diff options
Diffstat (limited to 'test')
53 files changed, 252 insertions, 1164 deletions
diff --git a/test/Opagroup.json b/test/Opagroup.json deleted file mode 100644 index 002b962..0000000 --- a/test/Opagroup.json +++ /dev/null @@ -1,23 +0,0 @@ -{ - "groups": [ - { - "name": "defaultGroup", - "pdpGroupState": "ACTIVE", - "properties": {}, - "pdpSubgroups": [ - { - "pdpType": "opa", - "desiredInstanceCount": 1, - "properties": {}, - "supportedPolicyTypes": [ - { - "name": "onap.policies.native.opa", - "version": "1.0.0" - } - ], - "policies": [] - } - ] - } - ] -} diff --git a/test/README.md b/test/README.md index bc9f931..3c52d41 100644 --- a/test/README.md +++ b/test/README.md @@ -1,10 +1,23 @@ # Testing OPA +## Ports Exposed by OPA in CSIT and K8s Cluster Environment: + +<CSIT docker-compose environment:> + 30012 port is exposed,below curl urls for OPA would point to the same. +<K8s environment:> + 8282 port since it is a ClusterIP Service. + port forwarding can be done with below sample commands while testing + -------------------------------------------------------------------- + kubectl port-forward --namespace onap service/policy-pap 30003:6969 & + kubectl port-forward --namespace onap service/policy-api 30002:6969 & + kubectl port-forward --namespace onap service/policy-opa-pdp 30012:8282 & + -------------------------------------------------------------------- + ## Curl URL For Deployment. -1. `curl -u 'policyadmin:zb!XztG34' -X POST -H "Content-Type":"application/yaml" --data-binary @test_resources/policy_deploy_single_policy.yaml http://localhost:30002/policy/api/v1/policytypes/onap.policies.native.opa/versions/1.0.0/policies` +1. `curl -u 'policyadmin:zb!XztG34' -X POST -H "Content-Type":"application/yaml" --data-binary @toscapolicies/role/policy_role.yaml http://localhost:30002/policy/api/v1/policytypes/onap.policies.native.opa/versions/1.0.0/policies` -2. `curl -u 'policyadmin:zb!XztG34' -X POST -H "Content-Type":"application/json" -d @test_resources/deploy.json http://localhost:30003/policy/pap/v1/pdps/policies` +2. `curl -u 'policyadmin:zb!XztG34' -X POST -H "Content-Type":"application/json" -d @toscapolicies/role/deploy_role.json http://localhost:30003/policy/pap/v1/pdps/policies` ## Curl URL For Undeployment @@ -12,118 +25,67 @@ ## Curl URL for Batch Undeployment. -`curl -v -u 'policyadmin:zb!XztG34' -X POST -H "Content-Type":"application/json" -d @test_resources/undeploy_batch_delete.json http://localhost:30003/policy/pap/v1/pdps/deployments/batch` - -## Verification API Calls - -curl -u 'policyadmin:zb!XztG34' -H 'Content-Type: application/json' -H 'Accept: application/json' -d '{"onapName":"CDS","onapComponent":"CDS","onapInstance":"CDS","currentDate": "2024-11-22", "currentTime": "11:34:56", "timeZone": "UTC", "timeOffset": "+05:30", "currentDateTime": "2024-11-22T12:08:00Z", "policyFilter" : [""], "policyName":"example","input":{"method":"POST","path":["users"]}}' -X POST http://0.0.0.0:8282/policy/pdpo/v1/decision - -{"output":{"allow":true},"policyName":"example"} - -curl -u 'policyadmin:zb!XztG34' -H 'Content-Type: application/json' -H 'Accept: application/json' --header 'X-ONAP-RequestID:8e6f784e-c9cb-42f6-bcc9-edb5d0af1ce1' -d '{"onapName":"CDS","onapComponent":"CDS","onapInstance":"CDS","currentDate": "2024-11-22", "currentTime": "11:34:56", "timeZone": "UTC", "timeOffset": "+05:30", "currentDateTime": "2024-11-22T12:08:00Z", "policyName":"role", "policyFilter": ["role_grants"], "input":{"user":"alice","action":"write","object":"id123","type":"dog"}}' -X POST http://0.0.0.0:8282/policy/pdpo/v1/decision - -{"output":{"role_grants":{"billing":[{"action":"read","type":"finance"},{"action":"update","type":"finance"}],"customer":[{"action":"read","type":"dog"},{"action":"read","type":"cat"},{"action":"adopt","type":"dog"},{"action":"adopt","type":"cat"}],"employee":[{"action":"read","type":"dog"},{"action":"read","type":"cat"},{"action":"update","type":"dog"},{"action":"update","type":"cat"}]}},"policyName":"role"} - -## OUTPUT for policy:action with filter role_permissions - -curl -u 'policyadmin:zb!XztG34' -H 'Content-Type: application/json' -H 'Accept: application/json' --header 'X-ONAP-RequestID:8e6f784e-c9cb-42f6-bcc9-edb5d0af1ce1' -d '{"onapName":"CDS","onapComponent":"CDS","onapInstance":"CDS", "currentDate": "2024-11-22", "currentTime": "11:34:56", "timeZone": "UTC", "timeOffset": "+05:30", "currentDateTime": "2024-11-22T12:08:00Z",__"policyFilter": ["role_permissions"]__, "policyName":"action","input":{"user":"alice","action":"delete","type":"server"}}' -X POST http://0.0.0.0:8282/policy/pdpo/v1/decision - -{"output":{"role_permissions":{"admin":{"actions":["read","write","delete"],"resources":["server","database"]},"editor":{"actions":["read","write"],"resources":["server"]},"viewer":{"actions":["read"],"resources":["server"]}}},"policyName":"action"} - -## OUTPUT for policy:action with empty filters - -curl -u 'policyadmin:zb!XztG34' -H 'Content-Type: application/json' -H 'Accept: application/json' --header 'X-ONAP-RequestID:8e6f784e-c9cb-42f6-bcc9-edb5d0af1ce1' -d '{"onapName":"CDS","onapComponent":"CDS","onapInstance":"CDS", "currentDate": "2024-11-22", "currentTime": "11:34:56", "timeZone": "UTC", "timeOffset": "+05:30", "currentDateTime": "2024-11-22T12:08:00Z",__"policyFilter": [""]__, "policyName":"action","input":{"user":"alice","action":"delete","type":"server"}}' -X POST http://0.0.0.0:8282/policy/pdpo/v1/decision - -{"output":{"allow":true,"role_permissions":{"admin":{"actions":["read","write","delete"],"resources":["server","database"]},"editor":{"actions":["read","write"],"resources":["server"]},"viewer":{"actions":["read"],"resources":["server"]}},"user_roles":{"alice":["admin"],"bob":["editor"],"charlie":["viewer"]}},"policyName":"action"} - -## OUTPUT for policy:action without filter - -curl -u 'policyadmin:zb!XztG34' -H 'Content-Type: application/json' -H 'Accept: application/json' --header 'X-ONAP-RequestID:8e6f784e-c9cb-42f6-bcc9-edb5d0af1ce1' -d '{"onapName":"CDS","onapComponent":"CDS","onapInstance":"CDS", "currentDate": "2024-11-22", "currentTime": "11:34:56", "timeZone": "UTC", "timeOffset": "+05:30", "currentDateTime": "2024-11-22T12:08:00Z","policyName":"action","input":{"user":"charlie","action":"delete","type":"server"}}' -X POST http://0.0.0.0:8282/policy/pdpo/v1/decision - -{"errorMessage":"Policy Filter is nil.","policyName":"","responseCode":"bad_request"} - -## OUTPUT for policy:account with filter account_attributes +`curl -v -u 'policyadmin:zb!XztG34' -X POST -H "Content-Type":"application/json" -d @{"groups": [{"name": "opaGroup","deploymentSubgroups": [{"pdpType": "opa","action": "DELETE","policies": [{"name": "role","version": "2.0.2"}]}]}]} http://localhost:30003/policy/pap/v1/pdps/deployments/batch` -curl -u 'policyadmin:zb!XztG34' -H 'Content-Type: application/json' -H 'Accept: application/json' --header 'X-ONAP-RequestID:8e6f784e-c9cb-42f6-bcc9-edb5d0af1ce1' -d '{"onapName":"CDS","onapComponent":"CDS","onapInstance":"CDS", "currentDate": "2024-11-22", "currentTime": "11:34:56", "timeZone": "UTC","timeOffset": "+05:30", "currentDateTime": "2024-11-22T12:08:00Z",__"policyFilter": ["account_attributes"]__, "policyName":"account", "input":{"creditor_account":11111,"creditor":"alice","debtor_account":22222,"debtor":"bob","period":30,"amount":1000}}' -X POST http://0.0.0.0:8282/policy/pdpo/v1/decision +## Decision API Response -{"output":{"account_attributes":{"11111":{"amount":10000,"owner":"alice"},"22222":{"amount":10000,"owner":"bob"},"33333":{"amount":10000,"owner":"cam"}}},"policyName":"account"} +## Output For Policy: access_method with empty filter +curl -u 'policyadmin:zb!XztG34' -H 'Content-Type: application/json' -H 'Accept: application/json' -d '{"onapName":"CDS","onapComponent":"CDS","onapInstance":"CDS","currentDate": "2024-11-22", "currentTime": "08:26:41.857Z", "timeZone": "UTC", "timeOffset": "+05:30", "currentDateTime": "2025-01-17T08:26:41.857Z", "policyFilter" : [""], "policyName":"access_method","input":{"method":"POST","path":["users"]}}' -X POST http://0.0.0.0:30012/policy/pdpo/v1/decision -## OUTPUT for policy:account with empty filter +{"output":{"allow":true},"policyName":"access_method"} -curl -u 'policyadmin:zb!XztG34' -H 'Content-Type: application/json' -H 'Accept: application/json' --header 'X-ONAP-RequestID:8e6f784e-c9cb-42f6-bcc9-edb5d0af1ce1' -d '{"onapName":"CDS","onapComponent":"CDS","onapInstance":"CDS", "currentDate": "2024-11-22", "currentTime": "11:34:56", "timeZone": "UTC","timeOffset": "+05:30", "currentDateTime": "2024-11-22T12:08:00Z",__"policyFilter": [""]__, "policyName":"account", "input":{"creditor_account":11111,"creditor":"alice","debtor_account":22222,"debtor":"bob","period":30,"amount":1000}}' -X POST http://0.0.0.0:8282/policy/pdpo/v1/decision +## Output For Policy: access_method with filter allow +curl -u 'policyadmin:zb!XztG34' -H 'Content-Type: application/json' -H 'Accept: application/json' -d '{"onapName":"CDS","onapComponent":"CDS","onapInstance":"CDS","currentDate": "2024-11-22", "currentTime": "08:26:41.857Z", "timeZone": "UTC", "timeOffset": "+05:30", "currentDateTime": "2025-01-17T08:26:41.857Z", "policyFilter" : ["allow"], "policyName":"access_method","input":{"method":"POST","path":["users"]}}' -X POST http://0.0.0.0:30012/policy/pdpo/v1/decision -{"output":{"account_attributes":{"11111":{"amount":10000,"owner":"alice"},"22222":{"amount":10000,"owner":"bob"},"33333":{"amount":10000,"owner":"cam"}},"allow":true,"amount_is_valid":true,"creditor_is_valid":true,"debtor_is_valid":true,"period_is_valid":true},"policyName":"account"} +{"output":{"allow":true},"policyName":"access_method"} -## OUTPUT