diff options
49 files changed, 2333 insertions, 1047 deletions
@@ -1,12 +1,12 @@ --- project: 'policy-parent' project_creation_date: '2018-05-01' -lifecycle_state: 'Incubation' +lifecycle_state: 'Mature' project_category: '' project_lead: &onap_releng_ptl - name: 'Pamela Dragosh' - email: 'pdragosh@research.att.com' - id: 'pdragosh' + name: 'Jim Hahn' + email: 'jrh3@att.com' + id: 'jrh3' company: 'ATT' timezone: 'America/New_York' primary_contact: *onap_releng_ptl @@ -26,11 +26,16 @@ meetings: server: 'n/a' channel: 'n/a' repeats: 'weekly' - time: '13:00 UTC' + time: '14:00 UTC' repositories: - 'policy/parent' committers: - <<: *onap_releng_ptl + - name: 'Pamela Dragosh' + email: 'pdragosh@research.att.com' + company: 'ATT' + id: 'pdragosh' + timezone: 'America/New_York' - name: 'Jorge Hernandez' email: 'jorge.hernandez-herrero@att.com' company: 'ATT' @@ -41,16 +46,11 @@ committers: company: 'Ericsson' id: 'liamfallon' timezone: 'Europe/Ireland' - - name: 'Jim Hahn' - email: 'jrh3@att.com' - company: 'ATT' - id: 'jrh3' - timezone: 'America/New_York' - name: 'Ram Krishna Verma' - email: 'ram.krishna.verma@est.tech' + email: 'ram_krishna.verma@bell.ca' company: 'Ericsson' id: 'ramverma' - timezone: 'Europe/Ireland' + timezone: 'America/Montreal' - name: 'Ajith Sreekumar' email: 'ajith.sreekumar@bell.ca' company: 'Ericsson' @@ -68,3 +68,7 @@ tsc: - type: 'Addition' name: 'Ajith Sreekumar' link: https://lists.onap.org/g/onap-tsc/message/6869 + - type: 'Addition' + name: 'Jim Hahn' + # new PTL + link: https://lists.onap.org/g/onap-tsc/message/6754 diff --git a/docs/PolicyAPI.postman_collection.json b/docs/PolicyAPI.postman_collection.json index a5871745..21b4c97e 100644 --- a/docs/PolicyAPI.postman_collection.json +++ b/docs/PolicyAPI.postman_collection.json @@ -573,7 +573,7 @@ ], "body": { "mode": "raw", - "raw": "{\n \"groups\": [\n {\n \"name\": \"defaultGroup\",\n \"description\": \"The default group that registers all supported policy types and pdps.\",\n \"pdpGroupState\": \"ACTIVE\",\n \"properties\": {},\n \"pdpSubgroups\": [\n {\n \"pdpType\": \"apex\",\n \"supportedPolicyTypes\": [\n {\n \"name\": \"onap.policies.controlloop.operational.Apex\",\n \"version\": \"1.0.0\"\n }\n ],\n \"policies\": [],\n \"currentInstanceCount\": 1,\n \"desiredInstanceCount\": 1,\n \"properties\": {},\n \"pdpInstances\": [\n {\n \"instanceId\": \"apex_35\",\n \"pdpState\": \"ACTIVE\",\n \"healthy\": \"HEALTHY\",\n \"message\": \"Pdp Heartbeat\"\n }\n ]\n },\n {\n \"pdpType\": \"drools\",\n \"supportedPolicyTypes\": [\n {\n \"name\": \"onap.policies.controlloop.Operational\",\n \"version\": \"1.0.0\"\n }\n ],\n \"policies\": [],\n \"currentInstanceCount\": 1,\n \"desiredInstanceCount\": 1,\n \"properties\": {},\n \"pdpInstances\": [\n {\n \"instanceId\": \"dev-policy-drools-0\",\n \"pdpState\": \"ACTIVE\",\n \"healthy\": \"HEALTHY\"\n }\n ]\n },\n {\n \"pdpType\": \"xacml\",\n \"supportedPolicyTypes\": [\n {\n \"name\": \"onap.policies.controlloop.guard.FrequencyLimiter\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.controlloop.guard.MinMax\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.controlloop.guard.Blacklist\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.controlloop.guard.coordination.FirstBlocksSecond\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.Monitoring\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.monitoring.cdap.tca.hi.lo.app\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.monitoring.dcaegen2.collectors.datafile.datafile-app-server\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.monitoring.docker.sonhandler.app\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.AffinityPolicy\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.DistancePolicy\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.HpaPolicy\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.OptimizationPolicy\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.PciPolicy\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.QueryPolicy\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.SubscriberPolicy\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.Vim_fit\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.VnfPolicy\",\n \"version\": \"1.0.0\"\n }\n ],\n \"policies\": [],\n \"currentInstanceCount\": 1,\n \"desiredInstanceCount\": 1,\n \"properties\": {},\n \"pdpInstances\": [\n {\n \"instanceId\": \"dev-policy-policy-xacml-pdp-558c478477-g85jl\",\n \"pdpState\": \"ACTIVE\",\n \"healthy\": \"HEALTHY\"\n }\n ]\n }\n ]\n }\n ]\n}" + "raw": "{\n \"groups\": [\n {\n \"name\": \"defaultGroup\",\n \"description\": \"The default group that registers all supported policy types and pdps.\",\n \"pdpGroupState\": \"ACTIVE\",\n \"properties\": {},\n \"pdpSubgroups\": [\n {\n \"pdpType\": \"apex\",\n \"supportedPolicyTypes\": [\n {\n \"name\": \"onap.policies.controlloop.operational.Apex\",\n \"version\": \"1.0.0\"\n }\n ],\n \"policies\": [],\n \"currentInstanceCount\": 1,\n \"desiredInstanceCount\": 1,\n \"properties\": {},\n \"pdpInstances\": [\n {\n \"instanceId\": \"apex_35\",\n \"pdpState\": \"ACTIVE\",\n \"healthy\": \"HEALTHY\",\n \"message\": \"Pdp Heartbeat\"\n }\n ]\n },\n {\n \"pdpType\": \"drools\",\n \"supportedPolicyTypes\": [\n {\n \"name\": \"onap.policies.controlloop.Operational\",\n \"version\": \"1.0.0\"\n }\n ],\n \"policies\": [],\n \"currentInstanceCount\": 1,\n \"desiredInstanceCount\": 1,\n \"properties\": {},\n \"pdpInstances\": [\n {\n \"instanceId\": \"dev-policy-drools-0\",\n \"pdpState\": \"ACTIVE\",\n \"healthy\": \"HEALTHY\"\n }\n ]\n },\n {\n \"pdpType\": \"xacml\",\n \"supportedPolicyTypes\": [\n {\n \"name\": \"onap.policies.controlloop.guard.FrequencyLimiter\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.controlloop.guard.MinMax\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.controlloop.guard.Blacklist\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.controlloop.guard.coordination.FirstBlocksSecond\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.Monitoring\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.monitoring.tcagen2\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.monitoring.dcaegen2.collectors.datafile.datafile-app-server\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.monitoring.docker.sonhandler.app\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.AffinityPolicy\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.DistancePolicy\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.HpaPolicy\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.OptimizationPolicy\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.PciPolicy\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.QueryPolicy\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.SubscriberPolicy\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.Vim_fit\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.VnfPolicy\",\n \"version\": \"1.0.0\"\n }\n ],\n \"policies\": [],\n \"currentInstanceCount\": 1,\n \"desiredInstanceCount\": 1,\n \"properties\": {},\n \"pdpInstances\": [\n {\n \"instanceId\": \"dev-policy-policy-xacml-pdp-558c478477-g85jl\",\n \"pdpState\": \"ACTIVE\",\n \"healthy\": \"HEALTHY\"\n }\n ]\n }\n ]\n }\n ]\n}" }, "url": { "raw": "{{POLICY-PAP-URL}}/policy/pap/v1/pdps", @@ -623,7 +623,7 @@ ], "body": { "mode": "raw", - "raw": "{\n \"groups\": [\n {\n \"name\": \"defaultGroup\",\n \"description\": \"The default group that registers all supported policy types and pdps.\",\n \"pdpGroupState\": \"ACTIVE\",\n \"properties\": {},\n \"pdpSubgroups\": [\n {\n \"pdpType\": \"apex\",\n \"supportedPolicyTypes\": [\n {\n \"name\": \"onap.policies.controlloop.operational.Apex\",\n \"version\": \"1.0.0\"\n }\n ],\n \"policies\": [\n ],\n \"currentInstanceCount\": 1,\n \"desiredInstanceCount\": 1,\n \"properties\": {},\n \"pdpInstances\": [\n {\n \"instanceId\": \"apex_35\",\n \"pdpState\": \"ACTIVE\",\n \"healthy\": \"HEALTHY\",\n \"message\": \"Pdp Heartbeat\"\n }\n ]\n },\n {\n \"pdpType\": \"drools\",\n \"supportedPolicyTypes\": [\n {\n \"name\": \"onap.policies.controlloop.Operational\",\n \"version\": \"1.0.0\"\n }\n ],\n \"policies\": [],\n \"currentInstanceCount\": 1,\n \"desiredInstanceCount\": 1,\n \"properties\": {},\n \"pdpInstances\": [\n {\n \"instanceId\": \"dev-policy-drools-0\",\n \"pdpState\": \"ACTIVE\",\n \"healthy\": \"HEALTHY\"\n }\n ]\n },\n {\n \"pdpType\": \"xacml\",\n \"supportedPolicyTypes\": [\n {\n \"name\": \"onap.policies.controlloop.guard.FrequencyLimiter\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.controlloop.guard.MinMax\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.controlloop.guard.Blacklist\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.controlloop.guard.coordination.FirstBlocksSecond\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.Monitoring\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.monitoring.cdap.tca.hi.lo.app\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.monitoring.dcaegen2.collectors.datafile.datafile-app-server\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.monitoring.docker.sonhandler.app\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.AffinityPolicy\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.DistancePolicy\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.HpaPolicy\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.OptimizationPolicy\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.PciPolicy\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.QueryPolicy\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.SubscriberPolicy\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.Vim_fit\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.VnfPolicy\",\n \"version\": \"1.0.0\"\n }\n ],\n \"policies\": [],\n \"currentInstanceCount\": 1,\n \"desiredInstanceCount\": 1,\n \"properties\": {},\n \"pdpInstances\": [\n {\n \"instanceId\": \"dev-policy-policy-xacml-pdp-558c478477-g85jl\",\n \"pdpState\": \"ACTIVE\",\n \"healthy\": \"HEALTHY\"\n }\n ]\n }\n ]\n }\n ]\n}" + "raw": "{\n \"groups\": [\n {\n \"name\": \"defaultGroup\",\n \"description\": \"The default group that registers all supported policy types and pdps.\",\n \"pdpGroupState\": \"ACTIVE\",\n \"properties\": {},\n \"pdpSubgroups\": [\n {\n \"pdpType\": \"apex\",\n \"supportedPolicyTypes\": [\n {\n \"name\": \"onap.policies.controlloop.operational.Apex\",\n \"version\": \"1.0.0\"\n }\n ],\n \"policies\": [\n ],\n \"currentInstanceCount\": 1,\n \"desiredInstanceCount\": 1,\n \"properties\": {},\n \"pdpInstances\": [\n {\n \"instanceId\": \"apex_35\",\n \"pdpState\": \"ACTIVE\",\n \"healthy\": \"HEALTHY\",\n \"message\": \"Pdp Heartbeat\"\n }\n ]\n },\n {\n \"pdpType\": \"drools\",\n \"supportedPolicyTypes\": [\n {\n \"name\": \"onap.policies.controlloop.Operational\",\n \"version\": \"1.0.0\"\n }\n ],\n \"policies\": [],\n \"currentInstanceCount\": 1,\n \"desiredInstanceCount\": 1,\n \"properties\": {},\n \"pdpInstances\": [\n {\n \"instanceId\": \"dev-policy-drools-0\",\n \"pdpState\": \"ACTIVE\",\n \"healthy\": \"HEALTHY\"\n }\n ]\n },\n {\n \"pdpType\": \"xacml\",\n \"supportedPolicyTypes\": [\n {\n \"name\": \"onap.policies.controlloop.guard.FrequencyLimiter\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.controlloop.guard.MinMax\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.controlloop.guard.Blacklist\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.controlloop.guard.coordination.FirstBlocksSecond\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.Monitoring\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.monitoring.tcagen2\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.monitoring.dcaegen2.collectors.datafile.datafile-app-server\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.monitoring.docker.sonhandler.app\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.AffinityPolicy\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.DistancePolicy\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.HpaPolicy\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.OptimizationPolicy\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.PciPolicy\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.QueryPolicy\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.SubscriberPolicy\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.Vim_fit\",\n \"version\": \"1.0.0\"\n },\n {\n \"name\": \"onap.policies.optimization.VnfPolicy\",\n \"version\": \"1.0.0\"\n }\n ],\n \"policies\": [],\n \"currentInstanceCount\": 1,\n \"desiredInstanceCount\": 1,\n \"properties\": {},\n \"pdpInstances\": [\n {\n \"instanceId\": \"dev-policy-policy-xacml-pdp-558c478477-g85jl\",\n \"pdpState\": \"ACTIVE\",\n \"healthy\": \"HEALTHY\"\n }\n ]\n }\n ]\n }\n ]\n}" }, "url": { "raw": "{{POLICY-PAP-URL}}/policy/pap/v1/pdps", @@ -1022,4 +1022,4 @@ "response": [] } ] -}
\ No newline at end of file +} diff --git a/docs/_static/css/ribbon.css b/docs/_static/css/ribbon.css new file mode 100644 index 00000000..6008cb1a --- /dev/null +++ b/docs/_static/css/ribbon.css @@ -0,0 +1,63 @@ +.ribbon { + z-index: 1000; + background-color: #a00; + overflow: hidden; + white-space: nowrap; + position: fixed; + top: 25px; + right: -50px; + -webkit-transform: rotate(45deg); + -moz-transform: rotate(45deg); + -ms-transform: rotate(45deg); + -o-transform: rotate(45deg); + transform: rotate(45deg); + -webkit-box-shadow: 0 0 10px #888; + -moz-box-shadow: 0 0 10px #888; + box-shadow: 0 0 10px #888; + +} + +.ribbon a { + border: 1px solid #faa; + color: #fff; + display: block; + font: bold 81.25% 'Helvetica Neue', Helvetica, Arial, sans-serif; + margin: 1px 0; + padding: 10px 50px; + text-align: center; + text-decoration: none; + text-shadow: 0 0 5px #444; + transition: 0.5s; +} + +.ribbon a:hover { + background: #c11; + color: #fff; +} + + +/* override table width restrictions */ +@media screen and (min-width: 767px) { + + .wy-table-responsive table td, .wy-table-responsive table th { + /* !important prevents the common CSS stylesheets from overriding + this as on RTD they are loaded after this stylesheet */ + white-space: normal !important; + } + + .wy-table-responsive { + overflow: visible !important; + } +} + +@media screen and (max-width: 767px) { + .wy-table-responsive table td { + white-space: nowrap; + } +} + +/* fix width of the screen */ + +.wy-nav-content { + max-width: none; +} diff --git a/docs/_static/favicon.ico b/docs/_static/favicon.ico Binary files differnew file mode 100755 index 00000000..cb712ebd --- /dev/null +++ b/docs/_static/favicon.ico diff --git a/docs/_static/logo_onap_2017.png b/docs/_static/logo_onap_2017.png Binary files differnew file mode 100644 index 00000000..5d064f43 --- /dev/null +++ b/docs/_static/logo_onap_2017.png diff --git a/docs/apex/APEX-User-Manual.rst b/docs/apex/APEX-User-Manual.rst index b10dcf8a..e4424b4c 100644 --- a/docs/apex/APEX-User-Manual.rst +++ b/docs/apex/APEX-User-Manual.rst @@ -223,67 +223,67 @@ Build APEX installation. The following example show how to change to the target directory and how it should look like. -+----------------------------------------------------------------------------------------------------------------------------+ -| Unix, Cygwin | -+============================================================================================================================+ -| .. container:: | -| | -| .. container:: listingblock | -| | -| .. container:: content | -| | -| .. code:: | -| :number-lines: | -| | -| -rwxrwx---+ 1 esvevan Domain Users 772 Sep 3 11:55 apex-pdp-package-full_2.0.0~SNAPSHOT_all.changes* | -| -rwxrwx---+ 1 esvevan Domain Users 146328082 Sep 3 11:55 apex-pdp-package-full-2.0.0-SNAPSHOT.deb* | -| -rwxrwx---+ 1 esvevan Domain Users 15633 Sep 3 11:54 apex-pdp-package-full-2.0.0-SNAPSHOT.jar* | -| -rwxrwx---+ 1 esvevan Domain Users 146296819 Sep 3 11:55 apex-pdp-package-full-2.0.0-SNAPSHOT-tarball.tar.gz* | -| drwxrwx---+ 1 esvevan Domain Users 0 Sep 3 11:54 archive-tmp/ | -| -rwxrwx---+ 1 esvevan Domain Users 89 Sep 3 11:54 checkstyle-cachefile* | -| -rwxrwx---+ 1 esvevan Domain Users 10621 Sep 3 11:54 checkstyle-checker.xml* | -| -rwxrwx---+ 1 esvevan Domain Users 584 Sep 3 11:54 checkstyle-header.txt* | -| -rwxrwx---+ 1 esvevan Domain Users 86 Sep 3 11:54 checkstyle-result.xml* | -| drwxrwx---+ 1 esvevan Domain Users 0 Sep 3 11:54 classes/ | -| drwxrwx---+ 1 esvevan Domain Users 0 Sep 3 11:54 dependency-maven-plugin-markers/ | -| drwxrwx---+ 1 esvevan Domain Users 0 Sep 3 11:54 etc/ | -| drwxrwx---+ 1 esvevan Domain Users 0 Sep 3 11:54 examples/ | -| drwxrwx---+ 1 esvevan Domain Users 0 Sep 3 11:55 install_hierarchy/ | -| drwxrwx---+ 1 esvevan Domain Users 0 Sep 3 11:54 maven-archiver/ | -+----------------------------------------------------------------------------------------------------------------------------+ - -+--------------------------------------------------------------------------------------------------------+ -| Windows | -+========================================================================================================+ -| .. container:: | -| | -| .. container:: listingblock | -| | -| .. container:: content | -| | -| .. code:: | -| :number-lines: | -| | -| 03/09/2018 11:55 <DIR> . | -| 03/09/2018 11:55 <DIR> .. | -| 03/09/2018 11:55 146,296,819 apex-pdp-package-full-2.0.0-SNAPSHOT-tarball.tar.gz | -| 03/09/2018 11:55 146,328,082 apex-pdp-package-full-2.0.0-SNAPSHOT.deb | -| 03/09/2018 11:54 15,633 apex-pdp-package-full-2.0.0-SNAPSHOT.jar | -| 03/09/2018 11:55 772 apex-pdp-package-full_2.0.0~SNAPSHOT_all.changes | -| 03/09/2018 11:54 <DIR> archive-tmp | -| 03/09/2018 11:54 89 checkstyle-cachefile | -| 03/09/2018 11:54 10,621 checkstyle-checker.xml | -| 03/09/2018 11:54 584 checkstyle-header.txt | -| 03/09/2018 11:54 86 checkstyle-result.xml | -| 03/09/2018 11:54 <DIR> classes | -| 03/09/2018 11:54 <DIR> dependency-maven-plugin-markers | -| 03/09/2018 11:54 <DIR> etc | -| 03/09/2018 11:54 <DIR> examples | -| 03/09/2018 11:55 <DIR> install_hierarchy | -| 03/09/2018 11:54 <DIR> maven-archiver | -| 8 File(s) 292,652,686 bytes | -| 9 Dir(s) 14,138,720,256 bytes free | -+--------------------------------------------------------------------------------------------------------+ ++----------------------------------------------------------------------------------------------------------------+ +| Unix, Cygwin | ++================================================================================================================+ +| .. container:: | +| | +| .. container:: listingblock | +| | +| .. container:: content | +| | +| .. code:: | +| :number-lines: | +| | +| -rwxrwx---+ 1 esvevan Domain Users 772 Sep 3 11:55 apex-pdp-package-full_2.0.0~SNAPSHOT_all.changes* | +| -rwxrwx---+ 1 esvevan Domain Users 146328082 Sep 3 11:55 apex-pdp-package-full-2.0.0-SNAPSHOT.deb* | +| -rwxrwx---+ 1 esvevan Domain Users 15633 Sep 3 11:54 apex-pdp-package-full-2.0.0-SNAPSHOT.jar* | +| -rwxrwx---+ 1 esvevan Domain Users 146296819 Sep 3 11:55 apex-pdp-package-full-2.0.0-SNAPSHOT-tarball.tar.gz* | +| drwxrwx---+ 1 esvevan Domain Users 0 Sep 3 11:54 archive-tmp/ | +| -rwxrwx---+ 1 esvevan Domain Users 89 Sep 3 11:54 checkstyle-cachefile* | +| -rwxrwx---+ 1 esvevan Domain Users 10621 Sep 3 11:54 checkstyle-checker.xml* | +| -rwxrwx---+ 1 esvevan Domain Users 584 Sep 3 11:54 checkstyle-header.txt* | +| -rwxrwx---+ 1 esvevan Domain Users 86 Sep 3 11:54 checkstyle-result.xml* | +| drwxrwx---+ 1 esvevan Domain Users 0 Sep 3 11:54 classes/ | +| drwxrwx---+ 1 esvevan Domain Users 0 Sep 3 11:54 dependency-maven-plugin-markers/ | +| drwxrwx---+ 1 esvevan Domain Users 0 Sep 3 11:54 etc/ | +| drwxrwx---+ 1 esvevan Domain Users 0 Sep 3 11:54 examples/ | +| drwxrwx---+ 1 esvevan Domain Users 0 Sep 3 11:55 install_hierarchy/ | +| drwxrwx---+ 1 esvevan Domain Users 0 Sep 3 11:54 maven-archiver/ | ++----------------------------------------------------------------------------------------------------------------+ + ++-----------------------------------------------------------------------------------------+ +| Windows | ++=========================================================================================+ +| .. container:: | +| | +| .. container:: listingblock | +| | +| .. container:: content | +| | +| .. code:: | +| :number-lines: | +| | +| 03/09/2018 11:55 <DIR> . | +| 03/09/2018 11:55 <DIR> .. | +| 03/09/2018 11:55 146,296,819 apex-pdp-package-full-2.0.0-SNAPSHOT-tarball.tar.gz | +| 03/09/2018 11:55 146,328,082 apex-pdp-package-full-2.0.0-SNAPSHOT.deb | +| 03/09/2018 11:54 15,633 apex-pdp-package-full-2.0.0-SNAPSHOT.jar | +| 03/09/2018 11:55 772 apex-pdp-package-full_2.0.0~SNAPSHOT_all.changes | +| 03/09/2018 11:54 <DIR> archive-tmp | +| 03/09/2018 11:54 89 checkstyle-cachefile | +| 03/09/2018 11:54 10,621 checkstyle-checker.xml | +| 03/09/2018 11:54 584 checkstyle-header.txt | +| 03/09/2018 11:54 86 checkstyle-result.xml | +| 03/09/2018 11:54 <DIR> classes | +| 03/09/2018 11:54 <DIR> dependency-maven-plugin-markers | +| 03/09/2018 11:54 <DIR> etc | +| 03/09/2018 11:54 <DIR> examples | +| 03/09/2018 11:55 <DIR> install_hierarchy | +| 03/09/2018 11:54 <DIR> maven-archiver | +| 8 File(s) 292,652,686 bytes | +| 9 Dir(s) 14,138,720,256 bytes free | ++-----------------------------------------------------------------------------------------+ Install APEX ------------ @@ -324,33 +324,33 @@ Install with DPKG the standard APEX start scripts to run APEX with this user’s permissions. -+--------------------------------------------------------------------------------------+ -| DPKG Installation | -+======================================================================================+ -| .. container:: | -| | -| .. container:: listingblock | -| | -| .. container:: content | -| | -| .. code:: | -| :number-lines: | -| | -| # sudo dpkg -i apex-pdp-package-full-2.0.0-SNAPSHOT.deb | -| Selecting previously unselected package apex-uservice. | -| (Reading database ... 