diff options
| -rw-r--r-- | docs/index.rst | 101 | ||||
| -rw-r--r-- | docs/release-notes.rst | 4 | ||||
| -rw-r--r-- | pom.xml | 17 | ||||
| -rw-r--r-- | releases/4.1.2-container.yaml | 14 | ||||
| -rw-r--r-- | releases/4.1.2.yaml | 5 | ||||
| -rw-r--r-- | src/main/docker/elasticsearch/config/sg/sg_config.yml | 102 | ||||
| -rw-r--r-- | src/main/docker/elasticsearch/config/sg/sg_roles.yml | 14 | ||||
| -rw-r--r-- | src/test/java/org/onap/clamp/clds/tosca/ToscaYamlToJsonConvertorTest.java | 39 | ||||
| -rw-r--r-- | src/test/resources/tosca/policy-yaml-to-json-with-constraints.json | 63 | ||||
| -rw-r--r-- | src/test/resources/tosca/policy-yaml-to-json-with-datatypes.json | 108 | ||||
| -rw-r--r-- | src/test/resources/tosca/tosca-with-constraints.yaml | 54 | ||||
| -rw-r--r-- | src/test/resources/tosca/tosca-with-datatypes.yaml | 63 |
12 files changed, 414 insertions, 170 deletions
diff --git a/docs/index.rst b/docs/index.rst index 1f41485ea..548e277f4 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -112,18 +112,20 @@ There are one datasource for Clamp. By default, it will try to connect to the lo .. code-block:: json { - "spring.datasource.cldsdb.url": "jdbc:mariadb://anotherDB.onap.org:3306/cldsdb4?verifyServerCertificate=false&useSSL=false&requireSSL=false&autoReconnect=true", - "spring.datasource.cldsdb.username": "admin", - "spring.datasource.cldsdb.password": "password", - - "clamp.config.dcae.inventory.url": "http://dcaegen2.host:8080", - "clamp.config.dcae.dispatcher.url": "http://dcaegen2.host:8188", - "clamp.config.policy.pdpUrl1": "https://policy-pdp.host:9091/pdp/ , testpdp, alpha123", - "clamp.config.policy.pdpUrl2": "https://policy-pdp.host:9091/pdp/ , testpdp, alpha123", - "clamp.config.policy.papUrl": "https://policy-pap.host:8443/pap/ , testpap, alpha123", - "clamp.config.policy.clientKey": "5CE79532B3A2CB4D132FC0C04BF916A7", - "clamp.config.files.sdcController":"file:/opt/clamp/config/sdc-controllers-config.json", - "clamp.config.cadi.aafLocateUrl": "https://aaf-locate.onap:8095", + "spring.datasource.cldsdb.url": "jdbc:mariadb:sequential://clampdb.{{ include "common.namespace" . }}:3306/cldsdb4?autoReconnect=true&connectTimeout=10000&socketTimeout=10000&retriesAllDown=3", + "clamp.config.files.sdcController": "file:/opt/clamp/sdc-controllers-config.json", + "clamp.config.dcae.inventory.url": "https://inventory.{{ include "common.namespace" . }}:8080", + "clamp.config.dcae.dispatcher.url": "https4://deployment-handler.{{ include "common.namespace" . }}:8443", + "clamp.config.dcae.deployment.url": "https4://deployment-handler.{{ include "common.namespace" . }}:8443", + "clamp.config.dcae.deployment.userName": "none", + "clamp.config.dcae.deployment.password": "none", + "clamp.config.policy.api.url": "https4://policy-api.{{ include "common.namespace" . }}:6969", + "clamp.config.policy.api.userName": "healthcheck", + "clamp.config.policy.api.password": "zb!XztG34", + "clamp.config.policy.pap.url": "https4://policy-pap.{{ include "common.namespace" . }}:6969", + "clamp.config.policy.pap.userName": "healthcheck", + "clamp.config.policy.pap.password": "zb!XztG34", + "clamp.config.cadi.aafLocateUrl": "https://aaf-locate.