| # -*- indent-tabs-mode: nil -*- # vi: set expandtab: |
| # |
| # ============LICENSE_START==================================================== |
| # org.onap.dcae |
| # ============================================================================= |
| # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. |
| # ============================================================================= |
| # Licensed under the Apache License, Version 2.0 (the "License"); |
| # you may not use this file except in compliance with the License. |
| # You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| # ============LICENSE_END====================================================== |
| |
| tosca_definitions_version: cloudify_dsl_1_3 |
| |
| description: |- |
| This blueprint is an example of how an application can access the needed information about |
| a persistent database created as part of a PGaaS cluster. |
| |
| For a given database "dbname" on a given PGaaS cluster "PGCLUSTERNAME", |
| there are three roles created: |
| admin role: has complete administrative control over that database |
| user role: has complete read and write access on that database |
| viewer role: only has read access on that database |
| The various attributes will return the appropriate information |
| that can be used with that role: host fqdn, role name and password. |
| |
| This blueprint is part of a suite of three blueprints: |
| k8s-pgaas-initdb takes control of the postgres server instance. |
| k8s-pgaas-database creates a database, roles and credentials associated with the database. |
| k8s-pgaas-getdbinfo shows how an application can access a database (including its roles and credentials) that was already created with k8s-pgaas-database. |
| |
| imports: |
| - http://www.getcloudify.org/spec/cloudify/3.4/types.yaml |
| - "{{ ONAPTEMPLATE_RAWREPOURL_org_onap_ccsdk_platform_plugins_releases }}/type_files/pgaas/1.1.0/pgaas_types.yaml" |
| |
| inputs: |
| k8s_pgaas_instance_fqdn: |
| type: string |
| database_name: |
| type: string |
| |
| node_templates: |
| pgclustername_dbname: |
| type: dcae.nodes.pgaas.database |
| properties: |
| writerfqdn: { get_input: k8s_pgaas_instance_fqdn } |
| name: { get_input: database_name } |
| use_existing: true |
| |
| outputs: |
| # admin role has control over table/index/view creation/dropping |
| pgclustername_dbname_admin_host: |
| description: Hostname for PGCLUSTERNAME dbname database |
| value: { get_attribute: [ pgclustername_dbname, admin, host ] } |
| pgclustername_dbname_admin_port: |
| description: Portname for PGCLUSTERNAME dbname database |
| value: { get_attribute: [ pgclustername_dbname, admin, port ] } |
| pgclustername_dbname_admin_user: |
| description: Admin Username for PGCLUSTERNAME dbname database |
| value: { get_attribute: [ pgclustername_dbname, admin, user ] } |
| pgclustername_dbname_admin_password: |
| description: Admin Password for PGCLUSTERNAME dbname database |
| value: { get_attribute: [ pgclustername_dbname, admin, password ] } |
| |
| # user role can read and write the tables |
| pgclustername_dbname_user_host: |
| description: Hostname for PGCLUSTERNAME dbname database |
| value: { get_attribute: [ pgclustername_dbname, user, host ] } |
| pgclustername_dbname_user_port: |
| description: Portname for PGCLUSTERNAME dbname database |
| value: { get_attribute: [ pgclustername_dbname, user, port ] } |
| pgclustername_dbname_user_user: |
| description: User Username for PGCLUSTERNAME dbname database |
| value: { get_attribute: [ pgclustername_dbname, user, user ] } |
| pgclustername_dbname_user_password: |
| description: User Password for PGCLUSTERNAME dbname database |
| value: { get_attribute: [ pgclustername_dbname, user, password ] } |
| |
| # viewer role can only read from the tables |
| pgclustername_dbname_viewer_host: |
| description: Hostname for PGCLUSTERNAME dbname database |
| value: { get_attribute: [ pgclustername_dbname, viewer, host ] } |
| pgclustername_dbname_viewer_port: |
| description: Portname for PGCLUSTERNAME dbname database |
| value: { get_attribute: [ pgclustername_dbname, viewer, port ] } |
| pgclustername_dbname_viewer_user: |
| description: Viewer Username for PGCLUSTERNAME dbname database |
| value: { get_attribute: [ pgclustername_dbname, viewer, user ] } |
| pgclustername_dbname_viewer_password: |
| description: Viewer Password for PGCLUSTERNAME dbname database |
| value: { get_attribute: [ pgclustername_dbname, viewer, password ] } |