aboutsummaryrefslogtreecommitdiffstats
path: root/robot/assets/cmpv2
diff options
context:
space:
mode:
Diffstat (limited to 'robot/assets/cmpv2')
-rw-r--r--robot/assets/cmpv2/blueprintTemplate.json12
-rw-r--r--robot/assets/cmpv2/k8s-mongo-ves-client.yaml37
-rw-r--r--robot/assets/cmpv2/k8s-mongo.yaml37
-rw-r--r--robot/assets/cmpv2/k8s-pnf-simulator.yaml73
-rw-r--r--robot/assets/cmpv2/k8s-ves-client.yaml75
-rw-r--r--robot/assets/cmpv2/ves_client_values_aaf.yaml31
-rw-r--r--robot/assets/cmpv2/ves_client_values_basic.yaml14
-rw-r--r--robot/assets/cmpv2/ves_client_values_cmpv2.yaml18
-rw-r--r--robot/assets/cmpv2/ves_correct_sans_cmpv2.yaml55
-rw-r--r--robot/assets/cmpv2/ves_wrong_sans_cmpv2.yaml53
10 files changed, 171 insertions, 234 deletions
diff --git a/robot/assets/cmpv2/blueprintTemplate.json b/robot/assets/cmpv2/blueprintTemplate.json
deleted file mode 100644
index f3b87e7d..00000000
--- a/robot/assets/cmpv2/blueprintTemplate.json
+++ /dev/null
@@ -1,12 +0,0 @@
-{
- "asdcResourceId": "",
- "asdcServiceId": "",
- "asdcServiceURL": "",
- "blueprintTemplate": "",
- "owner": "robot",
- "serviceIds": [],
- "serviceLocations": [],
- "typeName": "",
- "typeVersion": 100,
- "vnfTypes": []
-}
diff --git a/robot/assets/cmpv2/k8s-mongo-ves-client.yaml b/robot/assets/cmpv2/k8s-mongo-ves-client.yaml
deleted file mode 100644
index 42523993..00000000
--- a/robot/assets/cmpv2/k8s-mongo-ves-client.yaml
+++ /dev/null
@@ -1,37 +0,0 @@
-tosca_definitions_version: cloudify_dsl_1_3
-imports:
- - 'http://www.getcloudify.org/spec/cloudify/4.5.5/types.yaml'
- - 'plugin:k8splugin?version=>=3.4.2,<4.0.0'
-inputs:
- tag_version:
- type: string
- description: Docker image to be used
- default: 'mongo'
- replicas:
- type: integer
- description: Number of instances
- default: 1
- service_component_type:
- type: string
- default: "mongo-ves-client"
- service_component_name_override:
- type: string
- default: "mongo-ves-client"
-node_templates:
- mongo:
- type: dcae.nodes.ContainerizedServiceComponent
- interfaces:
- cloudify.interfaces.lifecycle:
- start:
- inputs:
- envs:
- MONGO_INITDB_ROOT_USERNAME: root
- MONGO_INITDB_ROOT_PASSWORD: zXcVbN123!
- MONGO_INITDB_DATABASE: pnf_simulator
- ports:
- - '27017:0'
- properties:
- service_component_type: { get_input: service_component_type }
- service_component_name_override: { get_input: service_component_name_override }
- image: { get_input: tag_version }
- replicas: { get_input: replicas }
diff --git a/robot/assets/cmpv2/k8s-mongo.yaml b/robot/assets/cmpv2/k8s-mongo.yaml
deleted file mode 100644
index 010eb65c..00000000
--- a/robot/assets/cmpv2/k8s-mongo.yaml
+++ /dev/null
@@ -1,37 +0,0 @@
-tosca_definitions_version: cloudify_dsl_1_3
-imports:
- - 'http://www.getcloudify.org/spec/cloudify/4.5.5/types.yaml'
- - 'plugin:k8splugin?version=>=3.4.2,<4.0.0'
-inputs:
- tag_version:
- type: string
- description: Docker image to be used
- default: 'mongo'
- replicas:
- type: integer
- description: Number of instances
- default: 1
- service_component_type:
- type: string
- default: "mongo"
- service_component_name_override:
- type: string
- default: "mongo"
-node_templates:
- mongo:
- type: dcae.nodes.ContainerizedServiceComponent
- interfaces:
- cloudify.interfaces.lifecycle:
- start:
- inputs:
- envs:
- MONGO_INITDB_ROOT_USERNAME: root
- MONGO_INITDB_ROOT_PASSWORD: zXcVbN123!