{{ include "common.namespace" . }}:8095", "com.att.eelf.logging.path": "/opt/clamp", "com.att.eelf.logging.file": "logback.xml" } @@ -133,38 +135,39 @@ SDC-Controllers config This file is a JSON that must be specified to Spring config, here is an example: .. code-block:: json - { - "sdc-connections":{ - "sdc-controller1":{ - "user": "clamp", - "consumerGroup": "consumerGroup1", - "consumerId": "consumerId1", - "environmentName": "AUTO", - "sdcAddress": "localhost:8443", - "password": "b7acccda32b98c5bb7acccda32b98c5b05D511BD6D93626E90D18E9D24D9B78CD34C7EE8012F0A189A28763E82271E50A5D4EC10C7D93E06E0A2D27CAE66B981", - "pollingInterval":30, - "pollingTimeout":30, - "activateServerTLSAuth":"false", - "keyStorePassword":"", - "keyStorePath":"", - "messageBusAddresses":["dmaaphost.com"] - }, - "sdc-controller2":{ - "user": "clamp", - "consumerGroup": "consumerGroup1", - "consumerId": "consumerId1", - "environmentName": "AUTO", - "sdcAddress": "localhost:8443", - "password": "b7acccda32b98c5bb7acccda32b98c5b05D511BD6D93626E90D18E9D24D9B78CD34C7EE8012F0A189A28763E82271E50A5D4EC10C7D93E06E0A2D27CAE66B981", - "pollingInterval":30, - "pollingTimeout":30, - "activateServerTLSAuth":"false", - "keyStorePassword":"", - "keyStorePath":"", - "messageBusAddresses":["dmaaphost.com"] + + { + "sdc-connections":{ + "sdc-controller1":{ + "user": "clamp", + "consumerGroup": "consumerGroup1", + "consumerId": "consumerId1", + "environmentName": "AUTO", + "sdcAddress": "localhost:8443", + "password": "b7acccda32b98c5bb7acccda32b98c5b05D511BD6D93626E90D18E9D24D9B78CD34C7EE8012F0A189A28763E82271E50A5D4EC10C7D93E06E0A2D27CAE66B981", + "pollingInterval":30, + "pollingTimeout":30, + "activateServerTLSAuth":"false", + "keyStorePassword":"", + "keyStorePath":"", + "messageBusAddresses":["dmaaphost.com"] + }, + "sdc-controller2":{ + "user": "clamp", + "consumerGroup": "consumerGroup1", + "consumerId": "consumerId1", + "environmentName": "AUTO", + "sdcAddress": "localhost:8443", + "password": "b7acccda32b98c5bb7acccda32b98c5b05D511BD6D93626E90D18E9D24D9B78CD34C7EE8012F0A189A28763E82271E50A5D4EC10C7D93E06E0A2D27CAE66B981", + "pollingInterval":30, + "pollingTimeout":30, + "activateServerTLSAuth":"false", + "keyStorePassword":"", + "keyStorePath":"", + "messageBusAddresses":["dmaaphost.com"] + } + } } - } - } Multiple controllers can be configured so that Clamp is able to receive the notifications from different SDC servers. Each Clamp existing in a cluster should have different consumerGroup and consumerId so that they can each consume the SDC notification. @@ -174,11 +177,12 @@ If the sdcAddress is not specified or not available (connection failure) the mes Administration -------------- -A user can access CLAMP UI at the following URL : https://localhost:8443/designer/index.html. +A user can access CLAMP UI at the following URL : https://localhost:443/designer/index.html. (in this URL 'localhost' must be replaced by the actual host where CLAMP has been installed if it is not your current localhost) -For OOM, the URL is https://<host-ip>:30258/designer/index.html +For OOM, the URL is https://<host-ip>:30258 .. code-block:: html + - Without AAF, the credentials are Default username : admin Default password : password @@ -187,6 +191,13 @@ For OOM, the URL is https://<host-ip>:30258/designer/index.html ca path: src/main/resources/clds/aaf/org.onap.clamp.p12, password "China in the Spring" Or get it from this page : https://wiki.onap.org/display/DW/Control+Loop+Flows+and+Models+for+Casablanca +A user can access the Control-Loop DashBoard (ELK stack based) at the following URL : https://localhost:5601 . +(in this URL 'localhost' must be replaced by the actual host where CLAMP has been installed if it is not your current localhost) +For OOM, the URL is https://<host-ip>:30290. Since El Alto release, User access is protected using the Search Guard plugin, community Edition!, +for Kibana and ElasticSearch. The initial users and credentials provided by the Search Guard plugins are used by default. +(take a look at the files in the ElasticSearch docker image located in the folder: /usr/share/elasticsearch/config/sg/, +especially the file "sg_internal_users.yml"). + Human Interfaces ---------------- .. Basic info on the interface type, ports/protocols provided over, etc. diff --git a/docs/release-notes.rst b/docs/release-notes.rst index c3c3fef48..b6c91bbb9 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -8,7 +8,7 @@ Release Notes Version: 4.1.2 -------------- -:Release Date: 2019-09-16 +:Release Date: 2019-09-18 **New Features** @@ -25,6 +25,8 @@ The main goal of the El Alto release was to: **Known Issues** + - `CLAMP-506 <https://jira.onap.org/browse/CLAMP-506>`_ Elastic Search Clamp image cannot be built anymore(SearchGuard DMCA issue) + **Security Notes** @@ -972,7 +972,6 @@ </configuration> </execution> </executions> - </plugin> <plugin> <groupId>io.fabric8</groupId> @@ -1090,22 +1089,6 @@ </build> </image> <image> - <name>onap/clamp-dashboard-elasticsearch</name> - <alias>onap-clamp-dashboard-elasticsearch</alias> - <run> - <skip>true</skip> - </run> - <build> - <cleanup>true</cleanup> - <tags> - <tag>latest</tag> - <tag>${project.docker.latesttagtimestamp.version}</tag> - <tag>${project.docker.latesttag.version}</tag> - </tags> - <dockerFile>elasticsearch/Dockerfile</dockerFile> - </build> - </image> - <image> <name>onap/clamp-dashboard-logstash</name> <alias>onap-clamp-dashboard-logstash</alias> <run> diff --git a/releases/4.1.2-container.yaml b/releases/4.1.2-container.yaml new file mode 100644 index 000000000..9eae7d7cf --- /dev/null +++ b/releases/4.1.2-container.yaml @@ -0,0 +1,14 @@ +distribution_type: 'container' +container_release_tag: '4.1.2' +project: 'clamp' +log_dir: 'clamp-maven-docker-stage-master/121/' +ref: 9fb87912f025e85b26c238d286d87e0e1c9c767a +containers: + - name: 'clamp-backend' + version: '4.1-STAGING-20190916T192828Z' + - name: 'clamp-frontend' + version: '4.1-STAGING-20190916T192828Z' + - name: 'clamp-dashboard-logstash' + version: '4.1-STAGING-20190916T192828Z' + - name: 'clamp-dashboard-kibana' + version: '4.1-STAGING-20190916T192828Z' diff --git a/releases/4.1.2.yaml b/releases/4.1.2.yaml new file mode 100644 index 000000000..845a675f7 --- /dev/null +++ b/releases/4.1.2.yaml @@ -0,0 +1,5 @@ +--- +distribution_type: 'maven' +version: '4.1.2' +project: 'clamp' +log_dir: 'clamp-maven-stage-master/133/'
\ No newline at end of file diff --git a/src/main/docker/elasticsearch/config/sg/sg_config.yml b/src/main/docker/elasticsearch/config/sg/sg_config.yml index 7d3a933fa..9a16a8239 100644 --- a/src/main/docker/elasticsearch/config/sg/sg_config.yml +++ b/src/main/docker/elasticsearch/config/sg/sg_config.yml @@ -37,20 +37,22 @@ # HTTP # basic (challenging) # proxy (not challenging, needs xff) -# kerberos (challenging) NOT FREE FOR COMMERCIAL # clientcert (not challenging, needs https) -# jwt (not challenging) NOT FREE FOR COMMERCIAL # host (not challenging) #DEPRECATED, will be removed in a future version. # host based authentication is configurable in sg_roles_mapping # Authc # internal # noop -# ldap NOT FREE FOR COMMERCIAL USE # Authz -# ldap NOT FREE FOR COMMERCIAL USE # noop +# +# Some SearchGuard functionality is licensed under Apache-2.0, while other functionality is non-free; +# see https://github.com/floragunncom/search-guard. The functionality enabled in this configuration +# file only include those that are licensed under Apache-2.0. Please use care and review SearchGuard's +# license details before enabling any additional features here. + searchguard: dynamic: @@ -59,7 +61,6 @@ searchguard: # Set filtered_alias_mode to 'nowarn' to allow more than 2 filtered aliases per index silently #filtered_alias_mode: warn #kibana: - # Kibana multitenancy - NOT FREE FOR COMMERCIAL USE # see https://github.com/floragunncom/search-guard-docs/blob/master/multitenancy.md # To make this work you need to install https://github.com/floragunncom/search-guard-module-kibana-multitenancy/wiki #multitenancy_enabled: true @@ -80,20 +81,6 @@ searchguard: ###### and here https://tools.ietf.org/html/rfc7239 ###### and https://tomcat.apache.org/tomcat-8.0-doc/config/valve.html#Remote_IP_Valve authc: - kerberos_auth_domain: - http_enabled: false - transport_enabled: false - order: 6 - http_authenticator: - type: kerberos # NOT FREE FOR COMMERCIAL USE - challenge: true - config: - # If true a lot of kerberos/security related debugging output will be logged to standard out - krb_debug: false - # If true then the realm will be stripped from the user name - strip_realm_from_principal: true - authentication_backend: - type: noop basic_internal_auth_domain: http_enabled: true transport_enabled: true @@ -141,84 +128,7 @@ searchguard: challenge: false authentication_backend: type: noop - ldap: - http_enabled: false - transport_enabled: false - order: 5 - http_authenticator: - type: basic - challenge: false - authentication_backend: - # LDAP authentication backend (authenticate users against a LDAP or Active Directory) - type: ldap # NOT FREE FOR COMMERCIAL USE - config: - # enable ldaps - enable_ssl: false - # enable start tls, enable_ssl should be false - enable_start_tls: false - # send client certificate - enable_ssl_client_auth: false - # verify ldap hostname - verify_hostnames: true - hosts: - - localhost:8389 - bind_dn: null - password: null - userbase: 'ou=people,dc=example,dc=com' - # Filter to search for users (currently in the whole subtree beneath userbase) - # {0} is substituted with the username - usersearch: '(sAMAccountName={0})' - # Use this attribute from the user as username (if not set then DN is used) - username_attribute: null authz: - roles_from_myldap: - http_enabled: false - transport_enabled: false - authorization_backend: - # LDAP authorization backend (gather roles from a LDAP or Active Directory, you have to configure the above LDAP authentication backend settings too) - type: ldap # NOT FREE FOR COMMERCIAL USE - config: - # enable ldaps - enable_ssl: false - # enable start tls, enable_ssl should be false - enable_start_tls: false - # send client certificate - enable_ssl_client_auth: false - # verify ldap hostname - verify_hostnames: true - hosts: - - localhost:8389 - bind_dn: null - password: null - rolebase: 'ou=groups,dc=example,dc=com' - # Filter to search for roles (currently in the whole subtree beneath rolebase) - # {0} is substituted with the DN of the user - # {1} is substituted with the username - # {2} is substituted with an attribute value from user's directory entry, of the authenticated user. Use userroleattribute to specify the name of the attribute - rolesearch: '(member={0})' - # Specify the name of the attribute which value should be substituted with {2} above - userroleattribute: null - # Roles as an attribute of the user entry - userrolename: disabled - #userrolename: memberOf - # The attribute in a role entry containing the name of that role, Default is "name". - # Can also be "dn" to use the full DN as rolename. - rolename: cn - # Resolve nested roles transitive (roles which are members of other roles and so on ...) - resolve_nested_roles: true - userbase: 'ou=people,dc=example,dc=com' - # Filter to search for users (currently in the whole subtree beneath userbase) - # {0} is substituted with the username - usersearch: '(uid={0})' - # Skip users matching a user name, a wildcard or a regex pattern - #skip_users: - # - 'cn=Michael Jackson,ou*people,o=TEST' - # - '/\S*/' - roles_from_another_ldap: - enabled: false - authorization_backend: - type: ldap # NOT FREE FOR COMMERCIAL USE - #config goes here ... # auth_failure_listeners: # ip_rate_limiting: # type: ip diff --git a/src/main/docker/elasticsearch/config/sg/sg_roles.yml b/src/main/docker/elasticsearch/config/sg/sg_roles.yml index 6902fba2c..1a3a80ce5 100644 --- a/src/main/docker/elasticsearch/config/sg/sg_roles.yml +++ b/src/main/docker/elasticsearch/config/sg/sg_roles.yml @@ -32,15 +32,11 @@ # Reason is that we currently parse the config file into a elasticsearch settings object which cannot cope with dots in keys. # Workaround: Just configure something like '?kibana' instead of '.kibana' or 'my?index' instead of 'my.index' # This limitation will likely removed with Search Guard 6 - -# DLS (Document level security) - NOT FREE FOR COMMERCIAL -# http://docs.search-guard.com/v6/document-level-security - -# FLS (Field level security) - NOT FREE FOR COMMERCIAL -# http://docs.search-guard.com/v6/field-level-security - -# Kibana multitenancy - NOT FREE FOR COMMERCIAL -# http://docs.search-guard.com/v6/kibana-multi-tenancy +# +# Some SearchGuard functionality is licensed under Apache-2.0, while other functionality is non-free; +# see https://github.com/floragunncom/search-guard. The functionality enabled in this configuration +# file only include those that are licensed under Apache-2.0. Please use care and review SearchGuard's +# license details before enabling any additional features here. # Allows everything, but no changes to searchguard configuration index sg_all_access: diff --git a/src/test/java/org/onap/clamp/clds/tosca/ToscaYamlToJsonConvertorTest.java b/src/test/java/org/onap/clamp/clds/tosca/ToscaYamlToJsonConvertorTest.java index 65b95a100..00c9b7d0b 100644 --- a/src/test/java/org/onap/clamp/clds/tosca/ToscaYamlToJsonConvertorTest.java +++ b/src/test/java/org/onap/clamp/clds/tosca/ToscaYamlToJsonConvertorTest.java @@ -4,6 +4,7 @@ * ================================================================================ * Copyright (C) 2018 AT&T Intellectual Property. All rights * reserved. + * Modifications Copyright (C) 2019 Huawei Technologies Co., Ltd. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -37,8 +38,7 @@ public class ToscaYamlToJsonConvertorTest { * This Test validates TOSCA yaml to JSON Schema conversion based on JSON Editor * Schema. * - * @throws IOException - * + * @throws IOException In case of issue when opening the tosca yaml file and converted json file */ @Test public final void testParseToscaYaml() throws IOException { @@ -50,4 +50,39 @@ public class ToscaYamlToJsonConvertorTest { JSONAssert.assertEquals(ResourceFileUtil.getResourceAsString("tosca/policy-yaml-to-json.json"), parsedJsonSchema, true); } + + /** + * This Test validates TOSCA yaml with constraints to JSON Schema conversion based on JSON Editor + * Schema. + * + * @throws IOException In case of issue when opening the tosca yaml file and converted json file + */ + @Test + public final void testParseToscaYamlWithConstraints() throws IOException { + String toscaModelYaml = ResourceFileUtil.getResourceAsString("tosca/tosca-with-constraints.yaml"); + ToscaYamlToJsonConvertor convertor = new ToscaYamlToJsonConvertor(); + + String parsedJsonSchema = convertor.parseToscaYaml(toscaModelYaml); + assertNotNull(parsedJsonSchema); + JSONAssert.assertEquals(ResourceFileUtil.getResourceAsString("tosca/policy-yaml-to-json-with-constraints" + + ".json"), + parsedJsonSchema, true); + } + + /** + * This Test validates TOSCA yaml with different