From eb7a73a1ed6fac775dc09dc581d11367e4262598 Mon Sep 17 00:00:00 2001 From: xufeiliu Date: Thu, 28 Feb 2019 05:41:01 +0000 Subject: rm pkcrypto, CommonLogger.config, update version Issue-ID: CCSDK-794 Change-Id: Iaeac587a9697945eb9525d31fa950aea3594e187 Signed-off-by: xufeiliu --- dmaap/dmaap.yaml | 5 +- dmaap/dmaapplugin/CommonLogger.config | 42 ----- dmaap/dmaapplugin/__init__.py | 3 +- dmaap/dmaapplugin/dr_bridge.py | 3 +- dmaap/dmaapplugin/dr_relationships.py | 2 - dmaap/dmaapplugin/mr_lifecycle.py | 2 +- dmaap/dmaapplugin/pkcrypto.py | 142 --------------- dmaap/pom.xml | 318 ++++++++++++++++++++++++++++++++++ dmaap/setup.py | 2 +- 9 files changed, 323 insertions(+), 196 deletions(-) delete mode 100644 dmaap/dmaapplugin/CommonLogger.config delete mode 100644 dmaap/dmaapplugin/pkcrypto.py create mode 100755 dmaap/pom.xml (limited to 'dmaap') diff --git a/dmaap/dmaap.yaml b/dmaap/dmaap.yaml index 9ea7820..ed8d5c3 100644 --- a/dmaap/dmaap.yaml +++ b/dmaap/dmaap.yaml @@ -21,14 +21,11 @@ tosca_definitions_version: cloudify_dsl_1_3 -imports: - - http://www.getcloudify.org/spec/cloudify/3.4/types.yaml - plugins: dmaapplugin: executor: 'central_deployment_agent' package_name: cloudifydmaapplugin - package_version: 1.2.0+t.0.11 + package_version: 1.3.1 node_types: diff --git a/dmaap/dmaapplugin/CommonLogger.config b/dmaap/dmaapplugin/CommonLogger.config deleted file mode 100644 index 3f0dd69..0000000 --- a/dmaap/dmaapplugin/CommonLogger.config +++ /dev/null @@ -1,42 +0,0 @@ -# You may change this file while your program is running and CommonLogger will automatically reconfigure accordingly. -# Changing these parameters may leave old log files lying around. - - -#--- Parameters that apply to all logs -# -# rotateMethod: time, size, stdout, stderr, none -#... Note: the following two parameters apply only when rotateMethod=time -# timeRotateIntervalType: S, M, H, D, W0 - W6, or midnight (seconds, minutes, hours, days, weekday (0=Monday), or midnight UTC) -# timeRotateInterval: >= 1 (1 means every timeRotateIntervalType, 2 every other, 3 every third, etc.) -#... Note: the following parameter applies only when rotateMethod=size -# sizeMaxBytes: >= 0 (0 means no limit, else maximum filesize in Bytes) -# backupCount: >= 0 (Number of rotated backup files to retain. If rotateMethod=time, 0 retains *all* backups. If rotateMethod=size, 0 retains *no* backups.) -# -rotateMethod = size -timeRotateIntervalType = midnight -timeRotateInterval = 1 -sizeMaxBytes = 10000000 -backupCount = 4 - - -#--- Parameters that define log filenames and their initial LogLevel threshold -#... Note: CommonLogger will exit if your process does not have permission to write to the file. -# -# LogLevel options: FATAL, ERROR, WARN, INFO, DEBUG -# - -error = /opt/logs/dcae/cloudifymgrplugins/error.log -errorLogLevel = WARN -errorStyle = error - -metrics = /opt/logs/dcae/cloudifymgrplugins/metrics.log -metricsLogLevel = INFO -metricsStyle = metrics - -audit = /opt/logs/dcae/cloudifymgrplugins/audit.log -auditLogLevel = INFO -auditStyle = audit - -debug = /opt/logs/dcae/cloudifymgrplugins/debug.log -debugLogLevel = INFO -debugStyle = debug diff --git a/dmaap/dmaapplugin/__init__.py b/dmaap/dmaapplugin/__init__.py index 24466e9..ac988a4 100644 --- a/dmaap/dmaapplugin/__init__.py +++ b/dmaap/dmaapplugin/__init__.py @@ -20,7 +20,6 @@ from consulif.consulif import ConsulHandle from cloudify.exceptions import NonRecoverableError import os -import pkcrypto os.environ["REQUESTS_CA_BUNDLE"]="/etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt" # This is to handle https request thru plugin @@ -44,7 +43,7 @@ except Exception as e: raise NonRecoverableError("Error setting DMAAP_USER while configuring dmaap plugin: {0}".format(e)) try: - DMAAP_PASS = pkcrypto.decrypt_obj(config['dmaap']['password']) + DMAAP_PASS = config['dmaap']['password'] except