From 98831362ddb13e1888bedca4f4e03df8c4e7d9e4 Mon Sep 17 00:00:00 2001 From: Brinda Santh Date: Fri, 29 Nov 2019 14:59:12 -0500 Subject: Upgrade py executor ms GRPC version. Regenerate TLS certs with config file. Issue-ID: CCSDK-1737 Signed-off-by: Brinda Santh Change-Id: I2b0982c4e230524ad1e58f150da2a05e4474a0fa --- .../application/src/main/dc/docker-compose.yaml | 14 +++----- .../application/src/main/docker/distribution.xml | 5 +++ .../src/main/resources/application-dev.properties | 5 +++ .../src/main/resources/application.properties | 5 +++ .../certs/py-executor/py-executor-chain.pem | 37 ++++++++++++++++++++++ 5 files changed, 57 insertions(+), 9 deletions(-) create mode 100644 ms/blueprintsprocessor/application/src/main/resources/certs/py-executor/py-executor-chain.pem (limited to 'ms/blueprintsprocessor/application') diff --git a/ms/blueprintsprocessor/application/src/main/dc/docker-compose.yaml b/ms/blueprintsprocessor/application/src/main/dc/docker-compose.yaml index 27f72b59b..ada461b52 100755 --- a/ms/blueprintsprocessor/application/src/main/dc/docker-compose.yaml +++ b/ms/blueprintsprocessor/application/src/main/dc/docker-compose.yaml @@ -14,11 +14,11 @@ services: MYSQL_DATABASE: sdnctl MYSQL_USER: sdnctl MYSQL_PASSWORD: sdnctl - blueprints-processor: + cds-controller-default: depends_on: - db image: onap/ccsdk-blueprintsprocessor:latest - container_name: bp-processor + container_name: cds-controller-default ports: - "8000:8080" - "9111:9111" @@ -41,11 +41,11 @@ services: restart: always volumes: - blueprints-deploy:/opt/app/onap/blueprints/deploy - py-executor: + py-executor-default: depends_on: - db - image: onap/ccsdk-py-script-executor - container_name: bp-py-executor + image: onap/ccsdk-py-executor + container_name: py-executor-default ports: - "50052:50052" restart: always @@ -58,11 +58,7 @@ services: STICKYSELECTORKEY: ENVCONTEXT: dev APP_PORT: 50052 - #AUTH_TYPE: basic-auth - #AUTH_TOKEN: Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== AUTH_TYPE: tls-auth - AUTH_CERT_CHAIN: /opt/app/onap/python/py-executor-chain.pem - AUTH_PRIVATE_KEY: /opt/app/onap/python/py-executor-key.pem LOG_FILE: /opt/app/onap/logs/application.log volumes: diff --git a/ms/blueprintsprocessor/application/src/main/docker/distribution.xml b/ms/blueprintsprocessor/application/src/main/docker/distribution.xml index aed417581..291dca09b 100755 --- a/ms/blueprintsprocessor/application/src/main/docker/distribution.xml +++ b/ms/blueprintsprocessor/application/src/main/docker/distribution.xml @@ -44,6 +44,11 @@ opt/app/onap/config true + + ${project.basedir}/src/main/resources/certs + opt/app/onap/config/certs + true + ${project.basedir}/../../../components/model-catalog opt/app/onap/model-catalog diff --git a/ms/blueprintsprocessor/application/src/main/resources/application-dev.properties b/ms/blueprintsprocessor/application/src/main/resources/application-dev.properties index fc2e7f244..89b4f65b4 100755 --- a/ms/blueprintsprocessor/application/src/main/resources/application-dev.properties +++ b/ms/blueprintsprocessor/application/src/main/resources/application-dev.properties @@ -57,6 +57,11 @@ blueprintsprocessor.grpcclient.remote-python.host=localhost blueprintsprocessor.grpcclient.remote-python.port=50051 blueprintsprocessor.grpcclient.remote-python.token=Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== +# Py executor +blueprintsprocessor.grpcclient.py-executor.type=tls-auth +blueprintsprocessor.grpcclient.py-executor.host=localhost:50052 +blueprintsprocessor.grpcclient.py-executor.trustCertCollection=src/main/resources/certs/py-executor/py-executor-chain.pem + # Blueprint Processor File Execution and Handling Properties ### use absolute paths if testing inside docker ### blueprintsprocessor.blueprintDeployPath=/opt/app/onap/blueprints/deploy