aboutsummaryrefslogtreecommitdiffstats
path: root/datafile-app-server/dpo
diff options
context:
space:
mode:
authorJan Malkiewicz <jan.malkiewicz@nokia.com>2020-07-15 15:28:41 +0200
committerJan Malkiewicz <jan.malkiewicz@nokia.com>2020-07-28 14:55:08 +0200
commit5135fde49e1268873e688d14f541b8ff673bae22 (patch)
tree5b4ea2be91da4ac11f530cf876734d7780e422a1 /datafile-app-server/dpo
parent3e9fa1850aecf2baeabd5d68eb2ddee7b90f5de4 (diff)
Add sftp strict host key checking to DFC.
Issue-ID: DCAEGEN2-2219 Signed-off-by: Jan Malkiewicz <jan.malkiewicz@nokia.com> Change-Id: Iadf6c6bd743c42ebb3bf9ad8ac443fc0f3f58063
Diffstat (limited to 'datafile-app-server/dpo')
-rw-r--r--datafile-app-server/dpo/blueprints/k8s-datafile.yaml2
-rw-r--r--datafile-app-server/dpo/spec/datafile-component-spec.json11
-rw-r--r--datafile-app-server/dpo/tosca_models/schema.yaml2
-rw-r--r--datafile-app-server/dpo/tosca_models/template.yaml1
4 files changed, 15 insertions, 1 deletions
diff --git a/datafile-app-server/dpo/blueprints/k8s-datafile.yaml b/datafile-app-server/dpo/blueprints/k8s-datafile.yaml
index 5a0b0bb6..a38d5e3b 100644
--- a/datafile-app-server/dpo/blueprints/k8s-datafile.yaml
+++ b/datafile-app-server/dpo/blueprints/k8s-datafile.yaml
@@ -73,7 +73,6 @@ node_templates:
PM_MEAS_FILES:
dmaap_info: <<feed0>>
type: data_router
- streams_subscribes: {}
dmaap.ftpesConfig.keyCert: /opt/app/datafile/config/cert.jks
dmaap.ftpesConfig.keyPasswordPath: /opt/app/datafile/config/jks.pass
dmaap.ftpesConfig.trustedCa: /opt/app/datafile/config/trust.jks
@@ -83,6 +82,7 @@ node_templates:
dmaap.security.keyStorePath: /opt/app/datafile/etc/cert/key.p12
dmaap.security.trustStorePasswordPath: /opt/app/datafile/etc/cert/trust.pass
dmaap.security.trustStorePath: /opt/app/datafile/etc/cert/trust.jks
+ sftp.security.strictHostKeyChecking: true
streams_subscribes:
dmaap_subscriber:
dmaap_info:
diff --git a/datafile-app-server/dpo/spec/datafile-component-spec.json b/datafile-app-server/dpo/spec/datafile-component-spec.json
index 6047a7c0..e7843283 100644
--- a/datafile-app-server/dpo/spec/datafile-component-spec.json
+++ b/datafile-app-server/dpo/spec/datafile-component-spec.json
@@ -140,6 +140,17 @@
"policy_editable": false,
"type": "string",
"required": true
+ },
+ {
+ "name": "sftp.security.strictHostKeyChecking",
+ "value": true,
+ "description": "",
+ "designer_editable": true,
+ "sourced_at_deployment": false,
+ "policy_editable": false,
+ "type": "string",
+ "required": true
}
+
]
}
diff --git a/datafile-app-server/dpo/tosca_models/schema.yaml b/datafile-app-server/dpo/tosca_models/schema.yaml
index 474af7ac..f5eca0e5 100644
--- a/datafile-app-server/dpo/tosca_models/schema.yaml
+++ b/datafile-app-server/dpo/tosca_models/schema.yaml
@@ -528,6 +528,8 @@ node_types:
type: string
streams_subscribes:
type: string
+ sftp.security.strictHostKeyChecking:
+ type: boolean
requirements:
- stream_subscribe_0:
capability: dcae.capabilities.dmmap.topic
diff --git a/datafile-app-server/dpo/tosca_models/template.yaml b/datafile-app-server/dpo/tosca_models/template.yaml
index a1fdadb7..246f4a45 100644
--- a/datafile-app-server/dpo/tosca_models/template.yaml
+++ b/datafile-app-server/dpo/tosca_models/template.yaml
@@ -31,6 +31,7 @@ topology_template:
security.keyStorePath: /opt/app/datafile/etc/cert/cert.jks
security.trustStorePasswordPath: /opt/app/datafile/etc/cert/trust.pass
security.trustStorePath: /opt/app/datafile/etc/cert/trust.jks
+ sftp.security.strictHostKeyChecking: true
service_name: datafile
streams_subscribes: '{''dmaap_subscriber'': {''dmmap_info'': {''topic_url'': ''http://message-router.onap.svc.cluster.local:3904/events/unauthenticated.VES_NOTIFICATION_OUTPUT/OpenDcae-c12/C12''}}}'
requirements: