summaryrefslogtreecommitdiffstats
path: root/packages
diff options
context:
space:
mode:
Diffstat (limited to 'packages')
-rw-r--r--packages/policy-xacmlpdp-docker/src/main/docker/Dockerfile17
-rw-r--r--packages/policy-xacmlpdp-tarball/src/main/resources/apps/guard/xacml.properties46
-rw-r--r--packages/policy-xacmlpdp-tarball/src/main/resources/apps/monitoring/RootMonitoringPolicy.xml32
-rw-r--r--packages/policy-xacmlpdp-tarball/src/main/resources/apps/monitoring/xacml.properties26
-rw-r--r--packages/policy-xacmlpdp-tarball/src/main/resources/apps/optimization/xacml.properties31
-rw-r--r--packages/policy-xacmlpdp-tarball/src/main/resources/etc/defaultConfig.json3
6 files changed, 144 insertions, 11 deletions
diff --git a/packages/policy-xacmlpdp-docker/src/main/docker/Dockerfile b/packages/policy-xacmlpdp-docker/src/main/docker/Dockerfile
index e6b37463..3732e589 100644
--- a/packages/policy-xacmlpdp-docker/src/main/docker/Dockerfile
+++ b/packages/policy-xacmlpdp-docker/src/main/docker/Dockerfile
@@ -10,30 +10,27 @@ ENV https_proxy $HTTPS_PROXY
ENV BUILD_VERSION ${BUILD_VERSION}
ENV POLICY_LOGS ${POLICY_LOGS}
-ENV POLICY_HOME=/opt/app/policy
-ENV POLICY_PDPX_HOME=${POLICY_HOME}/pdpx
+ENV POLICY_HOME=/opt/app/policy/pdpx
RUN \
apk add --no-cache --update busybox-extras bash nss procps coreutils findutils grep \
zip unzip curl wget openssh maven openjdk8 jq httpie py-pip
-
RUN addgroup policy && \
adduser -S --shell /bin/bash -G policy policy
-RUN mkdir -p ${POLICY_PDPX_HOME} ${POLICY_LOGS} ${POLICY_HOME}/etc/ssl ${POLICY_PDPX_HOME}/bin && \
- chown -R policy:policy ${POLICY_HOME} ${POLICY_PDPX_HOME} ${POLICY_LOGS}
+RUN mkdir -p ${POLICY_HOME} ${POLICY_LOGS} ${POLICY_HOME}/etc/ssl ${POLICY_HOME}/bin ${POLICY_HOME}/apps && \
+ chown -R policy:policy ${POLICY_HOME} ${POLICY_LOGS}
RUN mkdir /packages
COPY /maven/* /packages
-RUN tar xvfz /packages/policy-xacmlpdp.tar.gz --directory ${POLICY_PDPX_HOME} && \
+RUN tar xvfz /packages/policy-xacmlpdp.tar.gz --directory ${POLICY_HOME} && \
rm /packages/policy-xacmlpdp.tar.gz
-WORKDIR ${POLICY_PDPX_HOME}
+WORKDIR ${POLICY_HOME}
COPY policy-pdpx.sh bin/.
