From a9a41d84026f059aae70f9042c0b99af5b72e619 Mon Sep 17 00:00:00 2001
From: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Date: Tue, 16 Feb 2021 11:08:25 +0100
Subject: [AAI][SPARKY] Automatically retrieve certs

Instead of using hardcoded certificates, use certInitializer in order to
retrieve them automatically.

Issue-ID: OOM-2683
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I63ce5d1bb2e9c287729425f2fd7146e7b69c33f7
---
 .../application/application-oxm-default.properties |  18 ++
 .../application-oxm-override.properties            |  18 ++
 .../application-oxm-schema-prod.properties         |  30 ++++
 .../application/application-resources.properties   |  25 +++
 .../config/application/application-ssl.properties  |  22 +++
 .../config/application/application-sync.properties |   6 +
 .../config/application/application.properties      |  37 ++++
 .../resources/config/application/logback.xml       | 187 +++++++++++++++++++++
 .../resources/config/application/roles.config      |  22 +++
 .../resources/config/application/users.config      |  20 +++
 10 files changed, 385 insertions(+)
 create mode 100644 kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-default.properties
 create mode 100644 kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-override.properties
 create mode 100644 kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-schema-prod.properties
 create mode 100644 kubernetes/aai/components/aai-sparky-be/resources/config/application/application-resources.properties
 create mode 100644 kubernetes/aai/components/aai-sparky-be/resources/config/application/application-ssl.properties
 create mode 100644 kubernetes/aai/components/aai-sparky-be/resources/config/application/application-sync.properties
 create mode 100644 kubernetes/aai/components/aai-sparky-be/resources/config/application/application.properties
 create mode 100644 kubernetes/aai/components/aai-sparky-be/resources/config/application/logback.xml
 create mode 100644 kubernetes/aai/components/aai-sparky-be/resources/config/application/roles.config
 create mode 100644 kubernetes/aai/components/aai-sparky-be/resources/config/application/users.config

(limited to 'kubernetes/aai/components/aai-sparky-be/resources/config/application')

diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-default.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-default.properties
new file mode 100644
index 0000000000..084f6e46bc
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-default.properties
@@ -0,0 +1,18 @@
+{{/*
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+oxm.apiVersion=v14
+oxm.apiVersionList=v8,v9,v10,v11,v12,v13,v14
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-override.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-override.properties
new file mode 100644
index 0000000000..4465fb3e11
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-override.properties
@@ -0,0 +1,18 @@
+{{/*
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+oxm.apiVersionOverride=v14
+oxm.apiVersionList=v8,v9,v10,v11,v12,v13,v14
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-schema-prod.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-schema-prod.properties
new file mode 100644
index 0000000000..b6c5f68368
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-schema-prod.properties
@@ -0,0 +1,30 @@
+{{/*
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+oxm.schemaNodeDir=/opt/app/sparky/onap/oxm
+#schemaServiceTranslator is used to define whether to retreive the oxm from schema service microservice or read from the disk, possible values are schema-service/config
+oxm.schemaServiceTranslatorList=config
+# The end point for onap is https://<hostname>:<port>/onap/schema-service/v1/
+oxm.schemaServiceBaseUrl=https://<schema-service/config>/aai/schema-service/v1/
+oxm.schemaServiceKeystore=file:{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12
+oxm.schemaServiceTruststore=file:{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks
+oxm.schemaServiceKeystorePassword=${KEYSTORE_PASSWORD}
+oxm.schemaServiceTruststorePassword=${KEYSTORE_PASSWORD}
+
+
+
+# Schema Service need this variable for the time being
+spring.applicationName=sparky
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-resources.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-resources.properties
new file mode 100644
index 0000000000..2143bf8902
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-resources.properties
@@ -0,0 +1,25 @@
+{{/*
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+resources.hostname=aai
+resources.port=8443
+resources.authType=SSL_BASIC
+resources.basicAuthUserName=aai@aai.onap.org
+resources.basicAuthPassword=1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek
+resources.trust-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks
+resources.trust-store-password=${TRUSTSTORE_PASSWORD}
+resources.client-cert={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12
+resources.client-cert-password=${KEYSTORE_PASSWORD}
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-ssl.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-ssl.properties
new file mode 100644
index 0000000000..073e9d318a
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-ssl.properties
@@ -0,0 +1,22 @@
+{{/*
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+server.port=8000
