summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJim Hahn <jrh3@att.com>2021-03-16 14:52:34 -0400
committerJim Hahn <jrh3@att.com>2021-03-19 11:21:53 -0400
commit39b7b9897494d9f14ca196c8f0e2f0bc7e57cf4f (patch)
treea476ed8a72c4aad8d5e358c674430287960bbdea
parentc6d046f50f01859b9e0873f65bed8621113ec120 (diff)
Use generated keystore in CSITs
Added code to the CSITs to generate a self-signed certificate, which can then be mounted over the policy-keystore of each docker image when it is launched. Converted xacml's API params to BusTopicParams. Issue-ID: POLICY-3143 Change-Id: Ic1c25a7f29d87583b81515fd2caf72ba7c44924c Signed-off-by: Jim Hahn <jrh3@att.com>
-rw-r--r--csit/config/distribution/defaultConfig.json1
-rw-r--r--csit/config/dns_keystore.txt14
-rw-r--r--csit/config/drools-apps/custom/AAI-http-client.properties28
-rw-r--r--csit/config/drools-apps/custom/APPC-CL-topic.properties28
-rw-r--r--csit/config/drools-apps/custom/APPC-LCM-READ-topic.properties23
-rw-r--r--csit/config/drools-apps/custom/APPC-LCM-WRITE-topic.properties23
-rw-r--r--csit/config/drools-apps/custom/DCAE_CL_RSP-topic.properties23
-rw-r--r--csit/config/drools-apps/custom/DCAE_TOPIC-topic.properties25
-rw-r--r--csit/config/drools-apps/custom/GUARD-http-client.properties28
-rw-r--r--csit/config/drools-apps/custom/POLICY-CL-MGT-topic.properties22
-rw-r--r--csit/config/drools-apps/custom/SDNC-http-client.properties28
-rw-r--r--csit/config/drools-apps/custom/SDNR-CL-RSP-topic.properties22
-rw-r--r--csit/config/drools-apps/custom/SDNR-CL-topic.properties23
-rw-r--r--csit/config/drools-apps/custom/SO-http-client.properties28
-rw-r--r--csit/config/drools-apps/custom/VFC-http-client.properties28
-rw-r--r--csit/config/drools-apps/custom/engine.properties50
-rw-r--r--csit/config/drools-apps/custom/feature-lifecycle.properties40
-rw-r--r--csit/config/sim-all/simParameters.json4
-rw-r--r--csit/config/xacml-pdp/defaultConfig.json5
-rw-r--r--csit/docker-compose-all.yml7
-rwxr-xr-xcsit/gen_keystore.sh38
-rwxr-xr-xcsit/prepare-csit.sh9
-rwxr-xr-xcsit/run-project-csit.sh5
23 files changed, 491 insertions, 11 deletions
diff --git a/csit/config/distribution/defaultConfig.json b/csit/config/distribution/defaultConfig.json
index facee9bc..140fd706 100644
--- a/csit/config/distribution/defaultConfig.json
+++ b/csit/config/distribution/defaultConfig.json
@@ -65,6 +65,7 @@
"password": "zb!XztG34"
},
"isHttps": true,
+ "allowSelfSignedCerts": true,
"deployPolicies": true
}
}
diff --git a/csit/config/dns_keystore.txt b/csit/config/dns_keystore.txt
new file mode 100644
index 00000000..50854a03
--- /dev/null
+++ b/csit/config/dns_keystore.txt
@@ -0,0 +1,14 @@
+DNS:policy
+DNS:drools
+DNS:drools.onap
+DNS:policy-apex-pdp
+DNS:policy-apex-pdp.onap
+DNS:policy-api
+DNS:policy-api.onap
+DNS:policy-distribution
+DNS:policy-distribution.onap
+DNS:policy-pap
+DNS:policy-pap.onap
+DNS:policy-xacml-pdp
+DNS:policy-xacml-pdp.onap
+DNS:policy.api.simpledemo.onap.org
diff --git a/csit/config/drools-apps/custom/AAI-http-client.properties b/csit/config/drools-apps/custom/AAI-http-client.properties
new file mode 100644
index 00000000..35fa7f61
--- /dev/null
+++ b/csit/config/drools-apps/custom/AAI-http-client.properties
@@ -0,0 +1,28 @@
+# ============LICENSE_START=======================================================
+# ONAP
