diff options
-rw-r--r-- | csit/compose-grafana.yml | 1 | ||||
-rw-r--r-- | csit/config/clamp/application-smoke.properties | 197 | ||||
-rw-r--r-- | csit/config/clamp/gui/application.yaml | 43 | ||||
-rw-r--r-- | csit/config/clamp/org.onap.clamp.keyfile | 27 | ||||
-rw-r--r-- | csit/config/clamp/policy-clamp-create-tables.sql | 275 | ||||
-rwxr-xr-x | csit/config/db/db.sh | 4 | ||||
-rw-r--r-- | csit/docker-compose-all.yml | 1 | ||||
-rw-r--r-- | csit/docker-compose-gui-smoke.yml | 361 | ||||
-rw-r--r-- | csit/get-versions.sh | 3 | ||||
-rwxr-xr-x | csit/prepare-config-files.py | 2 | ||||
-rwxr-xr-x | csit/start-gui-smoke-components.sh | 29 | ||||
-rwxr-xr-x | csit/stop-gui-smoke.sh | 26 |
12 files changed, 968 insertions, 1 deletions
diff --git a/csit/compose-grafana.yml b/csit/compose-grafana.yml index 400593ab..e487a705 100644 --- a/csit/compose-grafana.yml +++ b/csit/compose-grafana.yml @@ -25,6 +25,7 @@ services: env_file: config/db/db.conf volumes: - ./config/db:/docker-entrypoint-initdb.d:ro + - ./config/clamp/policy-clamp-create-tables.sql:/tmp/policy-clamp-create-tables.sql expose: - 3306 policy-db-migrator: diff --git a/csit/config/clamp/application-smoke.properties b/csit/config/clamp/application-smoke.properties new file mode 100644 index 00000000..40578077 --- /dev/null +++ b/csit/config/clamp/application-smoke.properties @@ -0,0 +1,197 @@ +### +# ============LICENSE_START======================================================= +# ONAP POLICY-DOCKER +# ================================================================================ +# Copyright (C) 2022 Nordix Foundation. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END============================================ +# =================================================================== +# +### + +### Set the port for HTTP or HTTPS protocol (Controlled by Spring framework, only one at a time). +### (See below for the parameter 'server.http.port' if you want to have both enabled) +### To have only HTTP, keep the lines server.ssl.* commented +### To have only HTTPS enabled, uncomment the server.ssl.* lines and specify a right keystore location +### server.port=8080 +### Settings for HTTPS (this automatically enables the HTTPS on the port 'server.port') +#server.ssl.key-store=file:/tmp/mykey.jks +#server.ssl.key-store-password=pass +#server.ssl.key-password=pass + +### In order to be user friendly when HTTPS is enabled, +### you can add another HTTP port that will be automatically redirected to HTTPS +### by enabling this parameter (server.http.port) and set it to another port (80 or 8080, 8090, etc ...) +#server.http-to-https-redirection.port=8090 + +### HTTP Example: +###-------------- +### server.port=8080 + +### HTTPS Example: +### -------------- +### server.port=8443 +server.ssl.key-store=file:/opt/policy/clamp/policy-keystore +server.ssl.key-store-password=enc:qWxBtY7w9h5Hl72vQKgI5G1qqyRIuBarQqMkVDHqZmd +server.ssl.key-password=enc:qWxBtY7w9h5Hl72vQKgI5G1qqyRIuBarQqMkVDHqZmd +server.ssl.key-store-type=jks +server.port=8443 +## Config part for Server certificates +# Can be a classpath parameter instead of file:/ +#server.ssl.key-store=classpath:/clds/aaf/org.onap.clamp.p12 +#server.ssl.key-store-password=enc:YZs7M6IftyPjHniTa6J7G2416hssb8qI-Av8D1b8pPS +#server.ssl.key-password=enc:YZs7M6IftyPjHniTa6J7G2416hssb8qI-Av8D1b8pPS + +## Config part for Client certificates +server.ssl.client-auth=want +#server.ssl.trust-store=classpath:/clds/aaf/truststoreONAPall.jks +#server.ssl.trust-store-password=enc:iDnPBBLq_EMidXlMa1FEuBR8TZzYxrCg66vq_XfLHdJ +server.ssl.trust-store=file:/opt/policy/clamp/policy-truststore +server.ssl.trust-store-password=enc:qWxBtY7w9h5Hl72vQKgI5G1qqyRIuBarQqMkVDHqZmd + +# The key file used to decode the key store and trust store password +# If not defined, the key store and trust store password will not be decrypted +#clamp.config.keyFile=classpath:/clds/aaf/org.onap.clamp.keyfile +clamp.config.keyFile=file:/opt/policy/clamp/clamp-be-keyfile + +#server.http-to-https-redirection.port=8080 + +server.servlet.context-path=/ +#Modified engine-rest applicationpath +spring.profiles.active=clamp-default,clamp-default-user,clamp-sdc-controller,clamp-ssl-config,clamp-policy-controller,default-dictionary-elements +spring.http.converters.preferred-json-mapper=gson + +#The max number of active threads in this pool +server.tomcat.max-threads=200 +#The minimum number of threads always kept alive +server.tomcat.min-Spare-Threads=25 +#The number of milliseconds before an idle thread shutsdown, unless the number of active threads are less or equal to minSpareThreads +server.tomcat.max-idle-time=60000 + +#Servlet context parameters +server.context_parameters.p-name=value #context parameter with p-name as key and value as value. + +camel.springboot.consumer-template-cache-size=1000 +camel.springboot.producer-template-cache-size=1000 +camel.springboot.jmx-enabled=true +camel.defaultthreadpool.poolsize=10 +camel.defaultthreadpool.maxpoolsize=20 +camel.defaultthreadpool.maxqueuesize=1000 +camel.defaultthreadpool.keepaliveTime=60 +camel.defaultthreadpool.rejectpolicy=CallerRuns +camel.springboot.xml-routes=classpath:/clds/camel/routes/*.xml +camel.springboot.xml-rests=classpath:/clds/camel/rest/*.xml +camel.springboot.backlog-tracing=true +camel.springboot.tracing=true + +#clds datasource connection details +spring.datasource.driverClassName=org.mariadb.jdbc.Driver +spring.datasource.url=jdbc:mariadb:sequential://${MARIADB_HOST}:3306/policyclamp?autoReconnect=true&connectTimeout=10000&socketTimeout=10000&retriesAllDown=3 +spring.datasource.username=policy_user +spring.datasource.password=policy_user +spring.datasource.validationQuery=SELECT 1 +spring.datasource.validationQueryTimeout=20000 +spring.datasource.validationInterval=30000 +spring.datasource.testWhileIdle = true +spring.datasource.minIdle = 0 +spring.datasource.initialSize=0 +# Automatically test whether a connection provided is good or not +spring.datasource.testOnBorrow=true +spring.datasource.ignoreExceptionOnPreLoad=true +# control the sql db initialization (from schema.sql and data.sql) +spring.datasource..initialize=false + +spring.jpa.properties.javax.persistence.schema-generation.database.action=none +s#pring.jpa.properties.javax.persistence.schema-generation.create-source=metadata +#spring.jpa.properties.javax.persistence.schema-generation.scripts.action=create +#spring.jpa.properties.javax.persistence.schema-generation.scripts.create-target=create.sql +# disable Hibernate DDL generation because the schema will be generated from a sql script +spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQL5InnoDBDialect +spring.jpa.properties.hibernate.ddl-auto=validate +spring.jpa.properties.hibernate.hbm2ddl.delimiter=; +spring.jpa.properties.hibernate.format_sql=true +spring.jpa.properties.hibernate.use-new-id-generator-mappings=true + +# Whether to enable logging of SQL statements. +#spring.jpa.show-sql=true + +#Async Executor default Parameters +async.core.pool.size=10 +async.max.pool.size=20 +async.queue.capacity=500 + +#For logback file +#clamp.config.logback.path= +clamp.config.logback.filename=logback-default.xml +#The log folder that will be used in logback.xml file +clamp.config.log.path=/var/log/onap/clamp +clamp.config.files.systemProperties=classpath:/system.properties +clamp.config.files.cldsUsers=classpath:/clds/clds-users.json +clamp.config.files.globalProperties=classpath:/clds/templates/globalProperties.json +clamp.config.files.sdcController=classpath:/clds/sdc-controllers-config.json + +clamp.config.httpclient.socketTimeout=60000 +clamp.config.httpclient.connectTimeout=10000 + +# +# Configuration Settings for Policy Engine Components +clamp.config.policy.api.url={{PROTOCOL}}${POLICY_API_HOST}:6969 +clamp.config.policy.api.userName=policyadmin +clamp.config.policy.api.password=zb!XztG34 +clamp.config.policy.pap.url={{PROTOCOL}}${POLICY_PAP_HOST}:6969 +clamp.config.policy.pap.userName=policyadmin +clamp.config.policy.pap.password=zb!XztG34 + +# +# Sdc service properties +clamp.config.sdc.csarFolder = /tmp/sdc-controllers + +#DCAE Inventory Url Properties +clamp.config.dcae.inventory.url={{PROTOCOL}}localhost:8085 +clamp.config.dcae.intentory.retry.interval=10000 +clamp.config.dcae.intentory.retry.limit=5 + +#DCAE Deployment Url Properties +clamp.config.dcae.deployment.url={{PROTOCOL}}localhost:8085 +clamp.config.dcae.deployment.userName=test +clamp.config.dcae.deployment.password=test + +#Define user permission related parameters, the permission type can be changed but MUST be redefined in clds-users.properties in that case ! +clamp.config.security.permission.type.cl=org.onap.clamp.clds.cl +clamp.config.security.permission.type.cl.manage=org.onap.clamp.clds.cl.manage +clamp.config.security.permission.type.cl.event=org.onap.clamp.clds.cl.event +clamp.config.security.permission.type.filter.vf=org.onap.clamp.clds.filter.vf +clamp.config.security.permission.type.template=org.onap.clamp.clds.template +clamp.config.security.permission.type.tosca=org.onap.clamp.clds.tosca +clamp.config.security.permission.type.policies=org.onap.clamp.clds.policies +#This one indicates the type of instances (dev|prod|perf...), this must be set accordingly in clds-users.properties +clamp.config.security.permission.instance=dev +clamp.config.security.authentication.class=org.onap.aaf.cadi.principal.X509Principal, org.onap.aaf.cadi.principal.CachedBasicPrincipal + +## Tosca converter +clamp.config.tosca.converter.json.schema.templates=classpath:/clds/tosca-converter/templates.json +clamp.config.tosca.converter.default.datatypes=classpath:/clds/tosca-converter/default-tosca-types.yaml +clamp.config.tosca.converter.dictionary.support.enabled=true + +# Configuration settings for CDS +clamp.config.cds.url={{PROTOCOL}}cds-blueprints-processor-http:8080 +clamp.config.cds.userName=ccsdkapps +clamp.config.cds.password=ccsdkapps + +# Configuration settings for ControlLoop Runtime Rest API +clamp.config.acm.runtime.url={{PROTOCOL}}${RUNTIME_HOST}:6969 +clamp.config.acm.runtime.userName=runtimeUser +clamp.config.acm.runtime.password=zb!XztG34 diff --git a/csit/config/clamp/gui/application.yaml b/csit/config/clamp/gui/application.yaml new file mode 100644 index 00000000..a0a6c224 --- /dev/null +++ b/csit/config/clamp/gui/application.yaml @@ -0,0 +1,43 @@ +# +# ===========LICENSE_START==================================================== +# Copyright (C) 2022 Nordix Foundation. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END===================================================== +# +server: + port: 2443 + ssl: + enabled: {{HTTPS_ENABLED}} + enabled-protocols: TLSv1.2 + client-auth: want + key-store: file:${KEYSTORE} + key-store-password: ${KEYSTORE_PASSWD} + trust-store: file:${TRUSTSTORE} + trust-store-password: ${TRUSTSTORE_PASSWD} + +clamp: + url: https://policy-clamp-be:8443 + disable-ssl-validation: false + disable-ssl-hostname-check: true + +apex-editor: + upload-url: + upload-userid: + +management: + endpoints: + web: + exposure: + include: health, metrics, prometheus + diff --git a/csit/config/clamp/org.onap.clamp.keyfile b/csit/config/clamp/org.onap.clamp.keyfile new file mode 100644 index 00000000..c2521fc8 --- /dev/null +++ b/csit/config/clamp/org.onap.clamp.keyfile @@ -0,0 +1,27 @@ +kzJMxgphAoBxJz1_vYjxx-V87fahDQdYUqBIyWhZp8ojXdNpmB-96T9CvgJScJynbLcqw2Cj2CYx +wd97vFOYhlyz5zK3tSyIuydOkVGJsJ1S4PviTtjhiJvNourJNDHgtas1Y1y2fQ5_8aVxj-s4W72N +MNYhkeTinaQx_d_5hkBPABJlgCxKLnmxHo2jAJktnZYa5t5h48m7KiUx_RVEkQVtEvux-7vgXaC4 +ymTXj6zI9XoMTVxM0OAl4y7kBiUoOUaxS4tVKV34RJYNNqBjiUTQa_ag-KeUacRABk1ozfwzpvE5 +Sjz8WCy0L-LtCQnapkhKLt04ndCZtw8LDJ-Zz0ZgR2PVIPpTgs9VnVuOi5jf4LzTrtUatvOWkKB9 +drXKzp6cNXnZ0jkD3vV1BzqzhynKnZR2o_ilZv5CTTdpGUt906N_DwZuX6LfcV_7yvjX42bTfeIR +ycPtodFPXlqqn9VUyh5nOauJlnOHAQmSDzjMEgjy17nQX3Ad7s4BfvujzUl-d0MqB_HCKbaW32UT +xcY-0JfI1Y-2IdYfIkUdhVmxop6sSg0jAobWzgCRoRQkP3a2iIlKdfMyskshoWKIDVtlr-3fkDEb +x_b_o1rRoUfzUzxEdphaUAq80Sc0i77ZLT3KF9vJOhyU_pBnApYFxVk7Hkk3VRxJKS7jyL4H7k1x +2m5-2G8fB9XbYZT82xmAquNx4oBdpwj3_ncGF9YRF94K6NZgqemT5iWhpXMoelSU1blASgT3qlTm +B6YgbD5owExNHwRVd8KeRsYrOnBWUiktsIhXFhNZmDUNWMFGQ2KxEcOt1tJwsQDehJFgY_l1JQ0d +643wJ7rTJkGkYX309cydRQUX4Z0ckSQS9LhMd9stxF5XOHlvHdbW0pXNS7SaLbzKCVldUgncvI6z +KWkwrWbftrZK2RT1UZKNngQDMGOk9OhbHAs7YzhFNFARZoRNobIv5tZVDomy-YgJb9-mD1UTkRBL +WXOyoryDlgKrgFsgHclGDI1UFO5N-JfebPKxbP505f4924hxF2r8bspvVW8ZtHQo_SJmhauOX8n_ +eN_LK43LB9k53WAHZ_utvs0s6wGf7I73oj_N7DIFaHTDSm_MhDsFDLVG_wUzCpZ5FP2uL3nnqMkF +Ob-l1fywfmfOmrz1BY6g4sRPPeWXuclYTnRnDRu5VQyc7_aBEVkyt3zw0JEex0vJNFUJl3pYjS55 +GplAB6p7VbS9ceZEtc5Z3qFIVHEzKWZxT190E23t_LlMuEoQ1zaqdHynNaMs61-q_A2aHRiTqlRm +7FahVB3RX4AVLl23mu4u3A9ZDXc40nzjs9mwOVsuKlPvQ2rteDUG1njr2R1_V_MyQuoJjdfbIkPG +4eF0QzlSMdbkeprdQxSfV5YT-yPpkBxSsCMMM43sKm4Hy7_CUdvp4Iayrp3vtK3oYMuCGi6qTadz +KzxfTf8meKan3eMZW4RLByyniH5nQnX_KGfBly05AmFyVH_j0fyOg-48kDhtEKeqmDnP4C01jOID +Ip_AKaB6e0GwsHzVTLZOklHwu_qzsaTzchBOG_dJJju7bxY7qv78Pa92wZIP311gSCVbc-gxxbsR +qI555twmYEoasFm4xz10OYDOkvM1E1Rtxu3ymRLZpe6AoyFBVzEW7Dncdw7O98dKcgrp8ZlQ_8Wg +5zZH0Cic7xnIZ0bNZyQXw56CSUiXVWuwVY3e0djXP3F-FO5gP8VTxbpW4C0t6McXAOlvSEfFKxN7 +u6OBeOKwjrtHaJk2ghF8MUcpDXanhbAgHez9larGlscCkgvoRLNaRH9GIdSVgY3HtNhJRaJIq01S +OGeBjC5J4o-nTrqRFkwyDAYcPL373eYX1dBFFVHR-4q50H9m_zMxZHXETafxzV4DT3Qi8Sxh3uaS +ZX7mRaNaOE0uC1n87_IZ9WhrwIQaZng2lnd9yZ-4rx8fB8WA8KQzifzvHAcMb_HV10JWGaz5A2Rm +EXDsfexQC6CqYg5rdzzlNWDPNlHy5ubyz7fRXZ99uIwBY9aJcvCXCiEXJkC6utj3NcXQrJmk
\ No newline at end of file diff --git a/csit/config/clamp/policy-clamp-create-tables.sql b/csit/config/clamp/policy-clamp-create-tables.sql new file mode 100644 index 00000000..5d655ad5 --- /dev/null +++ b/csit/config/clamp/policy-clamp-create-tables.sql @@ -0,0 +1,275 @@ +/* + * ============LICENSE_START======================================================= + * Copyright (C) 2022 Nordix Foundation + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +create table if not exists dictionary ( + name varchar(255) not null, + created_by varchar(255), + created_timestamp datetime(6) not null, + updated_by varchar(255), + updated_timestamp datetime(6) not null, + dictionary_second_level integer, + dictionary_type varchar(255), + primary key (name) + ) engine=InnoDB; + +create table if not exists dictionary_elements ( + short_name varchar(255) not null, + created_by varchar(255), + created_timestamp datetime(6) not null, + updated_by varchar(255), + updated_timestamp datetime(6) not null, + description varchar(255) not null, + name varchar(255) not null, + subdictionary_name varchar(255), + type varchar(255) not null, + primary key (short_name) + ) engine=InnoDB; + +create table if not exists dictionary_to_dictionaryelements ( + dictionary_name varchar(255) not null, + dictionary_element_short_name varchar(255) not null, + primary key (dictionary_name, dictionary_element_short_name) + ) engine=InnoDB; + +create table if not exists hibernate_sequence ( + next_val bigint +) engine=InnoDB; + +insert into hibernate_sequence values ( 1 ); + +create table if not exists loop_element_models ( + name varchar(255) not null, + created_by varchar(255), + created_timestamp datetime(6) not null, + updated_by varchar(255), + updated_timestamp datetime(6) not null, + blueprint_yaml MEDIUMTEXT, + dcae_blueprint_id varchar(255), + loop_element_type varchar(255) not null, + short_name varchar(255), + primary key (name) + ) engine=InnoDB; + +create table if not exists loop_logs ( + id bigint not null, + log_component varchar(255) not null, + log_instant datetime(6) not null, + log_type varchar(255) not null, + message MEDIUMTEXT not null, + loop_id varchar(255) not null, + primary key (id) + ) engine=InnoDB; + +create table if not exists loop_templates ( + name varchar(255) not null, + created_by varchar(255), + created_timestamp datetime(6) not null, + updated_by varchar(255), + updated_timestamp datetime(6) not null, + allowed_loop_type varchar(255), + blueprint_yaml MEDIUMTEXT, + dcae_blueprint_id varchar(255), + maximum_instances_allowed integer, + svg_representation MEDIUMTEXT, + unique_blueprint boolean default false, + service_uuid varchar(255), + primary key (name) + ) engine=InnoDB; + +create table if not exists loopelementmodels_to_policymodels ( + loop_element_name varchar(255) not null, + policy_model_type varchar(255) not null, + policy_model_version varchar(255) not null, + primary key (loop_element_name, policy_model_type, policy_model_version) + ) engine=InnoDB; + +create table if not exists loops ( + name varchar(255) not null, + created_by varchar(255), + created_timestamp datetime(6) not null, + updated_by varchar(255), + updated_timestamp datetime(6) not null, + dcae_deployment_id varchar(255), + dcae_deployment_status_url varchar(255), + global_properties_json json, + last_computed_state varchar(255) not null, + svg_representation MEDIUMTEXT, + loop_template_name varchar(255) not null, + service_uuid varchar(255), + primary key (name) + ) engine=InnoDB; + +create table if not exists loops_to_microservicepolicies ( + loop_name varchar(255) not null, + microservicepolicy_name varchar(255) not null, + primary key (loop_name, microservicepolicy_name) + ) engine=InnoDB; + +create table if not exists looptemplates_to_loopelementmodels ( + loop_element_model_name varchar(255) not null, + loop_template_name varchar(255) not null, + flow_order integer not null, + primary key (loop_element_model_name, loop_template_name) + ) engine=InnoDB; + +create table if not exists micro_service_policies ( + name varchar(255) not null, + created_by varchar(255), + created_timestamp datetime(6) not null, + updated_by varchar(255), + updated_timestamp datetime(6) not null, + configurations_json json, + json_representation json not null, + pdp_group varchar(255), + pdp_sub_group varchar(255), + context varchar(255), + dcae_blueprint_id varchar(255), + dcae_deployment_id varchar(255), + dcae_deployment_status_url varchar(255), + device_type_scope varchar(255), + shared bit not null, + loop_element_model_id varchar(255), + policy_model_type varchar(255), + policy_model_version varchar(255), + primary key (name) + ) engine=InnoDB; + +create table if not exists operational_policies ( + name varchar(255) not null, + created_by varchar(255), + created_timestamp datetime(6) not null, + updated_by varchar(255), + updated_timestamp datetime(6) not null, + configurations_json json, + json_representation json not null, + pdp_group varchar(255), + pdp_sub_group varchar(255), + loop_element_model_id varchar(255), + policy_model_type varchar(255), + policy_model_version varchar(255), + loop_id varchar(255) not null, + primary key (name) + ) engine=InnoDB; + +create table if not exists policy_models ( + policy_model_type varchar(255) not null, + version varchar(255) not null, + created_by varchar(255), + created_timestamp datetime(6) not null, + updated_by varchar(255), + updated_timestamp datetime(6) not