From fe598fe1bcb93d51b5c7bb0373bc06d74e5bf92f Mon Sep 17 00:00:00 2001 From: delacruzramo Date: Wed, 23 Oct 2019 18:25:11 +0200 Subject: [PATCH 1/1] New topics: K8sClusters, K8sRepos Change-Id: Ia03b8fc80b1efdb0cc6162b85fb84e3b6b1c1b12 Signed-off-by: delacruzramo --- osm_nbi/admin_topics.py | 36 +++++++++++++++++++++ osm_nbi/engine.py | 3 ++ osm_nbi/nbi.py | 19 ++++++++++- osm_nbi/validation.py | 72 ++++++++++++++++++++++++++++++++++++++++- 4 files changed, 128 insertions(+), 2 deletions(-) diff --git a/osm_nbi/admin_topics.py b/osm_nbi/admin_topics.py index b41e457..e887afb 100644 --- a/osm_nbi/admin_topics.py +++ b/osm_nbi/admin_topics.py @@ -21,6 +21,7 @@ from time import time from osm_nbi.validation import user_new_schema, user_edit_schema, project_new_schema, project_edit_schema, \ vim_account_new_schema, vim_account_edit_schema, sdn_new_schema, sdn_edit_schema, \ wim_account_new_schema, wim_account_edit_schema, roles_new_schema, roles_edit_schema, \ + k8scluster_new_schema, k8scluster_edit_schema, k8srepo_new_schema, k8srepo_edit_schema, \ validate_input, ValidationError, is_valid_uuid # To check that User/Project Names don't look like UUIDs from osm_nbi.base_topic import BaseTopic, EngineException from osm_nbi.authconn import AuthconnNotFoundException, AuthconnConflictException @@ -247,6 +248,7 @@ class CommonVimWimSdn(BaseTopic): :param edit_content: user requested update content :return: operation id """ + super().format_on_edit(final_content, edit_content) # encrypt passwords schema_version = final_content.get("schema_version") @@ -387,6 +389,40 @@ class SdnTopic(CommonVimWimSdn): config_to_encrypt = {} +class K8sClusterTopic(CommonVimWimSdn): + topic = "k8sclusters" + topic_msg = "k8scluster" + schema_new = k8scluster_new_schema + schema_edit = k8scluster_edit_schema + multiproject = True + password_to_encrypt = None + config_to_encrypt = {} + + def format_on_new(self, content, project_id=None, make_public=False): + oid = super().format_on_new(content, project_id, make_public) + self.db.encrypt_decrypt_fields(content["credentials"], 'encrypt', ['password', 'secret'], + schema_version=content["schema_version"], salt=content["_id"]) + return oid + + def format_on_edit(self, final_content, edit_content): + if final_content.get("schema_version") and edit_content.get("credentials"): + self.db.encrypt_decrypt_fields(edit_content["credentials"], 'encrypt', ['password', 'secret'], + schema_version=final_content["schema_version"], salt=final_content["_id"]) + deep_update_rfc7396(final_content["credentials"], edit_content["credentials"]) + oid = super().format_on_edit(final_content, edit_content) + return oid + + +class K8sRepoTopic(CommonVimWimSdn): + topic = "k8srepos" + topic_msg = "k8srepo" + schema_new = k8srepo_new_schema + schema_edit = k8srepo_edit_schema + multiproject = True + password_to_encrypt = None + config_to_encrypt = {} + + class UserTopicAuth(UserTopic): # topic = "users" # topic_msg = "users" diff --git a/osm_nbi/engine.py b/osm_nbi/engine.py index e36f5c6..0211bd6 100644 --- a/osm_nbi/engine.py +++ b/osm_nbi/engine.py @@ -25,6 +25,7 @@ from osm_nbi.authconn_keystone import AuthconnKeystone from osm_nbi.authconn_internal import AuthconnInternal from osm_nbi.base_topic import EngineException, versiontuple from osm_nbi.admin_topics import VimAccountTopic, WimAccountTopic, SdnTopic +from osm_nbi.admin_topics import K8sClusterTopic, K8sRepoTopic from osm_nbi.admin_topics import UserTopicAuth, ProjectTopicAuth, RoleTopicAuth from osm_nbi.descriptor_topics import VnfdTopic, NsdTopic, PduTopic, NstTopic from osm_nbi.instance_topics import NsrTopic, VnfrTopic, NsLcmOpTopic, NsiTopic, NsiLcmOpTopic @@ -49,6 +50,8 @@ class Engine(object): "vim_accounts": VimAccountTopic, "wim_accounts": WimAccountTopic, "sdns": SdnTopic, + "k8sclusters": K8sClusterTopic, + "k8srepos": K8sRepoTopic, "users": UserTopicAuth, # Valid for both internal and keystone authentication