CLAMP Policy Participant Smoke Tests
1. Introduction
The Smoke testing of the policy participant is executed in a local CLAMP/Policy environment. The CLAMP-ACM interfaces interact with the Policy Framework to perform actions based on the state of the policy participant. The goal of the Smoke tests is the ensure that CLAMP Policy Participant and Policy Framework work together as expected. All applications will be running by console, so they need to run with different ports. Configuration files should be changed accordingly.
Application |
Port |
|---|---|
Postgres |
5432 |
Zookeeper |
2181 |
Kafka |
29092/9092 |
policy-api |
6968 |
policy-pap |
6970 |
policy-clamp-runtime-acm |
6969 |
onap/policy-clamp-ac-pf-ppnt |
8085 |
2. Setup Guide
This section will show the developer how to set up their environment to start testing in GUI with some instruction on how to carry out the tests. There are several prerequisites. Note that this guide is written by a Linux user - although the majority of the steps show will be exactly the same in Windows or other systems.
2.1 Prerequisites
Java 21
Maven 3.9
Git
Refer to this guide for basic environment setup Setting up dev environment
2.2 Cloning CLAMP automation composition and all dependency
Run the below commands to clone the required CLAMP automation composition and all modules:
cd ~/git
git clone https://gerrit.onap.org/r/policy/clamp clamp
git clone https://gerrit.onap.org/r/policy/api api
git clone https://gerrit.onap.org/r/policy/pap pap
Execution of the commands above results in the following directory hierarchy in your ~/git directory:
~/git
~/git/api
~/git/clamp
~/git/pap
2.3 Building CLAMP automation composition and all dependency
Step 1: Setting datasource.url, hibernate.ddl-auto and server.port in policy-api. In the api repo, you should find the file ‘main/src/main/resources/application.yaml’. This file may need to be altered as below:
spring:
profiles:
active: default
security.user:
name: policyadmin
password: zb!XztG34
mvc.converters.preferred-json-mapper: gson
datasource:
url: jdbc:mariadb://localhost:3306/policyadmin
driverClassName: org.mariadb.jdbc.Driver
username: policy_user
password: policy_user
jpa:
hibernate:
ddl-auto: none
naming:
physical-strategy: org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl
implicit-strategy: org.onap.policy.common.spring.utils.CustomImplicitNamingStrategy
server:
port: 6968
servlet:
context-path: /policy/api/v1
Step 2: Setting datasource.url, server.port, and api http client in policy-pap. In the pap repo, you should find the file ‘main/src/main/resources/application.yaml’. This file may need to be altered as below:
spring:
security:
user:
name: policyadmin
password: zb!XztG34
datasource:
url: jdbc:mariadb://localhost:3306/policyadmin
driverClassName: org.mariadb.jdbc.Driver
username: policy_user
password: policy_user
jpa:
hibernate:
ddl-auto: none
naming:
physical-strategy: org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl
implicit-strategy: org.onap.policy.common.spring.utils.CustomImplicitNamingStrategy
mvc:
converters:
preferred-json-mapper: gson
server:
port: 6970
servlet:
context-path: /policy/pap/v1
pap:
name: PapGroup
topic:
pdp-pap.name: POLICY-PDP-PAP
notification.name: POLICY-NOTIFICATION
heartbeat.name: POLICY-HEARTBEAT
pdpParameters:
heartBeatMs: 120000
updateParameters:
maxRetryCount: 1
maxWaitMs: 30000
stateChangeParameters:
maxRetryCount: 1
maxWaitMs: 30000
topicParameterGroup:
topicSources:
- topic: ${pap.topic.pdp-pap.name}
servers:
- kafka
topicCommInfrastructure: NOOP
fetchTimeout: 15000
- topic: ${pap.topic.heartbeat.name}
effectiveTopic: ${pap.topic.pdp-pap.name}
consumerGroup: policy-pap
servers:
- kafka
topicCommInfrastructure: NOOP
fetchTimeout: 15000
topicSinks:
- topic: ${pap.topic.pdp-pap.name}
servers:
- kafka
topicCommInfrastructure: NOOP
- topic: ${pap.topic.notification.name}
servers:
- kafka
topicCommInfrastructure: NOOP
healthCheckRestClientParameters:
- clientName: api
hostname: localhost
port: 6968
userName: policyadmin
password: zb!XztG34
useHttps: false
basePath: policy/api/v1/healthcheck
- clientName: distribution
hostname: policy-distribution
port: 6969
userName: healthcheck
password: zb!XztG34
useHttps: true
basePath: healthcheck
- clientName: kafka
hostname: kafka
port: 3905
useHttps: true
basePath: topics
management:
endpoints:
web:
base-path: /
exposure:
include: health, metrics, prometheus
path-mapping:
-metrics: plain-metrics
-prometheus: metrics
Step 3: Optionally, for a completely clean build, remove the ONAP built modules from your local repository.
rm -fr ~/.m2/repository/org/onap
Step 4: You can now build the Policy framework.
