11 files changed, 82 insertions, 103 deletions

diff --git a/Changelog.md b/Changelog.md
index 2256c28..fa33c15 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -4,4 +4,15 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/)
 and this project adheres to [Semantic Versioning](http://semver.org/).
 
-## [2.1.1.] - 03/02/2021      
\ No newline at end of file
+## [2.2.0.] - 07/04/2021
+### Changed
+- Switched to currently recommended version of docker integration-python:8.0.0.
+- Fix issues preventing running with py3.9
+- Bumped tested python versions to 3.8,3.9.
+### Security
+- Due to dependency update following were fixed:
+  - CVE-2020-14343 (PyYAML)
+  - CWE-93 (httplib2)
+  - CVE-2018-18074 (requests)
+
+## [2.1.1.] - 03/02/2021
diff --git a/Dockerfile b/Dockerfile
index fee54d1..2ff1e7a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,57 +1,51 @@
-FROM python:3.8.2-alpine3.11
-MAINTAINER gs244f@att.com
+FROM nexus3.onap.org:10001/onap/integration-python:8.0.0
+LABEL maintainer="gs244f@att.com"
 
-ARG user=onap
-ARG group=onap
+ARG user=heartbeat
+ARG group=heartbeat
 
+USER root
 RUN addgroup -S $group && adduser -S -D -h /home/$user $user $group && \
     chown -R $user:$group /home/$user &&  \
-    mkdir /var/log/$user && \
+    mkdir -p /var/log/$user && \
     chown -R $user:$group /var/log/$user && \
-    mkdir /app && \
+    mkdir -p /app && \
     chown -R $user:$group /app
-	
-WORKDIR /app
 
-#ADD . /tmp
-#RUN mkdir /tmp/config
+WORKDIR /app
 
 EXPOSE 10002
 
-COPY ./miss_htbt_service/ ./bin/
-COPY ./etc/ ./etc/
-COPY requirements.txt ./
-COPY setup.py ./
-
-#need pip > 8 to have internal pypi repo in requirements.txt
-#do the install
-RUN apk add build-base libffi-dev postgresql-dev && \
+COPY --chown=$user:$group ./miss_htbt_service/ ./bin/
+COPY --chown=$user:$group ./etc/ ./etc/
+COPY --chown=$user:$group requirements-common.txt ./
+COPY --chown=$user:$group requirements-docker.txt ./
+COPY --chown=$user:$group setup.py ./
+
+# install build dependencies for python packages,
+# install python packages
+# remove build dependencies
+RUN apk add --no-cache --virtual build-deps \
+    build-base libffi-dev postgresql-dev \
+    openssl-dev musl-dev python3-dev curl && \
+    apk add --no-cache libpq && \
+    curl https://sh.rustup.rs -sSf | sh -s -- -y && \
+    export PATH="$HOME/.cargo/bin/:$PATH" && \
+    source $HOME/.cargo/env && \
     pip install --upgrade pip && \
-    pip install pyyaml --upgrade && \
-    pip install -r requirements.txt && \
-    pip install -e .
-
-RUN mkdir -p data \
- && mkdir -p logs \
- && mkdir -p tmp \
- && chown -R $user:$group . \
- && chmod a+w data \
- && chmod a+w logs \
- && chmod a+w tmp \
- && chmod a+w etc \
- && chmod 500 bin/*.py \
- && chmod 500 bin/*.sh \
- && chmod 500 bin/*/*.py
+    pip install -r requirements-docker.txt && \
+    mkdir -p data logs tmp && \
+    chown -R $user:$group . && \
+    chmod g+w data logs tmp etc && \
+    chmod -R 500 bin/*.py && \
+    chmod 500 bin/*.sh && \
+    apk del build-deps && \
+    rustup self uninstall -y
 
 USER $user
 VOLUME logs
 
 CMD ["./bin/misshtbt.sh"]
 
-#ENV PYTHONPATH="/usr/local/lib/python3.6:/usr/local/lib/python3.6/site-packages:${PATH}"
-#ENV PYTHONPATH="/usr/local/lib/python3.6/site-packages:/usr/local/lib/python3.6"
-#ENV PYTHONPATH=/usr/local/lib/python3.6/site-packages:.
-#ENTRYPOINT ["/bin/python", "./bin/run.py"]
-#ENTRYPOINT ["/usr/bin/python","./bin/run.py" ]
-#ENTRYPOINT ["/usr/local/bin/python","./bin/misshtbtd.py" ]
-#ENTRYPOINT ["/bin/ls","-lR", "."]
+ENV PYTHONPATH="$PYTHONPATH:/usr/local/lib/python3.9/site-packages:/app/bin:/app/bin/mod"
+ENV PATH="$PATH:/app/bin:/app/bin/mod"
diff --git a/miss_htbt_service/misshtbt.sh b/miss_htbt_service/misshtbt.sh
index c93da98..150eb4f 100644
--- a/miss_htbt_service/misshtbt.sh
+++ b/miss_htbt_service/misshtbt.sh
@@ -19,13 +19,7 @@
 # ============LICENSE_END=========================================================
 
 # get to where we are supposed to be for startup
-cd /app/bin
-
-# include path to 3.6+ version of python that has required dependencies included
-export PATH=/usr/local/lib/python3.8/bin:$PATH:/app/bin
-
-# expand search for python modules to include ./mod in runtime dir
-export PYTHONPATH=/usr/local/lib/python3.8/site-packages:./mod:./:$PYTHONPATH:/app/bin
+cd /app/bin || (echo "Failed to cd to /app/bin" && exit 1)
 
 # set location of SSL certificates
 export REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-bundle.crt
@@ -40,14 +34,14 @@ export REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-bundle.crt
 #export CBS_HTBT_JSON=../etc/config.json
 
 # want tracing?  Use this:
-# python -m trace --trackcalls misshtbtd.py -v
+# python3 -m trace --trackcalls misshtbtd.py -v
 
 # want verbose logging?  Use this:
-# python misshtbtd.py -v
+# misshtbtd.py -v
 
 # standard startup?  Use this:
-# python misshtbtd.py
+# misshtbtd.py
 
 # unbuffered io for logs and verbose logging? Use this:
-python -u misshtbtd.py -v
+python3 -u misshtbtd.py -v
 
diff --git a/miss_htbt_service/misshtbtd.py b/miss_htbt_service/misshtbtd.py
index f131cd1..1223308 100644
--- a/miss_htbt_service/misshtbtd.py
+++ b/miss_htbt_service/misshtbtd.py
@@ -50,18 +50,7 @@ from mod.trapd_exit import cleanup_and_exit
 from mod.trapd_http_session import init_session_obj
 
 hb_properties_file =  path.abspath(path.join(__file__, "../config/hbproperties.yaml"))
-ip_address = "localhost"
-port_num = 5432
-user_name = "postgres"
-password = "postgres"
-db_name = "hb_vnf"
-cbs_polling_required = "true"
-cbs_polling_interval = 300
-mr_url = None
-pol_url = None
-update_db = 0
-jsfile='empty'
-import sys
+
 ABSOLUTE_PATH1 = path.abspath(path.join(__file__, "../htbtworker.py"))
 ABSOLUTE_PATH2 = path.abspath(path.join(__file__, "../db_monitoring.py"))
 ABSOLUTE_PATH3 = path.abspath(path.join(__file__, "../check_health.py"))
@@ -69,7 +58,6 @@ ABSOLUTE_PATH4 = path.abspath(path.join(__file__, "../cbs_polling.py"))
 
 def create_database(update_db, jsfile, ip_address, port_num, user_name, password, db_name):
     from psycopg2 import connect
-    import sys
     try:
         con = connect(user=user_name, host = ip_address, password = password)
         database_name = db_name
@@ -196,30 +184,18 @@ def create_update_vnf_table_1(jsfile,update_db,connection_db):
     _logger.info("MSHBT:Updated vnf_table_1 as per the json configuration file")
 
 def hb_cbs_polling_process(pid_current):
-        my_file = Path("./miss_htbt_service/cbs_polling.py")
-#        if my_file.is_file():
-        subprocess.call(["python3.8",ABSOLUTE_PATH4 , str(pid_current) ])
-#        else:
-#          subprocess.call(["python3.8",ABSOLUTE_PATH4 , str(pid_current) ])
+        subprocess.call([ABSOLUTE_PATH4 , str(pid_current) ])
         sys.stdout.flush()
         _logger.info("MSHBT:Creaated CBS polling process")
         return
 def hb_worker_process(config_file_path):
-        my_file = Path("./miss_htbt_service/htbtworker.py")
-#        if my_file.is_file():
-        subprocess.call(["python3.8",ABSOLUTE_PATH1 , config_file_path ])
-#        else:
-#          subprocess.call(["python3.8",ABSOLUTE_PATH1 , config_file_path ])
+        subprocess.call([ABSOLUTE_PATH1 , config_file_path ])
         sys.stdout.flush()
         _logger.info("MSHBT:Creaated Heartbeat worker process")
         return
 
