1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
|
###
# ============LICENSE_START=======================================================
# ONAP POLICY-DOCKER
# ================================================================================
# Copyright (C) 2022 Nordix Foundation.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# SPDX-License-Identifier: Apache-2.0
# ============LICENSE_END============================================
# ===================================================================
#
###
### Set the port for HTTP or HTTPS protocol (Controlled by Spring framework, only one at a time).
### (See below for the parameter 'server.http.port' if you want to have both enabled)
### To have only HTTP, keep the lines server.ssl.* commented
### To have only HTTPS enabled, uncomment the server.ssl.* lines and specify a right keystore location
### server.port=8080
### Settings for HTTPS (this automatically enables the HTTPS on the port 'server.port')
#server.ssl.key-store=file:/tmp/mykey.jks
#server.ssl.key-store-password=pass
#server.ssl.key-password=pass
### In order to be user friendly when HTTPS is enabled,
### you can add another HTTP port that will be automatically redirected to HTTPS
### by enabling this parameter (server.http.port) and set it to another port (80 or 8080, 8090, etc ...)
#server.http-to-https-redirection.port=8090
### HTTP Example:
###--------------
### server.port=8080
### HTTPS Example:
### --------------
### server.port=8443
server.ssl.key-store=file:/opt/policy/clamp/policy-keystore
server.ssl.key-store-password=enc:qWxBtY7w9h5Hl72vQKgI5G1qqyRIuBarQqMkVDHqZmd
server.ssl.key-password=enc:qWxBtY7w9h5Hl72vQKgI5G1qqyRIuBarQqMkVDHqZmd
server.ssl.key-store-type=jks
server.port=8443
## Config part for Server certificates
# Can be a classpath parameter instead of file:/
#server.ssl.key-store=classpath:/clds/aaf/org.onap.clamp.p12
#server.ssl.key-store-password=enc:YZs7M6IftyPjHniTa6J7G2416hssb8qI-Av8D1b8pPS
#server.ssl.key-password=enc:YZs7M6IftyPjHniTa6J7G2416hssb8qI-Av8D1b8pPS
## Config part for Client certificates
server.ssl.client-auth=want
#server.ssl.trust-store=classpath:/clds/aaf/truststoreONAPall.jks
#server.ssl.trust-store-password=enc:iDnPBBLq_EMidXlMa1FEuBR8TZzYxrCg66vq_XfLHdJ
server.ssl.trust-store=file:/opt/policy/clamp/policy-truststore
server.ssl.trust-store-password=enc:qWxBtY7w9h5Hl72vQKgI5G1qqyRIuBarQqMkVDHqZmd
# The key file used to decode the key store and trust store password
# If not defined, the key store and trust store password will not be decrypted
#clamp.config.keyFile=classpath:/clds/aaf/org.onap.clamp.keyfile
clamp.config.keyFile=file:/opt/policy/clamp/clamp-be-keyfile
#server.http-to-https-redirection.port=8080
server.servlet.context-path=/
#Modified engine-rest applicationpath
spring.profiles.active=clamp-default,clamp-default-user,clamp-sdc-controller,clamp-ssl-config,clamp-policy-controller,default-dictionary-elements
spring.http.converters.preferred-json-mapper=gson
#The max number of active threads in this pool
server.tomcat.max-threads=200
#The minimum number of threads always kept alive
server.tomcat.min-Spare-Threads=25
#The number of milliseconds before an idle thread shutsdown, unless the number of active threads are less or equal to minSpareThreads
server.tomcat.max-idle-time=60000
#Servlet context parameters
server.context_parameters.p-name=value #context parameter with p-name as key and value as value.