Exception as e: raise NonRecoverableError("Error setting DMAAP_PASS while configuring dmaap plugin: {0}".format(e)) diff --git a/dmaap/dmaapplugin/dr_bridge.py b/dmaap/dmaapplugin/dr_bridge.py index c103b41..bf8f431 100644 --- a/dmaap/dmaapplugin/dr_bridge.py +++ b/dmaap/dmaapplugin/dr_bridge.py @@ -22,7 +22,6 @@ from cloudify.exceptions import NonRecoverableError from dmaapplugin import DMAAP_API_URL, DMAAP_USER, DMAAP_PASS from dmaaputils import random_string from dmaapcontrollerif.dmaap_requests import DMaaPControllerHandle -import pkcrypto # Set up a subscriber to a source feed def _set_up_subscriber(dmc, source_feed_id, loc, delivery_url, username, userpw): @@ -111,7 +110,7 @@ def create_external_dr_bridge(**kwargs): if 'url' in ctx.target.node.properties and 'username' in ctx.target.node.properties and 'userpw' in ctx.target.node.properties: url = ctx.target.node.properties['url'] username = ctx.target.node.properties['username'] - userpw = pkcrypto.decrypt_obj(ctx.target.node.properties['userpw']) + userpw = ctx.target.node.properties['userpw'] else: raise Exception ("Target feed missing url, username, and/or user pw") diff --git a/dmaap/dmaapplugin/dr_relationships.py b/dmaap/dmaapplugin/dr_relationships.py index eff0fa1..2443f26 100644 --- a/dmaap/dmaapplugin/dr_relationships.py +++ b/dmaap/dmaapplugin/dr_relationships.py @@ -82,7 +82,6 @@ def add_dr_publisher(**kwargs): # Set key in Consul ch = ConsulHandle("http://{0}:8500".format(CONSUL_HOST), None, None, ctx.logger) cpy = dict(ctx.source.instance.runtime_properties[target_feed]) - # cpy["password"] = pkcrypto.encrypt_string(cpy["password"]) # can't encrypt until collectors can decrypt ch.add_to_entry("{0}:dmaap".format(ctx.source.instance.runtime_properties['service_component_name']), target_feed, cpy) except Exception as e: @@ -176,7 +175,6 @@ def add_dr_subscriber(**kwargs): # Set key in Consul ch = ConsulHandle("http://{0}:8500".format(CONSUL_HOST), None, None, ctx.logger) cpy = dict(ctx.source.instance.runtime_properties[target_feed]) - # cpy["password"] = pkcrypto.encrypt_string(cpy["password"]) # can't encrypt until collectors can decrypt ch.add_to_entry("{0}:dmaap".format(ctx.source.instance.runtime_properties['service_component_name']), target_feed, cpy) except Exception as e: diff --git a/dmaap/dmaapplugin/mr_lifecycle.py b/dmaap/dmaapplugin/mr_lifecycle.py index 3e800b9..2328ec3 100644 --- a/dmaap/dmaapplugin/mr_lifecycle.py +++ b/dmaap/dmaapplugin/mr_lifecycle.py @@ -105,7 +105,7 @@ def get_existing_topic(**kwargs): if fqtn is None: raise ValueError("Not find existing topic with name " + topic_name) else: - ctx.logger..error("Not find existing topic with name {0}".format(topic_name)) + ctx.logger.error("Not find existing topic with name {0}".format(topic_name)) raise ValueError("Either fqtn or topic_name must be defined to get existing topic") ctx.logger.info("Attempting to get info for existing topic {0}".format(fqtn)) diff --git a/dmaap/dmaapplugin/pkcrypto.py b/dmaap/dmaapplugin/pkcrypto.py deleted file mode 100644 index 9bd2a3f..0000000 --- a/dmaap/dmaapplugin/pkcrypto.py +++ /dev/null @@ -1,142 +0,0 @@ -""" -RSA encryption and decryption functions - -pkcrypto.py - -Written by: Terry Schmalzried -Date written: September 20, 2017 -Last updated: September 27, 2017 -""" - -from __future__ import print_function -import sys, subprocess, json - - -def encrypt_string(clear_text): - """RSA encrypt a string of limited length""" - - # Use Carsten's jar files and the key already installed on the host - cmd = ['/usr/bin/java', - '-cp', '/opt/lib/log4j-1.2.17.jar:/opt/lib/ncomp-utils-java-1.17070100.0-SNAPSHOT.jar', - 'org.openecomp.ncomp.utils.CryptoUtils', - 'public-key-encrypt', - '/opt/dcae/server.public' - ] - try: - p = subprocess.Popen(cmd, shell=False, stdout=subprocess.PIPE, stdin=subprocess.PIPE, stderr=subprocess.PIPE) - (stdout_data, stderr_data) = p.communicate(input=clear_text) - except Exception as e: - print("encrypt_string exception: {}".format(e), file=sys.stderr) - return None - - if stderr_data: - print("encrypt_string stderr: {}".format(stderr_data), file=sys.stderr) - return None - - return stdout_data.replace(" ","").rstrip('\n') - - -def decrypt_string(encrypted_text): - """RSA decrypt a string""" - - # Use Carsten's jar files and the key already installed on the host - cmd = ['sudo', '/usr/bin/java', - '-cp', '/opt/lib/log4j-1.2.17.jar:/opt/lib/ncomp-utils-java-1.17070100.0-SNAPSHOT.jar', - 'org.openecomp.ncomp.utils.CryptoUtils', - 'public-key-decrypt', - '/opt/dcae/server.private', - encrypted_text - ] - try: - p = subprocess.Popen(cmd, shell=False, stdout=subprocess.PIPE, stderr=subprocess.PIPE) - (stdout_data, stderr_data) = p.communicate() - except Exception as e: - print("decrypt_string exception: {}".format(e), file=sys.stderr) - return None - - if stderr_data: - print("decrypt_string stderr: {}".format(stderr_data), file=sys.stderr) - return None - - return stdout_data.rstrip('\n') - - -def decrypt_obj(obj): - """decrypt all RSA string values in a python nested object and embedded JSON string objects""" - - if isinstance(obj, dict): - return {k: decrypt_obj(v) for k,v in obj.items()} - elif isinstance(obj, list): - return [decrypt_obj(v) for v in obj] - elif isinstance(obj, basestring): - if obj.startswith("rsa:"): - obj2 = decrypt_string(obj) - if obj2 is not None: - return obj2 - else: - try: - obj2 = json.loads(obj) - return json.dumps(decrypt_obj(obj2)) - except Exception as e: - pass - return obj - - -if __name__ == '__main__': - clear_text = "a secret" - print("Encrypting: {}".format(clear_text)) - encrypted = encrypt_string(clear_text) - print("Encrypted: {}".format(encrypted)) - print("Decrypted: {}".format(decrypt_string(encrypted))) - - - # print("\nWhitespace in the encrypted string does not seem to matter:") - # encrypted = 'rsa:Y2feMIiKwR0Df3zVDDf1K+4Lkt9vxGnT8UugHkjNLiht67PwXRJFP6/BbmZO9NhlOAMV3MLWwbhU GikE96K7wuQaQVYOmAYNNuVDWLdvbW80pZVGKYgQsmrLizOhPbhD+adG7bdIiNMNMBOKk+XQMTLa d77KzAQmZO2wLj0Z3As=' - # print("Decrypted: {}".format(decrypt_string(encrypted))) - - # encrypted = '''rsa:Y2feMIiKwR0Df3zVDDf1K+4Lkt9vxGnT8UugHkjNLiht67PwXRJFP6/BbmZO9NhlOAMV3MLWwbhU - # GikE96K7wuQaQVYOmAYNNuVDWLdvbW80pZVGKYgQsmrLizOhPbhD+adG7bdIiNMNMBOKk+XQMTLa - # d77KzAQmZO2wLj0Z3As=''' - # print("Decrypted: {}".format(decrypt_string(encrypted))) - - - print("\nDecrypt some dicts:") - print("Decrypted: {}".format(decrypt_obj('not encrypted'))) - print("Decrypted: {}".format(decrypt_obj(encrypted))) - print("Decrypted: {}".format(decrypt_obj({ - "key1":encrypted, - "key2":"not encrypted", - "key3":encrypted, - "key4":{ - "key11":encrypted, - "key12":"not encrypted", - "key13":encrypted, - "key14":[ - encrypted, - "not encrypted", - encrypted - ] - } - }))) - - - print("\nDecrypt some JSON:") - encrypted = json.dumps([{ "username": "m01234@bogus.att.com", - "password": encrypt_string("N0t_a-Rea1/passw0rd"), - "registry": "dockercentral.it.att.com:12345" - }]) - print("Encrypted: {}".format(encrypted)) - print("Decrypted: {}".format(decrypt_obj(encrypted))) - - - print("\nDecrypt a dict that contains a json string containing encrypted keys:") - a_dict = { - "clear_txt": clear_text, - "encrypted_str": encrypt_string(clear_text), - "json_str": encrypted - } - print("Decrypted: {}".format(decrypt_obj(a_dict))) - - - print("\nDecrypt a json string that contains a dict that contains a json string containing encrypted keys:") - print("Decrypted: {}".format(decrypt_obj(json.dumps(a_dict)))) diff --git a/dmaap/pom.xml b/dmaap/pom.xml new file mode 100755 index 0000000..f3d0f7c --- /dev/null +++ b/dmaap/pom.xml @@ -0,0 +1,318 @@ + + + + 4.0.0 + + org.onap.ccsdk.platform + plugins + 1.0.1-SNAPSHOT + + + + org.onap.ccsdk.platform.plugins + dmaap + dmaap + + 1.0.1-SNAPSHOT + http://maven.apache.org + + + dmaap + + . + + dmaap.yaml + + type_files/dmaap/dmaap.yaml + UTF-8 + . + xunit-results.xml + coverage.xml + py + Python + **/*.py + tests/*,setup.py + + + + ${project.artifactId}-${project.version} + + + + org.codehaus.mojo + sonar-maven-plugin + 2.7.1 + + + + + org.sonatype.plugins + nexus-staging-maven-plugin + 1.6.7 + + true + + + + + + + + + + + org.apache.maven.plugins + maven-resources-plugin + 2.6 + + true + + + + + + org.apache.maven.plugins + maven-compiler-plugin + 3.1 + + true + + + + + + org.apache.maven.plugins + maven-jar-plugin + 2.4 + + + default-jar + + + + + + + + org.apache.maven.plugins + maven-install-plugin + 2.4 + + true + + + + + + org.apache.maven.plugins + maven-surefire-plugin + 2.12.4 + + true + + + + + + org.codehaus.mojo + exec-maven-plugin + 1.2.1 + + + clean phase script + clean + exec + + ${session.executionRootDirectory}/mvn-phase-script.sh + + ${project.artifactId} + clean + + + + ${project.groupId} + ${project.artifactId} + ${project.version} + ${onap.nexus.url} + ${onap.nexus.rawrepo.baseurl.upload} + ${onap.nexus.rawrepo.baseurl.download} + ${onap.nexus.rawrepo.serverid} + ${plugin.name} + ${plugin.subdir} + + + + + + generate-sources script + generate-sources + exec + + mvn-phase-script.sh + + ${project.artifactId} + generate-sources + + + + ${project.groupId} + ${project.artifactId} + ${project.version} + ${onap.nexus.url} + ${onap.nexus.rawrepo.baseurl.upload} + ${onap.nexus.rawrepo.baseurl.download} + ${onap.nexus.rawrepo.serverid} + + + + + + compile script + compile + exec + + mvn-phase-script.sh + + ${project.artifactId} + compile + + + + ${project.groupId} + ${project.artifactId} + ${project.version} + ${onap.nexus.url} + ${onap.nexus.rawrepo.baseurl.upload} + ${onap.nexus.rawrepo.baseurl.download} + ${onap.nexus.rawrepo.serverid} + + + + + + package script + package + exec + + mvn-phase-script.sh + + ${project.artifactId} + package + + + + ${project.groupId} + ${project.artifactId} + ${project.version} + ${onap.nexus.url} + ${onap.nexus.rawrepo.baseurl.upload} + ${onap.nexus.rawrepo.baseurl.download} + ${onap.nexus.rawrepo.serverid} + ${plugin.name} + ${plugin.subdir} + + + + + + test script + test + exec + + mvn-phase-script.sh + + ${project.artifactId} + test + + + + ${project.groupId} + ${project.artifactId} + ${project.version} + ${onap.nexus.url} + ${onap.nexus.rawrepo.baseurl.upload} + ${onap.nexus.rawrepo.baseurl.download} + ${onap.nexus.rawrepo.serverid} + ${plugin.name} + ${plugin.subdir} + + + + + + install script + install + exec + + mvn-phase-script.sh + + ${project.artifactId} + install + + + + ${project.groupId} + ${project.artifactId} + ${project.version} + ${onap.nexus.url} + ${onap.nexus.rawrepo.baseurl.upload} + ${onap.nexus.rawrepo.baseurl.download} + ${onap.nexus.rawrepo.serverid} + + + + + + deploy script + deploy + exec + + ${session.executionRootDirectory}/mvn-phase-script.sh + + ${project.artifactId} + deploy + + + + ${project.groupId} + ${project.artifactId} + ${project.version} + ${onap.nexus.url} + ${onap.nexus.rawrepo.baseurl.upload} + ${onap.nexus.rawrepo.baseurl.download} + ${onap.nexus.rawrepo.serverid} + ${project.distributionManagement.snapshotRepository.id} + ${typefile.source} + ${typefile.dest} + ${plugin.name} + ${plugin.subdir} + + + + + + + + diff --git a/dmaap/setup.py b/dmaap/setup.py index 3eb16f7..e4749c1 100644 --- a/dmaap/setup.py +++ b/dmaap/setup.py @@ -2,7 +2,7 @@ from setuptools import setup, find_packages setup( name = "cloudifydmaapplugin", - version = "1.2.0+t.0.11", + version = "1.3.1", packages=find_packages(), author = "AT&T", description = ("Cloudify plugin for creating DMaaP feeds and topics, and setting up publishers and subscribers."), -- cgit 1.2.3-korg