- MONGO_INITDB_DATABASE: pnf_simulator
- ports:
- - '27017:0'
- properties:
- service_component_type: { get_input: service_component_type }
- service_component_name_override: { get_input: service_component_name_override }
- image: { get_input: tag_version }
- replicas: { get_input: replicas }
diff --git a/robot/assets/cmpv2/k8s-pnf-simulator.yaml b/robot/assets/cmpv2/k8s-pnf-simulator.yaml
deleted file mode 100644
index 89e838b9..00000000
--- a/robot/assets/cmpv2/k8s-pnf-simulator.yaml
+++ /dev/null
@@ -1,73 +0,0 @@
-tosca_definitions_version: cloudify_dsl_1_3
-imports:
- - 'http://www.getcloudify.org/spec/cloudify/4.5.5/types.yaml'
- - 'plugin:k8splugin?version=>=3.4.2,<4.0.0'
-inputs:
- tag_version:
- type: string
- description: Docker image to be used
- default: 'nexus3.onap.org:10001/onap/org.onap.integration.simulators.pnfsimulator:latest'
- replicas:
- type: integer
- description: Number of instances
- default: 1
- external_cert_cert_type:
- type: string
- description: Output type
- default: 'P12'
- external_cert_ca_name:
- type: string
- description: Name of Certificate Authority configured on CertService side.
- default: 'RA'
- external_cert_common_name:
- type: string
- description: Common name which should be present in certificate.
- default: 'pnf-simulator'
- external_cert_sans:
- type: string
- description: 'List of Subject Alternative Names (SANs) which should be present
- in certificate. Delimiter - , Should contain common_name value and other FQDNs
- under which given component is accessible.'
- default: 'pnf-simulator'
- external_cert_use_external_tls:
- type: boolean
- description: Flag to indicate external tls enable/disable.
- default: true
- service_component_type:
- type: string
- default: "pnf-simulator"
- service_component_name_override:
- type: string
- default: "pnf-simulator"
-node_templates:
- pnf-simulator:
- type: dcae.nodes.ContainerizedServiceComponent
- interfaces:
- cloudify.interfaces.lifecycle:
- start:
- inputs:
- envs:
- STRICT_HOSTNAME_VERIFICATION: 'true'
- ports:
- - '5000:0'
- properties:
- service_component_type: { get_input: service_component_type }
- service_component_name_override: { get_input: service_component_name_override }
- image: { get_input: tag_version }
- replicas: { get_input: replicas }
- always_pull_image: true
- tls_info:
- cert_directory: '/app/store/'
- external_cert:
- external_cert_directory: '/app/store/'
- use_external_tls:
- get_input: external_cert_use_external_tls
- cert_type:
- get_input: external_cert_cert_type
- ca_name:
- get_input: external_cert_ca_name
- external_certificate_parameters:
- common_name:
- get_input: external_cert_common_name
- sans:
- get_input: external_cert_sans
diff --git a/robot/assets/cmpv2/k8s-ves-client.yaml b/robot/assets/cmpv2/k8s-ves-client.yaml
deleted file mode 100644
index cfb5fd53..00000000
--- a/robot/assets/cmpv2/k8s-ves-client.yaml
+++ /dev/null
@@ -1,75 +0,0 @@
-tosca_definitions_version: cloudify_dsl_1_3
-imports:
- - 'http://www.getcloudify.org/spec/cloudify/4.5.5/types.yaml'
- - 'plugin:k8splugin?version=>=3.4.2,<4.0.0'
-inputs:
- tag_version:
- type: string
- description: Docker image to be used
- default: 'nexus3.onap.org:10001/onap/org.onap.integration.nfsimulator.vesclient:latest'
- replicas:
- type: integer
- description: Number of instances
- default: 1
- external_cert_cert_type:
- type: string
- description: Output type
- default: 'P12'
- external_cert_ca_name:
- type: string
- description: Name of Certificate Authority configured on CertService side.
