diff options
author | Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2020-11-21 21:22:18 +0100 |
---|---|---|
committer | Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2020-11-24 16:50:10 +0000 |
commit | 93ed075394f96106433fec580fabb6a066ed10dd (patch) | |
tree | f32143cdd167f70290f6ce76521dbc34bf5abef4 /kubernetes/pomba/components/pomba-validation-service/resources | |
parent | 6adcaae69b01452140e20d6bf76c8cc5e17fd2c5 (diff) |
[POMBA] Uses new tpls for repos / images
This commit makes Pomba chart to use the new generator for repositories and
images.
As new templates doesn't work well with "sub charts", we move also
subcharts to components folder.
Issue-ID: OOM-2364
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ib94d70d7eb0af5835774719851046ada0af96202
Diffstat (limited to 'kubernetes/pomba/components/pomba-validation-service/resources')
14 files changed, 714 insertions, 0 deletions
diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/README.txt b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/README.txt new file mode 100644 index 0000000000..5cc01497f5 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/README.txt @@ -0,0 +1,10 @@ +This directory contains all external configuration files that +need to be mounted into an application container. + +See the configmap.yaml in the templates directory for an example +of how to load (ie map) config files from this directory, into +Kubernetes, for distribution within the k8s cluster. + +See deployment.yaml in the templates directory for an example +of how the 'config mapped' files are then mounted into the +containers. diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/aai-environment.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/aai-environment.properties new file mode 100644 index 0000000000..cd5c62e96b --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/aai-environment.properties @@ -0,0 +1,15 @@ +host=dummy-host.onap.org +port=8443 +httpProtocol=https +trustStorePath=/auth/tomcat_keystore +#trustStorePassword intentionally left blank +trustStorePassword.x= +keyStorePath=/auth/client-cert-onap.p12 +keyStorePassword.x=OBF: +keyManagerFactoryAlgorithm=SunX509 +keyStoreType=PKCS12 +securityProtocol=TLS +connectionTimeout=5000 +readTimeout=1000 + +baseModelURI=/aai/v8/service-design-and-creation/models/model diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth/client-cert-onap.p12 b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth/client-cert-onap.p12 Binary files differnew file mode 100644 index 0000000000..dbf4fcacec --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth/client-cert-onap.p12 diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth/tomcat_keystore b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth/tomcat_keystore Binary files differnew file mode 100644 index 0000000000..9eec841aa2 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth/tomcat_keystore diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth_policy.json b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth_policy.json new file mode 100644 index 0000000000..ea5565a71e --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth_policy.json @@ -0,0 +1,46 @@ +{"roles": [ + { + "name": "admin", + "functions": [ + { + "name": "actions", + "methods": [ + {"name": "GET"}, + {"name": "DELETE"}, + {"name": "PUT"} + ] + }, + { + "name": "validate", + "methods": [{"name": "POST"}] + } + ], + "users": [ + {"username": "CN=common-name, OU=org-unit, O=org, L=location, ST=state, C=US"}, + {"username": "CN=test, OU=qa, O=Test Ltd, L=London, ST=London, C=GB"}, + {"username": "CN=aai-client.dev.att.com, OU=aai digicert client dev, O=\"AT&T Services, Inc.\", L=Dallas, ST=Texas, C=US"} + ] + }, + { + "name": "ops", + "functions": [{ + "name": "actions", + "methods": [{"name": "POST"}] + }], + "users": [ + {"username": "CN=common-name, OU=org-unit, O=org, L=location, ST=state, C=US"}, + {"username": "CN=test, OU=qa, O=Test Ltd, L=London, ST=London, C=GB"} + ] + }, + { + "name": "basicauth", + "functions": [{ + "name": "util", + "methods": [{"name": "GET"}] + }], + "users": [{ + "user": "aai", + "pass": "OBF:1u2a1t2v1vgb1s3g1s3m1vgj1t3b1u30" + }] + } +]} diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/rule-data-dictionary.