diff options
author | jhh <jorge.hernandez-herrero@att.com> | 2020-08-09 12:08:08 -0500 |
---|---|---|
committer | Jorge Hernandez <jorge.hernandez-herrero@att.com> | 2020-08-27 21:06:19 +0000 |
commit | d425867ae1c52a9b31a06f1dea8810c1c7a0af65 (patch) | |
tree | 15f646c0ab60a2df0916ffd155790b81150b9ff4 /kubernetes/policy/resources/config/pe | |
parent | 15c9df97f8bd5d7871b7287a2f525059e3ccb033 (diff) |
[POLICY] certInit support + refactoring
Several changes are including in this patch:
- certInitializer support (POLICY-2615, REQ-361)
- renamed policy objects to start with "policy-"
prefix (POLICY-1000)
- add resources section to components that did not
have or had it incorrectly set up rendering null
(POLICY-2502)
- Removal of legacy policy-engine components (POLICY-2743)
- Miscellaneous refactoring of charts (POLICY-2745)
- update pdp legacy reference to policy-xacml-pdp from
pdp (legacy)
Issue-ID: POLICY-2615
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Change-Id: I8b6984a663bbb14d331a366ec02b6dd38755cde7
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Diffstat (limited to 'kubernetes/policy/resources/config/pe')
-rw-r--r-- | kubernetes/policy/resources/config/pe/console.conf | 146 | ||||
-rw-r--r-- | kubernetes/policy/resources/config/pe/elk.conf | 17 | ||||
-rw-r--r-- | kubernetes/policy/resources/config/pe/mysql.conf | 19 | ||||
-rw-r--r-- | kubernetes/policy/resources/config/pe/pap-tweaks.sh | 15 | ||||
-rw-r--r-- | kubernetes/policy/resources/config/pe/pap.conf | 68 | ||||
-rw-r--r-- | kubernetes/policy/resources/config/pe/paplp.conf | 26 |
6 files changed, 0 insertions, 291 deletions
diff --git a/kubernetes/policy/resources/config/pe/console.conf b/kubernetes/policy/resources/config/pe/console.conf deleted file mode 100644 index cb170f0802..0000000000 --- a/kubernetes/policy/resources/config/pe/console.conf +++ /dev/null @@ -1,146 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# configs component installation configuration parameters - -# tomcat specific parameters - -TOMCAT_JMX_PORT=9993 -TOMCAT_SHUTDOWN_PORT=8090 -SSL_HTTP_CONNECTOR_PORT=8443 -SSL_HTTP_CONNECTOR_REDIRECT_PORT=8443 -SSL_AJP_CONNECTOR_PORT=8383 -SSL_AJP_CONNECTOR_REDIRECT_PORT=8443 - -TOMCAT_X_MS_MB=2048 -TOMCAT_X_MX_MB=2048 - -# ------------------ console properties --------------------------- - -# -# Authorization Policy - -ROOT_POLICIES=admin -ADMIN_FILE=Policy-Admin.xml - - -# Set your domain here: - -REST_ADMIN_DOMAIN=com - -# -# Location where the GIT repository is located -# -REST_ADMIN_REPOSITORY=repository - -# -# Location where all the user workspaces are located. -# -REST_ADMIN_WORKSPACE=/opt/app/policy/servers/console/bin/workspace - -# -# These can be set so the Admin Console knows who is logged on. Ideally, you can run the console in a J2EE -# container and setup authentication as you please. Setting HttpSession attribute values will override these -# values set in the properties files. -# -# ((HttpServletRequest) request).getSession().setAttribute("xacml.rest.admin.user.name", "Homer"); -# -# The default policy: Policy-Admin.xml is extremely simple. -# -# You can test authorization within the Admin Console by changing the user id. -# There are 3 supported user ids: -# guest - Read only access -# editor - Read/Write access -# admin - Read/Write/Admin access -# -# An empty or null value for