-RUN chown -R policy:policy * && chmod +x bin/*.sh && \
- cp ${POLICY_PDPX_HOME}/etc/ssl/* ${POLICY_HOME}/etc/ssl && chown policy:policy ${POLICY_HOME}/etc/ssl/*
+RUN chown -R policy:policy * && chmod +x bin/*.sh
USER policy
-WORKDIR ${POLICY_PDPX_HOME}/bin
+WORKDIR ${POLICY_HOME}/bin
ENTRYPOINT [ "bash", "./policy-pdpx.sh" ]
diff --git a/packages/policy-xacmlpdp-tarball/src/main/resources/apps/guard/xacml.properties b/packages/policy-xacmlpdp-tarball/src/main/resources/apps/guard/xacml.properties
new file mode 100644
index 00000000..e3ef3ebc
--- /dev/null
+++ b/packages/policy-xacmlpdp-tarball/src/main/resources/apps/guard/xacml.properties
@@ -0,0 +1,46 @@
+#
+# Properties that the embedded PDP engine uses to configure and load
+#
+# Standard API Factories
+#
+xacml.dataTypeFactory=com.att.research.xacml.std.StdDataTypeFactory
+xacml.pdpEngineFactory=com.att.research.xacmlatt.pdp.ATTPDPEngineFactory
+xacml.pepEngineFactory=com.att.research.xacml.std.pep.StdEngineFactory
+xacml.pipFinderFactory=com.att.research.xacml.std.pip.StdPIPFinderFactory
+xacml.traceEngineFactory=com.att.research.xacml.std.trace.LoggingTraceEngineFactory
+#
+# AT&T PDP Implementation Factories
+#
+xacml.att.evaluationContextFactory=com.att.research.xacmlatt.pdp.std.StdEvaluationContextFactory
+xacml.att.combiningAlgorithmFactory=com.att.research.xacmlatt.pdp.std.StdCombiningAlgorithmFactory
+xacml.att.functionDefinitionFactory=com.att.research.xacmlatt.pdp.std.StdFunctionDefinitionFactory
+#
+# ONAP PDP Implementation Factories
+#
+xacml.att.policyFinderFactory=org.onap.policy.pdp.xacml.application.common.OnapPolicyFinderFactory
+
+#
+# Use a root combining algorithm
+#
+xacml.att.policyFinderFactory.combineRootPolicies=urn:oasis:names:tc:xacml:3.0:policy-combining-algorithm:permit-unless-deny
+
+xacml.pip.engines=historydb
+
+#
+# PIP Engine Definition
+#
+historydb.classname=org.onap.policy.pdp.xacml.application.common.OnapOperationsHistoryPipEngine
+historydb.issuer=urn:org:onap:xacml:guard:historydb
+historydb.name=operationHistoryDB
+historydb.description=Returns operation counts based on time window
+
+#
+# Database persistence for PIP
+#
+historydb.persistenceunit=OperationsHistoryPU
+
+# Policies to load
+#
+#xacml.rootPolicies=guard
+#guard.file=src/main/resources/RootGuardPolicy.xml
+
diff --git a/packages/policy-xacmlpdp-tarball/src/main/resources/apps/monitoring/RootMonitoringPolicy.xml b/packages/policy-xacmlpdp-tarball/src/main/resources/apps/monitoring/RootMonitoringPolicy.xml
new file mode 100644
index 00000000..5578fda9
--- /dev/null
+++ b/packages/policy-xacmlpdp-tarball/src/main/resources/apps/monitoring/RootMonitoringPolicy.xml
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<PolicySet xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" PolicyCombiningAlgId="urn:com:att:xacml:3.0:policy-combining-algorithm:combined-deny-overrides" PolicySetId="urn:org:onap:monitoring:policy:id" Version="1.0" xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:policy:schema:os access_control-xacml-2.0-policy-schema-os.xsd">
+ <Description>The root policy for supporting in-memory onap.Monitoring policy-type policies.</Description>
+ <Target>
+ <AnyOf>
+ <AllOf>
+ <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">DCAE</AttributeValue>
+ <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
+ </Match>
+ <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">configure</AttributeValue>
+ <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
+ </Match>
+ </AllOf>
+ </AnyOf>
+ </Target>
+ <!--
+
+ New Policies created from TOSCA policies can be stored like this.