for policy:organization with filter acls +## Output For Policy: role with filter allow -curl -u 'policyadmin:zb!XztG34' -H 'Content-Type: application/json' -H 'Accept: application/json' --header 'X-ONAP-RequestID:8e6f784e-c9cb-42f6-bcc9-edb5d0af1ce1' -d '{"onapName":"CDS","onapComponent":"CDS","onapInstance":"CDS", "currentDate": "2024-11-22", "currentTime": "11:34:56", "timeZone": "UTC", "timeOffset": "+05:30", "currentDateTime": "2024-11-22T12:08:00Z",__"policyFilter": ["acls"]__, "policyName":"organization", "input":{"user":"alice","action": "read","component": "component_A","project": "project_A", "organization": "org_A"}}' -X POST http://0.0.0.0:8282/policy/pdpo/v1/decision +curl -u 'policyadmin:zb!XztG34' -H 'Content-Type: application/json' -H 'Accept: application/json' --header 'X-ONAP-RequestID:8e6f784e-c9cb-42f6-bcc9-edb5d0af1ce1' -d '{"onapName":"CDS","onapComponent":"CDS","onapInstance":"CDS","currentDate": "2024-11-22", "currentTime": "08:26:41.857Z", "timeZone": "UTC", "timeOffset": "+05:30", "currentDateTime": "2025-01-17T08:26:41.857Z", "policyName":"role", "policyFilter": ["allow"], "input":{"user":"alice","action":"write","object":"id123","type":"dog"}}' -X POST http://0.0.0.0:30012/policy/pdpo/v1/decision -{"output":{"acls":[{"actions":["edit","read"],"component":"component_A","organization":"org_A","project":"project_A","user":"alice"},{"actions":["read"],"organization":"org_A","user":"bob"},{"action":["edit"],"component":"component_A","organization":"org_A","project":"project_B","user":"bob"},{"action":["read"],"organization":"org_A","project":"project_B","user":"charlie"}]},"policyName":"organization"} +{"output":{"allow":true},"policyName":"role"} -## OUTPUT for policy:organization with empty filter -curl -u 'policyadmin:zb!XztG34' -H 'Content-Type: application/json' -H 'Accept: application/json' --header 'X-ONAP-RequestID:8e6f784e-c9cb-42f6-bcc9-edb5d0af1ce1' -d '{"onapName":"CDS","onapComponent":"CDS","onapInstance":"CDS", "currentDate": "2024-11-22", "currentTime": "11:34:56", "timeZone": "UTC", "timeOffset": "+05:30", "currentDateTime": "2024-11-22T12:08:00Z",__"policyFilter": [""]__, "policyName":"organization", "input":{"user":"alice","action": "read","component": "component_A","project": "project_A", "organization": "org_A"}}' -X POST http://0.0.0.0:8282/policy/pdpo/v1/decision +## Output For policy: role with empty filter +curl -u 'policyadmin:zb!XztG34' -H 'Content-Type: application/json' -H 'Accept: application/json' --header 'X-ONAP-RequestID:8e6f784e-c9cb-42f6-bcc9-edb5d0af1ce1' -d '{"onapName":"CDS","onapComponent":"CDS","onapInstance":"CDS","currentDate": "2024-11-22", "currentTime": "08:26:41.857Z", "timeZone": "UTC", "timeOffset": "+05:30", "currentDateTime": "2025-01-17T08:26:41.857Z", "policyName":"role", "policyFilter": [""], "input":{"user":"alice","action":"write","object":"id123","type":"dog"}}' -X POST http://0.0.0.0:30012/policy/pdpo/v1/decision -{"output":{"acls":[{"actions":["edit","read"],"component":"component_A","organization":"org_A","project":"project_A","user":"alice"},{"actions":["read"],"organization":"org_A","user":"bob"},{"action":["edit"],"component":"component_A","organization":"org_A","project":"project_B","user":"bob"},{"action":["read"],"organization":"org_A","project":"project_B","user":"charlie"}],"allow":true},"policyName":"organization"} +{"output":{"allow":true,"user_is_admin":true,"user_is_granted":[]},"policyName":"role"} -## OUTPUT for policy:abac with filter viewable_sensor_data +## Output For policy: role with filter not matching the allowable filters +curl -u 'policyadmin:zb!XztG34' -H 'Content-Type: application/json' -H 'Accept: application/json' --header 'X-ONAP-RequestID:8e6f784e-c9cb-42f6-bcc9-edb5d0af1ce1' -d '{"onapName":"CDS","onapComponent":"CDS","onapInstance":"CDS","currentDate": "2024-11-22", "currentTime": "08:26:41.857Z", "timeZone": "UTC", "timeOffset": "+05:30", "currentDateTime": "2025-01-17T08:26:41.857Z", "policyName":"role", "policyFilter": ["abc"], "input":{"user":"alice","action":"write","object":"id123","type":"dog"}}' -X POST http://0.0.0.0:30012/policy/pdpo/v1/decision -curl -u 'policyadmin:zb!XztG34' -H 'Content-Type: application/json' -H 'Accept: application/json' --header 'X-ONAP-RequestID:8e6f784e-c9cb-42f6-bcc9-edb5d0af1ce1' -d '{"onapName":"CDS","onapComponent":"CDS","onapInstance":"CDS","currentDate": "2024-11-22","policyName":"abac", __"policyFilter": ["viewable_sensor_data"]__, "input":{"actions": ["write"],"datatypes": ["location","temperature","precipitation","windspeed"],"time_period": {"from": "2024-03-27","to": "2024-03-31"}}}' -X POST http://0.0.0.0:8282/policy/pdpo/v1/decision +{"output":null,"policyName":"role","statusMessage":"Policy Filter(s) not matching, Valid Filter(s) are: [allow, user_is_admin, user_is_granted]"} -{"output":{"viewable_sensor_data":[]},"policyName":"abac"} +## Output For Policy: blacklist with filter module_allow +curl -u 'policyadmin:zb!XztG34' -H 'Content-Type: application/json' -H 'Accept: application/json' -d '{"onapName":"CDS","onapComponent":"CDS","onapInstance":"CDS","currentDate": "2024-11-22", "currentTime": "08:26:41.857Z", "timeZone": "UTC", "timeOffset": "+05:30", "currentDateTime": "2025-01-17T08:26:41.857Z", "policyFilter" : ["module_allow"], "policyName":"blacklist","input":{"vfmodule":["the-vfmodule-where-root-is-true","another-vfmodule-where-root-is-true" ] }}' -X POST http://localhost:30012/policy/pdpo/v1/decision -## OUTPUT for policy:abac with empty filter +{"output":{"module_allow":{"another-vfmodule-where-root-is-true":true,"the-vfmodule-where-root-is-true":true}},"policyName":"blacklist"} -curl -u 'policyadmin:zb!XztG34' -H 'Content-Type: application/json' -H 'Accept: application/json' --header 'X-ONAP-RequestID:8e6f784e-c9cb-42f6-bcc9-edb5d0af1ce1' -d '{"onapName":"CDS","onapComponent":"CDS","onapInstance":"CDS","currentDate": "2024-11-22","policyName":"abac", __"policyFilter": [""]__, "input":{"actions": ["write"],"datatypes": ["location","temperature","precipitation","windspeed"],"time_period": {"from": "2024-03-27","to": "2024-03-31"}}}' -X POST http://0.0.0.0:8282/policy/pdpo/v1/decision +## Output For Policy: blacklist with Empty Filter + curl -u 'policyadmin:zb!XztG34' -H 'Content-Type: application/json' -H 'Accept: application/json' -d '{"onapName":"CDS","onapComponent":"CDS","onapInstance":"CDS","currentDate": "2024-11-22", "currentTime": "08:26:41.857Z", "timeZone": "UTC", "timeOffset": "+05:30", "currentDateTime": "2025-01-17T08:26:41.857Z", "policyFilter" : [""], "policyName":"blacklist","input":{"vfmodule":["the-vfmodule-where-root-is-true","another-vfmodule-where-root-is-true" ] }}' -X POST http://localhost:30012/policy/pdpo/v1/decision -{"output":{"allow":false,"sensor_data":[{"humidity":"40%","id":"0001","location":"Sri Lanka","particle_density":"1.3 g/l","precipitation":"1000 mm","temperature":"28 C","timestamp":"2024-02-26","windspeed":"5.5 m/s"},{"humidity":"45%","id":"0002","location":"Colombo","particle_density":"1.5 g/l","precipitation":"1200 mm","temperature":"30 C","timestamp":"2024-02-26","windspeed":"6.0 m/s"},{"humidity":"60%","id":"0003","location":"Kandy","particle_density":"1.1 g/l","precipitation":"800 mm","temperature":"25 C","timestamp":"2024-02-26","windspeed":"4.5 m/s"},{"humidity":"30%","id":"0004","location":"Galle","particle_density":"1.8 g/l","precipitation":"500 mm","temperature":"35 C","timestamp":"2024-02-27","windspeed":"7.2 m/s"},{"humidity":"20%","id":"0005","location":"Jaffna","particle_density":"0.9 g/l","precipitation":"300 mm","temperature":"-5 C","timestamp":"2024-02-27","windspeed":"3.8 m/s"},{"humidity":"55%","id":"0006","location":"Trincomalee","particle_density":"1.2 g/l","precipitation":"1000 mm","temperature":"20 C","timestamp":"2024-02-28","windspeed":"5.0 m/s"},{"humidity":"50%","id":"0007","location":"Nuwara Eliya","particle_density":"1.3 g/l","precipitation":"600 mm","temperature":"25 C","timestamp":"2024-02-28","windspeed":"4.0 m/s"},{"humidity":"40%","id":"0008","location":"Anuradhapura","particle_density":"1.4 g/l","precipitation":"700 mm","temperature":"28 C","timestamp":"2024-02-29","windspeed":"5.8 m/s"},{"humidity":"65%","id":"0009","location":"Matara","particle_density":"1.6 g/l","precipitation":"900 mm","temperature":"32 C","timestamp":"2024-02-29","windspeed":"6.5 m/s"}],"viewable_sensor_data":[]},"policyName":"abac"} +{"output":{"module_allow":{"another-vfmodule-where-root-is-true":true,"the-vfmodule-where-root-is-true":true}},"policyName":"blacklist"} -## OUTPUT for policy:zone with filter has_zone_access +## Output For Policy: monitor with filter result +curl -u 'policyadmin:zb!XztG34' -H 'Content-Type: application/json' -H 'Accept: application/json' -d '{"onapName":"CDS","onapComponent":"CDS","onapInstance":"CDS","currentDate": "2024-11-22", "currentTime": "08:26:41.857Z", "timeZone": "UTC", "timeOffset": "+05:30", "currentDateTime": "2025-01-17T08:26:41.857Z", "policyFilter" : ["result"], "policyName":"monitor","input":{ "domain": "measurementsForVfScaling", "eventName": "Measurement_vGMUX","controlLoopSchemaType": "VNF","policyScope": "DCAE","policyName": "DCAE.Config_tca-hi-lo","policyVersion": "v0.0.1", "version": "1.0.2","controlname": "ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e","thresholdValue": 0}}' -X POST http://localhost:30012/policy/pdpo/v1/decision -curl -u 'policyadmin:zb!XztG34' -H 'Content-Type: application/json' -H 'Accept: application/json' --header 'X-ONAP-RequestID:8e6f784e-c9cb-42f6-bcc9-edb5d0af1ce1' -d '{"onapName":"CDS","onapComponent":"CDS","onapInstance":"CDS","currentDate": "2024-11-22","policyName":"zone", __"policyFilter": ["has_zone_access"]__, "input":{"actions": ["view"],"log_id": "log1", "datatypes": ["access", "user"],"time_period": {"from": "2024-11-01T09:00:00Z","to": "2024-11-01T10:00:00Z"},"zone_id": "zoneA"}}' -X POST http://0.0.0.0:8282/policy/pdpo/v1/decision +{"output":{"result":[{"closedLoopEventStatus":"ABATED","severity":"MAJOR"}]},"policyName":"monitor"} -{"output":{"has_zone_access":[{"access":"granted","user":"user1"}]},"policyName":"zone"} - -## OUTPUT for policy:zone with empty filter - -curl -u 'policyadmin:zb!XztG34' -H 'Content-Type: application/json' -H 'Accept: application/json' --header 'X-ONAP-RequestID:8e6f784e-c9cb-42f6-bcc9-edb5d0af1ce1' -d '{"onapName":"CDS","onapComponent":"CDS","onapInstance":"CDS","currentDate": "2024-11-22","policyName":"zone", __"policyFilter": [""]__, "input":{"actions": ["view"],"log_id": "log1", "datatypes": ["access", "user"],"time_period": {"from": "2024-11-01T09:00:00Z","to": "2024-11-01T10:00:00Z"},"zone_id": "zoneA"}}' -X POST http://0.0.0.0:8282/policy/pdpo/v1/decision - -{"output":{"action_is_log_view":true,"allow":true,"has_zone_access":[{"access":"granted","user":"user1"}],"zone":{"zone_access_logs":[{"access":"granted","log_id":"log1","timestamp":"2024-11-01T09:00:00Z","user":"user1","zone_id":"zoneA"},{"access":"denied","log_id":"log2","timestamp":"2024-11-01T10:30:00Z","user":"user2","zone_id":"zoneA"},{"access":"granted","log_id":"log3","timestamp":"2024-11-01T11:00:00Z","user":"user3","zone_id":"zoneB"}]}},"policyName":"zone"} - -## OUTPUT for policy:vehicle with filter user_has_vehicle_access - -curl -u 'policyadmin:zb!XztG34' -H 'Content-Type: application/json' -H 'Accept: application/json' --header 'X-ONAP-RequestID:8e6f784e-c9cb-42f6-bcc9-edb5d0af1ce1' -d '{"onapName":"CDS","onapComponent":"CDS","onapInstance":"CDS","currentDate": "2024-11-22","policyName":"vehicle", __"policyFilter": ["user_has_vehicle_access"]__, "input":{"actions": ["use"],"user":"user1", "vehicle_id": "v1", "attributes": ["type", "status"]}}' -X POST http://0.0.0.0:8282/policy/pdpo/v1/decision - -{"output":{"user_has_vehicle_access":[{"status":"available","type":"car"}]},"policyName":"vehicle"} - -## OUTPUT for policy:vehicle with empty filter - -curl -u 'policyadmin:zb!XztG34' -H 'Content-Type: application/json' -H 'Accept: application/json' --header 'X-ONAP-RequestID:8e6f784e-c9cb-42f6-bcc9-edb5d0af1ce1' -d '{"onapName":"CDS","onapComponent":"CDS","onapInstance":"CDS","currentDate": "2024-11-22","policyName":"vehicle", __"policyFilter": [""]__, "input":{"actions": ["use"],"user":"user1", "vehicle_id": "v1", "attributes": ["type", "status"]}}' -X POST http://0.0.0.0:8282/policy/pdpo/v1/decision - -{"output":{"action_is_granted":true,"allow":true,"user_has_vehicle_access":[{"status":"available","type":"car"}],"vehicles":[{"owner":"user1","status":"available","type":"car","vehicle_id":"v1"},{"owner":"user2","status":"in use","type":"bike","vehicle_id":"v2"}]},"policyName":"vehicle"} - -## OUTPUT for policy:docs with filter has_access_to_file - -curl -u 'policyadmin:zb!XztG34' -H 'Content-Type: application/json' -H 'Accept: application/json' --header 'X-ONAP-RequestID:8e6f784e-c9cb-42f6-bcc9-edb5d0af1ce1' -d '{"onapName":"CDS","onapComponent":"CDS","onapInstance":"CDS","currentDate": "2024-11-22","policyName":"docs", __"policyFilter": ["has_access_to_file"]__, "input":{"action": "read","file_id": "file1","access_level": "admin","attributes": ["owner", "size"]}}' -X POST http://0.0.0.0:8282/policy/pdpo/v1/decision - -{"output":{"has_access_to_file":[{"owner":"user1","size":"10MB"}]},"policyName":"docs"} - -## OUTPUT for policy:docs with empty filter - -curl -u 'policyadmin:zb!XztG34' -H 'Content-Type: application/json' -H 'Accept: application/json' --header 'X-ONAP-RequestID:8e6f784e-c9cb-42f6-bcc9-edb5d0af1ce1' -d '{"onapName":"CDS","onapComponent":"CDS","onapInstance":"CDS","currentDate": "2024-11-22","policyName":"docs", __"policyFilter": [""]__, "input":{"action": "read","file_id": "file1","access_level": "admin","attributes": ["owner", "size"]}}' -X POST http://0.0.0.0:8282/policy/pdpo/v1/decision - -{"output":{"action_is_read_or_write":true,"allow":true,"files":[{"access_level":"admin","file_id":"file1","owner":"user1","size":"10MB"},{"access_level":"user","file_id":"file2","owner":"user2","size":"5MB"}],"has_access_to_file":[{"owner":"user1","size":"10MB"}]},"policyName":"docs"} +## Output For Policy: monitor with empty filter +curl -u 'policyadmin:zb!XztG34' -H 'Content-Type: application/json' -H 'Accept: application/json' -d '{"onapName":"CDS","onapComponent":"CDS","onapInstance":"CDS","currentDate": "2024-11-22", "currentTime": "08:26:41.857Z", "timeZone": "UTC", "timeOffset": "+05:30", "currentDateTime": "2025-01-17T08:26:41.857Z", "policyFilter" : [""], "policyName":"monitor","input":{ "domain": "measurementsForVfScaling", "eventName": "Measurement_vGMUX","controlLoopSchemaType": "VNF","policyScope": "DCAE","policyName": "DCAE.Config_tca-hi-lo","policyVersion": "v0.0.1", "version": "1.0.2","controlname": "ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e","thresholdValue": 0}}' -X POST http://localhost:30012/policy/pdpo/v1/decision +{"output":{"result":[{"closedLoopEventStatus":"ABATED","severity":"MAJOR"}]},"policyName":"monitor ## HealthCheck API Call With Response -curl -u 'policyadmin:zb!XztG34' --header 'X-ONAP-RequestID:8e6f784e-c9cb-42f6-bcc9-edb5d0af1ce1' -X GET http://0.0.0.0:8282/policy/pdpo/v1/healthcheck +curl -u 'policyadmin:zb!XztG34' --header 'X-ONAP-RequestID:8e6f784e-c9cb-42f6-bcc9-edb5d0af1ce1' -X GET http://0.0.0.0:30012/policy/pdpo/v1/healthcheck {"code":200,"healthy":true,"message":"alive","name":"opa-ea84b1ff-00de-4bf6-a039-222e4511d0a1","url":"self"} ## Statistics API Call With Response -curl -u 'policyadmin:zb!XztG34' --header 'X-ONAP-RequestID:8e6f784e-c9cb-42f6-bcc9-edb5d0af1ce1' -X GET http://0.0.0.0:8282/policy/pdpo/v1/statistics +curl -u 'policyadmin:zb!XztG34' --header 'X-ONAP-RequestID:8e6f784e-c9cb-42f6-bcc9-edb5d0af1ce1' -X GET http://0.0.0.0:30012/policy/pdpo/v1/statistics + +{"code":200,"decisionFailureCount":0,"decisionSuccessCount":0,"deployFailureCount":0,"deploySuccessCount":0, "totalErrorCount":0,"totalPoliciesCount":0,"totalPolicyTypesCount":1,"undeployFailureCount":0,"undeploySuccessCount":0} -{"code":200,"decisionFailureCount":0,"decisionSuccessCount":9,"deployFailureCount":0,"deploySuccessCount":0,"totalErrorCount":5,"totalPoliciesCount":0,"totalPolicyTypesCount":1,"undeployFailureCount":0,"undeploySuccessCount":0} diff --git a/test/config.json b/test/config.json deleted file mode 100644 index 0eb38c9..0000000 --- a/test/config.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "logging": { - "level": "debug" - }, - "decision_logs": { - "console": true - } -} diff --git a/test/config/opa-pdp/config.json b/test/config/opa-pdp/config.json deleted file mode 100644 index 0eb38c9..0000000 --- a/test/config/opa-pdp/config.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "logging": { - "level": "debug" - }, - "decision_logs": { - "console": true - } -} diff --git a/test/config/opa-pdp/groups.json b/test/config/opa-pdp/groups.json deleted file mode 100644 index 502700c..0000000 --- a/test/config/opa-pdp/groups.json +++ /dev/null @@ -1,15 +0,0 @@ -{ - "groups": [ - { - "name": "defaultGroup", - "version": "1.0.0", - "description": "The default group that registers all supported policy types and pdps.", - "pdpGroupState": "ACTIVE", - "pdpSubgroups": [ - { - "pdpType": "opa" - } - ] - } - ] -} diff --git a/test/config/opa-pdp/policy-opa-pdp.sh b/test/config/opa-pdp/policy-opa-pdp.sh deleted file mode 100755 index 7ed14cb..0000000 --- a/test/config/opa-pdp/policy-opa-pdp.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash - - -#Creation of Policies and Groups -sh scripts.sh - - -#Execution of OPA-PDP bin -/app/opa-pdp diff --git a/test/data/abac/data.json b/test/data/abac/data.json deleted file mode 100644 index 77b5668..0000000 --- a/test/data/abac/data.json +++ /dev/null @@ -1,94 +0,0 @@ -{ - "sensor_data": [ - { - "id": "0001", - "location": "Sri Lanka", - "temperature": "28 C", - "precipitation": "1000 mm", - "windspeed": "5.5 m/s", - "humidity": "40%", - "particle_density": "1.3 g/l", - "timestamp": "2024-02-26" - }, - { - "id": "0002", - "location": "Colombo", - "temperature": "30 C", - "precipitation": "1200 mm", - "windspeed": "6.0 m/s", - "humidity": "45%", - "particle_density": "1.5 g/l", - "timestamp": "2024-02-26" - }, - { - "id": "0003", - "location": "Kandy", - "temperature": "25 C", - "precipitation": "800 mm", - "windspeed": "4.5 m/s", - "humidity": "60%", - "particle_density": "1.1 g/l", - "timestamp": "2024-02-26" - }, - { - "id": "0004", - "location": "Galle", - "temperature": "35 C", - "precipitation": "500 mm", - "windspeed": "7.2 m/s", - "humidity": "30%", - "particle_density": "1.8 g/l", - "timestamp": "2024-02-27" - }, - { - "id": "0005", - "location": "Jaffna", - "temperature": "-5 C", - "precipitation": "300 mm", - "windspeed": "3.8 m/s", - "humidity": "20%", - "particle_density": "0.9 g/l", - "timestamp": "2024-02-27" - }, - { - "id": "0006", - "location": "Trincomalee", - "temperature": "20 C", - "precipitation": "1000 mm", - "windspeed": "5.0 m/s", - "humidity": "55%", - "particle_density": "1.2 g/l", - "timestamp": "2024-02-28" - }, - { - "id": "0007", - "location": "Nuwara Eliya", - "temperature": "25 C", - "precipitation": "600 mm", - "windspeed": "4.0 m/s", - "humidity": "50%", - "particle_density": "1.3 g/l", - "timestamp": "2024-02-28" - }, - { - "id": "0008", - "location": "Anuradhapura", - "temperature": "28 C", - "precipitation": "700 mm", - "windspeed": "5.8 m/s", - "humidity": "40%", - "particle_density": "1.4 g/l", - "timestamp": "2024-02-29" - }, - { - "id": "0009", - "location": "Matara", - "temperature": "32 C", - "precipitation": "900 mm", - "windspeed": "6.5 m/s", - "humidity": "65%", - "particle_density": "1.6 g/l", - "timestamp": "2024-02-29" - } - ] -} diff --git a/test/data/account/data.json b/test/data/account/data.json deleted file mode 100644 index df263d3..0000000 --- a/test/data/account/data.