+server.ssl.key-store=file:{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12
+server.ssl.key-store-password=${KEYSTORE_PASSWORD}
+server.ssl.enabled-protocols=TLSv1.1,TLSv1.2
+server.ssl.trust-store=file:{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks
+server.ssl.trust-store-password=${KEYSTORE_PASSWORD}
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-sync.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-sync.properties
new file mode 100644
index 0000000000..4fb10a21f7
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-sync.properties
@@ -0,0 +1,6 @@
+aggregationSyncEnabled=true
+historicalEntitySyncEnabled=true
+autoSuggestSyncEnabled=true
+vnfAliasSyncEnabled=true
+geoSyncEnabled=true
+viewInspectSyncEnabled=true
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application/application.properties
new file mode 100644
index 0000000000..a9e5908ec7
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application/application.properties
@@ -0,0 +1,37 @@
+{{/*
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#
+# disable the default thyme leaf icon on web-pages
+#
+*/}}
+spring.mvc.favicon.enabled=false
+
+#
+# to switch to http, remove ssl and put http
+# and in the values.yaml change the internalPort to 9517
+#
+
+spring.profiles.active=camel,ssl,fe-prod,oxm-schema-prod,oxm-default,resources,portal,aai-proxy
+
+portal.cadiFileLocation={{.Values.config.cadiFileLocation}}
+searchservice.hostname={{.Values.global.searchData.serviceName}}
+searchservice.port=9509
+searchservice.client-cert={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12
+searchservice.client-cert-password=${KEYSTORE_PASSWORD}
+searchservice.truststore={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks
+searchservice.truststore-password=${TRUSTSTORE_PASSWORD}
+
+schema.ingest.file=${CONFIG_HOME}/schemaIngest.properties
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/logback.xml b/kubernetes/aai/components/aai-sparky-be/resources/config/application/logback.xml
new file mode 100644
index 0000000000..cd5338f5b3
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application/logback.xml
@@ -0,0 +1,187 @@
+<configuration scan="true" scanPeriod="3 seconds" debug="false">
+    <!--{{/*
+    # Copyright © 2018 AT&T
+    # Copyright © 2021 Orange
+    #
+    # Licensed under the Apache License, Version 2.0 (the "License");
+    # you may not use this file except in compliance with the License.
+    # You may obtain a copy of the License at
+    #
+    #       http://www.apache.org/licenses/LICENSE-2.0
+    #
+    # Unless required by applicable law or agreed to in writing, software
+    # distributed under the License is distributed on an "AS IS" BASIS,
+    # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    # See the License for the specific language governing permissions and
+    # limitations under the License.
+    */}}-->
+  <!--<jmxConfigurator /> -->
+  <!-- directory path for all other type logs -->
+
+  <property name="logDir" value="/var/log/onap" />
+
+  <!-- <ECOMP-component-name>::= "MSO" | "DCAE" | "ASDC " | "AAI" |"Policy"
+          | "SDNC" | "AC" -->
+  <property name="componentName" value="AAI-UI"></property>
+
+  <!-- default eelf log file names -->
+  <property name="generalLogName" value="error" />
+  <property name="metricsLogName" value="metrics" />
+  <property name="auditLogName" value="audit" />
+  <property name="debugLogName" value="debug" />
+
+  <property name="errorLogPattern" value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{RequestId}|%thread|AAIUI|%mdc{PartnerName}|%logger|%.-5level|%msg%n" />
+  <property name="auditMetricPattern" value="%m%n" />
+
+  <property name="logDirectory" value="${logDir}/${componentName}" />
+
+
+  <!-- Example evaluator filter applied against console appender -->
+  <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+    <encoder>
+      <pattern>${errorLogPattern}</pattern>
+    </encoder>
+  </appender>
+
+  <!-- ============================================================================ -->
+  <!-- EELF Appenders -->
+  <!-- ============================================================================ -->
+
+  <!-- The EELFAppender is used to record events to the general application
+          log -->
+
+  <appender name="EELF" class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <file>${logDirectory}/${generalLogName}.log</file>
+    <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+      <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip
+</fileNamePattern>
+      <maxHistory>60</maxHistory>
+    </rollingPolicy>
+    <encoder>
+      <pattern>${errorLogPattern}</pattern>
+    </encoder>
+  </appender>
+  <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender">
+    <!-- deny all events with a level below INFO, that is TRACE and DEBUG -->
+    <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+      <level>INFO</level>
+    </filter>
+    <queueSize>256</queueSize>
+    <appender-ref ref="EELF" />
+  </appender>
+
+
+  <!-- EELF Audit Appender. This appender is used to record audit engine related
+          logging events. The audit logger and appender are specializations of the
+          EELF application root logger and appender. This can be used to segregate
