diff options
| -rw-r--r-- | ansible-server/src/main/Dockerfile | 13 | ||||
| -rwxr-xr-x | ansible-server/src/main/ansible-server/AnsibleModule.py | 8 | ||||
| -rwxr-xr-x | ansible-server/src/main/ansible-server/AnsibleSql.py | 62 | ||||
| -rwxr-xr-x | ansible-server/src/main/ansible-server/LoadAnsibleMySql.py | 22 | ||||
| -rwxr-xr-x | ansible-server/src/main/ansible-server/RestServer.py | 10 | ||||
| -rwxr-xr-x | ansible-server/src/main/ansible-server/UsersRestServer.py | 34 | ||||
| -rwxr-xr-x[-rw-r--r--] | ansible-server/src/main/ansible-server/startAnsibleServer.sh | 2 | ||||
| -rw-r--r-- | ansible-server/src/main/docker/Dockerfile | 24 | ||||
| -rwxr-xr-x | dependencies/pom.xml | 1 | ||||
| -rwxr-xr-x | dgbuilder/tools/getRpcsClassFromYang.sh | 8 | ||||
| -rwxr-xr-x | dgbuilder/tools/printYangProps.sh | 2 | ||||
| -rw-r--r-- | docs/release-notes.rst | 3 |
12 files changed, 83 insertions, 106 deletions
diff --git a/ansible-server/src/main/Dockerfile b/ansible-server/src/main/Dockerfile index d44f5c39..5a1c394d 100644 --- a/ansible-server/src/main/Dockerfile +++ b/ansible-server/src/main/Dockerfile @@ -8,23 +8,24 @@ WORKDIR /opt/ COPY ansible-server/requirements.txt ansible-server/requirements.txt RUN apk add --no-cache curl \ + iputils \ bash \ - py2-pip \ + py3-pip \ openssh-client \ - python2 &&\ + python3 &&\ apk add --no-cache --virtual .build-deps build-base \ libffi-dev \ openssl-dev \ - python2-dev &&\ - pip install --no-cache-dir --upgrade pip==$PIP_TAG && \ - pip install --no-cache-dir -r ansible-server/requirements.txt &&\ + python3-dev &&\ + pip3 install --no-cache-dir --upgrade pip==$PIP_TAG && \ + pip3 install --no-cache-dir -r ansible-server/requirements.txt &&\ apk del .build-deps RUN addgroup -S ansible && adduser -S ansible -G ansible + COPY --chown=ansible:ansible ansible-server ansible-server COPY --chown=ansible:ansible configuration/ansible.cfg /etc/ansible/ansible.cfg - WORKDIR /opt/ansible-server RUN mkdir /opt/onap ; ln -s /opt/ansible-server /opt/onap/ccsdk diff --git a/ansible-server/src/main/ansible-server/AnsibleModule.py b/ansible-server/src/main/ansible-server/AnsibleModule.py index 71d0c059..80e59e29 100755 --- a/ansible-server/src/main/ansible-server/AnsibleModule.py +++ b/ansible-server/src/main/ansible-server/AnsibleModule.py @@ -80,7 +80,7 @@ def ansibleSysCall (inventory_path, playbook_path, nodelist, mandatory, envparam log.append (line) else: for line in stdout_value: # p.stdout.readlines(): - print line # line, + print(line) # line, if ParseFlag and len(line.strip())>0: ip_address = line.split(':')[0].strip() ok_flag = line.split(':')[1].strip().split('=')[1].split('changed')[0].strip() @@ -120,7 +120,7 @@ if __name__ == '__main__': p = Process(nodelist=ansible_call, args=('ansible_module_config', playbook_file, nodelist,d, )) p.start() - print "Process running" - print d + print("Process running") + print(d) p.join() - print d + print(d) diff --git a/ansible-server/src/main/ansible-server/AnsibleSql.py b/ansible-server/src/main/ansible-server/AnsibleSql.py index c910777a..4fe71152 100755 --- a/ansible-server/src/main/ansible-server/AnsibleSql.py +++ b/ansible-server/src/main/ansible-server/AnsibleSql.py @@ -52,7 +52,7 @@ class mySql(): self.cur.execute(myquery) self.db.commit() results = self.cur.fetchall() - except Exception, e: + except Exception as e: results = repr(e) return results @@ -139,24 +139,24 @@ def readPlaybook (sqlintf, value, version=None): errorCode = 0 diag = '' - print "***> in AnsibleSql.readPlaybook" + print("***> in AnsibleSql.readPlaybook") if not version: query = "SELECT MAX(version) FROM playbook WHERE name like'" + value + "%'" - print " Query:", query + print(" Query:", query) results = sqlintf.Query (query) version = results[0][0] - print " Provided playbook name:", value - print " Used version:", version + print(" Provided playbook name:", value) + print(" Used version:", version) results = [] if version: query = "SELECT value,type FROM playbook WHERE name='" + value + "@" + version + "'" results = sqlintf.Query (query) - print "Query:", query - print "Results:", results + print("Query:", query) + print("Results:", results) if len(results) == 0: errorCode = 1 @@ -173,7 +173,7 @@ def readCredentials (sqlintf, tag): errorCode = [] diag = [] - print "***> in AnsibleSql.readCredential" + print("***> in AnsibleSql.readCredential") # Load credentials @@ -198,8 +198,8 @@ def readCredentials (sqlintf, tag): rec +"'" results = sqlintf.Query (query) - print " Query:", query - print " Results:", len(results), results + print(" Query:", query) + print(" Results:", len(results), results) if len(results) == 0: errorCode = 1 @@ -240,20 +240,20 @@ if __name__ == '__main__': # Load playbooks - print "Loading playbooks" + print("Loading playbooks") for file in onlyfiles: if "yml" in file: name = file.split (".yml")[0] - print " Loading:", name + print(" Loading:", name) version = name.split("@")[1] errorCode, diag = loadPlaybook (sqlintf, name, version, '.yml') if errorCode: - print " Results: Failed - ", diag + print(" Results: Failed - ", diag) else: - print " Results: Success" + print(" Results: Success") - print "\nLoading inventory" + print("\nLoading inventory") # Load inventory @@ -274,48 +274,48 @@ if __name__ == '__main__': file.close() for hostgroup in inv: - print " Loading:", hostgroup + print(" Loading:", hostgroup) hostfqdn = '' cred = '' for hostname in inv[hostgroup]: cred = inv[hostgroup][hostname] errorCode, diag = loadCredentials (sqlintf, hostgroup, hostname, cred) if errorCode: - print " Results: Failed - ", diag + print(" Results: Failed - ", diag) else: - print " Results: Success" + print(" Results: Success") - print "\nReading playbook" + print("\nReading playbook") # Read playbook if not sqlintf.con: - print "Cannot connect to MySql:", sqlintf.error + print("Cannot connect to MySql:", sqlintf.error) sys.exit() name = "ansible_sleep" - print "Reading playbook:", name + print("Reading playbook:", name) value, version, errorCode, diag = readPlaybook (sqlintf, name) if errorCode: - print "Results: Failed - ", diag + print("Results: Failed - ", diag) else: - print "Results: Success" - print value - print version - print diag + print("Results: Success") + print(value) + print(version) + print(diag) - print "\nReading inventory" + print("\nReading inventory") # Read inventory tag = ["your_inventory_test_group_name"] - print "Reading inventory tag:", tag + print("Reading inventory tag:", tag) errorCode, diag = readCredentials (sqlintf, tag) if errorCode: - print "Results: Failed - ", diag + print("Results: Failed - ", diag) else: - print "Results: Success" - print diag + print("Results: Success") + print(diag) sqlintf.Close() diff --git a/ansible-server/src/main/ansible-server/LoadAnsibleMySql.py b/ansible-server/src/main/ansible-server/LoadAnsibleMySql.py index d3c0ecef..4bea8d18 100755 --- a/ansible-server/src/main/ansible-server/LoadAnsibleMySql.py +++ b/ansible-server/src/main/ansible-server/LoadAnsibleMySql.py @@ -47,7 +47,7 @@ class mySql(): self.cur.execute(myquery) self.db.commit() results = self.cur.fetchall() - except Exception, e: + except Exception as e: error = str (e) return results, error @@ -100,7 +100,7 @@ def loadCredentials (hostgroup, hostname, cred): query = "SELECT hostname,hostgroup FROM inventory WHERE hostname='" + hostname +"'" results = sqlintf.Query (query) - print '==>', results + print('==>', results) if hostname in str(results): @@ -155,24 +155,24 @@ if __name__ == '__main__': sqlintf = mySql (host, user, passwd, db) # Load playbooks - print "Loading playbooks" + print("Loading playbooks") for file in onlyfiles: if "yml" in file: name = file.split (".yml")[0] - print " Loading:", name + print(" Loading:", name) version = name.split("@")[1] errorCode, diag = loadPlaybook (name, version) if errorCode: - print " Results: Failed - ", diag + print(" Results: Failed - ", diag) else: - print " Results: Success" + print(" Results: Success") if "tar.gz" in file: name = file.split (".tar.gz")[0] - print " Loading:", name + print(" Loading:", name) version = name.split("@")[1] errorCode, diag = loadPlaybook (name, version, ".tar.gz") - print "\nLoading inventory" + print("\nLoading inventory") # Load inventory hostgroup = None @@ -192,15 +192,15 @@ if __name__ == '__main__': file.close() for hostgroup in inv: - print " Loading:", hostgroup + print(" Loading:", hostgroup) hostfqdn = '' cred = '' for hostname in inv[hostgroup]: cred = inv[hostgroup][hostname] errorCode, diag = loadCredentials (hostgroup, hostname, cred) if errorCode: - print " Results: Failed - ", diag + print(" Results: Failed - ", diag) else: - print " Results: Success" + print(" Results: Success") sqlintf.Close() diff --git a/ansible-server/src/main/ansible-server/RestServer.py b/ansible-server/src/main/ansible-server/RestServer.py index 2b4da335..483b8322 100755 --- a/ansible-server/src/main/ansible-server/RestServer.py +++ b/ansible-server/src/main/ansible-server/RestServer.py @@ -295,7 +295,7 @@ def store_local_vars(playbook_path, Id): cherrypy.log("LocalParameters: " + str(local_parms)) f = open(playbook_path + "/vars/defaults.yml", "a") - for key, value in local_parms.items(): + for key, value in list(local_parms.items()): f.write(key + "=" + value + "\n") f.close() # ################################################## @@ -718,8 +718,8 @@ def handle_get_method(input_data): # Just a debug to dump any records if 'GetStatus' in input_data['Type']: cherrypy.log("******** Dump Records **********") - if TestRecord.items(): - for id, record in TestRecord.items(): + if list(TestRecord.items()): + for id, record in list(TestRecord.items()): cherrypy.log(" Id: " + id) cherrypy.log("Record: " + str(record)) else: @@ -778,7 +778,7 @@ def handle_get_method(input_data): return out_obj elif 'GetStatus' in input_data['Type']: cherrypy.log(" Dump Records") - for id, record in TestRecord.items(): + for id, record in list(TestRecord.items()): cherrypy.log(" id: " + id) cherrypy.log(" Record:" + str(record)) elif 'GetTheOutput' in input_data['Type'] or 'GetOutput' in input_data['Type']: @@ -1027,7 +1027,7 @@ if __name__ == '__main__': if 'ansible_inv' in config_line: ANSIBLE_INV = config_line.split(':')[1].strip() if not os.path.exists(ANSIBLE_PATH + "/" + ANSIBLE_INV): - print '[INFO] The ansible_inv file does not exist' + print('[INFO] The ansible_inv file does not exist') sys.exit(0) if 'ansible_temp' in config_line: ANSIBLE_TEMP = config_line.split(':')[1].strip() diff --git a/ansible-server/src/main/ansible-server/UsersRestServer.py b/ansible-server/src/main/ansible-server/UsersRestServer.py index b8992978..5b664e40 100755 --- a/ansible-server/src/main/ansible-server/UsersRestServer.py +++ b/ansible-server/src/main/ansible-server/UsersRestServer.py @@ -64,7 +64,7 @@ def sys_call (cmd): def callback (Id, Result, Output, Log, returncode): - print "***> in RestServer.callback" + print("***> in RestServer.callback") if Id in TestRecord: time_now = datetime.datetime.utcnow() @@ -116,17 +116,17 @@ def callback (Id, Result, Output, Log, returncode): if key in TestRecord[Id]['Output']['Output']: data["Results"][key]["Output"] = TestRecord[Id]['Output']['Output'][key] - print " Posting to", TestRecord[Id]['CallBack'] + print(" Posting to", TestRecord[Id]['CallBack']) s = requests.Session() r = s.post(TestRecord[Id]['CallBack'], data = json.dumps(data), headers = {'content-type': 'application/json'}) - print " Response", r.status_code, r.text + print(" Response", r.status_code, r.text) def RunAnsible_Playbook (callback, Id, Inventory, Playbook, NodeList, TestRecord, Path, ArchiveFlag): - print "***> in RestServer.RunAnsible_Playbook" + print("***> in RestServer.RunAnsible_Playbook") # Run test in playbook for given target Result = '' @@ -627,9 +627,9 @@ class TestManager (object): # PAP f = open(playbook_path + "/vars/defaults.yml","a") #for id, record in TestRecord.items(): - print TestRecord[Id]['LocalParameters'] + print(TestRecord[Id]['LocalParameters']) local_parms = TestRecord[Id]['LocalParameters'] - for key, value in local_parms.items(): + for key, value in list(local_parms.items()): f.write(key +"=" + value + "\n"); f.close() ################################################### @@ -664,7 +664,7 @@ class TestManager (object): f.close() f = open(playbook_path + "/JsonRequest.txt", "w") #f.write(str(input_json)) - print( json.dumps(input_json, indent=4, sort_keys=True)) + print(( json.dumps(input_json, indent=4, sort_keys=True))) f.write( json.dumps(input_json, indent=4, sort_keys=True)) f.close() @@ -719,8 +719,8 @@ class TestManager (object): # Just a debug to dump any records if 'GetStatus' in input_data['Type']: cherrypy.log( "******** Dump Records **********") - if TestRecord.items(): - for id, record in TestRecord.items(): + if list(TestRecord.items()): + for id, record in list(TestRecord.items()): cherrypy.log( " Id: " + id) cherrypy.log( "Record: " + str(record)) else: @@ -784,10 +784,10 @@ class TestManager (object): return out_obj elif 'GetStatus' in input_data['Type']: - print " Dump Records" + print(" Dump Records") for id, record in TestRecord,items(): - print " id: " + id - print " Record:" + str(reecord) + print(" id: " + id) + print(" Record:" + str(reecord)) elif 'GetOutput' in input_data['Type']: @@ -944,7 +944,7 @@ if __name__ == '__main__': config_file_path = "RestServer_config" if not os.path.exists(config_file_path): - print '[INFO] The config file does not exist' + print('[INFO] The config file does not exist') sys.exit(0) ip = 'na' @@ -1018,15 +1018,15 @@ if __name__ == '__main__': # Point to certificate files if not os.path.exists(pub): - print '[INFO] The public certificate does not exist' + print('[INFO] The public certificate does not exist') sys.exit(0) if not os.path.exists(priv): - print '[INFO] The private key does not exist' + print('[INFO] The private key does not exist') sys.exit(0) if not os.path.exists(intermediate): - print '[INFO] The intermediate certificate does not exist' + print('[INFO] The intermediate certificate does not exist') sys.exit(0) @@ -1037,7 +1037,7 @@ if __name__ == '__main__': if auth: # Read in and build user dictionary if not os.path.exists(users): - print '[INFO] The users file does not exist: ' + users + print('[INFO] The users file does not exist: ' + users) sys.exit(0) userpassdict = {} user_file = open(users, 'r') diff --git a/ansible-server/src/main/ansible-server/startAnsibleServer.sh b/ansible-server/src/main/ansible-server/startAnsibleServer.sh index 193fe77f..2853acad 100644..100755 --- a/ansible-server/src/main/ansible-server/startAnsibleServer.sh +++ b/ansible-server/src/main/ansible-server/startAnsibleServer.sh @@ -2,5 +2,5 @@ exec &> >(tee -a "/var/log/ansible-server.log") cd /opt/onap/ccsdk -exec /usr/bin/python RestServer.py +exec /usr/bin/python3 RestServer.py diff --git a/ansible-server/src/main/docker/Dockerfile b/ansible-server/src/main/docker/Dockerfile deleted file mode 100644 index fd2037c2..00000000 --- a/ansible-server/src/main/docker/Dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -# Base ubuntu with added packages needed for open ecomp -FROM onap/ccsdk-alpine-image:${ccsdk.distribution.version} - -LABEL maintainer="SDN-C Team (sdnc@lists.openecomp.org)" - -#ENV http_proxy=http://anonymous:password@one.proxy.att.com:8080 -#ENV https_proxy=http://anonymous:password@one.proxy.att.com:8080 - -## add more pkgs -RUN apk update -RUN apk add vim -RUN apk add curl -RUN apk add ansible - - -# copy files needed -COPY opt /opt/ - -WORKDIR /opt/onap/ccsdk - -#ENTRYPOINT exec startAnsibleServer.sh -#CMD ["/bin/bash"] -EXPOSE 8000 - diff --git a/dependencies/pom.xml b/dependencies/pom.xml index c942bfe3..65930c12 100755 --- a/dependencies/pom.xml +++ b/dependencies/pom.xml @@ -76,7 +76,6 @@ <dependency> <groupId>org.onap.logging-analytics</groupId> <artifactId>logging-filter-base</artifactId> - <version>1.5.0</version> </dependency> <dependency> <groupId>org.slf4j</groupId> diff --git a/dgbuilder/tools/getRpcsClassFromYang.sh b/dgbuilder/tools/getRpcsClassFromYang.sh index 15b74dfa..3944ed25 100755 --- a/dgbuilder/tools/getRpcsClassFromYang.sh +++ b/dgbuilder/tools/getRpcsClassFromYang.sh @@ -26,8 +26,8 @@ className=$(jar -tvf ${jarFile}|grep "org/opendaylight/yang/gen/"|grep -w "${rp inputProps="" if [ "$className" != "" ] then - #java -cp $CLASSPATH org.onap.ccsdk.sli.core.sli.PrintYangToProp $className 2>/dev/null|grep '*' |cut -d'*' -f2|sed -e "s/^[ \t]*//g"|sed -e "s/^/\t\t\"/g"|sed -e "s/$/\",/g" - inputProps=$(java -cp $CLASSPATH org.onap.ccsdk.sli.core.sli.PrintYangToProp $className 2>${toolsDir}/tmpws/logs/err.log) + #java -cp $CLASSPATH org.onap.ccsdk.sli.core.sli.provider.PrintYangToProp $className 2>/dev/null|grep '*' |cut -d'*' -f2|sed -e "s/^[ \t]*//g"|sed -e "s/^/\t\t\"/g"|sed -e "s/$/\",/g" + inputProps=$(java -cp $CLASSPATH org.onap.ccsdk.sli.core.sli.provider.PrintYangToProp $className 2>${toolsDir}/tmpws/logs/err.log) fi className=$(jar -tvf ${jarFile}|grep "org/opendaylight/yang/gen/"|grep -w "${rpcVal}Output"|grep -v grep|awk '{print $NF}'|sed -e 's/\//./g'|sed -e 's/.class$//g') #echo $inputProps @@ -35,8 +35,8 @@ className=$(jar -tvf ${jarFile}|grep "org/opendaylight/yang/gen/"|grep -w "${rpc outputProps="" if [ "$className" != "" ] then - #java -cp $CLASSPATH org.onap.ccsdk.sli.core.sli.PrintYangToProp $className 2>/dev/null|grep '*' |cut -d'*' -f2|sed -e "s/^[ \t]*//g"|sed -e "s/^/\t\t\"/g"|sed -e "s/$/\",/g" - outputProps=$(java -cp $CLASSPATH org.onap.ccsdk.sli.core.sli.PrintYangToProp $className 2>${toolsDir}/tmpws/logs/err.log) + #java -cp $CLASSPATH org.onap.ccsdk.sli.core.sli.provider.PrintYangToProp $className 2>/dev/null|grep '*' |cut -d'*' -f2|sed -e "s/^[ \t]*//g"|sed -e "s/^/\t\t\"/g"|sed -e "s/$/\",/g" + outputProps=$(java -cp $CLASSPATH org.onap.ccsdk.sli.core.sli.provider.PrintYangToProp $className 2>${toolsDir}/tmpws/logs/err.log) fi if [ -z "$allProps" ] then diff --git a/dgbuilder/tools/printYangProps.sh b/dgbuilder/tools/printYangProps.sh index e34d84cf..0ee3fc19 100755 --- a/dgbuilder/tools/printYangProps.sh +++ b/dgbuilder/tools/printYangProps.sh @@ -5,4 +5,4 @@ then echo "Usage $0 className_without_the_dot_class_ext" exit fi - java org.onap.ccsdk.sli.core.sli.PrintYangToProp $1 + java org.onap.ccsdk.sli.core.sli.provider.PrintYangToProp $1 diff --git a/docs/release-notes.rst b/docs/release-notes.rst index ecab776c..72b394ba 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -118,10 +118,11 @@ The full list of known issues in CCSDK may be found in the ONAP Jira at <https:/ *Fixed Security Issues* + * In default deployment CCSDK (cds-ui) exposes HTTP port 30497 outside of cluster. [`OJSI-196 <https://jira.onap.org/browse/OJSI-196>`_] + *Known Security Issues* * In default deployment CCSDK (netbox-nginx) exposes HTTP port 30420 outside of cluster. [`OJSI-160 <https://jira.onap.org/browse/OJSI-160>`_] - * In default deployment CCSDK (cds-ui) exposes HTTP port 30497 outside of cluster. [`OJSI-196 <https://jira.onap.org/browse/OJSI-196>`_] * In default deployment CCSDK (cds-blueprints-processor-http) exposes HTTP port 30499 outside of cluster. [`OJSI-197 <https://jira.onap.org/browse/OJSI-197>`_] *Known Vulnerabilities in Used Modules* |