288458 files and directories currently installed.) | -| Preparing to unpack apex-pdp-package-full-2.0.0-SNAPSHOT.deb ... | -| ********************preinst******************* | -| arguments install | -| ********************************************** | -| creating group apexuser . . . | -| creating user apexuser . . . | -| Unpacking apex-uservice (2.0.0-SNAPSHOT) ... | -| Setting up apex-uservice (2.0.0-SNAPSHOT) ... | -| ********************postinst**************** | -| arguments configure | -| *********************************************** | -+--------------------------------------------------------------------------------------+ ++--------------------------------------------------------------------------+ +| DPKG Installation | ++==========================================================================+ +| .. container:: | +| | +| .. container:: listingblock | +| | +| .. container:: content | +| | +| .. code:: | +| :number-lines: | +| | +| # sudo dpkg -i apex-pdp-package-full-2.0.0-SNAPSHOT.deb | +| Selecting previously unselected package apex-uservice. | +| (Reading database ... 288458 files and directories currently installed.) | +| Preparing to unpack apex-pdp-package-full-2.0.0-SNAPSHOT.deb ... | +| ********************preinst******************* | +| arguments install | +| ********************************************** | +| creating group apexuser . . . | +| creating user apexuser . . . | +| Unpacking apex-uservice (2.0.0-SNAPSHOT) ... | +| Setting up apex-uservice (2.0.0-SNAPSHOT) ... | +| ********************postinst**************** | +| arguments configure | +| *********************************************** | ++--------------------------------------------------------------------------+ .. container:: paragraph @@ -538,67 +538,67 @@ Build and Install Manually (Unix, Windows, Cygwin) installation. The following example show how to change to the target directory and how it should look like. -+-----------------------------------------------------------------------------------------------------------------------------+ -| Unix, Cygwin | -+=============================================================================================================================+ -| .. container:: | -| | -| .. container:: listingblock | -| | -| .. code:: | -| :number-lines: | -| | -| # cd packages/apex-pdp-package-full/target | -| # ls -l | -| -rwxrwx---+ 1 esvevan Domain Users 772 Sep 3 11:55 apex-pdp-package-full_2.0.0~SNAPSHOT_all.changes* | -| -rwxrwx---+ 1 esvevan Domain Users 146328082 Sep 3 11:55 apex-pdp-package-full-2.0.0-SNAPSHOT.deb* | -| -rwxrwx---+ 1 esvevan Domain Users 15633 Sep 3 11:54 apex-pdp-package-full-2.0.0-SNAPSHOT.jar* | -| -rwxrwx---+ 1 esvevan Domain Users 146296819 Sep 3 11:55 apex-pdp-package-full-2.0.0-SNAPSHOT-tarball.tar.gz* | -| drwxrwx---+ 1 esvevan Domain Users 0 Sep 3 11:54 archive-tmp/ | -| -rwxrwx---+ 1 esvevan Domain Users 89 Sep 3 11:54 checkstyle-cachefile* | -| -rwxrwx---+ 1 esvevan Domain Users 10621 Sep 3 11:54 checkstyle-checker.xml* | -| -rwxrwx---+ 1 esvevan Domain Users 584 Sep 3 11:54 checkstyle-header.txt* | -| -rwxrwx---+ 1 esvevan Domain Users 86 Sep 3 11:54 checkstyle-result.xml* | -| drwxrwx---+ 1 esvevan Domain Users 0 Sep 3 11:54 classes/ | -| drwxrwx---+ 1 esvevan Domain Users 0 Sep 3 11:54 dependency-maven-plugin-markers/ | -| drwxrwx---+ 1 esvevan Domain Users 0 Sep 3 11:54 etc/ | -| drwxrwx---+ 1 esvevan Domain Users 0 Sep 3 11:54 examples/ | -| drwxrwx---+ 1 esvevan Domain Users 0 Sep 3 11:55 install_hierarchy/ | -| drwxrwx---+ 1 esvevan Domain Users 0 Sep 3 11:54 maven-archiver/ | -+-----------------------------------------------------------------------------------------------------------------------------+ - -+-----------------------------------------------------------------------------------------------------------------------------+ -| Windows | -+=============================================================================================================================+ -| .. container:: | -| | -| .. container:: listingblock | -| | -| .. code:: | -| :number-lines: | -| | -| >cd packages\apex-pdp-package-full\target | -| >dir | -| 03/09/2018 11:55 <DIR> . | -| 03/09/2018 11:55 <DIR> .. | -| 03/09/2018 11:55 146,296,819 apex-pdp-package-full-2.0.0-SNAPSHOT-tarball.tar.gz | -| 03/09/2018 11:55 146,328,082 apex-pdp-package-full-2.0.0-SNAPSHOT.deb | -| 03/09/2018 11:54 15,633 apex-pdp-package-full-2.0.0-SNAPSHOT.jar | -| 03/09/2018 11:55 772 apex-pdp-package-full_2.0.0~SNAPSHOT_all.changes | -| 03/09/2018 11:54 <DIR> archive-tmp | -| 03/09/2018 11:54 89 checkstyle-cachefile | -| 03/09/2018 11:54 10,621 checkstyle-checker.xml | -| 03/09/2018 11:54 584 checkstyle-header.txt | -| 03/09/2018 11:54 86 checkstyle-result.xml | -| 03/09/2018 11:54 <DIR> classes | -| 03/09/2018 11:54 <DIR> dependency-maven-plugin-markers | -| 03/09/2018 11:54 <DIR> etc | -| 03/09/2018 11:54 <DIR> examples | -| 03/09/2018 11:55 <DIR> install_hierarchy | -| 03/09/2018 11:54 <DIR> maven-archiver | -| 8 File(s) 292,652,686 bytes | -| 9 Dir(s) 14,138,720,256 bytes free | -+-----------------------------------------------------------------------------------------------------------------------------+ ++----------------------------------------------------------------------------------------------------------------+ +| Unix, Cygwin | ++================================================================================================================+ +| .. container:: | +| | +| .. container:: listingblock | +| | +| .. code:: | +| :number-lines: | +| | +| # cd packages/apex-pdp-package-full/target | +| # ls -l | +| -rwxrwx---+ 1 esvevan Domain Users 772 Sep 3 11:55 apex-pdp-package-full_2.0.0~SNAPSHOT_all.changes* | +| -rwxrwx---+ 1 esvevan Domain Users 146328082 Sep 3 11:55 apex-pdp-package-full-2.0.0-SNAPSHOT.deb* | +| -rwxrwx---+ 1 esvevan Domain Users 15633 Sep 3 11:54 apex-pdp-package-full-2.0.0-SNAPSHOT.jar* | +| -rwxrwx---+ 1 esvevan Domain Users 146296819 Sep 3 11:55 apex-pdp-package-full-2.0.0-SNAPSHOT-tarball.tar.gz* | +| drwxrwx---+ 1 esvevan Domain Users 0 Sep 3 11:54 archive-tmp/ | +| -rwxrwx---+ 1 esvevan Domain Users 89 Sep 3 11:54 checkstyle-cachefile* | +| -rwxrwx---+ 1 esvevan Domain Users 10621 Sep 3 11:54 checkstyle-checker.xml* | +| -rwxrwx---+ 1 esvevan Domain Users 584 Sep 3 11:54 checkstyle-header.txt* | +| -rwxrwx---+ 1 esvevan Domain Users 86 Sep 3 11:54 checkstyle-result.xml* | +| drwxrwx---+ 1 esvevan Domain Users 0 Sep 3 11:54 classes/ | +| drwxrwx---+ 1 esvevan Domain Users 0 Sep 3 11:54 dependency-maven-plugin-markers/ | +| drwxrwx---+ 1 esvevan Domain Users 0 Sep 3 11:54 etc/ | +| drwxrwx---+ 1 esvevan Domain Users 0 Sep 3 11:54 examples/ | +| drwxrwx---+ 1 esvevan Domain Users 0 Sep 3 11:55 install_hierarchy/ | +| drwxrwx---+ 1 esvevan Domain Users 0 Sep 3 11:54 maven-archiver/ | ++----------------------------------------------------------------------------------------------------------------+ + ++-----------------------------------------------------------------------------------------+ +| Windows | ++=========================================================================================+ +| .. container:: | +| | +| .. container:: listingblock | +| | +| .. code:: | +| :number-lines: | +| | +| >cd packages\apex-pdp-package-full\target | +| >dir | +| 03/09/2018 11:55 <DIR> . | +| 03/09/2018 11:55 <DIR> .. | +| 03/09/2018 11:55 146,296,819 apex-pdp-package-full-2.0.0-SNAPSHOT-tarball.tar.gz | +| 03/09/2018 11:55 146,328,082 apex-pdp-package-full-2.0.0-SNAPSHOT.deb | +| 03/09/2018 11:54 15,633 apex-pdp-package-full-2.0.0-SNAPSHOT.jar | +| 03/09/2018 11:55 772 apex-pdp-package-full_2.0.0~SNAPSHOT_all.changes | +| 03/09/2018 11:54 <DIR> archive-tmp | +| 03/09/2018 11:54 89 checkstyle-cachefile | +| 03/09/2018 11:54 10,621 checkstyle-checker.xml | +| 03/09/2018 11:54 584 checkstyle-header.txt | +| 03/09/2018 11:54 86 checkstyle-result.xml | +| 03/09/2018 11:54 <DIR> classes | +| 03/09/2018 11:54 <DIR> dependency-maven-plugin-markers | +| 03/09/2018 11:54 <DIR> etc | +| 03/09/2018 11:54 <DIR> examples | +| 03/09/2018 11:55 <DIR> install_hierarchy | +| 03/09/2018 11:54 <DIR> maven-archiver | +| 8 File(s) 292,652,686 bytes | +| 9 Dir(s) 14,138,720,256 bytes free | ++-----------------------------------------------------------------------------------------+ .. container:: paragraph @@ -617,7 +617,7 @@ Installation Layout .. container:: content - :: +:: $APEX_HOME ├───bin (1) @@ -945,8 +945,8 @@ Verify Installation - run Engine A simple verification of an APEX installation can be done by simply starting the APEX engine without any configuration. On Unix (or Cygwin) start the engine using - ``$APEX_HOME/bin/apexEngine.sh``. On Windows start the engine - using ``%APEX_HOME%\bin\apexEngine.bat``. The engine will fail + ``$APEX_HOME/bin/apexApps.sh engine``. On Windows start the engine + using ``%APEX_HOME%\bin\apexApps.bat engine``. The engine will fail to fully start. However, if the output looks similar to the following line, the APEX installation is realized. @@ -1016,18 +1016,15 @@ Verify Installation - run an Example .. code:: :number-lines: - # $APEX_HOME/bin/apexEngine.sh -c $APEX_HOME/examples/config/SampleDomain/Stdin2StdoutJsonEventJava.json (1) - # $APEX_HOME/bin/apexEngine.sh -c C:/apex/apex-full-2.0.0-SNAPSHOT/examples/config/SampleDomain/Stdin2StdoutJsonEventJava.json (2) - >%APEX_HOME%\bin\apexEngine.bat -c %APEX_HOME%\examples\config\SampleDomain\Stdin2StdoutJsonEventJava.json :: (3) + # $APEX_HOME/bin/apexApps.sh engine -c $APEX_HOME/examples/config/SampleDomain/Stdin2StdoutJsonEventJava.json -m $APEX_HOME/examples/models/SampleDomain/SamplePolicyModelJAVA.json (1) + >%APEX_HOME%\bin\apexApps.bat engine -c %APEX_HOME%\examples\config\SampleDomain\Stdin2StdoutJsonEventJava.json -m %APEX_HOME%\examples\models\SampleDomain\SamplePolicyModelJAVA.json :: (2) .. container:: colist arabic +-------+---------+ | **1** | UNIX | +-------+---------+ - | **2** | Cygwin | - +-------+---------+ - | **3** | Windows | + | **2** | Windows | +-------+---------+ .. container:: paragraph @@ -1076,36 +1073,36 @@ Verify Installation - run an Example the console. Pasting the input event multiple times will produce output events with different values. -+-------------------------------------------------------------+-------------------------------------------------------------+ -| Input Event | Example Output Event | -+=============================================================+=============================================================+ -| .. container:: | .. container:: | -| | | -| .. container:: content | .. container:: content | -| | | -| .. code:: | .. code:: | -| :number-lines: | :number-lines: | -| | | -| { | { | -| "nameSpace": "org.onap.policy.apex.sample.events", | "name": "Event0004", | -| "name": "Event0000", | "version": "0.0.1", | -| "version": "0.0.1", | "nameSpace": "org.onap.policy.apex.sample.events", | -| "source": "test", | "source": "Act", | -| "target": "apex", | "target": "Outside", | -| "TestSlogan": "Test slogan for External Event0", | "TestActCaseSelected": 2, | -| "TestMatchCase": 0, | "TestActStateTime": 1536157104627, | -| "TestTimestamp": 1469781869269, | "TestDecideCaseSelected": 0, | -| "TestTemperature": 9080.866 | "TestDecideStateTime": 1536157104625, | -| } | "TestEstablishCaseSelected": 0, | -| | "TestEstablishStateTime": 1536157104623, | -| | "TestMatchCase": 0, | -| | "TestMatchCaseSelected": 1, | -| | "TestMatchStateTime": 1536157104620, | -| | "TestSlogan": "Test slogan for External Event0", | -| | "TestTemperature": 9080.866, | -| | "TestTimestamp": 1469781869269 | -| | } | -+-------------------------------------------------------------+-------------------------------------------------------------+ ++----------------------------------------------------+----------------------------------------------------+ +| Input Event | Example Output Event | ++====================================================+====================================================+ +| .. container:: | .. container:: | +| | | +| .. container:: content | .. container:: content | +| | | +| .. code:: | .. code:: | +| :number-lines: | :number-lines: | +| | | +| { | { | +| "nameSpace": "org.onap.policy.apex.sample.events", | "name": "Event0004", | +| "name": "Event0000", | "version": "0.0.1", | +| "version": "0.0.1", | "nameSpace": "org.onap.policy.apex.sample.events", | +| "source": "test", | "source": "Act", | +| "target": "apex", | "target": "Outside", | +| "TestSlogan": "Test slogan for External Event0", | "TestActCaseSelected": 2, | +| "TestMatchCase": 0, | "TestActStateTime": 1536157104627, | +| "TestTimestamp": 1469781869269, | "TestDecideCaseSelected": 0, | +| "TestTemperature": 9080.866 | "TestDecideStateTime": 1536157104625, | +| } | "TestEstablishCaseSelected": 0, | +| | "TestEstablishStateTime": 1536157104623, | +| | "TestMatchCase": 0, | +| | "TestMatchCaseSelected": 1, | +| | "TestMatchStateTime": 1536157104620, | +| | "TestSlogan": "Test slogan for External Event0", | +| | "TestTemperature": 9080.866, | +| | "TestTimestamp": 1469781869269 | +| | } | ++----------------------------------------------------+----------------------------------------------------+ .. container:: paragraph @@ -1287,7 +1284,7 @@ Run in ONAP .. container:: content - :: +:: docker login -u docker -p docker nexus3.onap.org:10003 @@ -2203,7 +2200,7 @@ Standard Input .. container:: content - :: +:: "carrierTechnologyParameters" : { "carrierTechnology" : "FILE", (1) @@ -2587,7 +2584,7 @@ Kafka Output +--------+---------------------------------+ JMS IO -####### +###### .. container:: paragraph @@ -2731,7 +2728,7 @@ JMS Output with Object parameter to ``true``. Websocket (WS) IO -######################## +################# .. container:: paragraph @@ -3160,7 +3157,7 @@ REST Server Stand-alone in Servlet </servlet> REST Requestor IO -################## +################# .. container:: paragraph @@ -4239,7 +4236,7 @@ The APEX CLI Tosca Editor The APEX Client --------------------- +--------------- .. container:: paragraph @@ -5378,7 +5375,7 @@ Start APEX Engine .. code:: :number-lines: - #: $APEX_HOME/bin/apexEngine.sh -c $APEX_HOME/examples/config/VPN/Ws2WsServerAvroContextJsonEvent.json + #: $APEX_HOME/bin/apexApps.sh engine -c $APEX_HOME/examples/config/VPN/Ws2WsServerAvroContextJsonEvent.json .. container:: listingblock @@ -5387,7 +5384,7 @@ Start APEX Engine .. code:: :number-lines: - #: %APEX_HOME%\bin\apexEngine.bat -c %APEX_HOME%\examples\config\VPN\Ws2WsServerAvroContextJsonEvent.json + #: %APEX_HOME%\bin\apexApps.bat engine -c %APEX_HOME%\examples\config\VPN\Ws2WsServerAvroContextJsonEvent.json .. container:: paragraph diff --git a/docs/api/api.rst b/docs/api/api.rst index c65e35e8..b9f31482 100644 --- a/docs/api/api.rst +++ b/docs/api/api.rst @@ -29,7 +29,7 @@ One Service Template can contain multiple policies and policy types. Child policy types can inherit from parent policy types, so a hierarchy of policy types can be built up. For example, the HpaPolicy Policy Type in the table below is a child of a Resource Policy Type, which is a child of an Optimization policy. -See also `the examples in Github <hhttps://github.com/onap/policy-models/tree/master/models-examples/src/main/resources/policytypes>`_. +See also `the examples in Github <https://github.com/onap/policy-models/tree/master/models-examples/src/main/resources/policytypes>`_. :: @@ -114,7 +114,7 @@ To ease policy creation, we preload several widely used policy types in policy d :header: "Policy Type Name", "Payload" :widths: 15,10 - "Monitoring.TCA", `onap.policies.monitoring.cdap.tca.hi.lo.app.yaml <https://github.com/onap/policy-models/blob/master/models-examples/src/main/resources/policytypes/onap.policies.monitoring.cdap.tca.hi.lo.app.yaml>`_ + "Monitoring.TCA", `onap.policies.monitoring.tcagen2.yaml <https://github.com/onap/policy-models/blob/master/models-examples/src/main/resources/policytypes/onap.policies.monitoring.tcagen2.yaml>`_ "Monitoring.Collectors", `onap.policies.monitoring.dcaegen2.collectors.datafile.datafile-app-server.yaml <https://github.com/onap/policy-models/blob/master/models-examples/src/main/resources/policytypes/onap.policies.monitoring.dcaegen2.collectors.datafile.datafile-app-server.yaml>`_ "Optimization", `onap.policies.Optimization.yaml <https://github.com/onap/policy-models/blob/master/models-examples/src/main/resources/policytypes/onap.policies.Optimization.yaml>`_ "Optimization.Resource", `onap.policies.optimization.Resource.yaml <https://github.com/onap/policy-models/blob/master/models-examples/src/main/resources/policytypes/onap.policies.optimization.Resource.yaml>`_ @@ -132,8 +132,8 @@ To ease policy creation, we preload several widely used policy types in policy d "Controlloop.Guard.Common.Blacklist", `onap.policies.controlloop.guard.common.Blacklist.yaml <https://github.com/onap/policy-models/blob/master/models-examples/src/main/resources/policytypes/onap.policies.controlloop.guard.common.Blacklist.yaml>`_ "Controlloop.Guard.Common.FrequencyLimiter", `onap.policies.controlloop.guard.common.FrequencyLimiter.yaml <https://github.com/onap/policy-models/blob/master/models-examples/src/main/resources/policytypes/onap.policies.controlloop.guard.common.FrequencyLimiter.yaml>`_ "Controlloop.Guard.Common.MinMax", `onap.policies.controlloop.guard.common.MinMax.yaml <https://github.com/onap/policy-models/blob/master/models-examples/src/main/resources/policytypes/onap.policies.controlloop.guard.common.MinMax.yaml>`_ + "Controlloop.Guard.Common.Filter", `onap.policies.controlloop.guard.common.Filter.yaml <https://github.com/onap/policy-models/blob/master/models-examples/src/main/resources/policytypes/onap.policies.controlloop.guard.common.Filter.yaml>`_ "Controlloop.Guard.Coordination.FirstBlocksSecond", `onap.policies.controlloop.guard.coordination.FirstBlocksSecond.yaml <https://github.com/onap/policy-models/blob/master/models-examples/src/main/resources/policytypes/onap.policies.controlloop.guard.coordination.FirstBlocksSecond.yaml>`_ - "Controlloop.Operational", `onap.policies.controlloop.Operational.yaml <https://github.com/onap/policy-models/blob/master/models-examples/src/main/resources/policytypes/onap.policies.controlloop.Operational.yaml>`_ "Controlloop.Operational.Common", `onap.policies.controlloop.operational.Common.yaml <https://github.com/onap/policy-models/blob/master/models-examples/src/main/resources/policytypes/onap.policies.controlloop.operational.Common.yaml>`_ "Controlloop.Operational.Common.Apex", `onap.policies.controlloop.operational.common.Apex.yaml <https://github.com/onap/policy-models/blob/master/models-examples/src/main/resources/policytypes/onap.policies.controlloop.operational.common.Apex.yaml>`_ "Controlloop.Operational.Common.Drools", `onap.policies.controlloop.operational.common.Drools.yaml <https://github.com/onap/policy-models/blob/master/models-examples/src/main/resources/policytypes/onap.policies.controlloop.operational.common.Drools.yaml>`_ @@ -181,7 +181,6 @@ Global API Table "Statistics API", ":download:`link <swagger/statistics-api.json>`" "Tosca Policy Type API", ":download:`link <swagger/policytype-api.json>`" "Tosca Policy API", ":download:`link <swagger/policy-api.json>`" - "Legacy Operational Policy API", ":download:`link <swagger/operational-policy-api.json>`" API Swagger ----------- @@ -256,8 +255,6 @@ To be specific, the following rules are implemented to enforce the version: also includes "policy-id": "sample-policy-name2" and "policy-version": "2.0.0". The 200 return of this POST call will have this created policy with metadata including "policy-id": "sample-policy-name1" and "policy-version": "1.0.0". -.. swaggerv2doc:: swagger/operational-policy-api.json - Regarding DELETE APIs for TOSCA compliant policies, we only expose API to delete one particular version of policy or policy type at a time for safety purpose. If client has the need to delete multiple or a group of policies or policy types, they will need to delete them one by one. @@ -272,13 +269,13 @@ JSON payload for POST calls can be downloaded from policy table above. If you are accessing the api from the container, the default *ip* and *port* would be **https:/policy-api:6969/policy/api/v1/**. Create