+
+ <PolicyIdReference>onap.scaleout.tca</PolicyIdReference>
+ <PolicySetIdReference>urn:oasis:names:tc:xacml:2.0:conformance-test:IIE001:policyset1</PolicySetIdReference>
+ -->
+ <Policy PolicyId="default" Version="1.0" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:permit-unless-deny" >
+ <Description>Default is to allow a permit - returning 0 obligations</Description>
+ <Target/>
+ <Rule RuleId="default" Effect="Permit">
+ <Target/>
+ </Rule>
+ </Policy>
+</PolicySet> \ No newline at end of file
diff --git a/packages/policy-xacmlpdp-tarball/src/main/resources/apps/monitoring/xacml.properties b/packages/policy-xacmlpdp-tarball/src/main/resources/apps/monitoring/xacml.properties
new file mode 100644
index 00000000..8ad5152d
--- /dev/null
+++ b/packages/policy-xacmlpdp-tarball/src/main/resources/apps/monitoring/xacml.properties
@@ -0,0 +1,26 @@
+#
+# Properties that the embedded PDP engine uses to configure and load
+#
+# Standard API Factories
+#
+xacml.dataTypeFactory=com.att.research.xacml.std.StdDataTypeFactory
+xacml.pdpEngineFactory=com.att.research.xacmlatt.pdp.ATTPDPEngineFactory
+xacml.pepEngineFactory=com.att.research.xacml.std.pep.StdEngineFactory
+xacml.pipFinderFactory=com.att.research.xacml.std.pip.StdPIPFinderFactory
+xacml.traceEngineFactory=com.att.research.xacml.std.trace.LoggingTraceEngineFactory
+#
+# AT&T PDP Implementation Factories
+#
+xacml.att.evaluationContextFactory=com.att.research.xacmlatt.pdp.std.StdEvaluationContextFactory
+xacml.att.combiningAlgorithmFactory=com.att.research.xacmlatt.pdp.std.StdCombiningAlgorithmFactory
+xacml.att.functionDefinitionFactory=com.att.research.xacmlatt.pdp.std.StdFunctionDefinitionFactory
+#
+# ONAP PDP Implementation Factories
+#
+xacml.att.policyFinderFactory=org.onap.policy.pdp.xacml.application.common.OnapPolicyFinderFactory
+
+# Policies to load
+#
+xacml.rootPolicies=monitoring
+monitoring.file=/opt/app/policy/pdpx/apps/monitoring/RootMonitoringPolicy.xml
+
diff --git a/packages/policy-xacmlpdp-tarball/src/main/resources/apps/optimization/xacml.properties b/packages/policy-xacmlpdp-tarball/src/main/resources/apps/optimization/xacml.properties
new file mode 100644
index 00000000..5ea247cf
--- /dev/null
+++ b/packages/policy-xacmlpdp-tarball/src/main/resources/apps/optimization/xacml.properties
@@ -0,0 +1,31 @@
+#
+# Properties that the embedded PDP engine uses to configure and load
+#
+# Standard API Factories
+#
+xacml.dataTypeFactory=com.att.research.xacml.std.StdDataTypeFactory
+xacml.pdpEngineFactory=com.att.research.xacmlatt.pdp.ATTPDPEngineFactory
+xacml.pepEngineFactory=com.att.research.xacml.std.pep.StdEngineFactory
+xacml.pipFinderFactory=com.att.research.xacml.std.pip.StdPIPFinderFactory
+xacml.traceEngineFactory=com.att.research.xacml.std.trace.LoggingTraceEngineFactory
+#
+# AT&T PDP Implementation Factories
+#
+xacml.att.evaluationContextFactory=com.att.research.xacmlatt.pdp.std.StdEvaluationContextFactory
+xacml.att.combiningAlgorithmFactory=com.att.research.xacmlatt.pdp.std.StdCombiningAlgorithmFactory
+xacml.att.functionDefinitionFactory=com.att.research.xacmlatt.pdp.std.StdFunctionDefinitionFactory
+#
+# ONAP PDP Implementation Factories
+#
+xacml.att.policyFinderFactory=org.onap.policy.pdp.xacml.application.common.OnapPolicyFinderFactory
+
+#
+# Use a root combining algorithm
+#
+xacml.att.policyFinderFactory.combineRootPolicies=urn:com:att:xacml:3.0:policy-combining-algorithm:combined-permit-overrides
+
+#
+# Policies to load
+#
+xacml.rootPolicies=
+xacml.referencedPolicies= \ No newline at end of file
diff --git a/packages/policy-xacmlpdp-tarball/src/main/resources/etc/defaultConfig.json b/packages/policy-xacmlpdp-tarball/src/main/resources/etc/defaultConfig.json
index 561574a2..cc13e5b3 100644
--- a/packages/policy-xacmlpdp-tarball/src/main/resources/etc/defaultConfig.json
+++ b/packages/policy-xacmlpdp-tarball/src/main/resources/etc/defaultConfig.json
@@ -7,5 +7,6 @@
"password": "zb!XztG34",
"https": true,
"aaf": false
- }
+ },
+ "applicationPath": "/opt/app/policy/pdpx/apps"
}