diff options
-rwxr-xr-x | config/osdf_config.yaml | 47 | ||||
-rw-r--r-- | osdf/adapters/aaf/sms.py | 4 | ||||
-rw-r--r-- | osdf/webapp/appcontroller.py | 6 | ||||
-rwxr-xr-x | osdfapp.py | 5 | ||||
-rwxr-xr-x | test/config/osdf_config.yaml | 14 | ||||
-rwxr-xr-x | test/functest/simulators/simulated-config/osdf_config.yaml | 13 | ||||
-rw-r--r-- | tox.ini | 4 |
7 files changed, 45 insertions, 48 deletions
diff --git a/config/osdf_config.yaml b/config/osdf_config.yaml index d78f227..8c6d9f1 100755 --- a/config/osdf_config.yaml +++ b/config/osdf_config.yaml @@ -10,14 +10,8 @@ placementDefaultMajorVersion: "1" placementDefaultMinorVersion: "0" placementDefaultPatchVersion: "0" -# Credentials for SO -soUsername: "" # SO username for call back. -soPassword: "" # SO password for call back. - -# Credentials for Conductor +# Config for Conductor conductorUrl: http://172.17.0.6:8091/v1/plans/ -conductorUsername: admin1 -conductorPassword: plan.15 conductorPingWaitTime: 60 # seconds to wait before calling the conductor retry URL conductorMaxRetries: 30 # if we don't get something in 30 minutes, give up # versions to be set in HTTP header @@ -26,39 +20,16 @@ conductorMinorVersion: 0 # Policy Platform -- requires ClientAuth, Authorization, and Environment policyPlatformUrl: http://policy.api.simpledemo.onap.org:8081/pdp/api/getConfig # Policy Dev platform URL policyPlatformEnv: TEST # Environment for policy platform -policyPlatformUsername: testpdp # Policy platform username. -policyPlatformPassword: alpha123 # Policy platform password. -policyClientUsername: python # For use with ClientAuth -policyClientPassword: test # For use with ClientAuth -# Credentials for DMaaP +# Config for DMaaP messageReaderHosts: NA messageReaderTopic: NA -messageReaderAafUserId: NA -messageReaderAafPassword: NA -# Credentials for SDC +# Config for SDC sdcUrl: NA -sdcUsername: NA -sdcPassword: NA sdcONAPInstanceID: NA -# Credentials for the OOF placement service - Generic -osdfPlacementUsername: test -osdfPlacementPassword: testpwd - -# Credentials for the OOF placement service - SO -osdfPlacementSOUsername: so_test -osdfPlacementSOPassword: so_testpwd - -# Credentials for the OOF placement service - VFC -osdfPlacementVFCUsername: vfc_test -osdfPlacementVFCPassword: vfc_testpwd - -# Credentials for the OOF CM scheduling service - Generic -osdfCMSchedulerUsername: test1 -osdfCMSchedulerPassword: testpwd1 - +# AAF Authentication config is_aaf_enabled: False aaf_cache_expiry_hrs: 3 aaf_url: https://aaftest.simpledemo.onap.org:8095 @@ -73,15 +44,5 @@ aaf_ca_certs: ssl_certs/aaf_root_ca.cer # config db api configDbUrl: http://config.db.url:8080 -configDbUserName: osdf -configDbPassword: passwd configDbGetCellListUrl: 'SDNCConfigDBAPI/getCellList' configDbGetNbrListUrl: 'SDNCConfigDBAPI/getNbrList' - -# Credentials for PCIHandler -pciHMSUsername: "" # pcihandler username for call back. -pciHMSPassword: "" # pcihandler password for call back. - -# Credentials for the OOF PCI Opt service -osdfPCIOptUsername: pci_test -osdfPCIOptPassword: pci_testpwd diff --git a/osdf/adapters/aaf/sms.py b/osdf/adapters/aaf/sms.py index 9c7af51..25ae7f2 100644 --- a/osdf/adapters/aaf/sms.py +++ b/osdf/adapters/aaf/sms.py @@ -21,6 +21,8 @@ from onapsmsclient import Client +import osdf.config.base as cfg_base +import osdf.config.credentials as creds import osdf.config.loader as config_loader from osdf.config.base import osdf_config from osdf.logging.osdf_logging import debug_log @@ -98,6 +100,8 @@ def load_secrets(): config['pciHMSPassword'] = secret_dict['pciHMS']['Password'] config['osdfPCIOptUsername'] = secret_dict['osdfPCIOpt']['UserName'] config['osdfPCIOptPassword'] = secret_dict['osdfPCIOpt']['Password'] + cfg_base.http_basic_auth_credentials = creds.load_credentials(osdf_config) + cfg_base.dmaap_creds = creds.dmaap_creds() def delete_secrets(): diff --git a/osdf/webapp/appcontroller.py b/osdf/webapp/appcontroller.py index 3a5385d..9714fb5 100644 --- a/osdf/webapp/appcontroller.py +++ b/osdf/webapp/appcontroller.py @@ -21,7 +21,8 @@ from flask_httpauth import HTTPBasicAuth from flask import Response import json import osdf -from osdf.config.base import http_basic_auth_credentials, osdf_config +import osdf.config.base as cfg_base +from osdf.config.base import osdf_config from osdf.adapters.aaf import aaf_authentication as aaf_auth auth_basic = HTTPBasicAuth() @@ -38,7 +39,8 @@ unauthorized_message = json.dumps(error_body) def get_pw(username): end_point = request.url.split('/')[-1] auth_group = osdf.end_point_auth_mapping.get(end_point) - return http_basic_auth_credentials[auth_group].get(username) if auth_group else None + return cfg_base.http_basic_auth_credentials[auth_group].get( + username) if auth_group else None @auth_basic.error_handler def auth_error(): @@ -28,6 +28,7 @@ from flask import Flask, request, Response, g import osdf import pydevd import json +import osdf.adapters.aaf.sms as sms import osdf.adapters.policy.interface import osdf.config.credentials import osdf.config.loader @@ -207,8 +208,8 @@ if __name__ == "__main__": common_app_opts.update({'ssl_context': tuple(ssl_opts)}) opts = get_options(sys.argv) - # TODO(Dileep): Uncomment once Helm charts to preload secrets available - # sms.load_secrets() + # Load secrets from SMS + sms.load_secrets() if not opts.local and not opts.devtest: # normal deployment app.run(port=internal_port, debug=False, **common_app_opts) else: diff --git a/test/config/osdf_config.yaml b/test/config/osdf_config.yaml index bc64ffd..8cff1d5 100755 --- a/test/config/osdf_config.yaml +++ b/test/config/osdf_config.yaml @@ -52,3 +52,17 @@ aaf_cache_expiry_hrs: 3 aaf_url: https://aaftest.simpledemo.onap.org:8095 aaf_user_roles: - /api/oof/v1/placement:org.onap.osdf.access|*|read ALL + +# Secret Management Service from AAF +aaf_sms_url: https://aaf-sms.onap:10443 +aaf_sms_timeout: 30 +secret_domain: osdf +aaf_ca_certs: ssl_certs/aaf_root_ca.cer + +# Credentials for PCIHandler +pciHMSUsername: "" # pcihandler username for call back. +pciHMSPassword: "" # pcihandler password for call back. + +# Credentials for the OOF PCI Opt service +osdfPCIOptUsername: PCI-OSDF-USER +osdfPCIOptPassword: PCI-OSDF-PASSWD diff --git a/test/functest/simulators/simulated-config/osdf_config.yaml b/test/functest/simulators/simulated-config/osdf_config.yaml index 9602c46..eccad14 100755 --- a/test/functest/simulators/simulated-config/osdf_config.yaml +++ b/test/functest/simulators/simulated-config/osdf_config.yaml @@ -47,6 +47,19 @@ osdfPlacementUrl: "http://127.0.0.1:24699/osdf/api/v2/placement" osdfPlacementUsername: "test" osdfPlacementPassword: "testpwd" +# AAF Authentication config +is_aaf_enabled: False +aaf_cache_expiry_hrs: 3 +aaf_url: https://aaftest.simpledemo.onap.org:8095 +aaf_user_roles: + - /api/oof/v1/placement:org.onap.osdf.access|*|read ALL + +# Secret Management Service from AAF +aaf_sms_url: https://aaf-sms.onap:10443 +aaf_sms_timeout: 30 +secret_domain: osdf +aaf_ca_certs: ssl_certs/aaf_root_ca.cer + # config db api configDbUrl: http://127.0.0.1:5000/simulated/configdb configDbUserName: osdf @@ -5,6 +5,8 @@ envlist = py3 [testenv] distribute = False +setenv = + OSDF_CONFIG_FILE={toxinidir}/test/config/osdf_config.yaml commands = - cat /etc/hosts /bin/bash test/functest/scripts/start-simulators.sh @@ -13,7 +15,7 @@ commands = coverage report -m --omit=".tox/py3/*","test/*" /bin/bash test/functest/scripts/stop-simulators.sh # TODO: need to update the above "omit" when we package osdf as pip-installable -deps = -r{toxinidir}/requirements.txt +deps = -r{toxinidir}/requirements.txt -r{toxinidir}/test/test-requirements.txt [run] |