vFirewall Monitoring Policy:: - curl --user 'healthcheck:zb!XztG34' -X POST "http://{ip}:{port}/policy/api/v1/policytypes/onap.policies.monitoring.cdap.tca.hi.lo.app/versions/1.0.0/policies" -H "Accept: application/json" -H "Content-Type: application/json" -d @vFirewall.policy.monitoring.input.tosca.json + curl --user 'healthcheck:zb!XztG34' -X POST "http://{ip}:{port}/policy/api/v1/policytypes/onap.policies.monitoring.tcagen2/versions/1.0.0/policies" -H "Accept: application/json" -H "Content-Type: application/json" -d @vFirewall.policy.monitoring.input.tosca.json Get vFirewall Monitoring Policy:: - curl --user 'healthcheck:zb!XztG34' -X GET "http://{ip}:{port}/policy/api/v1/policytypes/onap.policies.monitoring.cdap.tca.hi.lo.app/versions/1.0.0/policies/onap.vfirewall.tca/versions/1.0.0" -H "Accept: application/json" -H "Content-Type: application/json" + curl --user 'healthcheck:zb!XztG34' -X GET "http://{ip}:{port}/policy/api/v1/policytypes/onap.policies.monitoring.tcagen2/versions/1.0.0/policies/onap.vfirewall.tca/versions/1.0.0" -H "Accept: application/json" -H "Content-Type: application/json" Delete vFirewall Monitoring Policy:: - curl --user 'healthcheck:zb!XztG34' -X DELETE "http://{ip}:{port}/policy/api/v1/policytypes/onap.policies.monitoring.cdap.tca.hi.lo.app/versions/1.0.0/policies/onap.vfirewall.tca/versions/1.0.0" -H "Accept: application/json" -H "Content-Type: application/json" + curl --user 'healthcheck:zb!XztG34' -X DELETE "http://{ip}:{port}/policy/api/v1/policytypes/onap.policies.monitoring.tcagen2/versions/1.0.0/policies/onap.vfirewall.tca/versions/1.0.0" -H "Accept: application/json" -H "Content-Type: application/json" Create vFirewall Operational Policy:: curl --user 'healthcheck:zb!XztG34' -X POST "http://{ip}:{port}/policy/api/v1/policytypes/onap.policies.controlloop.operational.common.Drools/versions/1.0.0/policies" -H "Accept: application/json" -H "Content-Type: application/json" -d @vFirewall.policy.operational.input.tosca.json @@ -288,3 +285,12 @@ Get vFirewall Operational Policy:: Delete vFirewall Operational Policy:: curl --user 'healthcheck:zb!XztG34' -X DELETE "http://{ip}:{port}/policy/api/v1/policytypes/onap.policies.controlloop.operational.common.Drools/versions/1.0.0/policies/operational.modifyconfig/versions/1.0.0" -H "Accept: application/json" -H "Content-Type: application/json" + +Get all available policies:: + curl --user 'healthcheck:zb!XztG34' -X GET "http://{ip}:{port}/policy/api/v1/policies" -H "Accept: application/json" -H "Content-Type: application/json" + +Get version 1.0.0 of vFirewall Monitoring Policy:: + curl --user 'healthcheck:zb!XztG34' -X GET "http://{ip}:{port}/policy/api/v1/policies/onap.vfirewall.tca/versions/1.0.0" -H "Accept: application/json" -H "Content-Type: application/json" + +Delete version 1.0.0 of vFirewall Monitoring Policy:: + curl --user 'healthcheck:zb!XztG34' -X DELETE "http://{ip}:{port}/policy/api/v1/policies/onap.vfirewall.tca/versions/1.0.0" -H "Accept: application/json" -H "Content-Type: application/json" diff --git a/docs/api/swagger/operational-policy-api.json b/docs/api/swagger/operational-policy-api.json deleted file mode 100644 index 90a0e517..00000000 --- a/docs/api/swagger/operational-policy-api.json +++ /dev/null @@ -1,400 +0,0 @@ -{ - "swagger" : "2.0", - "basePath" : "/", - "tags" : [ { - "name" : "Legacy Operational Policy" - } ], - "schemes" : [ "http", "https" ], - "paths" : { - "/policy/api/v1/policytypes/onap.policies.controlloop.Operational/versions/1.0.0/policies/{policyId}/versions/latest" : { - "get" : { - "tags" : [ "Legacy Operational Policy" ], - "summary" : "Retrieve the latest version of a particular operational policy", - "description" : "Returns the latest version of the specified operational policy", - "operationId" : "getLatestVersionOfOperationalPolicy", - "produces" : [ "application/json", "application/yaml" ], - "parameters" : [ { - "name" : "policyId", - "in" : "path", - "description" : "ID of policy", - "required" : true, - "type" : "string" - }, { - "name" : "X-ONAP-RequestID", - "in" : "header", - "description" : "RequestID for http transaction", - "required" : false, - "type" : "string", - "format" : "uuid" - } ], - "responses" : { - "200" : { - "description" : "successful operation; Latest version of specified operational policy will be returned.", - "headers" : { - "X-MinorVersion" : { - "type" : "string", - "description" : "Used to request or communicate a MINOR version back from the client to the server, and from the server back to the client" - }, - "X-PatchVersion" : { - "type" : "string", - "description" : "Used only to communicate a PATCH version in a response for troubleshooting purposes only, and will not be provided by the client on request" - }, - "X-LatestVersion" : { - "type" : "string", - "description" : "Used only to communicate an API's latest version" - }, - "X-ONAP-RequestID" : { - "type" : "string", - "format" : "uuid", - "description" : "Used to track REST transactions for logging purpose" - } - }, - "schema" : { - "$ref" : "#/definitions/LegacyOperationalPolicy" - } - }, - "401" : { - "description" : "Authentication Error" - }, - "403" : { - "description" : "Authorization Error" - }, - "404" : { - "description" : "Resource Not Found" - }, - "500" : { - "description" : "Internal Server Error" - } - }, - "security" : [ { - "basicAuth" : [ ] - } ], - "x-interface info" : { - "api-version" : "1.0.0", - "last-mod-release" : "Dublin" - } - } - }, - "/policy/api/v1/policytypes/onap.policies.controlloop.Operational/versions/1.0.0/policies/{policyId}/versions/deployed" : { - "get" : { - "tags" : [ "Legacy Opereational Policy" ], - "summary" : "Retrieve deployed versions of a particular operational policy in pdp groups", - "description" : "Returns deployed versions of a specified operational policy in pdp groups", - "operationId" : "getDeployedVersionsOfOperationalPolicy", - "produces" : [ "application/json", "application/yaml" ], - "parameters" : [ { - "name" : "policyId", - "in" : "path", - "description" : "ID of operational policy", - "required" : true, - "type" : "string" - }, { - "name" : "X-ONAP-RequestID", - "in" : "header", - "description" : "RequestID for http transaction", - "required" : false, - "type" : "string", - "format" : "uuid" - } ], - "responses" : { - "200" : { - "description" : "successful operation; Deployed versions of specified operational policy in PDP groups will be returned.", - "headers" : { - "X-MinorVersion" : { - "type" : "string", - "description" : "Used to request or communicate a MINOR version back from the client to the server, and from the server back to the client" - }, - "X-PatchVersion" : { - "type" : "string", - "description" : "Used only to communicate a PATCH version in a response for troubleshooting purposes only, and will not be provided by the client on request" - }, - "X-LatestVersion" : { - "type" : "string", - "description" : "Used only to communicate an API's latest version" - }, - "X-ONAP-RequestID" : { - "type" : "string", - "format" : "uuid", - "description" : "Used to track REST transactions for logging purpose" - } - }, - "schema" : { - "type" : "array", - "items" : { - "$ref" : "#/definitions/LegacyOperationalPolicy" - } - } - }, - "401" : { - "description" : "Authentication Error" - }, - "403" : { - "description" : "Authorization Error" - }, - "404" : { - "description" : "Resource Not Found" - }, - "500" : { - "description" : "Internal Server Error" - } - }, - "security" : [ { - "basicAuth" : [ ] - } ], - "x-interface info" : { - "api-version" : "1.0.0", - "last-mod-release" : "Dublin" - } - } - }, - "/policy/api/v1/policytypes/onap.policies.controlloop.Operational/versions/1.0.0/policies/{policyId}/versions/{policyVersion}" : { - "get" : { - "tags" : [ "Legacy Operational Policy" ], - "summary" : "Retrieve one version of a particular operational policy", - "description" : "Returns a particular version of a specified operational policy", - "operationId" : "getSpecificVersionOfOperationalPolicy", - "produces" : [ "application/json", "application/yaml" ], - "parameters" : [ { - "name" : "policyId", - "in" : "path", - "description" : "ID of policy", - "required" : true, - "type" : "string" - }, { - "name" : "policyVersion", - "in" : "path", - "description" : "Version of policy", - "required" : true, - "type" : "string" - }, { - "name" : "X-ONAP-RequestID", - "in" : "header", - "description" : "RequestID for http transaction", - "required" : false, - "type" : "string", - "format" : "uuid" - } ], - "responses" : { - "200" : { - "description" : "successful operation; Specified version of specified operational policy will be returned.", - "headers" : { - "X-MinorVersion" : { - "type" : "string", - "description" : "Used to request or communicate a MINOR version back from the client to the server, and from the server back to the client" - }, - "X-PatchVersion" : { - "type" : "string", - "description" : "Used only to communicate a PATCH version in a response for troubleshooting purposes only, and will not be provided by the client on request" - }, - "X-LatestVersion" : { - "type" : "string", - "description" : "Used only to communicate an API's latest version" - }, - "X-ONAP-RequestID" : { - "type" : "string", - "format" : "uuid", - "description" : "Used to track REST transactions for logging purpose" - } - }, - "schema" : { - "$ref" : "#/definitions/LegacyOperationalPolicy" - } - }, - "401" : { - "description" : "Authentication Error" - }, - "403" : { - "description" : "Authorization Error" - }, - "404" : { - "description" : "Resource Not Found" - }, - "500" : { - "description" : "Internal Server Error" - } - }, - "security" : [ { - "basicAuth" : [ ] - } ], - "x-interface info" : { - "api-version" : "1.0.0", - "last-mod-release" : "Dublin" - } - }, - "delete" : { - "tags" : [ "Legacy Operational Policy" ], - "summary" : "Delete a particular version of a specified operational policy", - "description" : "Delete a particular version of an operational policy. It must follow one rule. Rule: the version that has been deployed in PDP group(s) cannot be deleted", - "operationId" : "deleteSpecificVersionOfOperationalPolicy", - "produces" : [ "application/json", "application/yaml" ], - "parameters" : [ { - "name" : "policyId", - "in" : "path", - "description" : "ID of policy", - "required" : true, - "type" : "string" - }, { - "name" : "policyVersion", - "in" : "path", - "description" : "Version of policy", - "required" : true, - "type" : "string" - }, { - "name" : "X-ONAP-RequestID", - "in" : "header", - "description" : "RequestID for http transaction", - "required" : false, - "type" : "string", - "format" : "uuid" - } ], - "responses" : { - "200" : { - "description" : "successful operation; Newly deleted operational policy will be returned.", - "headers" : { - "X-MinorVersion" : { - "type" : "string", - "description" : "Used to request or communicate a MINOR version back from the client to the server, and from the server back to the client" - }, - "X-PatchVersion" : { - "type" : "string", - "description" : "Used only to communicate a PATCH version in a response for troubleshooting purposes only, and will not be provided by the client on request" - }, - "X-LatestVersion" : { - "type" : "string", - "description" : "Used only to communicate an API's latest version" - }, - "X-ONAP-RequestID" : { - "type" : "string", - "format" : "uuid", - "description" : "Used to track REST transactions for logging purpose" - } - }, - "schema" : { - "$ref" : "#/definitions/LegacyOperationalPolicy" - } - }, - "401" : { - "description" : "Authentication Error" - }, - "403" : { - "description" : "Authorization Error" - }, - "404" : { - "description" : "Resource Not Found" - }, - "409" : { - "description" : "Delete Conflict, Rule Violation" - }, - "500" : { - "description" : "Internal Server Error" - } - }, - "security" : [ { - "basicAuth" : [ ] - } ], - "x-interface info" : { - "api-version" : "1.0.0", - "last-mod-release" : "Dublin" - } - } - }, - "/policy/api/v1/policytypes/onap.policies.controlloop.Operational/versions/1.0.0/policies" : { - "post" : { - "tags" : [ "Legacy Operational Policy" ], - "summary" : "Create a new operational policy", - "description" : "Create a new operational policy. Client should provide entity body of the new operational policy", - "operationId" : "createOperationalPolicy", - "consumes" : [ "application/json", "application/yaml" ], - "produces" : [ "application/json", "application/yaml" ], - "parameters" : [ { - "name" : "X-ONAP-RequestID", - "in" : "header", - "description" : "RequestID for http transaction", - "required" : false, - "type" : "string", - "format" : "uuid" - }, { - "in" : "body", - "name" : "body", - "description" : "Entity body of policy", - "required" : true, - "type" : "ToscaServiceTemplate", - "schema" : { - "$ref" : "#/definitions/LegacyOperationalPolicy" - } - } ], - "responses" : { - "200" : { - "description" : "successful operation; Newly created operational policy will be returned.", - "headers" : { - "X-MinorVersion" : { - "type" : "string", - "description" : "Used to request or communicate a MINOR version back from the client to the server, and from the server back to the client" - }, - "X-PatchVersion" : { - "type" : "string", - "description" : "Used only to communicate a PATCH version in a response for troubleshooting purposes only, and will not be provided by the client on request" - }, - "X-LatestVersion" : { - "type" : "string", - "description" : "Used only to communicate an API's latest version" - }, - "X-ONAP-RequestID" : { - "type" : "string", - "format" : "uuid", - "description" : "Used to track REST transactions for logging purpose" - } - }, - "schema" : { - "$ref" : "#/definitions/LegacyOperationalPolicy" - } - }, - "400" : { - "description" : "Invalid Body" - }, - "401" : { - "description" : "Authentication Error" - }, - "403" : { - "description" : "Authorization Error" - }, - "406" : { - "description" : "Not Acceptable Version" - }, - "500" : { - "description" : "Internal Server Error" - } - }, - "security" : [ { - "basicAuth" : [ ] - } ], - "x-interface info" : { - "api-version" : "1.0.0", - "last-mod-release" : "Dublin" - } - } - } - }, - "securityDefinitions" : { - "basicAuth" : { - "description" : "", - "type" : "basic" - } - }, - "definitions" : { - "LegacyOperationalPolicy" : { - "type" : "object", - "properties" : { - "policy-id" : { - "type" : "string" - }, - "policy-version" : { - "type" : "string" - }, - "content" : { - "type" : "string" - } - } - } - } -} diff --git a/docs/api/swagger/policy-api.json b/docs/api/swagger/policy-api.json index 76735751..95c73973 100644 --- a/docs/api/swagger/policy-api.json +++ b/docs/api/swagger/policy-api.json @@ -506,8 +506,287 @@ "last-mod-release" : "Dublin" } } - }, + }, + "/policy/api/v1/policies/{policyId}/versions/{policyVersion}": { + "get": { + "tags": [ + "Policy" + ], + "summary": "Retrieve specific version of a specified policy", + "description": "Returns a particular version of specified policy", + "operationId": "getSpecificPolicy", + "consumes": [ + "application/json", + "application/yaml" + ], + "produces": [ + "application/json", + "application/yaml" + ], + "parameters": [ + { + "name": "policyId", + "in": "path", + "description": "Name of policy", + "required": true, + "type": "string" + }, + { + "name": "policyVersion", + "in": "path", + "description": "Version of policy", + "required": true, + "type": "string" + }, + { + "name": "X-ONAP-RequestID", + "in": "header", + "description": "RequestID for http transaction", + "required": false, + "type": "string", + "format": "uuid" + }, + { + "name": "mode", + "in": "query", + "description": "Fetch mode for policies, BARE for bare policies (default), REFERENCED for fully referenced policies", + "required": false, + "type": "string", + "default": "bare", + "enum": [ + "BARE", + "REFERENCED" + ] + } + ], + "responses": { + "200": { + "description": "successful operation", + "headers": { + "X-MinorVersion": { + "type": "string", + "description": "Used to request or communicate a MINOR version back from the client to the server, and from the server back to the client" + }, + "X-PatchVersion": { + "type": "string", + "description": "Used only to communicate a PATCH version in a response for troubleshooting purposes only, and will not be provided by the client on request" + }, + "X-LatestVersion": { + "type": "string", + "description": "Used only to communicate an API's latest version" + }, + "X-ONAP-RequestID": { + "type": "string", + "format": "uuid", + "description": "Used to track REST transactions for logging purpose" + } + }, + "schema": { + "$ref": "#/definitions/ToscaServiceTemplate" + } + }, + "401": { + "description": "Authentication Error" + }, + "403": { + "description": "Authorization Error" + }, + "404": { + "description": "Resource Not Found" + }, + "500": { + "description": "Internal Server Error" + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "x-interface info": { + "api-version": "1.0.0", + "last-mod-release": "Guilin" + } + }, + "delete": { + "tags": [ + "Policy" + ], + "summary": "Delete a particular version of a policy", + "description": "Rule: the version that has been deployed in PDP group(s) cannot be deleted", + "operationId": "deleteSpecificPolicy", + "consumes": [ + "application/json", + "application/yaml" + ], + "produces": [ + "application/json", + "application/yaml" + ], + "parameters": [ + { + "name": "policyId", + "in": "path", + "description": "ID of policy", + "required": true, + "type": "string" + }, + { + "name": "policyVersion", + "in": "path", + "description": "Version of policy", + "required": true, + "type": "string" + }, + { + "name": "X-ONAP-RequestID", + "in": "header", + "description": "RequestID for http transaction", + "required": false, + "type": "string", + "format": "uuid" + } + ], + "responses": { + "200": { + "description": "successful operation", + "headers": { + "X-MinorVersion": { + "type": "string", + "description": "Used to request or communicate a MINOR version back from the client to the server, and from the server back to the client" + }, + "X-PatchVersion": { + "type": "string", + "description": "Used only to communicate a PATCH version in a response for troubleshooting purposes only, and will not be provided by the client on request" + }, + "X-LatestVersion": { + "type": "string", + "description": "Used only to communicate an API's latest version" + }, + "X-ONAP-RequestID": { + "type": "string", + "format": "uuid", + "description": "Used to track REST transactions for logging purpose" + } + }, + "schema": { + "$ref": "#/definitions/ToscaServiceTemplate" + } + }, + "401": { + "description": "Authentication Error" + }, + "403": { + "description": "Authorization Error" + }, + "404": { + "description": "Resource Not Found" + }, + "409": { + "description": "Delete Conflict, Rule Violation" + }, + "500": { + "description": "Internal Server Error" + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "x-interface info": { + "api-version": "1.0.0", + "last-mod-release": "Guilin" + } + } + }, "/policy/api/v1/policies" : { + "get": { + "tags": [ + "Policy" + ], + "summary": "Retrieve all versions of available policies", + "description": "Returns all version of available policies", + "operationId": "getPolicies", + "consumes": [ + "application/json", + "application/yaml" + ], + "produces": [ + "application/json", + "application/yaml" + ], + "parameters": [ + { + "name": "X-ONAP-RequestID", + "in": "header", + "description": "RequestID for http transaction", + "required": false, + "type": "string", + "format": "uuid" + }, + { + "name": "mode", + "in": "query", + "description": "Fetch mode for policies, BARE for bare policies (default), REFERENCED for fully referenced policies", + "required": false, + "type": "string", + "default": "bare", + "enum": [ + "BARE", + "REFERENCED" + ] + } + ], + "responses": { + "200": { + "description": "successful operation", + "headers": { + "X-MinorVersion": { + "type": "string", + "description": "Used to request or communicate a MINOR version back from the client to the server, and from the server back to the client" + }, + "X-PatchVersion": { + "type": "string", + "description": "Used only to communicate a PATCH version in a response for troubleshooting purposes only, and will not be provided by the client on request" + }, + "X-LatestVersion": { + "type": "string", + "description": "Used only to communicate an API's latest version" + }, + "X-ONAP-RequestID": { + "type": "string", + "format": "uuid", + "description": "Used to track REST transactions for logging purpose" + } + }, + "schema": { + "$ref": "#/definitions/ToscaServiceTemplate" + } + }, + "401": { + "description": "Authentication Error" + }, + "403": { + "description": "Authorization Error" + }, + "404": { + "description": "Resource Not Found" + }, + "500": { + "description": "Internal Server Error" + } + }, + "security": [ + { + "basicAuth": [] + } + ], + "x-interface info": { + "api-version": "1.0.0", + "last-mod-release": "Guilin" + } + }, "post" : { "tags" : [ "Policy" ], "summary" : "Create one or more new policies", diff --git a/docs/design/design.rst b/docs/design/design.rst index 1080f4de..d543e461 100644 --- a/docs/design/design.rst +++ b/docs/design/design.rst @@ -61,7 +61,6 @@ Policy Framework upon platform installation. For a full listing of available pre ============================================ =============================================================================== onap.policies.Monitoring Base model that supports Policy driven DCAE microservice components used in Control Loops -onap.policies.controlloop.Operational Legacy actor/action operational policies for control loops (Deprecated) onap.policies.controlloop.operational.Common Base Control Loop operational policy common definitions onap.policies.controlloop.guard.Common Control Loop Guard Policy common definitions onap.policies.Optimization Base OOF Optimization Policy Type definition @@ -177,6 +176,13 @@ The Blacklist Guard Supports blacklisting control loop actions from being perfor Please see the definition of the `Guard Blacklist Policy Type <https://github.com/onap/policy-models/blob/master/models-examples/src/main/resources/policytypes/onap.policies.controlloop.guard.common.Blacklist.yaml>`_ +3.4 Filter Guard onap.policies.controlloop.guard.common.Filter +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The Filter Guard Supports filtering control loop actions from being performed on specific entity id's. + +Please see the definition of the `Guard Filter Policy Type <https://github.com/onap/policy-models/blob/master/models-examples/src/main/resources/policytypes/onap.policies.controlloop.guard.common.Filter.yaml>`_ + 4 Optimization onap.policies.Optimization ----------------------------------------- @@ -273,44 +279,3 @@ will route XACML Request/Response RESTful API calls to the **native** applicatio This policy type supports Apex native policy types. `Apex Native Policy Type <https://github.com/onap/policy-models/blob/master/models-examples/src/main/resources/policytypes/onap.policies.native.Apex.yaml>`_ - - -7 Base Policy Type: onap.policies.controlloop.Operational (Deprecated) ----------------------------------------------------------------------- - -This policy type is used to support legacy YAML definitions for actor/action operational policies for control loops. -There are two types of implementations for this policy type: - -1. Drools implementations that support runtime Control Loop actions taken on components such as SO/APPC/VFC/SDNC/SDNR -2. Implementations using APEX to support Control Loops. - -.. note:: - This policy type will be deprecated after Frankfurt and is discouraged from being used. - -.. code-block:: yaml - :caption: Base Policy Type definition for onap.policies.controlloop.Operational - :linenos: - - tosca_definitions_version: tosca_simple_yaml_1_1_0 - policy_types: - - onap.policies.controlloop.Operational: - derived_from: tosca.policies.Root - version: 1.0.0 - description: Operational Policy for Control Loops - -There are no properties defined for this policy type, instead it is expected that the user submit the REST call with a -special JSON format used to bridge the Casablanca Legacy API to the new Lifecycle API introduced in Dublin release. - -.. code-block:: json - :caption: Example Policy Payload for onap.policies.controlloop.Operational Policy Type - - { - "policy-id" : "operational.restart", - "policy-version" : "1", - "content" : "controlLoop%3A%0A%20%20version%3A%202.0.0%0A%20%20controlLoopName%3A%20ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e%0A%20%20trigger_policy%3A%20unique-policy-id-1-restart%0A%20%20timeout%3A%203600%0A%20%20abatement%3A%20true%0A%20%0Apolicies%3A%0A%20%20-%20id%3A%20unique-policy-id-1-restart%0A%20%20%20%20name%3A%20Restart%20the%20VM%0A%20%20%20%20description%3A%0A%20%20%20%20actor%3A%20APPC%0A%20%20%20%20recipe%3A%20Restart%0A%20%20%20%20target%3A%0A%20%20%20%20%20%20type%3A%20VM%0A%20%20%20%20retry%3A%203%0A%20%20%20%20timeout%3A%201200%0A%20%20%20%20success%3A%20final_success%0A%20%20%20%20failure%3A%20final_failure%0A%20%20%20%20failure_timeout%3A%20final_failure_timeout%0A%20%20%20%20failure_retries%3A%20final_failure_retries%0A%20%20%20%20failure_exception%3A%20final_failure_exception%0A%20%20%20%20failure_guard%3A%20final_failure_guard", - "controllerName" : "frankfurt" - } - -For the **"content"** property, please refer to the `YAML Operational Policy format -<https://github.com/onap/policy-models/blob/master/models-interactions/model-yaml/README-v2.0.0.md>`__ to define the -**content** field and URL Encode the yaml. diff --git a/docs/distribution/Distribution-User-Manual.rst b/docs/distribution/Distribution-User-Manual.rst index f9868055..e9e69b4e 100644 --- a/docs/distribution/Distribution-User-Manual.rst +++ b/docs/distribution/Distribution-User-Manual.rst @@ -479,11 +479,6 @@ A configuration example "receptionHandlerConfigurationName":"sdcConfiguration", "pluginHandlerParameters":{ "policyDecoders":{ - "HpaDecoder":{ - "decoderType":"HpaDecoder", - "decoderClassName":"org.onap.policy.distribution.reception.decoding.hpa.PolicyDecoderCsarHpa", - "decoderConfigurationName": "csarToOptimizationPolicyConfiguration" - }, "ToscaPolicyDecoder":{ "decoderType":"ToscaPolicyDecoder", "decoderClassName":"org.onap.policy.distribution.reception.decoding.policy.file.PolicyDecoderFileInCsarToPolicy", @@ -528,17 +523,6 @@ A configuration example } }, "policyDecoderConfigurationParameters":{ - "csarToOptimizationPolicyConfiguration":{ - "parameterClassName":"org.onap.policy.distribution.reception.decoding.hpa.PolicyDecoderCsarHpaParameters", - "parameters":{ - "policyNamePrefix": "oofCasablanca", - "onapName": "OOF", - "version": "1.0", - "priority": "3", - "riskType": "Test", - "riskLevel": "2" - } - }, "toscaPolicyDecoderConfiguration":{ "parameterClassName":"org.onap.policy.distribution.reception.decoding.policy.file.PolicyDecoderFileInCsarToPolicyParameterGroup", "parameters":{ diff --git a/docs/offeredapis.rst b/docs/offeredapis.rst index 628487ce..ee90751a 100644 --- a/docs/offeredapis.rst +++ b/docs/offeredapis.rst @@ -32,3 +32,17 @@ Postman collection for `Policy Framework Lifecycle API <https://github.com/onap/ Postman collection for `Policy Framework Administration API <https://github.com/onap/policy-pap/blob/master/postman/pap-api-collection.json>`_ Postman collection for `Policy Framework Decision API <https://github.com/onap/policy-xacml-pdp/blob/master/postman/decision-api-collection.json>`_ + +API Swagger Generation +---------------------- + +The standard for API definition in the RESTful API world is the OpenAPI Specification (OAS). The OAS, which is based on +the original "Swagger Specification," is being widely used in API developments. + +Execute the below curl command for swagger generation by filling in the authorization details, IP and Port information: + +.. code-block:: bash + + “curl -k --user ‘{user_id}:{password}’ https://{ip}:{port}/swagger.json” + + diff --git a/docs/pap/InternalPapPdp.rst b/docs/pap/InternalPapPdp.rst index 998514af..5c4c3f61 100644 --- a/docs/pap/InternalPapPdp.rst +++ b/docs/pap/InternalPapPdp.rst @@ -250,10 +250,10 @@ sent to the PAP in a *PDP_STATUS* message is unknown to the PAP, the PAP locks t pdp_group: onap.pdpgroup.Monitoring pdp_subgroup: xacml supported_policy_types: - - onap.monitoring.cdap.tca.hi.lo.app + - onap.monitoring.tcagen2 policies: - onap.scaleout.tca:message - policy_type: onap.policies.monitoring.cdap.tca.hi.lo.app + policy_type: onap.policies.monitoring.tcagen2 policy_type_version: 1.0.0 properties: # Omitted for brevity diff --git a/docs/pap/notification/dmaap-pap-notif.json b/docs/pap/notification/dmaap-pap-notif.json index bfe9162b..07d1ac20 100644 --- a/docs/pap/notification/dmaap-pap-notif.json +++ b/docs/pap/notification/dmaap-pap-notif.json @@ -1,7 +1,7 @@ { "deployed-policies": [ { - "policy-type": "onap.policies.monitoring.cdap.tca.hi.lo.app", + "policy-type": "onap.policies.monitoring.tcagen2", "policy-type-version": "1.0.0", "policy-id": "onap.scaleout.tca", "policy-version": "2.0.0", @@ -11,7 +11,7 @@ ], "undeployed-policies": [ { - "policy-type": "onap.policies.firewall", + "policy-type": "onap.policies.monitoring.tcagen2", "policy-type-version": "1.0.0", "policy-id": "onap.firewall.tca", "policy-version": "6.0.0", diff --git a/docs/pap/request/deployment-batch-pap-req.json b/docs/pap/request/deployment-batch-pap-req.json index 6577bed7..b5b5e5b8 100644 --- a/docs/pap/request/deployment-batch-pap-req.json +++ b/docs/pap/request/deployment-batch-pap-req.json @@ -8,7 +8,7 @@ "action": "POST", "policies": [ { - "name": "onap.controllloop.operational.apex.bbs.EastRegion", + "name": "onap.policies.native.apex.bbs.EastRegion", "version": "1.0.0" } ] diff --git a/docs/pap/request/groups-batch-pap-req.json b/docs/pap/request/groups-batch-pap-req.json index 1a117f8f..ee978ed8 100644 --- a/docs/pap/request/groups-batch-pap-req.json +++ b/docs/pap/request/groups-batch-pap-req.json @@ -11,7 +11,7 @@ "properties": {}, "supportedPolicyTypes": [ { - "name": "onap.policies.controlloop.operational.Apex", + "name": "onap.policies.controlloop.operational.common.Apex", "version": "1.0.0" } ], @@ -23,7 +23,7 @@ "properties": {}, "supportedPolicyTypes": [ { - "name": "onap.policies.monitoring.cdap.tca.hi.lo.app", + "name": "onap.policies.monitoring.tcagen2", "version": "1.0.0" } ], @@ -32,4 +32,4 @@ ] } ] -}
\ No newline at end of file +} diff --git a/docs/pap/response/deployed-policy-pap-resp.json b/docs/pap/response/deployed-policy-pap-resp.json index fa768a1b..8065c791 100644 --- a/docs/pap/response/deployed-policy-pap-resp.json +++ b/docs/pap/response/deployed-policy-pap-resp.json @@ -1,6 +1,6 @@ [ { - "policy-type": "onap.policies.monitoring.cdap.tca.hi.lo.app", + "policy-type": "onap.policies.monitoring.tcagen2", "policy-type-version": "1.0.0", "policy-id": "MICROSERVICE_vFW_CDS_Service_v2_0_app_1_0_0_I95", "policy-version": "1.0.0", @@ -9,16 +9,7 @@ "incomplete-count": 0 }, { - "policy-type": "onap.policies.controlloop.Operational", - "policy-type-version": "1.0.0", - "policy-id": "OPERATIONAL_vFW_CDS_Service_v2_0_OperationalPolicyLegacy_1_0_0_Ly6", - "policy-version": "1.0.0", - "success-count": 1, - "failure-count": 0, - "incomplete-count": 0 - }, - { - "policy-type": "onap.policies.monitoring.cdap.tca.hi.lo.app", + "policy-type": "onap.policies.monitoring.tcagen2", "policy-type-version": "1.0.0", "policy-id": "MICROSERVICE_vFW_CDS_Service_v2_0_app_1_0_0_WNX", "policy-version": "1.0.0", @@ -35,4 +26,4 @@ "failure-count": 0, "incomplete-count": 0 } -]
\ No newline at end of file +] diff --git a/docs/pap/response/group-query-pap-resp.json b/docs/pap/response/group-query-pap-resp.json index cbdf508f..8817bf53 100644 --- a/docs/pap/response/group-query-pap-resp.json +++ b/docs/pap/response/group-query-pap-resp.json @@ -14,7 +14,7 @@ "properties": {}, "supportedPolicyTypes": [ { - "name": "onap.policies.controlloop.Operational", + "name": "onap.policies.controlloop.operational.common.Apex", "version": "1.0.0" } ] @@ -28,7 +28,7 @@ "properties": {}, "supportedPolicyTypes": [ { - "name": "onap.policies.controlloop.Operational", + "name": "onap.policies.controlloop.operational.common.Drools", "version": "1.0.0" } ] @@ -86,7 +86,11 @@ "properties": {}, "supportedPolicyTypes": [ { - "name": "onap.policies.controlloop.operational.Apex", + "name": "onap.policies.controlloop.operational.common.Apex", + "version": "1.0.0" + }, + { + "name": "onap.policies.native.Apex", "version": "1.0.0" } ] @@ -100,7 +104,15 @@ "properties": {}, "supportedPolicyTypes": [ { - "name": "onap.policies.controlloop.Operational", + "name": "onap.policies.controlloop.operational.common.Drools", + "version": "1.0.0" + }, + { + "name": "onap.policies.native.drools.Controller", + "version": "1.0.0" + }, + { + "name": "onap.policies.native.drools.Artifact", "version": "1.0.0" } ] diff --git a/docs/release-notes.rst b/docs/release-notes.rst index 31b056a2..c5fd9866 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -19,44 +19,70 @@ Policy Release Notes .. * * * FRANKFURT * * * .. =========================== -Abstract -======== -This document provides the release notes for the Policy Framework Project's Frankfurt release. +Version: 6.0.1 +-------------- -Summary -======= +:Release Date: 2020-08-21 (Frankfurt Maintenance Release #1) + +**Artifacts** + +Artifacts released: + +.. csv-table:: + :header: "Repository", "Java Artifact", "Docker Image (if applicable)" + :widths: 15,10,10 + + "policy/drools-applications", "1.6.4", "onap/policy-pdpd-cl:1.6.4" + + +**Bug Fixes** -New features include policy update notifications, native policy support, streamlined health check for the Policy Administration Point (PAP), -configurable pre-loading/pre-deployment of policies, new APIs (e.g. to create one or more Policies with a single call), new experimental PDP monitoring GUI, and enhancements to all three PDPs: XACML, Drools, APEX. -Release Data -============ - -+--------------------------------------+--------------------------------------+ -| **Policy Project** | | -| | | -+--------------------------------------+--------------------------------------+ -| **Docker images** | - policy-api 2.2.4 | -| | - policy-pap 2.2.3 | -| | - policy-pdpd-cl 1.6.4 | -| | - policy-xacml-pdp 2.2.2 | -| | - policy-apex-pdp 2.3.2 | -| | - policy-distribution 2.3.2 | -| | - policy-pe 1.6.4 | -| | | -+--------------------------------------+--------------------------------------+ -| **Release designation** | 6.0.0 frankfurt | -| | | -+--------------------------------------+--------------------------------------+ -| **Release date** | 2020-06-04 | -| | | -+--------------------------------------+--------------------------------------+ + * `[POLICY-2704] <https://jira.onap.org/browse/POLICY-2704>`_ - Legacy PDP-X and PAP stuck in PodIntializing +**Security Notes** + +*Fixed Security Issues* + + + * `[POLICY-2678] <https://jira.onap.org/browse/POLICY-2678>`_ - policy/engine tomcat upgrade for CVE-2020-11996 + + +Version: 6.0.0 +-------------- + +:Release Date: 2020-06-04 (Frankfurt Release) + New features ------------ +Artifacts released: + +.. csv-table:: + :header: "Repository", "Java Artifact", "Docker Image (if applicable)" + :widths: 15,10,10 + + "policy/parent", "3.1.3", "" + "policy/common", "1.6.5", "" + "policy/models", "2.2.6", "" + "policy/api", "2.2.4", "onap/policy-api:2.2.4" + "policy/pap", "2.2.3", "onap/policy-pap:2.2.3" + "policy/drools-pdp", "1.6.3", "onap/policy-drools:1.6.3" + "policy/apex-pdp", "2.3.2", "onap/policy-apex-pdp:2.3.2" + "policy/xacml-pdp", "2.2.2", "onap/policy-xacml-pdp:2.2.2" + "policy/drools-applications", "1.6.4", "onap/policy-pdpd-cl:1.6.4" + "policy/engine", "1.6.4", "onap/policy-pe:1.6.4" + "policy/distribution", "2.3.2", "onap/policy-distribution:2.3.2" + "policy/docker", "2.0.1", "onap/policy-jdk-alpine:2.0.1, onap/policy-jre-alpine:2.0.1, onap/policy-jdk-debian:2.0.1, onap/policy-jre-debian:2.0.1" + +Summary +======= + +New features include policy update notifications, native policy support, streamlined health check for the Policy Administration Point (PAP), +configurable pre-loading/pre-deployment of policies, new APIs (e.g. to create one or more Policies with a single call), new experimental PDP monitoring GUI, and enhancements to all three PDPs: XACML, Drools, APEX. + Common changes in all policy components ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ * Upgraded all policy components to Java 11. @@ -285,6 +311,48 @@ Quick Links: .. * * * EL ALTO * * * .. ========================== +Version: 5.0.2 +-------------- + +:Release Date: 2020-08-24 (El Alto Maintenance Release #1) + +**New Features** + +Artifacts released: + +.. csv-table:: + :header: "Repository", "Java Artifact", "Docker Image (if applicable)" + :widths: 15,10,10 + + "policy/api", "2.1.3", "onap/policy-api:2.1.3" + "policy/pap", "2.1.3", "onap/policy-pap:2.1.3" + "policy/drools-pdp", "1.5.3", "onap/policy-drools:1.5.3" + "policy/apex-pdp", "2.2.3", "onap/policy-apex-pdp:2.2.3" + "policy/xacml-pdp", "2.1.3", "onap/policy-xacml-pdp:2.1.3" + "policy/drools-applications", "1.5.4", "onap/policy-pdpd-cl:1.5.4" + "policy/engine", "1.5.3", "onap/policy-pe:1.5.3" + "policy/distribution", "2.2.2", "onap/policy-distribution:2.2.2" + "policy/docker", "1.4.0", "onap/policy-common-alpine:1.4.0, onap/policy/base-alpine:1.4.0" + + +**Bug Fixes** + + + * `[PORTAL-760] <https://jira.onap.org/browse/PORTAL-760>`_ - Access to Policy portal is impossible + * `[POLICY-2107] <https://jira.onap.org/browse/POLICY-2107>`_ - policy/distribution license issue in resource needs to be removed + * `[POLICY-2169] <https://jira.onap.org/browse/POLICY-2169>`_ - SDC client interface change caused compile error in policy distribution + * `[POLICY-2171] <https://jira.onap.org/browse/POLICY-2171>`_ - Upgrade elalto branch models and drools-applications + * `[POLICY-1509] <https://jira.onap.org/browse/POLICY-1509>`_ - Investigate Apex org.python.jython-standalone.2.7.1 + * `[POLICY-2062] <https://jira.onap.org/browse/POLICY-2062>`_ - APEX PDP logs > 4G filled local storage + + +**Security Notes** + +*Fixed Security Issues* + + + * `[POLICY-2475] <https://jira.onap.org/browse/POLICY-2475>`_ - Update El Alto component certificates + Version: 5.0.1 -------------- @@ -314,49 +382,49 @@ Artifacts released: The El Alto release for POLICY delivered the following Epics. For a full list of stories and tasks delivered in the El Alto release, refer to `JiraPolicyElAlto`_. * [POLICY-1727] - This epic covers technical debt left over from Dublin - - POLICY-969 Docker improvement in policy framwork modules - - POLICY-1074 Fix checkstyle warnings in every repository - - POLICY-1121 RPM build for Apex - - POLICY-1223 CII Silver Badging Requirements - - POLICY-1600 Clean up hash code equality checks, cloning and copying in policy-models - - POLICY-1646 Replace uses of getCanonicalName() with getName() - - POLICY-1652 Move PapRestServer to policy/common - - POLICY-1732 Enable maven-checkstyle-plugin in apex-pdp - - POLICY-1737 Upgrade oParent 2.0.0 - change daily jobs to staging jobs - - POLICY-1742 Make HTTP return code handling configurable in APEX - - POLICY-1743 Make URL configurable in REST Requestor and REST Client - - POLICY-1744 Remove topic.properties and incorporate into overall properties - - POLICY-1770 PAP REST API for PDPGroup Healthcheck - - POLICY-1771 Boost policy/api JUnit code coverage - - POLICY-1772 Boost policy/xacml-pdp JUnit code coverage - - POLICY-1773 Enhance the policy/xacml-pdp S3P Stability and Performance tests - - POLICY-1784 Better Handling of "version" field value with clients - - POLICY-1785 Deploy same policy with a new version simply adds to the list - - POLICY-1786 Create a simple way to populate the guard database for testing - - POLICY-1791 Address Sonar issues in new policy repos - - POLICY-1795 PAP: bounced apex and xacml pdps show deleted instance in pdp status through APIs. - - POLICY-1800 API|PAP components use different version formats - - POLICY-1805 Build up stability test for api component to follow S3P requirements - - POLICY-1806 Build up S3P performance test for api component - - POLICY-1847 Add control loop coordination as a preloaded policy type - - POLICY-1871 Change policy/distribution to support ToscaPolicyType & ToscaPolicy - - POLICY-1881 Upgrade policy/distribution to latest SDC artifacts - - POLICY-1885 Apex-pdp: Extend CLIEditor to generate policy in ToscaServiceTemplate format - - POLICY-1898 Move apex-pdp & distribution documents to policy/parent - - POLICY-1942 Boost policy/apex-pdp JUnit code coverage - - POLICY-1953 Create addTopic taking BusTopicParams instead of Properties in policy/endpoints + - POLICY-969 Docker improvement in policy framwork modules + - POLICY-1074 Fix checkstyle warnings in every repository + - POLICY-1121 RPM build for Apex + - POLICY-1223 CII Silver Badging Requirements + - POLICY-1600 Clean up hash code equality checks, cloning and copying in policy-models + - POLICY-1646 Replace uses of getCanonicalName() with getName() + - POLICY-1652 Move PapRestServer to policy/common + - POLICY-1732 Enable maven-checkstyle-plugin in apex-pdp + - POLICY-1737 Upgrade oParent 2.0.0 - change daily jobs to staging jobs + - POLICY-1742 Make HTTP return code handling configurable in APEX + - POLICY-1743 Make URL configurable in REST Requestor and REST Client + - POLICY-1744 Remove topic.properties and incorporate into overall properties + - POLICY-1770 PAP REST API for PDPGroup Healthcheck + - POLICY-1771 Boost policy/api JUnit code coverage + - POLICY-1772 Boost policy/xacml-pdp JUnit code coverage + - POLICY-1773 Enhance the policy/xacml-pdp S3P Stability and Performance tests + - POLICY-1784 Better Handling of "version" field value with clients + - POLICY-1785 Deploy same policy with a new version simply adds to the list + - POLICY-1786 Create a simple way to populate the guard database for testing + - POLICY-1791 Address Sonar issues in new policy repos + - POLICY-1795 PAP: bounced apex and xacml pdps show deleted instance