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "account_attributes":{ - "11111":{ - "owner":"alice", - "amount":10000 - }, - "22222":{ - "owner":"bob", - "amount":10000 - }, - "33333":{ - "owner":"cam", - "amount":10000 - } - } -} diff --git a/test/data/action/data.json b/test/data/action/data.json deleted file mode 100644 index 99145b7..0000000 --- a/test/data/action/data.json +++ /dev/null @@ -1,43 +0,0 @@ -{ - "user_roles": { - "alice": [ - "admin" - ], - "bob": [ - "editor" - ], - "charlie": [ - "viewer" - ] - }, - "role_permissions": { - "admin": { - "actions": [ - "read", - "write", - "delete" - ], - "resources": [ - "server", - "database" - ] - }, - "editor": { - "actions": [ - "read", - "write" - ], - "resources": [ - "server" - ] - }, - "viewer": { - "actions": [ - "read" - ], - "resources": [ - "server" - ] - } - } -} diff --git a/test/data/blacklist/data.json b/test/data/blacklist/data.json new file mode 100644 index 0000000..9fd6233 --- /dev/null +++ b/test/data/blacklist/data.json @@ -0,0 +1,6 @@ +{ + "blacklist" : [ + "the-vfmodule-where-root-is-true", + "another-vfmodule-where-root-is-true" +] +} diff --git a/test/data/cell/consistency/data.json b/test/data/cell/consistency/data.json new file mode 100644 index 0000000..1f823a1 --- /dev/null +++ b/test/data/cell/consistency/data.json @@ -0,0 +1,5 @@ +{ + "allowedCellId" : 445611193265040129, + "minPCI": 1, + "maxPCI": 3000 +} diff --git a/test/data/docs/data.json b/test/data/docs/data.json deleted file mode 100644 index 5d43020..0000000 --- a/test/data/docs/data.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "files": [ - { "file_id": "file1", "access_level": "admin", "owner": "user1", "size": "10MB" }, - { "file_id": "file2", "access_level": "user", "owner": "user2", "size": "5MB" } - ] -} - diff --git a/test/data/monitor/data.json b/test/data/monitor/data.json new file mode 100644 index 0000000..f28f73c --- /dev/null +++ b/test/data/monitor/data.json @@ -0,0 +1,13 @@ +{ "domain": "measurementsForVfScaling", + "metricsPerEventName": [{ + "eventName": "Measurement_vGMUX", + "controlLoopSchemaType": "VNF", + "policyScope": "DCAE", + "policyName": "DCAE.Config_tca-hi-lo", + "policyVersion": "v0.0.1", + "thresholds" : [{"version": "1.0.2", + "closedLoopControlName": "ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e", + "thresholdValue": 0 + }] +}] +} diff --git a/test/data/organization/data.json b/test/data/organization/data.json deleted file mode 100644 index 35fe4a1..0000000 --- a/test/data/organization/data.json +++ /dev/null @@ -1,32 +0,0 @@ -{ - "acls": [ - { - "user": "alice", - "actions": [ - "edit", - "read" - ], - "component": "component_A", - "project": "project_A", - "organization": "org_A" - }, - { - "user": "bob", - "actions": ["read"], - "organization": "org_A" - }, - { - "user": "bob", - "action": ["edit"], - "component": "component_A", - "project": "project_B", - "organization": "org_A" - }, - { - "user": "charlie", - "action": ["read"], - "project": "project_B", - "organization": "org_A" - } - ] -} diff --git a/test/data/vehicle/data.json b/test/data/vehicle/data.json deleted file mode 100644 index 570c677..0000000 --- a/test/data/vehicle/data.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "vehicles": [ - { "vehicle_id": "v1", "owner": "user1", "type": "car", "status": "available" }, - { "vehicle_id": "v2", "owner": "user2", "type": "bike", "status": "in use" } - ] -} - diff --git a/test/data/zone/data.json b/test/data/zone/data.json deleted file mode 100644 index be77176..0000000 --- a/test/data/zone/data.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "zone": { - "zone_access_logs": [ - { "log_id": "log1", "timestamp": "2024-11-01T09:00:00Z", "zone_id": "zoneA", "access": "granted", "user": "user1" }, - { "log_id": "log2", "timestamp": "2024-11-01T10:30:00Z", "zone_id": "zoneA", "access": "denied", "user": "user2" }, - { "log_id": "log3", "timestamp": "2024-11-01T11:00:00Z", "zone_id": "zoneB", "access": "granted", "user": "user3" } - ] - } -} - diff --git a/test/docker-compose.yml b/test/docker-compose.yml deleted file mode 100644 index a4dea24..0000000 --- a/test/docker-compose.yml +++ /dev/null @@ -1,140 +0,0 @@ -version: '3.8' -services: - mariadb: - image: nexus3.onap.org:10001/mariadb:10.10.2 - container_name: mariadb - hostname: mariadb - command: ['--lower-case-table-names=1', '--wait_timeout=28800', '--default-authentication-plugin=mysql_native_password'] - env_file: ./config/db/db.conf - volumes: - - ./config/db:/docker-entrypoint-initdb.d - - ./config/clamp/policy-clamp-create-tables.sql:/tmp/policy-clamp-create-tables.sql - ports: - - "3306:3306" - policy-db-migrator: - image: nexus3.onap.org:10001/onap/policy-db-migrator:4.0.1-SNAPSHOT - container_name: policy-db-migrator - hostname: policy-db-migrator - depends_on: - - mariadb - expose: - - 6824 - env_file: ./config/db/db.conf - environment: - SQL_DB: policyadmin - SQL_HOST: mariadb - volumes: - - ./config/db-migrator/init.sh:/opt/app/policy/bin/db_migrator_policy_init.sh:ro - - ./wait_for_port.sh:/tmp/wait_for_port.sh - entrypoint: sh /tmp/wait_for_port.sh - command: [ - '-c', - '/opt/app/policy/bin/db_migrator_policy_init.sh', - 'mariadb', '3306' - ] - api: - image: nexus3.onap.org:10001/onap/policy-api:4.0.1-SNAPSHOT - container_name: policy-api - depends_on: - - policy-db-migrator - hostname: policy-api - ports: - - 30002:6969 - volumes: - - ./config/api/apiParameters.yaml:/opt/app/policy/api/etc/apiParameters.yaml:ro - - ./config/api/logback.xml:/opt/app/policy/api/etc/logback.xml:ro - - ./wait_for_port.sh:/opt/app/policy/api/bin/wait_for_port.sh - entrypoint: sh wait_for_port.sh - command: [ - '-c', './policy-api.sh', - 'mariadb', '3306', - 'policy-db-migrator', '6824' - ] - pap: - image: nexus3.onap.org:10001/onap/policy-pap:4.0.1-SNAPSHOT - container_name: policy-pap - depends_on: - - mariadb - - kafka - - api - hostname: policy-pap - ports: - - 30003:6969 - volumes: - - ./config/pap/papParameters.yaml:/opt/app/policy/pap/etc/papParameters.yaml:ro - - ./config/pap/groups.json:/opt/app/policy/pap/etc/mounted/groups.json:ro - - ./config/pap/logback.xml:/opt/app/policy/pap/etc/logback.xml:ro - - ./wait_for_port.sh:/opt/app/policy/pap/bin/wait_for_port.sh - entrypoint: sh wait_for_port.sh - command: [ - '-c', './policy-pap.sh', - 'mariadb', '3306', - 'kafka', '9092', - 'api', '6969' - ] - zookeeper: - image: confluentinc/cp-zookeeper:latest - environment: - ZOOKEEPER_CLIENT_PORT: 2181 - ZOOKEEPER_TICK_TIME: 2000 - ports: - - 2181:2181 - - pdp: - image: docker.io/opa-pdp:1.0.0 - container_name: opa-pdp - depends_on: - - mariadb - - kafka - - api - - pap - hostname: opa-pdp - volumes: - - ./config/opa-pdp/config.json:/app/config/config.json:ro - - ./config/opa-pdp/groups.json:/app/groups.json:ro - - ./config/opa-pdp/policy-opa-pdp.sh:/app/policy-opa-pdp.sh:ro - - ./wait_for_port.sh:/app/wait_for_port.sh - - ./scripts.sh:/app/scripts.sh - - ./Opagroup.json:/app/Opagroup.json - - ./policy-new.yaml:/app/policy-new.yaml - environment: - LOG_LEVEL: debug - KAFKA_URL: "kafka:9092" - PAP_TOPIC: policy-pdp-pap - GROUPID: opa-pdp - API_USER: policyadmin - API_PASSWORD: "zb!XztG34" - JAASLOGIN: org.apache.kafka.common.security.scram.ScramLoginModule required username="policy-opa-pdp-ku" password="pzmdwfFvBhv21mSD7dieHoUZf2aobdqR" - entrypoint: sh wait_for_port.sh - command: [ - '-c', './policy-opa-pdp.sh', - 'mariadb', '3306', - 'kafka', '9092', - 'api', '6969', - 'pap', '6969' - ] - ports: - - 8282:8282 - zookeeper: - image: confluentinc/cp-zookeeper:latest - environment: - ZOOKEEPER_CLIENT_PORT: 2181 - ZOOKEEPER_TICK_TIME: 2000 - ports: - - 2181:2181 - - kafka: - image: confluentinc/cp-kafka:latest - container_name: kafka - depends_on: - - zookeeper - ports: - - 29092:29092 - - 9092:9092 - environment: - KAFKA_BROKER_ID: 1 - KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181 - KAFKA_ADVERTISED_LISTENERS: PLAINTEXT://kafka:9092,PLAINTEXT_HOST://localhost:29092 - KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: PLAINTEXT:PLAINTEXT,PLAINTEXT_HOST:PLAINTEXT - KAFKA_INTER_BROKER_LISTENER_NAME: PLAINTEXT - KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1 diff --git a/test/policies/abac/policy.rego b/test/policies/abac/policy.rego deleted file mode 100644 index 9dc6ea9..0000000 --- a/test/policies/abac/policy.rego +++ /dev/null @@ -1,20 +0,0 @@ -package abac - -import rego.v1 - -default allow := false - -allow if { - viewable_sensor_data - action_is_read -} - -action_is_read if "read" in input.actions - -viewable_sensor_data contains view_data if { - some sensor_data in data.abac.sensor_data - sensor_data.timestamp >= input.time_period.from - sensor_data.timestamp < input.time_period.to - - view_data := {datatype: sensor_data[datatype] | datatype in input.datatypes} -} diff --git a/test/policies/example/policy.rego b/test/policies/access_method/policy.rego index cc19285..618aacc 100644 --- a/test/policies/example/policy.rego +++ b/test/policies/access_method/policy.rego @@ -1,4 +1,4 @@ -package example +package access_method import rego.v1 diff --git a/test/policies/account/policy.rego b/test/policies/account/policy.rego deleted file mode 100644 index f99e8eb..0000000 --- a/test/policies/account/policy.rego +++ /dev/null @@ -1,17 +0,0 @@ -package account - -import rego.v1 - -default allow := false - -allow if { - creditor_is_valid - debtor_is_valid - period_is_valid - amount_is_valid -} -creditor_is_valid if data.account.account_attributes[input.creditor_account].owner == input.creditor -debtor_is_valid if data.account.account_attributes[input.debtor_account].owner == input.debtor - -period_is_valid if input.period <= 30 -amount_is_valid if data.account.account_attributes[input.debtor_account].amount >= input.amount diff --git a/test/policies/action/policy.rego b/test/policies/action/policy.rego deleted file mode 100644 index 300fe50..0000000 --- a/test/policies/action/policy.rego +++ /dev/null @@ -1,21 +0,0 @@ -package action - -import rego.v1 - -# By default, deny requests. -default allow := false - - -# Allow the action if admin role is granted permission to perform the action. -allow if { - some i - data.action.user_roles[input.user][i] == role - some j - data.action.role_permissions[role].actions[j] == input.action - some k - data.action.role_permissions[role].resources[k] == input.type -} -# * Rego comparison to other systems: https://www.openpolicyagent.org/docs/latest/comparison-to-other-systems/ -# * Rego Iteration: https://www.openpolicyagent.org/docs/latest/#iteration - - diff --git a/test/policies/blacklist/policy.rego b/test/policies/blacklist/policy.rego new file mode 100644 index 0000000..b285593 --- /dev/null +++ b/test/policies/blacklist/policy.rego @@ -0,0 +1,18 @@ +package blacklist +import future.keywords.in +import rego.v1 + +# Define a rule to check if the operation should be allowed +module_allow[module] := false if { + some module in input.vfmodule + not validate(module) +} + +module_allow[module] := true if{ + some module in input.vfmodule + validate(module) +} + +validate(module) if { + module in data.node.blacklist.blacklist +} diff --git a/test/policies/cell/consistency/policy.rego b/test/policies/cell/consistency/policy.rego new file mode 100644 index 0000000..6137df7 --- /dev/null +++ b/test/policies/cell/consistency/policy.rego @@ -0,0 +1,17 @@ +package cell.consistency +import rego.v1 +default allow = false +# Rule to check cell consistency +check_cell_consistency if { + input.cell != data.node.cell.consistency.allowedCellId +} +# Rule to allow if PCI is within range 1-3000 +allow_if_pci_in_range if { + input.PCI >= data.node.cellconsistency.minPCI + input.PCI <= data.node.cellconsistency.maxPCI +} +# Main rule to determine the final decision +allow if{ + check_cell_consistency + allow_if_pci_in_range +} diff --git a/test/policies/cell/consistency/topology/policy.rego b/test/policies/cell/consistency/topology/policy.rego new file mode 100644 index 0000000..dccfac6 --- /dev/null +++ b/test/policies/cell/consistency/topology/policy.rego @@ -0,0 +1,6 @@ +package cell.consistency.topology +import rego.v1 +# Rule to check cell consistency +check_cell_consistency if { + input.cell != data.node.cell.consistency.allowedCellId +} diff --git a/test/policies/data/abac/data.json b/test/policies/data/abac/data.json deleted file mode 100644 index 77b5668..0000000 --- a/test/policies/data/abac/data.json +++ /dev/null @@ -1,94 +0,0 @@ -{ - "sensor_data": [ - { - "id": "0001", - "location": "Sri Lanka", - "temperature": "28 C", - "precipitation": "1000 mm", - "windspeed": "5.5 m/s", - "humidity": "40%", - "particle_density": "1.3 g/l", - "timestamp": "2024-02-26" - }, - { - "id": "0002", - "location": "Colombo", - "temperature": "30 C", - "precipitation": "1200 mm", - "windspeed": "6.0 m/s", - "humidity": "45%", - "particle_density": "1.5 g/l", - "timestamp": "2024-02-26" - }, - { - "id": "0003", - "location": "Kandy", - "temperature": "25 C", - "precipitation": "800 mm", - "windspeed": "4.5 m/s", - "humidity": "60%", - "particle_density": "1.1 g/l", - "timestamp": "2024-02-26" - }, - { - "id": "0004", - "location": "Galle", - "temperature": "35 C", - "precipitation": "500 mm", - "windspeed": "7.2 m/s", - "humidity": "30%", - "particle_density": "1.8 g/l", - "timestamp": "2024-02-27" - }, - { - "id": "0005", - "location": "Jaffna", - "temperature": "-5 C", - "precipitation": "300 mm", - "windspeed": "3.8 m/s", - "humidity": "20%", - "particle_density": "0.9 g/l", - "timestamp": "2024-02-27" - }, - { - "id": "0006", - "location": "Trincomalee", - "temperature": "20 C", - "precipitation": "1000 mm", - "windspeed": "5.0 m/s", - "humidity": "55%", - "particle_density": "1.2 g/l", - "timestamp": "2024-02-28" - }, - { - "id": "0007", - "location": "Nuwara Eliya", - "temperature": "25 C", - "precipitation": "600 mm", - "windspeed": "4.0 m/s", - "humidity": "50%", - "particle_density": "1.3 g/l", - "timestamp": "2024-02-28" - }, - { - "id": "0008", - "location": "Anuradhapura", - "temperature": "28 C", - "precipitation": "700 mm", - "windspeed": "5.8 m/s", - "humidity": "40%", - "particle_density": "1.4 g/l", - "timestamp": "2024-02-29" - }, - { - "id": "0009", - "location": "Matara", - "temperature": "32 C", - "precipitation": "900 mm", - "windspeed": "6.5 m/s", - "humidity": "65%", - "particle_density": "1.6 g/l", - "timestamp": "2024-02-29" - } - ] -} diff --git a/test/policies/data/account/data.json b/test/policies/data/account/data.json deleted file mode 100644 index df263d3..0000000 --- a/test/policies/data/account/data.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "account_attributes":{ - "11111":{ - "owner":"alice", - "amount":10000 - }, - "22222":{ - "owner":"bob", - "amount":10000 - }, - "33333":{ - "owner":"cam", - "amount":10000 - } - } -} diff --git a/test/policies/data/action/data.json b/test/policies/data/action/data.json deleted file mode 100644 index 99145b7..0000000 --- a/test/policies/data/action/data.json +++ /dev/null @@ -1,43 +0,0 @@ -{ - "user_roles": { - "alice": [ - "admin" - ], - "bob": [ - "editor" - ], - "charlie": [ - "viewer" - ] - }, - "role_permissions": { - "admin": { - "actions": [ - "read", - "write", - "delete" - ], - "resources": [ - "server", - "database" - ] - }, - "editor": { - "actions": [ - "read", - "write" - ], - "resources": [ - "server" - ] - }, - "viewer": { - "actions": [ - "read" - ], - "resources": [ - "server" - ] - } - } -} diff --git a/test/policies/data/organization/data.json b/test/policies/data/organization/data.json deleted file mode 100644 index 35fe4a1..0000000 --- a/test/policies/data/organization/data.json +++ /dev/null @@ -1,32 +0,0 @@ -{ - "acls": [ - { - "user": "alice", - "actions": [ - "edit", - "read" - ], - "component": "component_A", - "project": "project_A", - "organization": "org_A" - }, - { - "user": "bob", - "actions": ["read"], - "organization": "org_A" - }, - { - "user": "bob", - "action": ["edit"], - "component": "component_A", - "project": "project_B", - "organization": "org_A" - }, - { - "user": "charlie", - "action": ["read"], - "project": "project_B", - "organization": "org_A" - } - ] -} diff --git a/test/policies/data/role/data.json b/test/policies/data/role/data.json deleted file mode 100644 index 88ac41b..0000000 --- a/test/policies/data/role/data.json +++ /dev/null @@ -1,63 +0,0 @@ -{ - "user_roles": { - "alice": [ - "admin" - ], - "bob": [ - "employee", - "billing" - ], - "eve": [ - "customer" - ] - }, - "role_grants": { - "customer": [ - { - "action": "read", - "type": "dog" - }, - { - "action": "read", - "type": "cat" - }, - { - "action": "adopt", - "type": "dog" - }, - { - "action": "adopt", - "type": "cat" - } - ], - "employee": [ - { - "action": "read", - "type": "dog" - }, - { - "action": "read", - "type": "cat" - }, - { - "action": "update", - "type": "dog" - }, - { - "action": "update", - "type": "cat" - } - ], - "billing": [ - { - "action": "read", - "type": "finance" - }, - { - "action": "update", - "type": "finance" - } - ] - } -} - diff --git a/test/policies/docs/policy.rego b/test/policies/docs/policy.rego deleted file mode 100644 index 90ce883..0000000 --- a/test/policies/docs/policy.rego +++ /dev/null @@ -1,22 +0,0 @@ -package docs - -import rego.v1 - -default allow := false - -allow if { - has_access_to_file - action_is_read_or_write -} - -action_is_read_or_write if { - input.action in ["read", "write"] -} - -has_access_to_file contains file_info if { - some file in data.docs.files - file.file_id == input.file_id - file.access_level == input.access_level - file_info := {attr: file[attr] | attr in input.attributes} -} - diff --git a/test/policies/monitor/policy.rego b/test/policies/monitor/policy.rego new file mode 100644 index 0000000..b3d9aaa --- /dev/null +++ b/test/policies/monitor/policy.rego @@ -0,0 +1,39 @@ +package monitor + +# Policy allows if a matching threshold is met +result contains output if { + input.domain = data.node.monitor.domain + some events in data.node.monitor.metricsPerEventName + events.eventName == input.eventName + events.controlLoopSchemaType == input.controlLoopSchemaType + events.policyScope == input.policyScope + events.policyName == input.policyName + events.policyVersion == input.policyVersion + some value in events.thresholds + input.controlname == value.closedLoopControlName + input.version == value.version + input.thresholdValue == value.thresholdValue + output := { + "severity" : "MAJOR", + "closedLoopEventStatus" : "ABATED" + } +} + +# Policy allows if a matching threshold is met +result contains output if { + input.domain = data.node.monitor.domain + some events in data.node.monitor.metricsPerEventName + events.eventName == input.eventName + events.controlLoopSchemaType == input.controlLoopSchemaType + events.policyScope == input.policyScope + events.policyName == input.policyName + events.policyVersion == input.policyVersion + some value in events.thresholds + input.controlname == value.closedLoopControlName + input.version == value.version + input.thresholdValue > value.thresholdValue + output := { + "severity" : "CRITICAL", + "closedLoopEventStatus" : "ONSET" + } +} diff --git a/test/policies/organization/policy.rego b/test/policies/organization/policy.rego deleted file mode 100644 index 31e7fb6..0000000 --- a/test/policies/organization/policy.rego +++ /dev/null @@ -1,38 +0,0 @@ -package organization - -import rego.v1 - -default allow := false - -# organization level access -allow if { - some acl in data.organization.acls - acl.user == input.user - acl.organization == input.organization - acl.project == input.project - acl.component == input.component - - some action in acl.actions - action == input.action -} - -# project level access -allow if { - some acl in data.organization.acls - acl.user == input.user - acl.organization == input.organization - acl.project == input.project - - some action in acl.actions - action == input.action -} - -# component level access -allow if { - some acl in data.organization.acls - acl.user == input.user - acl.organization == input.organization - - some action in acl.actions - action == input.action -} diff --git a/test/policies/vehicle/policy.rego b/test/policies/vehicle/policy.rego deleted file mode 100644 index 592afee..0000000 --- a/test/policies/vehicle/policy.rego +++ /dev/null @@ -1,23 +0,0 @@ -package vehicle - -import rego.v1 - -default allow := false - -allow if { - user_has_vehicle_access - action_is_granted -} - -action_is_granted if { - "use" in input.actions -} - -user_has_vehicle_access contains vehicle_data if { - some vehicle in data.vehicle.vehicles - vehicle.vehicle_id == input.vehicle_id - vehicle.owner == input.user - vehicle_data := {info: vehicle[info] | info in input.attributes} -} - - diff --git a/test/policies/zone/policy.rego b/test/policies/zone/policy.rego deleted file mode 100644 index 75357a6..0000000 --- a/test/policies/zone/policy.rego +++ /dev/null @@ -1,23 +0,0 @@ -package zone - -import rego.v1 - -default allow := false - -allow if { - has_zone_access - action_is_log_view -} - -action_is_log_view if { - "view" in input.actions -} - -has_zone_access contains access_data if { - some zone_data in data.zone.zone.zone_access_logs - zone_data.timestamp >= input.time_period.from - zone_data.timestamp < input.time_period.to - zone_data.zone_id == input.zone_id - access_data := {datatype: zone_data[datatype] | datatype in input.datatypes} -} - diff --git a/test/policy-new.yaml b/test/policy-new.yaml deleted file mode 100644 index 2fbcf79..0000000 --- a/test/policy-new.yaml +++ /dev/null @@ -1,21 +0,0 @@ -tosca_definitions_version: tosca_simple_yaml_1_1_0 -policy_types: - onap.policies.Native: - derived_from: tosca.policies.Root - description: a base policy type for all native PDP policies - version: 1.0.0 - name: onap.policies.Native - onap.policies.native.opa: - derived_from: onap.policies.Native - version: 1.0.0 - name: onap.policies.native.opa - description: a policy type for native opa policies - properties: - policy: - type: string - type_version: 0.0.0 - description: The rego PolicySet or Policy - required: true - metadata: - encoding: Base64 - diff --git a/test/scripts.sh b/test/scripts.sh deleted file mode 100755 index ab4f838..0000000 --- a/test/scripts.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/bash - -# Set up credentials and host variables -USER="policyadmin" -PASSWORD="zb!XztG34" -HOST="localhost" - -# Exit immediately if a command exits with a non-zero status -set -e - -# Step 1: Create a Policy -echo "Creating a new policy..." -sleep 40 -curl -u "$USER:$PASSWORD" --header "Content-Type: application/yaml" \ - -X POST --data-binary @policy-new.yaml \ - http://policy-api:6969/policy/api/v1/policytypes -echo "Policy created successfully. Check policy-api logs for details." - -# Step 2: Create Groups -echo "Creating groups..." -curl -u "$USER:$PASSWORD" --header "Content-Type: application/json" \ - -X POST --data-binary @Opagroup.json \ - http://policy-pap:6969/policy/pap/v1/pdps/groups/batch - -echo "Groups created successfully. Check policy-pap logs for details." - -echo "Script execution completed." diff --git a/test/scripts.txt b/test/scripts.txt deleted file mode 100644 index 3d60d4a..0000000 --- a/test/scripts.txt +++ /dev/null @@ -1,21 +0,0 @@ - curl -u 'policyadmin:zb!XztG34' --header "Content-Type:application/yaml" -X POST --data-binary @policy-new.yaml http://localhost:30002/policy/api/v1/policytypes - -# policy-new.yaml is inside test directory to create policy -#check policy-api logs - - -//Create Groups - -curl -u 'policyadmin:zb!XztG34' --header "Content-Type:application/json" -X POST --data-binary @Opagroup.json http://localhost:30003/policy/pap/v1/pdps/groups/batch - -#Check policy-pap logs -#file Opagroup.json is inside test - -// Sends registration message to policy-pdp-pap - -docker exec -it kafka /bin/sh - -echo '{"messageName": "PDP_STATUS", "requestId": "e9b4ee77-5400-41a8-87ba-3c914a86ee08", "timestampMs": "1728551661460","name": "opa-2e953ecf-40f1-47f7-8a5e-53031947516c","pdpGroup": "opaGroup","pdpSubgroup": null, "pdpType": "opa","state": "PASSIVE","healthy": "HEALTHY", "description": null, "policies": []}' | kafka-console-producer --broker-list kafka:9092 --topic policy-pdp-pap - - -#To get Gracefulshutdown signals commented command and changed entrypoint to /app/opa-pdp diff --git a/test/test_resources/policy_collab.yaml b/test/test_resources/policy_collab.yaml deleted file mode 100644 index fe4fc12..0000000 --- a/test/test_resources/policy_collab.yaml +++ /dev/null @@ -1,18 +0,0 @@ -tosca_definitions_version: tosca_simple_yaml_1_1_0 -topology_template: - policies: - - collab: - type: onap.policies.native.opa - type_version: 1.0.0 - properties: - data: - node.collab.action: ewogICAgInVzZXJfcm9sZXMiOiB7CiAgICAgICAgImFsaWNlIjogWwogICAgICAgICAgICAiYWRtaW4iCiAgICAgICAgXSwKICAgICAgICAiYm9iIjogWwogICAgICAgICAgICAiZWRpdG9yIgogICAgICAgIF0sCiAgICAgICAgImNoYXJsaWUiOiBbCiAgICAgICAgICAgICJ2aWV3ZXIiCiAgICAgICAgXQogICAgfSwKICAgICJyb2xlX3Blcm1pc3Npb25zIjogewogICAgICAgICJhZG1pbiI6IHsKICAgICAgICAgICAgImFjdGlvbnMiOiBbCiAgICAgICAgICAgICAgICAicmVhZCIsCiAgICAgICAgICAgICAgICAid3JpdGUiLAogICAgICAgICAgICAgICAgImRlbGV0ZSIKICAgICAgICAgICAgXSwKICAgICAgICAgICAgInJlc291cmNlcyI6IFsKICAgICAgICAgICAgICAgICJzZXJ2ZXIiLAogICAgICAgICAgICAgICAgImRhdGFiYXNlIgogICAgICAgICAgICBdCiAgICAgICAgfSwKICAgICAgICAiZWRpdG9yIjogewogICAgICAgICAgICAiYWN0aW9ucyI6IFsKICAgICAgICAgICAgICAgICJyZWFkIiwKICAgICAgICAgICAgICAgICJ3cml0ZSIKICAgICAgICAgICAgXSwKICAgICAgICAgICAgInJlc291cmNlcyI6IFsKICAgICAgICAgICAgICAgICJzZXJ2ZXIiCiAgICAgICAgICAgIF0KICAgICAgICB9LAogICAgICAgICJ2aWV3ZXIiOiB7CiAgICAgICAgICAgICJhY3Rpb25zIjogWwogICAgICAgICAgICAgICAgInJlYWQiCiAgICAgICAgICAgIF0sCiAgICAgICAgICAgICJyZXNvdXJjZXMiOiBbCiAgICAgICAgICAgICAgICAic2VydmVyIgogICAgICAgICAgICBdCiAgICAgICAgfQogICAgfQp9 - policy: - collab.conflict: cGFja2FnZSBjb2xsYWIuY29uZmxpY3QKCmltcG9ydCByZWdvLnYxCgphbGxvdyBpZiB7IGlucHV0Lm5hbWUgPT0gImFsaWNlIiB9CmRlbnkgaWYgeyBpbnB1dC5uYW1lID09ICJhbGljZSIgfQoKIyBkZW55IGV2ZXJ5dGhpbmcgYnkgZGVmYXVsdApkZWZhdWx0IGF1dGh6IDo9IGZhbHNlCgojIGRlbnkgb3ZlcnJpZGVzIGFsbG93CmF1dGh6IGlmIHsKICAgIGFsbG93CiAgICBub3QgZGVueQp9Cg== - collab.action: cGFja2FnZSBjb2xsYWIuYWN0aW9uCgppbXBvcnQgcmVnby52MQoKIyBCeSBkZWZhdWx0LCBkZW55IHJlcXVlc3RzLgpkZWZhdWx0IGFsbG93IDo9IGZhbHNlCgoKIyBBbGxvdyB0aGUgYWN0aW9uIGlmIGFkbWluIHJvbGUgaXMgZ3JhbnRlZCBwZXJtaXNzaW9uIHRvIHBlcmZvcm0gdGhlIGFjdGlvbi4KYWxsb3cgaWYgewogICAgc29tZSBpCiAgICBkYXRhLm5vZGUuY29sbGFiLmFjdGlvbi51c2VyX3JvbGVzW2lucHV0LnVzZXJdW2ldID09IHJvbGUKICAgIHNvbWUgagogICAgZGF0YS5ub2RlLmNvbGxhYi5hY3Rpb24ucm9sZV9wZXJtaXNzaW9uc1tyb2xlXS5hY3Rpb25zW2pdID09IGlucHV0LmFjdGlvbgogICAgc29tZSBrCiAgICBkYXRhLm5vZGUuY29sbGFiLmFjdGlvbi5yb2xlX3Blcm1pc3Npb25zW3JvbGVdLnJlc291cmNlc1trXSA9PSBpbnB1dC50eXBlCn0KIyAgICAgICAqIFJlZ28gY29tcGFyaXNvbiB0byBvdGhlciBzeXN0ZW1zOiBodHRwczovL3d3dy5vcGVucG9saWN5YWdlbnQub3JnL2RvY3MvbGF0ZXN0L2NvbXBhcmlzb24tdG8tb3RoZXItc3lzdGVtcy8KIyAgICAgICAqIFJlZ28gSXRlcmF0aW9uOiBodHRwczovL3d3dy5vcGVucG9saWN5YWdlbnQub3JnL2RvY3MvbGF0ZXN0LyNpdGVyYXRpb24= - collab: cGFja2FnZSBjb2xsYWIKCmltcG9ydCByZWdvLnYxCmltcG9ydCBkYXRhLmNvbGxhYi5jb25mbGljdAppbXBvcnQgZGF0YS5jb2xsYWIuYWN0aW9uCgpkZWZhdWx0IGFsbG93IDo9IGZhbHNlCmFsbG93IGlmIHsKICAgIGNvbmZsaWN0LmFsbG93CiAgICBhY3Rpb24uYWxsb3cKfQ== - name: collab - version: 1.0.0 - metadata: - policy-id: collab - policy-version: 1.0.0 diff --git a/test/test_resources/policy_conflict.yaml b/test/test_resources/policy_conflict.yaml deleted file mode 100644 index 0406179..0000000 --- a/test/test_resources/policy_conflict.yaml +++ /dev/null @@ -1,15 +0,0 @@ -tosca_definitions_version: tosca_simple_yaml_1_1_0 -topology_template: - policies: - - conflict: - type: onap.policies.native.opa - type_version: 1.0.0 - properties: - data: - policy: - conflict: cGFja2FnZSBjb25mbGljdAoKaW1wb3J0IHJlZ28udjEKCmFsbG93IGlmIHsgaW5wdXQubmFtZSA9PSAiYWxpY2UiIH0KZGVueSBpZiB7IGlucHV0Lm5hbWUgPT0gImFsaWNlIiB9CgojIGRlbnkgZXZlcnl0aGluZyBieSBkZWZhdWx0CmRlZmF1bHQgYXV0aHogOj0gZmFsc2UKCiMgZGVueSBvdmVycmlkZXMgYWxsb3cKYXV0aHogaWYgewogICAgYWxsb3cKICAgIG5vdCBkZW55Cn0KCg== - name: conflict - version: 1.0.0 - metadata: - policy-id: conflict - policy-version: 1.0.0 diff --git a/test/test_resources/policy_deploy_single_policy.yaml b/test/test_resources/policy_deploy_single_policy.yaml deleted file mode 100644 index a2116fe..0000000 --- a/test/test_resources/policy_deploy_single_policy.yaml +++ /dev/null @@ -1,17 +0,0 @@ -tosca_definitions_version: tosca_simple_yaml_1_1_0 -topology_template: - policies: - - role: - type: onap.policies.native.opa - type_version: 1.0.0 - properties: - data: - node.role: ewogICAgInVzZXJfcm9sZXMiOiB7CiAgICAgICAgImFsaWNlIjogWwogICAgICAgICAgICAiYWRtaW4iCiAgICAgICAgXSwKICAgICAgICAiYm9iIjogWwogICAgICAgICAgICAiZW1wbG95ZWUiLAogICAgICAgICAgICAiYmlsbGluZyIKICAgICAgICBdLAogICAgICAgICJldmUiOiBbCiAgICAgICAgICAgICJjdXN0b21lciIKICAgICAgICBdCiAgICB9LAogICAgInJvbGVfZ3JhbnRzIjogewogICAgICAgICJjdXN0b21lciI6IFsKICAgICAgICAgICAgewogICAgICAgICAgICAgICAgImFjdGlvbiI6ICJyZWFkIiwKICAgICAgICAgICAgICAgICJ0eXBlIjogImRvZyIKICAgICAgICAgICAgfSwKICAgICAgICAgICAgewogICAgICAgICAgICAgICAgImFjdGlvbiI6ICJyZWFkIiwKICAgICAgICAgICAgICAgICJ0eXBlIjogImNhdCIKICAgICAgICAgICAgfSwKICAgICAgICAgICAgewogICAgICAgICAgICAgICAgImFjdGlvbiI6ICJhZG9wdCIsCiAgICAgICAgICAgICAgICAidHlwZSI6ICJkb2ciCiAgICAgICAgICAgIH0sCiAgICAgICAgICAgIHsKICAgICAgICAgICAgICAgICJhY3Rpb24iOiAiYWRvcHQiLAogICAgICAgICAgICAgICAgInR5cGUiOiAiY2F0IgogICAgICAgICAgICB9CiAgICAgICAgXSwKICAgICAgICAiZW1wbG95ZWUiOiBbCiAgICAgICAgICAgIHsKICAgICAgICAgICAgICAgICJhY3Rpb24iOiAicmVhZCIsCiAgICAgICAgICAgICAgICAidHlwZSI6ICJkb2ciCiAgICAgICAgICAgIH0sCiAgICAgICAgICAgIHsKICAgICAgICAgICAgICAgICJhY3Rpb24iOiAicmVhZCIsCiAgICAgICAgICAgICAgICAidHlwZSI6ICJjYXQiCiAgICAgICAgICAgIH0sCiAgICAgICAgICAgIHsKICAgICAgICAgICAgICAgICJhY3Rpb24iOiAidXBkYXRlIiwKICAgICAgICAgICAgICAgICJ0eXBlIjogImRvZyIKICAgICAgICAgICAgfSwKICAgICAgICAgICAgewogICAgICAgICAgICAgICAgImFjdGlvbiI6ICJ1cGRhdGUiLAogICAgICAgICAgICAgICAgInR5cGUiOiAiY2F0IgogICAgICAgICAgICB9CiAgICAgICAgXSwKICAgICAgICAiYmlsbGluZyI6IFsKICAgICAgICAgICAgewogICAgICAgICAgICAgICAgImFjdGlvbiI6ICJyZWFkIiwKICAgICAgICAgICAgICAgICJ0eXBlIjogImZpbmFuY2UiCiAgICAgICAgICAgIH0sCiAgICAgICAgICAgIHsKICAgICAgICAgICAgICAgICJhY3Rpb24iOiAidXBkYXRlIiwKICAgICAgICAgICAgICAgICJ0eXBlIjogImZpbmFuY2UiCiAgICAgICAgICAgIH0KICAgICAgICBdCiAgICB9Cn0K - policy: - role: cGFja2FnZSByb2xlCgppbXBvcnQgcmVnby52MQoKIyBCeSBkZWZhdWx0LCBkZW55IHJlcXVlc3RzLgpkZWZhdWx0IGFsbG93IDo9IGZhbHNlCgojIEFsbG93IGFkbWlucyB0byBkbyBhbnl0aGluZy4KYWxsb3cgaWYgdXNlcl9pc19hZG1pbgoKIyBBbGxvdyB0aGUgYWN0aW9uIGlmIHRoZSB1c2VyIGlzIGdyYW50ZWQgcGVybWlzc2lvbiB0byBwZXJmb3JtIHRoZSBhY3Rpb24uCmFsbG93IGlmIHsKICAgICAgICAjIEZpbmQgZ3JhbnRzIGZvciB0aGUgdXNlci4KICAgICAgICBzb21lIGdyYW50IGluIHVzZXJfaXNfZ3JhbnRlZAoKICAgICAgICAjIENoZWNrIGlmIHRoZSBncmFudCBwZXJtaXRzIHRoZSBhY3Rpb24uCiAgICAgICAgaW5wdXQuYWN0aW9uID09IGdyYW50LmFjdGlvbgogICAgICAgIGlucHV0LnR5cGUgPT0gZ3JhbnQudHlwZQp9CgojIHVzZXJfaXNfYWRtaW4gaXMgdHJ1ZSBpZiAiYWRtaW4iIGlzIGFtb25nIHRoZSB1c2VyJ3Mgcm9sZXMgYXMgcGVyIGRhdGEudXNlcl9yb2xlcwp1c2VyX2lzX2FkbWluIGlmICJhZG1pbiIgaW4gZGF0YS5ub2RlLnJvbGUudXNlcl9yb2xlc1tpbnB1dC51c2VyXQoKIyB1c2VyX2lzX2dyYW50ZWQgaXMgYSBzZXQgb2YgZ3JhbnRzIGZvciB0aGUgdXNlciBpZGVudGlmaWVkIGluIHRoZSByZXF1ZXN0LgojIFRoZSBgZ3JhbnRgIHdpbGwgYmUgY29udGFpbmVkIGlmIHRoZSBzZXQgYHVzZXJfaXNfZ3JhbnRlZGAgZm9yIGV2ZXJ5Li4uCnVzZXJfaXNfZ3JhbnRlZCBjb250YWlucyBncmFudCBpZiB7CiAgICAgICAgIyBgcm9sZWAgYXNzaWduZWQgYW4gZWxlbWVudCBvZiB0aGUgdXNlcl9yb2xlcyBmb3IgdGhpcyB1c2VyLi4uCiAgICAgICAgc29tZSByb2xlIGluIGRhdGEubm9kZS5yb2xlLnVzZXJfcm9sZXNbaW5wdXQudXNlcl0KCiAgICAgICAgIyBgZ3JhbnRgIGFzc2lnbmVkIGEgc2luZ2xlIGdyYW50IGZyb20gdGhlIGdyYW50cyBsaXN0IGZvciAncm9sZScuLi4KICAgICAgICBzb21lIGdyYW50IGluIGRhdGEubm9kZS5yb2xlLnJvbGVfZ3JhbnRzW3JvbGVdCn0KCiMgICAgICAgKiBSZWdvIGNvbXBhcmlzb24gdG8gb3RoZXIgc3lzdGVtczogaHR0cHM6Ly93d3cub3BlbnBvbGljeWFnZW50Lm9yZy9kb2NzL2xhdGVzdC9jb21wYXJpc29uLXRvLW90aGVyLXN5c3RlbXMvCiMgICAgICAgKiBSZWdvIEl0ZXJhdGlvbjogaHR0cHM6Ly93d3cub3BlbnBvbGljeWFnZW50Lm9yZy9kb2NzL2xhdGVzdC8jaXRlcmF0aW9u - name: role - version: 1.0.0 - metadata: - policy-id: role - policy-version: 1.0.0 - diff --git a/test/test_resources/policy_zone.yaml b/test/test_resources/policy_zone.yaml deleted file mode 100644 index 2c99e9f..0000000 --- a/test/test_resources/policy_zone.yaml +++ /dev/null @@ -1,16 +0,0 @@ -tosca_definitions_version: tosca_simple_yaml_1_1_0 -topology_template: - policies: - - zone: - type: onap.policies.native.opa - type_version: 1.0.0 - properties: - data: - node.zone: ewogICJ6b25lIjogewogICAgInpvbmVfYWNjZXNzX2xvZ3MiOiBbCiAgICAgIHsgImxvZ19pZCI6ICJsb2cxIiwgInRpbWVzdGFtcCI6ICIyMDI0LTExLTAxVDA5OjAwOjAwWiIsICJ6b25lX2lkIjogInpvbmVBIiwgImFjY2VzcyI6ICJncmFudGVkIiwgInVzZXIiOiAidXNlcjEiIH0sCiAgICAgIHsgImxvZ19pZCI6ICJsb2cyIiwgInRpbWVzdGFtcCI6ICIyMDI0LTExLTAxVDEwOjMwOjAwWiIsICJ6b25lX2lkIjogInpvbmVBIiwgImFjY2VzcyI6ICJkZW5pZWQiLCAidXNlciI6ICJ1c2VyMiIgfSwKICAgICAgeyAibG9nX2lkIjogImxvZzMiLCAidGltZXN0YW1wIjogIjIwMjQtMTEtMDFUMTE6MDA6MDBaIiwgInpvbmVfaWQiOiAiem9uZUIiLCAiYWNjZXNzIjogImdyYW50ZWQiLCAidXNlciI6ICJ1c2VyMyIgfQogICAgXQogIH0KfQo= - policy: - zone : cGFja2FnZSB6b25lCgppbXBvcnQgcmVnby52MQoKZGVmYXVsdCBhbGxvdyA6PSBmYWxzZQoKYWxsb3cgaWYgewogICAgaGFzX3pvbmVfYWNjZXNzCiAgICBhY3Rpb25faXNfbG9nX3ZpZXcKfQoKYWN0aW9uX2lzX2xvZ192aWV3IGlmIHsKICAgICJ2aWV3IiBpbiBpbnB1dC5hY3Rpb25zCn0KCmhhc196b25lX2FjY2VzcyBjb250YWlucyBhY2Nlc3NfZGF0YSBpZiB7CiAgICBzb21lIHpvbmVfZGF0YSBpbiBkYXRhLm5vZGUuem9uZS56b25lLnpvbmVfYWNjZXNzX2xvZ3MKICAgIHpvbmVfZGF0YS50aW1lc3RhbXAgPj0gaW5wdXQudGltZV9wZXJpb2QuZnJvbQogICAgem9uZV9kYXRhLnRpbWVzdGFtcCA8IGlucHV0LnRpbWVfcGVyaW9kLnRvCiAgICB6b25lX2RhdGEuem9uZV9pZCA9PSBpbnB1dC56b25lX2lkCiAgICBhY2Nlc3NfZGF0YSA6PSB7ZGF0YXR5cGU6IHpvbmVfZGF0YVtkYXRhdHlwZV0gfCBkYXRhdHlwZSBpbiBpbnB1dC5kYXRhdHlwZXN9Cn0K - name: zone - version: 1.0.0 - metadata: - policy-id: zone - policy-version: 1.0.0 diff --git a/test/test_resources/undeploy_batch_delete.json b/test/test_resources/undeploy_batch_delete.json deleted file mode 100644 index 9195f74..0000000 --- a/test/test_resources/undeploy_batch_delete.json +++ /dev/null @@ -1,23 +0,0 @@ -{ - "groups": [ - { - "name": "opaGroup", - "deploymentSubgroups": [ - { - "pdpType": "opa", - "action": "DELETE", - "policies": [ - { - "name": "account", - "version": "1.0.0" - }, - { - "name": "organization", - "version": "1.0.0" - } - ] - } - ] - } - ] -} diff --git a/test/test_resources/deploy_conflict.json b/test/toscapolicies/access_method/deploy_access_method.json index 72d2fcd..4903c65 100644 --- a/test/test_resources/deploy_conflict.json +++ b/test/toscapolicies/access_method/deploy_access_method.json @@ -1,7 +1,7 @@ { "policies": [ { - "policy-id": "conflict", + "policy-id": "access_method", "policy-version": "1.0.0" } diff --git a/test/toscapolicies/access_method/policy_access_method.yaml b/test/toscapolicies/access_method/policy_access_method.yaml new file mode 100644 index 0000000..9b48637 --- /dev/null +++ b/test/toscapolicies/access_method/policy_access_method.yaml @@ -0,0 +1,15 @@ +tosca_definitions_version: tosca_simple_yaml_1_1_0 +topology_template: + policies: + - access_method: + type: onap.policies.native.opa + type_version: 1.0.0 + properties: + data: + policy: + access_method: cGFja2FnZSBhY2Nlc3NfbWV0aG9kCmltcG9ydCByZWdvLnYxCmFsbG93IGlmIHsKICAgICAgICBpbnB1dC5wYXRoID09IFsidXNlcnMiXQogICAgICAgIGlucHV0Lm1ldGhvZCA9PSAiUE9TVCIKfQoKYWxsb3cgaWYgewogICAgICAgIGlucHV0LnBhdGggPT0gWyJ1c2VycyIsIGlucHV0LnVzZXJfaWRdCiAgICAgICAgaW5wdXQubWV0aG9kID09ICJHRVQiCn0KCg== + name: access_method + version: 1.0.0 + metadata: + policy-id: access_method + policy-version: 1.0.0 diff --git a/test/test_resources/deploy_zone.json b/test/toscapolicies/blacklist/deploy_blacklist.json index 217457b..8daa958 100644 --- a/test/test_resources/deploy_zone.json +++ b/test/toscapolicies/blacklist/deploy_blacklist.json @@ -1,8 +1,7 @@ - { "policies": [ { - "policy-id": "zone", + "policy-id": "blacklist", "policy-version": "1.0.0" } diff --git a/test/toscapolicies/blacklist/policy_blacklist.yaml b/test/toscapolicies/blacklist/policy_blacklist.yaml new file mode 100644 index 0000000..2e2b15c --- /dev/null +++ b/test/toscapolicies/blacklist/policy_blacklist.yaml @@ -0,0 +1,18 @@ +tosca_definitions_version: tosca_simple_yaml_1_1_0 +topology_template: + policies: + - blacklist: + type: onap.policies.native.opa + type_version: 1.0.0 + properties: + data: + node.blacklist: ewogICAgImJsYWNrbGlzdCIgOiBbCiAgICAidGhlLXZmbW9kdWxlLXdoZXJlLXJvb3QtaXMtdHJ1ZSIsCiAgICAgImFub3RoZXItdmZtb2R1bGUtd2hlcmUtcm9vdC1pcy10cnVlIgpdCn0= + policy: + blacklist: + cGFja2FnZSBibGFja2xpc3QKaW1wb3J0IGZ1dHVyZS5rZXl3b3Jkcy5pbgppbXBvcnQgcmVnby52MQoKIyBEZWZpbmUgYSBydWxlIHRvIGNoZWNrIGlmIHRoZSBvcGVyYXRpb24gc2hvdWxkIGJlIGFsbG93ZWQKbW9kdWxlX2FsbG93W21vZHVsZV0gOj0gZmFsc2UgaWYgewogICAgc29tZSBtb2R1bGUgaW4gaW5wdXQudmZtb2R1bGUKICAgIG5vdCB2YWxpZGF0ZShtb2R1bGUpCn0KCm1vZHVsZV9hbGxvd1ttb2R1bGVdIDo9IHRydWUgaWZ7CiAgICAgICAgc29tZSBtb2R1bGUgaW4gaW5wdXQudmZtb2R1bGUKICAgIHZhbGlkYXRlKG1vZHVsZSkKfQoKdmFsaWRhdGUobW9kdWxlKSBpZiB7CiAgICAgICAgbW9kdWxlIGluIGRhdGEubm9kZS5ibGFja2xpc3QuYmxhY2tsaXN0Cn0= + name: blacklist + version: 1.0.0 + metadata: + policy-id: blacklist + policy-version: 1.0.0 + diff --git a/test/toscapolicies/cell/deploy_cell.json b/test/toscapolicies/cell/deploy_cell.json new file mode 100644 index 0000000..75a25bd --- /dev/null +++ b/test/toscapolicies/cell/deploy_cell.json @@ -0,0 +1,10 @@ +{ + "policies": [ + { + "policy-id": "cell.consistency", + "policy-version": "1.0.0" + + } + ] +} + diff --git a/test/toscapolicies/cell/policy_cell.yaml b/test/toscapolicies/cell/policy_cell.yaml new file mode 100644 index 0000000..3ab25db --- /dev/null +++ b/test/toscapolicies/cell/policy_cell.yaml @@ -0,0 +1,21 @@ +tosca_definitions_version: tosca_simple_yaml_1_1_0 +topology_template: + policies: + - cell.consistency: + type: onap.policies.native.opa + type_version: 1.0.0 + properties: + data: + node.cell.consistency: >- + eyAgIAogICJhbGxvd2VkQ2VsbElkIiA6IDQ0NTYxMTE5MzI2NTA0MDEyOSwgCiAgIm1pblBDSSI6IDEsIAogICJtYXhQQ0kiOiAzMDAwICAKIH0= + policy: + cell.consistency: >- + cGFja2FnZSBjZWxsLmNvbnNpc3RlbmN5CmRlZmF1bHQgYWxsb3cgPSBmYWxzZQojIFJ1bGUgdG8gY2hlY2sgY2VsbCBjb25zaXN0ZW5jeQpjaGVja19jZWxsX2NvbnNpc3RlbmN5IGlmIHsKICAgIGlucHV0LmNlbGwgIT0gZGF0YS5ub2RlLmNlbGwuY29uc2lzdGVuY3kuYWxsb3dlZENlbGxJZAp9CiMgUnVsZSB0byBhbGxvdyBpZiBQQ0kgaXMgd2l0aGluIHJhbmdlIDEtMzAwMAphbGxvd19pZl9wY2lfaW5fcmFuZ2UgaWYgewogICAgaW5wdXQuUENJID49IGRhdGEubm9kZS5jZWxsY29uc2lzdGVuY3kubWluUENJCiAgICBpbnB1dC5QQ0kgPD0gZGF0YS5ub2RlLmNlbGxjb25zaXN0ZW5jeS5tYXhQQ0kKfQojIE1haW4gcnVsZSB0byBkZXRlcm1pbmUgdGhlIGZpbmFsIGRlY2lzaW9uCmFsbG93IGlmIHsKICAgIGNoZWNrX2NlbGxfY29uc2lzdGVuY3kKICAgIGFsbG93X2lmX3BjaV9pbl9yYW5nZQp9 + cell.consistency.topology: >- + cGFja2FnZSBjZWxsLmNvbnNpc3RlbmN5LnRvcG9sb2d5CmltcG9ydCByZWdvLnYxCiMgUnVsZSB0byBjaGVjayBjZWxsIGNvbnNpc3RlbmN5CmNoZWNrX2NlbGxfY29uc2lzdGVuY3kgaWYgewogICAgaW5wdXQuY2VsbCAhPSBkYXRhLmNlbGxjb25zaXN0ZW5jeS5hbGxvd2VkQ2VsbElkCn0= + name: cell.consistency + version: 1.0.0 + metadata: + policy-id: cell.consistency + policy-version: 1.0.0 + diff --git a/test/test_resources/deploy_collab.json b/test/toscapolicies/monitor/deploy_monitor.json index 06d43c9..55a60cf 100644 --- a/test/test_resources/deploy_collab.json +++ b/test/toscapolicies/monitor/deploy_monitor.json @@ -1,7 +1,7 @@ { "policies": [ { - "policy-id": "collab", + "policy-id": "monitor", "policy-version": "1.0.0" } diff --git a/test/toscapolicies/monitor/policy_monitor.yaml b/test/toscapolicies/monitor/policy_monitor.yaml new file mode 100644 index 0000000..1dcc7ee --- /dev/null +++ b/test/toscapolicies/monitor/policy_monitor.yaml @@ -0,0 +1,16 @@ +tosca_definitions_version: tosca_simple_yaml_1_1_0 +topology_template: + policies: + - monitor: + type: onap.policies.native.opa + type_version: 1.0.0 + properties: + data: + node.monitor: eyAiZG9tYWluIjogIm1lYXN1cmVtZW50c0ZvclZmU2NhbGluZyIsCiAgIm1ldHJpY3NQZXJFdmVudE5hbWUiOiBbewogICAgICAgICAgImV2ZW50TmFtZSI6ICJNZWFzdXJlbWVudF92R01VWCIsCiAgICAgICAgICAiY29udHJvbExvb3BTY2hlbWFUeXBlIjogIlZORiIsCiAgICAgICAgICAicG9saWN5U2NvcGUiOiAiRENBRSIsCiAgICAgICAgICAicG9saWN5TmFtZSI6ICJEQ0FFLkNvbmZpZ190Y2EtaGktbG8iLAogICAgICAgICAgICJwb2xpY3lWZXJzaW9uIjogInYwLjAuMSIsCiAgICAgICAgICAgInRocmVzaG9sZHMiIDogW3sidmVyc2lvbiI6ICIxLjAuMiIsCiAgICAgICAgICAgICJjbG9zZWRMb29wQ29udHJvbE5hbWUiOiAiQ29udHJvbExvb3AtdkNQRS00OGYwYzJjMy1hMTcyLTQxOTItOWFlMy0wNTIyNzQxODFiNmUiLAogICAgICAgICAgICAidGhyZXNob2xkVmFsdWUiOiAwCiAgICAgICAgICAgICB9XQp9XQp9 + policy: + monitor: cGFja2FnZSBtb25pdG9yCgojIFBvbGljeSBhbGxvd3MgaWYgYSBtYXRjaGluZyB0aHJlc2hvbGQgaXMgbWV0CnJlc3VsdCBjb250YWlucyBvdXRwdXQgaWYgewogICAgaW5wdXQuZG9tYWluID0gZGF0YS5ub2RlLm1vbml0b3IuZG9tYWluCiAgICBzb21lIGV2ZW50cyAgaW4gZGF0YS5ub2RlLm1vbml0b3IubWV0cmljc1BlckV2ZW50TmFtZQogICAgZXZlbnRzLmV2ZW50TmFtZSA9PSBpbnB1dC5ldmVudE5hbWUKICAgIGV2ZW50cy5jb250cm9sTG9vcFNjaGVtYVR5cGUgPT0gaW5wdXQuY29udHJvbExvb3BTY2hlbWFUeXBlCiAgICBldmVudHMucG9saWN5U2NvcGUgPT0gaW5wdXQucG9saWN5U2NvcGUKICAgIGV2ZW50cy5wb2xpY3lOYW1lID09IGlucHV0LnBvbGljeU5hbWUKICAgIGV2ZW50cy5wb2xpY3lWZXJzaW9uID09IGlucHV0LnBvbGljeVZlcnNpb24KICAgIHNvbWUgdmFsdWUgaW4gZXZlbnRzLnRocmVzaG9sZHMKICAgIGlucHV0LmNvbnRyb2xuYW1lID09IHZhbHVlLmNsb3NlZExvb3BDb250cm9sTmFtZQogICAgaW5wdXQudmVyc2lvbiA9PSB2YWx1ZS52ZXJzaW9uCiAgICBpbnB1dC50aHJlc2hvbGRWYWx1ZSA9PSB2YWx1ZS50aHJlc2hvbGRWYWx1ZQogICAgb3V0cHV0IDo9IHsKICAgICAgICAic2V2ZXJpdHkiIDogIk1BSk9SIiwKICAgICAgICAiY2xvc2VkTG9vcEV2ZW50U3RhdHVzIiA6ICJBQkFURUQiCiAgICAgICAgfQp9CgojIFBvbGljeSBhbGxvd3MgaWYgYSBtYXRjaGluZyB0aHJlc2hvbGQgaXMgbWV0CnJlc3VsdCBjb250YWlucyBvdXRwdXQgaWYgewogICAgaW5wdXQuZG9tYWluID0gZGF0YS5ub2RlLm1vbml0b3IuZG9tYWluCiAgICBzb21lIGV2ZW50cyAgaW4gZGF0YS5ub2RlLm1vbml0b3IubWV0cmljc1BlckV2ZW50TmFtZQogICAgZXZlbnRzLmV2ZW50TmFtZSA9PSBpbnB1dC5ldmVudE5hbWUKICAgIGV2ZW50cy5jb250cm9sTG9vcFNjaGVtYVR5cGUgPT0gaW5wdXQuY29udHJvbExvb3BTY2hlbWFUeXBlCiAgICBldmVudHMucG9saWN5U2NvcGUgPT0gaW5wdXQucG9saWN5U2NvcGUKICAgIGV2ZW50cy5wb2xpY3lOYW1lID09IGlucHV0LnBvbGljeU5hbWUKICAgIGV2ZW50cy5wb2xpY3lWZXJzaW9uID09IGlucHV0LnBvbGljeVZlcnNpb24KICAgIHNvbWUgdmFsdWUgaW4gZXZlbnRzLnRocmVzaG9sZHMKICAgIGlucHV0LmNvbnRyb2xuYW1lID09IHZhbHVlLmNsb3NlZExvb3BDb250cm9sTmFtZQogICAgaW5wdXQudmVyc2lvbiA9PSB2YWx1ZS52ZXJzaW9uCiAgICBpbnB1dC50aHJlc2hvbGRWYWx1ZSA+IHZhbHVlLnRocmVzaG9sZFZhbHVlCiAgICBvdXRwdXQgOj0gewogICAgICAgICJzZXZlcml0eSIgOiAiQ1JJVElDQUwiLAogICAgICAgICJjbG9zZWRMb29wRXZlbnRTdGF0dXMiIDogIk9OU0VUIgogICAgICAgIH0KfQ== + name: monitor + version: 1.0.0 + metadata: + policy-id: monitor + policy-version: 1.0.0 diff --git a/test/test_resources/deploy.json b/test/toscapolicies/role/deploy_role.json index 2698286..2698286 100644 --- a/test/test_resources/deploy.json +++ b/test/toscapolicies/role/deploy_role.json diff --git a/test/toscapolicies/role/policy_role.yaml b/test/toscapolicies/role/policy_role.yaml new file mode 100644 index 0000000..aeb0da5 --- /dev/null +++ b/test/toscapolicies/role/policy_role.yaml @@ -0,0 +1,16 @@ +tosca_definitions_version: tosca_simple_yaml_1_1_0 +topology_template: + policies: + - role: + type: onap.policies.native.opa + type_version: 1.0.0 + properties: + data: + node.role: ewogICAgInVzZXJfcm9sZXMiOiB7CiAgICAgICAgImFsaWNlIjogWwogICAgICAgICAgICAiYWRtaW4iCiAgICAgICAgXSwKICAgICAgICAiYm9iIjogWwogICAgICAgICAgICAiZW1wbG95ZWUiLAogICAgICAgICAgICAiYmlsbGluZyIKICAgICAgICBdLAogICAgICAgICJldmUiOiBbCiAgICAgICAgICAgICJjdXN0b21lciIKICAgICAgICBdCiAgICB9LAogICAgInJvbGVfZ3JhbnRzIjogewogICAgICAgICJjdXN0b21lciI6IFsKICAgICAgICAgICAgewogICAgICAgICAgICAgICAgImFjdGlvbiI6ICJyZWFkIiwKICAgICAgICAgICAgICAgICJ0eXBlIjogImRvZyIKICAgICAgICAgICAgfSwKICAgICAgICAgICAgewogICAgICAgICAgICAgICAgImFjdGlvbiI6ICJyZWFkIiwKICAgICAgICAgICAgICAgICJ0eXBlIjogImNhdCIKICAgICAgICAgICAgfSwKICAgICAgICAgICAgewogICAgICAgICAgICAgICAgImFjdGlvbiI6ICJhZG9wdCIsCiAgICAgICAgICAgICAgICAidHlwZSI6ICJkb2ciCiAgICAgICAgICAgIH0sCiAgICAgICAgICAgIHsKICAgICAgICAgICAgICAgICJhY3Rpb24iOiAiYWRvcHQiLAogICAgICAgICAgICAgICAgInR5cGUiOiAiY2F0IgogICAgICAgICAgICB9CiAgICAgICAgXSwKICAgICAgICAiZW1wbG95ZWUiOiBbCiAgICAgICAgICAgIHsKICAgICAgICAgICAgICAgICJhY3Rpb24iOiAicmVhZCIsCiAgICAgICAgICAgICAgICAidHlwZSI6ICJkb2ciCiAgICAgICAgICAgIH0sCiAgICAgICAgICAgIHsKICAgICAgICAgICAgICAgICJhY3Rpb24iOiAicmVhZCIsCiAgICAgICAgICAgICAgICAidHlwZSI6ICJjYXQiCiAgICAgICAgICAgIH0sCiAgICAgICAgICAgIHsKICAgICAgICAgICAgICAgICJhY3Rpb24iOiAidXBkYXRlIiwKICAgICAgICAgICAgICAgICJ0eXBlIjogImRvZyIKICAgICAgICAgICAgfSwKICAgICAgICAgICAgewogICAgICAgICAgICAgICAgImFjdGlvbiI6ICJ1cGRhdGUiLAogICAgICAgICAgICAgICAgInR5cGUiOiAiY2F0IgogICAgICAgICAgICB9CiAgICAgICAgXSwKICAgICAgICAiYmlsbGluZyI6IFsKICAgICAgICAgICAgewogICAgICAgICAgICAgICAgImFjdGlvbiI6ICJyZWFkIiwKICAgICAgICAgICAgICAgICJ0eXBlIjogImZpbmFuY2UiCiAgICAgICAgICAgIH0sCiAgICAgICAgICAgIHsKICAgICAgICAgICAgICAgICJhY3Rpb24iOiAidXBkYXRlIiwKICAgICAgICAgICAgICAgICJ0eXBlIjogImZpbmFuY2UiCiAgICAgICAgICAgIH0KICAgICAgICBdCiAgICB9Cn0KCg== + policy: + role : cGFja2FnZSByb2xlCgppbXBvcnQgcmVnby52MQoKIyBCeSBkZWZhdWx0LCBkZW55IHJlcXVlc3RzLgpkZWZhdWx0IGFsbG93IDo9IGZhbHNlCgojIEFsbG93IGFkbWlucyB0byBkbyBhbnl0aGluZy4KYWxsb3cgaWYgdXNlcl9pc19hZG1pbgoKIyBBbGxvdyB0aGUgYWN0aW9uIGlmIHRoZSB1c2VyIGlzIGdyYW50ZWQgcGVybWlzc2lvbiB0byBwZXJmb3JtIHRoZSBhY3Rpb24uCmFsbG93IGlmIHsKICAgICAgICAjIEZpbmQgZ3JhbnRzIGZvciB0aGUgdXNlci4KICAgICAgICBzb21lIGdyYW50IGluIHVzZXJfaXNfZ3JhbnRlZAoKICAgICAgICAjIENoZWNrIGlmIHRoZSBncmFudCBwZXJtaXRzIHRoZSBhY3Rpb24uCiAgICAgICAgaW5wdXQuYWN0aW9uID09IGdyYW50LmFjdGlvbgogICAgICAgIGlucHV0LnR5cGUgPT0gZ3JhbnQudHlwZQp9CgojIHVzZXJfaXNfYWRtaW4gaXMgdHJ1ZSBpZiAiYWRtaW4iIGlzIGFtb25nIHRoZSB1c2VyJ3Mgcm9sZXMgYXMgcGVyIGRhdGEudXNlcl9yb2xlcwp1c2VyX2lzX2FkbWluIGlmICJhZG1pbiIgaW4gZGF0YS5ub2RlLnJvbGUudXNlcl9yb2xlc1tpbnB1dC51c2VyXQoKIyB1c2VyX2lzX2dyYW50ZWQgaXMgYSBzZXQgb2YgZ3JhbnRzIGZvciB0aGUgdXNlciBpZGVudGlmaWVkIGluIHRoZSByZXF1ZXN0LgojIFRoZSBgZ3JhbnRgIHdpbGwgYmUgY29udGFpbmVkIGlmIHRoZSBzZXQgYHVzZXJfaXNfZ3JhbnRlZGAgZm9yIGV2ZXJ5Li4uCnVzZXJfaXNfZ3JhbnRlZCBjb250YWlucyBncmFudCBpZiB7CiAgICAgICAgIyBgcm9sZWAgYXNzaWduZWQgYW4gZWxlbWVudCBvZiB0aGUgdXNlcl9yb2xlcyBmb3IgdGhpcyB1c2VyLi4uCiAgICAgICAgc29tZSByb2xlIGluIGRhdGEubm9kZS5yb2xlLnVzZXJfcm9sZXNbaW5wdXQudXNlcl0KCiAgICAgICAgIyBgZ3JhbnRgIGFzc2lnbmVkIGEgc2luZ2xlIGdyYW50IGZyb20gdGhlIGdyYW50cyBsaXN0IGZvciAncm9sZScuLi4KICAgICAgICBzb21lIGdyYW50IGluIGRhdGEubm9kZS5yb2xlLnJvbGVfZ3JhbnRzW3JvbGVdCn0KCiMgICAgICAgKiBSZWdvIGNvbXBhcmlzb24gdG8gb3RoZXIgc3lzdGVtczogaHR0cHM6Ly93d3cub3BlbnBvbGljeWFnZW50Lm9yZy9kb2NzL2xhdGVzdC9jb21wYXJpc29uLXRvLW90aGVyLXN5c3RlbXMvCiMgICAgICAgKiBSZWdvIEl0ZXJhdGlvbjogaHR0cHM6Ly93d3cub3BlbnBvbGljeWFnZW50Lm9yZy9kb2NzL2xhdGVzdC8jaXRlcmF0aW9uCg== + name: role + version: 1.0.0 + metadata: + policy-id: role + policy-version: 1.0.0 diff --git a/test/wait_for_port.sh b/test/wait_for_port.sh deleted file mode 100644 index b29102b..0000000 --- a/test/wait_for_port.sh +++ /dev/null @@ -1,91 +0,0 @@ -#!/bin/sh -# ============LICENSE_START==================================================== -# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright (C) 2022-2023 Nordix Foundation. -# ============================================================================= -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# SPDX-License-Identifier: Apache-2.0 -# ============LICENSE_END====================================================== - -usage() { - echo args: [-t timeout] [-c command] hostname1 port1 hostname2 port2 ... >&2 - exit 1 -} - -tmout=300 -cmd= -while getopts c:t: opt -do - case "$opt" in - c) - cmd="$OPTARG" - ;; - - t) - tmout="$OPTARG" - ;; - - *) - usage - ;; - esac -done - -nargs=$((OPTIND-1)) -shift "$nargs" - -even_args=$(($#%2)) -if [ $# -lt 2 ] || [ "$even_args" -ne 0 ] -then - usage -fi - -while [ $# -ge 2 ] -do - export host="$1" - export port="$2" - shift - shift - - echo "Waiting for $host port $port..." - - while [ "$tmout" -gt 0 ] - do - if command -v docker > /dev/null 2>&1 - then - docker ps --format "table {{ .Names }}\t{{ .Status }}" - fi - - nc -vz "$host" "$port" - rc=$? - - if [ $rc -eq 0 ] - then - break - else - tmout=$((tmout-1)) - sleep 1 - fi - done - - if [ $rc -ne 0 ] - then - echo "$host port $port cannot be reached" - exit $rc - fi -done -#sh scripts.sh -$cmd - -exit 0 |