diff --git a/helm/capif/charts/fluentbit/values.yaml b/helm/capif/charts/fluentbit/values.yaml index 49aa7e72bfcc9469d20697160fd2653421eae435..cd9ae42a094f39f4b2af4c7201256f472855480f 100644 --- a/helm/capif/charts/fluentbit/values.yaml +++ b/helm/capif/charts/fluentbit/values.yaml @@ -64,17 +64,17 @@ ingress: # hosts: # - chart-example.local -resources: {} +resources: # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 1m + memory: 1Mi livenessProbe: tcpSocket: diff --git a/helm/capif/charts/grafana/templates/deployment.yaml b/helm/capif/charts/grafana/templates/deployment.yaml index d74241f8fd2bdfc89810f4a2f9e64ac7e3a4e636..c2e1a6e3066b253f669fe8257ab404d2d2d3a8a1 100644 --- a/helm/capif/charts/grafana/templates/deployment.yaml +++ b/helm/capif/charts/grafana/templates/deployment.yaml @@ -36,6 +36,8 @@ spec: value: {{ quote .Values.env.gfSecurityAllowEmbedding }} - name: GF_PATHS_PROVISIONING value: /etc/grafana/provisioning + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.pullPolicy }} name: {{ .Chart.Name }} diff --git a/helm/capif/charts/grafana/templates/pvc.yaml b/helm/capif/charts/grafana/templates/pvc.yaml index 7aa2b7225959833fd97079735a064a7deb022039..b6be2b4fda454a8b632e360ef1a4eff93ee1df4e 100644 --- a/helm/capif/charts/grafana/templates/pvc.yaml +++ b/helm/capif/charts/grafana/templates/pvc.yaml @@ -8,8 +8,7 @@ metadata: name: grafana-claim0 spec: storageClassName: {{ .Values.persistence.storageClass }} - accessModes: - - ReadWriteMany + accessModes: {{ .Values.persistence.accessModes }} resources: requests: storage: {{ .Values.persistence.storage }} diff --git a/helm/capif/charts/grafana/values.yaml b/helm/capif/charts/grafana/values.yaml index 8391800203a7f201b02594510981765701519502..5cae1de46db2f3cdb2b636f35c6549e995f79282 100644 --- a/helm/capif/charts/grafana/values.yaml +++ b/helm/capif/charts/grafana/values.yaml @@ -52,6 +52,8 @@ persistence: enable: true storage: 10Gi storageClass: nfs-01 + accessModes: + - ReadWriteMany service: type: ClusterIP @@ -73,17 +75,17 @@ ingress: # hosts: # - chart-example.local -resources: {} +resources: # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 1m + memory: 1Mi autoscaling: enabled: false diff --git a/helm/capif/charts/loki/templates/pvc.yaml b/helm/capif/charts/loki/templates/pvc.yaml index c6594b23557d2446b1a86928b18485a7ceba704f..028cbe6fe5e50c56ce1d5fb8e352703a5ea78e76 100644 --- a/helm/capif/charts/loki/templates/pvc.yaml +++ b/helm/capif/charts/loki/templates/pvc.yaml @@ -7,8 +7,7 @@ metadata: name: loki-claim0 spec: storageClassName: {{ .Values.persistence.storageClass }} - accessModes: - - ReadWriteMany + accessModes: {{ .Values.persistence.accessModes }} resources: requests: storage: {{ .Values.persistence.storage }} diff --git a/helm/capif/charts/loki/values.yaml b/helm/capif/charts/loki/values.yaml index 444311d2f1cb8c0de407ef19acb60b3ad2a86fa0..b7bbadc4f904a930cfbfa1aa651273a85022975c 100644 --- a/helm/capif/charts/loki/values.yaml +++ b/helm/capif/charts/loki/values.yaml @@ -45,6 +45,8 @@ persistence: enable: true storage: 100Mi storageClass: nfs-01 + accessModes: + - ReadWriteMany service: type: ClusterIP @@ -66,17 +68,17 @@ ingress: # hosts: # - chart-example.local -resources: {} +resources: # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 1m + memory: 1Mi livenessProbe: tcpSocket: diff --git a/helm/capif/charts/mock-server/values.yaml b/helm/capif/charts/mock-server/values.yaml index a34433aa97c060faddc1e412f8d93c791b3bdf75..058c7fe3ff49c3ecebbb381e46783a37bdb9262b 100644 --- a/helm/capif/charts/mock-server/values.yaml +++ b/helm/capif/charts/mock-server/values.yaml @@ -64,17 +64,17 @@ ingress: # hosts: # - chart-example.local -resources: {} +resources: # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 1m + memory: 1Mi livenessProbe: tcpSocket: diff --git a/helm/capif/charts/mongo-express/values.yaml b/helm/capif/charts/mongo-express/values.yaml index 36f3a8bdc3c1a4d6a8061b8d8f4fc150a34c2f73..76ce47e99026f1986269aa1cf02004770c015612 100644 --- a/helm/capif/charts/mongo-express/values.yaml +++ b/helm/capif/charts/mongo-express/values.yaml @@ -72,11 +72,11 @@ resources: # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: - cpu: 100m - memory: 128Mi + cpu: 200m + memory: 256Mi requests: - cpu: 100m - memory: 128Mi + cpu: 1m + memory: 1Mi livenessProbe: # httpGet: diff --git a/helm/capif/charts/mongo-register-express/values.yaml b/helm/capif/charts/mongo-register-express/values.yaml index dd225f5d39888dc1c3281da4584f9f211452a68b..f174fbd5bb1e0cfd16489b55375ea075116cc959 100644 --- a/helm/capif/charts/mongo-register-express/values.yaml +++ b/helm/capif/charts/mongo-register-express/values.yaml @@ -73,11 +73,11 @@ resources: # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: - cpu: 100m - memory: 128Mi + cpu: 200m + memory: 256Mi requests: - cpu: 100m - memory: 128Mi + cpu: 1m + memory: 1Mi livenessProbe: # httpGet: diff --git a/helm/capif/charts/mongo-register/templates/pvc.yaml b/helm/capif/charts/mongo-register/templates/pvc.yaml index 13f17337ddd201d860557b3005ec7804cfbd3fdc..b3477fd3a044decf02b585f420d1cc77d23a8d94 100644 --- a/helm/capif/charts/mongo-register/templates/pvc.yaml +++ b/helm/capif/charts/mongo-register/templates/pvc.yaml @@ -6,8 +6,7 @@ metadata: name: mongo-register-pvc spec: storageClassName: {{ .Values.persistence.storageClass }} - accessModes: - - ReadWriteMany + accessModes: {{ .Values.persistence.accessModes }} resources: requests: storage: {{ .Values.persistence.storage }} \ No newline at end of file diff --git a/helm/capif/charts/mongo-register/values.yaml b/helm/capif/charts/mongo-register/values.yaml index dcb783f18c8e5a9a8659d98784528f7c15fd6043..d52301d421fa286f98a7265b1cfdb72defe4052f 100644 --- a/helm/capif/charts/mongo-register/values.yaml +++ b/helm/capif/charts/mongo-register/values.yaml @@ -63,17 +63,17 @@ ingress: # hosts: # - chart-example.local -resources: {} +resources: # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 1m + memory: 1Mi livenessProbe: # httpGet: @@ -94,6 +94,8 @@ autoscaling: persistence: storage: 8Gi storageClass: nfs-01 + accessModes: + - ReadWriteMany # Additional volumes on the output Deployment definition. volumes: diff --git a/helm/capif/charts/mongo/templates/pvc.yaml b/helm/capif/charts/mongo/templates/pvc.yaml index c0ceafd7e06ed2ea6cdee2596923eebaa79bfdba..876d9e3b6e22f617a4fa69288816364a8ec8ae96 100644 --- a/helm/capif/charts/mongo/templates/pvc.yaml +++ b/helm/capif/charts/mongo/templates/pvc.yaml @@ -6,8 +6,7 @@ metadata: name: mongo-pvc spec: storageClassName: {{ .Values.persistence.storageClass }} - accessModes: - - ReadWriteMany + accessModes: {{ .Values.persistence.accessModes }} resources: requests: storage: {{ .Values.persistence.storage }} \ No newline at end of file diff --git a/helm/capif/charts/mongo/values.yaml b/helm/capif/charts/mongo/values.yaml index 38e4b9b9846ca5c27bb74899c3113a77a6b804dc..6e15c566a7b192b7aae0841b09aca850bef09027 100644 --- a/helm/capif/charts/mongo/values.yaml +++ b/helm/capif/charts/mongo/values.yaml @@ -63,17 +63,17 @@ ingress: # hosts: # - chart-example.local -resources: {} +resources: # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 1m + memory: 1Mi livenessProbe: tcpSocket: @@ -97,6 +97,8 @@ autoscaling: persistence: storage: 8Gi storageClass: nfs-01 + accessModes: + - ReadWriteMany # Additional volumes on the output Deployment definition. volumes: diff --git a/helm/capif/charts/nginx/values.yaml b/helm/capif/charts/nginx/values.yaml index db0541e9b82c3cf135ece746b3815f84cb6c9b25..43e1d05be3f87f6322acd1b1b7ceb88ff6b1e11a 100644 --- a/helm/capif/charts/nginx/values.yaml +++ b/helm/capif/charts/nginx/values.yaml @@ -80,11 +80,11 @@ resources: # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: - cpu: 100m - memory: 128Mi + cpu: 200m + memory: 256Mi requests: - cpu: 100m - memory: 128Mi + cpu: 1m + memory: 1Mi livenessProbe: tcpSocket: diff --git a/helm/capif/charts/ocf-access-control-policy/values.yaml b/helm/capif/charts/ocf-access-control-policy/values.yaml index 9184d264b10da5022f4ce435f902c50c64522e0c..1f2ce41ca3f577cdbc3e131574c0df670a501ed6 100644 --- a/helm/capif/charts/ocf-access-control-policy/values.yaml +++ b/helm/capif/charts/ocf-access-control-policy/values.yaml @@ -70,11 +70,11 @@ resources: # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: - cpu: 100m - memory: 128Mi + cpu: 200m + memory: 256Mi requests: - cpu: 100m - memory: 128Mi + cpu: 1m + memory: 1Mi livenessProbe: # httpGet: diff --git a/helm/capif/charts/ocf-api-invocation-logs/values.yaml b/helm/capif/charts/ocf-api-invocation-logs/values.yaml index dc63d4b53ae11261428458a7926bf39fbf14815b..756ccbf82d76b4e755cc45ca7e9494eb380f7e8c 100644 --- a/helm/capif/charts/ocf-api-invocation-logs/values.yaml +++ b/helm/capif/charts/ocf-api-invocation-logs/values.yaml @@ -75,11 +75,11 @@ resources: # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: - cpu: 100m - memory: 128Mi + cpu: 200m + memory: 