+# ================================================================================
+# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+http.client.services=AAI
+
+http.client.services.AAI.managed=true
+http.client.services.AAI.https=true
+http.client.services.AAI.host=${envd:AAI_HOST}
+http.client.services.AAI.port=${envd:AAI_PORT}
+http.client.services.AAI.userName=${envd:AAI_USERNAME}
+http.client.services.AAI.password=${envd:AAI_PASSWORD}
+http.client.services.AAI.contextUriPath=${envd:AAI_CONTEXT_URI}
+http.client.services.AAI.selfSignedCertificates=true
diff --git a/csit/config/drools-apps/custom/APPC-CL-topic.properties b/csit/config/drools-apps/custom/APPC-CL-topic.properties
new file mode 100644
index 00000000..f265b7c6
--- /dev/null
+++ b/csit/config/drools-apps/custom/APPC-CL-topic.properties
@@ -0,0 +1,28 @@
+# ============LICENSE_START=======================================================
+# ONAP
+# ================================================================================
+# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+dmaap.source.topics=APPC-CL
+dmaap.sink.topics=APPC-CL
+
+dmaap.source.topics.APPC-CL.servers=${env:DMAAP_SERVERS}
+dmaap.source.topics.APPC-CL.https=true
+dmaap.source.topics.APPC-CL.selfSignedCertificates=true
+
+dmaap.sink.topics.APPC-CL.servers=${env:DMAAP_SERVERS}
+dmaap.sink.topics.APPC-CL.https=true
+dmaap.sink.topics.APPC-CL.selfSignedCertificates=true
diff --git a/csit/config/drools-apps/custom/APPC-LCM-READ-topic.properties b/csit/config/drools-apps/custom/APPC-LCM-READ-topic.properties
new file mode 100644
index 00000000..f4a48dcb
--- /dev/null
+++ b/csit/config/drools-apps/custom/APPC-LCM-READ-topic.properties
@@ -0,0 +1,23 @@
+# ============LICENSE_START=======================================================
+# ONAP
+# ================================================================================
+# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+dmaap.sink.topics=APPC-LCM-READ
+
+dmaap.sink.topics.APPC-LCM-READ.servers=${env:DMAAP_SERVERS}
+dmaap.sink.topics.APPC-LCM-READ.https=true
+dmaap.sink.topics.APPC-LCM-READ.selfSignedCertificates=true
diff --git a/csit/config/drools-apps/custom/APPC-LCM-WRITE-topic.properties b/csit/config/drools-apps/custom/APPC-LCM-WRITE-topic.properties
new file mode 100644
index 00000000..51cb0183
--- /dev/null
+++ b/csit/config/drools-apps/custom/APPC-LCM-WRITE-topic.properties
@@ -0,0 +1,23 @@
+# ============LICENSE_START=======================================================
+# ONAP
+# ================================================================================
+# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+dmaap.source.topics=APPC-LCM-WRITE
+
+dmaap.source.topics.APPC-LCM-WRITE.servers=${env:DMAAP_SERVERS}
+dmaap.source.topics.APPC-LCM-WRITE.https=true
+dmaap.source.topics.APPC-LCM-WRITE.selfSignedCertificates=true
diff --git a/csit/config/drools-apps/custom/DCAE_CL_RSP-topic.properties b/csit/config/drools-apps/custom/DCAE_CL_RSP-topic.properties
new file mode 100644
index 00000000..b02f90ce
--- /dev/null
+++ b/csit/config/drools-apps/custom/DCAE_CL_RSP-topic.properties
@@ -0,0 +1,23 @@
+# ============LICENSE_START=======================================================
+# ONAP
+# ================================================================================
+# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+dmaap.sink.topics=DCAE_CL_RSP
