diff options
author | Shankaranarayanan Puzhavakath Narayanan <snarayanan@research.att.com> | 2018-09-17 15:17:36 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2018-09-17 15:17:36 +0000 |
commit | ce6ac9833b9d91dfe9fdd4a0346a641c0c246d90 (patch) | |
tree | 1c692826a58f11c6f13a09215b179ad7b11f6593 /osdf | |
parent | 0255242087453befa24f1b7cde905c8869267a20 (diff) | |
parent | 11dbe76c38a9628fec4072a3b520ed02b3ccfac2 (diff) |
Merge "Secret Management Service feature"
Diffstat (limited to 'osdf')
-rw-r--r-- | osdf/adapters/aaf/sms.py | 97 |
1 files changed, 97 insertions, 0 deletions
diff --git a/osdf/adapters/aaf/sms.py b/osdf/adapters/aaf/sms.py new file mode 100644 index 0000000..976eb61 --- /dev/null +++ b/osdf/adapters/aaf/sms.py @@ -0,0 +1,97 @@ +# +# ------------------------------------------------------------------------- +# Copyright (c) 2018 Intel Corporation Intellectual Property +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# ------------------------------------------------------------------------- +# + +'''Secret Management Service Integration''' + +from onapsmsclient import Client + +import osdf.config.loader as config_loader +from osdf.config.base import osdf_config +from osdf.logging.osdf_logging import debug_log + +config_spec = { + "preload_secrets": "config/preload_secrets.yaml" +} + +secret_cache = {} + + +def preload_secrets(): + """ This is intended to load the secrets required for testing Application + Actual deployment will have a preload script. Make sure the config is + in sync""" + preload_config = config_loader.load_config_file( + config_spec.get("preload_secrets")) + domain = preload_config.get("domain") + config = osdf_config.deployment + sms_url = config["aaf_sms_url"] + timeout = config["aaf_sms_timeout"] + cacert = config["aaf_ca_certs"] + sms_client = Client(url=sms_url, timeout=timeout, cacert=cacert) + domain = sms_client.createDomain(domain) + config["secret_domain"] = domain # uuid + secrets = preload_config.get("secrets") + for secret in secrets: + sms_client.storeSecret(domain, secret.get('name'), + secret.get('values')) + debug_log.debug("Preload secrets complete") + + +def retrieve_secrets(): + """Get all secrets under the domain name""" + secret_dict = dict() + config = osdf_config.deployment + sms_url = config["aaf_sms_url"] + timeout = config["aaf_sms_timeout"] + cacert = config["aaf_ca_certs"] + domain = config["secret_domain"] + sms_client = Client(url=sms_url, timeout=timeout, cacert=cacert) + secrets = sms_client.getSecretNames(domain) + for secret in secrets: + values = sms_client.getSecret(domain, secret) + secret_dict[secret] = values + debug_log.debug("Secret Dictionary Retrieval Success") + return secret_dict + + +def delete_secrets(): + """ This is intended to delete the secrets for a clean initialization for + testing Application. Actual deployment will have a preload script. + Make sure the config is in sync""" + config = osdf_config.deployment + sms_url = config["aaf_sms_url"] + timeout = config["aaf_sms_timeout"] + cacert = config["aaf_ca_certs"] + domain = config["secret_domain"] + sms_client = Client(url=sms_url, timeout=timeout, cacert=cacert) + ret_val = sms_client.deleteDomain(domain) + debug_log.debug("Clean up complete") + return ret_val + + +if __name__ == "__main__": + # Initialize Secrets from SMS + preload_secrets() + + # Retrieve Secrets from SMS and load to secret cache + # Use the secret_cache instead of config files + secret_cache = retrieve_secrets() + + # Clean up Delete secrets and domain + delete_secrets() |