256Mi requests: - cpu: 100m - memory: 128Mi + cpu: 1m + memory: 1Mi livenessProbe: # httpGet: diff --git a/helm/capif/charts/ocf-api-invoker-management/values.yaml b/helm/capif/charts/ocf-api-invoker-management/values.yaml index e832c7d4ed28cd21113a6f367e2c9cbcfeb3af03..4b19037c56ec6d37f26be431d5d12f467613942e 100644 --- a/helm/capif/charts/ocf-api-invoker-management/values.yaml +++ b/helm/capif/charts/ocf-api-invoker-management/values.yaml @@ -77,11 +77,11 @@ resources: # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: - cpu: 100m - memory: 128Mi + cpu: 200m + memory: 256Mi requests: - cpu: 100m - memory: 128Mi + cpu: 1m + memory: 1Mi livenessProbe: # httpGet: diff --git a/helm/capif/charts/ocf-api-provider-management/values.yaml b/helm/capif/charts/ocf-api-provider-management/values.yaml index 547bb05431771b6e9a3668f7b133119781e8b4a7..18225264c8e6834eb437f67cc293fa428107e240 100644 --- a/helm/capif/charts/ocf-api-provider-management/values.yaml +++ b/helm/capif/charts/ocf-api-provider-management/values.yaml @@ -77,11 +77,11 @@ resources: # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: - cpu: 100m - memory: 128Mi + cpu: 200m + memory: 256Mi requests: - cpu: 100m - memory: 128Mi + cpu: 1m + memory: 1Mi livenessProbe: # httpGet: diff --git a/helm/capif/charts/ocf-auditing-api-logs/values.yaml b/helm/capif/charts/ocf-auditing-api-logs/values.yaml index 859ba129d567caf4b1ca047d05e531a9bcddf3ea..2c0231e6e6f7518ee12f0051951a688fe01a2935 100644 --- a/helm/capif/charts/ocf-auditing-api-logs/values.yaml +++ b/helm/capif/charts/ocf-auditing-api-logs/values.yaml @@ -71,11 +71,11 @@ resources: # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: - cpu: 100m - memory: 128Mi + cpu: 200m + memory: 256Mi requests: - cpu: 100m - memory: 128Mi + cpu: 1m + memory: 1Mi livenessProbe: # httpGet: diff --git a/helm/capif/charts/ocf-discover-service-api/values.yaml b/helm/capif/charts/ocf-discover-service-api/values.yaml index 6aa8e611bff38c395604f22d17b730663905b8a6..1d1c5d6e9d292121c3c352264da149eecde58f8a 100644 --- a/helm/capif/charts/ocf-discover-service-api/values.yaml +++ b/helm/capif/charts/ocf-discover-service-api/values.yaml @@ -71,11 +71,11 @@ resources: # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: - cpu: 100m - memory: 128Mi + cpu: 200m + memory: 256Mi requests: - cpu: 100m - memory: 128Mi + cpu: 1m + memory: 1Mi livenessProbe: # httpGet: diff --git a/helm/capif/charts/ocf-events/values.yaml b/helm/capif/charts/ocf-events/values.yaml index b3ca6b0cdef9cf244e733e986365e0b7853b0334..9fb7b06d605f6af3a5556c2f890f6df9e8ffd3e0 100644 --- a/helm/capif/charts/ocf-events/values.yaml +++ b/helm/capif/charts/ocf-events/values.yaml @@ -71,11 +71,11 @@ resources: # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: - cpu: 100m - memory: 128Mi + cpu: 200m + memory: 256Mi requests: - cpu: 100m - memory: 128Mi + cpu: 1m + memory: 1Mi livenessProbe: # httpGet: diff --git a/helm/capif/charts/ocf-helper/values.yaml b/helm/capif/charts/ocf-helper/values.yaml index f9e35bdb8134283ce065ef657e496f6d1c0336e2..8a30745c82ac8b1e9a5e74eeccf98acaca4d758d 100644 --- a/helm/capif/charts/ocf-helper/values.yaml +++ b/helm/capif/charts/ocf-helper/values.yaml @@ -72,17 +72,17 @@ ingress: # hosts: # - chart-example.local -resources: {} +resources: # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 1m + memory: 1Mi livenessProbe: tcpSocket: diff --git a/helm/capif/charts/ocf-publish-service-api/values.yaml b/helm/capif/charts/ocf-publish-service-api/values.yaml index ac32a9800a93bbb7cbf2a2125cf2b6668608805d..0e243db2f0090d1736f96f62ef86f52ba71ad092 100644 --- a/helm/capif/charts/ocf-publish-service-api/values.yaml +++ b/helm/capif/charts/ocf-publish-service-api/values.yaml @@ -71,11 +71,11 @@ resources: # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: - cpu: 100m - memory: 128Mi + cpu: 200m + memory: 256Mi requests: - cpu: 100m - memory: 128Mi + cpu: 1m + memory: 1Mi livenessProbe: # httpGet: diff --git a/helm/capif/charts/ocf-register/values.yaml b/helm/capif/charts/ocf-register/values.yaml index ffa5d501634a76eb02d80a6b4702b2d544f90c23..71b49d93a36fa46f8e6e110b5d2fbd25a10aa1e8 100644 --- a/helm/capif/charts/ocf-register/values.yaml +++ b/helm/capif/charts/ocf-register/values.yaml @@ -82,11 +82,11 @@ resources: # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: - cpu: 100m - memory: 128Mi + cpu: 200m + memory: 256Mi requests: - cpu: 100m - memory: 128Mi + cpu: 1m + memory: 1Mi livenessProbe: # httpGet: diff --git a/helm/capif/charts/ocf-routing-info/values.yaml b/helm/capif/charts/ocf-routing-info/values.yaml index d6c6a3d63c48e8d517347f2c1df70704b218ee56..b92b884fcb9f44736452dd3c5aceca4f14f2b7a3 100644 --- a/helm/capif/charts/ocf-routing-info/values.yaml +++ b/helm/capif/charts/ocf-routing-info/values.yaml @@ -69,11 +69,11 @@ resources: # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: - cpu: 100m - memory: 128Mi + cpu: 200m + memory: 256Mi requests: - cpu: 100m - memory: 128Mi + cpu: 1m + memory: 1Mi livenessProbe: # httpGet: diff --git a/helm/capif/charts/ocf-security/values.yaml b/helm/capif/charts/ocf-security/values.yaml index 2be42885aacd8679b17ab198c6affe89c727f485..cdccc7027d0f8e7a94568972040e05d749241a74 100644 --- a/helm/capif/charts/ocf-security/values.yaml +++ b/helm/capif/charts/ocf-security/values.yaml @@ -75,11 +75,11 @@ resources: # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: - cpu: 100m - memory: 128Mi + cpu: 200m + memory: 256Mi requests: - cpu: 100m - memory: 128Mi + cpu: 1m + memory: 1Mi livenessProbe: # httpGet: diff --git a/helm/capif/charts/otelcollector/values.yaml b/helm/capif/charts/otelcollector/values.yaml index cd541af17d7143ab1c8fb43e64ad9706db2994b3..e7e0e5feb99fe5709d8f3323085afb1a78a92df0 100644 --- a/helm/capif/charts/otelcollector/values.yaml +++ b/helm/capif/charts/otelcollector/values.yaml @@ -69,17 +69,17 @@ ingress: # hosts: # - chart-example.local -resources: {} +resources: # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 1m + memory: 1Mi livenessProbe: # httpGet: diff --git a/helm/capif/charts/redis/values.yaml b/helm/capif/charts/redis/values.yaml index 4011e979c05c3f79c20173c51e527da53a69cb3f..ba9a6d29fb26796d98747a712d46edba1a09899e 100644 --- a/helm/capif/charts/redis/values.yaml +++ b/helm/capif/charts/redis/values.yaml @@ -68,11 +68,11 @@ resources: # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: - cpu: 100m - memory: 128Mi + cpu: 200m + memory: 256Mi requests: - cpu: 100m - memory: 128Mi + cpu: 1m + memory: 1Mi livenessProbe: tcpSocket: diff --git a/helm/capif/charts/renderer/values.yaml b/helm/capif/charts/renderer/values.yaml index 7696150a7fd3cfd46af58e6a1e19d13f32f14867..1270291d048d98eb093ead40313e0b096bc8bd4d 100644 --- a/helm/capif/charts/renderer/values.yaml +++ b/helm/capif/charts/renderer/values.yaml @@ -64,17 +64,17 @@ ingress: # hosts: # - chart-example.local -resources: {} +resources: # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 1m + memory: 1Mi livenessProbe: httpGet: diff --git a/helm/monitoring-stack/charts/grafana/values.yaml b/helm/monitoring-stack/charts/grafana/values.yaml index 5b519b9a4965a2fecc341e5777a74de66427cebd..5c54eed483271a8c6e20d2d0c25ee7d98514ca2d 100644 --- a/helm/monitoring-stack/charts/grafana/values.yaml +++ b/helm/monitoring-stack/charts/grafana/values.yaml @@ -70,17 +70,17 @@ ingress: # hosts: # - chart-example.local -resources: {} +resources: # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 1m + memory: 1Mi autoscaling: enabled: false diff --git a/helm/monitoring-stack/charts/prometheus/templates/pvc.yaml b/helm/monitoring-stack/charts/prometheus/templates/pvc.yaml index d9c2dbeb410e3123fee320347204800bfa51d57c..43ee6ec30f11f9877086781400c4111fe45e8c7a 100644 --- a/helm/monitoring-stack/charts/prometheus/templates/pvc.yaml +++ b/helm/monitoring-stack/charts/prometheus/templates/pvc.yaml @@ -6,8 +6,7 @@ metadata: labels: {{- include "prometheus.labels" . | nindent 4 }} spec: - accessModes: - - ReadWriteOnce + accessModes: {{ .Values.persistence.accessModes }} resources: requests: storage: {{ .Values.persistence.storage }} diff --git a/helm/monitoring-stack/charts/prometheus/values.yaml b/helm/monitoring-stack/charts/prometheus/values.yaml index 1083bd81fc3b5e4089640a0dade73ea413b35acc..9d35e8989851c41c5d94af9c1e94583853c06e7e 100644 --- a/helm/monitoring-stack/charts/prometheus/values.yaml +++ b/helm/monitoring-stack/charts/prometheus/values.yaml @@ -43,6 +43,8 @@ securityContext: {} persistence: enable: false storage: 10Gi + accessModes: + - ReadWriteMany service: type: NodePort @@ -66,17 +68,17 @@ ingress: # hosts: # - chart-example.local -resources: {} +resources: # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 1m + memory: 1Mi autoscaling: enabled: false diff --git a/helm/monitoring-stack/charts/skooner/values.yaml b/helm/monitoring-stack/charts/skooner/values.yaml index ad511bf2892905f586a1a446ce118455167d0cc6..ea8b353f943c183ff2a87899097dc8d8146cd184 