summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xconductor.conf18
-rw-r--r--conductor/conductor/common/sms.py21
-rw-r--r--conductor/conductor/service.py5
-rwxr-xr-xpreload_secrets.yaml4
4 files changed, 24 insertions, 24 deletions
diff --git a/conductor.conf b/conductor.conf
index 18dad13..027335d 100755
--- a/conductor.conf
+++ b/conductor.conf
@@ -162,6 +162,9 @@ aaf_url = http://aaf-service:8100/authz/perms/user/
# From conductor
#
+# Is Secret Management service enabled (boolean value)
+#is_enabled = true
+
# Base URL for SMS, up to and not including the version, and without a trailing
# slash. (string value)
#aaf_sms_url = https://aaf-sms.onap:10443
@@ -173,7 +176,7 @@ aaf_url = http://aaf-service:8100/authz/perms/user/
# be False and the server certis not verified by the client. (string value)
#aaf_ca_certs = AAF_RootCA.cer
-# Domain Name for HAS
+# Domain Name for HAS (string value)
#secret_domain = has
@@ -224,10 +227,10 @@ certificate_key_file =
certificate_authority_bundle_file = /usr/local/bin/AAF_RootCA.cer
# Username for AAI. (string value)
-username = OOF
+#username =
# Password for AAI. (string value)
-password = OOF
+#password =
[api]
@@ -255,11 +258,9 @@ password = OOF
# username for plans. (string value)
#username =
-username = admin1
# password for plans. (string value)
#password =
-password = plan.15
# auth toggling. (boolean value)
#basic_auth_secure = true
@@ -461,21 +462,18 @@ music_new_version = True
# for version (string value)
#music_version = <None>
-music_version = "2.5.3"
+music_version = "3.0.23"
# username value that used for creating basic authorization header (string
# value)
#aafuser = <None>
-aafuser = conductor
# password value that used for creating basic authorization header (string
# value)
#aafpass = <None>
-aafpass = c0nduct0r
# AAF namespace field used in MUSIC request header (string value)
#aafns = <None>
-aafns = conductor
[prometheus]
@@ -536,11 +534,9 @@ server_url = https://sdnc.onap:8282/restconf/
# Basic Authentication Username (string value)
#username = <None>
-username = admin
# Basic Authentication Password (string value)
#password = <None>
-password = Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
# Timeout for SDNC Rest Call (string value)
#sdnc_rest_timeout = 30
diff --git a/conductor/conductor/common/sms.py b/conductor/conductor/common/sms.py
index ace2e68..c5eee3a 100644
--- a/conductor/conductor/common/sms.py
+++ b/conductor/conductor/common/sms.py
@@ -35,6 +35,9 @@ LOG = log.getLogger(__name__)
CONF = cfg.CONF
AAF_SMS_OPTS = [
+ cfg.BoolOpt('is_enabled',
+ default=True,
+ help='Is Secret Management service enabled'),
cfg.StrOpt('aaf_sms_url',
default='https://aaf-sms.onap:10443',
help='Base URL for SMS, up to and not including '
@@ -99,15 +102,15 @@ def retrieve_secrets():
def load_secrets():
config = CONF
secret_dict = retrieve_secrets()
- config.aai.username = secret_dict['aai']['username']
- config.aai.password = secret_dict['aai']['password']
- config.conductor_api.username = secret_dict['conductor_api']['username']
- config.conductor_api.password = secret_dict['conductor_api']['password']
- config.music_api.aafuser = secret_dict['music_api']['aafuser']
- config.music_api.aafpass = secret_dict['music_api']['aafpass']
- config.music_api.aafns = secret_dict['music_api']['aafns']
- config.sdnc.username = secret_dict['sdnc']['username']
- config.sdnc.password = secret_dict['sdnc']['password']
+ config.set_override('username', secret_dict['aai']['username'], 'aai')
+ config.set_override('password', secret_dict['aai']['password'], 'aai')
+ config.set_override('username', secret_dict['conductor_api']['username'], 'conductor_api')
+ config.set_override('password', secret_dict['conductor_api']['password'], 'conductor_api')
+ config.set_override('aafuser', secret_dict['music_api']['aafuser'], 'music_api')
+ config.set_override('aafpass', secret_dict['music_api']['aafpass'], 'music_api')
+ config.set_override('aafns', secret_dict['music_api']['aafns'], 'music_api')
+ config.set_override('username', secret_dict['sdnc']['username'], 'sdnc')
+ config.set_override('password', secret_dict['sdnc']['password'], 'sdnc')
def delete_secrets():
diff --git a/conductor/conductor/service.py b/conductor/conductor/service.py
index 982123c..42fe99f 100644
--- a/conductor/conductor/service.py
+++ b/conductor/conductor/service.py
@@ -108,6 +108,7 @@ def prepare_service(argv=None, config_files=None):
if argv:
gmr.TextGuruMeditation.setup_autorun(version)
messaging.setup()
- # TODO(Dileep): Uncomment once Helm charts to preload secrets available
- # sms.load_secrets()
+ # Load secrets from SMS
+ if conf.aaf_sms.is_enabled:
+ sms.load_secrets()
return conf
diff --git a/preload_secrets.yaml b/preload_secrets.yaml
index 1642308..98e5197 100755
--- a/preload_secrets.yaml
+++ b/preload_secrets.yaml
@@ -5,8 +5,8 @@ domain: has
secrets:
- name: aai
values:
- username: OOF
- password: OOF
+ username: oof@oof.onap.org
+ password: demo123456!
- name: conductor_api
values:
username: admin1