summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/main/java/org/onap/clamp/clds/service/CldsUser.java9
-rw-r--r--src/test/resources/clds/clds-users-incomplete-permissions.json26
-rw-r--r--src/test/resources/clds/clds-users-no-permission.json14
-rw-r--r--src/test/resources/clds/clds-users-two-users.json52
4 files changed, 47 insertions, 54 deletions
diff --git a/src/main/java/org/onap/clamp/clds/service/CldsUser.java b/src/main/java/org/onap/clamp/clds/service/CldsUser.java
index 34a3f8ea2..db8a24f31 100644
--- a/src/main/java/org/onap/clamp/clds/service/CldsUser.java
+++ b/src/main/java/org/onap/clamp/clds/service/CldsUser.java
@@ -26,11 +26,8 @@ package org.onap.clamp.clds.service;
import java.util.Arrays;
public class CldsUser {
-
private String user;
-
private String password;
-
private SecureServicePermission[] permissions;
/**
@@ -67,7 +64,7 @@ public class CldsUser {
* @return the permissions
*/
public SecureServicePermission[] getPermissions() {
- return permissions;
+ return Arrays.copyOf(permissions, permissions.length);
}
public String[] getPermissionsString() {
@@ -78,7 +75,7 @@ public class CldsUser {
* @param permissions
* the permissions to set
*/
- public void setPermissions(SecureServicePermission[] permissions) {
- this.permissions = permissions;
+ public void setPermissions(SecureServicePermission[] permissionsArray) {
+ this.permissions = Arrays.copyOf(permissionsArray, permissionsArray.length);
}
}
diff --git a/src/test/resources/clds/clds-users-incomplete-permissions.json b/src/test/resources/clds/clds-users-incomplete-permissions.json
index a642511cd..9e3534ff4 100644
--- a/src/test/resources/clds/clds-users-incomplete-permissions.json
+++ b/src/test/resources/clds/clds-users-incomplete-permissions.json
@@ -1,14 +1,14 @@
- [{
- "user":"admin1",
- "password":"5f4dcc3b5aa765d61d8327deb882cf99",
- "permissions":
- [
- "permission-type-cl|dev|",
- "permission-type-cl|dev",
- "permission-type-cl-manage|dev|*",
- "permission-type-filter-vf|dev|*",
- "permission-type-template|dev|read",
- "permission-type-template|dev|update"
- ]
+[
+ {
+ "user": "admin1",
+ "password": "5f4dcc3b5aa765d61d8327deb882cf99",
+ "permissions": [
+ "permission-type-cl|dev|",
+ "permission-type-cl|dev",
+ "permission-type-cl-manage|dev|*",
+ "permission-type-filter-vf|dev|*",
+ "permission-type-template|dev|read",
+ "permission-type-template|dev|update"
+ ]
}
-] \ No newline at end of file
+]
diff --git a/src/test/resources/clds/clds-users-no-permission.json b/src/test/resources/clds/clds-users-no-permission.json
index 77f16c38c..ac91540f2 100644
--- a/src/test/resources/clds/clds-users-no-permission.json
+++ b/src/test/resources/clds/clds-users-no-permission.json
@@ -1,9 +1,7 @@
- [{
- "user":"admin1",
- "permissions":
- [
-
- ]
+[
+ {
+ "user": "admin1",
+ "permissions": [
+ ]
}
-
-] \ No newline at end of file
+]
diff --git a/src/test/resources/clds/clds-users-two-users.json b/src/test/resources/clds/clds-users-two-users.json
index 8c8d7278a..b3721946a 100644
--- a/src/test/resources/clds/clds-users-two-users.json
+++ b/src/test/resources/clds/clds-users-two-users.json
@@ -1,28 +1,26 @@
- [{
- "user":"admin1",
- "password":"5f4dcc3b5aa765d61d8327deb882cf99",
- "permissions":
- [
- "permission-type-cl|dev|read",
- "permission-type-cl|dev|update",
- "permission-type-cl-manage|dev|*",
- "permission-type-filter-vf|dev|*",
- "permission-type-template|dev|read",
- "permission-type-template|dev|update"
- ]
+[
+ {
+ "user": "admin1",
+ "password": "5f4dcc3b5aa765d61d8327deb882cf99",
+ "permissions": [
+ "permission-type-cl|dev|read",
+ "permission-type-cl|dev|update",
+ "permission-type-cl-manage|dev|*",
+ "permission-type-filter-vf|dev|*",
+ "permission-type-template|dev|read",
+ "permission-type-template|dev|update"
+ ]
+ },
+ {
+ "user": "admin2",
+ "password": "5f4dcc3b5aa765d61d8327deb882cf99",
+ "permissions": [
+ "permission-type-cl|dev|read",
+ "permission-type-cl|dev|update",
+ "permission-type-cl-manage|dev|*",
+ "permission-type-filter-vf|dev|*",
+ "permission-type-template|dev|read",
+ "permission-type-template|dev|update"
+ ]
}
- ,
- {"user":"admin2",
- "password":"5f4dcc3b5aa765d61d8327deb882cf99",
- "permissions":
- [
- "permission-type-cl|dev|read",
- "permission-type-cl|dev|update",
- "permission-type-cl-manage|dev|*",
- "permission-type-filter-vf|dev|*",
- "permission-type-template|dev|read",
- "permission-type-template|dev|update"
- ]
-
- }
-] \ No newline at end of file
+]
round-color: #fff0f0 } /* Literal.String.Symbol */ .highlight .bp { color: #003388 } /* Name.Builtin.Pseudo */ .highlight .fm { color: #0066bb; font-weight: bold } /* Name.Function.Magic */ .highlight .vc { color: #336699 } /* Name.Variable.Class */ .highlight .vg { color: #dd7700 } /* Name.Variable.Global */ .highlight .vi { color: #3333bb } /* Name.Variable.Instance */ .highlight .vm { color: #336699 } /* Name.Variable.Magic */ .highlight .il { color: #0000DD; font-weight: bold } /* Literal.Number.Integer.Long */ } 
{{/*
################################################################################
