From cb795c01df747f872f5985ba318eefdddea57507 Mon Sep 17 00:00:00 2001
From: Andreas Geissler <andreas-geissler@telekom.de>
Date: Mon, 24 Oct 2022 14:26:35 +0200
Subject: [OSDF] Enable OSDF in ServiceMesh deployment

In case AAF is disabled the secret loading via AAF-SMS should not be called

Issue-ID: OPTFRA-1099

Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Signed-off-by: Lukasz Rajewski <lukasz.rajewski@t-mobile.pl>
Change-Id: Ifca03215a36705b1c160b2cbf708389bd2162301
---
 osdf/adapters/aaf/sms.py | 104 +++++++++++++++++++++++++++--------------------
 1 file changed, 60 insertions(+), 44 deletions(-)

(limited to 'osdf/adapters')

diff --git a/osdf/adapters/aaf/sms.py b/osdf/adapters/aaf/sms.py
index bcc449c..031fee4 100644
--- a/osdf/adapters/aaf/sms.py
+++ b/osdf/adapters/aaf/sms.py
@@ -23,9 +23,9 @@
 from onapsmsclient import Client
 
 import osdf.config.base as cfg_base
+from osdf.config.base import osdf_config
 import osdf.config.credentials as creds
 import osdf.config.loader as config_loader
-from osdf.config.base import osdf_config
 from osdf.logging.osdf_logging import debug_log
 from osdf.utils import cipherUtils
 
@@ -35,9 +35,12 @@ config_spec = {
 
 
 def preload_secrets():
-    """ This is intended to load the secrets required for testing Application
-        Actual deployment will have a preload script. Make sure the config is
-        in sync"""
+    """preload_secrets()
+
+    This is intended to load the secrets required for testing Application
+    Actual deployment will have a preload script. Make sure the config is
+    in sync
+    """
     preload_config = config_loader.load_config_file(
         config_spec.get("preload_secrets"))
     domain = preload_config.get("domain")
@@ -45,6 +48,9 @@ def preload_secrets():
     sms_url = config["aaf_sms_url"]
     timeout = config["aaf_sms_timeout"]
     cacert = config["aaf_ca_certs"]
+    if not sms_url:
+        debug_log.debug("SMS Disabled")
+        return
     sms_client = Client(url=sms_url, timeout=timeout, cacert=cacert)
     domain_uuid = sms_client.createDomain(domain)
     debug_log.debug(
@@ -64,46 +70,50 @@ def retrieve_secrets():
     timeout = config["aaf_sms_timeout"]
     cacert = config["aaf_ca_certs"]
     domain = config["secret_domain"]
-    sms_client = Client(url=sms_url, timeout=timeout, cacert=cacert)
-    secrets = sms_client.getSecretNames(domain)
-    for secret in secrets:
-        values = sms_client.getSecret(domain, secret)
-        secret_dict[secret] = values
-    debug_log.debug("Secret Dictionary Retrieval Success")
+    if sms_url:
+        sms_client = Client(url=sms_url, timeout=timeout, cacert=cacert)
+        secrets = sms_client.getSecretNames(domain)
+        for secret in secrets:
+            values = sms_client.getSecret(domain, secret)
+            secret_dict[secret] = values
+        debug_log.debug("Secret Dictionary Retrieval Success")
+    else:
+        debug_log.debug("SMS Disabled. Secrets not loaded")
     return secret_dict
 