100644 --- a/helm/monitoring-stack/charts/skooner/values.yaml +++ b/helm/monitoring-stack/charts/skooner/values.yaml @@ -58,17 +58,17 @@ ingress: # hosts: # - chart-example.local -resources: {} +resources: # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 1m + memory: 1Mi autoscaling: enabled: false diff --git a/helm/scripts/create_remote_users.sh b/helm/scripts/create_remote_users.sh index 909fffdd36ae9e45f614cc668220395a96cdbafd..153ea33307b6c4f112cfcba579a6efb42ec1d0cc 100755 --- a/helm/scripts/create_remote_users.sh +++ b/helm/scripts/create_remote_users.sh @@ -56,7 +56,7 @@ then fi # Other Stuff -DOCKER_ROBOT_IMAGE=labs.etsi.org:5050/ocf/robot-tests-image +DOCKER_ROBOT_IMAGE=labs.etsi.org:5050/ocf/capif/robot-tests-image DOCKER_ROBOT_IMAGE_VERSION=1.0 TEST_FOLDER=$CAPIF_BASE_DIR/tests @@ -98,6 +98,7 @@ then exit -1 fi +docker pull $DOCKER_ROBOT_IMAGE:$DOCKER_ROBOT_IMAGE_VERSION || echo "Docker image ($DOCKER_ROBOT_IMAGE:$DOCKER_ROBOT_IMAGE_VERSION) not present on repository" docker images|grep -Eq '^'$DOCKER_ROBOT_IMAGE'[ ]+[ ]'$DOCKER_ROBOT_IMAGE_VERSION'' if [[ $? -ne 0 ]] then diff --git a/helm/scripts/get_ingress.sh b/helm/scripts/get_ingress.sh index eaed4e9b9c8e4c19be6df834da57b02e825e09d4..53b79c31c8e4de8db3c318809549330492d1b058 100755 --- a/helm/scripts/get_ingress.sh +++ b/helm/scripts/get_ingress.sh @@ -46,9 +46,14 @@ done if [[ -n "$NAMESPACE" && -n "$IP" ]] then echo "IP: $IP and namespace: $NAMESPACE" +elif [[ -n "$NAMESPACE" ]]; then + if [[ -n "$K8S_IP" ]]; then + IP=$K8S_IP + echo "Using K8S_IP found. IP: $IP and namespace: $NAMESPACE" + fi else - echo "IP ($IP) and NAMESPACE ($NAMESPACE) must be set" - exit -1 + echo "IP ($IP) and NAMESPACE ($NAMESPACE) must be set" + exit -1 fi diff --git a/helm/scripts/install_capif.sh b/helm/scripts/install_capif.sh index bbf4b425e0909bee074a4006f65cfc60a092b490..791b97667ac88167ef2aa9773f2699daf8d7d686 100755 --- a/helm/scripts/install_capif.sh +++ b/helm/scripts/install_capif.sh @@ -1,6 +1,8 @@ #!/bin/bash source $(dirname "$(readlink -f "$0")")/variables.sh +helm repo add grafana https://grafana.github.io/helm-charts + ### download dependencies helm $KUBECONFIG dependency build $HELM_DIR/capif/ @@ -15,9 +17,14 @@ helm $KUBECONFIG upgrade --install -n $CAPIF_NAMESPACE $CAPIF_NAME_VERSION_CHART --set grafana.ingress.hosts[0].paths[0].pathType="Prefix" \ --set grafana.env.prometheusUrl=$PROMETHEUS_URL \ --set grafana.env.tempoUrl="http://$CAPIF_NAME_VERSION_CHART-tempo:3100" \ +--set grafana.persistence.storageClass=$CAPIF_STORAGE_CLASS \ +--set grafana.persistence.storage=$CAPIF_GRAFANA_STORAGE_SIZE \ --set fluentbit.enabled=true \ --set loki.enabled=true \ +--set loki.persistence.storageClass=$CAPIF_STORAGE_CLASS \ +--set loki.persistence.storage=$CAPIF_LOKI_STORAGE_SIZE \ --set tempo.tempo.metricsGenerator.remoteWriteUrl=$PROMETHEUS_URL/api/v1/write \ +--set tempo.persistence.size=$CAPIF_TEMPO_STORAGE_SIZE \ --set otelcollector.enabled=true \ --set otelcollector.configMap.tempoEndpoint=$CAPIF_NAME_VERSION_CHART-tempo:4317 \ --set ocf-access-control-policy.image.repository=$CAPIF_DOCKER_REGISTRY/ocf-access-control-policy-api \ @@ -116,14 +123,20 @@ helm $KUBECONFIG upgrade --install -n $CAPIF_NAMESPACE $CAPIF_NAME_VERSION_CHART --set mock-server.ingress.hosts[0].paths[0].path="/" \ --set mock-server.ingress.hosts[0].paths[0].pathType="Prefix" \ --set mock-server.env.logLevel="DEBUG" \ +--set mongo-register.persistence.storageClass=$CAPIF_STORAGE_CLASS \ +--set mongo-register.persistence.storage=$CAPIF_MONGO_REGISTER_STORAGE_SIZE \ +--set mongo-register.extraFlags[0]="--repair" \ --set mongo-register-express.enabled=true \ --set mongo-register-express.ingress.enabled=true \ --set mongo-register-express.ingress.hosts[0].host="mongo-express-register-$CAPIF_CI_ENV_ENDPOINT.$CAPIF_DOMAIN" \ --set mongo-register-express.ingress.hosts[0].paths[0].path="/" \ --set mongo-register-express.ingress.hosts[0].paths[0].pathType="Prefix" \ +--set mongo.persistence.storageClass=$CAPIF_STORAGE_CLASS \ +--set mongo.persistence.storage=$CAPIF_MONGO_STORAGE_SIZE \ +--set mongo.extraFlags[0]="--repair" \ --set mongo-express.enabled=true \ --set mongo-express.ingress.enabled=true \ --set mongo-express.ingress.hosts[0].host="mongo-express-$CAPIF_CI_ENV_ENDPOINT.$CAPIF_DOMAIN" \ --set mongo-express.ingress.hosts[0].paths[0].path="/" \ --set mongo-express.ingress.hosts[0].paths[0].pathType="Prefix" \ ---wait --timeout=10m --create-namespace --atomic +--wait --timeout=10m --create-namespace --atomic $CAPIF_RESOURCES_RESERVE $CAPIF_STORAGE_ACCESS_MODE $CAPIF_RUN_AS_USER_CONFIG diff --git a/helm/scripts/install_monitoring.sh b/helm/scripts/install_monitoring.sh index f881f0a1a971631f0d0bb210a2b3b3b2772c55da..9d6a00f370ad1fb9a02047365e2d45d221e68e92 100755 --- a/helm/scripts/install_monitoring.sh +++ b/helm/scripts/install_monitoring.sh @@ -2,6 +2,7 @@ source $(dirname "$(readlink -f "$0")")/variables.sh helm repo add bitnami https://charts.bitnami.com/bitnami +helm repo add grafana https://grafana.github.io/helm-charts helm $KUBECONFIG dependency build $HELM_DIR/monitoring-stack/ @@ -13,5 +14,6 @@ helm $KUBECONFIG upgrade --install -n $MONITORING_NAMESPACE $MONITORING_SERVICE_ --set prometheus.ingress.hosts[0].host=$PROMETHEUS_HOSTNAME \ --set prometheus.ingress.hosts[0].paths[0].path="/" \ --set prometheus.ingress.hosts[0].paths[0].pathType="Prefix" \ +--set skooner.enabled=$MONITORING_SNOOKER_ENABLED \ --wait --timeout=10m --create-namespace --atomic diff --git a/helm/scripts/install_vault.sh b/helm/scripts/install_vault.sh index c06e560a9609bfc6a5333cbe3d1008cbe710bf20..971d520044b8ace5428fa19172b0b3e865099959 100755 --- a/helm/scripts/install_vault.sh +++ b/helm/scripts/install_vault.sh @@ -37,6 +37,8 @@ helm $KUBECONFIG repo add hashicorp https://helm.releases.hashicorp.com helm $KUBECONFIG upgrade --install vault hashicorp/vault -n $VAULT_NAMESPACE --set server.ingress.enabled=true \ --set server.ingress.hosts[0].host="$VAULT_HOSTNAME" \ --set server.ingress.ingressClassName=nginx \ +--set server.dataStorage.storageClass=$VAULT_STORAGE_CLASS \ +--set server.dataStorage.size=$VAULT_STORAGE_SIZE \ --set server.standalone.enabled=true --create-namespace # Loop to wait until the service is in "Running" state and has 0/1 ready replicas @@ -66,7 +68,7 @@ echo "Init vault" kubectl $KUBECONFIG exec -ti vault-0 -n $VAULT_NAMESPACE -- vault operator init -key-shares=1 -key-threshold=1 > $VAULT_FILE # Remove control characters -cat $VAULT_FILE | sed -r 's/\x1B\[[0-9;]*[JKmsu]//g' | sed -e 's/[^[:print:]\t\n]//g' > $VAULT_FILE.tmp +cat $VAULT_FILE | ${SED_CMD} -r 's/\x1B\[[0-9;]*[JKmsu]//g' | ${SED_CMD} -e 's/[^[:print:]\t\n]//g' > $VAULT_FILE.tmp mv $VAULT_FILE.tmp $VAULT_FILE # get UNSEAL Key and TOKEN @@ -97,11 +99,11 @@ while true; do fi done -sed -i "s/namespace:.*/namespace: $VAULT_NAMESPACE/g" $HELM_DIR/vault-job/vault-job.yaml -sed -i "s/VAULT_TOKEN=.*/VAULT_TOKEN=$VAULT_TOKEN/g" $HELM_DIR/vault-job/vault-job.yaml -sed -i "s/DOMAIN1=.*/DOMAIN1=$DOMAIN1/g" $HELM_DIR/vault-job/vault-job.yaml -sed -i "s/DOMAIN2=.*/DOMAIN2=$DOMAIN2/g" $HELM_DIR/vault-job/vault-job.yaml -sed -i "s/DOMAIN3=.*/DOMAIN3=$DOMAIN3/g" $HELM_DIR/vault-job/vault-job.yaml +${SED_CMD} -i "s/namespace:.*/namespace: $VAULT_NAMESPACE/g" $HELM_DIR/vault-job/vault-job.yaml +${SED_CMD} -i "s/VAULT_TOKEN=.*/VAULT_TOKEN=$VAULT_TOKEN/g" $HELM_DIR/vault-job/vault-job.yaml +${SED_CMD} -i "s/DOMAIN1=.*/DOMAIN1=$DOMAIN1/g" $HELM_DIR/vault-job/vault-job.yaml +${SED_CMD} -i "s/DOMAIN2=.*/DOMAIN2=$DOMAIN2/g" $HELM_DIR/vault-job/vault-job.yaml +${SED_CMD} -i "s/DOMAIN3=.*/DOMAIN3=$DOMAIN3/g" $HELM_DIR/vault-job/vault-job.yaml kubectl $KUBECONFIG delete job $VAULT_JOB_NAME -n $VAULT_NAMESPACE || echo "No vault job present" kubectl $KUBECONFIG -n $VAULT_NAMESPACE apply -f $HELM_DIR/vault-job/ diff --git a/helm/scripts/populate_create_remote_dummy_users.sh b/helm/scripts/populate_create_remote_dummy_users.sh index d2e137dbf5f15e3135b129699d0487be8888598f..1dc89b172b326eb3f83a59c3ec0a9be3b3e86a54 100755 --- a/helm/scripts/populate_create_remote_dummy_users.sh +++ b/helm/scripts/populate_create_remote_dummy_users.sh @@ -37,7 +37,7 @@ while getopts ":p:i:h" opt; do done # Other Stuff -DOCKER_ROBOT_IMAGE=labs.etsi.org:5050/ocf/robot-tests-image +DOCKER_ROBOT_IMAGE=labs.etsi.org:5050/ocf/capif/robot-tests-image DOCKER_ROBOT_IMAGE_VERSION=1.0 TEST_FOLDER=$CAPIF_BASE_DIR/tests @@ -80,6 +80,7 @@ then exit -1 fi +docker pull $DOCKER_ROBOT_IMAGE:$DOCKER_ROBOT_IMAGE_VERSION || echo "Docker image ($DOCKER_ROBOT_IMAGE:$DOCKER_ROBOT_IMAGE_VERSION) not present on repository" docker images|grep -Eq '^'$DOCKER_ROBOT_IMAGE'[ ]+[ ]'$DOCKER_ROBOT_IMAGE_VERSION'' if [[ $? -ne 0 ]] then diff --git a/helm/scripts/populate_remove_remote_dummy_users.sh b/helm/scripts/populate_remove_remote_dummy_users.sh index 1a22319317c9a2ed343937fa66fb59cb624b2790..3bcde327dc48da5d6f8d74cc904f593a47b9dc10 100755 --- a/helm/scripts/populate_remove_remote_dummy_users.sh +++ b/helm/scripts/populate_remove_remote_dummy_users.sh @@ -26,7 +26,7 @@ while getopts ":h" opt; do done # Other Stuff -DOCKER_ROBOT_IMAGE=labs.etsi.org:5050/ocf/robot-tests-image +DOCKER_ROBOT_IMAGE=labs.etsi.org:5050/ocf/capif/robot-tests-image DOCKER_ROBOT_IMAGE_VERSION=1.0 TEST_FOLDER=$CAPIF_BASE_DIR/tests @@ -69,6 +69,7 @@ then exit -1 fi +docker pull $DOCKER_ROBOT_IMAGE:$DOCKER_ROBOT_IMAGE_VERSION || echo "Docker image ($DOCKER_ROBOT_IMAGE:$DOCKER_ROBOT_IMAGE_VERSION) not present on repository" docker images|grep -Eq '^'$DOCKER_ROBOT_IMAGE'[ ]+[ ]'$DOCKER_ROBOT_IMAGE_VERSION'' if [[ $? -ne 0 ]] then diff --git a/helm/scripts/remove_remote_users.sh b/helm/scripts/remove_remote_users.sh index 1891fec00de393dd13b095bf774963327cd89f21..98f3f3f5b5027957220d134ba1feab55118838ba 100755 --- a/helm/scripts/remove_remote_users.sh +++ b/helm/scripts/remove_remote_users.sh @@ -39,7 +39,7 @@ then fi # Other Stuff -DOCKER_ROBOT_IMAGE=labs.etsi.org:5050/ocf/robot-tests-image +DOCKER_ROBOT_IMAGE=labs.etsi.org:5050/ocf/capif/robot-tests-image DOCKER_ROBOT_IMAGE_VERSION=1.0 TEST_FOLDER=$CAPIF_BASE_DIR/tests @@ -81,6 +81,7 @@ then exit -1 fi +docker pull $DOCKER_ROBOT_IMAGE:$DOCKER_ROBOT_IMAGE_VERSION || echo "Docker image ($DOCKER_ROBOT_IMAGE:$DOCKER_ROBOT_IMAGE_VERSION) not present on repository" docker images|grep -Eq '^'$DOCKER_ROBOT_IMAGE'[ ]+[ ]'$DOCKER_ROBOT_IMAGE_VERSION'' if [[ $? -ne 0 ]] then diff --git a/helm/scripts/remove_remote_users_by_prefix.sh b/helm/scripts/remove_remote_users_by_prefix.sh new file mode 100755 index 0000000000000000000000000000000000000000..9f084e6ba055dd6c9147fe54fea29866e81541d3 --- /dev/null +++ b/helm/scripts/remove_remote_users_by_prefix.sh @@ -0,0 +1,118 @@ +#!/bin/bash +source $(dirname "$(readlink -f "$0")")/variables.sh + +# User to remove +USERNAME_PREFIX= + +help() { + echo "Usage: $1 " + echo " -u : User prefix to use" + echo " -h : show this help" + exit 1 +} + +# Read params +while getopts ":u:p:t:h" opt; do + case $opt in + u) + USERNAME_PREFIX="$OPTARG" + ;; + h) + help + ;; + \?) + echo "Not valid option: -$OPTARG" >&2 + help + ;; + :) + echo "The -$OPTARG option requires an argument." >&2 + help + ;; + esac +done + +if [[ "$USERNAME_PREFIX" == "" ]] +then + echo "USERNAME_PREFIX must be set with option -u" + help + exit -1 +fi + +# Other Stuff +DOCKER_ROBOT_IMAGE=labs.etsi.org:5050/ocf/capif/robot-tests-image +DOCKER_ROBOT_IMAGE_VERSION=1.0 + +TEST_FOLDER=$CAPIF_BASE_DIR/tests +RESULT_FOLDER=$CAPIF_BASE_DIR/results +ROBOT_DOCKER_FILE_FOLDER=$CAPIF_BASE_DIR/tools/robot + +# nginx Hostname and http port (80 by default) to reach for tests +CAPIF_REGISTER=$REGISTER_HOSTNAME +CAPIF_REGISTER_PORT=443 +CAPIF_HTTPS_PORT=443 + +# VAULT access configuration +CAPIF_VAULT=$VAULT_HOSTNAME +CAPIF_VAULT_PORT=80 +CAPIF_VAULT_TOKEN=$VAULT_ACCESS_TOKEN + +# Mock Server +MOCK_SERVER_URL=http://mock-server-$CAPIF_CI_ENV_ENDPOINT.$CAPIF_DOMAIN:80 +NOTIFICATION_DESTINATION_URL=http://mock-server.$CAPIF_NAMESPACE.svc.cluster.local:9090 + +# Show variables +echo "CAPIF_HOSTNAME = $CAPIF_HOSTNAME" +echo "CAPIF_REGISTER = $CAPIF_REGISTER" +echo "CAPIF_HTTP_PORT = $CAPIF_HTTP_PORT" +echo "CAPIF_HTTPS_PORT = $CAPIF_HTTPS_PORT" +echo "CAPIF_VAULT = $CAPIF_VAULT" +echo "CAPIF_VAULT_PORT = $CAPIF_VAULT_PORT" +echo "CAPIF_VAULT_TOKEN = $CAPIF_VAULT_TOKEN" +echo "TOTAL_USERS=$TOTAL_USERS" +echo "USERNAME_PREFIX=$USERNAME_PREFIX" +echo "USER_PASSWORD=$USER_PASSWORD" +echo "MOCK_SERVER_URL=$MOCK_SERVER_URL" +echo "NOTIFICATION_DESTINATION_URL=$NOTIFICATION_DESTINATION_URL" + +docker >/dev/null 2>/dev/null +if [[ $? -ne 0 ]] +then + echo "Docker maybe is not installed. Please check if docker CLI is present." + exit -1 +fi + +docker pull $DOCKER_ROBOT_IMAGE:$DOCKER_ROBOT_IMAGE_VERSION || echo "Docker image ($DOCKER_ROBOT_IMAGE:$DOCKER_ROBOT_IMAGE_VERSION) not present on repository" +docker images|grep -Eq '^'$DOCKER_ROBOT_IMAGE'[ ]+[ ]'$DOCKER_ROBOT_IMAGE_VERSION'' +if [[ $? -ne 0 ]] +then + read -p "Robot image is not present. To continue, Do you want to build it? (y/n)" build_robot_image + if [[ $build_robot_image == "y" ]] + then + echo "Building Robot docker image." + cd $ROBOT_DOCKER_FILE_FOLDER + docker build --no-cache -t $DOCKER_ROBOT_IMAGE:$DOCKER_ROBOT_IMAGE_VERSION . + cd $CAPIF_BASE_DIR + else + exit -2 + fi +fi + +cd $CAPIF_BASE_DIR + +mkdir -p $RESULT_FOLDER + +docker run -ti --rm --network="host" \ + -v $TEST_FOLDER:/opt/robot-tests/tests \ + -v $RESULT_FOLDER:/opt/robot-tests/results ${DOCKER_ROBOT_IMAGE}:${DOCKER_ROBOT_IMAGE_VERSION} \ + --variable CAPIF_HOSTNAME:$CAPIF_HOSTNAME \ + --variable CAPIF_HTTP_PORT:$CAPIF_HTTP_PORT \ + --variable CAPIF_HTTPS_PORT:$CAPIF_HTTPS_PORT \ + --variable CAPIF_REGISTER:$CAPIF_REGISTER \ + --variable CAPIF_REGISTER_PORT:$CAPIF_REGISTER_PORT \ + --variable CAPIF_VAULT:$CAPIF_VAULT \ + --variable CAPIF_VAULT_PORT:$CAPIF_VAULT_PORT \ + --variable CAPIF_VAULT_TOKEN:$CAPIF_VAULT_TOKEN \ + --variable NOTIFICATION_DESTINATION_URL:$NOTIFICATION_DESTINATION_URL \ + --variable MOCK_SERVER_URL:$MOCK_SERVER_URL \ + --variable USERNAME_PREFIX:$USERNAME_PREFIX \ + --include remove-users-by-prefix diff --git a/helm/scripts/run_remote_capif_tests.sh b/helm/scripts/run_remote_capif_tests.sh index 0095300e4537a62ba01cfc267ce6a8ff0b0d97f4..6f67bb574a734aefeaf608bc6d89fe3c49121f10 100755 --- a/helm/scripts/run_remote_capif_tests.sh +++ b/helm/scripts/run_remote_capif_tests.sh @@ -1,7 +1,7 @@ #!/bin/bash source $(dirname "$(readlink -f "$0")")/variables.sh -DOCKER_ROBOT_IMAGE=labs.etsi.org:5050/ocf/robot-tests-image +DOCKER_ROBOT_IMAGE=labs.etsi.org:5050/ocf/capif/robot-tests-image DOCKER_ROBOT_IMAGE_VERSION=1.0 TEST_FOLDER=$CAPIF_BASE_DIR/tests @@ -30,6 +30,13 @@ echo "CAPIF_VAULT_PORT = $VAULT_PORT" echo "CAPIF_VAULT_TOKEN = $VAULT_ACCESS_TOKEN" echo "MOCK_SERVER_URL = $MOCK_SERVER_URL" +INPUT_OPTIONS=$@ +# Check if input is provided +if [ -z "$1" ]; then + # Set default value if no input is provided + INPUT_OPTIONS="--include all" +fi + cd $CAPIF_BASE_DIR docker >/dev/null 2>/dev/null @@ -39,6 +46,7 @@ then exit -1 fi +docker pull $DOCKER_ROBOT_IMAGE:$DOCKER_ROBOT_IMAGE_VERSION || echo "Docker image ($DOCKER_ROBOT_IMAGE:$DOCKER_ROBOT_IMAGE_VERSION) not present on repository" docker images|grep -Eq '^'$DOCKER_ROBOT_IMAGE'[ ]+[ ]'$DOCKER_ROBOT_IMAGE_VERSION'' if [[ $? -ne 0 ]] then @@ -67,4 +75,4 @@ docker run -ti --rm --network="host" \ --variable CAPIF_VAULT_PORT:$CAPIF_VAULT_PORT \ --variable CAPIF_VAULT_TOKEN:$CAPIF_VAULT_TOKEN \ --variable NOTIFICATION_DESTINATION_URL:$NOTIFICATION_DESTINATION_URL \ - --variable MOCK_SERVER_URL:$MOCK_SERVER_URL $@ + --variable MOCK_SERVER_URL:$MOCK_SERVER_URL $INPUT_OPTIONS diff --git a/helm/scripts/set_ingress.sh b/helm/scripts/set_ingress.sh new file mode 100755 index 0000000000000000000000000000000000000000..7f4034776503a82d3fd883ebb073f024831aa22e --- /dev/null +++ b/helm/scripts/set_ingress.sh @@ -0,0 +1,60 @@ +#!/bin/bash +IP="" +NAMESPACE="" +source $(dirname "$(readlink -f "$0")")/variables.sh + +help() { + echo "Usage: $1 " + echo " -i : IP to use" + echo " -n : Namespace to get ingress information" + echo " -k : Kubeconfig to be used" + echo " -h : show this help" + exit 1 +} +# Read params +while getopts ":i:n:k:h" opt; do + case $opt in + i) + IP="$OPTARG" + ;; + n) + NAMESPACE="$OPTARG" + ;; + k) + KUBECONFIG="$OPTARG" + if [ -z "$KUBECONFIG" ]; then + echo "The variable KUBECONFIG is empty. Using default k8s environment..." + else + KUBECONFIG="--kubeconfig $KUBECONFIG" + echo "The variable KUBECONFIG is not empty. Its value is: $KUBECONFIG" + fi + ;; + h) + help + ;; + \?) + echo "Not valid option: -$OPTARG" >&2 + help + ;; + :) + echo "The -$OPTARG option requires an argument." >&2 + help + ;; + esac +done + +if [[ -n "$NAMESPACE" && -n "$IP" ]] +then + echo "IP: $IP and namespace: $NAMESPACE" +elif [[ -n "$NAMESPACE" ]]; then + if [[ -n "$K8S_IP" ]]; then + IP=$K8S_IP + echo "Using K8S_IP found. IP: $IP and namespace: $NAMESPACE" + fi +else + echo "IP ($IP) and NAMESPACE ($NAMESPACE) must be set" + exit -1 +fi + + +kubectl $KUBECONFIG -n $NAMESPACE get ing|grep -v NAME|awk "{print \"$IP \"\$3}" >> /etc/hosts diff --git a/helm/scripts/uninstall_capif.sh b/helm/scripts/uninstall_capif.sh index 1c9ed62ab9b1548a3a4b6e1335141f2ad16f9f4f..bacd0e0f2a1a6c31b978c6d17847221e069125c3 100755 --- a/helm/scripts/uninstall_capif.sh +++ b/helm/scripts/uninstall_capif.sh @@ -1,25 +1,56 @@ #!