diff options
author | TamasBakai <tamas.bakai@est.tech> | 2019-04-10 10:02:21 +0000 |
---|---|---|
committer | TamasBakai <tamas.bakai@est.tech> | 2019-04-10 10:02:21 +0000 |
commit | 5983d76f162aef34740a05ae4e78c7d9e2b3c20a (patch) | |
tree | 8c06db1fc5317fbceebeb0178068a7fddc1f797f | |
parent | 814ddd12e695433b8c6a760cc9424dc1c0bae4d1 (diff) |
Updating certificates
Issue-ID: DCAEGEN2-1300
Change-Id: I9ce457b69e5866e77a465fb040d196b8905ca274
Signed-off-by: TamasBakai <tamas.bakai@est.tech>
-rw-r--r-- | datafile-app-server/config/cacerts | bin | 1403 -> 0 bytes | |||
-rw-r--r-- | datafile-app-server/config/dfc.jks.b64 | 38 | ||||
-rw-r--r-- | datafile-app-server/config/ftp.jks.b64 | 15 | ||||
-rw-r--r-- | datafile-app-server/config/ftpKey.jks | bin | 2579 -> 0 bytes | |||
-rw-r--r-- | datafile-app-server/config/keystore | bin | 2196 -> 0 bytes | |||
-rw-r--r-- | datafile-app-server/dpo/blueprints/k8s-datafile.yaml | 4 | ||||
-rw-r--r-- | datafile-app-server/src/main/docker/Dockerfile | 8 | ||||
-rw-r--r-- | datafile-app-server/src/main/resources/datafile_endpoints.json | 4 | ||||
-rw-r--r-- | datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/configuration/AppConfigTest.java | 7 | ||||
-rw-r--r-- | datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/configuration/CloudConfigParserTest.java | 10 | ||||
-rw-r--r-- | datafile-app-server/src/test/resources/datafile_endpoints.json | 4 | ||||
-rw-r--r-- | docker-compose/docker-compose.yml | 4 |
12 files changed, 72 insertions, 22 deletions
diff --git a/datafile-app-server/config/cacerts b/datafile-app-server/config/cacerts Binary files differdeleted file mode 100644 index 0cd28a92..00000000 --- a/datafile-app-server/config/cacerts +++ /dev/null diff --git a/datafile-app-server/config/dfc.jks.b64 b/datafile-app-server/config/dfc.jks.b64 new file mode 100644 index 00000000..51ef7157 --- /dev/null +++ b/datafile-app-server/config/dfc.jks.b64 @@ -0,0 +1,38 @@ +/u3+7QAAAAIAAAABAAAAAQAJZGZjLWFsaWFzAAABaedrEsIAAAUDMIIE/zAOBgorBgEEASoCEQEB +BQAEggTr39Fun17MOOGVKhhPeKYytr+zujW22QZYupkUVNYMy7FsPbKB2IkUuVl2V9Xdq2As29aO +OP39WI2oLy9VU4rwfhl+3BSB33GIezCaDKrakc6tDbtKpiF8eZ7rbqrvGKNvzepNh72QSANxa6Us +SY6KJcRk33VPok7G/c+FU5LH4un9D5xs7bEX2nCxzOzhaiodqZxWNJn6N3j89sD6Ofvq4h5lEhTJ +uckdfCsYlIRk76l4M+a8gCEHEpWOBVGUsVJEvq9I0gk97+OBDFPnlCGC8ASwYSI7C7pOsiwCB8xr +LdQsCCOpWIhh08CYVEFt8pTeD8GizBuLaO+mEQmrPgQMqwp7MB4fOTQHX63i6IY4iPTvjvBHjvvr +QmyRoOOHLqTJ3onxXRkKIKGO6a0ruX6mh62RgAtcfB6TZxC0yMU9FnJOieU9/a8OXrXoqsA9u5kM +Ri5KO+ad4w0FOeyP7Ya+s0ZrdNzFv+Ep7DoeL9gvs50Z4k0FMf854MwvwnK+BQ/qLdfIRCl5NvCq +i1WDtVOPjahX0mzPQJclWARv9SFfiKmaQwW97P9t3UKgOCCrurA9uigZOqDax3sVmWOrE7kHVS0D +P68gJResLR70mYi6ILfANdBJdM9cj48mX3Cvgs7hch2MSaFabUnH/G0MDZmp8XNF87N6eMJ5bkrU +uiPNzvV3oh6W527kARH84TvYzH/c6+5dsQEpYTtEbLR+23xuNgB71aK4nrpQnaSeYlA2JW1uXg2A +6Qi97Zfmbg2DD9ItUFJM27C+fUA5XbTCOILYwLPP9wEi6d+vo/xRuN+xBG1DNtV8mTROYki4LOWf +4Djru2RQWSBrqspaMmWC+jh5uQyxxqVxxHzg+nyTFvedKaU7CdnKp/4wF29c17l876R+1ApIZA8C +UN6NuElgMfH4l0TdwEXe4VO0rcSt9b+loSDu962BbDhG4qlky1hDdr3aYbKV6xrdlIS0GQzPeovX +3WgtjE9pvtA0/U0LP8tjkjDkM8+oK4R5rmiZHxpRKmuIcC0EIeXvWKh8RxYg0B1d7tW4SWnOpsdH +M84ym4A18EQ2Nch0aogmYodfsqhv4vX1llyoYJj3wdmP70vjOul2N4cs+ZyFnWZjMJ1JxjMoEJvU +u0+p8GPAkzUhCoeocRibdt8P6cadpBubH2JOWbNpFVqtNQA2J9fRvAc/ZOU72AxTc85E4rsMJvxE +qBXf6D+EvzpFQOchYVQH1bHMY8jFnXDLCMkVnuV4EizQMKQ3EQsFOo2bsV7Z+dNjAMZl8ODB2QOt +ayX7IlNZs4F48SuSZ8IOk2zj3BysBlVAoIDncZ3knYZGyKpnj8NlogoAHSaYFLdSnSIJTY7qa/8/ +Cmv9CKk8tYk+3IJPDn+SsvAvtOLmBaCmTZ42P6OWsRBiEZucTENSXIo1oYxlQkm5Y+WWYVEnNK1r +QrCOETVrIH1Y1XnhWRjOXhSnr46VOoVRefePzRL0a+6OkwUhmmvB48lcAw4XvnBrdA90tCpbSBsn +ZV+/WVWQJovQGOk9WoSM96GcnmqxETI80Y5PgM+Ta1Fz0AQ3kRPlCdaBBgH5Gi8Vy2tXWhW8RNtZ +ysq2vzv7edNSyLLLmf8cq3iYjzCThfXHbu5EeXnMna6YJ4z35si+zzYz4qb/Au5+09MaPWZn40m3 +hR+fQMdsyfnMH9MAAAABAAVYLjUwOQAAAxowggMWMIIB/gIJAKofXQItdxtQMA0GCSqGSIb3DQEB +CwUAME0xCzAJBgNVBAYTAlNFMQowCAYDVQQIDAEwMQowCAYDVQQHDAEwMQowCAYDVQQKDAEwMQww +CgYDVQQLDANFU1QxDDAKBgNVBAMMA0VTVDAeFw0xOTA0MDQwODAyNDBaFw0yMDA0MDMwODAyNDBa +ME0xCzAJBgNVBAYTAlNFMQowCAYDVQQIDAEwMQowCAYDVQQHDAEwMQowCAYDVQQKDAEwMQwwCgYD +VQQLDANFU1QxDDAKBgNVBAMMA0VTVDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMBj +vAz2SF3s4hpmx9m/wTNZSctN6nNLHqGUC+NJtT9kGmr3hA4la3baFBBIcD5V2XzXzg+jI4pf6pF9 +sokK3ICtu/QOhaOW/XpY2z3fwD/RMYWH7rEDjrj8ZCY/8BcS4jS1JrYYSBeSFnS7Lo+Z2r7ywPph +xHJUJ6otOrxupKphuk+sqdtmx3eXs/OlgJmBkt9agQ1Due5P4LuPikYac8qkafi5uKxxXedMjqfB +TX0A17FOiKQgvW/XzP6Al29rxC0qKHl2337ZAm4nqU9zBNrvFWQya5XKvkVfAvXXIgiApG2SdY5t +TsGNwqRA4bfGdZdlM3MtX+2HwYIJYm5EU9sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAZlrbePTi ++CFlj7/zUXJGyh4mzyj1oN4rkotP0lSlFpmW7gARdI0jegSF6dyhxzTsNOd1/HDt5IAudMP2JsZT +GdHIS+C1bn3lqNvsDdO0QoawXNcW9qvL1F1WbpFEDgG3LxTItbvlmkCV9ze3AKaxHAqNKFd433Ri +feyOlwRTzerx9kFTfkLGuCtbfiCmE+27NnuS8IkaOFgh8ixNxY5u8MZRE62VGFvzDa/UrgbdRx/A +NMGLEr97rWYxRuGipXKgxiBK5TiJ1j6fgS+OzkjBqVczV1pRmYIYZmit4P/1pKkMR5RadDK+pgLR +hjRUmQ575Yjolnavj0G1G2X+PFYNQjQTEe5O+fUWVi3/D8Pv8h1JUuzJ diff --git a/datafile-app-server/config/ftp.jks.b64 b/datafile-app-server/config/ftp.jks.b64 new file mode 100644 index 00000000..59c651c2 --- /dev/null +++ b/datafile-app-server/config/ftp.jks.b64 @@ -0,0 +1,15 @@ +/u3+7QAAAAIAAAABAAAAAgAEZnRwMQAAAWnnacXXAAVYLjUwOQAAAxowggMWMIIB/gIJANqIa95Y +5eo2MA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAlNFMQowCAYDVQQIDAEwMQowCAYDVQQHDAEw +MQowCAYDVQQKDAEwMQwwCgYDVQQLDANFU1QxDDAKBgNVBAMMA0VTVDAeFw0xOTA0MDQwODAyNDBa +Fw0yMDA0MDMwODAyNDBaME0xCzAJBgNVBAYTAlNFMQowCAYDVQQIDAEwMQowCAYDVQQHDAEwMQow +CAYDVQQKDAEwMQwwCgYDVQQLDANFU1QxDDAKBgNVBAMMA0VTVDCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBANKwXuU3+Bel69CkaPxb/eDeH0BU4Tzdnj3IkB3IgcU9DPo8j5sq61h05EJR +mTOyXZ96AvOReXgKahUiQlEEvVJmTNBcp75+N+5Gv09AoIKWn8sDXrVBqT72nPY5zWV8tuAR2/bZ +EuOLdqQJCyjcb2+XH6ssc9GBt7DSKJNWIk+/cIfCJjz23VqLXj04TLCGOwkEmMGiPp+/F++/jpCY +rsW5XlPPS9Mv94H9n0/uOb63AdHP0B7iz3tzpSFsUpp8cuvB0wr7LPup7nm2mC2EKCh515IHSBdY +iJLtFjXx0Q0lQH8UC3rgt86IoGXRpRtxA6BSKeiuEI3yBw1Ofseuf7UCAwEAATANBgkqhkiG9w0B +AQsFAAOCAQEApUYeRMt7lH98b8LumvGKScP5Bej1YAJxk1Uoy4qGknBCHWLBziHi2r2WP/+CLJGu +37I9VAXylFOIh157AtXJ/k7W6DHNvrxS0fNUlYPqigWoabI8WSZY50u+2BtqwY9m87rLwdkDeTEq +A41thwvSx21Famnlv4pMTK83/nSMC2+QH/CVp556aB1F2xJVmqDWnx1R8XqPcCXOy59/tjMRkRk+ +gkph1vW+KS+PbX4t3NMNKPlZGeg9ZdCF1NOo3n9M0xlEcmn9RljqFWZAv4gupVgaI4+i1/EY1TKj +5awonBl9merhp2EHN1IgiwMJkHfg2PP+qMheHfTv+x41ZaE0XIOl7YMTJ/iF3cyG/jWBQMzjwiGG diff --git a/datafile-app-server/config/ftpKey.jks b/datafile-app-server/config/ftpKey.jks Binary files differdeleted file mode 100644 index 2587b719..00000000 --- a/datafile-app-server/config/ftpKey.jks +++ /dev/null diff --git a/datafile-app-server/config/keystore b/datafile-app-server/config/keystore Binary files differdeleted file mode 100644 index 26a16f75..00000000 --- a/datafile-app-server/config/keystore +++ /dev/null diff --git a/datafile-app-server/dpo/blueprints/k8s-datafile.yaml b/datafile-app-server/dpo/blueprints/k8s-datafile.yaml index 015d1805..e345cf8e 100644 --- a/datafile-app-server/dpo/blueprints/k8s-datafile.yaml +++ b/datafile-app-server/dpo/blueprints/k8s-datafile.yaml @@ -98,9 +98,9 @@ node_templates: - concat: ["8433:", { get_input: host_port_secure}] properties: application_config: - dmaap.ftp.ftpesConfiguration.keyCert: "/config/ftpKey.jks" + dmaap.ftp.ftpesConfiguration.keyCert: "/config/dfc.jks" dmaap.ftp.ftpesConfiguration.keyPassword: "secret" - dmaap.ftp.ftpesConfiguration.trustedCA: "/config/cacerts" + dmaap.ftp.ftpesConfiguration.trustedCA: "/config/ftp.jks" dmaap.ftp.ftpesConfiguration.trustedCAPassword: "secret" dmaap.security.trustStorePath: "/opt/app/datafile/etc/cert/trust.jks" dmaap.security.trustStorePasswordPath: "/opt/app/datafile/etc/cert/trust.pass" diff --git a/datafile-app-server/src/main/docker/Dockerfile b/datafile-app-server/src/main/docker/Dockerfile index 6ab30cc2..f39f1cb5 100644 --- a/datafile-app-server/src/main/docker/Dockerfile +++ b/datafile-app-server/src/main/docker/Dockerfile @@ -25,16 +25,18 @@ RUN mkdir -p /var/log/ONAP ADD /target/datafile-app-server.jar /opt/app/datafile/ ADD /config/application.yaml /opt/app/datafile/config/ -ADD /config/cacerts /opt/app/datafile/config/ +ADD /config/dfc.jks.b64 /opt/app/datafile/config/ ADD /config/datafile_endpoints.json /opt/app/datafile/config/ -ADD /config/ftpKey.jks /opt/app/datafile/config/ -ADD /config/keystore /opt/app/datafile/config/ +ADD /config/ftp.jks.b64 /opt/app/datafile/config/ EXPOSE 8100 8433 RUN addgroup -S onap && adduser -S datafile -G onap RUN chown -R datafile:onap /opt/app/datafile