Skip to content

Commit

Permalink
eclipse-ditto#1650 provided Helm configuration for WoT TM validation
Browse files Browse the repository at this point in the history 
* also for dynamic part
* changed config structure a bit in order to better fit Helm YAML config
  • Loading branch information
@thjaeckle
thjaeckle committed Jul 29, 2024
1 parent 9c2ed96 commit d0c3051
Show file tree
Hide file tree
Showing 12 changed files with 352 additions and 182 deletions.
2 changes: 1 addition & 1 deletion deployment/helm/ditto/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ description: |
A digital twin is a virtual, cloud based, representation of his real world counterpart
(real world “Things”, e.g. devices like sensors, smart heating, connected cars, smart grids, EV charging stations etc).
type: application
version: 3.5.12 # chart version is effectively set by release-job
version: 3.5.13 # chart version is effectively set by release-job
appVersion: 3.5.10
keywords:
- iot-chart
Expand Down
20 changes: 20 additions & 0 deletions deployment/helm/ditto/local-values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,26 @@ things:
- "org.eclipse.ditto.room"
authSubjects:
- "connection:some"
wot:
tmValidation:
dynamicConfig:
- validationContext:
dittoHeadersPatterns:
- ditto-originator: "connection:one"
thingDefinitionPatterns:
- "^foo.*bar$"
featureDefinitionPatterns: [ ]
configOverrides:
enabled: true
thing:
enforce:
thing-description-modification: false
attributes: true
forbid:
thing-description-deletion: false
feature:
enforce:
feature-description-modification: false

## ----------------------------------------------------------------------------
## things-search configuration
Expand Down
76 changes: 76 additions & 0 deletions deployment/helm/ditto/templates/things-deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -162,6 +162,36 @@ spec:
{{- end }}
{{- end }}
'-Dditto.things.wot.to-thing-description.json-template={{ .Values.things.config.wot.tdJsonTemplate | replace "\n" "" | replace "\\\"" "\"" }}'
{{- range $dynConfIdx, $dynamicWotTmValidationConfig := .Values.things.config.wot.tmValidation.dynamicConfig }}
{{- if or (gt (len $dynamicWotTmValidationConfig.validationContext.dittoHeadersPatterns) 0) (gt (len $dynamicWotTmValidationConfig.validationContext.thingDefinitionPatterns) 0) (gt (len $dynamicWotTmValidationConfig.validationContext.featureDefinitionPatterns) 0) }}
{{- range $dhpIdx, $dittoHeadersPatterns := $dynamicWotTmValidationConfig.validationContext.dittoHeadersPatterns }}
{{- range $dhpKey, $dhpVal := $dittoHeadersPatterns }}
"{{ printf "%s%d%s%d%s%s=%v" "-Dditto.things.wot.tm-model-validation.dynamic-configuration." $dynConfIdx ".validation-context.ditto-headers-patterns." $dhpIdx "." $dhpKey $dhpVal }}"
{{- end }}
{{- end }}
{{- range $tdpIdx, $thingDefinitionPattern := $dynamicWotTmValidationConfig.validationContext.thingDefinitionPatterns }}
"{{ printf "%s%d%s%d=%v" "-Dditto.things.wot.tm-model-validation.dynamic-configuration." $dynConfIdx ".validation-context.thing-definition-patterns." $tdpIdx $thingDefinitionPattern }}"
{{- end }}
{{- range $fdpIdx, $featureDefinitionPattern := $dynamicWotTmValidationConfig.validationContext.featureDefinitionPatterns }}
"{{ printf "%s%d%s%d=%v" "-Dditto.things.wot.tm-model-validation.dynamic-configuration." $dynConfIdx ".validation-context.feature-definition-patterns." $fdpIdx $featureDefinitionPattern }}"
{{- end }}
{{- range $configOverridesKey, $configOverridesValue := $dynamicWotTmValidationConfig.configOverrides }}
{{- if or (eq (kindOf $configOverridesValue) "map") (eq (kindOf $configOverridesValue) "slice") }}
{{- range $nested1ConfigOverridesKey, $nested1ConfigOverridesValue := $configOverridesValue }}
{{- if or (eq (kindOf $nested1ConfigOverridesValue) "map") (eq (kindOf $nested1ConfigOverridesValue) "slice") }}
{{- range $nested2ConfigOverridesKey, $nested2ConfigOverridesValue := $nested1ConfigOverridesValue }}
"{{ printf "%s%d%s%s%s%s%s%s=%v" "-Dditto.things.wot.tm-model-validation.dynamic-configuration." $dynConfIdx ".config-overrides." $configOverridesKey "." $nested1ConfigOverridesKey "." $nested2ConfigOverridesKey $nested2ConfigOverridesValue }}"
{{- end }}
{{- else }}
"{{ printf "%s%d%s%s%s%s=%v" "-Dditto.things.wot.tm-model-validation.dynamic-configuration." $dynConfIdx ".config-overrides." $configOverridesKey "." $nested1ConfigOverridesKey $nested1ConfigOverridesValue }}"
{{- end }}
{{- end }}
{{- else }}
"{{ printf "%s%d%s%s=%v" "-Dditto.things.wot.tm-model-validation.dynamic-configuration." $dynConfIdx ".config-overrides." $configOverridesKey $configOverridesValue }}"
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{ join " " .Values.things.systemProps }}
- name: MONGO_DB_SSL_ENABLED
value: "{{ printf "%t" .Values.dbconfig.things.ssl }}"
Expand Down Expand Up @@ -272,6 +302,52 @@ spec:
value: "{{ .Values.things.config.policiesEnforcer.cache.expireAfterAccess }}"
- name: THINGS_WOT_TO_THING_DESCRIPTION_BASE_PREFIX
value: "{{ .Values.things.config.wot.tdBasePrefix }}"
- name: THINGS_WOT_TM_MODEL_VALIDATION_ENABLED
value: "{{ .Values.things.config.wot.tmValidation.enabled }}"
- name: THINGS_WOT_TM_MODEL_VALIDATION_THING_ENFORCE_TD_MODIFICATION
value: "{{ index .Values.things.config.wot.tmValidation.thing.enforce "thing-description-modification" }}"
- name: THINGS_WOT_TM_MODEL_VALIDATION_THING_ENFORCE_ATTRIBUTES
value: "{{ .Values.things.config.wot.tmValidation.thing.enforce.attributes }}"
- name: THINGS_WOT_TM_MODEL_VALIDATION_THING_ENFORCE_INBOX_MESSAGES_INPUT
value: "{{ index .Values.things.config.wot.tmValidation.thing.enforce "inbox-messages-input" }}"
- name: THINGS_WOT_TM_MODEL_VALIDATION_THING_ENFORCE_INBOX_MESSAGES_OUTPUT
value: "{{ index .Values.things.config.wot.tmValidation.thing.enforce "inbox-messages-output" }}"
- name: THINGS_WOT_TM_MODEL_VALIDATION_THING_ENFORCE_OUTBOX_MESSAGES
value: "{{ index .Values.things.config.wot.tmValidation.thing.enforce "outbox-messages" }}"
- name: THINGS_WOT_TM_MODEL_VALIDATION_THING_FORBID_TD_DELETION
value: "{{ index .Values.things.config.wot.tmValidation.thing.forbid "thing-description-deletion" }}"
- name: THINGS_WOT_TM_MODEL_VALIDATION_THING_FORBID_NON_MODELED_ATTRIBUTES
value: "{{ index .Values.things.config.wot.tmValidation.thing.forbid "non-modeled-attributes" }}"
- name: THINGS_WOT_TM_MODEL_VALIDATION_THING_FORBID_NON_MODELED_INBOX_MESSAGES
value: "{{ index .Values.things.config.wot.tmValidation.thing.forbid "non-modeled-inbox-messages" }}"
- name: THINGS_WOT_TM_MODEL_VALIDATION_THING_FORBID_NON_MODELED_OUTBOX_MESSAGES
value: "{{ index .Values.things.config.wot.tmValidation.thing.forbid "non-modeled-outbox-messages" }}"
- name: THINGS_WOT_TM_MODEL_VALIDATION_FEATURE_ENFORCE_FD_MODIFICATION
value: "{{ index .Values.things.config.wot.tmValidation.feature.enforce "feature-description-modification" }}"
- name: THINGS_WOT_TM_MODEL_VALIDATION_FEATURE_ENFORCE_PRESENCE_OF_MODELED_FEATURES
value: "{{ index .Values.things.config.wot.tmValidation.feature.enforce "presence-of-modeled-features" }}"
- name: THINGS_WOT_TM_MODEL_VALIDATION_FEATURE_ENFORCE_PROPERTIES
value: "{{ .Values.things.config.wot.tmValidation.feature.enforce.properties }}"
- name: THINGS_WOT_TM_MODEL_VALIDATION_FEATURE_ENFORCE_DESIRED_PROPERTIES
value: "{{ index .Values.things.config.wot.tmValidation.feature.enforce "desired-properties" }}"
- name: THINGS_WOT_TM_MODEL_VALIDATION_FEATURE_ENFORCE_INBOX_MESSAGES_INPUT
value: "{{ index .Values.things.config.wot.tmValidation.feature.enforce "inbox-messages-input" }}"
- name: THINGS_WOT_TM_MODEL_VALIDATION_FEATURE_ENFORCE_INBOX_MESSAGES_OUTPUT
value: "{{ index .Values.things.config.wot.tmValidation.feature.enforce "inbox-messages-output" }}"
- name: THINGS_WOT_TM_MODEL_VALIDATION_FEATURE_ENFORCE_OUTBOX_MESSAGES
value: "{{ index .Values.things.config.wot.tmValidation.feature.enforce "outbox-messages" }}"
- name: THINGS_WOT_TM_MODEL_VALIDATION_FEATURE_FORBID_FD_DELETION
value: "{{ index .Values.things.config.wot.tmValidation.feature.forbid "feature-description-deletion" }}"
- name: THINGS_WOT_TM_MODEL_VALIDATION_FEATURE_FORBID_NON_MODELED_INBOX_MESSAGES
value: "{{ index .Values.things.config.wot.tmValidation.feature.forbid "non-modeled-inbox-messages" }}"
- name: THINGS_WOT_TM_MODEL_VALIDATION_FEATURE_FORBID_NON_MODELED_FEATURES
value: "{{ index .Values.things.config.wot.tmValidation.feature.forbid "non-modeled-features" }}"
- name: THINGS_WOT_TM_MODEL_VALIDATION_FEATURE_FORBID_NON_MODELED_PROPERTIES
value: "{{ index .Values.things.config.wot.tmValidation.feature.forbid "non-modeled-properties" }}"
- name: THINGS_WOT_TM_MODEL_VALIDATION_FEATURE_FORBID_NON_MODELED_DESIRED_PROPERTIES
value: "{{ index .Values.things.config.wot.tmValidation.feature.forbid "non-modeled-desired-properties" }}"
- name: THINGS_WOT_TM_MODEL_VALIDATION_FEATURE_FORBID_NON_MODELED_OUTBOX_MESSAGES
value: "{{ index .Values.things.config.wot.tmValidation.feature.forbid "non-modeled-outbox-messages" }}"
{{- if .Values.things.extraEnv }}
{{- toYaml .Values.things.extraEnv | nindent 12 }}
{{- end }}
Expand Down
63 changes: 63 additions & 0 deletions deployment/helm/ditto/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -994,6 +994,69 @@ things:
"security": "basic_sc",
"support": "https://www.eclipse.dev/ditto/"
}
# tmValidation provides configuration settings for WoT (Web of Things) integration regarding the validation of
# Things and Features based on their WoT ThingModels
tmValidation:
# enabled whether the ThingModel validation of Things/Features should be enabled
enabled: false
# thing provides configuration settings for WoT based validation of Things
thing:
# enforce holds all configuration relating to enforcing the model
enforce:
# thing-description-modification whether to enforce/validate a thing whenever its description is modified
thing-description-modification: true
# attributes whether to enforce/validate attributes of a thing following the defined WoT properties
attributes: true
# inbox-messages-input whether to enforce/validate inbox messages to a thing following the defined WoT action "input"
inbox-messages-input: true
# inbox-messages-output whether to enforce/validate inbox message responses to a thing following the defined WoT action "output"
inbox-messages-output: true
# outbox-messages whether to enforce/validate outbox messages from a thing following the defined WoT event "data"
outbox-messages: true
# forbid holds all configuration relating to forbidding/preventing certain interactions
forbid:
# thing-description-deletion whether to forbid deletion of a thing's description
thing-description-deletion: true
# non-modeled-attributes whether to forbid persisting attributes which are not defined as properties in the WoT model
non-modeled-attributes: true
# non-modeled-inbox-messages whether to forbid dispatching of inbox messages which are not defined as actions in the WoT model
non-modeled-inbox-messages: true
# non-modeled-outbox-messages whether to forbid dispatching of outbox messages which are not defined as events in the WoT model
non-modeled-outbox-messages: true
# feature provides configuration settings for WoT based validation of Features
feature:
# enforce holds all configuration relating to enforcing the model
enforce:
# feature-description-modification whether to enforce/validate a feature whenever its description is modified
feature-description-modification: true
# presence-of-modeled-features whether to enforce that all modeled features
# (submodels referenced in the thing's definition's WoT model) are present
presence-of-modeled-features: true
# properties whether to enforce/validate properties of a feature following the defined WoT properties
properties: true
# desired-properties whether to enforce/validate desired properties of a feature following the defined WoT properties
desired-properties: true
# inbox-messages-input whether to enforce/validate inbox messages to a feature following the defined WoT action "input"
inbox-messages-input: true
# inbox-messages-output whether to enforce/validate inbox message responses to a feature following the defined WoT action "output"
inbox-messages-output: true
# outbox-messages whether to enforce/validate outbox messages from a feature following the defined WoT events
outbox-messages: true
# forbid holds all configuration relating to forbidding/preventing certain interactions
forbid:
# feature-description-deletion whether to forbid deletion of a feature's description
feature-description-deletion: true
# non-modeled-features whether to forbid adding features to a Thing which were not defined in its definition's WoT model
non-modeled-features: true
# non-modeled-properties whether to forbid persisting properties which are not defined as properties in the WoT model
non-modeled-properties: true
# non-modeled-desired-properties whether to forbid persisting desired properties which are not defined as properties in the WoT model
non-modeled-desired-properties: true
# non-modeled-inbox-messages whether to forbid dispatching of inbox messages which are not defined as actions in the WoT model
non-modeled-inbox-messages: true
# non-modeled-outbox-messages whether to forbid dispatching of outbox messages which are not defined as events in the WoT model
non-modeled-outbox-messages: true
dynamicConfig: []

## ----------------------------------------------------------------------------
## things-search configuration
Expand Down
Loading

0 comments on commit d0c3051

Please sign in to comment.