- default: 'RA'
- external_cert_common_name:
- type: string
- description: Common name which should be present in certificate.
- default: 'ves-client'
- external_cert_sans:
- type: string
- description: 'List of Subject Alternative Names (SANs) which should be present
- in certificate. Delimiter - , Should contain common_name value and other FQDNs
- under which given component is accessible.'
- default: 'ves-client'
- external_cert_use_external_tls:
- type: boolean
- description: Flag to indicate external tls enable/disable.
- default: true
- service_component_type:
- type: string
- default: "ves-client"
- service_component_name_override:
- type: string
- default: "ves-client"
-node_templates:
- ves-client:
- type: dcae.nodes.ContainerizedServiceComponent
- interfaces:
- cloudify.interfaces.lifecycle:
- start:
- inputs:
- envs:
- STRICT_HOSTNAME_VERIFICATION: 'true'
- MONGO_HOSTNAME:
- concat: ["mongo-", {get_input: service_component_name_override}]
- ports:
- - '5000:0'
- properties:
- service_component_type: { get_input: service_component_type }
- service_component_name_override: { get_input: service_component_name_override }
- image: { get_input: tag_version }
- replicas: { get_input: replicas }
- always_pull_image: true
- tls_info:
- cert_directory: '/app/store/'
- external_cert:
- external_cert_directory: '/app/store/'
- use_external_tls:
- get_input: external_cert_use_external_tls
- cert_type:
- get_input: external_cert_cert_type
- ca_name:
- get_input: external_cert_ca_name
- external_certificate_parameters:
- common_name:
- get_input: external_cert_common_name
- sans:
- get_input: external_cert_sans
diff --git a/robot/assets/cmpv2/ves_client_values_aaf.yaml b/robot/assets/cmpv2/ves_client_values_aaf.yaml
new file mode 100644
index 00000000..09661297
--- /dev/null
+++ b/robot/assets/cmpv2/ves_client_values_aaf.yaml
@@ -0,0 +1,31 @@
+certMethod: "aaf"
+
+fullnameOverride: "ves-client-aaf"
+secretName: ves-client-secret-aaf
+configMapName: ves-client-configmap-aaf
+certificateName: ves-client-certificate-aaf
+
+config:
+ useCerts: true
+ mongoDbName: ves-client-db-aaf
+
+mongodb:
+ fullnameOverride: "ves-client-db-aaf"
+
+certInitializer:
+ nameOverride: vesclient-cert-initializer-aaf
+
+certificates:
+ name: ves-client-cert-aaf
+ secretName: ves-client-secret-aaf
+ keystores:
+ jks:
+ create: true
+ passwordSecretRef:
+ name: ves-client-secret-aaf
+ key: p12.pass
+ pkcs12:
+ create: true
+ passwordSecretRef:
+ name: ves-client-secret-aaf
+ key: p12.pass
diff --git a/robot/assets/cmpv2/ves_client_values_basic.yaml b/robot/assets/cmpv2/ves_client_values_basic.yaml
new file mode 100644
index 00000000..157136f2
--- /dev/null
+++ b/robot/assets/cmpv2/ves_client_values_basic.yaml
@@ -0,0 +1,14 @@
+fullnameOverride: "ves-client-basic"
+secretName: "ves-client-secret-basic"
+configMapName: "ves-client-configmap-basic"
+certificateName: "ves-client-certificate-basic"
+
+config:
+ useCerts: false
+ mongoDbName: ves-client-db-basic
+
+mongodb:
+ fullnameOverride: "ves-client-db-basic"
+
+certInitializer:
+ nameOverride: vesclient-cert-initializer-basic
diff --git a/robot/assets/cmpv2/ves_client_values_cmpv2.yaml b/robot/assets/cmpv2/ves_client_values_cmpv2.yaml
new file mode 100644
index 00000000..f6eae10e
--- /dev/null
+++ b/robot/assets/cmpv2/ves_client_values_cmpv2.yaml
@@ -0,0 +1,18 @@
+certMethod: "cmpv2"
+
+fullnameOverride: "ves-client-cmpv2"
+nameOverride: "ves-client-cmpv2"
+secretName: ves-client-secret-cmpv2
+configMapName: ves-client-configmap-cmpv2
+certificateName: ves-client-certificate-cmpv2
+
+config:
+ useCerts: true
+ strictHost: true
+ mongoDbName: ves-client-db-cmpv2
+
+mongodb:
+ fullnameOverride: "ves-client-db-cmpv2"
+
+certInitializer:
+ nameOverride: vesclient-cert-initializer-cmpv2
diff --git a/robot/assets/cmpv2/ves_correct_sans_cmpv2.yaml b/robot/assets/cmpv2/ves_correct_sans_cmpv2.yaml
new file mode 100644
index 00000000..4cea2296
--- /dev/null
+++ b/robot/assets/cmpv2/ves_correct_sans_cmpv2.yaml
@@ -0,0 +1,55 @@
+# TLS role -- set to true if microservice acts as server
+# If true, an init container will retrieve a server cert
+# and key from AAF and mount them in certDirectory.
