diff options
author | Jan Malkiewicz <jan.malkiewicz@nokia.com> | 2020-07-15 15:28:41 +0200 |
---|---|---|
committer | Jan Malkiewicz <jan.malkiewicz@nokia.com> | 2020-07-28 14:55:08 +0200 |
commit | 5135fde49e1268873e688d14f541b8ff673bae22 (patch) | |
tree | 5b4ea2be91da4ac11f530cf876734d7780e422a1 /datafile-app-server/dpo | |
parent | 3e9fa1850aecf2baeabd5d68eb2ddee7b90f5de4 (diff) |
Add sftp strict host key checking to DFC.
Issue-ID: DCAEGEN2-2219
Signed-off-by: Jan Malkiewicz <jan.malkiewicz@nokia.com>
Change-Id: Iadf6c6bd743c42ebb3bf9ad8ac443fc0f3f58063
Diffstat (limited to 'datafile-app-server/dpo')
4 files changed, 15 insertions, 1 deletions
diff --git a/datafile-app-server/dpo/blueprints/k8s-datafile.yaml b/datafile-app-server/dpo/blueprints/k8s-datafile.yaml index 5a0b0bb6..a38d5e3b 100644 --- a/datafile-app-server/dpo/blueprints/k8s-datafile.yaml +++ b/datafile-app-server/dpo/blueprints/k8s-datafile.yaml @@ -73,7 +73,6 @@ node_templates: PM_MEAS_FILES: dmaap_info: <<feed0>> type: data_router - streams_subscribes: {} dmaap.ftpesConfig.keyCert: /opt/app/datafile/config/cert.jks dmaap.ftpesConfig.keyPasswordPath: /opt/app/datafile/config/jks.pass dmaap.ftpesConfig.trustedCa: /opt/app/datafile/config/trust.jks @@ -83,6 +82,7 @@ node_templates: dmaap.security.keyStorePath: /opt/app/datafile/etc/cert/key.p12 dmaap.security.trustStorePasswordPath: /opt/app/datafile/etc/cert/trust.pass dmaap.security.trustStorePath: /opt/app/datafile/etc/cert/trust.jks + sftp.security.strictHostKeyChecking: true streams_subscribes: dmaap_subscriber: dmaap_info: diff --git a/datafile-app-server/dpo/spec/datafile-component-spec.json b/datafile-app-server/dpo/spec/datafile-component-spec.json index 6047a7c0..e7843283 100644 --- a/datafile-app-server/dpo/spec/datafile-component-spec.json +++ b/datafile-app-server/dpo/spec/datafile-component-spec.json @@ -140,6 +140,17 @@ "policy_editable": false, "type": "string", "required": true + }, + { + "name": "sftp.security.strictHostKeyChecking", + "value": true, + "description": "", + "designer_editable": true, + "sourced_at_deployment": false, + "policy_editable": false, + "type": "string", + "required": true } + ] } diff --git a/datafile-app-server/dpo/tosca_models/schema.yaml b/datafile-app-server/dpo/tosca_models/schema.yaml index 474af7ac..f5eca0e5 100644 --- a/datafile-app-server/dpo/tosca_models/schema.yaml +++ b/datafile-app-server/dpo/tosca_models/schema.yaml @@ -528,6 +528,8 @@ node_types: type: string streams_subscribes: type: string + sftp.security.strictHostKeyChecking: + type: boolean requirements: - stream_subscribe_0: capability: dcae.capabilities.dmmap.topic diff --git a/datafile-app-server/dpo/tosca_models/template.yaml b/datafile-app-server/dpo/tosca_models/template.yaml index a1fdadb7..246f4a45 100644 --- a/datafile-app-server/dpo/tosca_models/template.yaml +++ b/datafile-app-server/dpo/tosca_models/template.yaml @@ -31,6 +31,7 @@ topology_template: security.keyStorePath: /opt/app/datafile/etc/cert/cert.jks security.trustStorePasswordPath: /opt/app/datafile/etc/cert/trust.pass security.trustStorePath: /opt/app/datafile/etc/cert/trust.jks + sftp.security.strictHostKeyChecking: true service_name: datafile streams_subscribes: '{''dmaap_subscriber'': {''dmmap_info'': {''topic_url'': ''http://message-router.onap.svc.cluster.local:3904/events/unauthenticated.VES_NOTIFICATION_OUTPUT/OpenDcae-c12/C12''}}}' requirements: |