Revert "[AAI][SPARKY] Automatically retrieve certs"

This reverts commit a9a41d84026f059aae70f9042c0b99af5b72e619. aai-sparky-be with this patch fails often in the gate. I expect this to be related to this patch as the stack trace contains below error message: java.io.IOException: keystore password was incorrect Issue-ID: OOM-2683 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I53650671eae700ef553b2f9158744ab72d881820
author: Krzysztof Opasiak <k.opasiak@samsung.com> 2021-03-04 22:14:51 +0100
committer: Krzysztof Opasiak <k.opasiak@samsung.com> 2021-03-04 22:19:00 +0100
commit: 12e6aba510f0ccb2ea21ea87ba77a08bc044cd0a (patch)
tree: 99ac1294ff317e57bfe3fc9ab42a6c898e1bb36a /kubernetes/aai/components/aai-sparky-be/resources/config
parent: f7f76dfb521917298fbaf320d6fa3d56e3ea462e (diff)
14 files changed, 20 insertions, 214 deletions
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-default.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application-oxm-default.properties
index 084f6e46bc..084f6e46bc 100644
--- a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-default.properties
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application-oxm-default.properties
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-override.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application-oxm-override.properties
index 4465fb3e11..4465fb3e11 100644
--- a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-override.properties
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application-oxm-override.properties
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-schema-prod.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application-oxm-schema-prod.properties
index b6c5f68368..094c815744 100644
--- a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-schema-prod.properties
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application-oxm-schema-prod.properties
@@ -15,14 +15,14 @@
 */}}
 
 oxm.schemaNodeDir=/opt/app/sparky/onap/oxm
-#schemaServiceTranslator is used to define whether to retreive the oxm from schema service microservice or read from the disk, possible values are schema-service/config
+#schemaServiceTranslator is used to define whether to retreive the oxm from schema service microservice or read from the disk, possible values are schema-service/config 
 oxm.schemaServiceTranslatorList=config
 # The end point for onap is https://<hostname>:<port>/onap/schema-service/v1/
 oxm.schemaServiceBaseUrl=https://<schema-service/config>/aai/schema-service/v1/
-oxm.schemaServiceKeystore=file:{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12
-oxm.schemaServiceTruststore=file:{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks
-oxm.schemaServiceKeystorePassword=${KEYSTORE_PASSWORD}
-oxm.schemaServiceTruststorePassword=${KEYSTORE_PASSWORD}
+oxm.schemaServiceKeystore=file:${CONFIG_HOME}/auth/aai-client-cert.p12
+oxm.schemaServiceTruststore=file:${CONFIG_HOME}/auth/tomcat_keystore
+oxm.schemaServiceKeystorePassword=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o
+oxm.schemaServiceTruststorePassword=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o
 
 
 
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-resources.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application-resources.properties
index 2143bf8902..59c0349b06 100644
--- a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-resources.properties
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application-resources.properties
@@ -19,7 +19,4 @@ resources.port=8443
 resources.authType=SSL_BASIC
 resources.basicAuthUserName=aai@aai.onap.org
 resources.basicAuthPassword=1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek
-resources.trust-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks
-resources.trust-store-password=${TRUSTSTORE_PASSWORD}
-resources.client-cert={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12
-resources.client-cert-password=${KEYSTORE_PASSWORD}
-\ No newline at end of file
+resources.trust-store=tomcat_keystore
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-ssl.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application-ssl.properties
index 073e9d318a..26565bb1a0 100644
--- a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-ssl.properties
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application-ssl.properties
@@ -15,8 +15,8 @@
 */}}
 
