aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/aai/components/aai-schema-service/config
diff options
context:
space:
mode:
authorSylvain Desbureaux <sylvain.desbureaux@orange.com>2021-02-23 18:07:34 +0100
committerSylvain Desbureaux <sylvain.desbureaux@orange.com>2021-11-12 20:18:54 +0000
commitc57b58ddca8fa19fad93b3aea70e556ad6f045d8 (patch)
treebf43684a4c647fe941d1b492edb182b162d31cbf /kubernetes/aai/components/aai-schema-service/config
parentaf3d4158481aa457d21b894865536e8d5bda1826 (diff)
[AAI][SCHEMA] Remove Hardcoded certificates
Use Certinitializer in order to retrieve needed certificates. It'll also do the retrieval for graphadmin as both microservices are working together. Issue-ID: OOM-2691 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Iad790cc14361cf15d5a6bf4fcad6fd9f4048a1a7
Diffstat (limited to 'kubernetes/aai/components/aai-schema-service/config')
-rw-r--r--kubernetes/aai/components/aai-schema-service/config/aaiconfig.properties8
-rw-r--r--kubernetes/aai/components/aai-schema-service/config/application.properties10
-rw-r--r--kubernetes/aai/components/aai-schema-service/config/logback.xml5
-rw-r--r--kubernetes/aai/components/aai-schema-service/config/realm.properties1
4 files changed, 15 insertions, 9 deletions
diff --git a/kubernetes/aai/components/aai-schema-service/config/aaiconfig.properties b/kubernetes/aai/components/aai-schema-service/config/aaiconfig.properties
index b0ed0e89a0..a2abaf3785 100644
--- a/kubernetes/aai/components/aai-schema-service/config/aaiconfig.properties
+++ b/kubernetes/aai/components/aai-schema-service/config/aaiconfig.properties
@@ -36,10 +36,10 @@ aai.tools.password={{ .Values.global.config.basic.auth.passwd }}
{{ end }}
{{ if ( include "common.needTLS" .) }}
-aai.truststore.filename={{ .Values.global.config.truststore.filename }}
-aai.truststore.passwd.x={{ .Values.global.config.truststore.passwd }}
-aai.keystore.filename={{ .Values.global.config.keystore.filename }}
-aai.keystore.passwd.x={{ .Values.global.config.keystore.passwd }}
+aai.truststore.filename={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks
+aai.truststore.passwd.x=${TRUSTSTORE_PASSWORD}
+aai.keystore.filename={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12
+aai.keystore.passwd.x=${KEYSTORE_PASSWORD}
{{ end }}
aai.default.api.version={{ .Values.global.config.schema.version.api.default }}
diff --git a/kubernetes/aai/components/aai-schema-service/config/application.properties b/kubernetes/aai/components/aai-schema-service/config/application.properties
index ad700dce6e..a3f7998a8f 100644
--- a/kubernetes/aai/components/aai-schema-service/config/application.properties
+++ b/kubernetes/aai/components/aai-schema-service/config/application.properties
@@ -39,12 +39,12 @@ server.basic.auth.location=${server.local.startpath}/etc/auth/realm.properties
server.port=8452
{{ if ( include "common.needTLS" .) }}
server.ssl.enabled-protocols=TLSv1.1,TLSv1.2
-server.ssl.key-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.keystore.filename }}
-server.ssl.key-store-password=password({{ .Values.global.config.keystore.passwd }})
-server.ssl.trust-store=${server.local.startpath}/etc/auth/{{ .Values.global.config.truststore.filename }}
-server.ssl.trust-store-password=password({{ .Values.global.config.truststore.passwd }})
+server.ssl.key-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12
+server.ssl.key-store-password=${KEYSTORE_PASSWORD}
+server.ssl.trust-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks
+server.ssl.trust-store-password=${TRUSTSTORE_PASSWORD}
server.ssl.client-auth=want
-server.ssl.key-store-type=JKS
+server.ssl.key-store-type=PKCS12
{{ else }}
security.require-ssl=false
server.ssl.enabled=false
diff --git a/kubernetes/aai/components/aai-schema-service/config/logback.xml b/kubernetes/aai/components/aai-schema-service/config/logback.xml
index cfcd3c02e6..e91e257d14 100644
--- a/kubernetes/aai/components/aai-schema-service/config/logback.xml
+++ b/kubernetes/aai/components/aai-schema-service/config/logback.xml
@@ -268,20 +268,25 @@
<logger name="org.onap.aai.aaf.auth" level="DEBUG" additivity="false">
<appender-ref ref="asyncAUTH" />
+ <appender-ref ref="STDOUT"/>
</logger>
<logger name="org.onap.aai.aailog.logs.AaiScheduledTaskAuditLog" level="INFO">
<appender-ref ref="asyncAUDIT"/>
+ <appender-ref ref="STDOUT"/>
</logger>
<logger name="org.onap.logging.filter.base.AbstractAuditLogFilter" level="INFO">
<appender-ref ref="asyncAUDIT"/>
+ <appender-ref ref="STDOUT"/>
</logger>
<logger name="org.onap.aai.logging.ErrorLogHelper" level="WARN">
<appender-ref ref="asyncERROR"/>
+ <appender-ref ref="STDOUT"/>
</logger>
<logger name="org.onap.aai.schemaservice.interceptors.post" level="DEBUG" additivity="false">
<appender-ref ref="asynctranslog" />
+ <appender-ref ref="STDOUT"/>
</logger>
<logger name="org.apache" level="OFF"/>
diff --git a/kubernetes/aai/components/aai-schema-service/config/realm.properties b/kubernetes/aai/components/aai-schema-service/config/realm.properties
index 988bb2411b..7c8539dbe7 100644
--- a/kubernetes/aai/components/aai-schema-service/config/realm.properties
+++ b/kubernetes/aai/components/aai-schema-service/config/realm.properties
@@ -10,6 +10,7 @@ ModelLoader:OBF:1qvu1v2h1sov1sar1wfw1j7j1wg21saj1sov1v1x1qxw,admin
AaiUI:OBF:1gfr1p571unz1p4j1gg7,admin
OOF:OBF:1img1ke71ily,admin
aai@aai.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
+aai-graphadmin@aai-graphadmin.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
so@so.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
sdnc@sdnc.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin
dcae@dcae.onap.org:OBF:1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek,admin