diff --git a/expose_ingress_grpc.sh b/expose_ingress_grpc.sh
new file mode 100755
index 0000000000000000000000000000000000000000..2a735ea8e53efe35bb74a516dfd992fa19818a7a
--- /dev/null
+++ b/expose_ingress_grpc.sh
@@ -0,0 +1,55 @@
+#!/bin/bash
+# Copyright 2022-2023 ETSI TeraFlowSDN - TFS OSG (https://tfs.etsi.org/)
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+########################################################################################################################
+# Define your deployment settings here
+########################################################################################################################
+
+# If not already set, set the name of the Kubernetes namespace to deploy to.
+export TFS_K8S_NAMESPACE=${TFS_K8S_NAMESPACE:-"tfs"}
+
+# If not already set, set the list of components you want to build images for, and deploy.
+export TFS_COMPONENTS=${TFS_COMPONENTS:-"context device automation policy service compute monitoring l3_attackmitigator l3_centralizedattackdetector webui"}
+
+########################################################################################################################
+# Automated steps start here
+########################################################################################################################
+
+echo "Exposing GRPC ports for components..."
+for COMPONENT in $TFS_COMPONENTS; do
+ echo "Processing '$COMPONENT' component..."
+
+ SERVICE_GRPC_PORT=$(kubectl get service ${COMPONENT}service --namespace $TFS_K8S_NAMESPACE -o 'jsonpath={.spec.ports[?(@.name=="grpc")].port}')
+ echo " '$COMPONENT' service port: $SERVICE_GRPC_PORT"
+ if [ -z "${SERVICE_GRPC_PORT}" ]; then
+ printf "\n"
+ continue;
+ fi
+
+ COMPONENT_OBJNAME=$(echo "${COMPONENT}" | sed "s/\_/-/")
+ PATCH='{"data": {"'${SERVICE_GRPC_PORT}'": "'$TFS_K8S_NAMESPACE'/'${COMPONENT_OBJNAME}service':'${SERVICE_GRPC_PORT}'"}}'
+ #echo "PATCH: ${PATCH}"
+ kubectl patch configmap nginx-ingress-tcp-microk8s-conf --namespace ingress --patch "${PATCH}"
+
+ PORT_MAP='{"containerPort": '${SERVICE_GRPC_PORT}', "hostPort": '${SERVICE_GRPC_PORT}'}'
+ CONTAINER='{"name": "nginx-ingress-microk8s", "ports": ['${PORT_MAP}']}'
+ PATCH='{"spec": {"template": {"spec": {"containers": ['${CONTAINER}']}}}}'
+ #echo "PATCH: ${PATCH}"
+ kubectl patch daemonset nginx-ingress-microk8s-controller --namespace ingress --patch "${PATCH}"
+
+ printf "\n"
+done
+
+echo "Done!"
diff --git a/s.sh b/s.sh
deleted file mode 100755
index c96aa09c6cc53cbec08aa6ddfca8ffc0935e1e8e..0000000000000000000000000000000000000000
--- a/s.sh
+++ /dev/null
@@ -1,7 +0,0 @@
-if [ -s /etc/docker/daemon.json ]; then cat /etc/docker/daemon.json; else echo '{}'; fi \
- | jq 'if has("insecure-registries") then . else .+ {"insecure-registries": []} end' -- \
- | jq '."insecure-registries" |= (.+ ["localhost:32000"] | unique)' -- \
- | tee tmp.daemon.json
-sudo mv tmp.daemon.json /etc/docker/daemon.json
-sudo chown root:root /etc/docker/daemon.json
-sudo chmod 600 /etc/docker/daemon.json
diff --git a/src/l3_centralizedattackdetector/.gitlab-ci.yml b/src/l3_centralizedattackdetector/.gitlab-ci.yml
new file mode 100644
index 0000000000000000000000000000000000000000..057545eb1b65aac26610c6460a47592b4e7604c2
--- /dev/null
+++ b/src/l3_centralizedattackdetector/.gitlab-ci.yml
@@ -0,0 +1,106 @@
+# Copyright 2022-2023 ETSI TeraFlowSDN - TFS OSG (https://tfs.etsi.org/)
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Build, tag, and push the Docker image to the GitLab Docker registry
+build l3_centralizedattackdetector:
+ variables:
+ IMAGE_NAME: 'l3_centralizedattackdetector' # name of the microservice
+ IMAGE_TAG: 'latest' # tag of the container image (production, development, etc)
+ stage: build
+ before_script:
+ - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
+ script:
+ - docker build -t "$IMAGE_NAME:$IMAGE_TAG" -f ./src/$IMAGE_NAME/Dockerfile .