 server.port=8000
-server.ssl.key-store=file:{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12
-server.ssl.key-store-password=${KEYSTORE_PASSWORD}
+server.ssl.key-store=file:${CONFIG_HOME}/auth/org.onap.aai.p12
+server.ssl.key-store-password=OBF:1cqc1l4h1qhu1j751p3j1kmy1ncw1o6g1hf418571g7i1d9r1dan1ga8185f1hfy1o461ncu1kjo1p671j7x1qjg1l8t1cne
 server.ssl.enabled-protocols=TLSv1.1,TLSv1.2
-server.ssl.trust-store=file:{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks
-server.ssl.trust-store-password=${KEYSTORE_PASSWORD}
+server.ssl.trust-store=file:${CONFIG_HOME}/auth/truststoreONAPall.jks
+server.ssl.trust-store-password=OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-sync.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application-sync.properties
index 4fb10a21f7..4fb10a21f7 100644
--- a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-sync.properties
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application-sync.properties
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application.properties
index a9e5908ec7..1ae00d95c4 100644
--- a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application.properties
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application.properties
@@ -27,11 +27,11 @@ spring.mvc.favicon.enabled=false
 spring.profiles.active=camel,ssl,fe-prod,oxm-schema-prod,oxm-default,resources,portal,aai-proxy
 
 portal.cadiFileLocation={{.Values.config.cadiFileLocation}}
+portal.cadiFileLocation={{.Values.config.cadiFileLocation}}
 searchservice.hostname={{.Values.global.searchData.serviceName}}
 searchservice.port=9509
-searchservice.client-cert={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12
-searchservice.client-cert-password=${KEYSTORE_PASSWORD}
-searchservice.truststore={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks
-searchservice.truststore-password=${TRUSTSTORE_PASSWORD}
+searchservice.client-cert=client-cert-onap.p12
+searchservice.client-cert-password=1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+searchservice.truststore=tomcat_keystore
 
