diff options
| author |   Ritu Sood <ritu.sood@intel.com> | 2018-05-11 07:28:52 -0700 |
|---|---|---|
| committer | Ritu Sood <ritu.sood@intel.com> | 2018-05-11 19:39:57 -0700 |
| commit | a950e73cd6185df6e843204c7fa69efa5e7640c1 (patch) | |
| tree | 901c1df53c137fb107253c1bc9a8d85fda674195 | |
| parent | a4bb011a91ef18261167f1e4f555f57e0e8f8b27 (diff) | |
Adding basic auth to AAI Plugin
For now leaving the original certificates as before
so as not to disturb any existing test cases etc.
Issue-ID: OPTFRA-232
Change-Id: If28c772f14c89dbf4229d754cf9dd49094fc5196
Signed-off-by: Ritu Sood <ritu.sood@intel.com>
| -rw-r--r-- | AAF_RootCA.cer | 31 | ||||
| -rwxr-xr-x | conductor.conf | 9 | ||||
| -rw-r--r-- | conductor/conductor/data/plugins/inventory_provider/aai.py | 10 | ||||
| -rwxr-xr-x | run-dockers.sh | 4 |
4 files changed, 51 insertions, 3 deletions
diff --git a/AAF_RootCA.cer b/AAF_RootCA.cer new file mode 100644 index 0000000..e9a50d7 --- /dev/null +++ b/AAF_RootCA.cer @@ -0,0 +1,31 @@ +-----BEGIN CERTIFICATE----- +MIIFPjCCAyagAwIBAgIJAJ6u7cCnzrWdMA0GCSqGSIb3DQEBCwUAMCwxDjAMBgNV +BAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzAeFw0xODA0MDUx +NDE1MjhaFw0zODAzMzExNDE1MjhaMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQK +DARPTkFQMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC +ggIBAMA5pkgRs7NhGG4ew5JouhyYakgYUyFaG121+/h8qbSdt0hVQv56+EA41Yq7 +XGie7RYDQK9NmAFF3gruE+6X7wvJiChp+Cyd7sFMnb65uWhxEdxWTM2BJFrgfzUn +H8ZCxgaCo3XH4PzlKRy2LQQJEJECwl/RZmRCXijMt5e9h8XoZY/fKkKcZZUsWNCM +pTo266wjvA9MXLmdgReRj0+vrCjrNqy+htwJDztoiHWiYPqT6o8EvGcgjNqjlZx7 +NUNf8MfLDByqKF6+wRbHv1GKjn3/Vijd45Fv8riyRYROiFanvbV6jIfBkv8PZbXg +2VDWsYsgp8NAvMxK+iV8cO+Ck3lBI2GOPZbCEqpPVTYbLUz6sczAlCXwQoPzDIZY +wYa3eR/gYLY1gP2iEVHORag3bLPap9ZX5E8DZkzTNTjovvLk8KaCmfcaUMJsBtDd +ApcUitz10cnRyZc1sX3gE1f3DpzQM6t9C5sOVyRhDcSrKqqwb9m0Ss04XAS9FsqM +P3UWYQyqDXSxlUAYaX892u8mV1hxnt2gjb22RloXMM6TovM3sSrJS0wH+l1nznd6 +aFXftS/G4ZVIVZ/LfT1is4StoyPWZCwwwly1z8qJQ/zhip5NgZTxQw4mi7ww35DY +PdAQOCoajfSvFjqslQ/cPRi/MRCu079heVb5fQnnzVtnpFQRAgMBAAGjYzBhMB0G +A1UdDgQWBBRTVTPyS+vQUbHBeJrBKDF77+rtSTAfBgNVHSMEGDAWgBRTVTPyS+vQ +UbHBeJrBKDF77+rtSTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAN +BgkqhkiG9w0BAQsFAAOCAgEAPx/IaK94n02wPxpnYTy+LVLIxwdq/kawNd6IbiMz +L87zmNMDmHcGbfoRCj8OkhuggX9Lx1/CkhpXimuYsZOFQi5blr/u+v4mIbsgbmi9 +7j+cUHDP0zLycvSvxKHty51LwmaX9a4wkJl5zBU4O1sd/H9tWcEmwJ39ltKoBKBx +c94Zc3iMm5ytRWGj+0rKzLDAXEWpoZ5bE5PLJauA6UDCxDLfs3FwhbS7uDggxYvf +jySF5FCNET94oJ+m8s7VeHvoa8iPGKvXrIqdd7XDHnqJJlVKr7m9S0fMbyEB8ci2 +RtOXDt93ifY1uhoEtEykn4dqBSp8ezvNMnwoXdYPDvTd9uCAFeWFLVreBAWxd25h +PsBTkZA5hpa/rA+mKv6Af4VBViYr8cz4dZCsFChuioVebe9ighrfjB//qKepFjPF +CyjzKN1u0JKm/2x/ORqxkTONG8p3uDwoIOyimUcTtTMv42bfYD88RKakqSFXE9G+ +Z0LlaKABqfjK49o/tsAp+c5LoNlYllKhnetO3QAdraHwdmC36BhoghzR1jpX751A +cZn2VH3Q4XKyp01cJNCJIrua+A+bx6zh3RyW6zIIkbRCbET+UD+4mr8WIcSE3mtR +ZVlnhUDO4z9//WKMVzwS9Rh8/kuszrGFI1KQozXCHLrce3YP6RYZfOed79LXaRwX +dYY= +-----END CERTIFICATE----- diff --git a/conductor.conf b/conductor.conf index 150d78b..b2c1f61 100755 --- a/conductor.conf +++ b/conductor.conf @@ -150,7 +150,14 @@ certificate_key_file = /usr/local/bin/aai_key.key # Certificate Authority Bundle file in pem format. Must contain the appropriate # trust chain for the Certificate file. (string value) #certificate_authority_bundle_file = /opt/app/conductor/etc/certs/ca_bundle.pem -certificate_authority_bundle_file = /opt/optf-has/aai_cert.cer +certificate_authority_bundle_file = /usr/local/bin/AAF_RootCA.cer + +# Basic Authentication Username (string value) +username = OOF + +# Basic Authentication Password (string value) +password = OOF + [api] diff --git a/conductor/conductor/data/plugins/inventory_provider/aai.py b/conductor/conductor/data/plugins/inventory_provider/aai.py index 41f55c5..2e36bf5 100644 --- a/conductor/conductor/data/plugins/inventory_provider/aai.py +++ b/conductor/conductor/data/plugins/inventory_provider/aai.py @@ -71,6 +71,12 @@ AAI_OPTS = [ help='Certificate Authority Bundle file in pem format. ' 'Must contain the appropriate trust chain for the ' 'Certificate file.'), + cfg.StrOpt('username', + default='', + help='Username for AAI.'), + cfg.StrOpt('password', + default='', + help='Password for AAI.'), ] CONF.register_opts(AAI_OPTS, group='aai') @@ -97,6 +103,8 @@ class AAI(base.InventoryProviderBase): self.complex_last_refresh_time = None self.timeout = self.conf.aai.aai_rest_timeout self.retries = self.conf.aai.aai_retries + self.username = self.conf.aai.username + self.password = self.conf.aai.password # Cache is initially empty self._aai_cache = {} @@ -172,6 +180,8 @@ class AAI(base.InventoryProviderBase): kwargs = { "server_url": self.base, "retries": self.retries, + "username": self.username, + "password": self.password, "cert_file": self.cert, "cert_key_file": self.key, "ca_bundle_file": self.verify, diff --git a/run-dockers.sh b/run-dockers.sh index 569957c..087c92c 100755 --- a/run-dockers.sh +++ b/run-dockers.sh @@ -80,7 +80,7 @@ fi #aai_ca_bundle.pem if [ -z "$5" ] then - get_from_arguments_or_default 'aai_ca_bundle.pem' 5 + get_from_arguments_or_default './AAF_RootCA.cer' 5 fi echo Value is .... $COND_CONF $LOG_FILE @@ -90,5 +90,5 @@ docker run -d --name controller -v $COND_CONF:/usr/local/bin/conductor.conf -v $ docker run -d --name api -p "8091:8091" -v $COND_CONF:/usr/local/bin/conductor.conf -v $LOG_CONF:/usr/local/bin/log.conf ${IMAGE_NAME}:latest python /usr/local/bin/conductor-api --port=8091 -- --config-file=/usr/local/bin/conductor.conf docker run -d --name solver -v $COND_CONF:/usr/local/bin/conductor.conf -v $LOG_CONF:/usr/local/bin/log.conf ${IMAGE_NAME}:latest python /usr/local/bin/conductor-solver --config-file=/usr/local/bin/conductor.conf docker run -d --name reservation -v $COND_CONF:/usr/local/bin/conductor.conf -v $LOG_CONF:/usr/local/bin/log.conf ${IMAGE_NAME}:latest python /usr/local/bin/conductor-reservation --config-file=/usr/local/bin/conductor.conf -docker run -d --name data -v $COND_CONF:/usr/local/bin/conductor.conf -v $LOG_CONF:/usr/local/bin/log.conf -v $CERT:/usr/local/bin/aai_cert.cer -v $KEY:/usr/local/bin/aai_key.key -v $BUNDLE:/usr/local/bin/bundle.pem ${IMAGE_NAME}:latest python /usr/local/bin/conductor-data --config-file=/usr/local/bin/conductor.conf +docker run -d --name data -v $COND_CONF:/usr/local/bin/conductor.conf -v $LOG_CONF:/usr/local/bin/log.conf -v $CERT:/usr/local/bin/aai_cert.cer -v $KEY:/usr/local/bin/aai_key.key -v $BUNDLE:/usr/local/bin/AAF_RootCA.cer ${IMAGE_NAME}:latest python /usr/local/bin/conductor-data --config-file=/usr/local/bin/conductor.conf |