null, + policy_acronym varchar(255), + policy_tosca MEDIUMTEXT, + policy_pdp_group json, + primary key (policy_model_type, version) + ) engine=InnoDB; + +create table if not exists services ( + service_uuid varchar(255) not null, + name varchar(255) not null, + resource_details json, + service_details json, + version varchar(255), + primary key (service_uuid) + ) engine=InnoDB; + +alter table dictionary_to_dictionaryelements + add constraint FK68hjjinnm8nte2owstd0xwp23 + foreign key (dictionary_element_short_name) + references dictionary_elements (short_name); + +alter table dictionary_to_dictionaryelements + add constraint FKtqfxg46gsxwlm2gkl6ne3cxfe + foreign key (dictionary_name) + references dictionary (name); + +alter table loop_logs + add constraint FK1j0cda46aickcaoxqoo34khg2 + foreign key (loop_id) + references loops (name); + +alter table loop_templates + add constraint FKn692dk6281wvp1o95074uacn6 + foreign key (service_uuid) + references services (service_uuid); + +alter table loopelementmodels_to_policymodels + add constraint FK23j2q74v6kaexefy0tdabsnda + foreign key (policy_model_type, policy_model_version) + references policy_models (policy_model_type, version); + +alter table loopelementmodels_to_policymodels + add constraint FKjag1iu0olojfwryfkvb5o0rk5 + foreign key (loop_element_name) + references loop_element_models (name); + +alter table loops + add constraint FK844uwy82wt0l66jljkjqembpj + foreign key (loop_template_name) + references loop_templates (name); + +alter table loops + add constraint FK4b9wnqopxogwek014i1shqw7w + foreign key (service_uuid) + references services (service_uuid); + +alter table loops_to_microservicepolicies + add constraint FKle255jmi7b065fwbvmwbiehtb + foreign key (microservicepolicy_name) + references micro_service_policies (name); + +alter table loops_to_microservicepolicies + add constraint FK8avfqaf7xl71l7sn7a5eri68d + foreign key (loop_name) + references loops (name); + +alter table looptemplates_to_loopelementmodels + add constraint FK1k7nbrbugvqa0xfxkq3cj1yn9 + foreign key (loop_element_model_name) + references loop_element_models (name); + +alter table looptemplates_to_loopelementmodels + add constraint FKj29yxyw0x7ue6mwgi6d3qg748 + foreign key (loop_template_name) + references loop_templates (name); + +alter table micro_service_policies + add constraint FKqvvdypacbww07fuv8xvlvdjgl + foreign key (loop_element_model_id) + references loop_element_models (name); + +alter table micro_service_policies + add constraint FKn17j9ufmyhqicb6cvr1dbjvkt + foreign key (policy_model_type, policy_model_version) + references policy_models (policy_model_type, version); + +alter table operational_policies + add constraint FKi9kh7my40737xeuaye9xwbnko + foreign key (loop_element_model_id) + references loop_element_models (name); + +alter table operational_policies + add constraint FKlsyhfkoqvkwj78ofepxhoctip + foreign key (policy_model_type, policy_model_version) + references policy_models (policy_model_type, version); + +alter table operational_policies + add constraint FK1ddoggk9ni2bnqighv6ecmuwu + foreign key (loop_id) + references loops (name); diff --git a/csit/config/db/db.sh b/csit/config/db/db.sh index d1300091..0363ed8a 100755 --- a/csit/config/db/db.sh +++ b/csit/config/db/db.sh @@ -1,5 +1,6 @@ #!/bin/bash -xv # Copyright 2019,2021 AT&T Intellectual Property. All rights reserved +# Modifications Copyright (c) 2022 Nordix Foundation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,10 +14,11 @@ # See the License for the specific language governing permissions and # limitations under the License. -for db in migration pooling policyadmin operationshistory clampacm +for db in migration pooling policyadmin operationshistory clampacm policyclamp do mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "CREATE DATABASE IF NOT EXISTS ${db};" mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "GRANT ALL PRIVILEGES ON \`${db}\`.* TO '${MYSQL_USER}'@'%' ;" done mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "FLUSH PRIVILEGES;" +mysql -u"${MYSQL_USER}" -p"${MYSQL_PASSWORD}" -f policyclamp < /tmp/policy-clamp-create-tables.sql diff --git a/csit/docker-compose-all.yml b/csit/docker-compose-all.yml index c3df6aa8..3a76de59 100644 --- a/csit/docker-compose-all.yml +++ b/csit/docker-compose-all.yml @@ -27,6 +27,7 @@ services: env_file: config/db/db.conf volumes: - ./config/db:/docker-entrypoint-initdb.d:ro + - ./config/clamp/policy-clamp-create-tables.sql:/tmp/policy-clamp-create-tables.sql expose: - 3306 policy-db-migrator: diff --git a/csit/docker-compose-gui-smoke.yml b/csit/docker-compose-gui-smoke.yml new file mode 100644 index 00000000..3951cb2f --- /dev/null +++ b/csit/docker-compose-gui-smoke.yml @@ -0,0 +1,361 @@ +# +# ===========LICENSE_START==================================================== +# Copyright (C) 2022 Nordix Foundation. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END===================================================== +# +version: '2' +services: + mariadb: + image: nexus3.onap.org:10001/mariadb:${POLICY_MARIADB_VER} + container_name: mariadb + hostname: mariadb + command: ['--lower-case-table-names=1', '--wait_timeout=28800'] + env_file: ./config/db/db.conf + volumes: + - ./config/clamp/policy-clamp-create-tables.sql:/tmp/policy-clamp-create-tables.sql + - ./config/db:/docker-entrypoint-initdb.d:ro + ports: + - "3306:3306" + policy-db-migrator: + image: nexus3.onap.org:10001/onap/policy-db-migrator:${POLICY_DOCKER_VERSION} + container_name: policy-db-migrator + hostname: policy-db-migrator + depends_on: + - mariadb + expose: + - 6824 + env_file: ./config/db/db.conf + environment: + SQL_DB: policyadmin + SQL_HOST: mariadb + volumes: + - ./db_migrator_policy_init.sh:/opt/app/policy/bin/db_migrator_policy_init.sh:ro + - ./wait_for_port.sh:/opt/app/policy/bin/wait_for_port.sh:ro + entrypoint: /opt/app/policy/bin/wait_for_port.sh + command: [ + '-c', + '/opt/app/policy/bin/db_migrator_policy_init.sh', + 'mariadb', '3306' + ] + simulator: + image: nexus3.onap.org:10001/onap/policy-models-simulator:${POLICY_MODELS_VERSION} + container_name: simulator + hostname: simulator + networks: + default: + aliases: + - message-router + - aai-sim + - grpc-sim + - sdnc-sim + - so-sim + - vfc-sim + volumes: + - ./config/sim-all:/opt/app/policy/simulators/etc/mounted:ro + - ./config/ks.jks:/opt/app/policy/simulators/etc/ssl/policy-keystore:ro + - ./config/policy-truststore:/opt/app/policy/simulators/etc/ssl/policy-truststore:ro + expose: + - 6666 + - 6668 + - 6669 + - 6670 + - 3905 + - 6680 + api: + image: nexus3.onap.org:10001/onap/policy-api:${POLICY_API_VERSION} + container_name: policy-api + depends_on: + - policy-db-migrator + hostname: policy-api + expose: + - 6969 + volumes: + - ./config/ks.jks:/opt/app/policy/api/etc/ssl/policy-keystore:ro + - ./config/policy-truststore:/opt/app/policy/api/etc/ssl/policy-truststore:ro + - ./wait_for_port.sh:/opt/app/policy/api/bin/wait_for_port.sh:ro + entrypoint: ./wait_for_port.sh + command: [ + '-c', './policy-api.sh', + 'mariadb', '3306', + 'policy-db-migrator', '6824' + ] + pap: + image: nexus3.onap.org:10001/onap/policy-pap:${POLICY_PAP_VERSION} + container_name: policy-pap + depends_on: + - mariadb + - simulator + - api + hostname: policy-pap + expose: + - 6969 + volumes: + - ./config/pap/papParameters.yaml:/opt/app/policy/pap/etc/papParameters.yaml:ro + - ./config/pap/groups.json:/opt/app/policy/pap/etc/mounted/groups.json:ro + - ./config/ks.jks:/opt/app/policy/pap/etc/ssl/policy-keystore:ro + - ./config/policy-truststore:/opt/app/policy/pap/etc/ssl/policy-truststore:ro + - ./wait_for_port.sh:/opt/app/policy/pap/bin/wait_for_port.sh:ro + entrypoint: ./wait_for_port.sh + command: [ + '-c', './policy-pap.sh', + 'mariadb', '3306', + 'message-router', '3905', + 'api', '6969' + ] + xacml-pdp: + image: nexus3.onap.org:10001/onap/policy-xacml-pdp:${POLICY_XACML_PDP_VERSION} + container_name: policy-xacml-pdp + depends_on: + - mariadb + - simulator + - pap + hostname: policy-xacml-pdp + expose: + - 6969 + volumes: + - ./config/xacml-pdp/defaultConfig.json:/opt/app/policy/pdpx/etc/defaultConfig.json:ro + - ./config/ks.jks:/opt/app/policy/pdpx/etc/ssl/policy-keystore:ro + - ./config/policy-truststore:/opt/app/policy/pdpx/etc/ssl/policy-truststore:ro + - ./wait_for_port.sh:/opt/app/policy/pdpx/bin/wait_for_port.sh:ro + entrypoint: ./wait_for_port.sh + command: [ + '-c', './policy-pdpx.sh', + 'mariadb', '3306', + 'message-router', '3905', + 'pap', '6969' + ] + drools: + image: nexus3.onap.org:10001/onap/policy-drools:${POLICY_DROOLS_VERSION} + container_name: drools + depends_on: + - mariadb + - simulator + - pap + hostname: drools + expose: + - 6969 + - 9696 + volumes: + - ./config/drools/custom:/tmp/policy-install/config:ro + - ./wait_for_port.sh:/opt/app/policy/bin/wait_for_port.sh:ro + env_file: + - ./config/drools/env/base.conf + entrypoint: /opt/app/policy/bin/wait_for_port.sh + command: [ + '-c', '/opt/app/policy/bin/pdpd-entrypoint.sh boot', + 'mariadb', '3306', + 'message-router', '3905' + ] + drools-apps: + image: nexus3.onap.org:10001/onap/policy-pdpd-cl:${POLICY_DROOLS_APPS_VERSION} + container_name: drools-apps + depends_on: + - mariadb + - simulator + - pap + - xacml-pdp + hostname: drools-apps + expose: + - 6969 + - 9696 + volumes: + - ./config/drools-apps/custom:/tmp/policy-install/config:ro + - ./config/feature-lifecycle.properties:/opt/app/policy/features/lifecycle/config/feature-lifecycle.properties:ro + - ./wait_for_port.sh:/opt/app/policy/bin/wait_for_port.sh:ro + env_file: + - ./config/drools-apps/env/base.conf + - ./config/drools-apps/env/feature-healthcheck.conf + - ./config/drools-apps/env/feature-pooling-dmaap.conf + entrypoint: /opt/app/policy/bin/wait_for_port.sh + command: [ + '-c', '/opt/app/policy/bin/pdpd-cl-entrypoint.sh boot', + 'mariadb', '3306', + 'message-router', '3905', + 'pap', '6969', + 'aai-sim', '6666', + 'sdnc-sim', '6668', + 'so-sim', '6669', + 'vfc-sim', '6670' + ] + apex-pdp: + image: nexus3.onap.org:10001/onap/policy-apex-pdp:${POLICY_APEX_PDP_VERSION} + container_name: policy-apex-pdp + depends_on: + - mariadb + - simulator + - pap + hostname: policy-apex-pdp + expose: + - 6969 + - 23324 + volumes: + - ./config/apex-pdp/OnapPfConfig.json:/opt/app/policy/apex-pdp/etc/onappf/config/OnapPfConfig.json:ro + - ./config/ks.jks:/opt/app/policy/apex-pdp/etc/ssl/policy-keystore:ro + - ./config/policy-truststore:/opt/app/policy/apex-pdp/etc/ssl/policy-truststore:ro + - ./wait_for_port.sh:/opt/app/policy/bin/wait_for_port.sh:ro + entrypoint: /opt/app/policy/bin/wait_for_port.sh + command: [ + '-c', '/opt/app/policy/apex-pdp/bin/apexOnapPf.sh -c /opt/app/policy/apex-pdp/etc/onappf/config/OnapPfConfig.json', + 'mariadb', '3306', + 'message-router', '3905', + 'pap', '6969' + ] + distribution: + image: nexus3.onap.org:10001/onap/policy-distribution:${POLICY_DISTRIBUTION_VERSION} + container_name: policy-distribution + depends_on: + - mariadb + - api + - pap + - apex-pdp + hostname: policy-distribution + volumes: + - ./config/distribution/defaultConfig.json:/opt/app/policy/distribution/etc/defaultConfig.json:ro + - ./config/ks.jks:/opt/app/policy/distribution/etc/ssl/policy-keystore:ro + - ./config/policy-truststore:/opt/app/policy/distribution/etc/ssl/policy-truststore:ro + - ./distribution/config/temp/:/opt/app/policy/distribution/etc/temp/:ro + - ./wait_for_port.sh:/opt/app/policy/bin/wait_for_port.sh:ro + entrypoint: /opt/app/policy/bin/wait_for_port.sh + command: [ + '-c', './policy-dist.sh', + 'mariadb', '3306', + 'message-router', '3905', + 'pap', '6969', + 'apex-pdp', '6969' + ] + policy-clamp-runtime-acm: + image: nexus3.onap.org:10001/onap/policy-clamp-runtime-acm:${POLICY_CLAMP_VERSION} + container_name: policy-clamp-runtime-acm + depends_on: + - mariadb + - simulator + - policy-clamp-ac-http-ppnt + - policy-clamp-ac-k8s-ppnt + - policy-clamp-ac-pf-ppnt + hostname: policy-clamp-runtime-acm + expose: + - 6969 + volumes: + - ./config/policy-truststore:/opt/app/policy/clamp/etc/ssl/policy-truststore:ro + - ./wait_for_port.sh:/opt/app/policy/bin/wait_for_port.sh:ro + - ./config/ks.jks:/opt/app/policy/clamp/etc/ssl/policy-keystore:ro + - ./config/clamp/AcRuntimeParameters.yaml:/opt/app/policy/clamp/config/AcRuntimeParameters.yaml + entrypoint: /opt/app/policy/bin/wait_for_port.sh + command: [ + '-c', './acm-runtime.sh', + 'message-router', '3905' + ] + policy-clamp-ac-http-ppnt: + image: nexus3.onap.org:10001/onap/policy-clamp-ac-http-ppnt:${POLICY_CLAMP_VERSION} + container_name: policy-clamp-ac-http-ppnt + depends_on: + - simulator + hostname: policy-clamp-ac-http-ppnt + expose: + - 6971 + volumes: + - ./config/policy-truststore:/opt/app/policy/clamp/etc/ssl/policy-truststore:ro + - ./wait_for_port.sh:/opt/app/policy/bin/wait_for_port.sh:ro + - ./config/ks.jks:/opt/app/policy/clamp/etc/ssl/policy-keystore:ro + entrypoint: /opt/app/policy/bin/wait_for_port.sh + command: [ + '-c', './http-participant.sh', + 'message-router', '3905' + ] + policy-clamp-ac-k8s-ppnt: + image: nexus3.onap.org:10001/onap/policy-clamp-ac-k8s-ppnt:${POLICY_CLAMP_VERSION} + container_name: policy-clamp-ac-k8s-ppnt + depends_on: + - simulator + hostname: policy-clamp-ac-k8s-ppnt + expose: + - 6972 + volumes: + - ./config/policy-truststore:/opt/app/policy/clamp/etc/ssl/policy-truststore:ro + - ./wait_for_port.sh:/opt/app/policy/bin/wait_for_port.sh:ro + - ./config/ks.jks:/opt/app/policy/clamp/etc/ssl/policy-keystore:ro + entrypoint: /opt/app/policy/bin/wait_for_port.sh + command: [ + '-c', './kubernetes-participant.sh', + 'message-router', '3905' + ] + policy-clamp-ac-pf-ppnt: + image: nexus3.onap.org:10001/onap/policy-clamp-ac-pf-ppnt:${POLICY_CLAMP_VERSION} + container_name: policy-clamp-ac-pf-ppnt + depends_on: + - simulator + - api + hostname: policy-clamp-ac-pf-ppnt + expose: + - 6973 + volumes: + - ./config/policy-truststore:/opt/app/policy/clamp/etc/ssl/policy-truststore:ro + - ./wait_for_port.sh:/opt/app/policy/bin/wait_for_port.sh:ro + - ./config/ks.jks:/opt/app/policy/clamp/etc/ssl/policy-keystore:ro + - ./config/clamp/PolicyParticipantParameters.yaml:/opt/app/policy/clamp/config/PolicyParticipantParameters.yaml:ro + entrypoint: /opt/app/policy/bin/wait_for_port.sh + command: [ + '-c', './policy-participant.sh', + 'message-router', '3905' + ] + + policy-gui: + image: nexus3.onap.org:10001/onap/policy-gui:latest + container_name: policy-gui + depends_on: + - policy-clamp-backend + hostname: policy-gui + environment: + CLAMP_URL: https://policy-clamp-backend:8443 + CLAMP_DISABLE_SSL_VALIDATION: "true" + SERVER_SSL_CLIENT_AUTH: want + KEYSTORE_PASSWD: Pol1cy_0nap + TRUSTSTORE_PASSWD: Pol1cy_0nap + ports: + - "2443:2443" + expose: + - 2443 + volumes: + - ./config/clamp/gui/application.yaml:/opt/app/policy/gui/etc/application.yaml + - ./config/policy-truststore:/opt/app/policy/gui/etc/mounted/policy-truststore:ro + - ./config/ks.jks:/opt/app/policy/gui/etc/mounted/policy-keystore:ro + - ./wait_for_port.sh:/opt/app/policy/gui/bin/wait_for_port.sh:ro + entrypoint: ./policy-gui.sh + working_dir: /opt/app/policy/gui/bin + command: ./policy-gui.sh + + policy-clamp-backend: + image: nexus3.onap.org:10001/onap/policy-clamp-backend:${POLICY_CLAMP_VERSION} + container_name: policy-clamp-backend + depends_on: + - policy-clamp-runtime-acm + - distribution + hostname: policy-clamp-backend + environment: + POLICY_API_HOST: api + POLICY_PAP_HOST: pap + MARIADB_HOST: mariadb + RUNTIME_HOST: policy-clamp-runtime-acm + ports: + - "8443:8443" + expose: + - 8443 + volumes: + - ./config/clamp/application-smoke.properties:/opt/policy/clamp/application-smoke.properties:ro + - ./config/policy-truststore:/opt/policy/clamp/policy-truststore:ro + - ./config/ks.jks:/opt/policy/clamp/policy-keystore:ro + - ./config/clamp/org.onap.clamp.keyfile:/opt/policy/clamp/clamp-be-keyfile:ro + working_dir: /opt/policy/clamp + command: java -Djava.security.egd=file:/dev/./urandom -XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=75 -jar ./policy-clamp-backend.jar --spring.config.name=application-smoke --spring.config.location=optional:classpath:/,optional:classpath:/config/,optional:file:./,optional:file:./config/ diff --git a/csit/get-versions.sh b/csit/get-versions.sh index 5abc747f..d3f6bcda 100644 --- a/csit/get-versions.sh +++ b/csit/get-versions.sh @@ -62,3 +62,6 @@ echo POLICY_CLAMP_VERSION="${POLICY_CLAMP_VERSION}" export POLICY_DOCKER_VERSION=$(getVersion docker) echo POLICY_DOCKER_VERSION="${POLICY_DOCKER_VERSION}" + +export POLICY_GUI_VERSION=$(getVersion gui) +echo POLICY_GUI_VERSION="${POLICY_GUI_VERSION}" diff --git a/csit/prepare-config-files.py b/csit/prepare-config-files.py index 977df556..4eaa3422 100755 --- a/csit/prepare-config-files.py +++ b/csit/prepare-config-files.py @@ -30,6 +30,7 @@ if __name__ == '__main__': https_enabled = parser.parse_args().https message_router_port = '3905' if https_enabled == "true" else '3904' + protocol = 'https://' if https_enabled == "true" else 'http://' current_dir = os.getcwd() config_dir = current_dir + "/config/" @@ -44,6 +45,7 @@ if __name__ == '__main__': with open(file, 'r+') as f: content = f.read() new_content = content.replace("{{HTTPS_ENABLED}}", https_enabled) + new_content = new_content.replace("{{PROTOCOL}}", protocol) new_content = new_content.replace("{{MESSAGE_ROUTER_PORT}}", message_router_port) if new_content != content: diff --git a/csit/start-gui-smoke-components.sh b/csit/start-gui-smoke-components.sh new file mode 100755 index 00000000..4fe36a01 --- /dev/null +++ b/csit/start-gui-smoke-components.sh @@ -0,0 +1,29 @@ +# ============LICENSE_START==================================================== +# Copyright (C) 2022 Nordix Foundation. +# ============================================================================= +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END====================================================== +SCRIPTS=$(git rev-parse --show-toplevel) +export SCRIPTS="${SCRIPTS}"/csit + +cd ${SCRIPTS} + +python3 ./prepare-config-files.py --https=true + +source ./get-versions.sh + +docker-compose -f docker-compose-gui-smoke.yml up -d policy-gui + +echo "Clamp GUI: https://localhost:2443/clamp" diff --git a/csit/stop-gui-smoke.sh b/csit/stop-gui-smoke.sh new file mode 100755 index 00000000..c69069b3 --- /dev/null +++ b/csit/stop-gui-smoke.sh @@ -0,0 +1,26 @@ +#!/bin/bash +# +# ============LICENSE_START==================================================== +# Copyright (C) 2022 Nordix Foundation. +# ============================================================================= +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END====================================================== + +SCRIPTS=$(git rev-parse --show-toplevel) +export SCRIPTS="${SCRIPTS}"/csit + +source "${SCRIPTS}"/get-versions.sh + +docker-compose -f "${SCRIPTS}"/docker-compose-gui-smoke.yml down |