+
+dmaap.sink.topics.DCAE_CL_RSP.servers=${env:DMAAP_SERVERS}
+dmaap.sink.topics.DCAE_CL_RSP.https=true
+dmaap.sink.topics.DCAE_CL_RSP.selfSignedCertificates=true
diff --git a/csit/config/drools-apps/custom/DCAE_TOPIC-topic.properties b/csit/config/drools-apps/custom/DCAE_TOPIC-topic.properties
new file mode 100644
index 00000000..608ba8d4
--- /dev/null
+++ b/csit/config/drools-apps/custom/DCAE_TOPIC-topic.properties
@@ -0,0 +1,25 @@
+# ============LICENSE_START=======================================================
+# ONAP
+# ================================================================================
+# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+dmaap.source.topics=DCAE_TOPIC
+
+dmaap.source.topics.DCAE_TOPIC.effectiveTopic=${env:DCAE_TOPIC}
+dmaap.source.topics.DCAE_TOPIC.servers=${env:DMAAP_SERVERS}
+dmaap.source.topics.DCAE_TOPIC.consumerGroup=${env:DCAE_CONSUMER_GROUP}
+dmaap.source.topics.DCAE_TOPIC.https=true
+dmaap.source.topics.DCAE_TOPIC.selfSignedCertificates=true
diff --git a/csit/config/drools-apps/custom/GUARD-http-client.properties b/csit/config/drools-apps/custom/GUARD-http-client.properties
new file mode 100644
index 00000000..e4c2553a
--- /dev/null
+++ b/csit/config/drools-apps/custom/GUARD-http-client.properties
@@ -0,0 +1,28 @@
+# ============LICENSE_START=======================================================
+# ONAP
+# ================================================================================
+# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+http.client.services=GUARD
+
+http.client.services.GUARD.managed=true
+http.client.services.GUARD.https=true
+http.client.services.GUARD.host=${envd:PDP_HOST}
+http.client.services.GUARD.port=${envd:PDP_PORT}
+http.client.services.GUARD.userName=${envd:PDP_USERNAME}
+http.client.services.GUARD.password=${envd:PDP_PASSWORD}
+http.client.services.GUARD.contextUriPath=${envd:PDP_CONTEXT_URI:policy/pdpx/v1/}
+http.client.services.GUARD.selfSignedCertificates=true
diff --git a/csit/config/drools-apps/custom/POLICY-CL-MGT-topic.properties b/csit/config/drools-apps/custom/POLICY-CL-MGT-topic.properties
new file mode 100644
index 00000000..f2b68265
--- /dev/null
+++ b/csit/config/drools-apps/custom/POLICY-CL-MGT-topic.properties
@@ -0,0 +1,22 @@
+# ============LICENSE_START=======================================================
+# ONAP
+# ================================================================================
+# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+dmaap.sink.topics=POLICY-CL-MGT
+dmaap.sink.topics.POLICY-CL-MGT.servers=${env:DMAAP_SERVERS}
+dmaap.sink.topics.POLICY-CL-MGT.https=true
+dmaap.sink.topics.POLICY-CL-MGT.selfSignedCertificates=true
diff --git a/csit/config/drools-apps/custom/SDNC-http-client.properties b/csit/config/drools-apps/custom/SDNC-http-client.properties
new file mode 100644
index 00000000..9115950e
--- /dev/null
+++ b/csit/config/drools-apps/custom/SDNC-http-client.properties
@@ -0,0 +1,28 @@
+# ============LICENSE_START=======================================================
+# ONAP
+# ================================================================================
+# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+http.client.services=SDNC
+
+http.client.services.SDNC.managed=true
+http.client.services.SDNC.https=true
+http.client.services.SDNC.host=${envd:SDNC_HOST}
+http.client.services.SDNC.port=${envd:SDNC_PORT}
+http.client.services.SDNC.userName=${envd:SDNC_USERNAME}
+http.client.services.SDNC.password=${envd:SDNC_PASSWORD}
+http.client.services.SDNC.contextUriPath=${envd:SDNC_CONTEXT_URI}
+http.client.services.SDNC.selfSignedCertificates=true
diff --git a/csit/config/drools-apps/custom/SDNR-CL-RSP-topic.properties b/csit/config/drools-apps/custom/SDNR-CL-RSP-topic.properties
new file mode 100644
index 00000000..27a762c6
--- /dev/null
+++ b/csit/config/drools-apps/custom/SDNR-CL-RSP-topic.properties
@@ -0,0 +1,22 @@
+# ============LICENSE_START=======================================================
+# ONAP
+# ================================================================================
+# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+dmaap.source.topics=SDNR-CL-RSP
+dmaap.source.topics.SDNR-CL-RSP.servers=${env:DMAAP_SERVERS}
+dmaap.source.topics.SDNR-CL-RSP.https=true
+dmaap.source.topics.SDNR-CL-RSP.selfSignedCertificates=true
diff --git a/csit/config/drools-apps/custom/SDNR-CL-topic.properties b/csit/config/drools-apps/custom/SDNR-CL-topic.properties
new file mode 100644
index 00000000..8f2a26c2
--- /dev/null
+++ b/csit/config/drools-apps/custom/SDNR-CL-topic.properties
@@ -0,0 +1,23 @@
+# ============LICENSE_START=======================================================
+# ONAP
+# ================================================================================
+# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+dmaap.sink.topics=SDNR-CL
+
+dmaap.sink.topics.SDNR-CL.servers=${env:DMAAP_SERVERS}
+dmaap.sink.topics.SDNR-CL.https=true
+dmaap.sink.topics.SDNR-CL.selfSignedCertificates=true
diff --git a/csit/config/drools-apps/custom/SO-http-client.properties b/csit/config/drools-apps/custom/SO-http-client.properties
new file mode 100644
index 00000000..7e71e359
--- /dev/null
+++ b/csit/config/drools-apps/custom/SO-http-client.properties
@@ -0,0 +1,28 @@
+# ============LICENSE_START=======================================================
+# ONAP
+# ================================================================================
+# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+http.client.services=SO
+
+http.client.services.SO.managed=true
+http.client.services.SO.https=false
+http.client.services.SO.host=${envd:SO_HOST}
+http.client.services.SO.port=${envd:SO_PORT}
+http.client.services.SO.userName=${envd:SO_USERNAME}
+http.client.services.SO.password=${envd:SO_PASSWORD}
+http.client.services.SO.contextUriPath=${envd:SO_CONTEXT_URI}
+http.client.services.SO.selfSignedCertificates=true
diff --git a/csit/config/drools-apps/custom/VFC-http-client.properties b/csit/config/drools-apps/custom/VFC-http-client.properties
new file mode 100644
index 00000000..454e8a96
--- /dev/null
+++ b/csit/config/drools-apps/custom/VFC-http-client.properties
@@ -0,0 +1,28 @@
+# ============LICENSE_START=======================================================
+# ONAP
+# ================================================================================
+# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+http.client.services=VFC
+
+http.client.services.VFC.managed=true
+http.client.services.VFC.https=true
+http.client.services.VFC.host=${envd:VFC_HOST}
+http.client.services.VFC.port=${envd:VFC_PORT}