camel.springboot.consumer-template-cache-size=1000
camel.springboot.producer-template-cache-size=1000
camel.springboot.jmx-enabled=true
camel.defaultthreadpool.poolsize=10
camel.defaultthreadpool.maxpoolsize=20
camel.defaultthreadpool.maxqueuesize=1000
camel.defaultthreadpool.keepaliveTime=60
camel.defaultthreadpool.rejectpolicy=CallerRuns
camel.springboot.xml-routes=classpath:/clds/camel/routes/*.xml
camel.springboot.xml-rests=classpath:/clds/camel/rest/*.xml
camel.springboot.backlog-tracing=true
camel.springboot.tracing=true
#clds datasource connection details
spring.datasource.driverClassName=org.mariadb.jdbc.Driver
spring.datasource.url=jdbc:mariadb:sequential://${MARIADB_HOST}:3306/policyclamp?autoReconnect=true&connectTimeout=10000&socketTimeout=10000&retriesAllDown=3
spring.datasource.username=policy_user
spring.datasource.password=policy_user
spring.datasource.validationQuery=SELECT 1
spring.datasource.validationQueryTimeout=20000
spring.datasource.validationInterval=30000
spring.datasource.testWhileIdle = true
spring.datasource.minIdle = 0
spring.datasource.initialSize=0
# Automatically test whether a connection provided is good or not
spring.datasource.testOnBorrow=true
spring.datasource.ignoreExceptionOnPreLoad=true
# control the sql db initialization (from schema.sql and data.sql)
spring.datasource..initialize=false
spring.jpa.properties.javax.persistence.schema-generation.database.action=none
s#pring.jpa.properties.javax.persistence.schema-generation.create-source=metadata
#spring.jpa.properties.javax.persistence.schema-generation.scripts.action=create
#spring.jpa.properties.javax.persistence.schema-generation.scripts.create-target=create.sql
# disable Hibernate DDL generation because the schema will be generated from a sql script
spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQL5InnoDBDialect
spring.jpa.properties.hibernate.ddl-auto=validate
spring.jpa.properties.hibernate.hbm2ddl.delimiter=;
spring.jpa.properties.hibernate.format_sql=true
spring.jpa.properties.hibernate.use-new-id-generator-mappings=true
# Whether to enable logging of SQL statements.
#spring.jpa.show-sql=true
#Async Executor default Parameters
async.core.pool.size=10
async.max.pool.size=20
async.queue.capacity=500
#For logback file
#clamp.config.logback.path=
clamp.config.logback.filename=logback-default.xml
#The log folder that will be used in logback.xml file
clamp.config.log.path=/var/log/onap/clamp
clamp.config.files.systemProperties=classpath:/system.properties
clamp.config.files.cldsUsers=classpath:/clds/clds-users.json
clamp.config.files.globalProperties=classpath:/clds/templates/globalProperties.json
clamp.config.files.sdcController=classpath:/clds/sdc-controllers-config.json
clamp.config.httpclient.socketTimeout=60000
clamp.config.httpclient.connectTimeout=10000
#
# Configuration Settings for Policy Engine Components
clamp.config.policy.api.url={{PROTOCOL}}${POLICY_API_HOST}:6969
clamp.config.policy.api.userName=policyadmin
clamp.config.policy.api.password=zb!XztG34
clamp.config.policy.pap.url={{PROTOCOL}}${POLICY_PAP_HOST}:6969
clamp.config.policy.pap.userName=policyadmin
clamp.config.policy.pap.password=zb!XztG34
#
# Sdc service properties
clamp.config.sdc.csarFolder = /tmp/sdc-controllers
#DCAE Inventory Url Properties
clamp.config.dcae.inventory.url={{PROTOCOL}}localhost:8085
clamp.config.dcae.intentory.retry.interval=10000
clamp.config.dcae.intentory.retry.limit=5
#DCAE Deployment Url Properties
clamp.config.dcae.deployment.url={{PROTOCOL}}localhost:8085
clamp.config.dcae.deployment.userName=test
clamp.config.dcae.deployment.password=test
#Define user permission related parameters, the permission type can be changed but MUST be redefined in clds-users.properties in that case !
clamp.config.security.permission.type.cl=org.onap.clamp.clds.cl
clamp.config.security.permission.type.cl.manage=org.onap.clamp.clds.cl.manage
clamp.config.security.permission.type.cl.event=org.onap.clamp.clds.cl.event
clamp.config.security.permission.type.filter.vf=org.onap.clamp.clds.filter.vf
clamp.config.security.permission.type.template=org.onap.clamp.clds.template
clamp.config.security.permission.type.tosca=org.onap.clamp.clds.tosca
clamp.config.security.permission.type.policies=org.onap.clamp.clds.policies
#This one indicates the type of instances (dev|prod|perf...), this must be set accordingly in clds-users.properties
clamp.config.security.permission.instance=dev
clamp.config.security.authentication.class=org.onap.aaf.cadi.principal.X509Principal, org.onap.aaf.cadi.principal.CachedBasicPrincipal
## Tosca converter
clamp.config.tosca.converter.json.schema.templates=classpath:/clds/tosca-converter/templates.json
clamp.config.tosca.converter.default.datatypes=classpath:/clds/tosca-converter/default-tosca-types.yaml
clamp.config.tosca.converter.dictionary.support.enabled=true
# Configuration settings for CDS
clamp.config.cds.url={{PROTOCOL}}cds-blueprints-processor-http:8080
clamp.config.cds.userName=ccsdkapps
clamp.config.cds.password=ccsdkapps
# Configuration settings for ControlLoop Runtime Rest API
clamp.config.acm.runtime.url={{PROTOCOL}}${RUNTIME_HOST}:6969
clamp.config.acm.runtime.userName=runtimeUser
clamp.config.acm.runtime.password=zb!XztG34
|