 schema.ingest.file=${CONFIG_HOME}/schemaIngest.properties
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/logback.xml b/kubernetes/aai/components/aai-sparky-be/resources/config/application/logback.xml
deleted file mode 100644
index cd5338f5b3..0000000000
--- a/kubernetes/aai/components/aai-sparky-be/resources/config/application/logback.xml
+++ /dev/null
@@ -1,187 +0,0 @@
-<configuration scan="true" scanPeriod="3 seconds" debug="false">
-    <!--{{/*
-    # Copyright © 2018 AT&T
-    # Copyright © 2021 Orange
-    #
-    # Licensed under the Apache License, Version 2.0 (the "License");
-    # you may not use this file except in compliance with the License.
-    # You may obtain a copy of the License at
-    #
-    #       http://www.apache.org/licenses/LICENSE-2.0
-    #
-    # Unless required by applicable law or agreed to in writing, software
-    # distributed under the License is distributed on an "AS IS" BASIS,
-    # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-    # See the License for the specific language governing permissions and
-    # limitations under the License.
-    */}}-->
-  <!--<jmxConfigurator /> -->
-  <!-- directory path for all other type logs -->
-
-  <property name="logDir" value="/var/log/onap" />
-
-  <!-- <ECOMP-component-name>::= "MSO" | "DCAE" | "ASDC " | "AAI" |"Policy"
-          | "SDNC" | "AC" -->
-  <property name="componentName" value="AAI-UI"></property>
-
-  <!-- default eelf log file names -->
-  <property name="generalLogName" value="error" />
-  <property name="metricsLogName" value="metrics" />
-  <property name="auditLogName" value="audit" />
-  <property name="debugLogName" value="debug" />
-
-  <property name="errorLogPattern" value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{RequestId}|%thread|AAIUI|%mdc{PartnerName}|%logger|%.-5level|%msg%n" />
-  <property name="auditMetricPattern" value="%m%n" />
-
-  <property name="logDirectory" value="${logDir}/${componentName}" />
-
-
-  <!-- Example evaluator filter applied against console appender -->
-  <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
-    <encoder>
-      <pattern>${errorLogPattern}</pattern>
-    </encoder>
-  </appender>
-
-  <!-- ============================================================================ -->
-  <!-- EELF Appenders -->
-  <!-- ============================================================================ -->
-
-  <!-- The EELFAppender is used to record events to the general application
-          log -->
-
-  <appender name="EELF" class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <file>${logDirectory}/${generalLogName}.log</file>
-    <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
-      <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip
-</fileNamePattern>
-      <maxHistory>60</maxHistory>
-    </rollingPolicy>
-    <encoder>
-      <pattern>${errorLogPattern}</pattern>
-    </encoder>
-  </appender>
-  <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender">
-    <!-- deny all events with a level below INFO, that is TRACE and DEBUG -->
-    <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
-      <level>INFO</level>
-    </filter>
-    <queueSize>256</queueSize>
-    <appender-ref ref="EELF" />
-  </appender>
-
-
-  <!-- EELF Audit Appender. This appender is used to record audit engine related
-          logging events. The audit logger and appender are specializations of the
-          EELF application root logger and appender. This can be used to segregate
-          Policy engine events from other components, or it can be eliminated to record
-          these events as part of the application root log. -->
-
-  <appender name="EELFAudit" class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <file>${logDirectory}/${auditLogName}.log</file>
-    <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
-      <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip
-</fileNamePattern>
-      <maxHistory>60</maxHistory>
-    </rollingPolicy>
-    <encoder>
-      <pattern>${auditMetricPattern}</pattern>
-    </encoder>
-  </appender>
-  <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
-    <queueSize>256</queueSize>
-    <appender-ref ref="EELFAudit" />
-  </appender>
-
-  <appender name="EELFMetrics" class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <file>${logDirectory}/${metricsLogName}.log</file>
-    <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
-      <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip
-</fileNamePattern>
-      <maxHistory>60</maxHistory>
-    </rollingPolicy>
-    <encoder>
-      <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n"</pattern> -->
-      <pattern>${auditMetricPattern}</pattern>
-    </encoder>
-  </appender>
-
-
-  <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
-    <queueSize>256</queueSize>
-    <appender-ref ref="EELFMetrics" />
-  </appender>
-
-  <appender name="EELFDebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <file>${logDirectory}/${debugLogName}.log</file>
-    <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
-      <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip
-</fileNamePattern>
-      <maxHistory>60</maxHistory>
-    </rollingPolicy>
-    <encoder>
-      <pattern>${errorLogPattern}</pattern>
-    </encoder>
-  </appender>
-
-  <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender">
-    <queueSize>256</queueSize>
-    <appender-ref ref="EELFDebug" />
-    <includeCallerData>false</includeCallerData>
-  </appender>
-
-  <!-- ============================================================================ -->
-  <!-- EELF loggers -->
-  <!-- ============================================================================ -->
-  <logger name="com.att.eelf" level="info" additivity="false">
-    <appender-ref ref="asyncEELF" />
-    <appender-ref ref="asyncEELFDebug" />
-    <appender-ref ref="STDOUT" />
-  </logger>
-
-  <logger name="com.att.eelf.audit" level="info" additivity="false">
-    <appender-ref ref="asyncEELFAudit" />
-  </logger>
-  <logger name="com.att.eelf.metrics" level="info" additivity="false">
-    <appender-ref ref="asyncEELFMetrics" />
-  </logger>
-
-  <!-- Spring related loggers -->
-  <logger name="org.springframework" level="WARN" />
-  <logger name="org.springframework.beans" level="WARN" />
-  <logger name="org.springframework.web" level="WARN" />
-  <logger name="com.blog.spring.jms" level="WARN" />
-
-  <!-- Sparky loggers -->
-  <logger name="org.onap" level="INFO">
-    <appender-ref ref="STDOUT" />
-  </logger>
-
-  <!-- Other Loggers that may help troubleshoot -->
-  <logger name="net.sf" level="WARN" />
-  <logger name="org.apache.commons.httpclient" level="WARN" />
-  <logger name="org.apache.commons" level="WARN" />
-  <logger name="org.apache.coyote" level="WARN" />
-  <logger name="org.apache.jasper" level="WARN" />
-
-  <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging.
-          May aid in troubleshooting) -->
-  <logger name="org.apache.camel" level="WARN" />
-  <logger name="org.apache.cxf" level="WARN" />
-  <logger name="org.apache.camel.processor.interceptor" level="WARN" />
-  <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" />
-  <logger name="org.apache.cxf.service" level="WARN" />
-  <logger name="org.restlet" level="WARN" />
-  <logger name="org.apache.camel.component.restlet" level="WARN" />
-
-  <!-- logback internals logging -->
-  <logger name="ch.qos.logback.classic" level="WARN" />
-  <logger name="ch.qos.logback.core" level="WARN" />
-
-  <root>
-    <appender-ref ref="asyncEELF" />
-    <appender-ref ref="STDOUT" />
-    <!-- <appender-ref ref="asyncEELFDebug" /> -->
-  </root>
-
-</configuration>
-\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/auth/client-cert-onap.p12 b/kubernetes/aai/components/aai-sparky-be/resources/config/auth/client-cert-onap.p12
new file mode 100644
index 0000000000..aa4ae74272
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/auth/client-cert-onap.p12
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/auth/org.onap.aai.p12 b/kubernetes/aai/components/aai-sparky-be/resources/config/auth/org.onap.aai.p12
new file mode 100644
index 0000000000..b2449c6a54
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/auth/org.onap.aai.p12
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties
index 7a0fb8250b..2592e5ca7c 100644
--- a/kubernetes/aai/components/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties
@@ -46,4 +46,4 @@ ext_req_connection_timeout=15000
 ext_req_read_timeout=20000
 