in pdp status through APIs. + - POLICY-1800 API|PAP components use different version formats + - POLICY-1805 Build up stability test for api component to follow S3P requirements + - POLICY-1806 Build up S3P performance test for api component + - POLICY-1847 Add control loop coordination as a preloaded policy type + - POLICY-1871 Change policy/distribution to support ToscaPolicyType & ToscaPolicy + - POLICY-1881 Upgrade policy/distribution to latest SDC artifacts + - POLICY-1885 Apex-pdp: Extend CLIEditor to generate policy in ToscaServiceTemplate format + - POLICY-1898 Move apex-pdp & distribution documents to policy/parent + - POLICY-1942 Boost policy/apex-pdp JUnit code coverage + - POLICY-1953 Create addTopic taking BusTopicParams instead of Properties in policy/endpoints * Additional items delivered with the release. - - POLICY-1637 Remove "version" from PdpGroup - - POLICY-1653 Remove isNullVersion() method - - POLICY-1966 Fix more sonar issues in policy drools - - POLICY-1988 Generate El Alto AAF Certificates + - POLICY-1637 Remove "version" from PdpGroup + - POLICY-1653 Remove isNullVersion() method + - POLICY-1966 Fix more sonar issues in policy drools + - POLICY-1988 Generate El Alto AAF Certificates * [POLICY-1823] - This epic covers the work to develop features that will be deployed dark in El Alto. - - POLICY-1762 Create CDS API model implementation - - POLICY-1763 Create CDS Actor - - POLICY-1899 Update optimization xacml application to support more flexible Decision API - - POLICY-1911 XACML PDP must be able to retrieve Policy Type from API + - POLICY-1762 Create CDS API model implementation + - POLICY-1763 Create CDS Actor + - POLICY-1899 Update optimization xacml application to support more flexible Decision API + - POLICY-1911 XACML PDP must be able to retrieve Policy Type from API **Bug Fixes** @@ -366,12 +434,12 @@ The following bug fixes have been deployed with this release: * `[POLICY-1671] <https://jira.onap.org/browse/POLICY-1671>`_ - policy/engine JUnit tests now take over 30 minutes to run * `[POLICY-1725] <https://jira.onap.org/browse/POLICY-1725>`_ - XACML PDP returns 500 vs 400 for bad syntax JSON * `[POLICY-1793] <https://jira.onap.org/browse/POLICY-1793>`_ - API|MODELS: Retrieving Legacy Operational Policy as a Tosca Policy with wrong version - * `[POLICY-1795] <https://jira.onap.org/browse/POLICY-1795>`_ - PAP: bounced apex and xacml pdps show deleted instance in pdp status through APIs. + * `[POLICY-1795] <https://jira.onap.org/browse/POLICY-1795>`_ - PAP: bounced apex and xacml pdps show deleted instance in pdp status through APIs. * `[POLICY-1800] <https://jira.onap.org/browse/POLICY-1800>`_ - API|PAP components use different version formats * `[POLICY-1802] <https://jira.onap.org/browse/POLICY-1802>`_ - Apex-pdp: context album is mandatory for policy model to compile * `[POLICY-1803] <https://jira.onap.org/browse/POLICY-1803>`_ - PAP should undeploy policies when subgroup is deleted - * `[POLICY-1807] <https://jira.onap.org/browse/POLICY-1807>`_ - Latest version is always returned when using the endpoint to retrieve all versions of a particular policy - * `[POLICY-1808] <https://jira.onap.org/browse/POLICY-1808>`_ - API|PAP|PDP-X [new] should publish docker images with the following tag X.Y-SNAPSHOT-latest + * `[POLICY-1807] <https://jira.onap.org/browse/POLICY-1807>`_ - Latest version is always returned when using the endpoint to retrieve all versions of a particular policy + * `[POLICY-1808] <https://jira.onap.org/browse/POLICY-1808>`_ - API|PAP|PDP-X [new] should publish docker images with the following tag X.Y-SNAPSHOT-latest * `[POLICY-1810] <https://jira.onap.org/browse/POLICY-1810>`_ - API: support "../deployed" REST API (URLs) for legacy policies * `[POLICY-1811] <https://jira.onap.org/browse/POLICY-1811>`_ - The endpoint of retrieving the latest version of TOSCA policy does not return the latest one, especially when there are double-digit versions * `[POLICY-1818] <https://jira.onap.org/browse/POLICY-1818>`_ - APEX does not allow arbitrary Kafka parameters to be specified @@ -392,7 +460,7 @@ The following bug fixes have been deployed with this release: *Fixed Security Issues* - * `[POLICY-2115] <https://jira.onap.org/browse/POLICY-2115>`_ - Upgrade org.jgroups : jgroups : 4.0.12.Final + * `[POLICY-2115] <https://jira.onap.org/browse/POLICY-2115>`_ - Upgrade org.jgroups : jgroups : 4.0.12.Final * `[POLICY-2084] <https://jira.onap.org/browse/POLICY-2084>`_ - Investigate pip (py2.py3-none-any) 9.0.1 (.whl) in apex-pdp * `[POLICY-2072] <https://jira.onap.org/browse/POLICY-2072>`_ - Upgrade io.netty : netty-codec-http2 and netty-common to 4.1.39.Final * `[POLICY-2005] <https://jira.onap.org/browse/POLICY-2005>`_ - Upgrade elastic search to 6.8.2 @@ -462,96 +530,96 @@ Artifacts released: The Dublin release for POLICY delivered the following Epics. For a full list of stories and tasks delivered in the Dublin release, refer to `JiraPolicyDublin`_. * [POLICY-1068] - This epic covers the work to cleanup, enhance, fix, etc. any Control Loop based code base. - - POLICY-1195 Separate model code from drools-applications into other repositories - - POLICY-1367 Spike - Experimentation for management of Drools templates and Operational Policies - - POLICY-1397 PDP-D: NOOP Endpoints Support to test Operational Policies. - - POLICY-1459 PDP-D [Control Loop] : Create a Control Loop flavored PDP-D image + - POLICY-1195 Separate model code from drools-applications into other repositories + - POLICY-1367 Spike - Experimentation for management of Drools templates and Operational Policies + - POLICY-1397 PDP-D: NOOP Endpoints Support to test Operational Policies. + - POLICY-1459 PDP-D [Control Loop] : Create a Control Loop flavored PDP-D image * [POLICY-1069] - This epic covers the work to harden the codebase for the Policy Framework project. - - POLICY-1007 Remove Jackson from policy framework components - - POLICY-1202 policy-engine & apex-pdp are using different version of eclipselink - - POLICY-1250 Fix issues reported by sonar in policy modules - - POLICY-1368 Remove hibernate from policy repos - - POLICY-1457 Use Alpine in base docker images + - POLICY-1007 Remove Jackson from policy framework components + - POLICY-1202 policy-engine & apex-pdp are using different version of eclipselink + - POLICY-1250 Fix issues reported by sonar in policy modules + - POLICY-1368 Remove hibernate from policy repos + - POLICY-1457 Use Alpine in base docker images * [POLICY-1072] - This epic covers the work to support S3P Performance criteria. - S3P Performance related items * [POLICY-1171] - Enhance CLC Facility - - POLICY-1173 High-level specification of coordination directives + - POLICY-1173 High-level specification of coordination directives * [POLICY-1220] - This epic covers the work to support S3P Security criteria - - POLICY-1538 Upgrade Elasticsearch to 6.4.x to clear security issue + - POLICY-1538 Upgrade Elasticsearch to 6.4.x to clear security issue * [POLICY-1269] - R4 Dublin - ReBuild Policy Infrastructure - - POLICY-1270 Policy Lifecycle API RESTful HealthCheck/Statistics Main Entry Point - - POLICY-1271 PAP RESTful HealthCheck/Statistics Main Entry Point - - POLICY-1272 Create the S3P JMeter tests for API, PAP, XACML (2nd Gen) - - POLICY-1273 Policy Type Application Design Requirements - - POLICY-1436 XACML PDP RESTful HealthCheck/Statistics Main Entry Point - - POLICY-1440 XACML PDP RESTful Decision API Main Entry Point - - POLICY-1441 Policy Lifecycle API RESTful Create/Read Main Entry Point for Policy Types - - POLICY-1442 Policy Lifecycle API RESTful Create/Read Main Entry Point for Concrete Policies - - POLICY-1443 PAP Dmaap PDP Register/UnRegister Main Entry Point - - POLICY-1444 PAP Dmaap Policy Deploy/Undeploy Policies Main Entry Point - - POLICY-1445 XACML PDP upgrade to xacml 2.0.0 - - POLICY-1446 Policy Lifecycle API RESTful Delete Main Entry Point for Policy Types - - POLICY-1447 Policy Lifecycle API RESTful Delete Main Entry Point for Concrete Policies - - POLICY-1449 XACML PDP Dmaap Register/UnRegister Functionality - - POLICY-1451 XACML PDP Dmaap Deploy/UnDeploy Functionality - - POLICY-1452 Apex PDP Dmaap Register/UnRegister Functionality - - POLICY-1453 Apex PDP Dmaap Deploy/UnDeploy Functionality - - POLICY-1454 Drools PDP Dmaap Register/UnRegister Functionality - - POLICY-1455 Drools PDP Dmaap Deploy/UnDeploy Functionality - - POLICY-1456 Policy Architecture and Roadmap Documentation - - POLICY-1458 Create S3P JMeter Tests for Policy API - - POLICY-1460 Create S3P JMeter Tests for PAP - - POLICY-1461 Create S3P JMeter Tests for Policy XACML Engine (2nd Generation) - - POLICY-1462 Create S3P JMeter Tests for Policy SDC Distribution - - POLICY-1471 Policy Application Designer - Develop Guard and Control Loop Coordination Policy Type application - - POLICY-1474 Modifications of Control Loop Operational Policy to support new Policy Lifecycle API - - POLICY-1515 Prototype Policy Lifecycle API Swagger Entry Points - - POLICY-1516 Prototype the Policy Decision API - - POLICY-1541 PAP REST API for PDPGroup Query, Statistics & Delete - - POLICY-1542 PAP REST API for PDPGroup Deployment, State Management & Health Check + - POLICY-1270 Policy Lifecycle API RESTful HealthCheck/Statistics Main Entry Point + - POLICY-1271 PAP RESTful HealthCheck/Statistics Main Entry Point + - POLICY-1272 Create the S3P JMeter tests for API, PAP, XACML (2nd Gen) + - POLICY-1273 Policy Type Application Design Requirements + - POLICY-1436 XACML PDP RESTful HealthCheck/Statistics Main Entry Point + - POLICY-1440 XACML PDP RESTful Decision API Main Entry Point + - POLICY-1441 Policy Lifecycle API RESTful Create/Read Main Entry Point for Policy Types + - POLICY-1442 Policy Lifecycle API RESTful Create/Read Main Entry Point for Concrete Policies + - POLICY-1443 PAP Dmaap PDP Register/UnRegister Main Entry Point + - POLICY-1444 PAP Dmaap Policy Deploy/Undeploy Policies Main Entry Point + - POLICY-1445 XACML PDP upgrade to xacml 2.0.0 + - POLICY-1446 Policy Lifecycle API RESTful Delete Main Entry Point for Policy Types + - POLICY-1447 Policy Lifecycle API RESTful Delete Main Entry Point for Concrete Policies + - POLICY-1449 XACML PDP Dmaap Register/UnRegister Functionality + - POLICY-1451 XACML PDP Dmaap Deploy/UnDeploy Functionality + - POLICY-1452 Apex PDP Dmaap Register/UnRegister Functionality + - POLICY-1453 Apex PDP Dmaap Deploy/UnDeploy Functionality + - POLICY-1454 Drools PDP Dmaap Register/UnRegister Functionality + - POLICY-1455 Drools PDP Dmaap Deploy/UnDeploy Functionality + - POLICY-1456 Policy Architecture and Roadmap Documentation + - POLICY-1458 Create S3P JMeter Tests for Policy API + - POLICY-1460 Create S3P JMeter Tests for PAP + - POLICY-1461 Create S3P JMeter Tests for Policy XACML Engine (2nd Generation) + - POLICY-1462 Create S3P JMeter Tests for Policy SDC Distribution + - POLICY-1471 Policy Application Designer - Develop Guard and Control Loop Coordination Policy Type application + - POLICY-1474 Modifications of Control Loop Operational Policy to support new Policy Lifecycle API + - POLICY-1515 Prototype Policy Lifecycle API Swagger Entry Points + - POLICY-1516 Prototype the Policy Decision API + - POLICY-1541 PAP REST API for PDPGroup Query, Statistics & Delete + - POLICY-1542 PAP REST API for PDPGroup Deployment, State Management & Health Check * [POLICY-1399] - This epic covers the work to support model drive control loop design as defined by the Control Loop Subcommittee - Model drive control loop related items * [POLICY-1404] - This epic covers the work to support the CCVPN Use Case for Dublin - - POLICY-1405 Develop SDNC API for trigger bandwidth + - POLICY-1405 Develop SDNC API for trigger bandwidth * [POLICY-1408] - This epic covers the work done with the Casablanca release - - POLICY-1410 List Policy API - - POLICY-1413 Dashboard enhancements - - POLICY-1414 Push Policy and DeletePolicy API enhancement - - POLICY-1416 Model enhancements to support CLAMP - - POLICY-1417 Resiliency improvements - - POLICY-1418 PDP APIs - make ClientAuth optional - - POLICY-1419 Better multi-role support - - POLICY-1420 Model enhancement to support embedded JSON - - POLICY-1421 New audit data for push/delete - - POLICY-1422 Enhanced encryption - - POLICY-1423 Save original model file - - POLICY-1427 Controller Logging Feature - - POLICY-1489 PDP-D: Nested JSON Event Filtering support with JsonPath - - POLICY-1499 Mdc Filter Feature + - POLICY-1410 List Policy API + - POLICY-1413 Dashboard enhancements + - POLICY-1414 Push Policy and DeletePolicy API enhancement + - POLICY-1416 Model enhancements to support CLAMP + - POLICY-1417 Resiliency improvements + - POLICY-1418 PDP APIs - make ClientAuth optional + - POLICY-1419 Better multi-role support + - POLICY-1420 Model enhancement to support embedded JSON + - POLICY-1421 New audit data for push/delete + - POLICY-1422 Enhanced encryption + - POLICY-1423 Save original model file + - POLICY-1427 Controller Logging Feature + - POLICY-1489 PDP-D: Nested JSON Event Filtering support with JsonPath + - POLICY-1499 Mdc Filter Feature * [POLICY-1438] - This epic covers the work to support 5G OOF PCI Use Case - - POLICY-1463 Functional code changes in Policy for OOF SON use case - - POLICY-1464 Config related aspects for OOF SON use case + - POLICY-1463 Functional code changes in Policy for OOF SON use case + - POLICY-1464 Config related aspects for OOF SON use case * [POLICY-1450] - This epic covers the work to support the Scale Out Use Case. - - POLICY-1278 AAI named-queries are being deprecated and should be replaced with custom-queries - - POLICY-1545 E2E Automation - Parse the newly added model ids from operation policy + - POLICY-1278 AAI named-queries are being deprecated and should be replaced with custom-queries + - POLICY-1545 E2E Automation - Parse the newly added model ids from operation policy * Additional items delivered with the release. - - POLICY-1159 Move expectException to policy-common/utils-test - - POLICY-1176 Work on technical debt introduced by CLC POC - - POLICY-1266 A&AI Modularity - - POLICY-1274 further improvement in PSSD S3P test - - POLICY-1401 Build onap.policies.Monitoring TOSCA Policy Template - - POLICY-1465 Support configurable Heap Memory Settings for JVM processes + - POLICY-1159 Move expectException to policy-common/utils-test + - POLICY-1176 Work on technical debt introduced by CLC POC + - POLICY-1266 A&AI Modularity + - POLICY-1274 further improvement in PSSD S3P test + - POLICY-1401 Build onap.policies.Monitoring TOSCA Policy Template + - POLICY-1465 Support configurable Heap Memory Settings for JVM processes **Bug Fixes** @@ -589,7 +657,7 @@ Quick Links: The following known issues will be addressed in a future release: - * `[POLICY-1795] - <https://jira.onap.org/browse/POLICY-1795>`_ PAP: bounced apex and xacml pdps show deleted instance in pdp status through APIs. + * `[POLICY-1795] - <https://jira.onap.org/browse/POLICY-1795>`_ PAP: bounced apex and xacml pdps show deleted instance in pdp status through APIs. * `[POLICY-1810] - <https://jira.onap.org/browse/POLICY-1810>`_ API: ensure that the REST APISs (URLs) are supported and consistent regardless the type of policy: operational, guard, tosca-compliant. * `[POLICY-1277] - <https://jira.onap.org/browse/POLICY-1277>`_ policy config takes too long time to become retrievable in PDP * `[POLICY-1378] - <https://jira.onap.org/browse/POLICY-1378>`_ add support to append value into policyScope while one policy could be used by several services @@ -599,7 +667,7 @@ The following known issues will be addressed in a future release: * `[POLICY-1793] - <https://jira.onap.org/browse/POLICY-1793>`_ API|MODELS: Retrieving Legacy Operational Policy as a Tosca Policy with wrong version * `[POLICY-1800] - <https://jira.onap.org/browse/POLICY-1800>`_ API|PAP components use different version formats * `[POLICY-1802] - <https://jira.onap.org/browse/POLICY-1802>`_ Apex-pdp: context album is mandatory for policy model to compile - * `[POLICY-1808] - <https://jira.onap.org/browse/POLICY-1808>`_ API|PAP|PDP-X [new] should publish docker images with the following tag X.Y-SNAPSHOT-latest + * `[POLICY-1808] - <https://jira.onap.org/browse/POLICY-1808>`_ API|PAP|PDP-X [new] should publish docker images with the following tag X.Y-SNAPSHOT-latest * `[POLICY-1818] - <https://jira.onap.org/browse/POLICY-1818>`_ APEX does not allow arbitrary Kafka parameters to be specified * `[POLICY-1276] - <https://jira.onap.org/browse/POLICY-1276>`_ JRuby interpreter shutdown fails on second and subsequent runs * `[POLICY-1803] - <https://jira.onap.org/browse/POLICY-1803>`_ PAP should undeploy policies when subgroup is deleted @@ -757,59 +825,59 @@ Version: 2.0.0 The Beijing release for POLICY delivered the following Epics. For a full list of stories and tasks delivered in the Beijing release, refer to `JiraPolicyBeijing`_. * [POLICY-390] - This epic covers the work to harden the Policy platform software base (incl 50% JUnit coverage) - - POLICY-238 policy/drools-applications: clean up maven structure - - POLICY-336 Address Technical Debt - - POLICY-338 Address JUnit Code Coverage - - POLICY-377 Policy Create API should validate input matches DCAE microservice template - - POLICY-389 Cleanup Jenkin's CI/CD process's - - POLICY-449 Policy API + Console : Common Policy Validation - - POLICY-568 Integration with org.onap AAF project - - POLICY-610 Support vDNS scale out for multiple times in Beijing release + - POLICY-238 policy/drools-applications: clean up maven structure + - POLICY-336 Address Technical Debt + - POLICY-338 Address JUnit Code Coverage + - POLICY-377 Policy Create API should validate input matches DCAE microservice template + - POLICY-389 Cleanup Jenkin's CI/CD process's + - POLICY-449 Policy API + Console : Common Policy Validation + - POLICY-568 Integration with org.onap AAF project + - POLICY-610 Support vDNS scale out for multiple times in Beijing release * [POLICY-391] - This epic covers the work to support Release Planning activities - - POLICY-552 ONAP Licensing Scan - Use Restrictions + - POLICY-552 ONAP Licensing Scan - Use Restrictions * [POLICY-392] - Platform Maturity Requirements - Performance Level 1 - - POLICY-529 Platform Maturity Performance - Drools PDP - - POLICY-567 Platform Maturity Performance - PDP-X + - POLICY-529 Platform Maturity Performance - Drools PDP + - POLICY-567 Platform Maturity Performance - PDP-X * [POLICY-394] - This epic covers the work required to support a Policy developer environment in which Policy Developers can create, update policy templates/rules separate from the policy Platform runtime platform. - - POLICY-488 pap should not add rules to official template provided in drools applications + - POLICY-488 pap should not add rules to official template provided in drools applications * [POLICY-398] - This epic covers the body of work involved in supporting policy that is platform specific. - - POLICY-434 need PDP /getConfig to return an indicator of where to find the config data - in config.content versus config field + - POLICY-434 need PDP /getConfig to return an indicator of where to find the config data - in config.content versus config field * [POLICY-399] - This epic covers the work required to policy enable Hardware Platform Enablement - - POLICY-622 Integrate OOF Policy Model into Policy Platform + - POLICY-622 Integrate OOF Policy Model into Policy Platform * [POLICY-512] - This epic covers the work to support Platform Maturity Requirements - Stability Level 1 - - POLICY-525 Platform Maturity Stability - Drools PDP - - POLICY-526 Platform Maturity Stability - XACML PDP + - POLICY-525 Platform Maturity Stability - Drools PDP + - POLICY-526 Platform Maturity Stability - XACML PDP * [POLICY-513] - Platform Maturity Requirements - Resiliency Level 2 - - POLICY-527 Platform Maturity Resiliency - Policy Engine GUI and PAP - - POLICY-528 Platform Maturity Resiliency - Drools PDP - - POLICY-569 Platform Maturity Resiliency - BRMS Gateway - - POLICY-585 Platform Maturity Resiliency - XACML PDP - - POLICY-586 Platform Maturity Resiliency - Planning - - POLICY-681 Regression Test Use Cases + - POLICY-527 Platform Maturity Resiliency - Policy Engine GUI and PAP + - POLICY-528 Platform Maturity Resiliency - Drools PDP + - POLICY-569 Platform Maturity Resiliency - BRMS Gateway + - POLICY-585 Platform Maturity Resiliency - XACML PDP + - POLICY-586 Platform Maturity Resiliency - Planning + - POLICY-681 Regression Test Use Cases * [POLICY-514] - This epic covers the work to support Platform Maturity Requirements - Security Level 1 - - POLICY-523 Platform Maturity Security - CII Badging - Project Website + - POLICY-523 Platform Maturity Security - CII Badging - Project Website * [POLICY-515] - This epic covers the work to support Platform Maturity Requirements - Escalability Level 1 - - POLICY-531 Platform Maturity Scalability - XACML PDP - - POLICY-532 Platform Maturity Scalability - Drools PDP - - POLICY-623 Docker image re-design + - POLICY-531 Platform Maturity Scalability - XACML PDP + - POLICY-532 Platform Maturity Scalability - Drools PDP + - POLICY-623 Docker image re-design * [POLICY-516] - This epic covers the work to support Platform Maturity Requirements - Manageability Level 1 - - POLICY-533 Platform Maturity Manageability L1 - Logging - - POLICY-534 Platform Maturity Manageability - Instantiation < 1 hour + - POLICY-533 Platform Maturity Manageability L1 - Logging + - POLICY-534 Platform Maturity Manageability - Instantiation < 1 hour * [POLICY-517] - This epic covers the work to support Platform Maturity Requirements - Usability Level 1 - - POLICY-535 Platform Maturity Usability - User Guide - - POLICY-536 Platform Maturity Usability - Deployment Documentation - - POLICY-537 Platform Maturity Usability - API Documentation + - POLICY-535 Platform Maturity Usability - User Guide + - POLICY-536 Platform Maturity Usability - Deployment Documentation + - POLICY-537 Platform Maturity Usability - API Documentation * [POLICY-546] - R2 Beijing - Various enhancements requested by clients to the way we handle TOSCA models. @@ -938,7 +1006,7 @@ The Amsterdam release continued evolving the design driven architecture of and f - The operational policy template has been tested with the vFW, vCPE, vDNS and VOLTE use cases. Additional development may/may not be required for other scenarios. - For vLBS Use Case, the following steps are required to setup the service instance: - - Create a Service Instance via VID. + - Create a Service Instance via VID. - Create a VNF Instance via VID. - Preload SDNC with topology data used for the actual VNF instantiation (both base and DNS scaling modules). NOTE: you may want to set "vlb_name_0" in the base VF module data to something unique. This is the vLB server name that DCAE will pass to Policy during closed loop. If the same name is used multiple times, the Policy name-query to AAI will show multiple entries, one for each occurrence of that vLB VM name in the OpenStack zone. Note that this is not a limitation, typically server names in a domain are supposed to be unique. - Instantiate the base VF module (vLB, vPacketGen, and one vDNS) via VID. NOTE: The name of the VF module MUST start with ``Vfmodule_``. The same name MUST appear in the SDNC preload of the base VF module topology. We'll relax this naming requirement for Beijing Release. @@ -968,22 +1036,22 @@ The Amsterdam release continued evolving the design driven architecture of and f .. note .. CHANGE HISTORY -.. 