+          Policy engine events from other components, or it can be eliminated to record
+          these events as part of the application root log. -->
+
+  <appender name="EELFAudit" class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <file>${logDirectory}/${auditLogName}.log</file>
+    <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+      <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip
+</fileNamePattern>
+      <maxHistory>60</maxHistory>
+    </rollingPolicy>
+    <encoder>
+      <pattern>${auditMetricPattern}</pattern>
+    </encoder>
+  </appender>
+  <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
+    <queueSize>256</queueSize>
+    <appender-ref ref="EELFAudit" />
+  </appender>
+
+  <appender name="EELFMetrics" class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <file>${logDirectory}/${metricsLogName}.log</file>
+    <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+      <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip
+</fileNamePattern>
+      <maxHistory>60</maxHistory>
+    </rollingPolicy>
+    <encoder>
+      <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n"</pattern> -->
+      <pattern>${auditMetricPattern}</pattern>
+    </encoder>
+  </appender>
+
+
+  <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
+    <queueSize>256</queueSize>
+    <appender-ref ref="EELFMetrics" />
+  </appender>
+
+  <appender name="EELFDebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <file>${logDirectory}/${debugLogName}.log</file>
+    <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+      <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip
+</fileNamePattern>
+      <maxHistory>60</maxHistory>
+    </rollingPolicy>
+    <encoder>
+      <pattern>${errorLogPattern}</pattern>
+    </encoder>
+  </appender>
+
+  <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender">
+    <queueSize>256</queueSize>
+    <appender-ref ref="EELFDebug" />
+    <includeCallerData>false</includeCallerData>
+  </appender>
+
+  <!-- ============================================================================ -->
+  <!-- EELF loggers -->
+  <!-- ============================================================================ -->
+  <logger name="com.att.eelf" level="info" additivity="false">
+    <appender-ref ref="asyncEELF" />
+    <appender-ref ref="asyncEELFDebug" />
+    <appender-ref ref="STDOUT" />
+  </logger>
+
+  <logger name="com.att.eelf.audit" level="info" additivity="false">
+    <appender-ref ref="asyncEELFAudit" />
+  </logger>
+  <logger name="com.att.eelf.metrics" level="info" additivity="false">
+    <appender-ref ref="asyncEELFMetrics" />
+  </logger>
+
+  <!-- Spring related loggers -->
+  <logger name="org.springframework" level="WARN" />
+  <logger name="org.springframework.beans" level="WARN" />
+  <logger name="org.springframework.web" level="WARN" />
+  <logger name="com.blog.spring.jms" level="WARN" />
+
+  <!-- Sparky loggers -->
+  <logger name="org.onap" level="INFO">
+    <appender-ref ref="STDOUT" />
+  </logger>
+
+  <!-- Other Loggers that may help troubleshoot -->
+  <logger name="net.sf" level="WARN" />
+  <logger name="org.apache.commons.httpclient" level="WARN" />
+  <logger name="org.apache.commons" level="WARN" />
+  <logger name="org.apache.coyote" level="WARN" />
+  <logger name="org.apache.jasper" level="WARN" />
+
+  <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging.
+          May aid in troubleshooting) -->
+  <logger name="org.apache.camel" level="WARN" />
+  <logger name="org.apache.cxf" level="WARN" />
+  <logger name="org.apache.camel.processor.interceptor" level="WARN" />
+  <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" />
+  <logger name="org.apache.cxf.service" level="WARN" />
+  <logger name="org.restlet" level="WARN" />
+  <logger name="org.apache.camel.component.restlet" level="WARN" />
+
+  <!-- logback internals logging -->
+  <logger name="ch.qos.logback.classic" level="WARN" />
+  <logger name="ch.qos.logback.core" level="WARN" />
+
+  <root>
+    <appender-ref ref="asyncEELF" />
+    <appender-ref ref="STDOUT" />
+    <!-- <appender-ref ref="asyncEELFDebug" /> -->
+  </root>
+
+</configuration>
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/roles.config b/kubernetes/aai/components/aai-sparky-be/resources/config/application/roles.config
new file mode 100644
index 0000000000..df41395058
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application/roles.config
@@ -0,0 +1,22 @@
+{{/*
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+[
+  {
+    "id":1,
+    "name":"View"
+  }
+]
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/users.config b/kubernetes/aai/components/aai-sparky-be/resources/config/application/users.config
new file mode 100644
index 0000000000..ce69e88918
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application/users.config
@@ -0,0 +1,20 @@
+[{
+    "orgId": null,
+    "managerId": null,
+    "firstName": "Demo",
+    "middleInitial": null,
+    "lastName": "User",
+    "phone": null,
+    "email": "demo@email.com",
+    "hrid": null,
+    "orgUserId": "demo",
+    "orgCode": null,
+    "orgManagerUserId": null,
+    "jobTitle": null,
+    "loginId": "demo",
+    "active": false,
+    "roles": [{
+        "id": 1,
+        "name": "View"
+    }]
+}]
\ No newline at end of file
-- 
cgit 1.2.3-korg