diff options
author | Schmalzried, Terry (ts862m) <ts862m@att.com> | 2019-11-13 16:47:45 -0500 |
---|---|---|
committer | Schmalzried, Terry (ts862m) <ts862m@att.com> | 2019-11-14 15:40:57 -0500 |
commit | 05f475fb6ec2c4a1acd2698d29a4c12b116a1d36 (patch) | |
tree | 0d834d29a6d78fe678904be5655d76fe9913b2b8 | |
parent | 8dc742e747e0f418665ab9422f5c6c2cda94869b (diff) |
DCAEGEN2-1919 add HTTPS and change log rotation
Change-Id: I7859dde9460620e18edca887f5dfc611639b268c
Issue-ID: DCAEGEN2-1919
Signed-off-by: Schmalzried, Terry (ts862m) <ts862m@att.com>
-rw-r--r-- | etc/common_logger.config | 8 | ||||
-rw-r--r-- | etc/config.json | 9 | ||||
-rw-r--r-- | policyhandler/service_activator.py | 4 | ||||
-rw-r--r-- | policyhandler/web_server.py | 37 | ||||
-rw-r--r-- | pom.xml | 2 | ||||
-rw-r--r-- | run_policy.sh | 1 | ||||
-rw-r--r-- | setup.py | 2 | ||||
-rw-r--r-- | version.properties | 2 |
8 files changed, 43 insertions, 22 deletions
diff --git a/etc/common_logger.config b/etc/common_logger.config index fb625bb..e26a485 100644 --- a/etc/common_logger.config +++ b/etc/common_logger.config @@ -1,5 +1,5 @@ # ================================================================================
-# Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2017-2019 AT&T Intellectual Property. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -31,11 +31,11 @@ # sizeMaxBytes: >= 0 (0 means no limit, else maximum filesize in Bytes)
# backupCount: >= 0 (Number of rotated backup files to retain. If rotateMethod=time, 0 retains *all* backups. If rotateMethod=size, 0 retains *no* backups.)
#
-rotateMethod = time
+rotateMethod = size
timeRotateIntervalType = midnight
timeRotateInterval = 1
-sizeMaxBytes = 0
-backupCount = 6
+sizeMaxBytes = 10000000
+backupCount = 4
#--- Parameters that define log filenames and their initial LogLevel threshold
diff --git a/etc/config.json b/etc/config.json index b6f997b..1868386 100644 --- a/etc/config.json +++ b/etc/config.json @@ -21,13 +21,12 @@ }, "handlers": { "file": { - "class": "logging.handlers.TimedRotatingFileHandler", + "class": "logging.handlers.RotatingFileHandler", "formatter": "local", "filename" : "logs/policy_handler.log", "level": "DEBUG", - "when": "midnight", - "interval": 1, - "backupCount": 10, + "maxBytes": 200000000, + "backupCount": 5, "delay": true } }, @@ -41,4 +40,4 @@ "handlers": ["file"] } } -}
\ No newline at end of file +} diff --git a/policyhandler/service_activator.py b/policyhandler/service_activator.py index 9c8a1b2..c1e5b8c 100644 --- a/policyhandler/service_activator.py +++ b/policyhandler/service_activator.py @@ -35,6 +35,7 @@ from urllib.parse import urljoin import requests from .config import Config, Settings +from .discovery import DiscoveryClient from .onap.audit import (REQUEST_X_ECOMP_REQUESTID, Audit, AuditHttpCode, Metrics) from .policy_consts import TARGET_ENTITY @@ -93,6 +94,9 @@ class ServiceActivator(object): ServiceActivator._target_entity = config_sa.get( TARGET_ENTITY, ServiceActivator.DEFAULT_TARGET_ENTITY) ServiceActivator._url = config_sa.get("url", "") + if not ServiceActivator._url: + ServiceActivator._url = DiscoveryClient.get_service_url(audit, + ServiceActivator._target_entity) if ServiceActivator._url: ServiceActivator._url_register = urljoin(ServiceActivator._url, config_sa.get("path_register", "")) diff --git a/policyhandler/web_server.py b/policyhandler/web_server.py index dfd1b51..9c2656e 100644 --- a/policyhandler/web_server.py +++ b/policyhandler/web_server.py @@ -19,6 +19,8 @@ import json from datetime import datetime +import os +import time import cherrypy @@ -44,16 +46,18 @@ class PolicyWeb(object): protocol = "http" tls_info = "" - # if Config.tls_server_cert_file and Config.tls_private_key_file: - # cherrypy.server.ssl_module = 'builtin' - # cherrypy.server.ssl_certificate = Config.tls_server_cert_file - # cherrypy.server.ssl_private_key = Config.tls_private_key_file - # if Config.tls_server_ca_chain_file: - # cherrypy.server.ssl_certificate_chain = Config.tls_server_ca_chain_file - # protocol = "https" - # tls_info = "cert: {} {} {}".format(Config.tls_server_cert_file, - # Config.tls_private_key_file, - # Config.tls_server_ca_chain_file) + if Config.tls_server_cert_file and Config.tls_private_key_file: + tm_cert = os.path.getmtime(Config.tls_server_cert_file) + tm_key = os.path.getmtime(Config.tls_private_key_file) + cherrypy.server.ssl_module = 'builtin' + cherrypy.server.ssl_certificate = Config.tls_server_cert_file + cherrypy.server.ssl_private_key = Config.tls_private_key_file + if Config.tls_server_ca_chain_file: + cherrypy.server.ssl_certificate_chain = Config.tls_server_ca_chain_file + protocol = "https" + tls_info = "cert: {} {} {}".format(Config.tls_server_cert_file, + Config.tls_private_key_file, + Config.tls_server_ca_chain_file) cherrypy.tree.mount(_PolicyWeb(), '/') @@ -63,6 +67,19 @@ class PolicyWeb(object): json.dumps(cherrypy.config)) cherrypy.engine.start() + # If HTTPS server certificate changes, exit to let kubernetes restart us + if Config.tls_server_cert_file and Config.tls_private_key_file: + while True: + time.sleep(600) + c_tm_cert = os.path.getmtime(Config.tls_server_cert_file) + c_tm_key = os.path.getmtime(Config.tls_private_key_file) + if c_tm_cert > tm_cert or c_tm_key > tm_key: + PolicyWeb.logger.info("cert or key file updated") + cherrypy.engine.stop() + cherrypy.engine.exit() + break + + class _PolicyWeb(object): """REST API of policy-handler""" @@ -29,7 +29,7 @@ limitations under the License. <groupId>org.onap.dcaegen2.platform</groupId> <artifactId>policy-handler</artifactId> <name>dcaegen2-platform-policy-handler</name> - <version>5.0.0-SNAPSHOT</version> + <version>5.0.1-SNAPSHOT</version> <url>http://maven.apache.org</url> <properties> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> diff --git a/run_policy.sh b/run_policy.sh index 8055bea..478fc67 100644 --- a/run_policy.sh +++ b/run_policy.sh @@ -47,4 +47,5 @@ exec &>> >(tee -a ${LOG_FILE}) echo "---------------------------------------------" echo "$(date +%Y-%m-%d_%T.%N): exit ${BASH_SOURCE[0]} that was started on ${STARTED}" +rm -f ${LOG_FILE}.2[0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]_[0-9][0-9][0-9][0-9][0-9][0-9] mv ${LOG_FILE} ${LOG_FILE}.$(date +%Y-%m-%d_%H%M%S) @@ -22,7 +22,7 @@ from setuptools import setup setup(
name='policyhandler',
description='DCAE-Controller policy-handler to communicate with policy-engine',
- version="5.0.0",
+ version="5.0.1",
author='Alex Shatov',
packages=['policyhandler'],
zip_safe=False,
diff --git a/version.properties b/version.properties index c5c1fd9..d49fe4b 100644 --- a/version.properties +++ b/version.properties @@ -1,6 +1,6 @@ major=5
minor=0
-patch=0
+patch=1
base_version=${major}.${minor}.${patch}
release_version=${base_version}
snapshot_version=${base_version}-SNAPSHOT
|