+ - docker tag "$IMAGE_NAME:$IMAGE_TAG" "$CI_REGISTRY_IMAGE/$IMAGE_NAME:$IMAGE_TAG"
+ - docker push "$CI_REGISTRY_IMAGE/$IMAGE_NAME:$IMAGE_TAG"
+ after_script:
+ - docker images --filter="dangling=true" --quiet | xargs -r docker rmi
+ rules:
+ - if: '$CI_PIPELINE_SOURCE == "merge_request_event" && ($CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "develop" || $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == $CI_DEFAULT_BRANCH)'
+ - if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == "develop"'
+ - changes:
+ - src/common/**/*.py
+ - proto/*.proto
+ - src/$IMAGE_NAME/**/*.{py,in,yml}
+ - src/$IMAGE_NAME/Dockerfile
+ - src/$IMAGE_NAME/tests/*.py
+ - manifests/${IMAGE_NAME}service.yaml
+ - .gitlab-ci.yml
+
+# Apply unit test to the component
+unit test l3_centralizedattackdetector:
+ variables:
+ IMAGE_NAME: 'l3_centralizedattackdetector' # name of the microservice
+ IMAGE_TAG: 'latest' # tag of the container image (production, development, etc)
+ stage: unit_test
+ needs:
+ - build l3_centralizedattackdetector
+ before_script:
+ - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
+ - if docker network list | grep teraflowbridge; then echo "teraflowbridge is already created"; else docker network create -d bridge teraflowbridge; fi
+ - if docker container ls | grep $IMAGE_NAME; then docker rm -f $IMAGE_NAME; else echo "$IMAGE_NAME image is not in the system"; fi
+ script:
+ - docker pull "$CI_REGISTRY_IMAGE/$IMAGE_NAME:$IMAGE_TAG"
+ - docker run --name $IMAGE_NAME -d -p 10001:10001 --env CAD_CLASSIFICATION_THRESHOLD=0.5 -v "$PWD/src/$IMAGE_NAME/tests:/opt/results" --network=teraflowbridge $CI_REGISTRY_IMAGE/$IMAGE_NAME:$IMAGE_TAG
+ - sleep 5
+ - docker ps -a
+ - docker logs $IMAGE_NAME
+ - docker exec -i $IMAGE_NAME bash -c "coverage run -m pytest --log-level=INFO --verbose $IMAGE_NAME/tests/test_unitary.py --junitxml=/opt/results/${IMAGE_NAME}_report.xml"
+ - docker exec -i $IMAGE_NAME bash -c "coverage report --include='${IMAGE_NAME}/*' --show-missing"
+ coverage: '/TOTAL\s+\d+\s+\d+\s+(\d+%)/'
+ after_script:
+ - docker rm -f $IMAGE_NAME
+ - docker network rm teraflowbridge
+ rules:
+ - if: '$CI_PIPELINE_SOURCE == "merge_request_event" && ($CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "develop" || $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == $CI_DEFAULT_BRANCH)'
+ - if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == "develop"'
+ - changes:
+ - src/common/**/*.py
+ - proto/*.proto
+ - src/$IMAGE_NAME/**/*.{py,in,yml}
+ - src/$IMAGE_NAME/Dockerfile
+ - src/$IMAGE_NAME/tests/*.py
+ - src/$IMAGE_NAME/tests/Dockerfile
+ - manifests/${IMAGE_NAME}service.yaml
+ - .gitlab-ci.yml
+ artifacts:
+ when: always
+ reports:
+ junit: src/$IMAGE_NAME/tests/${IMAGE_NAME}_report.xml
+
+# Deployment of the service in Kubernetes Cluster
+deploy l3_centralizedattackdetector:
+ variables:
+ IMAGE_NAME: 'l3_centralizedattackdetector' # name of the microservice
+ IMAGE_TAG: 'latest' # tag of the container image (production, development, etc)
+ stage: deploy
+ needs:
+ - unit test l3_centralizedattackdetector
+ # - integ_test execute
+ script:
+ - 'sed -i "s/$IMAGE_NAME:.*/$IMAGE_NAME:$IMAGE_TAG/" manifests/${IMAGE_NAME}service.yaml'
+ - kubectl version
+ - kubectl get all
+ - kubectl apply -f "manifests/${IMAGE_NAME}service.yaml"
+ - kubectl get all
+ # environment:
+ # name: test
+ # url: https://example.com
+ # kubernetes:
+ # namespace: test
+ rules:
+ - if: '$CI_PIPELINE_SOURCE == "merge_request_event" && ($CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "develop" || $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == $CI_DEFAULT_BRANCH)'
+ when: manual
+ - if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == "develop"'
+ when: manual
diff --git a/src/l3_centralizedattackdetector/service/l3_centralizedattackdetectorServiceServicerImpl.py b/src/l3_centralizedattackdetector/service/l3_centralizedattackdetectorServiceServicerImpl.py
index d0996e78fcd8f63741148c6d28cbc3111eff543f..79646cb0d5feb2ed7c1fc83d1f9d314f130f0342 100644
--- a/src/l3_centralizedattackdetector/service/l3_centralizedattackdetectorServiceServicerImpl.py
+++ b/src/l3_centralizedattackdetector/service/l3_centralizedattackdetectorServiceServicerImpl.py
@@ -506,7 +506,7 @@ class l3_centralizedattackdetectorServiceServicerImpl(L3Centralizedattackdetecto
self.l3_ml_model_confidence_crypto = (
self.l3_ml_model_confidence_crypto * (self.l3_inferences_in_interval_counter_crypto - 1)
+ cryptomining_detector_output["confidence"]
- ) / self.l3_inferences_in_interval_counter_crypt
+ ) / self.l3_inferences_in_interval_counter_crypto
if connection_info not in self.l3_attacks:
self.l3_attacks.append(connection_info)