/bin/bash source $(dirname "$(readlink -f "$0")")/variables.sh -# Function to display a warning message -warning_message() { - echo "WARNING: This uninstallation process is irreversible." - echo "All data associated with CAPIF service will be permanently lost." - echo "Are you sure you want to continue? (yes/no)" +help() { + echo "Usage: $1 " + echo " -y : Force uninstall component" + echo " -h : show this help" + exit 1 } -# Display the warning message -warning_message +export FORCE=0 +# Read params +while getopts ":yh" opt; do + case $opt in + y) + FORCE=1 + ;; + h) + help + ;; + \?) + echo "Not valid option: -$OPTARG" >&2 + help + ;; + :) + echo "The -$OPTARG option requires an argument." >&2 + help + ;; + esac +done -# Read the user input -read -r USER_INPUT +if [ "$FORCE" == "0" ]; then + # Function to display a warning message + warning_message() { + echo "WARNING: This uninstallation process is irreversible." + echo "All data associated with CAPIF service will be permanently lost." + echo "Are you sure you want to continue? (yes/no)" + } -# Check if the user confirmed the uninstallation -if [ "$USER_INPUT" != "yes" ]; then - echo "Uninstallation aborted by the user." - exit 1 -fi + # Display the warning message + warning_message + + # Read the user input + read -r USER_INPUT + # Check if the user confirmed the uninstallation + if [ "$USER_INPUT" != "yes" ]; then + echo "Uninstallation aborted by the user." + exit 1 + fi +else + echo "Forced uninstall" +fi # Proceed with the uninstallation process echo "Proceeding with uninstallation..." diff --git a/helm/scripts/uninstall_monitoring.sh b/helm/scripts/uninstall_monitoring.sh index f59954a198b123ff5edec4184c14ea86e5654305..aff1706b20e584e11ae4b29f4c2c9e8ad6fc2280 100755 --- a/helm/scripts/uninstall_monitoring.sh +++ b/helm/scripts/uninstall_monitoring.sh @@ -1,25 +1,56 @@ #!/bin/bash source $(dirname "$(readlink -f "$0")")/variables.sh -# Function to display a warning message -warning_message() { - echo "WARNING: This uninstallation process is irreversible." - echo "All data associated with CAPIF service will be permanently lost." - echo "Are you sure you want to continue? (yes/no)" +help() { + echo "Usage: $1 " + echo " -y : Force uninstall component" + echo " -h : show this help" + exit 1 } -# Display the warning message -warning_message +export FORCE=0 +# Read params +while getopts ":yh" opt; do + case $opt in + y) + FORCE=1 + ;; + h) + help + ;; + \?) + echo "Not valid option: -$OPTARG" >&2 + help + ;; + :) + echo "The -$OPTARG option requires an argument." >&2 + help + ;; + esac +done -# Read the user input -read -r USER_INPUT +if [ "$FORCE" == "0" ]; then + # Function to display a warning message + warning_message() { + echo "WARNING: This uninstallation process is irreversible." + echo "All data associated with CAPIF service will be permanently lost." + echo "Are you sure you want to continue? (yes/no)" + } -# Check if the user confirmed the uninstallation -if [ "$USER_INPUT" != "yes" ]; then - echo "Uninstallation aborted by the user." - exit 1 -fi + # Display the warning message + warning_message + + # Read the user input + read -r USER_INPUT + # Check if the user confirmed the uninstallation + if [ "$USER_INPUT" != "yes" ]; then + echo "Uninstallation aborted by the user." + exit 1 + fi +else + echo "Forced uninstall" +fi # Proceed with the uninstallation process echo "Proceeding with uninstallation..." diff --git a/helm/scripts/uninstall_vault.sh b/helm/scripts/uninstall_vault.sh index 4f7d562804b1f0bdc52a82ea2993bcc46c81cb84..cb9535f67569aedb36052cbef522fb8232268ede 100755 --- a/helm/scripts/uninstall_vault.sh +++ b/helm/scripts/uninstall_vault.sh @@ -1,23 +1,55 @@ #!/bin/bash source $(dirname "$(readlink -f "$0")")/variables.sh -# Function to display a warning message -warning_message() { - echo "WARNING: This uninstallation process is irreversible." - echo "All data associated with Vault service will be permanently lost." - echo "Are you sure you want to continue? (yes/no)" +help() { + echo "Usage: $1 " + echo " -y : Force uninstall component" + echo " -h : show this help" + exit 1 } -# Display the warning message -warning_message +export FORCE=0 +# Read params +while getopts ":yh" opt; do + case $opt in + y) + FORCE=1 + ;; + h) + help + ;; + \?) + echo "Not valid option: -$OPTARG" >&2 + help + ;; + :) + echo "The -$OPTARG option requires an argument." >&2 + help + ;; + esac +done -# Read the user input -read -r USER_INPUT +if [ "$FORCE" == "0" ]; then + # Function to display a warning message + warning_message() { + echo "WARNING: This uninstallation process is irreversible." + echo "All data associated with Vault service will be permanently lost." + echo "Are you sure you want to continue? (yes/no)" + } -# Check if the user confirmed the uninstallation -if [ "$USER_INPUT" != "yes" ]; then - echo "Uninstallation aborted by the user." - exit 1 + # Display the warning message + warning_message + + # Read the user input + read -r USER_INPUT + + # Check if the user confirmed the uninstallation + if [ "$USER_INPUT" != "yes" ]; then + echo "Uninstallation aborted by the user." + exit 1 + fi +else + echo "Forced uninstall" fi # Proceed with the uninstallation process diff --git a/helm/scripts/variables.sh b/helm/scripts/variables.sh index 2a9b5a8293b4010007bb1349c057e4ddd742a151..02756d04fa6d0c702a27fa607eeb7ca7578a226a 100755 --- a/helm/scripts/variables.sh +++ b/helm/scripts/variables.sh @@ -1,12 +1,16 @@ #!/bin/bash # Use custom kubeconfig. If you set here the path to a kubeconfig file it will be used in installation/uninstallation scripts -export KUBECONFIG="" -if [ -z "$KUBECONFIG" ]; then - echo "The variable KUBECONFIG is empty. Using default k8s environment..." +export CUSTOM_KUBECONFIG="" +if [ -z "$CUSTOM_KUBECONFIG" ]; then + echo "The variable CUSTOM_KUBECONFIG is empty. Using default k8s environment..." + if [ -n "$KUBECONFIG" ]; then + CUSTOM_KUBECONFIG="--kubeconfig $KUBECONFIG" + echo "Using DEFAULT_KUBECONFIG $CUSTOM_KUBECONFIG" + fi else - KUBECONFIG="--kubeconfig $KUBECONFIG" - echo "The variable KUBECONFIG is not empty. Its value is: $KUBECONFIG" + CUSTOM_KUBECONFIG="--kubeconfig $CUSTOM_KUBECONFIG" + echo "The variable CUSTOM_KUBECONFIG is not empty. Its value is: $CUSTOM_KUBECONFIG" fi # timestap to use along scripts @@ -34,15 +38,15 @@ export VAULT_HOSTNAME=vault.testbed.develop export VAULT_NAMESPACE=ocf-vault export VAULT_SERVICE_NAME='vault' export LABEL_TO_CHECK="app.kubernetes.io/name" - ## File to store key and token export VAULT_FILE="$HELM_DIR/vault_keys.txt" - ## Vault domains to be included export DOMAIN1=*.testbed.pre-production export DOMAIN2=*.testbed.validation export DOMAIN3=*.testbed.develop - +## Vault Storage Configuration +export VAULT_STORAGE_CLASS=nfs-01 +export VAULT_STORAGE_SIZE=10Gi ## Vault configuration job VAULT_JOB_NAME=vault-pki @@ -51,8 +55,22 @@ VAULT_JOB_NAME=vault-pki export PROMETHEUS_HOSTNAME=prometheus.testbed.develop export MONITORING_NAMESPACE=monitoring export MONITORING_SERVICE_NAME=monitoring +export MONITORING_SNOOKER_ENABLED=false # OpenCAPIF deployment variables +export CAPIF_RESOURCES_RESERVE="YES" +export CAPIF_RESOURCES_LIMITS_CPU=200m +export CAPIF_RESOURCES_LIMITS_MEMORY=256Mi +export CAPIF_RESOURCES_REQUESTS_CPU=1m +export CAPIF_RESOURCES_REQUESTS_MEMORY=1Mi +## Storage Class +export CAPIF_STORAGE_CLASS=nfs-01 +export CAPIF_STORAGE_ACCESS_MODE="ReadWriteMany" +export CAPIF_GRAFANA_STORAGE_SIZE=10Gi +export CAPIF_LOKI_STORAGE_SIZE=100Mi +export CAPIF_MONGO_STORAGE_SIZE=8Gi +export CAPIF_MONGO_REGISTER_STORAGE_SIZE=8Gi +export CAPIF_TEMPO_STORAGE_SIZE=3Gi ## Register and Capif hostname to be deployed export CAPIF_HOSTNAME="capif.testbed.develop" export REGISTER_HOSTNAME="register.testbed.develop" @@ -77,6 +95,7 @@ export VAULT_INTERNAL_HOSTNAME="$VAULT_SERVICE_NAME.$VAULT_NAMESPACE.svc.cluster export VAULT_PORT="8200" export VAULT_ACCESS_TOKEN="dev-only-token" +######### POST PROCESSING VARIABLES SET ######## ### To deploy in other environment we need to setup urls according to it and also using specific kubeconfig: if [ -f "$VAULT_FILE" ] && [ -s "$VAULT_FILE" ]; then VAULT_ACCESS_TOKEN=$(awk '/Initial Root Token/{ print $4 }' $VAULT_FILE) @@ -86,6 +105,9 @@ else fi echo "Using value on VAULT_ACCESS_TOKEN=$VAULT_ACCESS_TOKEN" +## Setup KUBECONFIG +export KUBECONFIG=$CUSTOM_KUBECONFIG + ### If K8S_IP is empty, then script will try to get ingress-nginx-controller NodePort to grant DNS resolution for register to connect locally to CAPIF nginx if [ "$K8S_IP" == "NONE" ]; then echo "K8S_IP value is NONE. Register service will not have local DNS resolution" @@ -93,3 +115,73 @@ elif [ -z "$K8S_IP" ]; then K8S_IP=$(kubectl $KUBECONFIG get svc -A | grep ingress-nginx-controller | awk '/NodePort/{ print $4 }') echo "K8S_IP value will be $K8S_IP" fi + +capif_services=("fluentbit" +"grafana" +"loki" +"mock-server" +"mongo" +"mongo-express" +"mongo-register" +"mongo-register-express" +"nginx" +"ocf-access-control-policy" +"ocf-api-invocation-logs" +"ocf-api-invoker-management" +"ocf-api-provider-management" +"ocf-auditing-api-logs" +"ocf-discover-service-api" +"ocf-events" +"ocf-helper" +"ocf-publish-service-api" +"ocf-register" +"ocf-routing-info" +"ocf-security" +"otelcollector" +"redis" +"renderer") + +if [ -n "$CAPIF_STORAGE_ACCESS_MODE" ]; then + CAPIF_STORAGE_ACCESS_MODE="--set mongo.persistence.accessModes[0]=$CAPIF_STORAGE_ACCESS_MODE + --set mongo-register.persistence.accessModes[0]=$CAPIF_STORAGE_ACCESS_MODE + --set loki.persistence.accessModes[0]=$CAPIF_STORAGE_ACCESS_MODE + --set grafana.persistence.accessModes[0]=$CAPIF_STORAGE_ACCESS_MODE + " +fi + +export CAPIF_RUN_AS_USER_CONFIG="" +if [ "$CAPIF_STORAGE_CLASS" == "longhorn" ]; then + echo "$CAPIF_STORAGE_CLASS needs to configure runAsUser at mongo, mongo-register and grafana to 0, in order to allow write con PVC created." + CAPIF_RUN_AS_USER_CONFIG="--set mongo.securityContext.runAsUser=0 + --set mongo-register.securityContext.runAsUser=0 + --set grafana.securityContext.runAsUser=0" +fi + +export SED_CMD=sed +if [[ "$OSTYPE" == "darwin"* ]]; then + # Require gnu-sed. + if ! [ -x "$(command -v gsed)" ]; then + echo "Error: 'gsed' is not istalled." >&2 + echo "If you are using Homebrew, install with 'brew install gnu-sed'." >&2 + exit 1 + fi + SED_CMD=gsed +fi + +if [ "$CAPIF_RESOURCES_RESERVE" == "NO" ]; then + echo "No Limits will be requested on deployment" + CAPIF_RESOURCES_RESERVE="" + ${SED_CMD} -i "s/^resources:.