09/19/2019 - Updated for El Alto Release. -.. 05/16/2019 - Updated for Dublin Release. +.. 09/19/2019 - Updated for El Alto Release. +.. 05/16/2019 - Updated for Dublin Release. .. 01/17/2019 - Updated for Casablanca Maintenance Release. .. 11/19/2018 - Updated for Casablanca. Also, fixed bugs is a list of bugs where the "Affected Version" is Beijing. -.. Changed version number to use ONAP versions. +.. Changed version number to use ONAP versions. .. 10/08/2018 - Initial document for Casablanca release. -.. 05/29/2018 - Information for Beijing release. +.. 05/29/2018 - Information for Beijing release. .. 03/22/2018 - Initial document for Beijing release. .. 01/15/2018 - Added change for version 1.1.3 to the Amsterdam branch. Also corrected prior version (1.2.0) to (1.1.1) -.. Also, Set up initial information for Beijing. -.. Excluded POLICY-454 from bug list since it doesn't apply to Beijing per Jorge. +.. Also, Set up initial information for Beijing. +.. Excluded POLICY-454 from bug list since it doesn't apply to Beijing per Jorge. End of Release Notes .. How to notes for SS -.. For initial document: list epic and user stories for each, list user stories with no epics. -.. For Bugs section, list bugs where Affected Version is a prior release (Casablanca, Beijing etc), Fixed Version is the current release (Dublin), Resolution is done. -.. For Known issues, list bugs that are slotted for a future release. +.. For initial document: list epic and user stories for each, list user stories with no epics. +.. For Bugs section, list bugs where Affected Version is a prior release (Casablanca, Beijing etc), Fixed Version is the current release (Dublin), Resolution is done. +.. For Known issues, list bugs that are slotted for a future release. diff --git a/docs/xacml/decision.match.request.json b/docs/xacml/decision.match.request.json new file mode 100644 index 00000000..72ddc317 --- /dev/null +++ b/docs/xacml/decision.match.request.json @@ -0,0 +1,10 @@ +{ + "ONAPName": "my-ONAP", + "ONAPComponent": "my-component", + "ONAPInstance": "my-instance", + "requestId": "unique-request-1", + "action": "match", + "resource": { + "matchable": "foo" + } +}
\ No newline at end of file diff --git a/docs/xacml/decision.match.response.json b/docs/xacml/decision.match.response.json new file mode 100644 index 00000000..0f9e465a --- /dev/null +++ b/docs/xacml/decision.match.response.json @@ -0,0 +1,18 @@ +{ + "policies": { + "test_match_1": { + "type": "onap.policies.match.Test", + "type_version": "1.0.0", + "properties": { + "matchable": "foo", + "nonmatchable": "value1" + }, + "name": "test_match_1", + "version": "1.0.0", + "metadata": { + "policy-id": "test_match_1", + "policy-version": "1.0.0" + } + } + } +}
\ No newline at end of file diff --git a/docs/xacml/decision.monitoring.json b/docs/xacml/decision.monitoring.json index 4442f6f0..da253f13 100644 --- a/docs/xacml/decision.monitoring.json +++ b/docs/xacml/decision.monitoring.json @@ -4,6 +4,6 @@ "ONAPInstance": "622431a4-9dea-4eae-b443-3b2164639c64", "action": "configure", "resource": { - "policy-type": "onap.policies.monitoring.cdap.tca.hi.lo.app" + "policy-type": "onap.policies.monitoring.tcagen2" } } diff --git a/docs/xacml/example.guard.blacklist.yaml b/docs/xacml/example.guard.blacklist.yaml new file mode 100644 index 00000000..d8499571 --- /dev/null +++ b/docs/xacml/example.guard.blacklist.yaml @@ -0,0 +1,17 @@ +tosca_definitions_version: tosca_simple_yaml_1_1_0 +topology_template: + policies: + - guard.blacklist.scaleout: + type: onap.policies.controlloop.guard.common.Blacklist + type_version: 1.0.0 + version: 1.0.0 + name: guard.blacklist.scaleout + metadata: + policy-id: guard.blacklist.scaleout + properties: + actor: APPC + operation: Restart + id: my-controlloop + blacklist: + - vnf-id-1 + - vnf-id-2
\ No newline at end of file diff --git a/docs/xacml/example.guard.filter.yaml b/docs/xacml/example.guard.filter.yaml new file mode 100644 index 00000000..261ffbee --- /dev/null +++ b/docs/xacml/example.guard.filter.yaml @@ -0,0 +1,39 @@ +tosca_definitions_version: tosca_simple_yaml_1_1_0 +topology_template: + policies: + - filter.block.region.allow.one.vnf: + description: Block this region from Control Loop actions, but allow a specific vnf. + type: onap.policies.controlloop.guard.common.Filter + type_version: 1.0.0 + version: 1.0.0 + properties: + actor: SO + operation: VF Module Create + algorithm: whitelist-overrides + filters: + - field: cloud-region.cloud-region-id + filter: RegionOne + function: string-equal + blacklist: true + - field: generic-vnf.vnf-id + filter: e6130d03-56f1-4b0a-9a1d-e1b2ebc30e0e + function: string-equal + blacklist: false + - filter.allow.region.block.one.vnf: + description: allow this region to do Control Loop actions, but block a specific vnf. + type: onap.policies.controlloop.guard.common.Filter + type_version: 1.0.0 + version: 1.0.0 + properties: + actor: SO + operation: VF Module Create + algorithm: blacklist-overrides + filters: + - field: cloud-region.cloud-region-id + filter: RegionTwo + function: string-equal + blacklist: false + - field: generic-vnf.vnf-id + filter: f17face5-69cb-4c88-9e0b-7426db7edddd + function: string-equal + blacklist: true
\ No newline at end of file diff --git a/docs/xacml/example.guard.limiter.yaml b/docs/xacml/example.guard.limiter.yaml new file mode 100644 index 00000000..703be4f7 --- /dev/null +++ b/docs/xacml/example.guard.limiter.yaml @@ -0,0 +1,19 @@ +tosca_definitions_version: tosca_simple_yaml_1_1_0 +topology_template: + policies: + - + guard.frequency.scaleout: + type: onap.policies.controlloop.guard.common.FrequencyLimiter + type_version: 1.0.0 + version: 1.0.0 + name: guard.frequency.scaleout + description: Here we limit the number of Restarts for my-controlloop to 3 in a ten minute period. + metadata: + policy-id : guard.frequency.scaleout + properties: + actor: APPC + operation: Restart + id: my-controlloop + timeWindow: 10 + timeUnits: minute + limit: 3
\ No newline at end of file diff --git a/docs/xacml/example.guard.minmax.yaml b/docs/xacml/example.guard.minmax.yaml new file mode 100644 index 00000000..5411378a --- /dev/null +++ b/docs/xacml/example.guard.minmax.yaml @@ -0,0 +1,17 @@ +tosca_definitions_version: tosca_simple_yaml_1_1_0 +topology_template: + policies: + - guard.minmax.scaleout: + type: onap.policies.controlloop.guard.common.MinMax + type_version: 1.0.0 + version: 1.0.0 + name: guard.minmax.scaleout + metadata: + policy-id: guard.minmax.scaleout + properties: + actor: SO + operation: VF Module Create + id: my-controlloop + target: the-vfmodule-id + min: 1 + max: 2
\ No newline at end of file diff --git a/docs/xacml/match.policies.yaml b/docs/xacml/match.policies.yaml new file mode 100644 index 00000000..d0e214ca --- /dev/null +++ b/docs/xacml/match.policies.yaml @@ -0,0 +1,19 @@ +tosca_definitions_version: tosca_simple_yaml_1_1_0 +topology_template: + policies: + - test_match_1: + type: onap.policies.match.Test + version: 1.0.0 + type_version: 1.0.0 + name: test_match_1 + properties: + matchable: foo + nonmatchable: value1 + - test_match_2: + type: onap.policies.match.Test + version: 1.0.0 + type_version: 1.0.0 + name: test_match_2 + properties: + matchable: bar + nonmatchable: value2
\ No newline at end of file diff --git a/docs/xacml/match.policy-type.yaml b/docs/xacml/match.policy-type.yaml new file mode 100644 index 00000000..a131b844 --- /dev/null +++ b/docs/xacml/match.policy-type.yaml @@ -0,0 +1,16 @@ +tosca_definitions_version: tosca_simple_yaml_1_1_0 +policy_types: + onap.policies.match.Test: + derived_from: onap.policies.Match + version: 1.0.0 + name: onap.policies.match.Test + description: Test Matching Policy Type to test matchable policies + properties: + matchable: + type: string + metadata: + matchable: true + required: true + nonmatchable: + type: string + required: true diff --git a/docs/xacml/tutorial/PolicyApplicationTutorial.postman_collection.json b/docs/xacml/tutorial/PolicyApplicationTutorial.postman_collection.json new file mode 100644 index 00000000..23aa0eb8 --- /dev/null +++ b/docs/xacml/tutorial/PolicyApplicationTutorial.postman_collection.json @@ -0,0 +1,723 @@ +{ + "info": { + "_postman_id": "20eb42db-f0a7-4b65-8ccd-c3a5f56cb526", + "name": "Policy Application Tutorial", + "description": "Collection of Postman API calls to support the Policy Enforcement Tutorial", + "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json" + }, + "item": [ + { + "name": "Api Healthcheck", + "request": { + "auth": { + "type": "basic", + "basic": [ + { + "key": "password", + "value": "zb!XztG34", + "type": "string" + }, + { + "key": "username", + "value": "healthcheck", + "type": "string" + } + ] + }, + "method": "GET", + "header": [ + { + "key": "Content-Type", + "type": "text", + "value": "application/json" + }, + { + "key": "Accept", + "type": "text", + "value": "application/json" + } + ], + "url": { + "raw": "{{POLICY-API-URL}}/policy/api/v1/healthcheck", + "host": [ + "{{POLICY-API-URL}}" + ], + "path": [ + "policy", + "api", + "v1", + "healthcheck" + ] + } + }, + "response": [] + }, + { + "name": "Create Authorization Policy Type", + "request": { + "auth": { + "type": "basic", + "basic": [ + { + "key": "password", + "value": "zb!XztG34", + "type": "string" + }, + { + "key": "username", + "value": "healthcheck", + "type": "string" + } + ] + }, + "method": "POST", + "header": [ + { + "key": "Accept", + "type": "text", + "value": "application/yaml" + }, + { + "key": "Content-Type", + "type": "text", + "value": "application/yaml" + } + ], + "body": { + "mode": "raw", + "raw": "tosca_definitions_version: tosca_simple_yaml_1_1_0\npolicy_types:\n onap.policies.Authorization:\n derived_from: tosca.policies.Root\n version: 1.0.0\n description: Example tutorial policy type for doing user authorization\n properties:\n user:\n type: string\n required: true\n description: The unique user name\n permissions:\n type: list\n required: true\n description: A list of resource permissions\n entry_schema:\n type: onap.datatypes.Tutorial\ndata_types:\n onap.datatypes.Tutorial:\n derived_from: tosca.datatypes.Root\n version: 1.0.0\n properties:\n entity:\n type: string\n required: true\n description: The resource\n permission:\n type: string\n required: true\n description: The permission level\n constraints:\n - valid_values: [read, write, delete]\n", + "options": { + "raw": { + "language": "text" + } + } + }, + "url": { + "raw": "{{POLICY-API-URL}}/policy/api/v1/policytypes", + "host": [ + "{{POLICY-API-URL}}" + ], + "path": [ + "policy", + "api", + "v1", + "policytypes" + ] + } + }, + "response": [] + }, + { + "name": "Create policies", + "request": { + "auth": { + "type": "basic", + "basic": [ + { + "key": "password", + "value": "zb!XztG34", + "type": "string" + }, + { + "key": "username", + "value": "healthcheck", + "type": "string" + } + ] + }, + "method": "POST", + "header": [ + { + "key": "Accept", + "type": "text", + "value": "application/yaml" + }, + { + "key": "Content-Type", + "type": "text", + "value": "application/yaml" + } + ], + "body": { + "mode": "raw", + "raw": "tosca_definitions_version: tosca_simple_yaml_1_1_0\ntopology_template:\n policies:\n -\n onap.policy.tutorial.demo:\n type: onap.policies.Authorization\n type_version: 1.0.0\n version: 1.0.0\n metadata:\n policy-id: onap.policy.tutorial.demo\n policy-version: 1\n properties:\n user: demo\n permissions:\n -\n entity: foo\n permission: read\n -\n entity: foo\n permission: write\n -\n onap.policy.tutorial.audit:\n type: onap.policies.Authorization\n version: 1.0.0\n type_version: 1.0.0\n metadata:\n policy-id: onap.policy.tutorial.bar\n policy-version: 1\n properties:\n user: audit\n permissions:\n -\n entity: foo\n permission: read\n", + "options": { + "raw": { + "language": "text" + } + } + }, + "url": { + "raw": "{{POLICY-API-URL}}/policy/api/v1/policytypes/onap.policies.Authorization/versions/1.0.0/policies", + "host": [ + "{{POLICY-API-URL}}" + ], + "path": [ + "policy", + "api", + "v1", + "policytypes", + "onap.policies.Authorization", + "versions", + "1.0.0", + "policies" + ] + } + }, + "response": [] + }, + { + "name": "PAP Healthcheck", + "request": { + "auth": { + "type": "basic", + "basic": [ + { + "key": "password", + "value": "zb!XztG34", + "type": "string" + }, + { + "key": "username", + "value": "healthcheck", + "type": "string" + } + ] + }, + "method": "GET", + "header": [ + { + "key": "Content-Type", + "type": "text", + "value": "application/json" + }, + { + "key": "Accept", + "type": "text", + "value": "application/json" + } + ], + "url": { + "raw": "{{POLICY-PAP-URL}}/policy/pap/v1/healthcheck", + "host": [ + "{{POLICY-PAP-URL}}" + ], + "path": [ + "policy", + "pap", + "v1", + "healthcheck" + ] + } + }, + "response": [] + }, + { + "name": "PAP Get PDPs", + "request": { + "auth": { + "type": "basic", + "basic": [ + { + "key": "password", + "value": "zb!XztG34", + "type": "string" + }, + { + "key": "username", + "value": "healthcheck", + "type": "string" + } + ] + }, + "method": "GET", + "header": [ + { + "key": "Accept", + "type": "text", + "value": "application/json" + }, + { + "key": "Content-Type", + "type": "text", + "value": "application/json" + } + ], + "url": { + "raw": "{{POLICY-PAP-URL}}/policy/pap/v1/pdps", + "host": [ + "{{POLICY-PAP-URL}}" + ], + "path": [ + "policy", + "pap", + "v1", + "pdps" + ] + } + }, + "response": [] + }, + { + "name": "PdpGroup State Change PASSIVE", + "request": { + "auth": { + "type": "basic", + "basic": [ + { + "key": "password", + "value": "zb!XztG34", + "type": "string" + }, + { + "key": "username", + "value": "healthcheck", + "type": "string" + } + ] + }, + "method": "PUT", + "header": [ + { + "key": "Content-Type", + "value": "application/json", + "type": "text" + }, + { + "key": "Accept", + "value": "application/json", + "type": "text" + } + ], + "url": { + "raw": "{{POLICY-PAP-URL}}/policy/pap/v1/pdps/groups/defaultGroup?state=PASSIVE", + "host": [ + "{{POLICY-PAP-URL}}" + ], + "path": [ + "policy", + "pap", + "v1", + "pdps", + "groups", + "defaultGroup" + ], + "query": [ + { + "key": "state", + "value": "PASSIVE" + } + ] + }, + "description": "This is an API to change the current state of a PdpGroup (example - \"defaultGroup\") resulting in changing state of all the PDP instances registered with the PdpGroup. As of now, the allowed states are ACTIVE and PASSIVE." + }, + "response": [] + }, + { + "name": "Delete PdpGroup", + "request": { + "auth": { + "type": "basic", + "basic": [ + { + "key": "password", + "value": "zb!XztG34", + "type": "string" + }, + { + "key": "username", + "value": "healthcheck", + "type": "string" + } + ] + }, + "method": "DELETE", + "header": [ + { + "key": "Accept", + "type": "text", + "value": "application/json" + }, + { + "key": "Content-Type", + "type": "text", + "value": "application/json" + } + ], + "url": { + "raw": "{{POLICY-PAP-URL}}/policy/pap/v1/pdps/groups/defaultGroup", + "host": [ + "{{POLICY-PAP-URL}}" + ], + "path": [ + "policy", + "pap", + "v1", + "pdps", + "groups", + "defaultGroup" + ] + }, + "description": "This is an API to delete a specific PdpGroup (example - \"SampleGroup\") currently available in Policy DB, resulting in removing all the PDP instances registered with the group." + }, + "response": [] + }, + { + "name": "Create/Update PdpGroup", + "request": { + "auth": { + "type": "basic", + "basic": [ + { + "key": "password", + "value": "zb!XztG34", + "type": "string" + }, + { + "key": "username", + "value": "healthcheck", + "type": "string" + } + ] + }, + "method": "POST", + "header": [ + { + "key": "Content-Type", + "type": "text", + "value": "application/json" + }, + { + "key": "Accept", + "type": "text", + "value": "application/json" + } + ], + "body": { + "mode": "raw", + "raw": "{\n \"groups\": [\n {\n \"name\": \"defaultGroup\",\n \"pdpGroupState\": \"ACTIVE\",\n \"properties\": {},\n \"pdpSubgroups\": [\n {\n \"pdpType\": \"xacml\",\n \"desiredInstanceCount\": 1,\n \"properties\": {},\n \"supportedPolicyTypes\": [\n {\n \"name\": \"onap.policies.Authorization\",\n \"version\": \"1.0.0\"\n }\n ],\n \"policies\": []\n }\n ]\n }\n ]\n}" + }, + "url": { + "raw": "{{POLICY-PAP-URL}}/policy/pap/v1/pdps/groups/batch", + "host": [ + "{{POLICY-PAP-URL}}" + ], + "path": [ + "policy", + "pap", + "v1", + "pdps", + "groups", + "batch" + ] + }, + "description": "This is a generic API to create/update PdpGroups in Policy DB. However, the supportedPolicyTypes field of PdpSubGroup cannot be changed once created." + }, + "response": [] + }, + { + "name": "Simple Deploy Policy - onap.policy.tutorial.demo", + "request": { + "auth": { + "type": "basic", + "basic": [ + { + "key": "password", + "value": "zb!XztG34", + "type": "string" + }, + { + "key": "username", + "value": "healthcheck", + "type": "string" + } + ] + }, + "method": "POST", + "header": [ + { + "key": "Content-Type", + "type": "text", + "value": "application/json" + }, + { + "key": "Accept", + "type": "text", + "value": "application/json" + } + ], + "body": { + "mode": "raw", + "raw": "{\r\n \"policies\" : [\r\n {\r\n \"policy-id\": \"onap.policy.tutorial.demo\",\r\n \"policy-version\": \"1.0.0\"\r\n },\r\n {\r\n \"policy-id\": \"onap.policy.tutorial.audit\",\r\n \"policy-version\": \"1.0.0\"\r\n }\r\n ]\r\n}" + }, + "url": { + "raw": "{{POLICY-PAP-URL}}/policy/pap/v1/pdps/policies", + "host": [ + "{{POLICY-PAP-URL}}" + ], + "path": [ + "policy", + "pap", + "v1", + "pdps", + "policies" + ] + } + }, + "response": [] + }, + { + "name": "Dmaap Simulator - Policy Update Notification", + "protocolProfileBehavior": { + "disableBodyPruning": true + }, + "request": { + "auth": { + "type": "noauth" + }, + "method": "GET", + "header": [ + { + "key": "Content-Type", + "type": "text", + "value": "application/json" + }, + { + "key": "Accept", + "type": "text", + "value": "application/json" + } + ], + "body": { + "mode": "raw", + "raw": "" + }, + "url": { + "raw": "{{DMAAP-URL}}/events/POLICY-NOTIFICATION/group/id?timeout=5000", + "host": [ + "{{DMAAP-URL}}" + ], + "path": [ + "events", + "POLICY-NOTIFICATION", + "group", + "id" + ], + "query": [ + { + "key": "timeout", + "value": "5000" + } + ] + } + }, + "response": [] + }, + { + "name": "Xacml Healthcheck", + "request": { + "auth": { + "type": "basic", + "basic": [ + { + "key": "password", + "value": "zb!XztG34", + "type": "string" + }, + { + "key": "username", + "value": "healthcheck", + "type": "string" + } + ] + }, + "method": "GET", + "header": [ + { + "key": "Content-Type", + "type": "text", + "value": "application/json" + }, + { + "key": "Accept", + "type": "text", + "value": "application/json" + } + ], + "url": { + "raw": "{{POLICY-XACML-URL}}/policy/pdpx/v1/healthcheck", + "host": [ + "{{POLICY-XACML-URL}}" + ], + "path": [ + "policy", + "pdpx", + "v1", + "healthcheck" + ] + } + }, + "response": [] + }, + { + "name": "Xacml Statistics", + "request": { + "auth": { + "type": "basic", + "basic": [ + { + "key": "password", + "value": "zb!XztG34", + "type": "string" + }, + { + "key": "username", + "value": "healthcheck", + "type": "string" + } + ] + }, + "method": "GET", + "header": [ + { + "key": "Content-Type", + "type": "text", + "value": "application/json" + }, + { + "key": "Accept", + "type": "text", + "value": "application/json" + } + ], + "url": { + "raw": "{{POLICY-XACML-URL}}/policy/pdpx/v1/statistics", + "host": [ + "{{POLICY-XACML-URL}}" + ], + "path": [ + "policy", + "pdpx", + "v1", + "statistics" + ] + } + }, + "response": [] + }, + { + "name": "Xacml Decision - Authorization policy-type", + "request": { + "auth": { + "type": "basic", + "basic": [ + { + "key": "password", + "value": "zb!XztG34", + "type": "string" + }, + { + "key": "username", + "value": "healthcheck", + "type": "string" + } + ] + }, + "method": "POST", + "header": [ + { + "key": "Content-Type", + "type": "text", + "value": "application/json" + }, + { + "key": "Accept", + "type": "text", + "value": "application/json" + } + ], + "body": { + "mode": "raw", + "raw": "{\n \"ONAPName\": \"TutorialPEP\",\n \"ONAPComponent\": \"TutorialPEPComponent\",\n \"ONAPInstance\": \"TutorialPEPInstance\",\n \"requestId\": \"unique-request-id-tutorial\",\n \"action\": \"authorize\",\n \"resource\": {\n \"user\": \"audit\",\n \"entity\": \"foo\",\n \"permission\" : \"read\"\n }\n}" + }, + "url": { + "raw": "{{POLICY-XACML-URL}}/policy/pdpx/v1/decision", + "host": [ + "{{POLICY-XACML-URL}}" + ], + "path": [ + "policy", + "pdpx", + "v1", + "decision" + ] + } + }, + "response": [] + }, + { + "name": "Simple Undeploy Policy", + "request": { + "auth": { + "type": "basic", + "basic": [ + { + "key": "password", + "value": "zb!XztG34", + "type": "string" + }, + { + "key": "username", + "value": "healthcheck", + "type": "string" + } + ] + }, + "method": "DELETE", + "header": [ + { + "key": "Accept", + "value": "application/json", + "type": "text" + }, + { + "key": "Content-Type", + "value": "application/json", + "type": "text" + } + ], + "url": { + "raw": "{{POLICY-PAP-URL}}/policy/pap/v1/pdps/policies/onap.policy.tutorial.demo", + "host": [ + "{{POLICY-PAP-URL}}" + ], + "path": [ + "policy", + "pap", + "v1", + "pdps", + "policies", + "onap.policy.tutorial.demo" + ] + } + }, + "response": [] + } + ], + "auth": { + "type": "basic", + "basic": [ + { + "key": "password", + "value": "", + "type": "string" + }, + { + "key": "username", + "value": "", + "type": "string" + } + ] + }, + "protocolProfileBehavior": {} +}