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/rule-data-dictionary.properties new file mode 100644 index 0000000000..d93f030395 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/rule-data-dictionary.properties @@ -0,0 +1,9 @@ +rule.datadictionary.hostport={{ .Values.config.dataDictHostPort }} +rule.datadictionary.connect.timeout=1000 +rule.datadictionary.read.timeout=1000 + +# basic authentication: base64 encoding of username:password +rule.datadictionary.credentials={{ .Values.config.dataDictCredentials }} + +# ex: /commonModelElements/instance~nfValuesCatalog~1.0/ +rule.datadictionary.uri=/commonModelElements/{0}~{1}~1.0/validateInstance diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/rule-indexing.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/rule-indexing.properties new file mode 100644 index 0000000000..06f4626ab6 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/rule-indexing.properties @@ -0,0 +1,4 @@ +rule.indexing.events=POA-EVENT +rule.indexing.exclude.oxm.validation=POA-EVENT +rule.indexing.key.attributes=$.poa-event.modelVersionId,$.poa-event.modelInvariantId +rule.indexing.default.key=default-rules diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/schemaIngest.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/schemaIngest.properties new file mode 100644 index 0000000000..a711881dc5 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/schemaIngest.properties @@ -0,0 +1,9 @@ +{{/* +# Properties for the SchemaLocationsBean +# The AAI Schema jar will be unpacked to bundleconfig/etc +*/}} +schemaConfig=bundleconfig +# Files named aai_oxm_v*.xml are unpacked here: +nodeDir=${APP_HOME}/bundleconfig/etc/oxm +# Dummy folder/directory: +edgeDir=${APP_HOME}/bundleconfig/etc/oxm diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/topics/topic-poa-audit-result.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/topics/topic-poa-audit-result.properties new file mode 100644 index 0000000000..fe8e2684d5 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/topics/topic-poa-audit-result.properties @@ -0,0 +1,24 @@ +{{/* +# ============LICENSE_START=================================================== +# Copyright (c) 2018 Amdocs +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END===================================================== +*/}} + +poa-audit-result.name=POA-AUDIT-RESULT +poa-audit-result.host=message-router:3904 +poa-audit-result.publisher.partition=1 +poa-audit-result.username= +poa-audit-result.password=OBF: +poa-audit-result.transport.type=HTTPAUTH diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/topics/topic-poa-rule-validation.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/topics/topic-poa-rule-validation.properties new file mode 100644 index 0000000000..2dace57936 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/topics/topic-poa-rule-validation.properties @@ -0,0 +1,25 @@ +{{/* +# ============LICENSE_START=================================================== +# Copyright (c) 2018 Amdocs +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END===================================================== +*/}} + +poa-rule-validation.name=POA-RULE-VALIDATION +poa-rule-validation.host=message-router:3904 +poa-rule-validation.username= +poa-rule-validation.password=OBF: +poa-rule-validation.consumer.group=poa-validator-test +poa-rule-validation.consumer.id=test +poa-rule-validation.transport.type=HTTPAUTH diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/validation-service-auth.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/validation-service-auth.properties new file mode 100644 index 0000000000..8bbd4233a6 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/validation-service-auth.properties @@ -0,0 +1,2 @@ +auth.policy.file=${CONFIG_HOME}/auth_policy.json +auth.authentication.disable=false diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/validation-service.