Add Policy DSL Validator, Schema Exporter, and Simulation Smoke tools

- Implemented PolicyDslValidator with command-line options for strict mode and JSON output.
- Created PolicySchemaExporter to generate JSON schemas for policy-related models.
- Developed PolicySimulationSmoke tool to validate policy simulations against expected outcomes.
- Added project files and necessary dependencies for each tool.
- Ensured proper error handling and usage instructions across tools.

deploy/helm/stellaops/templates/_helpers.tpl

@@ -1,6 +1,18 @@
 {{- define "stellaops.name" -}}
 {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
+{{- end -}}
+
+{{- define "stellaops.telemetryCollector.config" -}}
+{{- if .Values.telemetry.collector.config }}
+{{ tpl .Values.telemetry.collector.config . }}
+{{- else }}
+{{ tpl (.Files.Get "files/otel-collector-config.yaml") . }}
+{{- end }}
+{{- end -}}
+
+{{- define "stellaops.telemetryCollector.fullname" -}}
+{{- printf "%s-otel-collector" (include "stellaops.name" .) | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
 
 {{- define "stellaops.fullname" -}}
 {{- $name := default .root.Chart.Name .root.Values.fullnameOverride -}}

deploy/helm/stellaops/templates/otel-collector.yaml

@@ -0,0 +1,121 @@
+{{- if .Values.telemetry.collector.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "stellaops.telemetryCollector.fullname" . }}
+  labels:
+    {{- include "stellaops.labels" (dict "root" . "name" "otel-collector" "svc" (dict "class" "telemetry")) | nindent 4 }}
+data:
+  config.yaml: |
+{{ include "stellaops.telemetryCollector.config" . | indent 4 }}
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "stellaops.telemetryCollector.fullname" . }}
+  labels:
+    {{- include "stellaops.labels" (dict "root" . "name" "otel-collector" "svc" (dict "class" "telemetry")) | nindent 4 }}
+spec:
+  replicas: {{ .Values.telemetry.collector.replicas | default 1 }}
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ include "stellaops.name" . | quote }}
+      app.kubernetes.io/component: "otel-collector"
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: {{ include "stellaops.name" . | quote }}
+        app.kubernetes.io/component: "otel-collector"
+        stellaops.profile: {{ .Values.global.profile | quote }}
+    spec:
+      containers:
+        - name: otel-collector
+          image: {{ .Values.telemetry.collector.image | default "otel/opentelemetry-collector:0.105.0" | quote }}
+          args:
+            - "--config=/etc/otel/config.yaml"
+          ports:
+            - name: otlp-grpc
+              containerPort: 4317
+            - name: otlp-http
+              containerPort: 4318
+            - name: metrics
+              containerPort: 9464
+            - name: health
+              containerPort: 13133
+            - name: pprof
+              containerPort: 1777
+          env:
+            - name: STELLAOPS_OTEL_TLS_CERT
+              value: {{ .Values.telemetry.collector.tls.certPath | default "/etc/otel/tls/tls.crt" | quote }}
+            - name: STELLAOPS_OTEL_TLS_KEY
+              value: {{ .Values.telemetry.collector.tls.keyPath | default "/etc/otel/tls/tls.key" | quote }}
+            - name: STELLAOPS_OTEL_TLS_CA
+              value: {{ .Values.telemetry.collector.tls.caPath | default "/etc/otel/tls/ca.crt" | quote }}
+            - name: STELLAOPS_OTEL_PROMETHEUS_ENDPOINT
+              value: {{ .Values.telemetry.collector.prometheusEndpoint | default "0.0.0.0:9464" | quote }}
+            - name: STELLAOPS_OTEL_REQUIRE_CLIENT_CERT
+              value: {{ .Values.telemetry.collector.requireClientCert | default true | quote }}
+            - name: STELLAOPS_TENANT_ID
+              value: {{ .Values.telemetry.collector.defaultTenant | default "unknown" | quote }}
+            - name: STELLAOPS_OTEL_LOG_LEVEL
+              value: {{ .Values.telemetry.collector.logLevel | default "info" | quote }}
+          volumeMounts:
+            - name: config
+              mountPath: /etc/otel/config.yaml
+              subPath: config.yaml
+              readOnly: true
+            - name: tls
+              mountPath: /etc/otel/tls
+              readOnly: true
+          livenessProbe:
+            httpGet:
+              scheme: HTTPS
+              port: health
+              path: /healthz
+            initialDelaySeconds: 10
+            periodSeconds: 30
+          readinessProbe:
+            httpGet:
+              scheme: HTTPS
+              port: health
+              path: /healthz
+            initialDelaySeconds: 5
+            periodSeconds: 15
+{{- with .Values.telemetry.collector.resources }}
+          resources:
+{{ toYaml . | indent 12 }}
+{{- end }}
+      volumes:
+        - name: config
+          configMap:
+            name: {{ include "stellaops.telemetryCollector.fullname" . }}
+        - name: tls
+          secret:
+            secretName: {{ .Values.telemetry.collector.tls.secretName | required "telemetry.collector.tls.secretName is required" }}
+{{- if .Values.telemetry.collector.tls.items }}
+            items:
+{{ toYaml .Values.telemetry.collector.tls.items | indent 14 }}
+{{- end }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "stellaops.telemetryCollector.fullname" . }}
+  labels:
+    {{- include "stellaops.labels" (dict "root" . "name" "otel-collector" "svc" (dict "class" "telemetry")) | nindent 4 }}
+spec:
+  type: ClusterIP
+  selector:
+    app.kubernetes.io/name: {{ include "stellaops.name" . | quote }}
+    app.kubernetes.io/component: "otel-collector"
+  ports:
+    - name: otlp-grpc
+      port: {{ .Values.telemetry.collector.service.grpcPort | default 4317 }}
+      targetPort: otlp-grpc
+    - name: otlp-http
+      port: {{ .Values.telemetry.collector.service.httpPort | default 4318 }}
+      targetPort: otlp-http
+    - name: metrics
+      port: {{ .Values.telemetry.collector.service.metricsPort | default 9464 }}
+      targetPort: metrics
+{{- end }}