\ No newline at end of file diff --git a/docs/xacml/tutorial/app/pom.xml b/docs/xacml/tutorial/app/pom.xml index bf8683a5..380ee512 100644 --- a/docs/xacml/tutorial/app/pom.xml +++ b/docs/xacml/tutorial/app/pom.xml @@ -1,29 +1,106 @@ +<!-- + ============LICENSE_START======================================================= + ONAP Policy Engine - XACML Application Tutorial + ================================================================================ + Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. + ================================================================================ + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + ============LICENSE_END========================================================= + --> + <project xmlns="http://maven.apache.org/POM/4.0.0" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> - <modelVersion>4.0.0</modelVersion> - - <groupId>org.onap.policy.tutorial</groupId> - <artifactId>tutorial</artifactId> - <version>0.0.1-SNAPSHOT</version> - - <name>tutorial</name> - - <properties> - <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> - </properties> - - <dependencies> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <version>4.12</version> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.onap.policy.xacml-pdp.applications</groupId> - <artifactId>common</artifactId> - <version>2.1.0-SNAPSHOT</version> - </dependency> - </dependencies> + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> + <modelVersion>4.0.0</modelVersion> + + <groupId>org.onap.policy.tutorial</groupId> + <artifactId>tutorial</artifactId> + <version>0.0.1-SNAPSHOT</version> + <packaging>jar</packaging> + + <name>tutorial</name> + + <properties> + <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> + </properties> + + <dependencies> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <version>4.13</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.onap.policy.xacml-pdp.applications</groupId> + <artifactId>common</artifactId> + <version>2.2.2</version> + </dependency> + <dependency> + <groupId>org.onap.policy.xacml-pdp</groupId> + <artifactId>xacml-test</artifactId> + <version>2.2.2</version> + <scope>test</scope> + </dependency> + </dependencies> + + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-compiler-plugin</artifactId> + <version>3.8.0</version> + <configuration> + <release>11</release> + </configuration> + </plugin> + <plugin> + <groupId>io.fabric8</groupId> + <artifactId>docker-maven-plugin</artifactId> + <version>0.33.0</version> + <configuration> + <verbose>true</verbose> + <images> + <image> + <name>onap/policy-xacml-tutorial</name> + <alias>xacml-pdp</alias> + <build> + <contextDir>${project.basedir}/src/main/docker</contextDir> + <assembly> + <descriptorRef>artifact-with-dependencies</descriptorRef> + </assembly> + </build> + </image> + </images> + </configuration> + <executions> + <execution> + <id>clean-images</id> + <phase>pre-clean</phase> + <goals> + <goal>remove</goal> + </goals> + </execution> + + <execution> + <id>generate-images</id> + <phase>package</phase> + <goals> + <goal>build</goal> + </goals> + </execution> + </executions> + </plugin> + </plugins> + </build> </project> diff --git a/docs/xacml/tutorial/app/src/main/docker/Dockerfile b/docs/xacml/tutorial/app/src/main/docker/Dockerfile new file mode 100644 index 00000000..639e94fb --- /dev/null +++ b/docs/xacml/tutorial/app/src/main/docker/Dockerfile @@ -0,0 +1,7 @@ +FROM onap/policy-xacml-pdp:2.2.2 + +ADD maven/${project.build.finalName}.jar /opt/app/policy/pdpx/lib/${project.build.finalName}.jar + +RUN mkdir -p /opt/app/policy/pdpx/apps/tutorial + +COPY --chown=policy:policy xacml.properties /opt/app/policy/pdpx/apps/tutorial
\ No newline at end of file diff --git a/docs/xacml/tutorial/app/src/main/docker/README.txt b/docs/xacml/tutorial/app/src/main/docker/README.txt new file mode 100644 index 00000000..a29a44b2 --- /dev/null +++ b/docs/xacml/tutorial/app/src/main/docker/README.txt @@ -0,0 +1,36 @@ +docker-compose -f docker-compose.yml run --rm start_dependencies + +docker-compose -f docker-compose.yml run --rm start_all + + +curl -X POST http://0.0.0.0:3904/events/POLICY-PDP-PAP + +Should return JSON similar to this: +{"serverTimeMs":0,"count":0} + + +curl -k -u 'healthcheck:zb!XztG34' 'https://0.0.0.0:6969/policy/pdpx/v1/healthcheck' + +Should return JSON similar to this: +{"name":"Policy Xacml PDP","url":"self","healthy":true,"code":200,"message":"alive"} + + +curl -k -u 'healthcheck:zb!XztG34' 'https://0.0.0.0:6767/policy/api/v1/healthcheck' +Should return JSON similar to this: +{ + "name": "Policy API", + "url": "policy-api", + "healthy": true, + "code": 200, + "message": "alive" +} + +curl -k -u 'healthcheck:zb!XztG34' 'https://0.0.0.0:6868/policy/pap/v1/healthcheck' +Should return JSON similar to this: +{ + "name": "Policy PAP", + "url": "policy-pap", + "healthy": true, + "code": 200, + "message": "alive" +}
\ No newline at end of file diff --git a/docs/xacml/tutorial/app/src/main/docker/config/db/db.conf b/docs/xacml/tutorial/app/src/main/docker/config/db/db.conf new file mode 100644 index 00000000..42f35844 --- /dev/null +++ b/docs/xacml/tutorial/app/src/main/docker/config/db/db.conf @@ -0,0 +1,20 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +MYSQL_ROOT_PASSWORD=secret +MYSQL_USER=policy_user +MYSQL_PASSWORD=policy_user
\ No newline at end of file diff --git a/docs/xacml/tutorial/app/src/main/docker/config/db/db.sh b/docs/xacml/tutorial/app/src/main/docker/config/db/db.sh new file mode 100644 index 00000000..499764df --- /dev/null +++ b/docs/xacml/tutorial/app/src/main/docker/config/db/db.sh @@ -0,0 +1,26 @@ +#!/bin/bash -xv +# ============LICENSE_START======================================================= +# Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +for db in policyadmin operationshistory +do + mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "CREATE DATABASE IF NOT EXISTS ${db};" + mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "GRANT ALL PRIVILEGES ON \`${db}\`.* TO '${MYSQL_USER}'@'%' ;" +done + +mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "FLUSH PRIVILEGES;" diff --git a/docs/xacml/tutorial/app/src/main/docker/docker-compose.yml b/docs/xacml/tutorial/app/src/main/docker/docker-compose.yml new file mode 100644 index 00000000..b65098c1 --- /dev/null +++ b/docs/xacml/tutorial/app/src/main/docker/docker-compose.yml @@ -0,0 +1,102 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +version: '2' +services: + mariadb: + image: mariadb:10.2.14 + container_name: mariadb + hostname: mariadb + command: ['--lower-case-table-names=1', '--wait_timeout=28800'] + env_file: config/db/db.conf + volumes: + - ./config/db:/docker-entrypoint-initdb.d + expose: + - 3306 + message-router: + image: dmaap/simulator + container_name: dmaap-simulator + hostname: dmaap-simulator + ports: + - "3904:3904" + expose: + - 3904 + api: + image: nexus3.onap.org:10001/onap/policy-api:2.2.4 + container_name: policy-api + depends_on: + - mariadb + hostname: policy-api + ports: + - "6767:6969" + expose: + - 6767 + pap: + image: nexus3.onap.org:10001/onap/policy-pap:2.2.3 + container_name: policy-pap + depends_on: + - mariadb + - message-router + - api + hostname: policy-pap + ports: + - "6868:6969" + expose: + - 6868 + xacml-pdp: + image: onap/policy-xacml-tutorial + container_name: policy-xacml-pdp + depends_on: + - mariadb + - message-router + - api + - pap + hostname: policy-xacml-pdp + ports: + - "6969:6969" + expose: + - 6969 + start_dependencies: + image: dadarek/wait-for-dependencies + environment: + TIMEOUT_LENGTH: 60 + container_name: policy-wait + depends_on: + - mariadb + - message-router + hostname: policy-wait + command: + mariadb:3306 + message-router:3904 + start_all: + image: dadarek/wait-for-dependencies + environment: + TIMEOUT_LENGTH: 60 + container_name: policy-wait-all + depends_on: + - mariadb + - message-router + - api + - pap + - xacml-pdp + hostname: policy-wait-all + command: + mariadb:3306 + message-router:3904 + api:6969 + pap:6969 + xacml-pdp:6969 diff --git a/docs/xacml/tutorial/tutorial-xacml.properties b/docs/xacml/tutorial/app/src/main/docker/xacml.properties index e10ad63f..277b098e 100644 --- a/docs/xacml/tutorial/tutorial-xacml.properties +++ b/docs/xacml/tutorial/app/src/main/docker/xacml.properties @@ -28,4 +28,4 @@ xacml.att.policyFinderFactory.combineRootPolicies=urn:oasis:names:tc:xacml:3.0:p # Policies to load # xacml.rootPolicies= -xacml.referencedPolicies= +xacml.referencedPolicies=
\ No newline at end of file diff --git a/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialApplication.java b/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialApplication.java index 24e84049..5727f1c1 100644 --- a/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialApplication.java +++ b/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialApplication.java @@ -1,3 +1,21 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + package org.onap.policy.tutorial.tutorial; import java.util.Arrays; @@ -8,7 +26,7 @@ import org.onap.policy.pdp.xacml.application.common.std.StdXacmlApplicationServi public class TutorialApplication extends StdXacmlApplicationServiceProvider { - private final ToscaPolicyTypeIdentifier supportedPolicyType = new ToscaPolicyTypeIdentifier(); + private final ToscaPolicyTypeIdentifier supportedPolicyType = new ToscaPolicyTypeIdentifier("onap.policies.Authorization", "1.0.0"); private final TutorialTranslator translator = new TutorialTranslator(); @Override diff --git a/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialRequest.java b/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialRequest.java index 1f890314..31aace69 100644 --- a/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialRequest.java +++ b/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialRequest.java @@ -1,3 +1,21 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + package org.onap.policy.tutorial.tutorial; import java.util.Map; diff --git a/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialTranslator.java b/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialTranslator.java index 80f0c68c..600c6214 100644 --- a/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialTranslator.java +++ b/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialTranslator.java @@ -1,3 +1,21 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + package org.onap.policy.tutorial.tutorial; import java.util.List; @@ -30,8 +48,9 @@ public class TutorialTranslator implements ToscaPolicyTranslator { private static final Identifier ID_TUTORIAL_USER = new IdentifierImpl(ToscaDictionary.ID_URN_ONAP, "tutorial-user"); private static final Identifier ID_TUTORIAL_ENTITY = new IdentifierImpl(ToscaDictionary.ID_URN_ONAP, "tutorial-entity"); - private static final Identifier ID_TUTORIAL_PERM = new IdentifierImpl(ToscaDictionary.ID_URN_ONAP, "tutorial-perm"); + private static final Identifier ID_TUTORIAL_PERM = new IdentifierImpl(ToscaDictionary.ID_URN_ONAP, "tutorial-permission"); + @SuppressWarnings("unchecked") public PolicyType convertPolicy(ToscaPolicy toscaPolicy) throws ToscaPolicyConversionException { // // Here is our policy with a version and default combining algo @@ -55,7 +74,7 @@ public class TutorialTranslator implements ToscaPolicyTranslator { // For simplicity, let's just match on the action "authorize" and the user // MatchType matchAction = ToscaPolicyTranslatorUtils.buildMatchTypeDesignator(XACML3.ID_FUNCTION_STRING_EQUAL, - "authorize", XACML3.ID_DATATYPE_STRING, XACML3.ID_ACTION, XACML3.ID_ATTRIBUTE_CATEGORY_ACTION); + "authorize", XACML3.ID_DATATYPE_STRING, XACML3.ID_ACTION_ACTION_ID, XACML3.ID_ATTRIBUTE_CATEGORY_ACTION); Map<String, Object> props = toscaPolicy.getProperties(); String user = props.get("user").toString(); MatchType matchUser = ToscaPolicyTranslatorUtils.buildMatchTypeDesignator(XACML3.ID_FUNCTION_STRING_EQUAL, user, @@ -64,14 +83,14 @@ public class TutorialTranslator implements ToscaPolicyTranslator { // // Create AllOf (AND) of just Policy Id // - anyOf.getAllOf().add(ToscaPolicyTranslatorUtils.buildAllOf(matchAction)); - anyOf.getAllOf().add(ToscaPolicyTranslatorUtils.buildAllOf(matchUser)); + anyOf.getAllOf().add(ToscaPolicyTranslatorUtils.buildAllOf(matchAction, matchUser)); TargetType target = new TargetType(); target.getAnyOf().add(anyOf); newPolicyType.setTarget(target); // // Now add the rule for each permission // + int ruleNumber = 0; List<Object> permissions = (List<Object>) props.get("permissions"); for (Object permission : permissions) { @@ -83,18 +102,20 @@ public class TutorialTranslator implements ToscaPolicyTranslator { XACML3.ID_FUNCTION_STRING_EQUAL, ((Map<String, String>) permission).get("permission"), XACML3.ID_DATATYPE_STRING, ID_TUTORIAL_PERM, XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE); anyOf = new AnyOfType(); - anyOf.getAllOf().add(ToscaPolicyTranslatorUtils.buildAllOf(matchEntity)); - anyOf.getAllOf().add(ToscaPolicyTranslatorUtils.buildAllOf(matchPermission)); + anyOf.getAllOf().add(ToscaPolicyTranslatorUtils.buildAllOf(matchEntity, matchPermission)); target = new TargetType(); target.getAnyOf().add(anyOf); RuleType rule = new RuleType(); rule.setDescription("Default is to PERMIT if the policy matches."); - rule.setRuleId(newPolicyType.getPolicyId() + ":rule"); + rule.setRuleId(newPolicyType.getPolicyId() + ":rule" + ruleNumber); + rule.setEffect(EffectType.PERMIT); rule.setTarget(target); newPolicyType.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition().add(rule); + + ruleNumber++; } return newPolicyType; } @@ -121,19 +142,12 @@ public class TutorialTranslator implements ToscaPolicyTranslator { // Just simply return a Permit response // decisionResponse.setStatus(Decision.PERMIT.toString()); - } - if (xacmlResult.getDecision() == Decision.DENY) { + } else { // // Just simply return a Deny response // decisionResponse.setStatus(Decision.DENY.toString()); } - if (xacmlResult.getDecision() == Decision.NOTAPPLICABLE) { - // - // There is no guard policy, so we return a permit - // - decisionResponse.setStatus(Decision.PERMIT.toString()); - } } return decisionResponse; diff --git a/docs/xacml/tutorial/app/src/test/java/org/onap/policy/tutorial/tutorial/TutorialApplicationTest.java b/docs/xacml/tutorial/app/src/test/java/org/onap/policy/tutorial/tutorial/TutorialApplicationTest.java index 7a1c2f94..d20c1b38 100644 --- a/docs/xacml/tutorial/app/src/test/java/org/onap/policy/tutorial/tutorial/TutorialApplicationTest.java +++ b/docs/xacml/tutorial/app/src/test/java/org/onap/policy/tutorial/tutorial/TutorialApplicationTest.java @@ -1,9 +1,28 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + package org.onap.policy.tutorial.tutorial; +import static org.junit.Assert.assertEquals; + import java.io.File; import java.io.IOException; import java.util.Iterator; -import java.util.List; import java.util.Properties; import java.util.ServiceLoader; @@ -12,16 +31,16 @@ import org.junit.BeforeClass; import org.junit.ClassRule; import org.junit.Test; import org.junit.rules.TemporaryFolder; +import org.onap.policy.common.endpoints.parameters.RestServerParameters; import org.onap.policy.common.utils.coder.CoderException; import org.onap.policy.common.utils.coder.StandardCoder; import org.onap.policy.common.utils.resources.TextFileUtils; import org.onap.policy.models.decisions.concepts.DecisionRequest; import org.onap.policy.models.decisions.concepts.DecisionResponse; -import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicy; -import org.onap.policy.pdp.xacml.application.common.TestUtils; import org.onap.policy.pdp.xacml.application.common.XacmlApplicationException; import org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider; import org.onap.policy.pdp.xacml.application.common.XacmlPolicyUtils; +import org.onap.policy.pdp.xacml.xacmltest.TestUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -67,9 +86,9 @@ public class TutorialApplicationTest { // Tell the application to initialize based on the properties file // we just built for it. // - service.initialize(propertiesFile.toPath().getParent()); - } - + service.initialize(propertiesFile.toPath().getParent(), new RestServerParameters()); + } + @Test public void test() throws CoderException, XacmlApplicationException, IOException { // @@ -83,11 +102,19 @@ public class TutorialApplicationTest { TextFileUtils .getTextFileAsString("src/test/resources/tutorial-decision-request.json"), DecisionRequest.class); - // - // Test a decision // - Pair<DecisionResponse, Response> decision = service.makeDecision(decisionRequest); + // Test a decision - should start with a permit + // + Pair<DecisionResponse, Response> decision = service.makeDecision(decisionRequest, null); + LOGGER.info(decision.getLeft().toString()); + assertEquals("Permit", decision.getLeft().getStatus()); + // + // This should be a deny + // + decisionRequest.getResource().put("user", "audit"); + decision = service.makeDecision(decisionRequest, null); LOGGER.info(decision.getLeft().toString()); + assertEquals("Deny", decision.getLeft().getStatus()); } } diff --git a/docs/xacml/tutorial/app/src/test/resources/tutorial-decision-request.json b/docs/xacml/tutorial/app/src/test/resources/tutorial-decision-request.json index 8c1ec10c..f3a7f9a2 100644 --- a/docs/xacml/tutorial/app/src/test/resources/tutorial-decision-request.json +++ b/docs/xacml/tutorial/app/src/test/resources/tutorial-decision-request.json @@ -7,6 +7,6 @@ "resource": { "user": "demo", "entity": "foo", - "permission" : "read" + "permission" : "write" } } diff --git a/docs/xacml/tutorial/app/src/test/resources/tutorial-policies.yaml b/docs/xacml/tutorial/app/src/test/resources/tutorial-policies.yaml index 90a1f9ed..fa353653 100644 --- a/docs/xacml/tutorial/app/src/test/resources/tutorial-policies.yaml +++ b/docs/xacml/tutorial/app/src/test/resources/tutorial-policies.yaml @@ -1,9 +1,10 @@ -tosca_definitions_version: tosca_simple_yaml_1_0_0 +tosca_definitions_version: tosca_simple_yaml_1_1_0 topology_template: policies: - onap.policy.tutorial.demo: type: onap.policies.Authorization + type_version: 1.0.0 version: 1.0.0 metadata: policy-id: onap.policy.tutorial.demo @@ -21,6 +22,7 @@ topology_template: onap.policy.tutorial.audit: type: onap.policies.Authorization version: 1.0.0 + type_version: 1.0.0 metadata: policy-id: onap.policy.tutorial.bar policy-version: 1 diff --git a/docs/xacml/tutorial/app/src/test/resources/tutorial-policy-type.yaml b/docs/xacml/tutorial/app/src/test/resources/tutorial-policy-type.yaml index 181a73c5..7948bd28 100644 --- a/docs/xacml/tutorial/app/src/test/resources/tutorial-policy-type.yaml +++ b/docs/xacml/tutorial/app/src/test/resources/tutorial-policy-type.yaml @@ -1,6 +1,5 @@ -tosca_definitions_version: tosca_simple_yaml_1_0_0 +tosca_definitions_version: tosca_simple_yaml_1_1_0 policy_types: - - onap.policies.Authorization: derived_from: tosca.policies.Root version: 1.0.0 @@ -17,18 +16,17 @@ policy_types: entry_schema: type: onap.datatypes.Tutorial data_types: - - onap.datatypes.Tutorial: - derived_from: tosca.datatypes.Root - version: 1.0.0 - properties: - entity: - type: string - required: true - description: The resource - permission: - type: string - required: true - description: The permission level - constraints: - - valid_values: [read, write, delete] + derived_from: tosca.datatypes.Root + version: 1.0.0 + properties: + entity: + type: string + required: true + description: The resource + permission: + type: string + required: true + description: The permission level + constraints: + - valid_values: [read, write, delete] diff --git a/docs/xacml/tutorial/tutorial-decision-request.json b/docs/xacml/tutorial/tutorial-decision-request.json deleted file mode 100644 index 8c1ec10c..00000000 --- a/docs/xacml/tutorial/tutorial-decision-request.