diff options
Diffstat (limited to 'robot/assets/cmpv2')
-rw-r--r-- | robot/assets/cmpv2/blueprintTemplate.json | 12 | ||||
-rw-r--r-- | robot/assets/cmpv2/k8s-mongo-ves-client.yaml | 37 | ||||
-rw-r--r-- | robot/assets/cmpv2/k8s-mongo.yaml | 37 | ||||
-rw-r--r-- | robot/assets/cmpv2/k8s-pnf-simulator.yaml | 73 | ||||
-rw-r--r-- | robot/assets/cmpv2/k8s-ves-client.yaml | 75 | ||||
-rw-r--r-- | robot/assets/cmpv2/ves_client_values_aaf.yaml | 31 | ||||
-rw-r--r-- | robot/assets/cmpv2/ves_client_values_basic.yaml | 14 | ||||
-rw-r--r-- | robot/assets/cmpv2/ves_client_values_cmpv2.yaml | 18 | ||||
-rw-r--r-- | robot/assets/cmpv2/ves_correct_sans_cmpv2.yaml | 55 | ||||
-rw-r--r-- | robot/assets/cmpv2/ves_wrong_sans_cmpv2.yaml | 53 |
10 files changed, 171 insertions, 234 deletions
diff --git a/robot/assets/cmpv2/blueprintTemplate.json b/robot/assets/cmpv2/blueprintTemplate.json deleted file mode 100644 index f3b87e7d..00000000 --- a/robot/assets/cmpv2/blueprintTemplate.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "asdcResourceId": "", - "asdcServiceId": "", - "asdcServiceURL": "", - "blueprintTemplate": "", - "owner": "robot", - "serviceIds": [], - "serviceLocations": [], - "typeName": "", - "typeVersion": 100, - "vnfTypes": [] -} diff --git a/robot/assets/cmpv2/k8s-mongo-ves-client.yaml b/robot/assets/cmpv2/k8s-mongo-ves-client.yaml deleted file mode 100644 index 42523993..00000000 --- a/robot/assets/cmpv2/k8s-mongo-ves-client.yaml +++ /dev/null @@ -1,37 +0,0 @@ -tosca_definitions_version: cloudify_dsl_1_3 -imports: - - 'http://www.getcloudify.org/spec/cloudify/4.5.5/types.yaml' - - 'plugin:k8splugin?version=>=3.4.2,<4.0.0' -inputs: - tag_version: - type: string - description: Docker image to be used - default: 'mongo' - replicas: - type: integer - description: Number of instances - default: 1 - service_component_type: - type: string - default: "mongo-ves-client" - service_component_name_override: - type: string - default: "mongo-ves-client" -node_templates: - mongo: - type: dcae.nodes.ContainerizedServiceComponent - interfaces: - cloudify.interfaces.lifecycle: - start: - inputs: - envs: - MONGO_INITDB_ROOT_USERNAME: root - MONGO_INITDB_ROOT_PASSWORD: zXcVbN123! - MONGO_INITDB_DATABASE: pnf_simulator - ports: - - '27017:0' - properties: - service_component_type: { get_input: service_component_type } - service_component_name_override: { get_input: service_component_name_override } - image: { get_input: tag_version } - replicas: { get_input: replicas } diff --git a/robot/assets/cmpv2/k8s-mongo.yaml b/robot/assets/cmpv2/k8s-mongo.yaml deleted file mode 100644 index 010eb65c..00000000 --- a/robot/assets/cmpv2/k8s-mongo.yaml +++ /dev/null @@ -1,37 +0,0 @@ -tosca_definitions_version: cloudify_dsl_1_3 -imports: - - 'http://www.getcloudify.org/spec/cloudify/4.5.5/types.yaml' - - 'plugin:k8splugin?version=>=3.4.2,<4.0.0' -inputs: - tag_version: - type: string - description: Docker image to be used - default: 'mongo' - replicas: - type: integer - description: Number of instances - default: 1 - service_component_type: - type: string - default: "mongo" - service_component_name_override: - type: string - default: "mongo" -node_templates: - mongo: - type: dcae.nodes.ContainerizedServiceComponent - interfaces: - cloudify.interfaces.lifecycle: - start: - inputs: - envs: - MONGO_INITDB_ROOT_USERNAME: root - MONGO_INITDB_ROOT_PASSWORD: zXcVbN123! - MONGO_INITDB_DATABASE: pnf_simulator - ports: - - '27017:0' - properties: - service_component_type: { get_input: service_component_type } - service_component_name_override: { get_input: service_component_name_override } - image: { get_input: tag_version } - replicas: { get_input: replicas } diff --git a/robot/assets/cmpv2/k8s-pnf-simulator.yaml b/robot/assets/cmpv2/k8s-pnf-simulator.yaml deleted file mode 100644 index 89e838b9..00000000 --- a/robot/assets/cmpv2/k8s-pnf-simulator.yaml +++ /dev/null @@ -1,73 +0,0 @@ -tosca_definitions_version: cloudify_dsl_1_3 -imports: - - 'http://www.getcloudify.org/spec/cloudify/4.5.5/types.yaml' - - 'plugin:k8splugin?version=>=3.4.2,<4.0.0' -inputs: - tag_version: - type: string - description: Docker image to be used - default: 'nexus3.onap.org:10001/onap/org.onap.integration.simulators.pnfsimulator:latest' - replicas: - type: integer - description: Number of instances - default: 1 - external_cert_cert_type: - type: string - description: Output type - default: 'P12' - external_cert_ca_name: - type: string - description: Name of Certificate Authority configured on CertService side. - default: 'RA' - external_cert_common_name: - type: string - description: Common name which should be present in certificate. - default: 'pnf-simulator' - external_cert_sans: - type: string - description: 'List of Subject Alternative Names (SANs) which should be present - in certificate. Delimiter - , Should contain common_name value and other FQDNs - under which given component is accessible.' - default: 'pnf-simulator' - external_cert_use_external_tls: - type: boolean - description: Flag to indicate external tls enable/disable. - default: true - service_component_type: - type: string - default: "pnf-simulator" - service_component_name_override: - type: string - default: "pnf-simulator" -node_templates: - pnf-simulator: - type: dcae.nodes.ContainerizedServiceComponent - interfaces: - cloudify.interfaces.lifecycle: - start: - inputs: - envs: - STRICT_HOSTNAME_VERIFICATION: 'true' - ports: - - '5000:0' - properties: - service_component_type: { get_input: service_component_type } - service_component_name_override: { get_input: service_component_name_override } - image: { get_input: tag_version } - replicas: { get_input: replicas } - always_pull_image: true - tls_info: - cert_directory: '/app/store/' - external_cert: - external_cert_directory: '/app/store/' - use_external_tls: - get_input: external_cert_use_external_tls - cert_type: - get_input: external_cert_cert_type - ca_name: - get_input: external_cert_ca_name - external_certificate_parameters: - common_name: - get_input: external_cert_common_name - sans: - get_input: external_cert_sans diff --git a/robot/assets/cmpv2/k8s-ves-client.yaml b/robot/assets/cmpv2/k8s-ves-client.yaml deleted file mode 100644 index cfb5fd53..00000000 --- a/robot/assets/cmpv2/k8s-ves-client.yaml +++ /dev/null @@ -1,75 +0,0 @@ -tosca_definitions_version: cloudify_dsl_1_3 -imports: - - 'http://www.getcloudify.org/spec/cloudify/4.5.5/types.yaml' - - 'plugin:k8splugin?version=>=3.4.2,<4.0.0' -inputs: - tag_version: - type: string - description: Docker image to be used - default: 'nexus3.onap.org:10001/onap/org.onap.integration.nfsimulator.vesclient:latest' - replicas: - type: integer - description: Number of instances - default: 1 - external_cert_cert_type: - type: string - description: Output type - default: 'P12' - external_cert_ca_name: - type: string - description: Name of Certificate Authority configured on CertService side. - default: 'RA' - external_cert_common_name: - type: string - description: Common name which should be present in certificate. - default: 'ves-client' - external_cert_sans: - type: string - description: 'List of Subject Alternative Names (SANs) which should be present - in certificate. Delimiter - , Should contain common_name value and other FQDNs - under which given component is accessible.' - default: 'ves-client' - external_cert_use_external_tls: - type: boolean - description: Flag to indicate external tls enable/disable. - default: true - service_component_type: - type: string - default: "ves-client" - service_component_name_override: - type: string - default: "ves-client" -node_templates: - ves-client: - type: dcae.nodes.ContainerizedServiceComponent - interfaces: - cloudify.interfaces.lifecycle: - start: - inputs: - envs: - STRICT_HOSTNAME_VERIFICATION: 'true' - MONGO_HOSTNAME: - concat: ["mongo-", {get_input: service_component_name_override}] - ports: - - '5000:0' - properties: - service_component_type: { get_input: service_component_type } - service_component_name_override: { get_input: service_component_name_override } - image: { get_input: tag_version } - replicas: { get_input: replicas } - always_pull_image: true - tls_info: - cert_directory: '/app/store/' - external_cert: - external_cert_directory: '/app/store/' - use_external_tls: - get_input: external_cert_use_external_tls - cert_type: - get_input: external_cert_cert_type - ca_name: - get_input: external_cert_ca_name - external_certificate_parameters: - common_name: - get_input: external_cert_common_name - sans: - get_input: external_cert_sans diff --git a/robot/assets/cmpv2/ves_client_values_aaf.yaml b/robot/assets/cmpv2/ves_client_values_aaf.yaml new file mode 100644 index 00000000..09661297 --- /dev/null +++ b/robot/assets/cmpv2/ves_client_values_aaf.yaml @@ -0,0 +1,31 @@ +certMethod: "aaf" + +fullnameOverride: "ves-client-aaf" +secretName: ves-client-secret-aaf +configMapName: ves-client-configmap-aaf +certificateName: ves-client-certificate-aaf + +config: + useCerts: true + mongoDbName: ves-client-db-aaf + +mongodb: + fullnameOverride: "ves-client-db-aaf" + +certInitializer: + nameOverride: vesclient-cert-initializer-aaf + +certificates: + name: ves-client-cert-aaf + secretName: ves-client-secret-aaf + keystores: + jks: + create: true + passwordSecretRef: + name: ves-client-secret-aaf + key: p12.pass + pkcs12: + create: true + passwordSecretRef: + name: ves-client-secret-aaf + key: p12.pass diff --git a/robot/assets/cmpv2/ves_client_values_basic.yaml b/robot/assets/cmpv2/ves_client_values_basic.yaml new file mode 100644 index 00000000..157136f2 --- /dev/null +++ b/robot/assets/cmpv2/ves_client_values_basic.yaml @@ -0,0 +1,14 @@ +fullnameOverride: "ves-client-basic" +secretName: "ves-client-secret-basic" +configMapName: "ves-client-configmap-basic" +certificateName: "ves-client-certificate-basic" + +config: + useCerts: false + mongoDbName: ves-client-db-basic + +mongodb: + fullnameOverride: "ves-client-db-basic" + +certInitializer: + nameOverride: vesclient-cert-initializer-basic diff --git a/robot/assets/cmpv2/ves_client_values_cmpv2.yaml b/robot/assets/cmpv2/ves_client_values_cmpv2.yaml new file mode 100644 index 00000000..f6eae10e --- /dev/null +++ b/robot/assets/cmpv2/ves_client_values_cmpv2.yaml @@ -0,0 +1,18 @@ +certMethod: "cmpv2" + +fullnameOverride: "ves-client-cmpv2" +nameOverride: "ves-client-cmpv2" +secretName: ves-client-secret-cmpv2 +configMapName: ves-client-configmap-cmpv2 +certificateName: ves-client-certificate-cmpv2 + +config: + useCerts: true + strictHost: true + mongoDbName: ves-client-db-cmpv2 + +mongodb: + fullnameOverride: "ves-client-db-cmpv2" + +certInitializer: + nameOverride: vesclient-cert-initializer-cmpv2 diff --git a/robot/assets/cmpv2/ves_correct_sans_cmpv2.yaml b/robot/assets/cmpv2/ves_correct_sans_cmpv2.yaml new file mode 100644 index 00000000..4cea2296 --- /dev/null +++ b/robot/assets/cmpv2/ves_correct_sans_cmpv2.yaml @@ -0,0 +1,55 @@ +# TLS role -- set to true if microservice acts as server +# If true, an init container will retrieve a server cert +# and key from AAF and mount them in certDirectory. +tlsServer: false + +global: + centralizedLoggingEnabled: false + cmpv2Enabled: true + masterPassword: "test" + + +nameOverride: "dcae-ves-cmpv2-cert-corect-sans" +fullnameOverride: "dcae-ves-cmpv2-cert-corect-sans" + + +# CMPv2 certificate +# It is used only when: +# - certDirectory is set +# - global cmpv2Enabled flag is set to true +# - flag useCmpv2Certificates is set to true +# Disabled by default +useCmpv2Certificates: true +certificates: + - mountPath: /opt/app/dcae-certificate/external + commonName: dcae-ves-collector-cmpv2-cert + dnsNames: + - dcae-ves-collector-cmpv2-cert + - ves-collector-cmpv2-cert + - ves-cmpv2-cert + keystore: + outputType: + - jks + passwordSecretRef: + name: ves-cmpv2-keystore-password + key: password + create: true + +# service configuration +service: + type: NodePort + name: dcae-ves-collector-cmpv2-cert + ports: + - name: http + port: 8443 + plain_port: 8080 + port_protocol: http + nodePort: 18 + useNodePortExt: true + + +#Pods Service Account +serviceAccount: + nameOverride: dcae-ves-cmpv2-cert-corect-sans + roles: + - read diff --git a/robot/assets/cmpv2/ves_wrong_sans_cmpv2.yaml b/robot/assets/cmpv2/ves_wrong_sans_cmpv2.yaml new file mode 100644 index 00000000..db86b581 --- /dev/null +++ b/robot/assets/cmpv2/ves_wrong_sans_cmpv2.yaml @@ -0,0 +1,53 @@ +# TLS role -- set to true if microservice acts as server +# If true, an init container will retrieve a server cert +# and key from AAF and mount them in certDirectory. +tlsServer: false + +global: + centralizedLoggingEnabled: false + cmpv2Enabled: true + masterPassword: "test" + + +nameOverride: "dcae-ves-cmpv2-cert-wrong-sans" +fullnameOverride: "dcae-ves-cmpv2-cert-wrong-sans" + + +# CMPv2 certificate +# It is used only when: +# - certDirectory is set +# - global flag is set to true +# - flag useCmpv2Certificates is set to true +# Disabled by default +useCmpv2Certificates: true +certificates: + - mountPath: /opt/app/dcae-certificate/external + commonName: wrong-sans + dnsNames: + - wrong-sans + keystore: + outputType: + - jks + passwordSecretRef: + name: ves-cmpv2-keystore-password-wrong-sans + key: password + create: true + +# service configuration +service: + type: NodePort + name: dcae-ves-collector-cmpv2-cert-wrong-sans + ports: + - name: http + port: 8443 + plain_port: 8080 + port_protocol: http + nodePort: 19 + useNodePortExt: true + + +#Pods Service Account +serviceAccount: + nameOverride: dcae-ves-cmpv2-cert-wrong-sans + roles: + - read |