datatypes to JSON Schema conversion based on JSON Editor + * Schema. + * + * @throws IOException In case of issue when opening the tosca yaml file and converted json file + */ + @Test + public final void testParseToscaYamlWithTypes() throws IOException { + String toscaModelYaml = ResourceFileUtil.getResourceAsString("tosca/tosca-with-datatypes.yaml"); + ToscaYamlToJsonConvertor convertor = new ToscaYamlToJsonConvertor(); + + String parsedJsonSchema = convertor.parseToscaYaml(toscaModelYaml); + assertNotNull(parsedJsonSchema); + JSONAssert.assertEquals(ResourceFileUtil.getResourceAsString("tosca/policy-yaml-to-json-with-datatypes.json"), + parsedJsonSchema, true); + } } diff --git a/src/test/resources/tosca/policy-yaml-to-json-with-constraints.json b/src/test/resources/tosca/policy-yaml-to-json-with-constraints.json new file mode 100644 index 000000000..b2575486c --- /dev/null +++ b/src/test/resources/tosca/policy-yaml-to-json-with-constraints.json @@ -0,0 +1,63 @@ +{ + "schema": { + "uniqueItems": "true", + "format": "tabs-top", + "type": "array", + "title": "Properties with constraints", + "items": { + "type": "object", + "title": "Properties with constraints", + "required": [ + "cpus", + "memSize" + ], + "properties": { + "appPassword": { + "propertyOrder": 1004, + "minLength": 6, + "title": "application password", + "type": "string", + "maxLength": 10 + }, + "cost": { + "exclusiveMaximum": 100.5, + "propertyOrder": 1005, + "type": "integer", + "exclusiveMinimum": 50.5 + }, + "keylength": { + "propertyOrder": 1007, + "type": "integer", + "enum": [ + 128, + 256 + ] + }, + "cpus": { + "propertyOrder": 1001, + "default": 1, + "minLength": 1, + "type": "string", + "maxLength": 4 + }, + "ports": { + "propertyOrder": 1002, + "maximum": 9010, + "type": "integer", + "minimum": 9000 + }, + "memSize": { + "propertyOrder": 1003, + "maximum": 10, + "title": "memory size", + "type": "integer", + "minimum": 2 + }, + "algorithm": { + "propertyOrder": 1006, + "type": "string" + } + } + } + } +} diff --git a/src/test/resources/tosca/policy-yaml-to-json-with-datatypes.json b/src/test/resources/tosca/policy-yaml-to-json-with-datatypes.json new file mode 100644 index 000000000..d470d928d --- /dev/null +++ b/src/test/resources/tosca/policy-yaml-to-json-with-datatypes.json @@ -0,0 +1,108 @@ +{ + "schema": { + "uniqueItems": "true", + "format": "tabs-top", + "type": "array", + "title": "Properties with different types", + "items": { + "type": "object", + "title": "Properties with different types", + "required": [ + "memSize" + ], + "properties": { + "cpus": { + "propertyOrder": 1001, + "uniqueItems": "true", + "format": "tabs-top", + "type": "array", + "items": { + "type": "object", + "required": [], + "properties": { + "closedLoopControlName": { + "propertyOrder": 1002, + "type": "string" + } + } + } + }, + "domain": { + "propertyOrder": 1009, + "type": "object", + "required": [], + "properties": { + "closedLoopControlName": { + "propertyOrder": 1002, + "type": "string" + } + } + }, + "thresholdValue": { + "propertyOrder": 1007, + "uniqueItems": "true", + "format": "select", + "type": "array", + "items": { + "type": "string" + } + }, + "ports": { + "propertyOrder": 1003, + "type": "object", + "items": { + "type": "string" + } + }, + "closedLoopEventStatus": { + "propertyOrder": 1004, + "type": "object", + "items": { + "type": "integer" + } + }, + "version": { + "propertyOrder": 1008, + "uniqueItems": "true", + "format": "tabs-top", + "type": "array", + "items": { + "type": "object", + "required": [], + "properties": { + "closedLoopControlName": { + "propertyOrder": 1002, + "type": "string" + } + } + } + }, + "memSize": { + "propertyOrder": 1006, + "required": [], + "properties": { + "name": { + "propertyOrder": 20002, + "required": [ + "severity" + ], + "properties": { + "severity": { + "propertyOrder": 20003, + "type": "string" + } + } + } + } + }, + "direction": { + "propertyOrder": 1005, + "type": "object", + "items": { + "type": "integer" + } + } + } + } + } +}