 #Add AAF namespace if the app is centralized
-auth_namespace={{ .Values.certInitializer.fqi_namespace }}
+auth_namespace={{.Values.config.aafNamespace}}
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/portal/cadi.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/portal/cadi.properties
index baefd9806b..1f154b6101 100644
--- a/kubernetes/aai/components/aai-sparky-be/resources/config/portal/cadi.properties
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/portal/cadi.properties
@@ -6,18 +6,14 @@ aaf_url=<%=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.service:2.1
 # AAF Environment Designation
 
 #if you are running aaf service from a docker image you have to use aaf service IP and port number
-aaf_id={{ .Values.certInitializer.fqi }}
+aaf_id={{.Values.config.aafUsername}}
 #Encrypt the password using AAF Jar
-aaf_password={{ .Values.certInitializer.aafDeployPass }}
+aaf_password={{.Values.config.aafPassword}}
 # Sample CADI Properties, from CADI 1.4.2
 #hostname=org.onap.aai.orr
 csp_domain=PROD
 # Add Absolute path to Keyfile
-cadi_keyfile={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.keyfile
-cadi_keystore={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12
-cadi_keystore_password=${KEYSTORE_PASSWORD}
-
-cadi_alias={{ .Values.certInitializer.fqi }}
+cadi_keyfile={{.Values.config.cadiKeyFile}}
 
 # This is required to accept Certificate Authentication from Certman certificates.
 # can be TEST, IST or PROD
@@ -27,9 +23,9 @@ aaf_env=DEV
 cadi_loglevel=DEBUG
 
 # Add Absolute path to truststore2018.jks
-cadi_truststore={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks
+cadi_truststore={{.Values.config.cadiTrustStore}}
 # Note: This is the ONLY password that doesn't have to be encrypted. All Java's TrustStores are this passcode by default, because they are public certs
-cadi_truststore_password=${TRUSTSTORE_PASSWORD}
+cadi_truststore_password={{.Values.config.cadiTrustStorePassword}}
 
 # how to turn on SSL Logging
 #javax.net.debug=ssl
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/roles.config b/kubernetes/aai/components/aai-sparky-be/resources/config/roles.config
index df41395058..df41395058 100644
--- a/kubernetes/aai/components/aai-sparky-be/resources/config/application/roles.config
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/roles.config
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/users.config b/kubernetes/aai/components/aai-sparky-be/resources/config/users.config
index ce69e88918..ce69e88918 100644
--- a/kubernetes/aai/components/aai-sparky-be/resources/config/application/users.config
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/users.config
author	Krzysztof Opasiak <k.opasiak@samsung.com>	2021-03-04 22:14:51 +0100
committer	Krzysztof Opasiak <k.opasiak@samsung.com>	2021-03-04 22:19:00 +0100
commit	12e6aba510f0ccb2ea21ea87ba77a08bc044cd0a (patch)
tree	99ac1294ff317e57bfe3fc9ab42a6c898e1bb36a /kubernetes/aai/components/aai-sparky-be/resources/config
parent	f7f76dfb521917298fbaf320d6fa3d56e3ea462e (diff)