Build java artifacts and docker images:
cd ~/git/clamp mvn clean install -P docker -DskipTests cd ~/git/api mvn clean install -P docker -DskipTests cd ~/git/pap mvn clean install -P docker -DskipTests
2.4 Setting up the components
2.4.1 Postgres and Kafka Setup
We will be using Docker to run our Postgres instance` and Zookeeper/Kafka. It will have a total of two databases running in Postgres.
clampacm: the policy-clamp-runtime-acm db
policyadmin: the policy-api db
Step 1: Create the db-pg.conf and db-pg.sh files in the directory ~/git.
# Copyright (C) 2022, 2024,2026 OpenInfra Foundation Europe. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
PGSQL_ROOT_PASSWORD=secret
PGSQL_USER=policy_user
PGSQL_PASSWORD=policy_user
PGPASSWORD=policy_user
POSTGRES_PASSWORD=policy_user
# Copyright (C) 2022, 2024,2026 OpenInfra Foundation Europe. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
psql -U postgres -d postgres --command "CREATE USER ${PGSQL_USER} WITH PASSWORD '${PGSQL_PASSWORD}';"
for db in migration policyadmin operationshistory clampacm
do
psql -U postgres -d postgres --command "CREATE DATABASE ${db};"
psql -U postgres -d postgres --command "ALTER DATABASE ${db} OWNER TO ${PGSQL_USER} ;"
psql -U postgres -d postgres --command "GRANT ALL PRIVILEGES ON DATABASE ${db} TO ${PGSQL_USER} ;"
done
Step 2: Create the wait_for_port.sh file in a directory ~/git with execution permission.
#!/bin/sh
# ============LICENSE_START====================================================
# Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
# Modifications Copyright (C) 2022-2023, 2026 OpenInfra Foundation Europe. All rights reserved.
# =============================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# SPDX-License-Identifier: Apache-2.0
# ============LICENSE_END======================================================
usage() {
echo args: [-t timeout] [-c command] hostname1 port1 hostname2 port2 ... >&2
exit 1
}
tmout=300
cmd=
while getopts c:t: opt
do
case "$opt" in
c)
cmd="$OPTARG"
;;
t)
tmout="$OPTARG"
;;
*)
usage
;;
esac
done
nargs=$((OPTIND-1))
shift "$nargs"
even_args=$(($#%2))
if [ $# -lt 2 ] || [ "$even_args" -ne 0 ]
then
usage
fi
while [ $# -ge 2 ]
do
export host="$1"
export port="$2"
shift
shift
echo "Waiting for $host port $port..."
while [ "$tmout" -gt 0 ]
do
if command -v docker > /dev/null 2>&1
then
docker ps --format "table {{ .Names }}\t{{ .Status }}"
fi
nc -vz "$host" "$port"
rc=$?
if [ $rc -eq 0 ]
then
break
else
tmout=$((tmout-1))
sleep 1
fi
done
if [ $rc -ne 0 ]
then
echo "$host port $port cannot be reached"
exit $rc
fi
done
$cmd
exit 0
Step 3: Create the ‘docker-compose.yaml’ using following code:
services:
postgres:
image: nexus3.onap.org:10001/library/postgres:latest
container_name: postgres
hostname: postgres
command: [ '--idle_in_transaction_session_timeout=28800' ]
env_file: ./db-pg.conf
volumes:
- ./db-pg.sh:/docker-entrypoint-initdb.d/db-pg.sh:ro
expose:
- 5432
ports:
- "5432:5432"
policy-db-migrator:
image: nexus3.onap.org:10001/onap/policy-db-migrator:5.0.1-SNAPSHOT
container_name: policy-db-migrator
hostname: policy-db-migrator
depends_on:
- mariadb
expose:
- 6824
env_file: ./db-pg.conf
environment:
POSTGRES_PASSWORD: policy_user
SQL_HOST: postgres
volumes:
- ./init_pg.sh:/opt/app/policy/bin/db_migrator_policy_init_pg.sh:ro
- ./wait_for_port.sh:/opt/app/policy/bin/wait_for_port.sh:ro
entrypoint: /opt/app/policy/bin/wait_for_port.sh
command: [
'-c',
'/opt/app/policy/bin/db_migrator_policy_init.sh',
'postgres', '5432'
]
zookeeper:
image: nexus3.onap.org:10001/confluentinc/cp-zookeeper:latest
environment:
ZOOKEEPER_CLIENT_PORT: 2181
ZOOKEEPER_TICK_TIME: 2000
ports:
- 2181:2181
kafka:
image: nexus3.onap.org:10001/confluentinc/cp-kafka:7.4.9
container_name: kafka
depends_on:
- zookeeper
ports:
- 29092:29092
- 9092:9092
environment:
KAFKA_BROKER_ID: 1
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
KAFKA_ADVERTISED_LISTENERS: PLAINTEXT://kafka:9092,PLAINTEXT_HOST://localhost:29092
KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: PLAINTEXT:PLAINTEXT,PLAINTEXT_HOST:PLAINTEXT