+http.client.services.VFC.userName=${envd:VFC_USERNAME}
+http.client.services.VFC.password=${envd:VFC_PASSWORD}
+http.client.services.VFC.contextUriPath=${envd:VFC_CONTEXT_URI:api/nslcm/v1/}
+http.client.services.VFC.selfSignedCertificates=true
diff --git a/csit/config/drools-apps/custom/engine.properties b/csit/config/drools-apps/custom/engine.properties
new file mode 100644
index 00000000..cf2ed855
--- /dev/null
+++ b/csit/config/drools-apps/custom/engine.properties
@@ -0,0 +1,50 @@
+###
+# ============LICENSE_START=======================================================
+# ONAP
+# ================================================================================
+# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+###
+
+# Policy Engine Configuration Channels
+
+dmaap.source.topics=PDPD-CONFIGURATION
+
+dmaap.source.topics.PDPD-CONFIGURATION.servers=${envd:DMAAP_SERVERS}
+dmaap.source.topics.PDPD-CONFIGURATION.effectiveTopic=${envd:PDPD_CONFIGURATION_TOPIC}
+dmaap.source.topics.PDPD-CONFIGURATION.apiKey=${envd:PDPD_CONFIGURATION_API_KEY}
+dmaap.source.topics.PDPD-CONFIGURATION.apiSecret=${envd:PDPD_CONFIGURATION_API_SECRET}
+dmaap.source.topics.PDPD-CONFIGURATION.consumerGroup=${envd:PDPD_CONFIGURATION_CONSUMER_GROUP}
+dmaap.source.topics.PDPD-CONFIGURATION.consumerInstance=${envd:PDPD_CONFIGURATION_CONSUMER_INSTANCE}
+dmaap.source.topics.PDPD-CONFIGURATION.managed=false
+dmaap.source.topics.PDPD-CONFIGURATION.https=true
+dmaap.source.topics.PDPD-CONFIGURATION.selfSignedCertificates=true
+
+http.server.services=SECURED-CONFIG
+
+http.server.services.SECURED-CONFIG.host=${envd:TELEMETRY_HOST}
+http.server.services.SECURED-CONFIG.port=9696
+http.server.services.SECURED-CONFIG.userName=${envd:TELEMETRY_USER}
+http.server.services.SECURED-CONFIG.password=${envd:TELEMETRY_PASSWORD}
+http.server.services.SECURED-CONFIG.restPackages=org.onap.policy.drools.server.restful
+http.server.services.SECURED-CONFIG.managed=false
+http.server.services.SECURED-CONFIG.swagger=true
+http.server.services.SECURED-CONFIG.https=true
+http.server.services.SECURED-CONFIG.aaf=${envd:AAF:false}
+http.server.services.SECURED-CONFIG.serialization.provider=org.onap.policy.common.gson.JacksonHandler,org.onap.policy.common.endpoints.http.server.YamlJacksonHandler
+
+aaf.namespace=${envd:AAF_NAMESPACE:false}
+aaf.root.permission=${envd:AAF_NAMESPACE:org.onap.policy}.pdpd
+
diff --git a/csit/config/drools-apps/custom/feature-lifecycle.properties b/csit/config/drools-apps/custom/feature-lifecycle.properties
new file mode 100644
index 00000000..2ce112ee
--- /dev/null
+++ b/csit/config/drools-apps/custom/feature-lifecycle.properties
@@ -0,0 +1,40 @@
+# ============LICENSE_START=======================================================
+# ONAP
+# ================================================================================
+# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+lifecycle.pdp.group=${envd:POLICY_PDP_PAP_GROUP:defaultGroup}
+lifecycle.pdp.type=${envd:POLICY_PDP_PAP_TYPE:drools}
+
+# Mandatory policy types that this PDP-D must support at a minimum
+lifecycle.pdp.policytypes=${envd:POLICY_PDP_PAP_POLICYTYPES}
+
+dmaap.source.topics=POLICY-PDP-PAP
+dmaap.sink.topics=POLICY-PDP-PAP
+
+dmaap.source.topics.POLICY-PDP-PAP.servers=${envd:DMAAP_SERVERS}
+dmaap.source.topics.POLICY-PDP-PAP.effectiveTopic=${envd:POLICY_PDP_PAP_TOPIC}
