diff options
author | Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2021-02-28 14:59:22 +0100 |
---|---|---|
committer | Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2021-11-10 08:31:39 +0000 |
commit | 1e99719c0224863cf26c5362243a4fa1b955c362 (patch) | |
tree | 4cb228fdce7a331a4c16afe3ae24da79a2020f9e /kubernetes/aai/components/aai-babel/resources | |
parent | 8e67e73081c7ca3b7a0236c8f6cd291f18f69de7 (diff) |
[AAI][BABEL] Remove Hardcoded certificates
Use Certinitializer in order to retrieve needed certificates.
Change ModelLoader also as it needs valid certificate to communicate
with Babel.
Issue-ID: OOM-2693
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I64b8ede24643f942dc99956030c202c50d41ad1e
Diffstat (limited to 'kubernetes/aai/components/aai-babel/resources')
-rw-r--r-- | kubernetes/aai/components/aai-babel/resources/config/application.properties | 25 | ||||
-rw-r--r-- | kubernetes/aai/components/aai-babel/resources/config/auth/tomcat_keystore | bin | 2483 -> 0 bytes | |||
-rw-r--r-- | kubernetes/aai/components/aai-babel/resources/config/logback.xml | 76 |
3 files changed, 60 insertions, 41 deletions
diff --git a/kubernetes/aai/components/aai-babel/resources/config/application.properties b/kubernetes/aai/components/aai-babel/resources/config/application.properties index 21ed6cd9ee..6a3a74c0a6 100644 --- a/kubernetes/aai/components/aai-babel/resources/config/application.properties +++ b/kubernetes/aai/components/aai-babel/resources/config/application.properties @@ -1,14 +1,33 @@ +{{/* +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# Copyright © 2021 Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} server.port=9516 {{ if ( include "common.needTLS" .) }} -server.ssl.key-store=${CONFIG_HOME}/auth/tomcat_keystore +server.ssl.key-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12 +server.ssl.key-store-password=${KEYSTORE_PASSWORD} +server.ssl.trust-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks +server.ssl.trust-store-password=${TRUSTSTORE_PASSWORD} server.ssl.client-auth=need +server.ssl.key-store-type=PKCS12 {{ else }} security.require-ssl=false server.ssl.enabled=false {{ end }} +spring.main.allow-bean-definition-overriding=true server.servlet.context-path=/services/babel-service - logging.config=${CONFIG_HOME}/logback.xml - tosca.mappings.config=${CONFIG_HOME}/tosca-mappings.json diff --git a/kubernetes/aai/components/aai-babel/resources/config/auth/tomcat_keystore b/kubernetes/aai/components/aai-babel/resources/config/auth/tomcat_keystore Binary files differdeleted file mode 100644 index e1d24d9b4d..0000000000 --- a/kubernetes/aai/components/aai-babel/resources/config/auth/tomcat_keystore +++ /dev/null diff --git a/kubernetes/aai/components/aai-babel/resources/config/logback.xml b/kubernetes/aai/components/aai-babel/resources/config/logback.xml index c29da77d84..125731cf6e 100644 --- a/kubernetes/aai/components/aai-babel/resources/config/logback.xml +++ b/kubernetes/aai/components/aai-babel/resources/config/logback.xml @@ -1,6 +1,7 @@ <?xml version="1.0" encoding="UTF-8"?> <!-- # Copyright © 2018 Amdocs, Bell Canada, AT&T +# Modifications Copyright © 2021 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -27,25 +28,20 @@ <property name="auditLogName" value="audit" /> <property name="debugLogName" value="debug" /> - <property name="errorLogPattern" - value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{RequestId}|%thread|%mdc{ServiceName}|%mdc{PartnerName}|%mdc{TargetEntity}|%mdc{TargetServiceName}|%.-5level|%logger|%mdc{ClassName}|%msg%n" /> + <property name="errorLogPattern" value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{RequestId}|%thread|%mdc{ServiceName}|%mdc{PartnerName}|%mdc{TargetEntity}|%mdc{TargetServiceName}|%.-5level|%logger|%mdc{ClassName}|%msg%n" /> - <property name="auditLogPattern" - value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{BeginTimestamp}|%mdc{EndTimestamp}|%mdc{RequestId}|%mdc{ServiceInstanceId}|%thread|%mdc{ServerFQDN}|%mdc{ServiceName}|%mdc{PartnerName}|%mdc{StatusCode}|%mdc{ResponseCode}|%mdc{ResponseDescription}|%logger|%.-5level|||%mdc{ElapsedTime}|%mdc{RemoteHost}|%mdc{ClientAddress}|%mdc{ClassName}|||%msg%n" /> + <property name="auditLogPattern" value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{BeginTimestamp}|%mdc{EndTimestamp}|%mdc{RequestId}|%mdc{ServiceInstanceId}|%thread|%mdc{ServerFQDN}|%mdc{ServiceName}|%mdc{PartnerName}|%mdc{StatusCode}|%mdc{ResponseCode}|%mdc{ResponseDescription}|%logger|%.-5level|||%mdc{ElapsedTime}|%mdc{RemoteHost}|%mdc{ClientAddress}|%mdc{ClassName}|||%msg%n" /> - <property name="metricsLogPattern" - value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{BeginTimestamp}|%mdc{EndTimestamp}|%mdc{RequestId}|%mdc{ServiceInstanceId}|%thread|%mdc{ServerFQDN}|%mdc{ServiceName}|%mdc{PartnerName}|%mdc{TargetEntity}|%mdc{TargetServiceName}|%mdc{StatusCode}|%mdc{ResponseCode}|%mdc{ResponseDescription}|%logger|%.