diff --git a/ms/blueprintsprocessor/application/src/main/resources/application.properties b/ms/blueprintsprocessor/application/src/main/resources/application.properties index bd713080f..1ba29e43a 100755 --- a/ms/blueprintsprocessor/application/src/main/resources/application.properties +++ b/ms/blueprintsprocessor/application/src/main/resources/application.properties @@ -77,6 +77,11 @@ blueprintsprocessor.grpcclient.remote-python.host=localhost blueprintsprocessor.grpcclient.remote-python.port=50051 blueprintsprocessor.grpcclient.remote-python.token=Basic Y2NzZGthcHBzOmNjc2RrYXBwcw== +# Py executor +blueprintsprocessor.grpcclient.py-executor.type=tls-auth +blueprintsprocessor.grpcclient.py-executor.host=py-executor-default:50052 +blueprintsprocessor.grpcclient.py-executor.trustCertCollection=/opt/app/onap/config/certs/py-executor/py-executor-chain.pem + # Config Data REST client settings blueprintsprocessor.restconfEnabled=true blueprintsprocessor.restclient.sdnc.type=basic-auth diff --git a/ms/blueprintsprocessor/application/src/main/resources/certs/py-executor/py-executor-chain.pem b/ms/blueprintsprocessor/application/src/main/resources/certs/py-executor/py-executor-chain.pem new file mode 100644 index 000000000..98c4f39ba --- /dev/null +++ b/ms/blueprintsprocessor/application/src/main/resources/certs/py-executor/py-executor-chain.pem @@ -0,0 +1,37 @@ +-----BEGIN CERTIFICATE----- +MIIGXTCCBEWgAwIBAgIJALA8s9WVhurtMA0GCSqGSIb3DQEBCwUAMH8xCzAJBgNV +BAYTAlVTMRMwEQYDVQQIDApOZXcgSmVyc2V5MRMwEQYDVQQHDApNaWRkbGV0b3du +MRcwFQYDVQQKDA5PTkFQIENvbW11bml0eTEOMAwGA1UEAwwFQ0NTREsxHTAbBgkq +hkiG9w0BCQEWDmJzMjc5NkBhdHQuY29tMB4XDTE5MTEyOTIwNTUzNFoXDTI5MTEy +NjIwNTUzNFowfzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCk5ldyBKZXJzZXkxEzAR +BgNVBAcMCk1pZGRsZXRvd24xFzAVBgNVBAoMDk9OQVAgQ29tbXVuaXR5MQ4wDAYD +VQQDDAVDQ1NESzEdMBsGCSqGSIb3DQEJARYOYnMyNzk2QGF0dC5jb20wggIiMA0G +CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDMb8yqD/lu3IHffa1H+LnCTKCijZDC +85sPta8nH9cQxqRLJyjkOZs+K1z5i6Qn1AH8jOYqG1dRO0Y3pTqu0q5s5Q5Qg2ZF +xZPW0772HL2Id1WAL62ymPcAp4/JPgeFqcVtRcxx+MPKTohjSY9l+cAPuAQ3izmz +ValxYVvI8s3qRnvp9sjaOTm4vz/9/7mci9hDKn4B8K7u8fUPKkqYQOOaiv31rYVG +sw7CIGvHGQMz89loWtB7A4ioZmveZdRdRs5kXbGwvuZQOnc6e8wYO211wkPEJ/go +sulWwMqcwN9L6712g6ZnoFD+gtut+OLIlrZGS/5MEzMnvmX9NzXiKOP9Zp+Qj4jM +3pa1pt33LxoBYux7r9154wi9kCXLI2XUTA5TbaufXv6/tn3R9fzMYEUeUdLeEEtr +NBTEpviTaAxgkpLhGbrSd6F3wbvnBh/gPrBW/0HrAnpMuV5V8JFP1SrT2EbguaW5 +G4keckBMkcOPpz/qvYuXW2FD/XO5yz1keJqXs4HSSM0/ZYcNk89wn50I4GLUY0Q5 +hnk9Twdf8zglSRUDHLCrsA88wJXHBL6W6xVQjQFikY94YOVyvcqXvnmlhOhLamr2 +72bbjrVPvZw4nUYZeg/WpdalmpJb4M9MVLLFo11O150PRRUqnHTHHKGXv7C2mCAO +MIEPr/WJpS50WwIDAQABo4HbMIHYMB0GA1UdDgQWBBT+kmcpEJ/kS/kW9rGc0uom +T0VqBDAfBgNVHSMEGDAWgBT+kmcpEJ/kS/kW9rGc0uomT0VqBDAJBgNVHRMEAjAA +MAsGA1UdDwQEAwIF4DATBgNVHSUEDDAKBggrBgEFBQcDATA7BgNVHREENDAyghBj +ZHMtY29udHJvbGxlci0qgg1weS1leGVjdXRvci0qgglsb2NhbGhvc3SHBH8AAAEw +LAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMA0G +CSqGSIb3DQEBCwUAA4ICAQCdquyIETbOWFtXpzL/SQ8jB0yzBmErA3vQPm847qSz +r8QNXsEyPq7lo06xJTfhlmfpOBzCVdpP+/3pvJfKJ8/wC/D3B8E88Ozzz/yCZPuG +SNcv+SSnki729ptc1bx6It0FQFahXGywm2ASHGMz4zfmMtnjIfBEuMBCD+V4liwr +oCEw8E1d+fxArv72LMbNYxPQ+HfrasYhINgVnYSpftqIGpi0PGaEoCVrosQnB0Gk +5kHWvTXqMC+G9Q1MSQk8vs3lnp9Y4gXbdeaMu3YSmM9nVAY1uZiZRBHVbMadIDFO +NQmDBKfyN6uK3uBV1S84woC0o5iqIR5EF3u4NeCX5jRWR1Uu4zAG70TpcLmyP1do +Kt49m9sVrxoCgzjzRd1yZ50BZ1/5550OeF55swQv/ncGriD8uxaQu49NbUo2Rw8R +Af5TMMW9+0KN6zDOUIVfK5a6NGqnylN3drB2jIjGyTOVycm5paL+iuKEg7euxvZ8 +51Z6QWe3F3+wVYVWtDeN3/9FUm3FzonmZvoChYkz7NTifQpS7/46BpBa5DoblcUu +MMXWMYieVv3wLIvtFFi2CoNh0tyD7TcNsAB4hLbbBxtXmAB82tgjQhOdkQErm+qi +Gq5AwlI8k3hhkLDcWH4hUx4YTLJLdTeQGKyM6dB+NBZATyzOrY5j86j7vITLeG8t +3w== +-----END CERTIFICATE----- -- cgit 1.2.3-korg