 def db_monitoring_process(current_pid,jsfile):
-        my_file = Path("./miss_htbt_service/db_monitoring.py")
-#        if my_file.is_file():
-        subprocess.call(["python3.8",ABSOLUTE_PATH2 , str(current_pid),jsfile])
-#        else:
-#          subprocess.call(["python3.8",ABSOLUTE_PATH2 , str(current_pid),jsfile])
+        subprocess.call([ABSOLUTE_PATH2 , str(current_pid),jsfile])
         sys.stdout.flush()
         _logger.info("MSHBT:Creaated DB Monitoring process")
         return
@@ -341,7 +317,7 @@ _logger = get_logger.get_logger(__name__)
 
 def main():
     try:
-        p = subprocess.Popen(['python3.8',ABSOLUTE_PATH3],stdout=subprocess.PIPE,stderr=subprocess.STDOUT)
+        subprocess.Popen([ABSOLUTE_PATH3], stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
         _logger.info("MSHBD:Execution Started")
         job_list = []
         pid_current = os.getpid()
diff --git a/pom.xml b/pom.xml
index 8a688c3..85ce88b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -2,6 +2,7 @@
 <!--
 ================================================================================
 Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
+Copyright (c) 2021 Samsung Electronics. All rights reserved.
 ================================================================================
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -36,7 +37,7 @@ limitations under the License.
   <groupId>org.onap.dcaegen2.services</groupId>
   <artifactId>heartbeat</artifactId>
   <name>dcaegen2-services-heartbeat</name>
-  <version>2.1.1</version>
+  <version>2.2.0</version>
   <properties>
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
     <sonar.sources>.</sonar.sources>
diff --git a/requirements-common.txt b/requirements-common.txt
new file mode 100644
index 0000000..e8a2fe7
--- /dev/null
+++ b/requirements-common.txt
@@ -0,0 +1,8 @@
+requests==2.23.0
+onap_dcae_cbs_docker_client==1.0.1
+six==1.15.0
+PyYAML==5.4
+httplib2==0.19.0
+HTTPretty==1.0.5
+pyOpenSSL==20.0.1
+Wheel==0.36.2
diff --git a/requirements-docker.txt b/requirements-docker.txt
new file mode 100644
index 0000000..a399877
--- /dev/null
+++ b/requirements-docker.txt
@@ -0,0 +1,2 @@
+-r requirements-common.txt
+psycopg2==2.8.6 --no-binary psycopg2
diff --git a/requirements.txt b/requirements.txt
index d72592f..cbc91a0 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,9 +1,2 @@
-requests==2.23.0
-onap_dcae_cbs_docker_client==1.0.1
-six==1.15.0
-PyYAML==5.4
-httplib2==0.19.0
-HTTPretty==1.0.5
-pyOpenSSL==20.0.1
-Wheel==0.36.2
+-r requirements-common.txt
 psycopg2-binary==2.8.6
diff --git a/setup.py b/setup.py
index 02990bf..4df5a29 100644
--- a/setup.py
+++ b/setup.py
@@ -35,19 +35,19 @@ from setuptools import setup, find_packages
 setup(
     name='miss_htbt_service',
     description='Missing heartbeat microservice to communicate with policy-engine',
-    version='2.1.1',
+    version='2.2.0',
     #packages=find_packages(exclude=["tests.*", "tests"]),
     packages=find_packages(),
     install_requires=[
-"requests==2.23.0",
-"onap_dcae_cbs_docker_client==1.0.1",
-"six==1.15.0",
-"PyYAML==5.4",
-"httplib2==0.19.0",
-"HTTPretty==1.0.5",
-"pyOpenSSL==20.0.1",
-"Wheel==0.36.2",
-"psycopg2-binary==2.8.6"
+        "requests==2.23.0",
+        "onap_dcae_cbs_docker_client==1.0.1",
+        "six==1.15.0",
+        "PyYAML==5.4",
+        "httplib2==0.19.0",
+        "HTTPretty==1.0.5",
+        "pyOpenSSL==20.0.1",
+        "Wheel==0.36.2",
+        "psycopg2-binary==2.8.6"
     ],
     author = "Vijay Venkatesh Kumar",
     author_email = "vv770d@att.com",
diff --git a/tox.ini b/tox.ini
index 9fc6063..9dcf73f 100644
--- a/tox.ini
+++ b/tox.ini
@@ -1,6 +1,6 @@
 # content of: tox.ini , put in same dir as setup.py
 [tox]
-envlist = py37,py38
+envlist = py38,py39
 
 [testenv]
 deps=
diff --git a/version.properties b/version.properties
index 3c5fba7..3ad2137 100644
--- a/version.properties
+++ b/version.properties
@@ -1,6 +1,6 @@
 major=2
-minor=1
-patch=1
+minor=2
+patch=0
 base_version=${major}.${minor}.${patch}
 release_version=${base_version}
 snapshot_version=${base_version}-SNAPSHOT