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/validation-service.properties new file mode 100644 index 0000000000..9b2e86213a --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/validation-service.properties @@ -0,0 +1,13 @@ +topic.publish.enable=true +topic.publish.retries=3 +topic.consume.enable=true +topic.consume.polling.interval.seconds=3 + +event.domain=onap +event.action.exclude=DELETE +event.type.rule=POA-EVENT +event.type.model=NOT-APPLICABLE-IN-POMBA +event.type.end=END-EVENT + +model.cache.expirySeconds=3 +aai.oxm.version=10 diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/application.properties b/kubernetes/pomba/components/pomba-validation-service/resources/application.properties new file mode 100644 index 0000000000..99879d4557 --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/application.properties @@ -0,0 +1,45 @@ +{{/* +# ============LICENSE_START=================================================== +# Copyright (c) 2018 Amdocs +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END===================================================== + +# Note that the start.sh script sets the following System Properties +# We provide default values here for testing purposes +*/}} +APP_HOME=. +CONFIG_HOME=appconfig +com.att.eelf.logging.path=src/main/resources +com.att.eelf.logging.file=logback.xml +logback.configurationFile=${com.att.eelf.logging.path}/${com.att.eelf.logging.file} + +schemaIngestPropLoc=${CONFIG_HOME}/schemaIngest.properties + +server.port=9501 +server.ssl.client-auth=want +server.ssl.key-store=${CONFIG_HOME}/auth/tomcat_keystore +# Work-around for missing Java certificates file "cacerts". This default value should be overridden. +server.ssl.trust-store=${CONFIG_HOME}/auth/tomcat_keystore + +server.tomcat.max-threads=200 +# The minimum number of threads always kept alive +server.tomcat.min-spare-threads=25 + +# Spring Boot logging +logging.config=${logback.configurationFile} + +consumer.topic.names=poa-rule-validation +publisher.topic.names=poa-audit-result + +topics.properties.location=${CONFIG_HOME}/topics/ diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy b/kubernetes/pomba/components/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy new file mode 100644 index 0000000000..4a7f30452f --- /dev/null +++ b/kubernetes/pomba/components/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy @@ -0,0 +1,512 @@ +/* + * ============LICENSE_START=================================================== + * Copyright (c) 2018 Amdocs + * ============================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END===================================================== + */ + +entity { + name 'POA-EVENT' + indexing { + indices 'default-rules' + } + validation { + + // NDCB-AAI comparison: Context level + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb', 'context-list.aai' + } + + // NDCB-AAI comparison: Service entity + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.service', 'context-list.aai.service' + } + + // NDCB-AAI comparison: Context level network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.networkList[*]', 'context-list.aai.networkList[*]' + } + + // NDCB-AAI comparison: VNF list + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.vnfList[*]', 'context-list.aai.vnfList[*]' + } + + // NDCB-AAI comparison: VNF network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.vnfList[*].networkList[*]', 'context-list.aai.vnfList[*].networkList[*]' + } + + // NDCB-AAI comparison: VF-Module list + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.vnfList[*].vfModuleList[*]', 'context-list.aai.vnfList[*].vfModuleList[*]' + } + + // NDCB-AAI comparison: VF-Module network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.vnfList[*].vfModuleList[*].networkList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].networkList[*]' + } + + // NDCB-AAI comparison: VNFC list + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.vnfList[*].vnfcList[*]', 'context-list.aai.vnfList[*].vnfcList[*]' + } + + // NDCB-AAI comparison: VM list + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.vnfList[*].vfModuleList[*].vmList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].vmList[*]' + } + + // NDCB-AAI comparison: P-Interface list + useRule { + name 'Attribute-comparison' + attributes 'context-list.ndcb.pnfList[*].pInterfaceList[*]', 'context-list.aai.pnfList[*].pInterfaceList[*]' + } + + + // SDNC-AAI comparison: Context level + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc', 'context-list.aai' + } + + // SDNC-AAI comparison: Service entity + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.service', 'context-list.aai.service' + } + + // SDNC-AAI comparison: Context level network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.networkList[*]', 'context-list.aai.networkList[*]' + } + + // SDNC-AAI comparison: VNF list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*]', 'context-list.aai.vnfList[*]' + } + + // SDNC-AAI comparison: VNF network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].networkList[*]', 'context-list.aai.vnfList[*].networkList[*]' + } + + // SDNC-AAI comparison: VF-Module list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].vfModuleList[*]', 'context-list.aai.vnfList[*].vfModuleList[*]' + } + + // SDNC-AAI comparison: VF-Module network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].networkList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].networkList[*]' + } + + // SDNC-AAI comparison: VNFC list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].vnfcList[*]', 'context-list.aai.vnfList[*].vnfcList[*]' + } + + // SDNC-AAI comparison: VM list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].vmList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].vmList[*]' + } + + // AAI-SDNC PNF name validation + useRule { + name 'AAI-SDNC-pnf-name-check' + attributes 'context-list.aai.pnfList[*].name', 'context-list.sdnc.pnfList[*].name' + } + + + // SDNC-NDCB comparison: Context level + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc', 'context-list.ndcb' + } + + // SDNC-NDCB comparison: Service entity + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.service', 'context-list.ndcb.service' + } + + // SDNC-NDCB comparison: Context level network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.networkList[*]', 'context-list.ndcb.networkList[*]' + } + + // SDNC-NDCB comparison: VNF list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*]', 'context-list.ndcb.vnfList[*]' + } + + // SDNC-NDCB comparison: VNF network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].networkList[*]', 'context-list.ndcb.vnfList[*].networkList[*]' + } + + // SDNC-NDCB comparison: VF-Module list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].vfModuleList[*]', 'context-list.ndcb.vnfList[*].vfModuleList[*]' + } + + // SDNC-NDCB comparison: VF-Module network list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].networkList[*]', 'context-list.ndcb.vnfList[*].vfModuleList[*].networkList[*]' + } + + // SDNC-NDCB comparison: VNFC list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].vnfcList[*]', 'context-list.ndcb.vnfList[*].vnfcList[*]' + } + + // SDNC-NDCB comparison: VM list + useRule { + name 'Attribute-comparison' + attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].vmList[*]', 'context-list.ndcb.vnfList[*].vfModuleList[*].vmList[*]' + } + + + + // SDC-AAI VNFC type + useRule { + name 'SDC-AAI-vnfc-type' + attributes 'context-list.sdc.vnfList[*].vnfcList[*]', 'context-list.aai.vnfList[*].vnfcList[*]' + } + + // SDC-AAI VNFC node count + useRule { + name 'SDC-AAI-vnfc-node-count' + attributes 'context-list.sdc.vnfList[*].vnfcList[*]', 'context-list.aai.vnfList[*].vnfcList[*]' + } + + // SDC-AAI VF-Module instance + useRule { + name 'SDC-AAI-vf-module-instance-check' + attributes 'context-list.sdc.vnfList[*].vfModuleList[*]', 'context-list.aai.vnfList[*].vfModuleList[*]' + } + + useRule { + name 'AAI-not-empty' + attributes 'context-list.aai.pnfList', 'context-list.aai.vnfList', 'context-list.aai.networkList' + } + } +} + +rule { + name 'AAI-not-empty' + category 'VNFC Consistency' + description 'Check if AAI collected anything' + errorText 'AAI section is empty' + severity 'ERROR' + attributes 'pnfList', 'vnfList', 'networkList' + validate ''' + // expect at least one not empty list + return !pnfList.isEmpty() || !vnfList.isEmpty() || !networkList.isEmpty() + ''' +} + +rule { + name 'SDC-AAI-vnfc-type' + category 'VNFC Consistency' + description 'Validate that each VNFC instance in AAI conforms to a VNFC type defined in SDC model' + errorText 'AAI VNFC instance includes non-specified type in design SDC model' + severity 'ERROR' + attributes 'sdcList', 'aaiList' + validate ''' + def getVnfcTypes = { parsedData -> + parsedData.collect{ it.findResult{ k, v -> if(k.equals("type")) {return "$v"}}} + } + + def slurper = new groovy.json.JsonSlurper() + def sdcTypes = getVnfcTypes(slurper.parseText(sdcList.toString())) + def aaiTypes = getVnfcTypes(slurper.parseText(aaiList.toString())) + + // each type in AAI must exist in SDC + return sdcTypes.containsAll(aaiTypes) + ''' +} + +rule { + name 'SDC-AAI-vnfc-node-count' + category 'VNFC Consistency' + description 'Validate that for each VNFC node defined in SDC model, there is at least one VNFC instance in AAI' + errorText 'Design has specified types but not all of them exist in AAI' + severity 'WARNING' + attributes 'sdcList', 'aaiList' + validate ''' + def getVnfcNodes = { parsedData -> + parsedData.collect { new Tuple2( + it.findResult{ k, v -> if(k.equals("name")) {return "$v"}}, + it.findResult{ k, v -> if(k.equals("type")) {return "$v"}}) + } + } + + def slurper = new groovy.json.JsonSlurper() + def sdcNodes = getVnfcNodes(slurper.parseText(sdcList.toString())) + def aaiNodes = getVnfcNodes(slurper.parseText(aaiList.toString())) + + // each node in AAI must exist in SDC + return aaiNodes.containsAll(sdcNodes) + ''' +} + +rule { + name 'SDC-AAI-vf-module-instance-check' + category 'VF Consistency' + description 'Validate that each VF module instance in AAI conforms to a VF module defined in SDC service model' + errorText 'One or more AAI VF module instance(s) not defined in SDC model' + severity 'CRITICAL' + attributes 'sdcList', 'aaiList' + validate ''' + def getVfModules = { parsedData -> + parsedData.collect{ it.findResult{ k, v -> if(k.equals("name")) {return "$v"}}} + } + + def slurper = new groovy.json.JsonSlurper() + def sdcVfModules = getVfModules(slurper.parseText(sdcList.toString())) + def aaiVfModules = getVfModules(slurper.parseText(aaiList.toString())) + + // all VF modules in AAI must exist in SDC + return aaiVfModules.containsAll(sdcVfModules) + ''' +} + +rule { + name 'Attribute-comparison' + category 'Attribute Mismatch' + description 'Determine all discrepancies between values for attributes with matching names from each model' + errorText 'Error found with attribute(s) and values: {0}' + severity 'ERROR' + attributes 'lhsObject', 'rhsObject' + validate ''' + // This closure extracts the given object's root level attributes and contents of the attribute list. + // Complex items like lists are excluded. + // Returns a map containing attribute names as keys, mapping to a list of values for each attribute. + Closure<java.util.Map> getAttributes = { parsedData -> + java.util.Map attributeMap = new java.util.HashMap() + + def isAttributeDataQualityOk = { attribute -> + attribute.findResult{ k, v -> if(k.equals("dataQuality") ) {return v.get("status")}}.equals("ok") + } + + def addToMap = { attrKey, attrValue -> + java.util.Set values = attributeMap.get("$attrKey") + if(values == null) { + values = new java.util.HashSet() + attributeMap.put("$attrKey", values) + } + values.add("$attrValue") + } + + def addAttributeToMap = { attribute -> + if(isAttributeDataQualityOk(attribute)) { + String key, value + attribute.each { k, v -> + if(k.equals("name")) {key = "$v"} + if(k.equals("value")) {value = "$v"} + } + addToMap("$key", "$value") + } + } + + def processKeyValue = { key, value -> + if(value instanceof java.util.ArrayList) { + if(key.equals("attributeList")) { + value.each { + addAttributeToMap(it) + } + } + } else if(!(value instanceof groovy.json.internal.LazyMap)) { + // only add key-value attributes, skip the rest + addToMap("$key", "$value") + } + } + + if(parsedData instanceof java.util.ArrayList) { + parsedData.each { + it.each { key, value -> processKeyValue(key, value) } + } + } else { + parsedData.each { key, value -> processKeyValue(key, value) } + } + return attributeMap + } + + // This closure compares all values for each key from the left map, to values of the same key from the right map. + // Returns a map of attributes with mismatched or missing values (i.e. attribute name mapped to list of failed values). + Closure<java.util.Map> compareAttributes = { java.util.Map left, java.util.Map right -> + java.util.Map violationMap = new java.util.HashMap() + left.each{ leftKey, leftValueList -> + def rightValueList = right.get("$leftKey") + rightValueList.each{ rightValue -> + if(!leftValueList.any{ it == "$rightValue" }) { + def existingValues = violationMap.get(leftKey) + if(existingValues) { + existingValues.add("$rightValue") + } else { + java.util.Set newValues = new HashSet() + newValues.add("$rightValue") + violationMap.put("$leftKey", newValues) + } + } + } + } + return violationMap + } + + // This closure merges the given maps into a new map. + // Returns a map containing all keys and their values from both maps. + Closure<java.util.Map> mergeMaps = { java.util.Map left, java.util.Map right -> + if(left.isEmpty() && right.isEmpty()) { + return [:] + } else if(left.isEmpty()) { + return right + } else if(right.isEmpty()) { + return left + } + java.util.Map merged = new java.util.HashMap() + merged.putAll(left) + right.each{ rightKey, rightValues -> + java.util.Set mergedValues = merged.get(rightKey) + if(mergedValues == null) { + merged.put(rightKey, rightValues) + } else { + mergedValues.addAll(rightValues) + } + } + return merged + } + + def slurper = new groovy.json.JsonSlurper() + java.util.Map lhsAttributes = getAttributes(slurper.parseText(lhsObject.toString())) + java.util.Map rhsAttributes = getAttributes(slurper.parseText(rhsObject.toString())) + + def leftToRight = compareAttributes(lhsAttributes, rhsAttributes) + def rightToLeft = compareAttributes(rhsAttributes, lhsAttributes) + def mergedResults = mergeMaps(leftToRight, rightToLeft) + + boolean success = true + List<String> details = new ArrayList<>() + if(!mergedResults.isEmpty()) { + success = false + details.add(mergedResults.toString()) + } + return new Tuple2(success, details) + ''' +} + +/* + * The data-dictionary rule below can be used with this useRule clause: + * useRule { + * name 'Data-Dictionary validate VF type' + * attributes 'context-list.ndcb.vnfList[*].vfModuleList[*].networkList[*].type' + * } + */ +rule { + name 'Data-Dictionary validate VF type' + category 'INVALID_VALUE' + description 'Validate all VF type values against data-dictionary' + errorText 'VF type [{0}] failed data-dictionary validation: {1}' + severity 'ERROR' + attributes 'typeList' + validate ''' + boolean success = true + List<String> details = new ArrayList<>() + typeList.any { + if(!success) { + // break out of 'any' loop + return false + } + def result = org.onap.aai.validation.ruledriven.rule.builtin.DataDictionary.validate("instance", "vfModuleNetworkType", "type", "$it") + if(!result.isEmpty()) { + success = false + details.add("$it") + details.add("$result") + } + } + return new Tuple2(success, details) + ''' +} + +rule { + name 'AAI-SDNC-pnf-name-check' + category 'PNF Consistency' + description 'Validate that each PNF name in AAI matches a PNF name in the SDNC model' + errorText 'AAI PNF names do not match SDNC - {0}' + severity 'ERROR' + attributes 'aaiNames', 'sdncNames' + validate ''' + def addName = { values, key -> + values.add("$key") + } + + List<String> errorReasons = new ArrayList(); + + if (aaiNames.size() != sdncNames.size()) { + errorReasons.add("Number of PNFs don't match; aai has ${aaiNames.size()}, sdnc has ${sdncNames.size()}") + return new Tuple2(false, errorReasons) + } + + // collect all the "name" values from AAI and SDNC into two Sets. + Set aaiNameSet = new java.util.HashSet() + aaiNames.each { + aValue -> addName(aaiNameSet, aValue) + } + + Set sdncNameSet = new java.util.HashSet() + sdncNames.each { + aValue -> addName(sdncNameSet, aValue) + } + + // Validate that the names match by comparing the size of the two Sets. + if (aaiNameSet.size() != sdncNameSet.size()) { + errorReasons.add("Number of distinct PNF names don't match; aai: ${aaiNameSet}, sdnc: ${sdncNameSet}") + return new Tuple2(false, errorReasons) + } + + Set combinedSet = new HashSet(); + combinedSet.addAll(aaiNameSet); + combinedSet.addAll(sdncNameSet); + if (combinedSet.size() != aaiNameSet.size()) { + errorReasons.add("PNF names don't match; aai names: ${aaiNameSet}, sdnc names: ${sdncNameSet}") + return new Tuple2(false, errorReasons) + } + + return true + + ''' +} |