backends "projects": ProjectTopicAuth, # Valid for both internal and keystone authentication backends "roles": RoleTopicAuth, # Valid for both internal and keystone authentication backends diff --git a/osm_nbi/nbi.py b/osm_nbi/nbi.py index 8f995f5..206685d 100644 --- a/osm_nbi/nbi.py +++ b/osm_nbi/nbi.py @@ -112,6 +112,10 @@ URL: /osm GET POST / O O O /sdns O O / O O O + /k8sclusters O O + / O O O + /k8srepos O O + / O O /nst/v1 O O /netslice_templates_content O O @@ -251,6 +255,19 @@ valid_url_methods = { "ROLE_PERMISSION": "sdn_controllers:id:" } }, + "k8sclusters": {"METHODS": ("GET", "POST"), + "ROLE_PERMISSION": "k8sclusters:", + "": {"METHODS": ("GET", "DELETE", "PATCH", "PUT"), + "ROLE_PERMISSION": "k8sclusters:id:" + } + }, + "k8srepos": {"METHODS": ("GET", "POST"), + "ROLE_PERMISSION": "k8srepos:", + "": {"METHODS": ("GET", "DELETE"), + "ROLE_PERMISSION": "k8srepos:id:" + } + }, + } }, "pdu": { @@ -1082,7 +1099,7 @@ class Server(object): if not delete_in_process: self.engine.del_item(engine_session, engine_topic, _id) cherrypy.response.status = HTTPStatus.NO_CONTENT.value - if engine_topic in ("vim_accounts", "wim_accounts", "sdns"): + if engine_topic in ("vim_accounts", "wim_accounts", "sdns", "k8sclusters", "k8srepos"): cherrypy.response.status = HTTPStatus.ACCEPTED.value elif method in ("PUT", "PATCH"): diff --git a/osm_nbi/validation.py b/osm_nbi/validation.py index 761ee20..fcd3048 100644 --- a/osm_nbi/validation.py +++ b/osm_nbi/validation.py @@ -503,6 +503,75 @@ sdn_external_port_schema = { "required": ["port"] } +# K8s Clusters +k8scluster_nets_schema = { + "title": "k8scluster nets input schema", + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "patternProperties": {".": string_schema}, + "minProperties": 1, + "additionalProperties": False +} +k8scluster_new_schema = { + "title": "k8scluster creation input schema", + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "properties": { + "schema_version": schema_version, + "schema_type": schema_type, + "name": name_schema, + "description": description_schema, + "credentials": object_schema, + "vim_account": id_schema, + "k8s_version": string_schema, + "nets": k8scluster_nets_schema, + "namespace": name_schema, + "cni": nameshort_list_schema, + }, + "required": ["name", "credentials", "vim_account", "k8s_version", "nets"], + "additionalProperties": False +} +k8scluster_edit_schema = { + "title": "vim_account edit input schema", + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "properties": { + "name": name_schema, + "description": description_schema, + "credentials": object_schema, + "vim_account": id_schema, + "k8s_version": string_schema, + "nets": k8scluster_nets_schema, + "namespace": name_schema, + "cni": nameshort_list_schema, + }, + "additionalProperties": False +} + +# K8s Repos +k8srepo_types = {"enum": ["chart", "bundle"]} +k8srepo_properties = { + "name": name_schema, + "description": description_schema, + "type": k8srepo_types, + "url": description_schema, +} +k8srepo_new_schema = { + "title": "k8scluster creation input schema", + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "properties": k8srepo_properties, + "required": ["name", "type", "url"], + "additionalProperties": False +} +k8srepo_edit_schema = { + "title": "vim_account edit input schema", + "$schema": "http://json-schema.org/draft-04/schema#", + "type": "object", + "properties": k8srepo_properties, + "additionalProperties": False +} + # PDUs pdu_interface = { "type": "object", @@ -635,7 +704,8 @@ user_edit_schema = { } # PROJECTS -topics_with_quota = ["vnfds", "nsds", "nsts", "pdus", "nsrs", "nsis", "vim_accounts", "wim_accounts", "sdns"] +topics_with_quota = ["vnfds", "nsds", "nsts", "pdus", "nsrs", "nsis", "vim_accounts", "wim_accounts", "sdns", + "k8sclusters", "k8srepos"] project_new_schema = { "$schema": "http://json-schema.org/draft-04/schema#", "title": "New project schema for administrators", -- 2.17.1