From 93722f9202d0f487dd1aceb2f40e88dd8f5f128c Mon Sep 17 00:00:00 2001 From: Shadi Haidar Date: Thu, 6 Feb 2020 10:48:20 -0500 Subject: Get keyStorePassword from file Instead of storing actual passsword in config file's keyStorePassword get the path to the password file from keyStorePassword and create a new config file with actual password in keyStorePassword then continue with normal application startup This also has bug fix for log errors per DCAEGEN2-2086; where logs dir and files are not getting created due to inventory user not having permissions to create dir/logs under /opt/logs/ Issue-ID: DCAEGEN2-2017 Issue-ID: DCAEGEN2-2086 Signed-off-by: Shadi Haidar Change-Id: I45b5867e9f73b9355c0fa2a0be18cf610291511d Signed-off-by: Shadi Haidar --- pom.xml | 13 +++- .../onap/dcae/inventory/InventoryApplication.java | 70 +++++++++++++++++++++- .../dcae/inventory/InventoryApplicationTest.java | 8 +-- version.properties | 2 +- 4 files changed, 80 insertions(+), 13 deletions(-) diff --git a/pom.xml b/pom.xml index b1071ec..a25e0a9 100644 --- a/pom.xml +++ b/pom.xml @@ -1,7 +1,7 @@ @@ -198,7 +198,7 @@ ECOMP is a trademark and service mark of AT&T Intellectual Property. com.google.guava guava - + 19.0 org.glassfish.jersey.media @@ -211,6 +211,11 @@ ECOMP is a trademark and service mark of AT&T Intellectual Property. 4.12 test + + org.json + json + 20131018 + org.mockito mockito-all @@ -353,6 +358,8 @@ ECOMP is a trademark and service mark of AT&T Intellectual Property. addgroup -S inventory adduser -S -G inventory inventory + mkdir -p /opt/logs + chown -R inventory:inventory /opt ["java", "-jar", "/opt/${project.build.finalName}.jar", "server"] diff --git a/src/main/java/org/onap/dcae/inventory/InventoryApplication.java b/src/main/java/org/onap/dcae/inventory/InventoryApplication.java index 7b0911e..5f0104f 100644 --- a/src/main/java/org/onap/dcae/inventory/InventoryApplication.java +++ b/src/main/java/org/onap/dcae/inventory/InventoryApplication.java @@ -2,7 +2,7 @@ * ============LICENSE_START======================================================= * dcae-inventory * ================================================================================ - * Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2017-2020 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -51,14 +51,23 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import ch.qos.logback.classic.LoggerContext; import ch.qos.logback.classic.util.ContextInitializer; - import javax.servlet.DispatcherType; import javax.servlet.FilterRegistration; import javax.validation.Validator; import javax.ws.rs.client.Client; import javax.ws.rs.core.Link; +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.FileWriter; +import java.io.IOException; +import java.nio.file.Files; import java.util.EnumSet; import java.util.Locale; +import org.json.JSONArray; +import org.json.JSONException; +import org.json.JSONObject; +import org.json.JSONTokener; /** @@ -68,7 +77,9 @@ public class InventoryApplication extends Application { static final Logger metricsLogger = LoggerFactory.getLogger("metricsLogger"); static final Logger debugLogger = LoggerFactory.getLogger("debugLogger"); + private static final Logger errorLogger = LoggerFactory.getLogger("errorLogger"); static boolean shouldRemoteFetchConfig = false; + static final String configFile = "/opt/config_active.json"; /** * Parses user's args and makes adjustments if necessary @@ -91,6 +102,16 @@ public class InventoryApplication extends Application { return customArgs; } else { // You are here because you want to use the default way of configuring inventory - YAML file. + // The config file yaml file however has the path to the file that has the cert jks password in the keyStorePassword filed + // Update config file's keyStorePassword to have actual password instead of path to the password file + // for junit purposes, it's not possible to do the above with keyStorePassword so return userArgs as we used to do before + if ( "some-junit-yaml.yaml".equals(userArgs[1]) ) { + return userArgs; + } + debugLogger.debug(String.format("Default configuration file received: %s", userArgs[1])); + createConfigFileFromDefault(userArgs[1]); + userArgs[1] = configFile; + debugLogger.debug(String.format("Active config file that will be used: %s", userArgs[1])); return userArgs; } } @@ -201,5 +222,50 @@ public class InventoryApplication extends Application { environment.jersey().register(new ApiListingResource()); environment.jersey().register(new SwaggerSerializers()); } + + + private static void createConfigFileFromDefault (String defaultConfigFile) { + + try { + JSONObject dzConfig = new JSONObject ( new JSONTokener ( new FileInputStream ( new File ( defaultConfigFile ) ) ) ); + JSONObject server = dzConfig.getJSONObject("server"); + JSONArray applicationConnectors = server.getJSONArray("applicationConnectors"); + String jksPasswdFile = applicationConnectors.getJSONObject(0).getString("keyStorePassword"); + if ( jksPasswdFile != null ) { + applicationConnectors.getJSONObject(0).put("keyStorePassword", getFileContents(jksPasswdFile)); + } + else { + errorLogger.error(String.format("Exiting due to null value for JKS password file: %s", jksPasswdFile)); + System.exit(1); + } + FileWriter fileWriter = new FileWriter(configFile); + fileWriter.write(dzConfig.toString()); + fileWriter.flush(); + fileWriter.close(); + } catch (JSONException | FileNotFoundException e) { + errorLogger.error(String.format("JSONException | FileNotFoundException while processing default config file: %s; execption: %s", + defaultConfigFile, e)); + System.exit(1); + } catch ( Exception e ) { + errorLogger.error(String.format("Exception while processing default config file: %s; execption: %s", + defaultConfigFile, e)); + System.exit(1); + } + } + + public static String getFileContents (String filename) { + File f = new File(filename); + try { + byte[] bytes = Files.readAllBytes(f.toPath()); + return new String(bytes,"UTF-8").trim(); + } catch (FileNotFoundException e) { + errorLogger.error(String.format("FileNotFoundException for filename: %s; execption: %s", filename, e)); + System.exit(1); + } catch (IOException e) { + errorLogger.error(String.format("IOException for filename: %s; execption: %s", filename, e)); + System.exit(1); + } + return null; + } } diff --git a/src/test/java/org/onap/dcae/inventory/InventoryApplicationTest.java b/src/test/java/org/onap/dcae/inventory/InventoryApplicationTest.java index 8011452..aacbd25 100644 --- a/src/test/java/org/onap/dcae/inventory/InventoryApplicationTest.java +++ b/src/test/java/org/onap/dcae/inventory/InventoryApplicationTest.java @@ -59,13 +59,7 @@ public class InventoryApplicationTest { String userArgs[] = {"server"}; assertEquals(InventoryApplication.processArgs(userArgs).length, 2); - userArgs = new String[] {"server some-yaml.yaml"}; - assertArrayEquals(InventoryApplication.processArgs(userArgs), userArgs); - - userArgs = new String[] {"foo"}; - assertArrayEquals(InventoryApplication.processArgs(userArgs), userArgs); - - userArgs = new String[] {"foo bar"}; + userArgs = new String[] {"server", "some-junit-yaml.yaml"}; assertArrayEquals(InventoryApplication.processArgs(userArgs), userArgs); } diff --git a/version.properties b/version.properties index 1ba9fb5..5a6199f 100644 --- a/version.properties +++ b/version.properties @@ -3,7 +3,7 @@ # because they are used in Jenkins, whose plug-in doesn't support major=3 minor=4 -patch=0 +patch=1 base_version=${major}.${minor}.${patch} # Release must be completed with git revision # in Jenkins -- cgit 1.2.3-korg