summaryrefslogtreecommitdiffstats
path: root/kubernetes/pomba/components/pomba-validation-service
diff options
context:
space:
mode:
authorKrzysztof Opasiak <k.opasiak@samsung.com>2020-11-26 09:58:16 +0000
committerGerrit Code Review <gerrit@onap.org>2020-11-26 09:58:16 +0000
commitee07bc6c45cb623c8302d1374ca2a4648452a05b (patch)
treec4b26b809174af38d166a619a7b08c84c9fc965d /kubernetes/pomba/components/pomba-validation-service
parentc95cb6667263e48daed36613565fb6466bce0553 (diff)
parent93ed075394f96106433fec580fabb6a066ed10dd (diff)
Merge "[POMBA] Uses new tpls for repos / images"
Diffstat (limited to 'kubernetes/pomba/components/pomba-validation-service')
-rw-r--r--kubernetes/pomba/components/pomba-validation-service/Chart.yaml18
-rw-r--r--kubernetes/pomba/components/pomba-validation-service/requirements.yaml21
-rw-r--r--kubernetes/pomba/components/pomba-validation-service/resources/appconfig/README.txt10
-rw-r--r--kubernetes/pomba/components/pomba-validation-service/resources/appconfig/aai-environment.properties15
-rw-r--r--kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth/client-cert-onap.p12bin0 -> 2556 bytes
-rw-r--r--kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth/tomcat_keystorebin0 -> 2214 bytes
-rw-r--r--kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth_policy.json46
-rw-r--r--kubernetes/pomba/components/pomba-validation-service/resources/appconfig/rule-data-dictionary.properties9
-rw-r--r--kubernetes/pomba/components/pomba-validation-service/resources/appconfig/rule-indexing.properties4
-rw-r--r--kubernetes/pomba/components/pomba-validation-service/resources/appconfig/schemaIngest.properties9
-rw-r--r--kubernetes/pomba/components/pomba-validation-service/resources/appconfig/topics/topic-poa-audit-result.properties24
-rw-r--r--kubernetes/pomba/components/pomba-validation-service/resources/appconfig/topics/topic-poa-rule-validation.properties25
-rw-r--r--kubernetes/pomba/components/pomba-validation-service/resources/appconfig/validation-service-auth.properties2
-rw-r--r--kubernetes/pomba/components/pomba-validation-service/resources/appconfig/validation-service.properties13
-rw-r--r--kubernetes/pomba/components/pomba-validation-service/resources/application.properties45
-rw-r--r--kubernetes/pomba/components/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy512
-rw-r--r--kubernetes/pomba/components/pomba-validation-service/templates/configmap.yaml47
-rw-r--r--kubernetes/pomba/components/pomba-validation-service/templates/deployment.yaml162
-rw-r--r--kubernetes/pomba/components/pomba-validation-service/templates/secrets.yaml24
-rw-r--r--kubernetes/pomba/components/pomba-validation-service/templates/service.yaml43
-rw-r--r--kubernetes/pomba/components/pomba-validation-service/values.yaml100
21 files changed, 1129 insertions, 0 deletions
diff --git a/kubernetes/pomba/components/pomba-validation-service/Chart.yaml b/kubernetes/pomba/components/pomba-validation-service/Chart.yaml
new file mode 100644
index 0000000000..525de440a9
--- /dev/null
+++ b/kubernetes/pomba/components/pomba-validation-service/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: POMBA Validaton-Service
+name: pomba-validation-service
+version: 6.0.0
diff --git a/kubernetes/pomba/components/pomba-validation-service/requirements.yaml b/kubernetes/pomba/components/pomba-validation-service/requirements.yaml
new file mode 100644
index 0000000000..fbe51550f0
--- /dev/null
+++ b/kubernetes/pomba/components/pomba-validation-service/requirements.yaml
@@ -0,0 +1,21 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: '@local'
+ - name: repositoryGenerator
+ version: ~6.x-0
+ repository: '@local'
diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/README.txt b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/README.txt
new file mode 100644
index 0000000000..5cc01497f5
--- /dev/null
+++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/README.txt
@@ -0,0 +1,10 @@
+This directory contains all external configuration files that
+need to be mounted into an application container.
+
+See the configmap.yaml in the templates directory for an example
+of how to load (ie map) config files from this directory, into
+Kubernetes, for distribution within the k8s cluster.
+
+See deployment.yaml in the templates directory for an example
+of how the 'config mapped' files are then mounted into the
+containers.
diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/aai-environment.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/aai-environment.properties
new file mode 100644
index 0000000000..cd5c62e96b
--- /dev/null
+++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/aai-environment.properties
@@ -0,0 +1,15 @@
+host=dummy-host.onap.org
+port=8443
+httpProtocol=https
+trustStorePath=/auth/tomcat_keystore
+#trustStorePassword intentionally left blank
+trustStorePassword.x=
+keyStorePath=/auth/client-cert-onap.p12
+keyStorePassword.x=OBF:
+keyManagerFactoryAlgorithm=SunX509
+keyStoreType=PKCS12
+securityProtocol=TLS
+connectionTimeout=5000
+readTimeout=1000
+
+baseModelURI=/aai/v8/service-design-and-creation/models/model
diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth/client-cert-onap.p12 b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth/client-cert-onap.p12
new file mode 100644
index 0000000000..dbf4fcacec
--- /dev/null
+++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth/client-cert-onap.p12
Binary files differ
diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth/tomcat_keystore b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth/tomcat_keystore
new file mode 100644
index 0000000000..9eec841aa2
--- /dev/null
+++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth/tomcat_keystore
Binary files differ
diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth_policy.json b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth_policy.json
new file mode 100644
index 0000000000..ea5565a71e
--- /dev/null
+++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/auth_policy.json
@@ -0,0 +1,46 @@
+{"roles": [
+ {
+ "name": "admin",
+ "functions": [
+ {
+ "name": "actions",
+ "methods": [
+ {"name": "GET"},
+ {"name": "DELETE"},
+ {"name": "PUT"}
+ ]
+ },
+ {
+ "name": "validate",
+ "methods": [{"name": "POST"}]
+ }
+ ],
+ "users": [
+ {"username": "CN=common-name, OU=org-unit, O=org, L=location, ST=state, C=US"},
+ {"username": "CN=test, OU=qa, O=Test Ltd, L=London, ST=London, C=GB"},
+ {"username": "CN=aai-client.dev.att.com, OU=aai digicert client dev, O=\"AT&T Services, Inc.\", L=Dallas, ST=Texas, C=US"}
+ ]
+ },
+ {
+ "name": "ops",
+ "functions": [{
+ "name": "actions",
+ "methods": [{"name": "POST"}]
+ }],
+ "users": [
+ {"username": "CN=common-name, OU=org-unit, O=org, L=location, ST=state, C=US"},
+ {"username": "CN=test, OU=qa, O=Test Ltd, L=London, ST=London, C=GB"}
+ ]
+ },
+ {
+ "name": "basicauth",
+ "functions": [{
+ "name": "util",
+ "methods": [{"name": "GET"}]
+ }],
+ "users": [{
+ "user": "aai",
+ "pass": "OBF:1u2a1t2v1vgb1s3g1s3m1vgj1t3b1u30"
+ }]
+ }
+]}
diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/rule-data-dictionary.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/rule-data-dictionary.properties
new file mode 100644
index 0000000000..d93f030395
--- /dev/null
+++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/rule-data-dictionary.properties
@@ -0,0 +1,9 @@
+rule.datadictionary.hostport={{ .Values.config.dataDictHostPort }}
+rule.datadictionary.connect.timeout=1000
+rule.datadictionary.read.timeout=1000
+
+# basic authentication: base64 encoding of username:password
+rule.datadictionary.credentials={{ .Values.config.dataDictCredentials }}
+
+# ex: /commonModelElements/instance~nfValuesCatalog~1.0/
+rule.datadictionary.uri=/commonModelElements/{0}~{1}~1.0/validateInstance
diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/rule-indexing.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/rule-indexing.properties
new file mode 100644
index 0000000000..06f4626ab6
--- /dev/null
+++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/rule-indexing.properties
@@ -0,0 +1,4 @@
+rule.indexing.events=POA-EVENT
+rule.indexing.exclude.oxm.validation=POA-EVENT
+rule.indexing.key.attributes=$.poa-event.modelVersionId,$.poa-event.modelInvariantId
+rule.indexing.default.key=default-rules
diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/schemaIngest.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/schemaIngest.properties
new file mode 100644
index 0000000000..a711881dc5
--- /dev/null
+++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/schemaIngest.properties
@@ -0,0 +1,9 @@
+{{/*
+# Properties for the SchemaLocationsBean
+# The AAI Schema jar will be unpacked to bundleconfig/etc
+*/}}
+schemaConfig=bundleconfig
+# Files named aai_oxm_v*.xml are unpacked here:
+nodeDir=${APP_HOME}/bundleconfig/etc/oxm
+# Dummy folder/directory:
+edgeDir=${APP_HOME}/bundleconfig/etc/oxm
diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/topics/topic-poa-audit-result.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/topics/topic-poa-audit-result.properties
new file mode 100644
index 0000000000..fe8e2684d5
--- /dev/null
+++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/topics/topic-poa-audit-result.properties
@@ -0,0 +1,24 @@
+{{/*
+# ============LICENSE_START===================================================
+# Copyright (c) 2018 Amdocs
+# ============================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=====================================================
+*/}}
+
+poa-audit-result.name=POA-AUDIT-RESULT
+poa-audit-result.host=message-router:3904
+poa-audit-result.publisher.partition=1
+poa-audit-result.username=
+poa-audit-result.password=OBF:
+poa-audit-result.transport.type=HTTPAUTH
diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/topics/topic-poa-rule-validation.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/topics/topic-poa-rule-validation.properties
new file mode 100644
index 0000000000..2dace57936
--- /dev/null
+++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/topics/topic-poa-rule-validation.properties
@@ -0,0 +1,25 @@
+{{/*
+# ============LICENSE_START===================================================
+# Copyright (c) 2018 Amdocs
+# ============================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=====================================================
+*/}}
+
+poa-rule-validation.name=POA-RULE-VALIDATION
+poa-rule-validation.host=message-router:3904
+poa-rule-validation.username=
+poa-rule-validation.password=OBF:
+poa-rule-validation.consumer.group=poa-validator-test
+poa-rule-validation.consumer.id=test
+poa-rule-validation.transport.type=HTTPAUTH
diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/validation-service-auth.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/validation-service-auth.properties
new file mode 100644
index 0000000000..8bbd4233a6
--- /dev/null
+++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/validation-service-auth.properties
@@ -0,0 +1,2 @@
+auth.policy.file=${CONFIG_HOME}/auth_policy.json
+auth.authentication.disable=false
diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/validation-service.properties b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/validation-service.properties
new file mode 100644
index 0000000000..9b2e86213a
--- /dev/null
+++ b/kubernetes/pomba/components/pomba-validation-service/resources/appconfig/validation-service.properties
@@ -0,0 +1,13 @@
+topic.publish.enable=true
+topic.publish.retries=3
+topic.consume.enable=true
+topic.consume.polling.interval.seconds=3
+
+event.domain=onap
+event.action.exclude=DELETE
+event.type.rule=POA-EVENT
+event.type.model=NOT-APPLICABLE-IN-POMBA
+event.type.end=END-EVENT
+
+model.cache.expirySeconds=3
+aai.oxm.version=10
diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/application.properties b/kubernetes/pomba/components/pomba-validation-service/resources/application.properties
new file mode 100644
index 0000000000..99879d4557
--- /dev/null
+++ b/kubernetes/pomba/components/pomba-validation-service/resources/application.properties
@@ -0,0 +1,45 @@
+{{/*
+# ============LICENSE_START===================================================
+# Copyright (c) 2018 Amdocs
+# ============================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=====================================================
+
+# Note that the start.sh script sets the following System Properties
+# We provide default values here for testing purposes
+*/}}
+APP_HOME=.
+CONFIG_HOME=appconfig
+com.att.eelf.logging.path=src/main/resources
+com.att.eelf.logging.file=logback.xml
+logback.configurationFile=${com.att.eelf.logging.path}/${com.att.eelf.logging.file}
+
+schemaIngestPropLoc=${CONFIG_HOME}/schemaIngest.properties
+
+server.port=9501
+server.ssl.client-auth=want
+server.ssl.key-store=${CONFIG_HOME}/auth/tomcat_keystore
+# Work-around for missing Java certificates file "cacerts". This default value should be overridden.
+server.ssl.trust-store=${CONFIG_HOME}/auth/tomcat_keystore
+
+server.tomcat.max-threads=200
+# The minimum number of threads always kept alive
+server.tomcat.min-spare-threads=25
+
+# Spring Boot logging
+logging.config=${logback.configurationFile}
+
+consumer.topic.names=poa-rule-validation
+publisher.topic.names=poa-audit-result
+
+topics.properties.location=${CONFIG_HOME}/topics/
diff --git a/kubernetes/pomba/components/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy b/kubernetes/pomba/components/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy
new file mode 100644
index 0000000000..4a7f30452f
--- /dev/null
+++ b/kubernetes/pomba/components/pomba-validation-service/resources/bundleconfig/etc/rules/poa-event/default-rules.groovy
@@ -0,0 +1,512 @@
+/*
+ * ============LICENSE_START===================================================
+ * Copyright (c) 2018 Amdocs
+ * ============================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=====================================================
+ */
+
+entity {
+ name 'POA-EVENT'
+ indexing {
+ indices 'default-rules'
+ }
+ validation {
+
+ // NDCB-AAI comparison: Context level
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.ndcb', 'context-list.aai'
+ }
+
+ // NDCB-AAI comparison: Service entity
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.ndcb.service', 'context-list.aai.service'
+ }
+
+ // NDCB-AAI comparison: Context level network list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.ndcb.networkList[*]', 'context-list.aai.networkList[*]'
+ }
+
+ // NDCB-AAI comparison: VNF list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.ndcb.vnfList[*]', 'context-list.aai.vnfList[*]'
+ }
+
+ // NDCB-AAI comparison: VNF network list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.ndcb.vnfList[*].networkList[*]', 'context-list.aai.vnfList[*].networkList[*]'
+ }
+
+ // NDCB-AAI comparison: VF-Module list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.ndcb.vnfList[*].vfModuleList[*]', 'context-list.aai.vnfList[*].vfModuleList[*]'
+ }
+
+ // NDCB-AAI comparison: VF-Module network list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.ndcb.vnfList[*].vfModuleList[*].networkList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].networkList[*]'
+ }
+
+ // NDCB-AAI comparison: VNFC list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.ndcb.vnfList[*].vnfcList[*]', 'context-list.aai.vnfList[*].vnfcList[*]'
+ }
+
+ // NDCB-AAI comparison: VM list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.ndcb.vnfList[*].vfModuleList[*].vmList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].vmList[*]'
+ }
+
+ // NDCB-AAI comparison: P-Interface list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.ndcb.pnfList[*].pInterfaceList[*]', 'context-list.aai.pnfList[*].pInterfaceList[*]'
+ }
+
+
+ // SDNC-AAI comparison: Context level
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.sdnc', 'context-list.aai'
+ }
+
+ // SDNC-AAI comparison: Service entity
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.sdnc.service', 'context-list.aai.service'
+ }
+
+ // SDNC-AAI comparison: Context level network list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.sdnc.networkList[*]', 'context-list.aai.networkList[*]'
+ }
+
+ // SDNC-AAI comparison: VNF list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.sdnc.vnfList[*]', 'context-list.aai.vnfList[*]'
+ }
+
+ // SDNC-AAI comparison: VNF network list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.sdnc.vnfList[*].networkList[*]', 'context-list.aai.vnfList[*].networkList[*]'
+ }
+
+ // SDNC-AAI comparison: VF-Module list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.sdnc.vnfList[*].vfModuleList[*]', 'context-list.aai.vnfList[*].vfModuleList[*]'
+ }
+
+ // SDNC-AAI comparison: VF-Module network list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].networkList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].networkList[*]'
+ }
+
+ // SDNC-AAI comparison: VNFC list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.sdnc.vnfList[*].vnfcList[*]', 'context-list.aai.vnfList[*].vnfcList[*]'
+ }
+
+ // SDNC-AAI comparison: VM list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].vmList[*]', 'context-list.aai.vnfList[*].vfModuleList[*].vmList[*]'
+ }
+
+ // AAI-SDNC PNF name validation
+ useRule {
+ name 'AAI-SDNC-pnf-name-check'
+ attributes 'context-list.aai.pnfList[*].name', 'context-list.sdnc.pnfList[*].name'
+ }
+
+
+ // SDNC-NDCB comparison: Context level
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.sdnc', 'context-list.ndcb'
+ }
+
+ // SDNC-NDCB comparison: Service entity
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.sdnc.service', 'context-list.ndcb.service'
+ }
+
+ // SDNC-NDCB comparison: Context level network list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.sdnc.networkList[*]', 'context-list.ndcb.networkList[*]'
+ }
+
+ // SDNC-NDCB comparison: VNF list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.sdnc.vnfList[*]', 'context-list.ndcb.vnfList[*]'
+ }
+
+ // SDNC-NDCB comparison: VNF network list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.sdnc.vnfList[*].networkList[*]', 'context-list.ndcb.vnfList[*].networkList[*]'
+ }
+
+ // SDNC-NDCB comparison: VF-Module list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.sdnc.vnfList[*].vfModuleList[*]', 'context-list.ndcb.vnfList[*].vfModuleList[*]'
+ }
+
+ // SDNC-NDCB comparison: VF-Module network list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].networkList[*]', 'context-list.ndcb.vnfList[*].vfModuleList[*].networkList[*]'
+ }
+
+ // SDNC-NDCB comparison: VNFC list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.sdnc.vnfList[*].vnfcList[*]', 'context-list.ndcb.vnfList[*].vnfcList[*]'
+ }
+
+ // SDNC-NDCB comparison: VM list
+ useRule {
+ name 'Attribute-comparison'
+ attributes 'context-list.sdnc.vnfList[*].vfModuleList[*].vmList[*]', 'context-list.ndcb.vnfList[*].vfModuleList[*].vmList[*]'
+ }
+
+
+
+ // SDC-AAI VNFC type
+ useRule {
+ name 'SDC-AAI-vnfc-type'
+ attributes 'context-list.sdc.vnfList[*].vnfcList[*]', 'context-list.aai.vnfList[*].vnfcList[*]'
+ }
+
+ // SDC-AAI VNFC node count
+ useRule {
+ name 'SDC-AAI-vnfc-node-count'
+ attributes 'context-list.sdc.vnfList[*].vnfcList[*]', 'context-list.aai.vnfList[*].vnfcList[*]'
+ }
+
+ // SDC-AAI VF-Module instance
+ useRule {
+ name 'SDC-AAI-vf-module-instance-check'
+ attributes 'context-list.sdc.vnfList[*].vfModuleList[*]', 'context-list.aai.vnfList[*].vfModuleList[*]'
+ }
+
+ useRule {
+ name 'AAI-not-empty'
+ attributes 'context-list.aai.pnfList', 'context-list.aai.vnfList', 'context-list.aai.networkList'
+ }
+ }
+}
+
+rule {
+ name 'AAI-not-empty'
+ category 'VNFC Consistency'
+ description 'Check if AAI collected anything'
+ errorText 'AAI section is empty'
+ severity 'ERROR'
+ attributes 'pnfList', 'vnfList', 'networkList'
+ validate '''
+ // expect at least one not empty list
+ return !pnfList.isEmpty() || !vnfList.isEmpty() || !networkList.isEmpty()
+ '''
+}
+
+rule {
+ name 'SDC-AAI-vnfc-type'
+ category 'VNFC Consistency'
+ description 'Validate that each VNFC instance in AAI conforms to a VNFC type defined in SDC model'
+ errorText 'AAI VNFC instance includes non-specified type in design SDC model'
+ severity 'ERROR'
+ attributes 'sdcList', 'aaiList'
+ validate '''
+ def getVnfcTypes = { parsedData ->
+ parsedData.collect{ it.findResult{ k, v -> if(k.equals("type")) {return "$v"}}}
+ }
+
+ def slurper = new groovy.json.JsonSlurper()
+ def sdcTypes = getVnfcTypes(slurper.parseText(sdcList.toString()))
+ def aaiTypes = getVnfcTypes(slurper.parseText(aaiList.toString()))
+
+ // each type in AAI must exist in SDC
+ return sdcTypes.containsAll(aaiTypes)
+ '''
+}
+
+rule {
+ name 'SDC-AAI-vnfc-node-count'
+ category 'VNFC Consistency'
+ description 'Validate that for each VNFC node defined in SDC model, there is at least one VNFC instance in AAI'
+ errorText 'Design has specified types but not all of them exist in AAI'
+ severity 'WARNING'
+ attributes 'sdcList', 'aaiList'
+ validate '''
+ def getVnfcNodes = { parsedData ->
+ parsedData.collect { new Tuple2(
+ it.findResult{ k, v -> if(k.equals("name")) {return "$v"}},
+ it.findResult{ k, v -> if(k.equals("type")) {return "$v"}})
+ }
+ }
+
+ def slurper = new groovy.json.JsonSlurper()
+ def sdcNodes = getVnfcNodes(slurper.parseText(sdcList.toString()))
+ def aaiNodes = getVnfcNodes(slurper.parseText(aaiList.toString()))
+
+ // each node in AAI must exist in SDC
+ return aaiNodes.containsAll(sdcNodes)
+ '''
+}
+
+rule {
+ name 'SDC-AAI-vf-module-instance-check'
+ category 'VF Consistency'
+ description 'Validate that each VF module instance in AAI conforms to a VF module defined in SDC service model'
+ errorText 'One or more AAI VF module instance(s) not defined in SDC model'
+ severity 'CRITICAL'
+ attributes 'sdcList', 'aaiList'
+ validate '''
+ def getVfModules = { parsedData ->
+ parsedData.collect{ it.findResult{ k, v -> if(k.equals("name")) {return "$v"}}}
+ }
+
+ def slurper = new groovy.json.JsonSlurper()
+ def sdcVfModules = getVfModules(slurper.parseText(sdcList.toString()))
+ def aaiVfModules = getVfModules(slurper.parseText(aaiList.toString()))
+
+ // all VF modules in AAI must exist in SDC
+ return aaiVfModules.containsAll(sdcVfModules)
+ '''
+}
+
+rule {
+ name 'Attribute-comparison'
+ category 'Attribute Mismatch'
+ description 'Determine all discrepancies between values for attributes with matching names from each model'
+ errorText 'Error found with attribute(s) and values: {0}'
+ severity 'ERROR'
+ attributes 'lhsObject', 'rhsObject'
+ validate '''
+ // This closure extracts the given object's root level attributes and contents of the attribute list.
+ // Complex items like lists are excluded.
+ // Returns a map containing attribute names as keys, mapping to a list of values for each attribute.
+ Closure<java.util.Map> getAttributes = { parsedData ->
+ java.util.Map attributeMap = new java.util.HashMap()
+
+ def isAttributeDataQualityOk = { attribute ->
+ attribute.findResult{ k, v -> if(k.equals("dataQuality") ) {return v.get("status")}}.equals("ok")
+ }
+
+ def addToMap = { attrKey, attrValue ->
+ java.util.Set values = attributeMap.get("$attrKey")
+ if(values == null) {
+ values = new java.util.HashSet()
+ attributeMap.put("$attrKey", values)
+ }
+ values.add("$attrValue")
+ }
+
+ def addAttributeToMap = { attribute ->
+ if(isAttributeDataQualityOk(attribute)) {
+ String key, value
+ attribute.each { k, v ->
+ if(k.equals("name")) {key = "$v"}
+ if(k.equals("value")) {value = "$v"}
+ }
+ addToMap("$key", "$value")
+ }
+ }
+
+ def processKeyValue = { key, value ->
+ if(value instanceof java.util.ArrayList) {
+ if(key.equals("attributeList")) {
+ value.each {
+ addAttributeToMap(it)
+ }
+ }
+ } else if(!(value instanceof groovy.json.internal.LazyMap)) {
+ // only add key-value attributes, skip the rest
+ addToMap("$key", "$value")
+ }
+ }
+
+ if(parsedData instanceof java.util.ArrayList) {
+ parsedData.each {
+ it.each { key, value -> processKeyValue(key, value) }
+ }
+ } else {
+ parsedData.each { key, value -> processKeyValue(key, value) }
+ }
+ return attributeMap
+ }
+
+ // This closure compares all values for each key from the left map, to values of the same key from the right map.
+ // Returns a map of attributes with mismatched or missing values (i.e. attribute name mapped to list of failed values).
+ Closure<java.util.Map> compareAttributes = { java.util.Map left, java.util.Map right ->
+ java.util.Map violationMap = new java.util.HashMap()
+ left.each{ leftKey, leftValueList ->
+ def rightValueList = right.get("$leftKey")
+ rightValueList.each{ rightValue ->
+ if(!leftValueList.any{ it == "$rightValue" }) {
+ def existingValues = violationMap.get(leftKey)
+ if(existingValues) {
+ existingValues.add("$rightValue")
+ } else {
+ java.util.Set newValues = new HashSet()
+ newValues.add("$rightValue")
+ violationMap.put("$leftKey", newValues)
+ }
+ }
+ }
+ }
+ return violationMap
+ }
+
+ // This closure merges the given maps into a new map.
+ // Returns a map containing all keys and their values from both maps.
+ Closure<java.util.Map> mergeMaps = { java.util.Map left, java.util.Map right ->
+ if(left.isEmpty() && right.isEmpty()) {
+ return [:]
+ } else if(left.isEmpty()) {
+ return right
+ } else if(right.isEmpty()) {
+ return left
+ }
+ java.util.Map merged = new java.util.HashMap()
+ merged.putAll(left)
+ right.each{ rightKey, rightValues ->
+ java.util.Set mergedValues = merged.get(rightKey)
+ if(mergedValues == null) {
+ merged.put(rightKey, rightValues)
+ } else {
+ mergedValues.addAll(rightValues)
+ }
+ }
+ return merged
+ }
+
+ def slurper = new groovy.json.JsonSlurper()
+ java.util.Map lhsAttributes = getAttributes(slurper.parseText(lhsObject.toString()))
+ java.util.Map rhsAttributes = getAttributes(slurper.parseText(rhsObject.toString()))
+
+ def leftToRight = compareAttributes(lhsAttributes, rhsAttributes)
+ def rightToLeft = compareAttributes(rhsAttributes, lhsAttributes)
+ def mergedResults = mergeMaps(leftToRight, rightToLeft)
+
+ boolean success = true
+ List<String> details = new ArrayList<>()
+ if(!mergedResults.isEmpty()) {
+ success = false
+ details.add(mergedResults.toString())
+ }
+ return new Tuple2(success, details)
+ '''
+}
+
+/*
+ * The data-dictionary rule below can be used with this useRule clause:
+ * useRule {
+ * name 'Data-Dictionary validate VF type'
+ * attributes 'context-list.ndcb.vnfList[*].vfModuleList[*].networkList[*].type'
+ * }
+ */
+rule {
+ name 'Data-Dictionary validate VF type'
+ category 'INVALID_VALUE'
+ description 'Validate all VF type values against data-dictionary'
+ errorText 'VF type [{0}] failed data-dictionary validation: {1}'
+ severity 'ERROR'
+ attributes 'typeList'
+ validate '''
+ boolean success = true
+ List<String> details = new ArrayList<>()
+ typeList.any {
+ if(!success) {
+ // break out of 'any' loop
+ return false
+ }
+ def result = org.onap.aai.validation.ruledriven.rule.builtin.DataDictionary.validate("instance", "vfModuleNetworkType", "type", "$it")
+ if(!result.isEmpty()) {
+ success = false
+ details.add("$it")
+ details.add("$result")
+ }
+ }
+ return new Tuple2(success, details)
+ '''
+}
+
+rule {
+ name 'AAI-SDNC-pnf-name-check'
+ category 'PNF Consistency'
+ description 'Validate that each PNF name in AAI matches a PNF name in the SDNC model'
+ errorText 'AAI PNF names do not match SDNC - {0}'
+ severity 'ERROR'
+ attributes 'aaiNames', 'sdncNames'
+ validate '''
+ def addName = { values, key ->
+ values.add("$key")
+ }
+
+ List<String> errorReasons = new ArrayList();
+
+ if (aaiNames.size() != sdncNames.size()) {
+ errorReasons.add("Number of PNFs don't match; aai has ${aaiNames.size()}, sdnc has ${sdncNames.size()}")
+ return new Tuple2(false, errorReasons)
+ }
+
+ // collect all the "name" values from AAI and SDNC into two Sets.