RUN chown -R datafile:onap /var/log/ONAP +RUN base64 -d /opt/app/datafile/config/dfc.jks.b64 > /opt/app/datafile/config/dfc.jks && base64 -d /opt/app/datafile/config/ftp.jks.b64 > /opt/app/datafile/config/ftp.jks +RUN chown -R root:root /opt/app/datafile/config/* +RUN chmod -R 755 /opt/app/datafile/config/ USER datafile diff --git a/datafile-app-server/src/main/resources/datafile_endpoints.json b/datafile-app-server/src/main/resources/datafile_endpoints.json index 0cf41887..d864c11d 100644 --- a/datafile-app-server/src/main/resources/datafile_endpoints.json +++ b/datafile-app-server/src/main/resources/datafile_endpoints.json @@ -26,9 +26,9 @@ }, "ftp": { "ftpesConfiguration": { - "keyCert": "config/ftpKey.jks", + "keyCert": "config/dfc.jks", "keyPassword": "secret", - "trustedCA": "config/cacerts", + "trustedCA": "config/ftp.jks", "trustedCAPassword": "secret" } } diff --git a/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/configuration/AppConfigTest.java b/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/configuration/AppConfigTest.java index 2c136304..1847e3b8 100644 --- a/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/configuration/AppConfigTest.java +++ b/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/configuration/AppConfigTest.java @@ -24,17 +24,14 @@ import static org.mockito.Mockito.spy; import static org.mockito.Mockito.times; import static org.mockito.Mockito.verify; import static org.mockito.Mockito.when; - import com.google.gson.JsonElement; import com.google.gson.JsonObject; import com.google.gson.JsonParser; - import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; import java.nio.charset.StandardCharsets; import java.util.Objects; - import org.junit.jupiter.api.Assertions; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; @@ -186,9 +183,9 @@ class AppConfigTest { dmaapConfigs.add("dmaapProducerConfiguration", dmaapProducerConfigData); JsonObject ftpesConfigData = new JsonObject(); - ftpesConfigData.addProperty("keyCert", "config/ftpKey.jks"); + ftpesConfigData.addProperty("keyCert", "config/dfc.jks"); ftpesConfigData.addProperty("keyPassword", "secret"); - ftpesConfigData.addProperty("trustedCA", "config/cacerts"); + ftpesConfigData.addProperty("trustedCA", "config/ftp.jks"); ftpesConfigData.addProperty("trustedCAPassword", "secret"); JsonObject security = new JsonObject(); diff --git a/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/configuration/CloudConfigParserTest.java b/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/configuration/CloudConfigParserTest.java index b67fac23..1adb3709 100644 --- a/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/configuration/CloudConfigParserTest.java +++ b/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/configuration/CloudConfigParserTest.java @@ -17,9 +17,7 @@ package org.onap.dcaegen2.collectors.datafile.configuration; import static org.assertj.core.api.Assertions.assertThat; - import com.google.gson.JsonObject; - import org.junit.jupiter.api.Test; import org.onap.dcaegen2.services.sdk.rest.services.dmaap.client.config.DmaapConsumerConfiguration; import org.onap.dcaegen2.services.sdk.rest.services.dmaap.client.config.DmaapPublisherConfiguration; @@ -66,9 +64,9 @@ class CloudConfigParserTest { private static final ImmutableFtpesConfig CORRECT_FTPES_CONFIGURATION = // new ImmutableFtpesConfig.Builder() // - .keyCert("/config/ftpKey.jks") // + .keyCert("/config/dfc.jks") // .keyPassword("secret") // - .trustedCA("config/cacerts") // + .trustedCA("config/ftp.jks") // .trustedCAPassword("secret") // .build(); @@ -119,9 +117,9 @@ class CloudConfigParserTest { config.addProperty("dmaap.dmaapProducerConfiguration.dmaapPortNumber", 3907); config.addProperty("dmaap.dmaapProducerConfiguration.dmaapUserName", "dradmin"); config.addProperty("dmaap.dmaapProducerConfiguration.dmaapUserPassword", "dradmin"); - config.addProperty("dmaap.ftpesConfig.keyCert", "/config/ftpKey.jks"); + config.addProperty("dmaap.ftpesConfig.keyCert", "/config/dfc.jks"); config.addProperty("dmaap.ftpesConfig.keyPassword", "secret"); - config.addProperty("dmaap.ftpesConfig.trustedCA", "config/cacerts"); + config.addProperty("dmaap.ftpesConfig.trustedCA", "config/ftp.jks"); config.addProperty("dmaap.ftpesConfig.trustedCAPassword", "secret"); config.addProperty("dmaap.security.trustStorePath", "trustStorePath"); diff --git a/datafile-app-server/src/test/resources/datafile_endpoints.json b/datafile-app-server/src/test/resources/datafile_endpoints.json index a9545f40..8cf3224a 100644 --- a/datafile-app-server/src/test/resources/datafile_endpoints.json +++ b/datafile-app-server/src/test/resources/datafile_endpoints.json @@ -26,9 +26,9 @@ }, "ftp": { "ftpesConfiguration": { - "keyCert": "/config/ftpKey.jks", + "keyCert": "/config/dfc.jks", "keyPassword": "secret", - "trustedCA": "/config/ftpKey.jks", + "trustedCA": "/config/ftp.jks", "trustedCAPassword": "secret" } }, diff --git a/docker-compose/docker-compose.yml b/docker-compose/docker-compose.yml index 481072f1..010e7468 100644 --- a/docker-compose/docker-compose.yml +++ b/docker-compose/docker-compose.yml @@ -21,9 +21,9 @@ services: --dmaap.dmaapProducerConfiguration.dmaapUserName=dradmin --dmaap.dmaapProducerConfiguration.dmaapUserPassword=dradmin --dmaap.dmaapProducerConfiguration.dmaapContentType=application/octet-stream - --dmaap.ftpesConfig.keyCert=config/ftpKey.jks + --dmaap.ftpesConfig.keyCert=config/dfc.jks --dmaap.ftpesConfig.keyPassword=secret - --dmaap.ftpesConfig.trustedCA=config/cacerts + --dmaap.ftpesConfig.trustedCA=config/ftp.jks --dmaap.ftpesConfig.trustedCAPassword=secret entrypoint: - java |