.. This work is licensed under a Creative Commons Attribution 4.0 International License.

.. _gui-server-label:

The Policy Framework GUI Server
###############################

The **gui-server** microservice serves the GUI code to the browser for Policy Framework UI. In addition, it acts as
a single point of reference for the REST interfaces provided by **policy-api**, **policy-pap**, and **acm-runtime**.
It can also be used as a HTTPS gatewy for REST references into a Policy Framework deployment in a Kubernetes cluster.

.. contents::
    :depth: 2

The **gui-server** is a regular microservice, and it is packaged, delivered and configured as a docker image. It is
a Spring application and therefore uses a normal Spring-style *applciation.yaml* approach to configuration.

Definitive example configurations are available in the codebase:

- `application_http.yaml <https://github.com/onap/policy-gui/blob/master/gui-server/src/test/resources/application_http.yaml>`_
  showing how to configure gui-server for HTTP access
- `application_https.yaml <https://github.com/onap/policy-gui/blob/master/gui-server/src/test/resources/application_https.yaml>`_
  showing how to configure gui-server for HTTPS access

The configuration parameters are explained in the sections below

Server Configuration
--------------------

Configuration for HTTP access to gui-server::

  server:
    port: 2443
    ssl:
      enabled: false

Start gui-server on port 2443 and disable SSL.

Configuration for HTTPS access to gui-server::

  server:
    port: 2443
    ssl:
      enabled: true
      enabled-protocols: TLSv1.2
      client-auth: want
      key-store: file:./src/test/resources/helloworld-keystore.jks
      key-store-password: changeit
      trust-store: file:./src/test/resources/helloworld-truststore.jks
      trust-store-password: changeit

Start gui-server on port 2443 and enable SSL with the parameters specified above

Note that other standard Spring **server** configuraiton parameters as
documented
`on the Spring website <https://docs.spring.io/spring-boot/docs/current/reference/html/application-properties.html>`_
are supported.

Runtime Adaptation Configuration
--------------------------------

You can configure the adaptation for **policy-api**, **policy-pap**, and **runtime-acm**. In other words, you can map
the URL that the GUI produced or that you want to use in a REST tool such as *postman* or *curl* in the **runtime-ui**
part of the aaplication.yaml file::

  runtime-ui:
    policy-api:
      mapping-path: "/runtime-ui/policy-api/restservices/"
      url: http://localhost:30440
      disable-ssl-validation: true
      disable-ssl-hostname-check: true
    policy-pap:
      mapping-path: "/runtime-ui/policy-pap/restservices/"
      url: http://localhost:30442
      disable-ssl-validation: true
      disable-ssl-hostname-check: true
    acm:
      mapping-path: "/runtime-ui/acm/restservices/"
      url: http://localhost:30258
      disable-ssl-validation: true
      disable-ssl-hostname-check: true

The parameters under the **policy-api**, **policy-pap**, and **acm** sections are identical.

mapping-path and url
++++++++++++++++++++

The **mapping-path** is the root part of the path that will be replaced by the **url**, the **url** replaces the
**mapping-path**.

Therefore, using the configuration above for policy-api, the following mapping occurs::

  http://localhost:2443/runtime-ui/policy-api/restservices/policy/api/v1/healthcheck

  maps to

  http://localhost:30440/policy/api/v1/healthcheck

and::

  https://localhost:2443/runtime-ui/acm/restservices/onap/policy/clamp/acm/v2/commission

  maps to

  http://localhost:30258/onap/policy/clamp/acm/v2/commission

disable-ssl-validation and disable-ssl-hostname-check
+++++++++++++++++++++++++++++++++++++++++++++++++++++

The **disable-ssl-validation** **disable-ssl-hostname-check** are boolean values. If the target server (policy-api,
policy-pap, or runtime-acm) is using http, these values should be set to **false**. If the target server is using
HTTPS, set the values as **true** so that the **gui-server** transfers and forwards certificates to target servers.

Spring Boot Acuator Monitoring
------------------------------

The **gui-server** supports regular
`Spring Boot Actuator monitoring <https://docs.spring.io/spring-boot/docs/1.4.0.M2/reference/html/production-ready-monitoring.html>`_
and monitoring over `prometheus <https://prometheus.io/>`_.

The following section of the *application.yaml** file is an example of how to enable monitoring::

  management:
    endpoints:
      web:
        base-path: /
        exposure:
          include: health,metrics,prometheus
        path-mapping.metrics: plain-metrics
        path-mapping.prometheus: metrics

The configuration above enables the following URLs::

  # Health Check
  http://localhost:2443/health

  # Plain Metrics
  http://localhost:2443/plain-metrics

  # Prometheus Metrics
  http://localhost:2443/metrics