KAFKA_INTER_BROKER_LISTENER_NAME: PLAINTEXT
KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
Step 4: Run the docker composition:
cd ~/git/ docker compose up
2.4.2 Policy API
In the policy-api repo, navigate to the “/main” directory. You can then run the following command to start the policy api:
mvn spring-boot:run
2.4.3 Policy PAP
In the policy-pap repo, navigate to the “/main” directory. You can then run the following command to start the policy pap:
mvn spring-boot:run
2.4.4 ACM Runtime
To start the clampacm runtime we need to go the “runtime-acm” directory in the clamp repo. You can then run the following command to start the clampacm runtime:
cd ~/git/clamp/runtime-acm
java -DRUNTIME_USER=runtimeUser -DRUNTIME_PASSWORD=zb\!XztG34 \
-DSQL_HOST=localhost -DSQL_PORT=5432 -DSQL_USER=policy_user -DSQL_PASSWORD=policy_user \
-DKAFKA_SERVER=localhost:29092 -DTOPIC_COMM_INFRASTRUCTURE=kafka \
-jar target/policy-clamp-runtime-acm-9.0.1-SNAPSHOT.jar
2.4.5 ACM Policy Participant
To start the policy participant we need to go to the “participant/participant-impl/participant-impl-policy” directory in the clamp repo. You can then run the following command to start the policy-participant:
cd ~/git/clamp/participant/participant-impl/participant-impl-policy
java -Dserver.port=8084 -DkafkaServer=localhost:29092 -DtopicCommInfrastructure=kafka \
-jar target/policy-clamp-participant-impl-policy-9.0.1-SNAPSHOT.jar
3. Testing Procedure
3.1 Testing Outline
To perform the Smoke testing of the policy-participant we will be verifying the behaviours of the participant when the ACM changes state. The scenarios are:
UNDEPLOYED to DEPLOYED: participant creates policies and policyTypes specified in the ToscaServiceTemplate using policy-api and deploys the policies using pap.
LOCK to UNLOCK: participant changes lock state to UNLOCK. No operation performed.
UNLOCK to LOCK: participant changes lock state to LOCK. No operation performed.
DEPLOYED to UNDEPLOYED: participant undeploys deployed policies and deletes policies and policyTypes which have been created.
3.2 Testing Steps
Creation of AC Definition:
An AC Definition is created by commissioning a Tosca template. Using postman, commission a TOSCA template using the following template:
To verify this, we check that the AC Definition has been created and is in state COMMISSIONED.
Priming AC Definition:
The AC Definition state is changed from COMMISSIONED to PRIMED using postman:
{
"primeOrder": "PRIME"
}
To verify this, we check that the AC Definition has been primed.
Creation of AC Instance:
Using postman, instance the AC definition using the following template:
To verify this, we check that the AC Instance has been created and is in state UNDEPLOYED.
Creation and deploy of policies and policyTypes:
The AC Instance deploy state is changed from UNDEPLOYED to DEPLOYED using postman:
{
"deployOrder": "DEPLOY"
}
This state change will trigger the creation of policies and policyTypes using the policy-api and the deployment of the policies specified in the ToscaServiceTemplate. To verify this we will check, using policy-api endpoints, that the onap.policies.native.apex.ac.element policy, which is specified in the service template, has been created.
And we will check that the apex onap.policies.native.apex.ac.element policy has been deployed to the defaultGroup. We check this using pap:
Undeployment and deletion of policies and policyTypes:
The ACM STATE is changed from DEPLOYED to UNDEPLOYED using postman:
{
"deployOrder": "UNDEPLOY"
}
This state change will trigger the undeployment of the onap.policies.native.apex.ac.element policy which was deployed previously and the deletion of the previously created policies and policyTypes. To verify this we do a PdpGroup Query as before and check that the onap.policies.native.apex.ac.element policy has been undeployed and removed from the defaultGroup:
As before, we can check that the Test Policy policyType is not found this time and likewise for the onap.policies.native.apex.ac.element policy:
