diff options
author | Instrumental <jonathan.gathman@att.com> | 2018-07-19 13:29:32 -0500 |
---|---|---|
committer | Instrumental <jonathan.gathman@att.com> | 2018-07-19 13:29:44 -0500 |
commit | 32cdd553a8668e6d03a9cf5b11b360d35a63c87f (patch) | |
tree | 48c02e4be820d87efb777d7be20bad57d517b61c /auth/auth-cass/src/main/cql | |
parent | 9c8a8b0926b13b07fb1e5394903401e7a3f1ff79 (diff) |
Configuration and Auto-Certificates
Issue-ID: AAF-378
Change-Id: Ic820a4e43684a6130f00b28b415a974876099fc3
Signed-off-by: Instrumental <jonathan.gathman@att.com>
Diffstat (limited to 'auth/auth-cass/src/main/cql')
-rw-r--r-- | auth/auth-cass/src/main/cql/build.sh | 6 | ||||
-rw-r--r-- | auth/auth-cass/src/main/cql/config.dat | 10 | ||||
-rw-r--r-- | auth/auth-cass/src/main/cql/osaaf.cql | 17 | ||||
-rw-r--r-- | auth/auth-cass/src/main/cql/pull.sh | 5 | ||||
-rw-r--r-- | auth/auth-cass/src/main/cql/push.sh | 5 |
5 files changed, 41 insertions, 2 deletions
diff --git a/auth/auth-cass/src/main/cql/build.sh b/auth/auth-cass/src/main/cql/build.sh new file mode 100644 index 00000000..caa07494 --- /dev/null +++ b/auth/auth-cass/src/main/cql/build.sh @@ -0,0 +1,6 @@ +#!/bin/bash +CQLSH=/Volumes/Data/apache-cassandra-2.1.14/bin/cqlsh +DIR=. +for T in ns perm role user_role cred config; do + $CQLSH -e "COPY authz.$T TO '$DIR/$T.dat' WITH DELIMITER='|'" +done diff --git a/auth/auth-cass/src/main/cql/config.dat b/auth/auth-cass/src/main/cql/config.dat new file mode 100644 index 00000000..7eba23e1 --- /dev/null +++ b/auth/auth-cass/src/main/cql/config.dat @@ -0,0 +1,10 @@ +aaf|aaf_env|DEV
+aaf|aaf_locate_url|https://meriadoc.mithril.sbc.com:8095
+aaf|cadi_x509_issuers|CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US
+aaf|aaf_oauth2_introspect_url|https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect
+aaf|aaf_oauth2_token_url|https://AAF_LOCATE_URL/AAF_NS.token:2.1/token
+aaf|aaf_url|https://AAF_LOCATE_URL/AAF_NS.service:2.1
+aaf|cadi_protocols|TLSv1.1,TLSv1.2
+aaf|cm_url|https://AAF_LOCATE_URL/AAF_NS.cm:2.1
+aaf|fs_url|https://AAF_LOCATE_URL/AAF_NS.fs.2.1
+aaf|gui_url|https://AAF_LOCATE_URL/AAF_NS.gui.2.1
diff --git a/auth/auth-cass/src/main/cql/osaaf.cql b/auth/auth-cass/src/main/cql/osaaf.cql index b3d895b9..51e6b908 100644 --- a/auth/auth-cass/src/main/cql/osaaf.cql +++ b/auth/auth-cass/src/main/cql/osaaf.cql @@ -51,10 +51,10 @@ INSERT INTO role(ns, name, perms, description) // OSAAF Root INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('aaf@aaf.osaaf.org','org.admin','2018-10-31','org','admin') using TTL 14400; + VALUES ('aaf@aaf.osaaf.org','org.admin','2018-10-31','org','admin'); INSERT INTO user_role(user,role,expires,ns,rname) - VALUES ('aaf@aaf.osaaf.org','org.osaaf.aaf.admin','2018-10-31','org.osaaf.aaf','admin') using TTL 14400; + VALUES ('aaf@aaf.osaaf.org','org.osaaf.aaf.admin','2018-10-31','org.osaaf.aaf','admin'); // ONAP Specific Entities @@ -79,6 +79,19 @@ INSERT INTO perm(ns, type, instance, action, roles, description) INSERT INTO role(ns, name, perms, description) VALUES('org.onap.portal','admin',{'org.onap.portal.access|*|*'},'Portal Admins'); +// AAF Admin +insert into cred (id,type,expires,cred,notes,ns,other) values('aaf_admin@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344); +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('aaf_admin@people.osaaf.org','org.osaaf.aaf.admin','2018-10-31','org.osaaf.aaf','admin'); + +// A Deployer +insert into cred (id,type,expires,cred,notes,ns,other) values('deployer@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344); +INSERT INTO role(ns, name, perms, description) + VALUES('org.osaaf.aaf','deploy',{},'ONAP Deployment Role'); +INSERT INTO user_role(user,role,expires,ns,rname) + VALUES ('deployer@people.osaaf.org','org.osaaf.aaf.deploy','2018-10-31','org.osaaf.aaf','deploy'); + + // DEMO ID (OPS) insert into cred (id,type,expires,cred,notes,ns,other) values('demo@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344); INSERT INTO user_role(user,role,expires,ns,rname) diff --git a/auth/auth-cass/src/main/cql/pull.sh b/auth/auth-cass/src/main/cql/pull.sh new file mode 100644 index 00000000..f4db573a --- /dev/null +++ b/auth/auth-cass/src/main/cql/pull.sh @@ -0,0 +1,5 @@ +for T in x509 ns_attrib config cred user_role perm role artifact ns; do + cqlsh -e "use authz; COPY $T TO '$T.dat' WITH DELIMITER='|';" +done +tar -cvzf dat.gz *.dat + diff --git a/auth/auth-cass/src/main/cql/push.sh b/auth/auth-cass/src/main/cql/push.sh new file mode 100644 index 00000000..8026c9f9 --- /dev/null +++ b/auth/auth-cass/src/main/cql/push.sh @@ -0,0 +1,5 @@ +tar -xvf dat.gz +for T in x509 ns_attrib config cred user_role perm role artifact ns; do + cqlsh -e "use authz; COPY $T FROM '$T.dat' WITH DELIMITER='|';" +done + |