+ Set aaiNameSet = new java.util.HashSet()
+ aaiNames.each {
+ aValue -> addName(aaiNameSet, aValue)
+ }
+
+ Set sdncNameSet = new java.util.HashSet()
+ sdncNames.each {
+ aValue -> addName(sdncNameSet, aValue)
+ }
+
+ // Validate that the names match by comparing the size of the two Sets.
+ if (aaiNameSet.size() != sdncNameSet.size()) {
+ errorReasons.add("Number of distinct PNF names don't match; aai: ${aaiNameSet}, sdnc: ${sdncNameSet}")
+ return new Tuple2(false, errorReasons)
+ }
+
+ Set combinedSet = new HashSet();
+ combinedSet.addAll(aaiNameSet);
+ combinedSet.addAll(sdncNameSet);
+ if (combinedSet.size() != aaiNameSet.size()) {
+ errorReasons.add("PNF names don't match; aai names: ${aaiNameSet}, sdnc names: ${sdncNameSet}")
+ return new Tuple2(false, errorReasons)
+ }
+
+ return true
+
+ '''
+}
diff --git a/kubernetes/pomba/components/pomba-validation-service/templates/configmap.yaml b/kubernetes/pomba/components/pomba-validation-service/templates/configmap.yaml
new file mode 100644
index 0000000000..9a9951ab9f
--- /dev/null
+++ b/kubernetes/pomba/components/pomba-validation-service/templates/configmap.yaml
@@ -0,0 +1,47 @@
+{{/*
+# Copyright © 2018 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-root-config
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/*.*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-config-properties
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/appconfig/*.*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-config-topics
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/appconfig/topics/*.properties").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "common.fullname" . }}-rules
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/bundleconfig/etc/rules/poa-event/*.groovy").AsConfig . | indent 2 }}
diff --git a/kubernetes/pomba/components/pomba-validation-service/templates/deployment.yaml b/kubernetes/pomba/components/pomba-validation-service/templates/deployment.yaml
new file mode 100644
index 0000000000..1590f4e001
--- /dev/null
+++ b/kubernetes/pomba/components/pomba-validation-service/templates/deployment.yaml
@@ -0,0 +1,162 @@
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ include "common.release" . }}
+ spec:
+ containers:
+ - name: {{ include "common.name" . }}
+ image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ ports:
+ - containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{ if .Values.liveness.enabled }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end }}
+ {{ if .Values.readiness.enabled }}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ {{ end }}
+ env:
+ - name: APP_HOME
+ value: "{{ .Values.config.appDir }}"
+ - name: CONFIG_HOME
+ value: "{{ .Values.config.configDir }}"
+ - name: MAX_HEAP
+ value: "{{ .Values.config.maxHeap }}"
+ volumeMounts:
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ - mountPath: {{ .Values.config.appDir }}/application.properties
+ name: root-config-app-prop
+ subPath: application.properties
+ - mountPath: {{ .Values.config.configDir }}/
+ name: properties
+ - mountPath: {{ .Values.config.configAuthDir }}/
+ name: config-auth
+ - mountPath: {{ .Values.config.configTopicsDir }}/
+ name: config-topics
+ - mountPath: {{ .Values.config.rulesDir }}/
+ name: rules
+ resources:
+{{ include "common.resources" . | indent 12 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+ {{- end }}
+
+ # Filebeat sidecar container
+ - name: {{ include "common.name" . }}-filebeat-onap
+ image: {{ include "repositoryGenerator.image.logging" . }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-filebeat-conf
+ mountPath: /usr/share/filebeat/filebeat.yml
+ subPath: filebeat.yml
+ - name: {{ include "common.fullname" . }}-data-filebeat
+ mountPath: /usr/share/filebeat/data
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /opt/app/logs
+
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: {{ include "common.fullname" . }}-filebeat-conf
+ configMap:
+ name: {{ include "common.release" . }}-pomba-filebeat-configmap
+ - name: {{ include "common.fullname" . }}-data-filebeat
+ emptyDir: {}
+ - name: root-config-app-prop
+ configMap:
+ name: {{ include "common.fullname" . }}-root-config
+ defaultMode: 0644
+ - name: {{ include "common.fullname" . }}-logs
+ emptyDir: {}
+ - name: properties
+ configMap:
+ name: {{ include "common.fullname" . }}-config-properties
+ defaultMode: 0644
+ items:
+ - key: validation-service.properties
+ path: validation-service.properties
+ - key: validation-service-auth.properties
+ path: validation-service-auth.properties
+ - key: rule-indexing.properties
+ path: rule-indexing.properties
+ - key: rule-data-dictionary.properties
+ path: rule-data-dictionary.properties
+ - key: aai-environment.properties
+ path: aai-environment.properties
+ - key: schemaIngest.properties
+ path: schemaIngest.properties
+ - key: auth_policy.json
+ path: auth_policy.json
+ - name: config-auth
+ secret:
+ secretName: {{ include "common.fullname" . }}-config-auth-secret
+ items:
+ - key: tomcat_keystore
+ path: tomcat_keystore
+ - key: client-cert-onap.p12
+ path: client-cert-onap.p12
+ - name: config-topics
+ configMap:
+ name: {{ include "common.fullname" . }}-config-topics
+ defaultMode: 0644
+ items:
+ - key: topic-poa-audit-result.properties
+ path: topic-poa-audit-result.properties
+ - key: topic-poa-rule-validation.properties
+ path: topic-poa-rule-validation.properties
+ - name: rules
+ configMap:
+ name: {{ include "common.fullname" . }}-rules
+ defaultMode: 0644
+ items:
+ - key: default-rules.groovy
+ path: default-rules.groovy
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/pomba/components/pomba-validation-service/templates/secrets.yaml b/kubernetes/pomba/components/pomba-validation-service/templates/secrets.yaml
new file mode 100644
index 0000000000..63d3b10f9a
--- /dev/null
+++ b/kubernetes/pomba/components/pomba-validation-service/templates/secrets.yaml
@@ -0,0 +1,24 @@
+{{/*
+# Copyright © 2018 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-config-auth-secret
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ (.Files.Glob "resources/appconfig/auth/*").AsSecrets | indent 2 }}
diff --git a/kubernetes/pomba/components/pomba-validation-service/templates/service.yaml b/kubernetes/pomba/components/pomba-validation-service/templates/service.yaml
new file mode 100644
index 0000000000..8647447dc1
--- /dev/null
+++ b/kubernetes/pomba/components/pomba-validation-service/templates/service.yaml
@@ -0,0 +1,43 @@
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort }}
+ #Example internal target port if required
+ #targetPort: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName | default "http" }}
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName | default "http" }}
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ include "common.release" . }}
diff --git a/kubernetes/pomba/components/pomba-validation-service/values.yaml b/kubernetes/pomba/components/pomba-validation-service/values.yaml
new file mode 100644
index 0000000000..0626b0312e
--- /dev/null
+++ b/kubernetes/pomba/components/pomba-validation-service/values.yaml
@@ -0,0 +1,100 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+ nodePortPrefix: 302
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+image: onap/validation:1.3.1
+#pullPolicy: Always
+pullPolicy: IfNotPresent
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# application configuration
+config:
+ appDir: /opt/app/validation-service
+ configDir: /opt/app/validation-service/appconfig
+ configAuthDir: /opt/app/validation-service/appconfig/auth
+ configTopicsDir: /opt/app/validation-service/appconfig/topics
+ rulesDir: /opt/app/validation-service/bundleconfig/etc/rules/poa-event
+ maxHeap: 1024
+ dataDictHostPort: http://dummy-host:443
+ dataDictCredentials: cG9tYmE6cG9tYmE=
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: false
+
+readiness:
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ enabled: false
+
+#Example service definition with external, internal and node ports.
+service:
+ # The default service name (exposed in the service.yaml) will be the same
+ # name as the chart. If the service name needs to be overriden (such as
+ # when a subchart is shared), uncomment the value below.
+ #name: validation-service
+
+ #Services may use any combination of ports depending on the 'type' of
+ #service being defined.
+ type: ClusterIP
+ externalPort: 9529
+ internalPort: 8080
+# nodePort: <replace with unused node port suffix eg. 23>
+ # optional port name override - default can be defined in service.yaml
+ #portName: http
+
+ingress:
+ enabled: false
+
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 1
+ memory: 1400Mi
+ requests:
+ cpu: 50m
+ memory: 700Mi
+ large:
+ limits:
+ cpu: 2
+ memory: 2800Mi
+ requests:
+ cpu: 100m
+ memory: 1400Mi
+ unlimited: {}