness/eaa/helm/eaa/templates/eaa-tls.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Values.eaaTls.name }} + namespace: {{ .Release.Namespace }} +type: Opaque +data: diff --git a/kud/tests/openness/eaa/helm/eaa/values.yaml b/kud/tests/openness/eaa/helm/eaa/values.yaml new file mode 100644 index 00000000..2824c673 --- /dev/null +++ b/kud/tests/openness/eaa/helm/eaa/values.yaml @@ -0,0 +1,77 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +service: + eaa: + name: eaa + clusterIP: None + httpPortName: http + httpProtocol: TCP + httpPort: 80 + httpTargetPort: 80 + httpsPortName: https + httpsProtocol: TCP + httpsPort: 443 + httpsTargetPort: 443 + +deployment: + eaa: + name: eaa + +initContainer: + name: alpine + image: alpine:latest + resource: + requests: + cpu: 0.1 + limits: + cpu: 0.1 + memory: 128Mi + volumeMounts: + certsSec: + name: certs-sec + mountPath: /root/certs-sec + certs: + name: certs + mountPath: /root/certs + +container: + name: eaa + image: integratedcloudnative/eaa:1.0 + resource: + requests: + cpu: 0.1 + limits: + cpu: 1 + memory: 128Mi + volumeMounts: + certs: + name: certs + mountPath: /home/eaa/certs/eaa + certsSec: + name: certs-sec + mountPath: /home/eaa/certs-sec + +volumes: + certsSec: + name: certs-sec + secret: + secretName: eaa-tls + certs: + name: certs + hostPath: + path: /etc/openness/certs/eaa + +eaaTls: + name: eaa-tls diff --git a/kud/tests/openness/eaa/profile/manifest.yaml b/kud/tests/openness/eaa/profile/manifest.yaml new file mode 100644 index 00000000..4d381d02 --- /dev/null +++ b/kud/tests/openness/eaa/profile/manifest.yaml @@ -0,0 +1,4 @@ +--- +version: v1 +type: + values: "override_values.yaml" diff --git a/kud/tests/openness/eaa/profile/override_values.yaml b/kud/tests/openness/eaa/profile/override_values.yaml new file mode 100644 index 00000000..e69de29b diff --git a/kud/tests/openness/sample-app/helm/sample-app/Chart.yaml b/kud/tests/openness/sample-app/helm/sample-app/Chart.yaml new file mode 100644 index 00000000..a2352bca --- /dev/null +++ b/kud/tests/openness/sample-app/helm/sample-app/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Openness EAA Sample App Helm Charts for version 19.12 +name: sample-app +version: 1.0.0 diff --git a/kud/tests/openness/sample-app/helm/sample-app/templates/consumer-deployment.yaml b/kud/tests/openness/sample-app/helm/sample-app/templates/consumer-deployment.yaml new file mode 100644 index 00000000..3bce0de2 --- /dev/null +++ b/kud/tests/openness/sample-app/helm/sample-app/templates/consumer-deployment.yaml @@ -0,0 +1,22 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Values.consumer.name }} + namespace: {{ .Release.Namespace }} +spec: + replicas: 1 + selector: + matchLabels: + app: {{ .Values.consumer.name }} + template: + metadata: + labels: + app: {{ .Values.consumer.name }} + spec: + containers: + - name: {{ .Values.consumer.container.name }} + image: {{ .Values.consumer.container.image }} + imagePullPolicy: IfNotPresent + ports: + - containerPort: {{ .Values.consumer.container.port1 }} + - containerPort: {{ .Values.consumer.container.port2 }} diff --git a/kud/tests/openness/sample-app/helm/sample-app/templates/prod-cons-policy.yaml b/kud/tests/openness/sample-app/helm/sample-app/templates/prod-cons-policy.yaml new file mode 100644 index 00000000..93e20c54 --- /dev/null +++ b/kud/tests/openness/sample-app/helm/sample-app/templates/prod-cons-policy.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ .Values.policy.name }} + namespace: {{ .Release.Namespace }} +spec: + podSelector: {{ .Values.policy.podSelector }} + policyTypes: + - Ingress + ingress: + - from: + - ipBlock: + cidr: {{ .Values.policy.ingress.cidr }} + ports: + - protocol: {{ .Values.policy.ingress.ports.port1.protocol }} + port: {{ .Values.policy.ingress.ports.port1.port }} + - protocol: {{ .Values.policy.ingress.ports.port2.protocol }} + port: {{ .Values.policy.ingress.ports.port2.port }} diff --git a/kud/tests/openness/sample-app/helm/sample-app/templates/producer-deployment.yaml b/kud/tests/openness/sample-app/helm/sample-app/templates/producer-deployment.yaml new file mode 100644 index 00000000..6554f851 --- /dev/null +++ b/kud/tests/openness/sample-app/helm/sample-app/templates/producer-deployment.yaml @@ -0,0 +1,22 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Values.producer.name }} + namespace: {{ .Release.Namespace }} +spec: + replicas: 1 + selector: + matchLabels: + app: {{ .Values.producer.name }} + template: + metadata: + labels: + app: {{ .Values.producer.name }} + spec: + containers: + - name: {{ .Values.producer.container.name }} + image: {{ .Values.producer.container.image }} + imagePullPolicy: IfNotPresent + ports: + - containerPort: {{ .Values.producer.container.port1 }} + - containerPort: {{ .Values.producer.container.port2 }} diff --git a/kud/tests/openness/sample-app/helm/sample-app/values.yaml b/kud/tests/openness/sample-app/helm/sample-app/values.yaml new file mode 100644 index 00000000..65af7161 --- /dev/null +++ b/kud/tests/openness/sample-app/helm/sample-app/values.yaml @@ -0,0 +1,42 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +consumer: + name: consumer + container: + name: consumer + image: integratedcloudnative/consumer:1.0 + port1: 80 + port2: 443 + +producer: + name: producer + container: + name: producer + image: integratedcloudnative/producer:1.0 + port1: 80 + port2: 443 + +policy: + name: eaa-prod-cons-policy + podSelector: "{}" + ingress: + cidr: 10.16.0.0/16 + ports: + port1: + protocol: TCP + port: 80 + port2: + protocol: TCP + port: 443 diff --git a/kud/tests/openness/sample-app/profile/manifest.yaml b/kud/tests/openness/sample-app/profile/manifest.yaml new file mode 100644 index 00000000..4d381d02 --- /dev/null +++ b/kud/tests/openness/sample-app/profile/manifest.yaml @@ -0,0 +1,4 @@ +--- +version: v1 +type: + values: "override_values.yaml" diff --git a/kud/tests/openness/sample-app/profile/override_values.yaml b/kud/tests/openness/sample-app/profile/override_values.yaml new file mode 100644 index 00000000..e69de29b -- cgit 1.2.3-korg