+dmaap.source.topics.POLICY-PDP-PAP.apiKey=${envd:POLICY_PDP_PAP_API_KEY}
+dmaap.source.topics.POLICY-PDP-PAP.apiSecret=${envd:POLICY_PDP_PAP_API_SECRET}
+dmaap.source.topics.POLICY-PDP-PAP.https=true
+dmaap.source.topics.POLICY-PDP-PAP.selfSignedCertificates=true
+
+dmaap.sink.topics.POLICY-PDP-PAP.servers=${envd:DMAAP_SERVERS}
+dmaap.sink.topics.POLICY-PDP-PAP.effectiveTopic=${envd:POLICY_PDP_PAP_TOPIC}
+dmaap.sink.topics.POLICY-PDP-PAP.apiKey=${envd:POLICY_PDP_PAP_API_KEY}
+dmaap.sink.topics.POLICY-PDP-PAP.apiSecret=${envd:POLICY_PDP_PAP_API_SECRET}
+dmaap.sink.topics.POLICY-PDP-PAP.https=true
+dmaap.sink.topics.POLICY-PDP-PAP.selfSignedCertificates=true
diff --git a/csit/config/sim-all/simParameters.json b/csit/config/sim-all/simParameters.json
index 4b009b6f..70e5a2e7 100644
--- a/csit/config/sim-all/simParameters.json
+++ b/csit/config/sim-all/simParameters.json
@@ -50,6 +50,7 @@
"servers": ["${HOST_NAME}"],
"topicCommInfrastructure": "DMAAP",
"useHttps": true,
+ "allowSelfSignedCerts": true,
"apiKey": "some-key",
"apiSecret": "some-secret"
},
@@ -58,6 +59,7 @@
"servers": ["${HOST_NAME}"],
"topicCommInfrastructure": "DMAAP",
"useHttps": true,
+ "allowSelfSignedCerts": true,
"apiKey": "some-key",
"apiSecret": "some-secret"
}
@@ -68,6 +70,7 @@
"servers": ["${HOST_NAME}"],
"topicCommInfrastructure": "DMAAP",
"useHttps": true,
+ "allowSelfSignedCerts": true,
"apiKey": "some-key",
"apiSecret": "some-secret"
},
@@ -76,6 +79,7 @@
"servers": ["${HOST_NAME}"],
"topicCommInfrastructure": "DMAAP",
"useHttps": true,
+ "allowSelfSignedCerts": true,
"apiKey": "some-key",
"apiSecret": "some-secret"
}
diff --git a/csit/config/xacml-pdp/defaultConfig.json b/csit/config/xacml-pdp/defaultConfig.json
index f489919a..6ffd8bc3 100644
--- a/csit/config/xacml-pdp/defaultConfig.json
+++ b/csit/config/xacml-pdp/defaultConfig.json
@@ -11,11 +11,12 @@
"aaf": false
},
"policyApiParameters": {
- "host": "policy-api",
+ "hostname": "policy-api",
"port": 6969,
"userName": "healthcheck",
"password": "zb!XztG34",
- "https": true,
+ "useHttps": true,
+ "allowSelfSignedCerts" : true,
"aaf": false
},
"applicationPath": "/opt/app/policy/pdpx/apps",
diff --git a/csit/docker-compose-all.yml b/csit/docker-compose-all.yml
index 394631d2..3ef64368 100644
--- a/csit/docker-compose-all.yml
+++ b/csit/docker-compose-all.yml
@@ -33,6 +33,7 @@ services:
hostname: policy.api.simpledemo.onap.org
volumes:
- ./config/sim-all:/opt/app/policy/simulators/etc/mounted:ro
+ - ./config/ks.jks:/opt/app/policy/simulators/etc/ssl/policy-keystore:ro
expose:
- 6666
- 6668
@@ -48,6 +49,7 @@ services:
expose:
- 6969
volumes:
+ - ./config/ks.jks:/opt/app/policy/api/etc/ssl/policy-keystore:ro
- ./wait_for_port.sh:/opt/app/policy/api/bin/wait_for_port.sh:ro
entrypoint: ./wait_for_port.sh
command: [
@@ -66,6 +68,7 @@ services:
- 6969
volumes:
- ./config/pap/defaultConfig.json:/opt/app/policy/pap/etc/defaultConfig.json:ro
+ - ./config/ks.jks:/opt/app/policy/pap/etc/ssl/policy-keystore:ro
- ./wait_for_port.sh:/opt/app/policy/pap/bin/wait_for_port.sh:ro
entrypoint: ./wait_for_port.sh
command: [
@@ -86,6 +89,7 @@ services:
- 6969
volumes:
- ./config/xacml-pdp/defaultConfig.json:/opt/app/policy/pdpx/etc/defaultConfig.json:ro
+ - ./config/ks.jks:/opt/app/policy/pdpx/etc/ssl/policy-keystore:ro
- ./wait_for_port.sh:/opt/app/policy/pdpx/bin/wait_for_port.sh:ro