\ No newline at end of file diff --git a/src/test/resources/tosca/tosca-with-constraints.yaml b/src/test/resources/tosca/tosca-with-constraints.yaml new file mode 100644 index 000000000..959bc483b --- /dev/null +++ b/src/test/resources/tosca/tosca-with-constraints.yaml @@ -0,0 +1,54 @@ +tosca_definitions_version: tosca_simple_yaml_1_0_0 +policy_types: + onap.policies.Monitoring: + derived_from: tosca.policies.Root + description: a base policy type for all policies that governs monitoring provisioning + onap.policies.monitoring.example.app: + derived_from: onap.policies.Monitoring + version: 1.0.0 + properties: + example_policy: + type: map + description: Properties with constraints + entry_schema: + type: onap.datatypes.monitoring.example_policy +data_types: + onap.datatypes.monitoring.example_policy: + derived_from: tosca.datatypes.Root + properties: + cpus: + type: string + required: true + default: 1 + constraints: + - in_range: [ 1, 4 ] + ports: + type: integer + constraints: + - in_range: [ 9000, 9010 ] + memSize: + type: integer + required: true + description: memory size + constraints: + - greater_or_equal: 2 + - less_or_equal: 10 + appPassword: + type: string + description: application password + constraints: + - min_length: 6 + - max_length: 10 + cost: + type: float + constraints: + - less_than: 100.50 + - greater_than: 50.50 + algorithm: + type: string + constraints: + - equal: aes + keylength: + type: integer + constraints: + - valid_values: [ 128, 256 ] diff --git a/src/test/resources/tosca/tosca-with-datatypes.yaml b/src/test/resources/tosca/tosca-with-datatypes.yaml new file mode 100644 index 000000000..61d5dbcc8 --- /dev/null +++ b/src/test/resources/tosca/tosca-with-datatypes.yaml @@ -0,0 +1,63 @@ +tosca_definitions_version: tosca_simple_yaml_1_0_0 +policy_types: + onap.policies.Monitoring: + derived_from: tosca.policies.Root + description: a base policy type for all policies that governs monitoring provisioning + onap.policies.monitoring.example.app: + derived_from: onap.policies.Monitoring + version: 1.0.0 + properties: + example_policy: + type: map + description: Properties with different types + entry_schema: + type: onap.datatypes.monitoring.example_policy +data_types: + onap.datatypes.monitoring.example2: + derived_from: tosca.datatypes.Root + properties: + closedLoopControlName: + type: string + onap.datatypes.monitoring.example3: + derived_from: tosca.datatypes.Root + properties: + name: + type: onap.datatypes.monitoring.example4 + onap.datatypes.monitoring.example4: + derived_from: tosca.datatypes.Root + properties: + severity: + type: string + required: true + onap.datatypes.monitoring.example_policy: + derived_from: tosca.datatypes.Root + properties: + cpus: + type: list + entry_schema: + type: onap.datatypes.monitoring.example2 + ports: + type: map + entry_schema: + type: string + closedLoopEventStatus: + type: map + entry_schema: + type: integer + direction: + type: map + entry_schema: + type: float + memSize: + type: onap.datatypes.monitoring.example3 + required: true + thresholdValue: + type: list + entry_schema: + type: string + version: + type: list + entry_schema: + type: onap.datatypes.monitoring.example2 + domain: + type: onap.datatypes.monitoring.example2
\ No newline at end of file |