*/resources: {}/g" $HELM_DIR/**/**/**/values.yaml + ${SED_CMD} -i "s/^ limits:/# limits:/g" $HELM_DIR/**/**/**/values.yaml + ${SED_CMD} -i "s/^ cpu:/# cpu:/g" $HELM_DIR/**/**/**/values.yaml + ${SED_CMD} -i "s/^ memory:/# memory:/g" $HELM_DIR/**/**/**/values.yaml + ${SED_CMD} -i "s/^ requests:/# requests:/g" $HELM_DIR/**/**/**/values.yaml +else + CAPIF_RESOURCES_RESERVE="" + for service in "${capif_services[@]}"; do + CAPIF_RESOURCES_RESERVE="$CAPIF_RESOURCES_RESERVE --set $service.resources.limits.cpu=$CAPIF_RESOURCES_LIMITS_CPU + --set $service.resources.limits.memory=$CAPIF_RESOURCES_LIMITS_MEMORY + --set $service.resources.requests.cpu=$CAPIF_RESOURCES_REQUESTS_CPU + --set $service.resources.requests.memory=$CAPIF_RESOURCES_REQUESTS_MEMORY " + done +fi \ No newline at end of file diff --git a/services/check_services_are_running.sh b/services/check_services_are_running.sh index 16de7046452f3faa4ab94b04e340def03d89d9d4..b7e7a7a18a21ea2803bd84687a6026801fd73ba7 100755 --- a/services/check_services_are_running.sh +++ b/services/check_services_are_running.sh @@ -2,9 +2,10 @@ export CAPIF_PRIV_KEY= export CAPIF_PRIV_KEY_BASE_64= export MONITORING= +export LOG_LEVEL=DEBUG -running="$(docker compose -f docker-compose-vault.yml ps --services --all --filter "status=running")" -services="$(docker compose -f docker-compose-vault.yml ps --services --all)" +running="$(LOG_LEVEL=$LOG_LEVEL docker compose -f docker-compose-vault.yml ps --services --all --filter "status=running")" +services="$(LOG_LEVEL=$LOG_LEVEL docker compose -f docker-compose-vault.yml ps --services --all)" if [ "$running" != "$services" ]; then echo "Following Vault services are not running:" # Bash specific @@ -14,8 +15,8 @@ else echo "All Vault services are running" fi -running="$(docker compose -f docker-compose-capif.yml ps --services --all --filter "status=running")" -services="$(docker compose -f docker-compose-capif.yml ps --services --all)" +running="$(LOG_LEVEL=$LOG_LEVEL docker compose -f docker-compose-capif.yml ps --services --all --filter "status=running")" +services="$(LOG_LEVEL=$LOG_LEVEL docker compose -f docker-compose-capif.yml ps --services --all)" if [ "$running" != "$services" ]; then echo "Following CCF services are not running:" # Bash specific @@ -25,8 +26,8 @@ else echo "All CCF services are running" fi -running="$(docker compose -f docker-compose-register.yml ps --services --all --filter "status=running")" -services="$(docker compose -f docker-compose-register.yml ps --services --all)" +running="$(LOG_LEVEL=$LOG_LEVEL docker compose -f docker-compose-register.yml ps --services --all --filter "status=running")" +services="$(LOG_LEVEL=$LOG_LEVEL docker compose -f docker-compose-register.yml ps --services --all)" if [ "$running" != "$services" ]; then echo "Following Register services are not running:" # Bash specific diff --git a/services/clean_capif_docker_services.sh b/services/clean_capif_docker_services.sh index bd6ef111f010c8d5ed962a7c575fe2adfa32bbc1..dec71b8276795f5e87f3465723389f21442c717c 100755 --- a/services/clean_capif_docker_services.sh +++ b/services/clean_capif_docker_services.sh @@ -1,5 +1,9 @@ #!/bin/bash +# Directories variables setup (no modification needed) +export SERVICES_DIR=$(dirname "$(readlink -f "$0")") +export CAPIF_BASE_DIR=$(dirname "$SERVICES_DIR") + help() { echo "Usage: $1 " echo " -c : Clean capif services" @@ -26,27 +30,27 @@ while getopts "cvrahms" opt; do case $opt in c) echo "Remove Capif services" - FILES+=("docker-compose-capif.yml") + FILES+=("$SERVICES_DIR/docker-compose-capif.yml") ;; v) echo "Remove vault service" - FILES+=("docker-compose-vault.yml") + FILES+=("$SERVICES_DIR/docker-compose-vault.yml") ;; r) echo "Remove register service" - FILES+=("docker-compose-register.yml") + FILES+=("$SERVICES_DIR/docker-compose-register.yml") ;; m) echo "Remove monitoring service" - FILES+=("../monitoring/docker-compose.yml") + FILES+=("$SERVICES_DIR/monitoring/docker-compose.yml") ;; s) echo "Robot Mock Server" - FILES+=("docker-compose-mock-server.yml") + FILES+=("$SERVICES_DIR/docker-compose-mock-server.yml") ;; a) echo "Remove all services" - FILES=("docker-compose-capif.yml" "docker-compose-vault.yml" "docker-compose-register.yml" "docker-compose-mock-server.yml" "../monitoring/docker-compose.yml") + FILES=("$SERVICES_DIR/docker-compose-capif.yml" "$SERVICES_DIR/docker-compose-vault.yml" "$SERVICES_DIR/docker-compose-register.yml" "$SERVICES_DIR/docker-compose-mock-server.yml" "$SERVICES_DIR//monitoring/docker-compose.yml") ;; h) help diff --git a/services/clean_mock_server.sh b/services/clean_mock_server.sh index 5ea886cdee5476d39a20440d1f2a27f3e49a0857..157e39afdcc45888244966b137ab6b8eace842d7 100755 --- a/services/clean_mock_server.sh +++ b/services/clean_mock_server.sh @@ -1,6 +1,9 @@ #!/bin/bash -FILE="docker-compose-mock-server.yml" +# Directories variables setup (no modification needed) +export SERVICES_DIR=$(dirname "$(readlink -f "$0")") + +FILE="$SERVICES_DIR/docker-compose-mock-server.yml" echo "Executing 'docker compose down' for file $FILE" docker compose -f "$FILE" down --rmi all diff --git a/services/create_users.sh b/services/create_users.sh index 3dd07c34f45d7af6da84ebe3b8179c3609f2b18c..14066a8ef5277d0befa11698ab14e2d3365af3dd 100755 --- a/services/create_users.sh +++ b/services/create_users.sh @@ -60,7 +60,7 @@ then fi # Other Stuff -DOCKER_ROBOT_IMAGE=labs.etsi.org:5050/ocf/robot-tests-image +DOCKER_ROBOT_IMAGE=labs.etsi.org:5050/ocf/capif/robot-tests-image DOCKER_ROBOT_IMAGE_VERSION=1.0 cd .. REPOSITORY_BASE_FOLDER=${PWD} @@ -105,6 +105,7 @@ then exit -1 fi +docker pull $DOCKER_ROBOT_IMAGE:$DOCKER_ROBOT_IMAGE_VERSION || echo "Docker image ($DOCKER_ROBOT_IMAGE:$DOCKER_ROBOT_IMAGE_VERSION) not present on repository" docker images|grep -Eq '^'$DOCKER_ROBOT_IMAGE'[ ]+[ ]'$DOCKER_ROBOT_IMAGE_VERSION'' if [[ $? -ne 0 ]] then diff --git a/services/monitoring/docker-compose.yml b/services/monitoring/docker-compose.yml index 41f647f0fd0371f207903d72ff41b5fcac598592..e71dff523f44176692e339f8b88d1ca1a9495c27 100644 --- a/services/monitoring/docker-compose.yml +++ b/services/monitoring/docker-compose.yml @@ -1,4 +1,3 @@ -version: '3' services: prometheus: image: prom/prometheus:latest diff --git a/services/remove_users.sh b/services/remove_users.sh index c9f63a0b5199f0c243b85a8ac0a8fda02d1104e7..5325490e34af1577e937422ff7e88b16c523100e 100755 --- a/services/remove_users.sh +++ b/services/remove_users.sh @@ -43,7 +43,7 @@ then fi # Other Stuff -DOCKER_ROBOT_IMAGE=labs.etsi.org:5050/ocf/robot-tests-image +DOCKER_ROBOT_IMAGE=labs.etsi.org:5050/ocf/capif/robot-tests-image DOCKER_ROBOT_IMAGE_VERSION=1.0 cd .. REPOSITORY_BASE_FOLDER=${PWD} @@ -88,6 +88,7 @@ then exit -1 fi +docker pull $DOCKER_ROBOT_IMAGE:$DOCKER_ROBOT_IMAGE_VERSION || echo "Docker image ($DOCKER_ROBOT_IMAGE:$DOCKER_ROBOT_IMAGE_VERSION) not present on repository" docker images|grep -Eq '^'$DOCKER_ROBOT_IMAGE'[ ]+[ ]'$DOCKER_ROBOT_IMAGE_VERSION'' if [[ $? -ne 0 ]] then diff --git a/services/run.sh b/services/run.sh index fa10d8ada45ff558f15509550fc68247bb05441c..c77083ef8c3da9a18f5dbb473c9605f7b5004263 100755 --- a/services/run.sh +++ b/services/run.sh @@ -1,10 +1,14 @@ #!