 
 def load_secrets():
     config = osdf_config.deployment
     secret_dict = retrieve_secrets()
-    config['soUsername'] = secret_dict['so']['UserName']
-    config['soPassword'] = decrypt_pass(secret_dict['so']['Password'])
-    config['conductorUsername'] = secret_dict['conductor']['UserName']
-    config['conductorPassword'] = decrypt_pass(secret_dict['conductor']['Password'])
-    config['policyPlatformUsername'] = secret_dict['policyPlatform']['UserName']
-    config['policyPlatformPassword'] = decrypt_pass(secret_dict['policyPlatform']['Password'])
-    config['policyClientUsername'] = secret_dict['policyPlatform']['UserName']
-    config['policyClientPassword'] = decrypt_pass(secret_dict['policyPlatform']['Password'])
-    config['messageReaderAafUserId'] = secret_dict['dmaap']['UserName']
-    config['messageReaderAafPassword'] = decrypt_pass(secret_dict['dmaap']['Password'])
-    config['sdcUsername'] = secret_dict['sdc']['UserName']
-    config['sdcPassword'] = decrypt_pass(secret_dict['sdc']['Password'])
-    config['osdfPlacementUsername'] = secret_dict['osdfPlacement']['UserName']
-    config['osdfPlacementPassword'] = decrypt_pass(secret_dict['osdfPlacement']['Password'])
-    config['osdfPlacementSOUsername'] = secret_dict['osdfPlacementSO']['UserName']
-    config['osdfPlacementSOPassword'] = decrypt_pass(secret_dict['osdfPlacementSO']['Password'])
-    config['osdfPlacementVFCUsername'] = secret_dict['osdfPlacementVFC']['UserName']
-    config['osdfPlacementVFCPassword'] = decrypt_pass(secret_dict['osdfPlacementVFC']['Password'])
-    config['osdfCMSchedulerUsername'] = secret_dict['osdfCMScheduler']['UserName']
-    config['osdfCMSchedulerPassword'] = decrypt_pass(secret_dict['osdfCMScheduler']['Password'])
-    config['configDbUserName'] = secret_dict['configDb']['UserName']
-    config['configDbPassword'] = decrypt_pass(secret_dict['configDb']['Password'])
-    config['pciHMSUsername'] = secret_dict['pciHMS']['UserName']
-    config['pciHMSPassword'] = decrypt_pass(secret_dict['pciHMS']['Password'])
-    config['osdfPCIOptUsername'] = secret_dict['osdfPCIOpt']['UserName']
-    config['osdfPCIOptPassword'] = decrypt_pass(secret_dict['osdfPCIOpt']['Password'])
-    config['osdfOptEngineUsername'] = secret_dict['osdfOptEngine']['UserName']
-    config['osdfOptEnginePassword'] = decrypt_pass(secret_dict['osdfOptEngine']['Password'])
+    if secret_dict:
+        config['soUsername'] = secret_dict['so']['UserName']
+        config['soPassword'] = decrypt_pass(secret_dict['so']['Password'])
+        config['conductorUsername'] = secret_dict['conductor']['UserName']
+        config['conductorPassword'] = decrypt_pass(secret_dict['conductor']['Password'])
+        config['policyPlatformUsername'] = secret_dict['policyPlatform']['UserName']
+        config['policyPlatformPassword'] = decrypt_pass(secret_dict['policyPlatform']['Password'])
+        config['policyClientUsername'] = secret_dict['policyPlatform']['UserName']
+        config['policyClientPassword'] = decrypt_pass(secret_dict['policyPlatform']['Password'])
+        config['messageReaderAafUserId'] = secret_dict['dmaap']['UserName']
+        config['messageReaderAafPassword'] = decrypt_pass(secret_dict['dmaap']['Password'])
+        config['sdcUsername'] = secret_dict['sdc']['UserName']
+        config['sdcPassword'] = decrypt_pass(secret_dict['sdc']['Password'])
+        config['osdfPlacementUsername'] = secret_dict['osdfPlacement']['UserName']
+        config['osdfPlacementPassword'] = decrypt_pass(secret_dict['osdfPlacement']['Password'])
+        config['osdfPlacementSOUsername'] = secret_dict['osdfPlacementSO']['UserName']
+        config['osdfPlacementSOPassword'] = decrypt_pass(secret_dict['osdfPlacementSO']['Password'])
+        config['osdfPlacementVFCUsername'] = secret_dict['osdfPlacementVFC']['UserName']
+        config['osdfPlacementVFCPassword'] = decrypt_pass(secret_dict['osdfPlacementVFC']['Password'])
+        config['osdfCMSchedulerUsername'] = secret_dict['osdfCMScheduler']['UserName']
+        config['osdfCMSchedulerPassword'] = decrypt_pass(secret_dict['osdfCMScheduler']['Password'])
+        config['configDbUserName'] = secret_dict['configDb']['UserName']
+        config['configDbPassword'] = decrypt_pass(secret_dict['configDb']['Password'])
+        config['pciHMSUsername'] = secret_dict['pciHMS']['UserName']
+        config['pciHMSPassword'] = decrypt_pass(secret_dict['pciHMS']['Password'])
+        config['osdfPCIOptUsername'] = secret_dict['osdfPCIOpt']['UserName']
+        config['osdfPCIOptPassword'] = decrypt_pass(secret_dict['osdfPCIOpt']['Password'])
+        config['osdfOptEngineUsername'] = secret_dict['osdfOptEngine']['UserName']
+        config['osdfOptEnginePassword'] = decrypt_pass(secret_dict['osdfOptEngine']['Password'])
     cfg_base.http_basic_auth_credentials = creds.load_credentials(osdf_config)
     cfg_base.dmaap_creds = creds.dmaap_creds()
 
@@ -117,17 +127,23 @@ def decrypt_pass(passwd):
 
 
 def delete_secrets():
-    """ This is intended to delete the secrets for a clean initialization for
-        testing Application. Actual deployment will have a preload script.
-        Make sure the config is in sync"""
+    """delete_secrets()
+
+    This is intended to delete the secrets for a clean initialization for
+    testing Application. Actual deployment will have a preload script.
+    Make sure the config is in sync
+    """
     config = osdf_config.deployment
     sms_url = config["aaf_sms_url"]
     timeout = config["aaf_sms_timeout"]
     cacert = config["aaf_ca_certs"]
     domain = config["secret_domain"]
-    sms_client = Client(url=sms_url, timeout=timeout, cacert=cacert)
-    ret_val = sms_client.deleteDomain(domain)
-    debug_log.debug("Clean up complete")
+    if sms_url:
+        sms_client = Client(url=sms_url, timeout=timeout, cacert=cacert)
+        ret_val = sms_client.deleteDomain(domain)
+        debug_log.debug("Clean up complete")
+    else:
+        debug_log.debug("SMS Disabled. Secrets delete skipped")
     return ret_val
 
 
-- 
cgit 1.2.3-korg