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "ONAPName": "TutorialPEP", - "ONAPComponent": "TutorialPEPComponent", - "ONAPInstance": "TutorialPEPInstance", - "requestId": "unique-request-id-tutorial", - "action": "authorize", - "resource": { - "user": "demo", - "entity": "foo", - "permission" : "read" - } -} diff --git a/docs/xacml/tutorial/tutorial-policies.yaml b/docs/xacml/tutorial/tutorial-policies.yaml deleted file mode 100644 index 45769ead..00000000 --- a/docs/xacml/tutorial/tutorial-policies.yaml +++ /dev/null @@ -1,30 +0,0 @@ -tosca_definitions_version: tosca_simple_yaml_1_0_0 -topology_template: - policies: - - - onap.policy.tutorial.demo: - type: onap.policies.Authorization - version: 1.0.0 - metadata: - policy-id: onap.policy.tutorial.demo - properties: - user: demo - permissions: - - - entity: foo - permission: read - - - entity: foo - permission: write - - - onap.policy.tutorial.audit: - type: onap.policies.Authorization - version: 1.0.0 - metadata: - policy-id: onap.policy.tutorial.bar - properties: - user: audit - permissions: - - - entity: foo - permission: read diff --git a/docs/xacml/tutorial/tutorial-policy-type.yaml b/docs/xacml/tutorial/tutorial-policy-type.yaml deleted file mode 100644 index 181a73c5..00000000 --- a/docs/xacml/tutorial/tutorial-policy-type.yaml +++ /dev/null @@ -1,34 +0,0 @@ -tosca_definitions_version: tosca_simple_yaml_1_0_0 -policy_types: - - - onap.policies.Authorization: - derived_from: tosca.policies.Root - version: 1.0.0 - description: Example tutorial policy type for doing user authorization - properties: - user: - type: string - required: true - description: The unique user name - permissions: - type: list - required: true - description: A list of resource permissions - entry_schema: - type: onap.datatypes.Tutorial -data_types: - - - onap.datatypes.Tutorial: - derived_from: tosca.datatypes.Root - version: 1.0.0 - properties: - entity: - type: string - required: true - description: The resource - permission: - type: string - required: true - description: The permission level - constraints: - - valid_values: [read, write, delete] diff --git a/docs/xacml/tutorial/tutorial.tar b/docs/xacml/tutorial/tutorial.tar Binary files differnew file mode 100644 index 00000000..329041d4 --- /dev/null +++ b/docs/xacml/tutorial/tutorial.tar diff --git a/docs/xacml/xacml-tutorial.rst b/docs/xacml/xacml-tutorial.rst index f46c1bb5..e9eee0e2 100644 --- a/docs/xacml/xacml-tutorial.rst +++ b/docs/xacml/xacml-tutorial.rst @@ -18,7 +18,7 @@ Follow :ref:`TOSCA Policy Primer <tosca-label>` for more information. For the tu this example Policy Type in which an ONAP PEP client would like to enforce an action **authorize** for a *user* to execute a *permission* on an *entity*. -.. literalinclude:: tutorial/tutorial-policy-type.yaml +.. literalinclude:: tutorial/app/src/test/resources/tutorial-policy-type.yaml :language: yaml :caption: Example Tutorial Policy Type :linenos: @@ -27,7 +27,7 @@ We would expect then to be able to create the following policies to allow the de an entity called foo, while the audit user can only read the entity called foo. Neither user has Delete permission. -.. literalinclude:: tutorial/tutorial-policies.yaml +.. literalinclude:: tutorial/app/src/test/resources/tutorial-policies.yaml :language: yaml :caption: Example Policies Derived From Tutorial Policy Type :linenos: @@ -37,12 +37,13 @@ Design Decision Request and expected Decision Response For the PEP (Policy Enforcement Point) client applications that call the Decision API, you need to design how the Decision API Request resource fields will be sent via the PEP. -.. literalinclude:: tutorial/tutorial-decision-request.json +.. literalinclude:: tutorial/app/src/test/resources/tutorial-decision-request.json :language: JSON :caption: Example Decision Request :linenos: -For simplicity, we expect only a *Permit* or *Deny* in the Decision Response. +For simplicity, this tutorial expects only a *Permit* or *Deny* in the Decision Response. However, one could +customize the Decision Response object and send back whatever information is desired. .. literalinclude:: tutorial/tutorial-decision-response.json :language: JSON @@ -54,7 +55,8 @@ Create A Maven Project This part of the tutorial assumes you understand how to use Eclipse to create a Maven project. Please follow any examples for the Eclipse installation you have to create an empty application. For the tutorial, use groupId *org.onap.policy.tutorial* and artifactId -*tutorial*. +*tutorial*. If you wish to go directly to the source code, please see the +:ref:`Download Tutorial Application Example` below to download it. .. image:: tutorial/images/eclipse-create-maven.png @@ -67,13 +69,22 @@ Be sure to import the policy/xacml-pdp project into Eclipse. Add Dependencies Into Application pom.xml ***************************************** +Here we import the XACML PDP Application common dependency which has the interfaces we need to implement. In addition, +we are importing a testing dependency that has common code for producing a JUnit test. + .. code-block:: java :caption: pom.xml dependencies <dependency> <groupId>org.onap.policy.xacml-pdp.applications</groupId> <artifactId>common</artifactId> - <version>2.1.0-SNAPSHOT</version> + <version>2.2.2</version> + </dependency> + <dependency> + <groupId>org.onap.policy.xacml-pdp</groupId> + <artifactId>xacml-test</artifactId> + <version>2.2.2</version> + <scope>test</scope> </dependency> Create META-INF to expose Java Service @@ -297,19 +308,19 @@ Create xacml.properties for the XACML PDP engine to use In the applications *src/test/resources* directory, create a xacml.properties file that will be used by the embedded XACML PDP Engine when loading. -.. literalinclude:: tutorial/tutorial-xacml.properties +.. literalinclude:: tutorial/app/src/test/resources/xacml.properties :caption: Example xacml.properties file :linenos: :emphasize-lines: 20, 25 -Create a JUnit and use the TestUtils.java class in application/common -********************************************************************* +Create a JUnit and use the TestUtils.java class in xacml-test dependency +************************************************************************ Using Eclipse, create a JUnit and be sure to add a setup() method stub. Here you will be utilizing a TestUtils.java -class from the policy/xamcl-pdp repo's application/common submodule to use some utility methods for building the JUnit test. +class from the policy/xamcl-pdp repo's xacml-test submodule to use some utility methods for building the JUnit test. .. image: tutorial/images/eclipse-junit-create.png -Copy the TOSCA Policy Type :download:`link <tutorial/tutorial-policy-type.yaml>` and the TOSCA Policies :download:`link <tutorial/tutorial-policies.yaml>` +Copy the TOSCA Policy Type :download:`link <tutorial/app/src/test/resources/tutorial-policy-type.yaml>` and the TOSCA Policies :download:`link <tutorial/app/src/test/resources/tutorial-policies.yaml>` into the src/test/resources directory. We will create a temporary folder which is used by the **StdXacmlApplicationServiceProvider** to store working copies of policies as they are loaded @@ -319,12 +330,41 @@ into the application. :caption: Example Translator Implementation :linenos: -Run the JUnit test!! +Run the JUnit test. Its easiest to run it via a terminal command line using maven commands. + -Where To Go From Here +.. code-block:: bash + :caption: Running Maven Commands + :linenos: + + > mvn clean install + +Building Docker Image ********************* Once you have created enough JUnit tests that test the TutorialTranslator.java and TutorialRequest.java classes, you are ready to now make your -application available to the ONAP XACML PDP Engine. These steps are covered in another tutorial. +application build a docker image that incorporates your application with the XACML PDP Engine. The XACML PDP Engine +must be able to *find* your Java.Service in the classpath. This is easy to do, just create a jar file for your application +and copy into the same directory used to startup the XACML PDP. + +Here is a Dockerfile as an example: + +.. literalinclude:: tutorial/app/src/main/docker/Dockerfile + :caption: Dockerfile + :linenos: + +Download Tutorial Application Example +************************************* + +If you don't wish to use Eclipse, or go through the steps outlined above. The tutorial is +available for download: + +:download:`Download tutorial tar <tutorial/tutorial.tar>` + +After you tar xf tutorial.jar, you can import it into Eclipse or your favorite editor. Or simply +use a terminal command line to build, test and run the tutorial. +In addition, there is a POSTMAN collection available for setting up and running tests against a +running instance of ONAP Policy Components (api, pap, dmaap-simulator, tutorial-xacml-pdp). +:download:`Download tutorial POSTMAN Collection <tutorial/PolicyApplicationTutorial.postman_collection.json>` diff --git a/docs/xacml/xacml.rst b/docs/xacml/xacml.rst index 4100e800..32949f4a 100644 --- a/docs/xacml/xacml.rst +++ b/docs/xacml/xacml.rst @@ -23,6 +23,7 @@ The following Policy Types are supported by the XACML PDP Engine (PDP-X): "Optimization", "onap.policies.Optimization", "optimize", "Optimization policy types used by OOF" "Naming", "onap.policies.Naming", "naming", "Naming policy types used by SDNC" "Native", "onap.policies.native.Xacml", "native", "Native XACML Policies" + "Match", "onap.policies.Match", "native", "Matchable Policy Types for the ONAP community to use" Each Policy Type is implemented as an application that extends the **XacmlApplicationServiceProvider**, and provides a **ToscaPolicyTranslator** that translates the TOSCA representation of the policy into a XACML OASIS 3.0 standard policy. @@ -45,6 +46,8 @@ A simple translator that wraps the TOSCA policy into a XACML policy and performs The Monitoring and Naming applications use this translator. +.. _xacml-matchable-label: + StdMatchableTranslator Translator --------------------------------- More robust translator that searches metadata of TOSCA properties for a **matchable** field set to **true**. The translator then uses those "matchable" properties to translate a policy into a XACML OASIS 3.0 policy which allows for fine-grained decision making such that ONAP applications can retrieve the appropriate policy(s) to be enforced during runtime. @@ -79,10 +82,13 @@ The following policy types derive from onap.policies.Monitoring: .. csv-table:: :header: "Derived Policy Type", "Action", "Description" - "onap.policies.monitoring.cdap.tca.hi.lo.app", "configure", "TCA DCAE microservice component" + "onap.policies.monitoring.tcagen2", "configure", "TCA DCAE microservice gen2 component" "onap.policies.monitoring.dcaegen2.collectors.datafile.datafile-app-server", "configure", "REST Collector" "onap.policies.monitoring.docker.sonhandler.app", "configure", "SON Handler microservice component" +.. note:: + DCAE project deprecated TCA DCAE microservice in lieu for their gen2 microservice. Thus, the policy type onap.policies.monitoring.cdap.tca.hi.lo.app was removed from Policy Framework. + This is an example Decision API payload made to retrieve a decision for a Monitoring Policy by id. Not recommended - as users may change id's of a policy. Available for backward compatibility. .. literalinclude:: decision.monitoring.json @@ -103,6 +109,7 @@ These Policy Types are used by Control Loop Drools Engine to support guarding co "onap.policies.controlloop.guard.common.FrequencyLimiter", "guard", "Limits frequency of actions over a specified time period" "onap.policies.controlloop.guard.common.Blacklist", "guard", "Blacklists a regexp of VNF IDs" "onap.policies.controlloop.guard.common.MinMax", "guard", "For scaling, enforces a min/max number of VNFS" + "onap.policies.controlloop.guard.common.Filter", "guard", "Used for filtering entities in A&AI from Control Loop actions" "onap.policies.controlloop.guard.coordination.FirstBlocksSecond", "guard", "Gives priority to one control loop vs another" This is an example Decision API payload made to retrieve a decision for a Guard Policy Type. @@ -115,6 +122,90 @@ The return decision simply has "permit" or "deny" in the response to tell the ca .. literalinclude:: decision.guard.response.json :language: JSON +Guard Common Base Policy Type +----------------------------- +Each guard Policy Type derives from **onap.policies.controlloop.guard.Common** base policy type. Thus, they share a set of common +properties. + +.. csv-table:: Common Properties for all Guards + :header: "Property", "Examples", "Required", "Type", "Description" + + "actor", "APPC, SO", "Required", "String", "Identifies the actor involved in the Control Loop operation." + "operation", "Restart, VF Module Create", "Required", "String", "Identifies the Control Loop operation the actor must perform." + "timeRange", "start_time: T00:00:00Z end_time: T08:00:00Z", "Optional", "tosca.datatypes.TimeInterval", "A given time range the guard is in effect. Following the TOSCA specification the format should be ISO 8601 format " + "id", "control-loop-id", "Optional", "String", "A specific Control Loop id the guard is in effect." + +`Common Guard Policy Type <https://github.com/onap/policy-models/blob/master/models-examples/src/main/resources/policytypes/onap.policies.controlloop.guard.Common.yaml>`__ + +Frequency Limiter Guard Policy Type +----------------------------------- +The Frequency Limiter Guard is used to specify limits as to how many operations can occur over a given time period. + +.. csv-table:: Frequency Guard Properties + :header: "Property", "Examples", "Required", "Type", "Description" + + "timeWindow", "10, 60", "Required", "integer", "The time window to count the actions against." + "timeUnits", "second minute, hour, day, week, month, year", "Required", "String", "The units of time the window is counting" + "limit", "5", "Required", "integer", "The limit value to be checked against." + +.. literalinclude:: example.guard.limiter.yaml + :language: YAML + +`Frequency Limiter Guard Policy Type <https://github.com/onap/policy-models/blob/master/models-examples/src/main/resources/policytypes/onap.policies.controlloop.guard.common.FrequencyLimiter.yaml>`__ + +Min/Max Guard Policy Type +------------------------- +The Min/Max Guard is used to specify a minimum or maximum number of instantiated entities in A&AI. Typically this is a VFModule for Scaling operations. One should specify either a min or a max value, or **both** a min and max value. At least one must be specified. + +.. csv-table:: Min/Max Guard Properties + :header: "Property", "Examples", "Required", "Type", "Description" + + "target", "e6130d03-56f1-4b0a-9a1d-e1b2ebc30e0e", "Required", "String", "The target entity that has scaling restricted." + "min", "1", "Optional", "integer", "Minimum value. Optional only if max is not specified." + "max", "5", "Optional", "integer", "Maximum value. Optional only if min is not specified." + +.. literalinclude:: example.guard.minmax.yaml + :language: YAML + +`Min/Max Guard Policy Type <https://github.com/onap/policy-models/blob/master/models-examples/src/main/resources/policytypes/onap.policies.controlloop.guard.common.MinMax.yaml>`__ + +Blacklist Guard Policy Type +--------------------------- +The Blacklist Guard is used to specify a list of A&AI entities that are blacklisted from having an operation performed on them. Recommendation is to use the vnf-id for the A&AI entity. + +.. csv-table:: Blacklist Guard Properties + :header: "Property", "Examples", "Required", "Type", "Description" + + "blacklist", "e6130d03-56f1-4b0a-9a1d-e1b2ebc30e0e", "Required", "list of string", "List of target entity's that are blacklisted from an operation." + +.. literalinclude:: example.guard.blacklist.yaml + :language: YAML + +`Blacklist Guard Policy Type <https://github.com/onap/policy-models/blob/master/models-examples/src/main/resources/policytypes/onap.policies.controlloop.guard.common.Blacklist.yaml>`__ + +Filter Guard Policy Type +------------------------ +The Filter Guard is a more robust guard for blacklisting and whitelisting A&AI entities when performing control loop operations. The intent for this guard is to filter in or out a block of entities, while allowing the ability to filter in or out specific entities. This allows a DevOps team to control the introduction of a Control Loop for a region or specific VNF's, as well as block specific VNF's that are being negatively affected when poor network conditions arise. Care and testing should be taken to understand the ramifications when combining multiple filters as well as their use in conjunction with other Guard Policy Types. + +.. csv-table:: Filter Guard Properties + :header: "Property", "Examples", "Required", "Type", "Description" + + "algorithm", "blacklist-overrides", "Required", "What algorithm to be applied", "blacklist-overrides or whitelist-overrides are the valid values. Indicates whether blacklisting or whitelisting has precedence." + "filters", "see table below", "Required", "list of onap.datatypes.guard.filter", "List of datatypes that describe the filter." + +.. csv-table:: Filter Guard onap.datatypes.guard.filter Properties + :header: "Property", "Examples", "Required", "Type", "Description" + + "field", "generic-vnf.vnf-name", "Required", "String", "Field used to perform filter on and must be a string value. See the Policy Type below for valid values." + "filter", "vnf-id-1", "Required", "String", "The filter being applied." + "function", "string-equal", "Required", "String", "The function that is applied to the filter. See the Policy Type below for valid values." + "blacklist", "true", "Required", "boolean", "Whether the result of the filter function applied to the filter is blacklisted or whitelisted (eg Deny or Permit)." + +.. literalinclude:: example.guard.filter.yaml + :language: YAML + +`Filter Guard Policy Type <https://github.com/onap/policy-models/blob/master/models-examples/src/main/resources/policytypes/onap.policies.controlloop.guard.common.Filter.yaml>`__ + .. _xacml-optimization-label: Optimization Policy Types @@ -169,6 +260,31 @@ This is an example Native Decision API payload made to retrieve a decision for w .. literalinclude:: decision.native.json :language: JSON +Match Policy Type +================= + +This Policy type can be used to design your own Policy Type and utilize the :ref:`StdMatchableTranslator <xacml-matchable-label>`, and does not need to build your own custom application. You can design your Policy Type by inheriting from the Match policy type (eg. onap.policies.match.<YourPolicyType>) and adding a **matchable** metadata set to **true** for the properties that you would like to request a Decision on. All a user would need to do is then use the Policy Lifecycle API to add their Policy Type and then create policies from it. Then deploy those policies to the XACML PDP and they would be able to get Decisions without customizing their ONAP installation. + +Here is an example Policy Type: + +.. literalinclude:: match.policy-type.yaml + :language: YAML + +Here are example Policies: + +.. literalinclude:: match.policies.yaml + :language: YAML + +This is an example Decision API request that can be made: + +.. literalinclude:: decision.match.request.json + :language: JSON + +Which would render the following decision response: + +.. literalinclude:: decision.match.response.json + :language: JSON + Supporting Your Own Policy Types and Translators ************************************************ |