+tlsServer: false
+
+global:
+ centralizedLoggingEnabled: false
+ cmpv2Enabled: true
+ masterPassword: "test"
+
+
+nameOverride: "dcae-ves-cmpv2-cert-corect-sans"
+fullnameOverride: "dcae-ves-cmpv2-cert-corect-sans"
+
+
+# CMPv2 certificate
+# It is used only when:
+# - certDirectory is set
+# - global cmpv2Enabled flag is set to true
+# - flag useCmpv2Certificates is set to true
+# Disabled by default
+useCmpv2Certificates: true
+certificates:
+ - mountPath: /opt/app/dcae-certificate/external
+ commonName: dcae-ves-collector-cmpv2-cert
+ dnsNames:
+ - dcae-ves-collector-cmpv2-cert
+ - ves-collector-cmpv2-cert
+ - ves-cmpv2-cert
+ keystore:
+ outputType:
+ - jks
+ passwordSecretRef:
+ name: ves-cmpv2-keystore-password
+ key: password
+ create: true
+
+# service configuration
+service:
+ type: NodePort
+ name: dcae-ves-collector-cmpv2-cert
+ ports:
+ - name: http
+ port: 8443
+ plain_port: 8080
+ port_protocol: http
+ nodePort: 18
+ useNodePortExt: true
+
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: dcae-ves-cmpv2-cert-corect-sans
+ roles:
+ - read
diff --git a/robot/assets/cmpv2/ves_wrong_sans_cmpv2.yaml b/robot/assets/cmpv2/ves_wrong_sans_cmpv2.yaml
new file mode 100644
index 00000000..db86b581
--- /dev/null
+++ b/robot/assets/cmpv2/ves_wrong_sans_cmpv2.yaml
@@ -0,0 +1,53 @@
+# TLS role -- set to true if microservice acts as server
+# If true, an init container will retrieve a server cert
+# and key from AAF and mount them in certDirectory.
+tlsServer: false
+
+global:
+ centralizedLoggingEnabled: false
+ cmpv2Enabled: true
+ masterPassword: "test"
+
+
+nameOverride: "dcae-ves-cmpv2-cert-wrong-sans"
+fullnameOverride: "dcae-ves-cmpv2-cert-wrong-sans"
+
+
+# CMPv2 certificate
+# It is used only when:
+# - certDirectory is set
+# - global flag is set to true
+# - flag useCmpv2Certificates is set to true
+# Disabled by default
+useCmpv2Certificates: true
+certificates:
+ - mountPath: /opt/app/dcae-certificate/external
+ commonName: wrong-sans
+ dnsNames:
+ - wrong-sans
+ keystore:
+ outputType:
+ - jks
+ passwordSecretRef:
+ name: ves-cmpv2-keystore-password-wrong-sans
+ key: password
+ create: true
+
+# service configuration
+service:
+ type: NodePort
+ name: dcae-ves-collector-cmpv2-cert-wrong-sans
+ ports:
+ - name: http
+ port: 8443
+ plain_port: 8080
+ port_protocol: http
+ nodePort: 19
+ useNodePortExt: true
+
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: dcae-ves-cmpv2-cert-wrong-sans
+ roles:
+ - read