xacml.rest.admin.user.id results in no access to the application at all. -# -# This is for development/demonstration purposes only. A production environment should provide authentication which is -# outside the scope of this application. This application can be used to develop a XACML policy for user authorization -# within this application. -# - -REST_ADMIN_USER_NAME=Administrator -REST_ADMIN_USER_ID=super-admin - -# -# -# Property to declare the max time frame for logs. -# -LOG_TIMEFRAME=30 - -# Property to declare the number of visible rows for users in MicroService Policy -COLUMN_COUNT=3 - -# Dashboard refresh rate in miliseconds -REFRESH_RATE=40000 - -# -# URL location for the PAP servlet. -# - - -REST_PAP_URL=https://{{.Values.global.pap.nameOverride}}:{{.Values.service.externalPort2}}/pap/ - -# -# Config/Action Properties location. -# - -REST_CONFIG_HOME=/opt/app/policy/servers/pap/webapps/Config/ -REST_ACTION_HOME=/opt/app/policy/servers/pap/webapps/Action/ -REST_CONFIG_URL=https://{{.Values.global.pap.nameOverride}}:{{.Values.service.externalPort2}}/ -REST_CONFIG_WEBAPPS=/opt/app/policy/servers/pap/webapps/ - -# PAP account information -CONSOLE_PAP_HTTP_USER_ID=testpap -CONSOLE_PAP_HTTP_PASSWORD=alpha123 - - -node_type=pap_admin -resource_name=console_1 - -# The (optional) period of time in seconds between executions of the integrity audit. -# Value < 0 : Audit does not run (default value if property is not present = -1) -# Value = 0 : Audit runs continuously -# Value > 0 : The period of time in seconds between execution of the audit on a particular node -integrity_audit_period_seconds=-1 - -#Automatic Policy Distribution -automatic_push=false - -#Diff of policies for Firewall feature -FW_GETURL= -FW_AUTHOURL= -FW_PROXY= -FW_PORT= - -#SMTP Server Details for Java Mail -onap_smtp_host= -onap_smtp_port=25 -onap_smtp_userName= -onap_smtp_password= -onap_smtp_emailExtension= -onap_application_name= - -#-----------------------ONAP-PORTAL-Properties---------------------- - -ONAP_REDIRECT_URL=https://portal.api.simpledemo.onap.org:30225/ONAPPORTAL/login.htm -ONAP_REST_URL=https://portal-app:8443/ONAPPORTAL/auxapi -ONAP_UEB_URL_LIST= -ONAP_PORTAL_INBOX_NAME= -ONAP_UEB_APP_KEY=ueb_key_5 -ONAP_UEB_APP_SECRET=ueb_key_5 -ONAP_UEB_APP_MAILBOX_NAME= -APP_DISPLAY_NAME=ONAP Policy -ONAP_SHARED_CONTEXT_REST_URL=http://portal-app.{{.Release.Namespace}}:8989/ONAPPORTAL/context diff --git a/kubernetes/policy/resources/config/pe/elk.conf b/kubernetes/policy/resources/config/pe/elk.conf deleted file mode 100644 index 2750bff702..0000000000 --- a/kubernetes/policy/resources/config/pe/elk.conf +++ /dev/null @@ -1,17 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# elasticsearch - -ELK_JMX_PORT=9995 diff --git a/kubernetes/policy/resources/config/pe/mysql.conf b/kubernetes/policy/resources/config/pe/mysql.conf deleted file mode 100644 index d4f83d414e..0000000000 --- a/kubernetes/policy/resources/config/pe/mysql.conf +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# mysql scripts component installation configuration parameters - -# Path to mysql bin -MYSQL_BIN=/usr/local/mysql/bin - diff --git a/kubernetes/policy/resources/config/pe/pap-tweaks.sh b/kubernetes/policy/resources/config/pe/pap-tweaks.sh deleted file mode 100644 index 1930b98f77..0000000000 --- a/kubernetes/policy/resources/config/pe/pap-tweaks.sh +++ /dev/null @@ -1,15 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -#! /bin/bash diff --git a/kubernetes/policy/resources/config/pe/pap.conf b/kubernetes/policy/resources/config/pe/pap.conf deleted file mode 100644 index ee1a492bc2..0000000000 --- a/kubernetes/policy/resources/config/pe/pap.conf +++ /dev/null @@ -1,68 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# pap component installation configuration parameters - -# tomcat specific parameters - -TOMCAT_JMX_PORT=9990 -TOMCAT_SHUTDOWN_PORT=9405 -SSL_HTTP_CONNECTOR_PORT=9091 -SSL_AJP_CONNECTOR_PORT=8380 -SSL_AJP_CONNECTOR_REDIRECT_PORT=8443 - -TOMCAT_X_MS_MB=1024 -TOMCAT_X_MX_MB=1024 - -# pap properties - -PAP_PDPS=/opt/app/policy/servers/pap/bin/pdps -PAP_URL=https://{{ include "common.servicename" . }}:{{.Values.service.externalPort2}}/pap/ - -PAP_INITIATE_PDP=true -PAP_HEARTBEAT_INTERVAL=10000 -PAP_HEARTBEAT_TIMEOUT=10000 - -REST_ADMIN_DOMAIN=com -REST_ADMIN_REPOSITORY=repository -REST_ADMIN_WORKSPACE=workspace - -# PDP related properties -PAP_PDP_URL=https://{{ include "common.release" . }}-{{ .Values.global.pdp.nameOverride }}-0.{{ .Values.global.pdp.nameOverride }}.{{ include "common.namespace" . }}.svc.cluster.local:{{ .Values.config.pdpPort }}/pdp/,testpdp,alpha123;https://{{ include "common.release" . }}-{{ .Values.global.pdp.nameOverride }}-1.{{ .Values.global.pdp.nameOverride }}.{{ include "common.namespace" . }}.svc.cluster.local:{{ .Values.config.pdpPort }}/pdp/,testpdp,alpha123;https://{{ include "common.release" . }}-{{ .Values.global.pdp.nameOverride }}-2.{{ .Values.global.pdp.nameOverride }}.{{ include "common.namespace" . }}.svc.cluster.local:{{ .Values.config.pdpPort }}/pdp/,testpdp,alpha123;https://{{ include "common.release" . }}-{{ .Values.global.pdp.nameOverride }}-3.{{ .Values.global.pdp.nameOverride }}.{{ include "common.namespace" . }}.svc.cluster.local:{{ .Values.config.pdpPort }}/pdp/ -PAP_PDP_HTTP_USER_ID=testpdp -PAP_PDP_HTTP_PASSWORD=alpha123 - -PAP_HTTP_USER_ID=testpap -PAP_HTTP_PASSWORD=alpha123 - -#new values added 10-21-2015 -PROP_PAP_TRANS_WAIT=500000 -PROP_PAP_TRANS_TIMEOUT=5000 -PROP_PAP_AUDIT_TIMEOUT=300000 -PROP_PAP_RUN_AUDIT_FLAG=true -PROP_PAP_AUDIT_FLAG=true - -PROP_PAP_INCOMINGNOTIFICATION_TRIES=4 - - -node_type=pap -resource_name=pap_1 -dependency_groups=paplp_1 -test_via_jmx=true - -# The (optional) period of time in seconds between executions of the integrity audit. -# Value < 0 : Audit does not run (default value if property is not present = -1) -# Value = 0 : Audit runs continuously -# Value > 0 : The period of time in seconds between execution of the audit on a particular node -integrity_audit_period_seconds=-1 diff --git a/kubernetes/policy/resources/config/pe/paplp.conf b/kubernetes/policy/resources/config/pe/paplp.conf deleted file mode 100644 index 34186d5652..0000000000 --- a/kubernetes/policy/resources/config/pe/paplp.conf +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# JVM specific parameters -LOGPARSER_JMX_PORT=9996 -LOGPARSER_X_MS_MB=1024 -LOGPARSER_X_MX_MB=1024 - -SERVER=https://{{ include "common.servicename" . }}:{{.Values.service.externalPort2}}/pap/ -LOGPATH=/var/log/onap/policy/pap/pap-rest.log -PARSERLOGPATH=/opt/app/policy/servers/paplp/bin/IntegrityMonitor.log - -node_type=logparser -# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase -resource_name=paplp_1 |