/bin/bash +# Directories variables setup (no modification needed) +export SERVICES_DIR=$(dirname "$(readlink -f "$0")") +export CAPIF_BASE_DIR=$(dirname "$SERVICES_DIR") + help() { echo "Usage: $1 " echo " -c : Setup different hostname for capif" echo " -s : Run Mock server" - echo " -m : Clean monitoring service" + echo " -m : Run monitoring service" echo " -l : Set Log Level (default DEBUG). Select one of: [CRITICAL, FATAL, ERROR, WARNING, WARN, INFO, DEBUG, NOTSET]" echo " -h : show this help" exit 1 @@ -69,7 +73,7 @@ if [ "$MONITORING_STATE" == "true" ] ; then echo '***Monitoring set as true***' echo '***Creating Monitoring stack***' - DUID=$DUID DGID=$DGID docker compose -f "./monitoring/docker-compose.yml" up --detach + DUID=$DUID DGID=$DGID docker compose -f "$SERVICES_DIR/monitoring/docker-compose.yml" up --detach status=$? if [ $status -eq 0 ]; then echo "*** Monitoring Stack Runing ***" @@ -81,7 +85,7 @@ fi docker network create capif-network -docker compose -f "docker-compose-vault.yml" up --detach --build +docker compose -f "$SERVICES_DIR/docker-compose-vault.yml" up --detach --build status=$? if [ $status -eq 0 ]; then @@ -91,7 +95,7 @@ else exit $status fi -CAPIF_HOSTNAME=$HOSTNAME MONITORING=$MONITORING_STATE LOG_LEVEL=$LOG_LEVEL docker compose -f "docker-compose-capif.yml" up --detach --build +CAPIF_HOSTNAME=$HOSTNAME MONITORING=$MONITORING_STATE LOG_LEVEL=$LOG_LEVEL docker compose -f "$SERVICES_DIR/docker-compose-capif.yml" up --detach --build status=$? if [ $status -eq 0 ]; then @@ -103,7 +107,7 @@ fi CAPIF_PRIV_KEY_BASE_64=$(echo "$(cat nginx/certs/server.key)") -CAPIF_PRIV_KEY=$CAPIF_PRIV_KEY_BASE_64 LOG_LEVEL=$LOG_LEVEL docker compose -f "docker-compose-register.yml" up --detach --build +CAPIF_PRIV_KEY=$CAPIF_PRIV_KEY_BASE_64 LOG_LEVEL=$LOG_LEVEL docker compose -f "$SERVICES_DIR/docker-compose-register.yml" up --detach --build status=$? if [ $status -eq 0 ]; then @@ -117,7 +121,7 @@ if [ "$ROBOT_MOCK_SERVER" == "true" ] ; then echo '***Robot Mock Server set as true***' echo '***Creating Robot Mock Server stack***' - IP=$IP PORT=$PORT docker compose -f "docker-compose-mock-server.yml" up --detach + IP=$IP PORT=$PORT docker compose -f "$SERVICES_DIR/docker-compose-mock-server.yml" up --detach status=$? if [ $status -eq 0 ]; then echo "*** Monitoring Stack Runing ***" diff --git a/services/run_capif_tests.sh b/services/run_capif_tests.sh index 29bb62ecc8c9d71e700c3371461acef6cbd17ad7..b4a9e13bf7d8eba9eaa957d4cd1f51aed44d8fc6 100755 --- a/services/run_capif_tests.sh +++ b/services/run_capif_tests.sh @@ -1,6 +1,6 @@ #!/bin/bash -DOCKER_ROBOT_IMAGE=labs.etsi.org:5050/ocf/robot-tests-image +DOCKER_ROBOT_IMAGE=labs.etsi.org:5050/ocf/capif/robot-tests-image DOCKER_ROBOT_IMAGE_VERSION=1.0 cd .. REPOSITORY_BASE_FOLDER=${PWD} @@ -34,6 +34,13 @@ echo "CAPIF_VAULT_PORT = $CAPIF_VAULT_PORT" echo "CAPIF_VAULT_TOKEN = $CAPIF_VAULT_TOKEN" echo "MOCK_SERVER_URL = $MOCK_SERVER_URL" +INPUT_OPTIONS=$@ +# Check if input is provided +if [ -z "$1" ]; then + # Set default value if no input is provided + INPUT_OPTIONS="--include all" +fi + docker >/dev/null 2>/dev/null if [[ $? -ne 0 ]] then @@ -41,6 +48,7 @@ then exit -1 fi +docker pull $DOCKER_ROBOT_IMAGE:$DOCKER_ROBOT_IMAGE_VERSION || echo "Docker image ($DOCKER_ROBOT_IMAGE:$DOCKER_ROBOT_IMAGE_VERSION) not present on repository" docker images|grep -Eq '^'$DOCKER_ROBOT_IMAGE'[ ]+[ ]'$DOCKER_ROBOT_IMAGE_VERSION'' if [[ $? -ne 0 ]] then @@ -74,4 +82,4 @@ docker run -ti --rm --network="host" \ --variable CAPIF_VAULT_PORT:$CAPIF_VAULT_PORT \ --variable CAPIF_VAULT_TOKEN:$CAPIF_VAULT_TOKEN \ --variable NOTIFICATION_DESTINATION_URL:$NOTIFICATION_DESTINATION_URL \ - --variable MOCK_SERVER_URL:$MOCK_SERVER_URL $@ + --variable MOCK_SERVER_URL:$MOCK_SERVER_URL $INPUT_OPTIONS diff --git a/services/run_mock_server.sh b/services/run_mock_server.sh index 5a194c469371de592d4f63ec5e8bbfc59598489c..f0ca4e3d79497699f4a6bba5e09d3c13eaaff2b3 100755 --- a/services/run_mock_server.sh +++ b/services/run_mock_server.sh @@ -1,5 +1,9 @@ #!/bin/bash +# Directories variables setup (no modification needed) +export SERVICES_DIR=$(dirname "$(readlink -f "$0")") +export CAPIF_BASE_DIR=$(dirname "$SERVICES_DIR") + help() { echo "Usage: $1 " echo " -i : Setup different host ip for mock server (default 0.0.0.0)" @@ -36,7 +40,9 @@ done echo Robot Framework Mock Server will listen on $IP:$PORT -IP=$IP PORT=$PORT docker compose -f "docker-compose-mock-server.yml" up --detach --build +docker network create capif-network || echo "capif-network previously created on docker networks" + +IP=$IP PORT=$PORT docker compose -f "$SERVICES_DIR/docker-compose-mock-server.yml" up --detach --build status=$? if [ $status -eq 0 ]; then diff --git a/services/show_logs.sh b/services/show_logs.sh index c2bcf52d90607d3da9364c11c44c99d4bf209071..747134e9598fe48b57ea9e55709d0fc041e296e1 100755 --- a/services/show_logs.sh +++ b/services/show_logs.sh @@ -1,5 +1,8 @@ #!/bin/bash +# Directories variables setup (no modification needed) +export SERVICES_DIR=$(dirname "$(readlink -f "$0")") + help() { echo "Usage: $0 " echo " -c : Show capif services" @@ -13,6 +16,10 @@ help() { exit 1 } +MONITORING_STATE=false +LOG_LEVEL=DEBUG +CAPIF_PRIV_KEY_BASE_64=$(echo "$(cat nginx/certs/server.key)") + if [[ $# -lt 1 ]] then echo "You must specify an option before run script." @@ -23,32 +30,36 @@ FILES=() echo "${FILES[@]}" FOLLOW="" +# Needed to avoid write permissions on bind volumes with prometheus and grafana +DUID=$(id -u) +DGID=$(id -g) + # Read params while getopts "cvrahmfs" opt; do case $opt in c) echo "Show Capif services" - FILES+=("-f docker-compose-capif.yml") + FILES+=("-f $SERVICES_DIR/docker-compose-capif.yml") ;; v) echo "Show vault service" - FILES+=("-f docker-compose-vault.yml") + FILES+=("-f $SERVICES_DIR/docker-compose-vault.yml") ;; r) echo "Show register service" - FILES+=("-f docker-compose-register.yml") + FILES+=("-f $SERVICES_DIR/docker-compose-register.yml") ;; s) echo "Show Mock Server service" - FILES+=("-f docker-compose-mock-server.yml") + FILES+=("-f $SERVICES_DIR/docker-compose-mock-server.yml") ;; m) echo "Show monitoring service" - FILES+=("-f ../monitoring/docker-compose.yml") + FILES+=("-f $SERVICES_DIR/monitoring/docker-compose.yml") ;; a) echo "Show all services" - FILES=("-f docker-compose-capif.yml" -f "docker-compose-vault.yml" -f "docker-compose-register.yml" -f "docker-compose-mock-server.yml" -f "../monitoring/docker-compose.yml") + FILES=("-f $SERVICES_DIR/docker-compose-capif.yml" -f "$SERVICES_DIR/docker-compose-vault.yml" -f "$SERVICES_DIR/docker-compose-register.yml" -f "$SERVICES_DIR/docker-compose-mock-server.yml" -f "$SERVICES_DIR./monitoring/docker-compose.yml") ;; f) echo "Setup follow logs" @@ -82,5 +93,5 @@ else help fi -docker compose ${FILES[@]} logs ${FOLLOW} +MONITORING=$MONITORING_STATE LOG_LEVEL=$LOG_LEVEL CAPIF_PRIV_KEY=$CAPIF_PRIV_KEY_BASE_64 DUID=$DUID DGID=$DGID docker compose ${FILES[@]} logs ${FOLLOW} diff --git a/tests/features/CAPIF Api Access Control Policy/capif_api_access_control_policy.robot b/tests/features/CAPIF Api Access Control Policy/capif_api_access_control_policy.robot index 768367e02b75450dd85b782c02902302115f42b9..05716c20a5c3c846ccc649300183597f7f3d36f8 100644 --- a/tests/features/CAPIF Api Access Control Policy/capif_api_access_control_policy.robot +++ b/tests/features/CAPIF Api Access Control Policy/capif_api_access_control_policy.robot @@ -19,7 +19,7 @@ ${AEF_ID_NOT_VALID} not-valid *** Test Cases *** Retrieve ACL - [Tags] capif_api_acl-1 + [Tags] capif_api_acl-1 smoke # Register APF ${register_user_info_provider}= Provider Default Registration @@ -74,7 +74,7 @@ Retrieve ACL ... username=${AEF_PROVIDER_USERNAME} Check Response Variable Type And Values ${resp} 200 AccessControlPolicyList - + Sleep 30s # Check returned values Should Not Be Empty ${resp.json()['apiInvokerPolicies']} Length Should Be ${resp.json()['apiInvokerPolicies']} 1 @@ -258,7 +258,7 @@ Retrieve ACL with security context created by two different Invokers Should Be True ${API_INVOKER_2_PRESENT}==${True} Retrieve ACL filtered by api-invoker-id - [Tags] capif_api_acl-4 + [Tags] capif_api_acl-4 smoke # Register APF ${register_user_info_provider}= Provider Default Registration @@ -526,7 +526,7 @@ Retrieve ACL with AMF Certificate ... cause=Certificate not authorized Retrieve ACL with Invoker Certificate - [Tags] capif_api_acl-13 + [Tags] capif_api_acl-13 smoke ${register_user_info_invoker} ... ${register_user_info_provider} ... ${service_api_description_published}= diff --git a/tests/features/CAPIF Api Auditing Service/capif_auditing_api.robot b/tests/features/CAPIF Api Auditing Service/capif_auditing_api.robot index a1f2fef3def091f7612d07efa67c1e6d7fc7401f..41669f90a53dd5ad5ef1c8799168b4dc68ec6888 100644 --- a/tests/features/CAPIF Api Auditing Service/capif_auditing_api.robot +++ b/tests/features/CAPIF Api Auditing Service/capif_auditing_api.robot @@ -130,7 +130,7 @@ Get a log entry withut aefid and apiInvokerId ... cause=Mandatory parameters missing Get Log Entry with apiVersion filter - [Tags] capif_api_auditing_service-4 + [Tags] capif_api_auditing_service-4 smoke # Register APF ${register_user_info}= Provider Default Registration diff --git a/tests/features/CAPIF Api Discover Service/capif_api_service_discover.robot b/tests/features/CAPIF Api Discover Service/capif_api_service_discover.robot index e780526ce82217446018c8d06aa5fd545eae34d1..bbfcffdf8a6469f3ed5ea2b9b5a32ade94e1fd86 100644 --- a/tests/features/CAPIF Api Discover Service/capif_api_service_discover.robot +++ b/tests/features/CAPIF Api Discover Service/capif_api_service_discover.robot @@ -90,7 +90,7 @@ Discover Published service APIs by not