use https for healthchecks and vfw script
Change-Id: I98f1bd5a354802ebf4be2356b97ec1bbdecce116
Signed-off-by: Jorge Hernandez <jh1730@att.com>
Issue-ID: POLICY-1111
diff --git a/kubernetes/consul/resources/config/consul-agent-config/policy-health.json b/kubernetes/consul/resources/config/consul-agent-config/policy-health.json
index 22d135b..62a6f31 100644
--- a/kubernetes/consul/resources/config/consul-agent-config/policy-health.json
+++ b/kubernetes/consul/resources/config/consul-agent-config/policy-health.json
@@ -12,7 +12,7 @@
{
"id": "policy-nexus-local-status",
"name": "Policy Nexus Local Status",
- "http": "http://nexus:8081/nexus/service/local/status?pretty",
+ "http": "http://nexus:8081/nexus/service/local/status",
"method": "GET",
"header": {
"Authorization": ["Basic YWRtaW46YWRtaW4xMjM="],
@@ -27,7 +27,7 @@
{
"id": "policy-nexus-internal-metrics",
"name": "Policy Nexus Internal Metrics",
- "http": "http://nexus:8081/nexus/internal/metrics?pretty",
+ "http": "http://nexus:8081/nexus/internal/metrics",
"method": "GET",
"header": {
"Authorization": ["Basic YWRtaW46YWRtaW4xMjM="],
@@ -42,7 +42,7 @@
{
"id": "policy-nexus-internal-healthcheck",
"name": "Policy Nexus Internal Healthcheck",
- "http": "http://nexus:8081/nexus/internal/healthcheck?pretty",
+ "http": "http://nexus:8081/nexus/internal/healthcheck",
"method": "GET",
"header": {
"Authorization": ["Basic YWRtaW46YWRtaW4xMjM="],
@@ -64,7 +64,7 @@
{
"id": "drools",
"name": "Drools Health Check",
- "http": "http://drools:6969/healthcheck?pretty",
+ "http": "https://drools:6969/healthcheck",
"method": "GET",
"header": {
"Authorization": ["Basic aGVhbHRoY2hlY2s6emIhWHp0RzM0"],
@@ -79,7 +79,7 @@
{
"id": "pap",
"name": "PAP Health Check",
- "http": "http://pap:9091/pap/test?pretty",
+ "http": "https://pap:9091/pap/test",
"method": "GET",
"header": {
"Authorization": ["Basic dGVzdHBhcDphbHBoYTEyMw=="],
@@ -94,7 +94,7 @@
{
"id": "pdp",
"name": "PDP Health Check",
- "http": "http://pdp:8081/pdp/test?pretty",
+ "http": "https://pdp:8081/pdp/test",
"method": "GET",
"header": {
"Authorization": ["Basic dGVzdHBkcDphbHBoYTEyMw=="],
diff --git a/kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh b/kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh
index a6c054d..c44c8f0 100644
--- a/kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh
+++ b/kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh
@@ -30,12 +30,12 @@
echo
echo
-curl -v -X DELETE --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+curl -v -k -X DELETE --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
"pdpGroup": "default",
"policyComponent" : "PDP",
"policyName": "com.BRMSParamvFirewall",
"policyType": "BRMS_Param"
-}' http://${K8S_HOST}:${POLICY_PDP_PORT}/pdp/api/deletePolicy
+}' https://${K8S_HOST}:${POLICY_PDP_PORT}/pdp/api/deletePolicy
sleep 20
@@ -45,7 +45,7 @@
echo "Updating vFW Operational Policy .."
echo
-curl -v -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+curl -v -k -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
"policyConfigType": "BRMS_PARAM",
"policyName": "com.BRMSParamvFirewall",
"policyDescription": "BRMS Param vFirewall policy",
@@ -60,7 +60,7 @@
"controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a%0D%0A++trigger_policy%3A+unique-policy-id-1-modifyConfig%0D%0A++timeout%3A+1200%0D%0A++abatement%3A+false%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-modifyConfig%0D%0A++++name%3A+modify+packet+gen+config%0D%0A++++description%3A%0D%0A++++actor%3A+APPC%0D%0A++++recipe%3A+ModifyConfig%0D%0A++++target%3A%0D%0A++++++%23+TBD+-+Cannot+be+known+until+instantiation+is+done%0D%0A++++++resourceID%3A+'${RESOURCE_ID}'%0D%0A++++++type%3A+VNF%0D%0A++++retry%3A+0%0D%0A++++timeout%3A+300%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard"
}
}
-}' http://${K8S_HOST}:${POLICY_PDP_PORT}/pdp/api/updatePolicy
+}' https://${K8S_HOST}:${POLICY_PDP_PORT}/pdp/api/updatePolicy
sleep 5
@@ -70,11 +70,11 @@
echo
echo
-curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+curl -v -k --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
"pdpGroup": "default",
"policyName": "com.BRMSParamvFirewall",
"policyType": "BRMS_Param"
-}' http://${K8S_HOST}:${POLICY_PDP_PORT}/pdp/api/pushPolicy
+}' https://${K8S_HOST}:${POLICY_PDP_PORT}/pdp/api/pushPolicy
sleep 20
@@ -95,7 +95,7 @@
echo
echo
-curl -vvv --silent --user @1b3rt:31nst31n -X GET http://${K8S_HOST}:${POLICY_DROOLS_PORT}/policy/pdp/engine/controllers/amsterdam/drools | python -m json.tool
+curl -vvv -k --silent --user @1b3rt:31nst31n -X GET https://${K8S_HOST}:${POLICY_DROOLS_PORT}/policy/pdp/engine/controllers/amsterdam/drools | python -m json.tool
echo
@@ -104,4 +104,4 @@
echo
echo
-curl -v --silent --user @1b3rt:31nst31n -X GET http://${K8S_HOST}:${POLICY_DROOLS_PORT}/policy/pdp/engine/controllers/amsterdam/drools/facts/closedloop-amsterdam/org.onap.policy.controlloop.Params | python -m json.tool
+curl -v -k --silent --user @1b3rt:31nst31n -X GET https://${K8S_HOST}:${POLICY_DROOLS_PORT}/policy/pdp/engine/controllers/amsterdam/drools/facts/closedloop-amsterdam/org.onap.policy.controlloop.Params | python -m json.tool
diff --git a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py
index a4a359a..bcdd42b 100644
--- a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py
+++ b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py
@@ -105,7 +105,7 @@
GLOBAL_PACKET_GENERATOR_PASSWORD = "admin"
GLOBAL_PGN_PORT = "2831"
# policy info - everything is from the private oam network (also called onap private network)
-GLOBAL_POLICY_SERVER_PROTOCOL = "http"
+GLOBAL_POLICY_SERVER_PROTOCOL = "https"
GLOBAL_POLICY_SERVER_PORT = "8081"
GLOBAL_POLICY_HEALTHCHECK_PORT = "6969"
GLOBAL_POLICY_AUTH = "dGVzdHBkcDphbHBoYTEyMw=="