entrypoint: ./wait_for_port.sh
command: [
@@ -130,6 +134,7 @@ services:
- 9696
volumes:
- ./config/drools-apps/custom:/tmp/policy-install/config:ro
+ - ./config/drools-apps/custom/feature-lifecycle.properties:/opt/app/policy/features/lifecycle/config/feature-lifecycle.properties:ro
- ./wait_for_port.sh:/opt/app/policy/bin/wait_for_port.sh:ro
env_file:
- config/drools-apps/env/base.conf
@@ -159,6 +164,7 @@ services:
- 23324
volumes:
- ./config/apex-pdp/OnapPfConfig.json:/opt/app/policy/apex-pdp/etc/onappf/config/OnapPfConfig.json:ro
+ - ./config/ks.jks:/opt/app/policy/apex-pdp/etc/ssl/policy-keystore:ro
- ./wait_for_port.sh:/opt/app/policy/bin/wait_for_port.sh:ro
entrypoint: /opt/app/policy/bin/wait_for_port.sh
command: [
@@ -178,6 +184,7 @@ services:
hostname: policy-distribution
volumes:
- ./config/distribution/defaultConfig.json:/opt/app/policy/distribution/etc/defaultConfig.json:ro
+ - ./config/ks.jks:/opt/app/policy/distribution/etc/ssl/policy-keystore:ro
- ../distribution/csit/config/temp/:/opt/app/policy/distribution/etc/temp/:ro
- ./wait_for_port.sh:/opt/app/policy/bin/wait_for_port.sh:ro
entrypoint: /opt/app/policy/bin/wait_for_port.sh
diff --git a/csit/gen_keystore.sh b/csit/gen_keystore.sh
new file mode 100755
index 00000000..d40ff68a
--- /dev/null
+++ b/csit/gen_keystore.sh
@@ -0,0 +1,38 @@
+#!/bin/bash
+#
+# ===========LICENSE_START====================================================
+# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
+# ============================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=====================================================
+#
+
+#
+# Generates a self-signed keystore for use by the various policy docker
+# images.
+#
+
+DIR="${0%/*}/config"
+DNSFILE="${DIR}/dns_keystore.txt"
+OUTFILE="${DIR}/ks.jks"
+
+dn="C=US, O=ONAP, OU=OSAAF, OU=policy@policy.onap.org:DEV, CN=policy"
+san=`paste -sd , "${DNSFILE}"`
+
+rm -f "$OUTFILE"
+
+keytool -genkeypair -alias "policy@policy.onap.org" -validity 30 \
+ -keyalg RSA -dname "$dn" -keystore "$OUTFILE" \
+ -keypass Pol1cy_0nap -storepass Pol1cy_0nap -ext "SAN=$san"
+
+chmod 644 "$OUTFILE"
diff --git a/csit/prepare-csit.sh b/csit/prepare-csit.sh
index 4ca2c416..4275841f 100755
--- a/csit/prepare-csit.sh
+++ b/csit/prepare-csit.sh
@@ -50,12 +50,3 @@ rm -rf ${ROBOT_VENV}/src/onap/testsuite
pip install --upgrade --extra-index-url="https://nexus3.onap.org/repository/PyPi.staging/simple" 'robotframework-onap==0.5.1.*' --pre
pip freeze
-
-# install chrome driver
-if [ ! -x ${ROBOT_VENV}/bin/chromedriver ]; then
- pushd ${ROBOT_VENV}/bin
- wget -N http://chromedriver.storage.googleapis.com/2.35/chromedriver_linux64.zip
- unzip chromedriver_linux64.zip
- chmod +x chromedriver
- popd
-fi
diff --git a/csit/run-project-csit.sh b/csit/run-project-csit.sh
index 8c020b12..c3d67d9e 100755
--- a/csit/run-project-csit.sh
+++ b/csit/run-project-csit.sh
@@ -181,6 +181,11 @@ cd "${WORKDIR}"
# Sign in to nexus3 docker repo
docker login -u docker -p docker nexus3.onap.org:10001
+# Generate keystore to be used by repos
+${SCRIPTS}/gen_keystore.sh
+cp ${SCRIPTS}/config/ks.jks ${SCRIPTS}/config/drools/custom/policy-keystore
+cp ${SCRIPTS}/config/ks.jks ${SCRIPTS}/config/drools-apps/custom/policy-keystore
+
# Run setup script plan if it exists
cd "${TESTPLANDIR}/csit/plans/"
SETUP="${TESTPLANDIR}/csit/plans/setup.sh"