registered API Invoker ... cause=API Invoker id not found Discover Published service APIs by registered API Invoker with 1 result filtered - [Tags] capif_api_discover_service-4 + [Tags] capif_api_discover_service-4 smoke # Register APF ${register_user_info}= Provider Default Registration @@ -138,7 +138,7 @@ Discover Published service APIs by registered API Invoker with 1 result filtered List Should Contain Value ${resp.json()['serviceAPIDescriptions']} ${service_api_description_published_1} Discover Published service APIs by registered API Invoker filtered with no match - [Tags] capif_api_discover_service-5 + [Tags] capif_api_discover_service-5 smoke # Register APF ${register_user_info}= Provider Default Registration diff --git a/tests/features/CAPIF Api Events/capif_events_api.robot b/tests/features/CAPIF Api Events/capif_events_api.robot index 07ed96700b8b6a83957c59c4eb41853a5b7271b1..09f2189f881d76172fc89eb4d9fc77f6849a202d 100644 --- a/tests/features/CAPIF Api Events/capif_events_api.robot +++ b/tests/features/CAPIF Api Events/capif_events_api.robot @@ -141,7 +141,7 @@ Deletes an individual CAPIF Event Subscription with invalid SubscriptionId ... cause=You are not the owner of this resource Invoker receives Service API Invocation events - [Tags] capif_api_events-6 mockserver + [Tags] capif_api_events-6 mockserver smoke # Initialize Mock server Init Mock Server @@ -410,7 +410,7 @@ Provider subscribe to API Invoker events Wait Until Keyword Succeeds 5x 5s Check Mock Server Notification Events ${events_expected} Invoker subscribed to ACL update event - [Tags] capif_api_events-10 mockserver + [Tags] capif_api_events-10 mockserver smoke # Initialize Mock server Init Mock Server @@ -568,7 +568,7 @@ Provider receives an ACL unavailable event when invoker remove Security Context. Wait Until Keyword Succeeds 5x 5s Check Mock Server Notification Events ${events_expected} Invoker receives an Invoker Authorization Revoked and ACL unavailable event when Provider revoke Invoker Authorization. - [Tags] capif_api_events-12 mockserver + [Tags] capif_api_events-12 mockserver smoke # Initialize Mock server Init Mock Server diff --git a/tests/features/CAPIF Api Invoker Management/capif_api_invoker_managenet.robot b/tests/features/CAPIF Api Invoker Management/capif_api_invoker_managenet.robot index 6ab8ba5d01336f44a27edf13f83da7539ed1e53f..57005b56f14de5b2ea84665106f3142c7b07c3d9 100644 --- a/tests/features/CAPIF Api Invoker Management/capif_api_invoker_managenet.robot +++ b/tests/features/CAPIF Api Invoker Management/capif_api_invoker_managenet.robot @@ -120,7 +120,7 @@ Offboard Network App Should Be Equal As Strings ${resp.status_code} 204 Offboard Not Previously Onboarded Network App - [Tags] capif_api_invoker_management-6 + [Tags] capif_api_invoker_management-6 smoke # Default Invoker Registration and Onboarding ${register_user_info} ${url} ${request_body}= Invoker Default Onboarding diff --git a/tests/features/CAPIF Api Logging Service/capif_logging_api.robot b/tests/features/CAPIF Api Logging Service/capif_logging_api.robot index fc2bfca0b2d0d3813314e0f933843f0dd1963bf1..5f41d2c7c946f8502b94200b929368156c998201 100644 --- a/tests/features/CAPIF Api Logging Service/capif_logging_api.robot +++ b/tests/features/CAPIF Api Logging Service/capif_logging_api.robot @@ -18,7 +18,7 @@ ${API_INVOKER_NOT_VALID} not-valid *** Test Cases *** Create a log entry - [Tags] capif_api_logging_service-1 + [Tags] capif_api_logging_service-1 smoke # Register APF ${register_user_info}= Provider Default Registration diff --git a/tests/features/CAPIF Api Provider Management/capif_api_provider_management.robot b/tests/features/CAPIF Api Provider Management/capif_api_provider_management.robot index 31aa55e8b6415c40fbff2ab56a3a7e6972a6505f..9e4d81e29e2f5c96176e457995e572757053d0ea 100644 --- a/tests/features/CAPIF Api Provider Management/capif_api_provider_management.robot +++ b/tests/features/CAPIF Api Provider Management/capif_api_provider_management.robot @@ -80,7 +80,7 @@ Register Api Provider Already registered ... cause=Identical provider reg sec Update Registered Api Provider - [Tags] capif_api_provider_management-3 + [Tags] capif_api_provider_management-3 smoke ${register_user_info}= Provider Default Registration ${request_body}= Set Variable ${register_user_info['provider_enrollment_details']} @@ -146,14 +146,14 @@ Update Not Registered Api Provider # ... username=${AMF_PROVIDER_USERNAME} # Call Method ${CAPIF_USERS} update_capif_users_dicts ${register_user_info['resource_url'].path} ${register_user_info['amf_username']} -# + # # Check Results # Check Response Variable Type And Values ${resp} 200 APIProviderEnrolmentDetails # ... apiProvDomInfo=ROBOT_TESTING_MOD Partially Update Not Registered Api Provider - [Tags] capif_api_provider_management-6 + [Tags] capif_api_provider_management-6 smoke ${register_user_info}= Provider Default Registration ${request_body}= Create Api Provider Enrolment Details Patch Body diff --git a/tests/features/CAPIF Api Publish Service/capif_api_publish_service.robot b/tests/features/CAPIF Api Publish Service/capif_api_publish_service.robot index f3556a4b5517385791622a476f988c6ae01dc343..5df5c4cf29be197ab6f2eed2653e41fb0468648d 100644 --- a/tests/features/CAPIF Api Publish Service/capif_api_publish_service.robot +++ b/tests/features/CAPIF Api Publish Service/capif_api_publish_service.robot @@ -16,7 +16,7 @@ ${SERVICE_API_ID_NOT_VALID} not-valid *** Test Cases *** Publish API by Authorised API Publisher - [Tags] capif_api_publish_service-1 + [Tags] capif_api_publish_service-1 smoke # Register APF ${register_user_info}= Provider Default Registration @@ -54,7 +54,7 @@ Publish API by NON Authorised API Publisher ... cause=Publisher id not found Retrieve all APIs Published by Authorised apfId - [Tags] capif_api_publish_service-3 + [Tags] capif_api_publish_service-3 smoke # Register APF ${register_user_info}= Provider Default Registration @@ -262,7 +262,7 @@ Update APIs Published by NON Authorised apfId ... apiName=service_1 Delete API Published by Authorised apfId with valid serviceApiId - [Tags] capif_api_publish_service-11 + [Tags] capif_api_publish_service-11 smoke # Register APF ${register_user_info}= Provider Default Registration diff --git a/tests/features/CAPIF Security Api/capif_security_api.robot b/tests/features/CAPIF Security Api/capif_security_api.robot index e50d16aec10253db92cd951c5955a5d4ec5947ed..6170e7538e337877afd5a9e567793128109f2a3d 100644 --- a/tests/features/CAPIF Security Api/capif_security_api.robot +++ b/tests/features/CAPIF Security Api/capif_security_api.robot @@ -101,7 +101,7 @@ Create a security context for an API invoker with Invalid apiInvokerID ... cause=API Invoker not exists or invalid ID Retrieve the Security Context of an API Invoker - [Tags] capif_security_api-5 + [Tags] capif_security_api-5 smoke # Default Invoker Registration and Onboarding ${register_user_info_invoker} ${url} ${request_body}= Invoker Default Onboarding @@ -186,7 +186,7 @@ Retrieve the Security Context of an API Invoker with invalid apfId ... cause=User role must be aef Delete the Security Context of an API Invoker - [Tags] capif_security_api-8 + [Tags] capif_security_api-8 smoke # Default Invoker Registration and Onboarding ${register_user_info_invoker} ${url} ${request_body}= Invoker Default Onboarding @@ -290,7 +290,7 @@ Delete the Security Context of an API Invoker with invalid apiInvokerID ... cause=API Invoker not exists or invalid ID Update the Security Context of an API Invoker - [Tags] capif_security_api-12 + [Tags] capif_security_api-12 smoke # Default Invoker Registration and Onboarding ${register_user_info_invoker} ${url} ${request_body}= Invoker Default Onboarding @@ -408,7 +408,7 @@ Update the Security Context of an API Invoker with invalid apiInvokerID ... cause=API Invoker not exists or invalid ID Revoke the authorization of the API invoker for APIs - [Tags] capif_security_api-16 + [Tags] capif_security_api-16 smoke # Register APF ${register_user_info_provider}= Provider Default Registration @@ -569,7 +569,7 @@ Revoke the authorization of the API invoker for APIs with invalid apiInvokerId Dictionaries Should Be Equal ${resp.json()} ${security_context} Retrieve access token - [Tags] capif_security_api-19 + [Tags] capif_security_api-19 smoke # Register APF ${register_user_info_provider}= Provider Default Registration diff --git a/tests/tasks/Users Management/users.robot b/tests/tasks/Users Management/users.robot index 1558f860b1e074487403663a4dc3a47c62a6c4a3..64991b50efb2638a1495b081c9fc73744ca75dfa 100644 --- a/tests/tasks/Users Management/users.robot +++ b/tests/tasks/Users Management/users.robot @@ -33,6 +33,9 @@ Create Client Users FOR ${counter} IN RANGE ${TOTAL_USERS} ${USERNAME}= Set Variable ${USERNAME_PREFIX}_${counter} + IF ${TOTAL_USERS} == 1 + ${USERNAME}= Set Variable ${USERNAME_PREFIX} + END ${resp}= Run Keyword And Continue On Failure Create User At Register ... ${USERNAME}