#   Copyright (c) 2020 Nordix Foundation.                                      #
#   Copyright © 2020 Samsung Electronics, Modifications                        #
#                                                                              #
#   Licensed under the Apache License, Version 2.0 (the "License");            #
#   you may not use this file except in compliance with the License.           #
#   You may obtain a copy of the License at                                    #
#                                                                              #
#       http://www.apache.org/licenses/LICENSE-2.0                             #
#                                                                              #
#   Unless required by applicable law or agreed to in writing, software        #
#   distributed under the License is distributed on an "AS IS" BASIS,          #
#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #
#   See the License for the specific language governing permissions and        #
#   limitations under the License.                                             #
################################################################################
*/}}

kind: StatefulSet
apiVersion: apps/v1
metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
  serviceName: {{ include "common.servicename" . }}
  replicas: {{ index .Values.replicaCount }}
  selector: {{- include "common.selectors" . | nindent 4 }}
  template:
    metadata:
      labels: {{- include "common.labels" . | nindent 8 }}
    spec:
      imagePullSecrets:
      - name: "{{ include "common.namespace" . }}-docker-registry-key"
      initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
      - name: {{ include "common.name" . }}-bootstrap-config
        image: {{ include "repositoryGenerator.image.envsubst" . }}
        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
        command:
        - sh
        args:
        - -c
        - |
          export $(cat {{ .Values.certInitializer.credsPath }}/mycreds.prop\
            | xargs -0)
          cd /config-input
          for PFILE in `ls -1`
          do
            envsubst <${PFILE} >/config/${PFILE}
            chmod o+w /config/${PFILE}
          done
          cat /config/application.yaml
        env:
        - name: A1CONTROLLER_USER
          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "controller-secret" "key" "login") | indent 10 }}
        - name: A1CONTROLLER_PASSWORD
          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "controller-secret" "key" "password") | indent 10 }}
        volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
        - mountPath: /config-input
          name: {{ include "common.fullname" . }}-policy-conf-input
        - mountPath: /config
          name: config
      containers:
      - name: {{ include "common.name" . }}-update-config
        image: {{ include "repositoryGenerator.image.envsubst" . }}
        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
        securityContext:
          runAsGroup: {{ .Values.groupID }}
          runAsUser: {{ .Values.userID }}
          runAsNonRoot: true
        command:
        - sh
        args:
        - /tmp/scripts/daemon.sh
        env:
        - name: A1CONTROLLER_USER
          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "controller-secret" "key" "login") | indent 10 }}
        - name: A1CONTROLLER_PASSWORD
          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "controller-secret" "key" "password") | indent 10 }}
        volumeMounts:
        - mountPath: /tmp/scripts
          name: {{ include "common.fullname" . }}-envsubst-scripts
        - mountPath: /config-input
          name: {{ include "common.fullname" . }}-policy-conf-input
        - mountPath: /config
          name: config
      - name: {{ include "common.name" . }}
        image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
        ports: {{ include "common.containerPorts" . | nindent 10  }}
        readinessProbe:
          tcpSocket:
            port: {{ .Values.readiness.port }}
          initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
          periodSeconds: {{ .Values.liveness.periodSeconds }}
        livenessProbe:
          httpGet:
            path: /status
            port: {{ .Values.liveness.port }}
            scheme: {{ if (include "common.needTLS" .) }}HTTPS{{ else }}HTTP{{ end }}
          initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
          periodSeconds: {{ .Values.liveness.periodSeconds }}
        volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
        - name: config
          mountPath: /opt/app/policy-agent/data/application_configuration.json
          subPath: application_configuration.json
        - name: config
          mountPath: /opt/app/policy-agent/config/application.yaml
          subPath: application.yaml
        - name: {{ include "common.fullname" . }}
          mountPath: "/var/policy-management-service/database"
        resources: {{ include "common.resources" . | nindent 10 }}
      serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
      volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
        - name: {{ include "common.fullname" . }}-policy-conf-input
          configMap:
            name: {{ include "common.fullname" . }}-policy-conf
        - name: {{ include "common.fullname" . }}-envsubst-scripts
          configMap:
            name: {{ include "common.fullname" . }}-envsubst-scripts
            defaultMode: 0555
        - name: config
          emptyDir:
            medium: Memory
{{- if not .Values.persistence.enabled }}
        - name: {{ include "common.fullname" . }}
          emptyDir: {}
{{- else }}
  volumeClaimTemplates:
    - {{include "common.PVCTemplate" . | indent 6 | trim }}
{{- end }}