-5level|||%mdc{ElapsedTime}|%mdc{RemoteHost}|%mdc{ClientAddress}|%mdc{ClassName}|||%msg%n" /> + <property name="metricsLogPattern" value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{BeginTimestamp}|%mdc{EndTimestamp}|%mdc{RequestId}|%mdc{ServiceInstanceId}|%thread|%mdc{ServerFQDN}|%mdc{ServiceName}|%mdc{PartnerName}|%mdc{TargetEntity}|%mdc{TargetServiceName}|%mdc{StatusCode}|%mdc{ResponseCode}|%mdc{ResponseDescription}|%logger|%.-5level|||%mdc{ElapsedTime}|%mdc{RemoteHost}|%mdc{ClientAddress}|%mdc{ClassName}|||%msg%n" /> <!-- ============================================================================ --> <!-- EELF Appenders --> <!-- ============================================================================ --> - <appender name="EELF" - class="ch.qos.logback.core.rolling.RollingFileAppender"> + <appender name="EELF" class="ch.qos.logback.core.rolling.RollingFileAppender"> <file>${logDirectory}/${generalLogName}.log</file> <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip - </fileNamePattern> + <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip</fileNamePattern> <maxHistory>60</maxHistory> </rollingPolicy> <encoder> @@ -65,12 +61,10 @@ are specializations of the EELF application root logger and appender. This can be used to segregate Policy engine events from other components, or it can be eliminated to record these events as part of the application root log. --> - <appender name="EELFAudit" - class="ch.qos.logback.core.rolling.RollingFileAppender"> + <appender name="EELFAudit" class="ch.qos.logback.core.rolling.RollingFileAppender"> <file>${logDirectory}/${auditLogName}.log</file> <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip - </fileNamePattern> + <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip</fileNamePattern> <maxHistory>60</maxHistory> </rollingPolicy> <encoder> @@ -82,12 +76,10 @@ <appender-ref ref="EELFAudit" /> </appender> - <appender name="EELFMetrics" - class="ch.qos.logback.core.rolling.RollingFileAppender"> + <appender name="EELFMetrics" class="ch.qos.logback.core.rolling.RollingFileAppender"> <file>${logDirectory}/${metricsLogName}.log</file> <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip - </fileNamePattern> + <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip</fileNamePattern> <maxHistory>60</maxHistory> </rollingPolicy> <encoder> @@ -100,14 +92,10 @@ <appender-ref ref="EELFMetrics" /> </appender> - <appender name="EELFDebug" - class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file> - ${logDirectory}/${debugLogName}.log - </file> + <appender name="EELFDebug" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${debugLogName}.log</file> <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip - </fileNamePattern> + <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip</fileNamePattern> <maxHistory>60</maxHistory> </rollingPolicy> <encoder> @@ -119,9 +107,7 @@ <!-- allow only events with a level below INFO, that is TRACE and DEBUG --> <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> <evaluator class="ch.qos.logback.classic.boolex.GEventEvaluator"> - <expression> - e.level.toInt() < INFO.toInt() - </expression> + <expression>e.level.toInt() < INFO.toInt()</expression> </evaluator> <OnMismatch>DENY</OnMismatch> <OnMatch>NEUTRAL</OnMatch> @@ -131,6 +117,15 @@ <includeCallerData>false</includeCallerData> </appender> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${errorLogPattern}</pattern> + </encoder> + </appender> + <appender name="AsyncSysOut" class="ch.qos.logback.classic.AsyncAppender"> + <appender-ref ref="STDOUT" /> + </appender> + <!-- ============================================================================ --> <!-- Default / root appenders --> <!-- This determines the logging level for 3rd party code --> @@ -138,29 +133,34 @@ <root level="INFO"> <appender-ref ref="asyncEELF" /> - <appender-ref ref="asyncEELFDebug" /> -</root> + <appender-ref ref="asyncEELFDebug" /> + <appender-ref ref="AsyncSysOut" /> + </root> <!-- ============================================================================ --> <!-- EELF loggers --> <!-- ============================================================================ --> <logger name="com.att.eelf" level="INFO" additivity="false"> - <appender-ref ref="asyncEELF" /> -</logger> + <appender-ref ref="asyncEELF" /> + <appender-ref ref="AsyncSysOut" /> + </logger> <!-- The level of this logger determines the contents of the debug log --> <logger name="com.att.eelf.debug" level="INFO" additivity="false"> - <appender-ref ref="asyncEELFDebug" /> -</logger> + <appender-ref ref="asyncEELFDebug" /> + <appender-ref ref="AsyncSysOut" /> + </logger> <logger name="com.att.eelf.audit" level="INFO" additivity="false"> - <appender-ref ref="asyncEELFAudit" /> -</logger> + <appender-ref ref="asyncEELFAudit" /> + <appender-ref ref="AsyncSysOut" /> + </logger> <logger name="com.att.eelf.metrics" level="INFO" additivity="false"> - <appender-ref ref="asyncEELFMetrics" /> -</logger> + <appender-ref ref="asyncEELFMetrics" /> + <appender-ref ref="AsyncSysOut" /> + </logger> <!-- ============================================================================ --> <!-- Non-EELF loggers --> |