From 2578aa1bb72e71823df701aa10a3b87dcce66202 Mon Sep 17 00:00:00 2001
From: Ravi Geda <gravik@amdocs.com>
Date: Wed, 7 Nov 2018 22:37:16 +0000
Subject: Add Pluggable Security to aai-resources

Note that by default this feature is turned off. To enable update the
installSidecarSecurity in aai/values.yaml to true.

Change-Id: If5d2be859ead2f0bd81aabb4fde749f105974bcf
Issue-ID: AAF-616
Signed-off-by: Ravi Geda <gravik@amdocs.com>
---
 .../resources/fproxy/config/auth/client-cert.p12   | Bin 0 -> 3617 bytes
 .../resources/fproxy/config/auth/fproxy_truststore | Bin 0 -> 4639 bytes
 .../resources/fproxy/config/auth/tomcat_keystore   | Bin 0 -> 2214 bytes
 .../resources/fproxy/config/fproxy.properties      |   2 +
 .../resources/fproxy/config/logback-spring.xml     |  48 +++++++++++++++++++++
 .../resources/fproxy/config/readme.txt             |   1 +
 6 files changed, 51 insertions(+)
 create mode 100644 kubernetes/aai/charts/aai-resources/resources/fproxy/config/auth/client-cert.p12
 create mode 100644 kubernetes/aai/charts/aai-resources/resources/fproxy/config/auth/fproxy_truststore
 create mode 100644 kubernetes/aai/charts/aai-resources/resources/fproxy/config/auth/tomcat_keystore
 create mode 100644 kubernetes/aai/charts/aai-resources/resources/fproxy/config/fproxy.properties
 create mode 100644 kubernetes/aai/charts/aai-resources/resources/fproxy/config/logback-spring.xml
 create mode 100644 kubernetes/aai/charts/aai-resources/resources/fproxy/config/readme.txt

(limited to 'kubernetes/aai/charts/aai-resources/resources/fproxy')

diff --git a/kubernetes/aai/charts/aai-resources/resources/fproxy/config/auth/client-cert.p12 b/kubernetes/aai/charts/aai-resources/resources/fproxy/config/auth/client-cert.p12
new file mode 100644
index 0000000000..d9fe86e4ec
Binary files /dev/null and b/kubernetes/aai/charts/aai-resources/resources/fproxy/config/auth/client-cert.p12 differ
diff --git a/kubernetes/aai/charts/aai-resources/resources/fproxy/config/auth/fproxy_truststore b/kubernetes/aai/charts/aai-resources/resources/fproxy/config/auth/fproxy_truststore
new file mode 100644
index 0000000000..f6ebc75ed8
Binary files /dev/null and b/kubernetes/aai/charts/aai-resources/resources/fproxy/config/auth/fproxy_truststore differ
diff --git a/kubernetes/aai/charts/aai-resources/resources/fproxy/config/auth/tomcat_keystore b/kubernetes/aai/charts/aai-resources/resources/fproxy/config/auth/tomcat_keystore
new file mode 100644
index 0000000000..9eec841aa2
Binary files /dev/null and b/kubernetes/aai/charts/aai-resources/resources/fproxy/config/auth/tomcat_keystore differ
diff --git a/kubernetes/aai/charts/aai-resources/resources/fproxy/config/fproxy.properties b/kubernetes/aai/charts/aai-resources/resources/fproxy/config/fproxy.properties
new file mode 100644
index 0000000000..f512fb71a6
--- /dev/null
+++ b/kubernetes/aai/charts/aai-resources/resources/fproxy/config/fproxy.properties
@@ -0,0 +1,2 @@
+credential.cache.timeout.ms=180000
+transactionid.header.name=X-TransactionId
\ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-resources/resources/fproxy/config/logback-spring.xml b/kubernetes/aai/charts/aai-resources/resources/fproxy/config/logback-spring.xml
new file mode 100644
index 0000000000..4fae434edd
--- /dev/null
+++ b/kubernetes/aai/charts/aai-resources/resources/fproxy/config/logback-spring.xml
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+ 
+    <property name="LOGS" value="./logs/AAF-FPS" />
+    <property name="FILEPREFIX" value="application" />
+ 
+    <appender name="Console"
+        class="ch.qos.logback.core.ConsoleAppender">
+        <layout class="ch.qos.logback.classic.PatternLayout">
+            <Pattern>
+                %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable
+            </Pattern>
+        </layout>
+    </appender>
+ 
+    <appender name="RollingFile"
+        class="ch.qos.logback.core.rolling.RollingFileAppender">
+        <file>${LOGS}/${FILEPREFIX}.log</file>
+        <encoder
+            class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+            <Pattern>%d %p %C{1.} [%t] %m%n</Pattern>
+        </encoder>
+ 
+        <rollingPolicy
+            class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+            <!-- rollover daily and when the file reaches 10 MegaBytes -->
+            <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log
+            </fileNamePattern>
+            <timeBasedFileNamingAndTriggeringPolicy
+                class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+                <maxFileSize>10MB</maxFileSize>
+            </timeBasedFileNamingAndTriggeringPolicy>
+        </rollingPolicy>
+    </appender>
+     
+    <!-- LOG everything at INFO level -->
+    <root level="info">
+        <appender-ref ref="RollingFile" />
+        <appender-ref ref="Console" />
+    </root>
+ 
+    <!-- LOG "com.baeldung*" at TRACE level -->
+    <logger name="org.onap.aaf.fproxy" level="trace" additivity="false">
+        <appender-ref ref="RollingFile" />
+        <appender-ref ref="Console" />
+    </logger>
+ 
+</configuration>
\ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-resources/resources/fproxy/config/readme.txt b/kubernetes/aai/charts/aai-resources/resources/fproxy/config/readme.txt
new file mode 100644
index 0000000000..79cf29e73c
--- /dev/null
+++ b/kubernetes/aai/charts/aai-resources/resources/fproxy/config/readme.txt
@@ -0,0 +1 @@
+Relevant configuration files need to be copied here to successfully run this service locally.
\ No newline at end of file
-- 
cgit 1.2.3-korg