diff options
author | Magnusen, Drew (dm741q) <dm741q@att.com> | 2017-09-07 08:55:17 -0500 |
---|---|---|
committer | Kevin McKiou <km097d@att.com> | 2017-09-14 18:45:36 +0000 |
commit | 18253e5bfbccc53baaa58e485704e9cb87855ac4 (patch) | |
tree | 7c91bf25f65ed1d6f43e719fc1899149994e679a /feature-state-management/src/main/java/org/onap | |
parent | 8dd90c302c4c2406dba22a420d30a668969d889c (diff) |
Addition of State Management Feature
Patch 1:This commit adds the feature to provide node state management.
There are also a couple of very minor cleanup items in
feature-session-persistence which came up during review and testing.
Patch 2: Cleaned up some logging statements and exceptions per
comments by Pam Dragosh. Patch 3: Clean up per comments from
Jorge Hernandez. Patch4: Added a default to ignoreErrors in
RepositoryAudit. Patch 5: Rebase. Patch 6: Removed
api-state-management/.gitignore
Issue-ID: POLICY-155
Change-Id: I4fbfa33314d488ff46764931ca965f802b6a26d5
Signed-off-by: Kevin McKiou <km097d@att.com>
Diffstat (limited to 'feature-state-management/src/main/java/org/onap')
6 files changed, 1617 insertions, 0 deletions
diff --git a/feature-state-management/src/main/java/org/onap/policy/drools/statemanagement/DbAudit.java b/feature-state-management/src/main/java/org/onap/policy/drools/statemanagement/DbAudit.java new file mode 100644 index 00000000..a86ac8ef --- /dev/null +++ b/feature-state-management/src/main/java/org/onap/policy/drools/statemanagement/DbAudit.java @@ -0,0 +1,218 @@ +/*- + * ============LICENSE_START======================================================= + * feature-state-management + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.drools.statemanagement; + +import java.sql.Connection; +import java.sql.DriverManager; +import java.sql.PreparedStatement; +import java.sql.ResultSet; +import java.util.Properties; +import java.util.UUID; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * This class audits the database + */ +public class DbAudit extends DroolsPDPIntegrityMonitor.AuditBase +{ + // get an instance of logger + private static Logger logger = LoggerFactory.getLogger(DbAudit.class); + // single global instance of this audit object + final static private DbAudit instance = new DbAudit(); + + // This indicates if 'CREATE TABLE IF NOT EXISTS Audit ...' should be + // invoked -- doing this avoids the need to create the table in advance. + static private boolean createTableNeeded = true; + + /** + * @return the single 'DbAudit' instance + */ + static DroolsPDPIntegrityMonitor.AuditBase getInstance() + { + return(instance); + } + + /** + * Constructor - set the name to 'Database' + */ + private DbAudit() + { + super("Database"); + } + + /** + * Invoke the audit + * + * @param properties properties to be passed to the audit + */ + @Override + public void invoke(Properties properties) + { + if(logger.isDebugEnabled()){ + logger.debug("Running 'DbAudit.invoke'"); + } + boolean isActive = true; + String dbAuditIsActive = StateManagementProperties.getProperty("db.audit.is.active"); + if(logger.isDebugEnabled()){ + logger.debug("DbAudit.invoke: dbAuditIsActive = {}", dbAuditIsActive); + } + + if (dbAuditIsActive != null) { + try { + isActive = Boolean.parseBoolean(dbAuditIsActive.trim()); + } catch (NumberFormatException e) { + logger.warn("DbAudit.invoke: Ignoring invalid property: db.audit.is.active = {}", dbAuditIsActive); + } + } + + if(!isActive){ + + logger.info("DbAudit.invoke: exiting because isActive = {}", isActive); + return; + } + + // fetch DB properties from properties file -- they are already known + // to exist, because they were verified by the 'IntegrityMonitor' + // constructor + String url = properties.getProperty(StateManagementProperties.DB_URL); + String user = properties.getProperty(StateManagementProperties.DB_USER); + String password = properties.getProperty(StateManagementProperties.DB_PWD); + + // connection to DB + Connection connection = null; + + // supports SQL operations + PreparedStatement statement = null; + ResultSet rs = null; + + // operation phase currently running -- used to construct an error + // message, if needed + String phase = null; + + try + { + // create connection to DB + phase = "creating connection"; + if(logger.isDebugEnabled()){ + logger.debug("DbAudit: Creating connection to {}", url); + } + + connection = DriverManager.getConnection(url, user, password); + + // create audit table, if needed + if (createTableNeeded) + { + phase = "create table"; + if(logger.isDebugEnabled()){ + logger.info("DbAudit: Creating 'Audit' table, if needed"); + } + statement = connection.prepareStatement + ("CREATE TABLE IF NOT EXISTS Audit (\n" + + " name varchar(64) DEFAULT NULL,\n" + + " UNIQUE KEY name (name)\n" + + ") DEFAULT CHARSET=latin1;"); + statement.execute(); + statement.close(); + createTableNeeded = false; + } + + // insert an entry into the table + phase = "insert entry"; + String key = UUID.randomUUID().toString(); + statement = connection.prepareStatement + ("INSERT INTO Audit (name) VALUES (?)"); + statement.setString(1, key); + statement.executeUpdate(); + statement.close(); + + // fetch the entry from the table + phase = "fetch entry"; + statement = connection.prepareStatement + ("SELECT name FROM Audit WHERE name = ?"); + statement.setString(1, key); + rs = statement.executeQuery(); + if (rs.first()) + { + // found entry + if(logger.isDebugEnabled()){ + logger.debug("DbAudit: Found key {}", rs.getString(1)); + } + } + else + { + logger.error + ("DbAudit: can't find newly-created entry with key {}", key); + setResponse("Can't find newly-created entry"); + } + statement.close(); + + // delete entries from table + phase = "delete entry"; + statement = connection.prepareStatement + ("DELETE FROM Audit WHERE name = ?"); + statement.setString(1, key); + statement.executeUpdate(); + statement.close(); + statement = null; + } + catch (Exception e) + { + String message = "DbAudit: Exception during audit, phase = " + phase; + logger.error(message, e); + setResponse(message); + } + finally + { + if (rs != null) + { + try + { + rs.close(); + } + catch (Exception e) + { + } + } + if (statement != null) + { + try + { + statement.close(); + } + catch (Exception e) + { + } + } + if (connection != null) + { + try + { + connection.close(); + } + catch (Exception e) + { + } + } + } + } +} diff --git a/feature-state-management/src/main/java/org/onap/policy/drools/statemanagement/DroolsPDPIntegrityMonitor.java b/feature-state-management/src/main/java/org/onap/policy/drools/statemanagement/DroolsPDPIntegrityMonitor.java new file mode 100644 index 00000000..73f6f738 --- /dev/null +++ b/feature-state-management/src/main/java/org/onap/policy/drools/statemanagement/DroolsPDPIntegrityMonitor.java @@ -0,0 +1,398 @@ +/*- + * ============LICENSE_START======================================================= + * feature-state-management + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.drools.statemanagement; + +import java.io.File; +import java.io.FileInputStream; +import java.net.InetSocketAddress; +import java.util.ArrayList; +import java.util.Properties; + +import org.onap.policy.common.im.IntegrityMonitor; +import org.onap.policy.common.im.IntegrityMonitorException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.onap.policy.drools.core.PolicyContainer; +import org.onap.policy.drools.http.server.HttpServletServer; +import org.onap.policy.drools.properties.Startable; +import org.onap.policy.drools.utils.PropertyUtil; + +/** + * This class extends 'IntegrityMonitor' for use in the 'Drools PDP' + * virtual machine. The included audits are 'Database' and 'Repository'. + */ +public class DroolsPDPIntegrityMonitor extends IntegrityMonitor +{ + + // get an instance of logger + private static final Logger logger = LoggerFactory.getLogger(DroolsPDPIntegrityMonitor.class); + + // static global instance + static private DroolsPDPIntegrityMonitor im = null; + + // list of audits to run + static private AuditBase[] audits = + new AuditBase[]{DbAudit.getInstance(), RepositoryAudit.getInstance()}; + + static private Properties subsystemTestProperties = null; + + static private final String PROPERTIES_NAME = "feature-state-management.properties"; + /** + * Static initialization -- create Drools Integrity Monitor, and + * an HTTP server to handle REST 'test' requests + */ + static public DroolsPDPIntegrityMonitor init(String configDir) throws Exception + { + + logger.info("init: Entering and invoking PropertyUtil.getProperties() on '{}'", configDir); + + // read in properties + Properties stateManagementProperties = + PropertyUtil.getProperties(configDir + "/" + PROPERTIES_NAME); + + subsystemTestProperties = stateManagementProperties; + + // fetch and verify definitions of some properties + // (the 'IntegrityMonitor' constructor does some additional verification) + + String resourceName = stateManagementProperties.getProperty("resource.name"); + String hostPort = stateManagementProperties.getProperty("hostPort"); + String fpMonitorInterval = stateManagementProperties.getProperty("fp_monitor_interval"); + String failedCounterThreshold = stateManagementProperties.getProperty("failed_counter_threshold"); + String testTransInterval = stateManagementProperties.getProperty("test_trans_interval"); + String writeFpcInterval = stateManagementProperties.getProperty("write_fpc_interval"); + String siteName = stateManagementProperties.getProperty("site_name"); + String nodeType = stateManagementProperties.getProperty("node_type"); + String dependencyGroups = stateManagementProperties.getProperty("dependency_groups"); + String javaxPersistenceJdbcDriver = stateManagementProperties.getProperty("javax.persistence.jdbc.driver"); + String javaxPersistenceJdbcUrl = stateManagementProperties.getProperty("javax.persistence.jdbc.url"); + String javaxPersistenceJdbcUser = stateManagementProperties.getProperty("javax.persistence.jdbc.user"); + String javaxPersistenceJdbcPassword = stateManagementProperties.getProperty("javax.persistence.jdbc.password"); + + if (resourceName == null) + { + logger.error("init: Missing IntegrityMonitor property: 'resource.name'"); + throw(new Exception + ("Missing IntegrityMonitor property: 'resource.name'")); + } + if (hostPort == null) + { + logger.error("init: Missing IntegrityMonitor property: 'hostPort'"); + throw(new Exception + ("Missing IntegrityMonitor property: 'hostPort'")); + } + if (fpMonitorInterval == null) + { + logger.error("init: Missing IntegrityMonitor property: 'fp_monitor_interval'"); + throw(new Exception + ("Missing IntegrityMonitor property: 'fp_monitor_interval'")); + } + if (failedCounterThreshold == null) + { + logger.error("init: Missing IntegrityMonitor property: 'failed_counter_threshold'"); + throw(new Exception + ("Missing IntegrityMonitor property: 'failed_counter_threshold'")); + } + if (testTransInterval == null) + { + logger.error("init: Missing IntegrityMonitor property: 'test_trans_interval'"); + throw(new Exception + ("Missing IntegrityMonitor property: 'test_trans_interval'")); + } + if (writeFpcInterval == null) + { + logger.error("init: Missing IntegrityMonitor property: 'write_fpc_interval'"); + throw(new Exception + ("Missing IntegrityMonitor property: 'write_fpc_interval'")); + } + if (siteName == null) + { + logger.error("init: Missing IntegrityMonitor property: 'site_name'"); + throw(new Exception + ("Missing IntegrityMonitor property: 'site_name'")); + } + if (nodeType == null) + { + logger.error("init: Missing IntegrityMonitor property: 'node_type'"); + throw(new Exception + ("Missing IntegrityMonitor property: 'node_type'")); + } + if (dependencyGroups == null) + { + logger.error("init: Missing IntegrityMonitor property: 'dependency_groups'"); + throw(new Exception + ("Missing IntegrityMonitor property: 'dependency_groups'")); + } + if (javaxPersistenceJdbcDriver == null) + { + logger.error("init: Missing IntegrityMonitor property: 'javax.persistence.jbdc.driver for xacml DB'"); + throw(new Exception + ("Missing IntegrityMonitor property: 'javax.persistence.jbdc.driver for xacml DB'")); + } + if (javaxPersistenceJdbcUrl == null) + { + logger.error("init: Missing IntegrityMonitor property: 'javax.persistence.jbdc.url for xacml DB'"); + throw(new Exception + ("Missing IntegrityMonitor property: 'javax.persistence.jbdc.url for xacml DB'")); + } + if (javaxPersistenceJdbcUser == null) + { + logger.error("init: Missing IntegrityMonitor property: 'javax.persistence.jbdc.user for xacml DB'"); + throw(new Exception + ("Missing IntegrityMonitor property: 'javax.persistence.jbdc.user for xacml DB'")); + } + if (javaxPersistenceJdbcPassword == null) + { + logger.error("init: Missing IntegrityMonitor property: 'javax.persistence.jbdc.password for xacml DB'"); + throw(new Exception + ("Missing IntegrityMonitor property: 'javax.persistence.jbdc.password' for xacml DB'")); + } + + // Now that we've validated the properties, create Drools Integrity Monitor + // with these properties. + im = new DroolsPDPIntegrityMonitor(resourceName, + stateManagementProperties); + logger.info("init: New DroolsPDPIntegrityMonitor instantiated, hostPort= {}", hostPort); + + // determine host and port for HTTP server + int index = hostPort.lastIndexOf(':'); + InetSocketAddress addr; + + if (index < 0) + { + addr = new InetSocketAddress(Integer.valueOf(hostPort)); + } + else + { + addr = new InetSocketAddress + (hostPort.substring(0, index), + Integer.valueOf(hostPort.substring(index + 1))); + } + + // create http server + try { + logger.info("init: Starting HTTP server, addr= {}", addr); + IntegrityMonitorRestServer server = new IntegrityMonitorRestServer(); + + server.init(stateManagementProperties); + + System.out.println("init: Started server on hostPort=" + hostPort); + } catch (Exception e) { + logger.error("init: Caught Exception attempting to start server on hostPort= {}, message = {}", + hostPort, e.getMessage()); + throw e; + + } + + logger.info("init: Exiting and returning DroolsPDPIntegrityMonitor"); + return im; + } + + /** + * Constructor - pass arguments to superclass, but remember properties + * @param resourceName unique name of this Integrity Monitor + * @param url the JMX URL of the MBean server + * @param properties properties used locally, as well as by + * 'IntegrityMonitor' + * @throws Exception (passed from superclass) + */ + private DroolsPDPIntegrityMonitor(String resourceName, + Properties consolidatedProperties + ) throws Exception { + super(resourceName, consolidatedProperties); + } + + /** + * Run tests (audits) unique to Drools PDP VM (Database + Repository) + */ + @Override + public void subsystemTest() throws IntegrityMonitorException + { + logger.info("DroolsPDPIntegrityMonitor.subsystemTest called"); + + // clear all responses (non-null values indicate an error) + for (AuditBase audit : audits) + { + audit.setResponse(null); + } + + // invoke all of the audits + for (AuditBase audit : audits) + { + try + { + // invoke the audit (responses are stored within the audit object) + audit.invoke(subsystemTestProperties); + } + catch (Exception e) + { + logger.error("{} audit error", audit.getName(), e); + if (audit.getResponse() == null) + { + // if there is no current response, use the exception message + audit.setResponse(e.getMessage()); + } + } + } + + // will contain list of subsystems where the audit failed + String responseMsg = ""; + + // Loop through all of the audits, and see which ones have failed. + // NOTE: response information is stored within the audit objects + // themselves -- only one can run at a time. + for (AuditBase audit : audits) + { + String response = audit.getResponse(); + if (response != null) + { + // the audit has failed -- add subsystem and + // and 'responseValue' with the new information + responseMsg = responseMsg.concat("\n" + audit.getName() + ": " + response); + } + } + + if(!responseMsg.isEmpty()){ + throw new IntegrityMonitorException(responseMsg); + } + } + + /* ============================================================ */ + + /** + * This is the base class for audits invoked in 'subsystemTest' + */ + static public abstract class AuditBase + { + // name of the audit + protected String name; + + // non-null indicates the error response + protected String response; + + /** + * Constructor - initialize the name, and clear the initial response + * @param name name of the audit + */ + public AuditBase(String name) + { + this.name = name; + this.response = null; + } + + /** + * @return the name of this audit + */ + public String getName() + { + return(name); + } + + /** + * @return the response String (non-null indicates the error message) + */ + public String getResponse() + { + return(response); + } + + /** + * Set the response string to the specified value + * @param value the new value of the response string (null = no errors) + */ + public void setResponse(String value) + { + response = value; + } + + /** + * Abstract method to invoke the audit + * @param persistenceProperties Used for DB access + * @throws Exception passed in by the audit + */ + abstract void invoke(Properties persistenceProperties) throws Exception; + } + + public static class IntegrityMonitorRestServer implements Startable { + protected volatile HttpServletServer server = null; + protected volatile Properties integrityMonitorRestServerProperties = null; + + public void init(Properties props) { + this.integrityMonitorRestServerProperties = props; + this.start(); + } + + @Override + public boolean start() throws IllegalStateException { + try { + ArrayList<HttpServletServer> servers = HttpServletServer.factory.build(integrityMonitorRestServerProperties); + + if (!servers.isEmpty()) { + server = servers.get(0); + + try { + server.waitedStart(5); + } catch (Exception e) { + e.printStackTrace(); + } + } + } catch (Exception e) { + return false; + } + + return true; + } + + @Override + public boolean stop() throws IllegalStateException { + try { + server.stop(); + } catch (Exception e) { + e.printStackTrace(); + } + + return true; + } + + @Override + public void shutdown() throws IllegalStateException { + this.stop(); + } + + @Override + public synchronized boolean isAlive() { + return this.integrityMonitorRestServerProperties != null; + } + } + + public static DroolsPDPIntegrityMonitor getInstance() throws Exception{ + if(logger.isDebugEnabled()){ + logger.debug("getInstance() called"); + } + if (im == null) { + String msg = "No DroolsPDPIntegrityMonitor instance exists." + + " Please use the method DroolsPDPIntegrityMonitor init(String configDir)"; + throw new Exception(msg); + }else{ + return im; + } + } +} diff --git a/feature-state-management/src/main/java/org/onap/policy/drools/statemanagement/IntegrityMonitorRestManager.java b/feature-state-management/src/main/java/org/onap/policy/drools/statemanagement/IntegrityMonitorRestManager.java new file mode 100644 index 00000000..f5024299 --- /dev/null +++ b/feature-state-management/src/main/java/org/onap/policy/drools/statemanagement/IntegrityMonitorRestManager.java @@ -0,0 +1,110 @@ +/*- + * ============LICENSE_START======================================================= + * feature-state-management + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.drools.statemanagement; + +import javax.ws.rs.GET; +import javax.ws.rs.Path; +import javax.ws.rs.core.Response; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import io.swagger.annotations.Api; +import io.swagger.annotations.ApiOperation; +import io.swagger.annotations.ApiResponse; +import io.swagger.annotations.ApiResponses; + +@Api(value = "test") + @Path("/") +public class IntegrityMonitorRestManager { + private static Logger logger = LoggerFactory.getLogger(IntegrityMonitorRestManager.class); + private DroolsPDPIntegrityMonitor im; + + /** + * Test interface for Integrity Monitor + * + * @return Exception message if exception, otherwise empty + */ + @ApiOperation( + value = "Test endpoint for integrity monitor", + notes = "The TEST command is used to request data from a subcomponent " + + "instance that can be used to determine its operational state. " + + "A 200/success response status code should be returned if the " + + "subcomponent instance is functioning properly and able to respond to requests.", + response = String.class) + @ApiResponses(value = { + @ApiResponse( + code = 200, + message = "Integrity monitor sanity check passed"), + @ApiResponse( + code = 500, + message = "Integrity monitor sanity check encountered an exception. This can indicate operational state disabled or administrative state locked") + }) + @GET + @Path("test") + public Response test() { + logger.error("integrity monitor /test accessed"); + // The responses are stored within the audit objects, so we need to + // invoke the audits and get responses before we handle another + // request. + synchronized (IntegrityMonitorRestManager.class) { + // will include messages associated with subsystem failures + StringBuilder body = new StringBuilder(); + + // 200=SUCCESS, 500=failure + int responseValue = 200; + + if (im == null) { + try { + im = DroolsPDPIntegrityMonitor.getInstance(); + } catch (Exception e) { + logger.error("IntegrityMonitorRestManager: test() interface caught an exception", e); + e.printStackTrace(); + + body.append("\nException: " + e + "\n"); + responseValue = 500; + } + } + + if (im != null) { + try { + // call 'IntegrityMonitor.evaluateSanity()' + im.evaluateSanity(); + } catch (Exception e) { + // this exception isn't coming from one of the audits, + // because those are caught in 'subsystemTest()' + logger.error("DroolsPDPIntegrityMonitor.evaluateSanity()", e); + + // include exception in HTTP response + body.append("\nException: " + e + "\n"); + responseValue = 500; + } + } + + // send response, including the contents of 'body' + // (which is empty if everything is successful) + if (responseValue == 200) + return Response.status(Response.Status.OK).build(); + else + return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(body.toString()).build(); + } + } +} diff --git a/feature-state-management/src/main/java/org/onap/policy/drools/statemanagement/RepositoryAudit.java b/feature-state-management/src/main/java/org/onap/policy/drools/statemanagement/RepositoryAudit.java new file mode 100644 index 00000000..6171572a --- /dev/null +++ b/feature-state-management/src/main/java/org/onap/policy/drools/statemanagement/RepositoryAudit.java @@ -0,0 +1,552 @@ +/*- + * ============LICENSE_START======================================================= + * feature-state-management + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.drools.statemanagement; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileOutputStream; +import java.io.IOException; +import java.nio.file.FileVisitResult; +import java.nio.file.Files; +import java.nio.file.Path; +import java.nio.file.SimpleFileVisitor; +import java.nio.file.attribute.BasicFileAttributes; +import java.util.LinkedList; +import java.util.Properties; +import java.util.concurrent.TimeUnit; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * This class audits the Maven repository + */ +public class RepositoryAudit extends DroolsPDPIntegrityMonitor.AuditBase +{ + private static final long DEFAULT_TIMEOUT = 60; // timeout in 60 seconds + + // get an instance of logger + private static Logger logger = LoggerFactory.getLogger(RepositoryAudit.class); + // single global instance of this audit object + static private RepositoryAudit instance = new RepositoryAudit(); + + /** + * @return the single 'RepositoryAudit' instance + */ + static DroolsPDPIntegrityMonitor.AuditBase getInstance() + { + return(instance); + } + + /** + * Constructor - set the name to 'Repository' + */ + private RepositoryAudit() + { + super("Repository"); + } + + /** + * Invoke the audit + * + * @param properties properties to be passed to the audit + */ + @Override + public void invoke(Properties properties) + throws IOException, InterruptedException + { + if(logger.isDebugEnabled()){ + logger.debug("Running 'RepositoryAudit.invoke'"); + } + + boolean isActive = true; + boolean ignoreErrors = true; // ignore errors by default + String repoAuditIsActive = StateManagementProperties.getProperty("repository.audit.is.active"); + String repoAuditIgnoreErrors = + StateManagementProperties.getProperty("repository.audit.ignore.errors"); + logger.debug("RepositoryAudit.invoke: repoAuditIsActive = {}" + + ", repoAuditIgnoreErrors = {}",repoAuditIsActive, repoAuditIgnoreErrors); + + if (repoAuditIsActive != null) { + try { + isActive = Boolean.parseBoolean(repoAuditIsActive.trim()); + } catch (NumberFormatException e) { + logger.warn("RepositoryAudit.invoke: Ignoring invalid property: repository.audit.is.active = {}", repoAuditIsActive); + } + } + + if(!isActive){ + logger.info("RepositoryAudit.invoke: exiting because isActive = {}", isActive); + return; + } + + if (repoAuditIgnoreErrors != null) + { + try + { + ignoreErrors = Boolean.parseBoolean(repoAuditIgnoreErrors.trim()); + } + catch (NumberFormatException e) + { + ignoreErrors = true; + logger.warn("RepositoryAudit.invoke: Ignoring invalid property: repository.audit.ignore.errors = {}", repoAuditIgnoreErrors); + } + }else{ + ignoreErrors = true; + } + + // Fetch repository information from 'IntegrityMonitorProperties' + String repositoryId = + StateManagementProperties.getProperty("repository.audit.id"); + String repositoryUrl = + StateManagementProperties.getProperty("repository.audit.url"); + String repositoryUsername = + StateManagementProperties.getProperty("repository.audit.username"); + String repositoryPassword = + StateManagementProperties.getProperty("repository.audit.password"); + boolean upload = + (repositoryId != null && repositoryUrl != null + && repositoryUsername != null && repositoryPassword != null); + + // used to incrementally construct response as problems occur + // (empty = no problems) + StringBuilder response = new StringBuilder(); + + long timeoutInSeconds = DEFAULT_TIMEOUT; + String timeoutString = + StateManagementProperties.getProperty("repository.audit.timeout"); + if (timeoutString != null && !timeoutString.isEmpty()) + { + try + { + timeoutInSeconds = Long.valueOf(timeoutString); + } + catch (NumberFormatException e) + { + logger.error + ("RepositoryAudit: Invalid 'repository.audit.timeout' value: '{}'", timeoutString, e); + if (!ignoreErrors) + { + response.append("Invalid 'repository.audit.timeout' value: '") + .append(timeoutString).append("'\n"); + setResponse(response.toString()); + } + } + } + + // artifacts to be downloaded + LinkedList<Artifact> artifacts = new LinkedList<>(); + + /* + * 1) create temporary directory + */ + Path dir = Files.createTempDirectory("auditRepo"); + logger.info("RepositoryAudit: temporary directory = {}", dir); + + // nested 'pom.xml' file and 'repo' directory + Path pom = dir.resolve("pom.xml"); + Path repo = dir.resolve("repo"); + + /* + * 2) Create test file, and upload to repository + * (only if repository information is specified) + */ + String groupId = null; + String artifactId = null; + String version = null; + if (upload) + { + groupId = "org.onap.policy.audit"; + artifactId = "repository-audit"; + version = "0." + System.currentTimeMillis(); + + if (repositoryUrl.toLowerCase().contains("snapshot")) + { + // use SNAPSHOT version + version += "-SNAPSHOT"; + } + + // create text file to write + FileOutputStream fos = + new FileOutputStream(dir.resolve("repository-audit.txt").toFile()); + try + { + fos.write(version.getBytes()); + } + finally + { + fos.close(); + } + + // try to install file in repository + if (runProcess + (timeoutInSeconds, dir.toFile(), null, + "mvn", "deploy:deploy-file", + "-DrepositoryId=" + repositoryId, + "-Durl=" + repositoryUrl, + "-Dfile=repository-audit.txt", + "-DgroupId=" + groupId, + "-DartifactId=" + artifactId, + "-Dversion=" + version, + "-Dpackaging=txt", + "-DgeneratePom=false") != 0) + { + logger.error + ("RepositoryAudit: 'mvn deploy:deploy-file' failed"); + if (!ignoreErrors) + { + response.append("'mvn deploy:deploy-file' failed\n"); + setResponse(response.toString()); + } + } + else + { + logger.info + ("RepositoryAudit: 'mvn deploy:deploy-file succeeded"); + + // we also want to include this new artifact in the download + // test (steps 3 and 4) + artifacts.add(new Artifact(groupId, artifactId, version, "txt")); + } + } + + /* + * 3) create 'pom.xml' file in temporary directory + */ + artifacts.add(new Artifact("org.apache.maven/maven-embedder/3.2.2")); + + StringBuilder sb = new StringBuilder(); + sb.append + ("<project xmlns=\"http://maven.apache.org/POM/4.0.0\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n" + + " xsi:schemaLocation=\"http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd\">\n" + + "\n" + + " <modelVersion>4.0.0</modelVersion>\n" + + " <groupId>empty</groupId>\n" + + " <artifactId>empty</artifactId>\n" + + " <version>1.0-SNAPSHOT</version>\n" + + " <packaging>pom</packaging>\n" + + "\n" + + " <build>\n" + + " <plugins>\n" + + " <plugin>\n" + + " <groupId>org.apache.maven.plugins</groupId>\n" + + " <artifactId>maven-dependency-plugin</artifactId>\n" + + " <version>2.10</version>\n" + + " <executions>\n" + + " <execution>\n" + + " <id>copy</id>\n" + + " <goals>\n" + + " <goal>copy</goal>\n" + + " </goals>\n" + + " <configuration>\n" + + " <localRepositoryDirectory>") + .append(repo) + .append("</localRepositoryDirectory>\n") + .append(" <artifactItems>\n"); + for (Artifact artifact : artifacts) + { + // each artifact results in an 'artifactItem' element + sb.append + (" <artifactItem>\n" + + " <groupId>") + .append(artifact.groupId) + .append + ("</groupId>\n" + + " <artifactId>") + .append(artifact.artifactId) + .append + ("</artifactId>\n" + + " <version>") + .append(artifact.version) + .append + ("</version>\n" + + " <type>") + .append(artifact.type) + .append + ("</type>\n" + + " </artifactItem>\n"); + } + sb.append + (" </artifactItems>\n" + + " </configuration>\n" + + " </execution>\n" + + " </executions>\n" + + " </plugin>\n" + + " </plugins>\n" + + " </build>\n" + + "</project>\n"); + FileOutputStream fos = new FileOutputStream(pom.toFile()); + try + { + fos.write(sb.toString().getBytes()); + } + finally + { + fos.close(); + } + + /* + * 4) Invoke external 'mvn' process to do the downloads + */ + + // output file = ${dir}/out (this supports step '4a') + File output = dir.resolve("out").toFile(); + + // invoke process, and wait for response + int rval = runProcess + (timeoutInSeconds, dir.toFile(), output, "mvn", "compile"); + logger.info("RepositoryAudit: 'mvn' return value = {}", rval); + if (rval != 0) + { + logger.error + ("RepositoryAudit: 'mvn compile' invocation failed"); + if (!ignoreErrors) + { + response.append("'mvn compile' invocation failed\n"); + setResponse(response.toString()); + } + } + + /* + * 4a) Check attempted and successful downloads from output file + * Note: at present, this step just generates log messages, + * but doesn't do any verification. + */ + if (rval == 0) + { + // place output in 'fileContents' (replacing the Return characters + // with Newline) + byte[] outputData = new byte[(int)output.length()]; + FileInputStream fis = new FileInputStream(output); + fis.read(outputData); + String fileContents = new String(outputData).replace('\r','\n'); + fis.close(); + + // generate log messages from 'Downloading' and 'Downloaded' + // messages within the 'mvn' output + int index = 0; + while ((index = fileContents.indexOf("\nDown", index)) > 0) + { + index += 5; + if (fileContents.regionMatches(index, "loading: ", 0, 9)) + { + index += 9; + int endIndex = fileContents.indexOf('\n', index); + logger.info + ("RepositoryAudit: Attempted download: '{}'", fileContents.substring(index, endIndex)); + index = endIndex; + } + else if (fileContents.regionMatches(index, "loaded: ", 0, 8)) + { + index += 8; + int endIndex = fileContents.indexOf(' ', index); + logger.info + ("RepositoryAudit: Successful download: '{}'",fileContents.substring(index, endIndex)); + index = endIndex; + } + } + } + + /* + * 5) Check the contents of the directory to make sure the downloads + * were successful + */ + for (Artifact artifact : artifacts) + { + if (repo.resolve(artifact.groupId.replace('.','/')) + .resolve(artifact.artifactId) + .resolve(artifact.version) + .resolve(artifact.artifactId + "-" + artifact.version + "." + + artifact.type).toFile().exists()) + { + // artifact exists, as expected + logger.info("RepositoryAudit: {} : exists", artifact.toString()); + } + else + { + // Audit ERROR: artifact download failed for some reason + logger.error("RepositoryAudit: {}: does not exist", artifact.toString()); + if (!ignoreErrors) + { + response.append("Failed to download artifact: ") + .append(artifact).append('\n'); + setResponse(response.toString()); + } + } + } + + /* + * 6) Use 'curl' to delete the uploaded test file + * (only if repository information is specified) + */ + if (upload) + { + if (runProcess + (timeoutInSeconds, dir.toFile(), null, + "curl", + "--request", "DELETE", + "--user", repositoryUsername + ":" + repositoryPassword, + (repositoryUrl + "/" + groupId.replace('.', '/') + "/" + + artifactId + "/" + version)) + != 0) + { + logger.error + ("RepositoryAudit: delete of uploaded artifact failed"); + if (!ignoreErrors) + { + response.append("delete of uploaded artifact failed\n"); + setResponse(response.toString()); + } + } + else + { + logger.info + ("RepositoryAudit: delete of uploaded artifact succeeded"); + artifacts.add(new Artifact(groupId, artifactId, version, "txt")); + } + } + + /* + * 7) Remove the temporary directory + */ + Files.walkFileTree + (dir, + new SimpleFileVisitor<Path>() + { + public FileVisitResult visitFile(Path file, BasicFileAttributes attrs) + { + // logger.info("RepositoryAudit: Delete " + file); + file.toFile().delete(); + return(FileVisitResult.CONTINUE); + } + + public FileVisitResult postVisitDirectory(Path file, IOException e) + throws IOException + { + if (e == null) + { + // logger.info("RepositoryAudit: Delete " + file); + file.toFile().delete(); + return(FileVisitResult.CONTINUE); + } + else + { + throw(e); + } + } + }); + } + + /** + * Run a process, and wait for the response + * + * @param timeoutInSeconds the number of seconds to wait for the + * process to terminate + * @param directory the execution directory of the process + * (null = current directory) + * @param stdout the file to contain the standard output + * (null = discard standard output) + * @param command command and arguments + * @return the return value of the process + * @throws IOException, InterruptedException + */ + static int runProcess(long timeoutInSeconds, + File directory, File stdout, String... command) + throws IOException, InterruptedException + { + ProcessBuilder pb = new ProcessBuilder(command); + if (directory != null) + { + pb.directory(directory); + } + if (stdout != null) + { + pb.redirectOutput(stdout); + } + + Process process = pb.start(); + if (process.waitFor(timeoutInSeconds, TimeUnit.SECONDS)) + { + // process terminated before the timeout + return(process.exitValue()); + } + + // process timed out -- kill it, and return -1 + process.destroyForcibly(); + return(-1); + } + + /* ============================================================ */ + + /** + * An instance of this class exists for each artifact that we are trying + * to download. + */ + static class Artifact + { + String groupId, artifactId, version, type; + + /** + * Constructor - populate the 'Artifact' instance + * + * @param groupId groupId of artifact + * @param artifactId artifactId of artifact + * @param version version of artifact + * @param type type of the artifact (e.g. "jar") + */ + Artifact(String groupId, String artifactId, String version, String type) + { + this.groupId = groupId; + this.artifactId = artifactId; + this.version = version; + this.type = type; + } + + /** + * Constructor - populate an 'Artifact' instance + * + * @param artifact a string of the form: + * "<groupId>/<artifactId>/<version>[/<type>]" + * @throws IllegalArgumentException if 'artifact' has the incorrect format + */ + Artifact(String artifact) + { + String[] segments = artifact.split("/"); + if (segments.length != 4 && segments.length != 3) + { + throw(new IllegalArgumentException("groupId/artifactId/version/type")); + } + groupId = segments[0]; + artifactId = segments[1]; + version = segments[2]; + type = (segments.length == 4 ? segments[3] : "jar"); + } + + /** + * @return the artifact id in the form: + * "<groupId>/<artifactId>/<version>/<type>" + */ + public String toString() + { + return(groupId + "/" + artifactId + "/" + version + "/" + type); + } + } +} diff --git a/feature-state-management/src/main/java/org/onap/policy/drools/statemanagement/StateManagementFeature.java b/feature-state-management/src/main/java/org/onap/policy/drools/statemanagement/StateManagementFeature.java new file mode 100644 index 00000000..6d47039e --- /dev/null +++ b/feature-state-management/src/main/java/org/onap/policy/drools/statemanagement/StateManagementFeature.java @@ -0,0 +1,275 @@ +/*- + * ============LICENSE_START======================================================= + * feature-state-management + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.drools.statemanagement; + +import java.io.IOException; +import java.util.Observer; +import java.util.Properties; + +import org.onap.policy.drools.statemanagement.StateManagementFeatureAPI; +import org.onap.policy.common.im.StandbyStatusException; +import org.onap.policy.common.im.StateManagement; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.onap.policy.drools.core.PolicySessionFeatureAPI; +import org.onap.policy.drools.features.PolicyEngineFeatureAPI; +import org.onap.policy.drools.utils.PropertyUtil; + +/** + * If this feature is supported, there is a single instance of it. + * It adds persistence to Drools sessions, but it is also intertwined with + * active/standby state management and IntegrityMonitor. For now, they are + * all treated as a single feature, but it would be nice to separate them. + * + * The bulk of the code here was once in other classes, such as + * 'PolicyContainer' and 'Main'. It was moved here as part of making this + * a separate optional feature. + */ + +public class StateManagementFeature implements StateManagementFeatureAPI, + PolicySessionFeatureAPI, PolicyEngineFeatureAPI +{ + // get an instance of logger + private static final Logger logger = + LoggerFactory.getLogger(StateManagementFeature.class); + + private DroolsPDPIntegrityMonitor droolsPdpIntegrityMonitor = null; + private StateManagement stateManagement = null; + + /**************************/ + /* 'FeatureAPI' interface */ + /**************************/ + + public StateManagementFeature(){ + if(logger.isDebugEnabled()){ + logger.debug("StateManagementFeature() constructor"); + } + } + + @Override + public void globalInit(String args[], String configDir) + { + // Initialization code associated with 'PolicyContainer' + if(logger.isDebugEnabled()){ + logger.debug("StateManagementFeature.globalInit({}) entry", configDir); + } + + try + { + droolsPdpIntegrityMonitor = DroolsPDPIntegrityMonitor.init(configDir); + } + catch (Exception e) + { + if(logger.isDebugEnabled()){ + logger.debug("DroolsPDPIntegrityMonitor initialization exception: ", e); + } + logger.error("DroolsPDPIntegrityMonitor.init()", e); + } + + initializeProperties(configDir); + + //At this point the DroolsPDPIntegrityMonitor instance must exist. Let's check it. + try { + droolsPdpIntegrityMonitor = DroolsPDPIntegrityMonitor.getInstance(); + stateManagement = droolsPdpIntegrityMonitor.getStateManager(); + if(logger.isDebugEnabled()){ + logger.debug("StateManagementFeature.globalInit(): " + + "stateManagement.getAdminState(): {}", stateManagement.getAdminState()); + } + if(stateManagement == null){ + if(logger.isDebugEnabled()){ + logger.debug("StateManagementFeature.globalInit(): stateManagement is NULL!"); + } + } + } catch (Exception e1) { + String msg = " \n"; + if(logger.isDebugEnabled()){ + logger.debug("StateManagementFeature.globalInit(): DroolsPDPIntegrityMonitor" + + " initialization failed with exception:", e1); + } + logger.error("DroolsPDPIntegrityMonitor.init(): StateManagementFeature startup failed " + + "to get DroolsPDPIntegrityMonitor instance:", e1); + e1.printStackTrace(); + } + } + + /** + * {@inheritDoc} + */ + @Override + public void addObserver(Observer stateChangeObserver) { + if(logger.isDebugEnabled()){ + logger.debug("StateManagementFeature.addObserver() entry\n" + + "StateManagementFeature.addObserver(): " + + "stateManagement.getAdminState(): {}", stateManagement.getAdminState()); + } + stateManagement.addObserver(stateChangeObserver); + if(logger.isDebugEnabled()){ + logger.debug("StateManagementFeature.addObserver() exit"); + } + } + + /** + * {@inheritDoc} + */ + @Override + public String getAdminState() { + return stateManagement.getAdminState(); + } + + /** + * {@inheritDoc} + */ + @Override + public String getOpState() { + return stateManagement.getOpState(); + } + + /** + * {@inheritDoc} + */ + @Override + public String getAvailStatus() { + return stateManagement.getAvailStatus(); + } + + /** + * {@inheritDoc} + */ + @Override + public String getStandbyStatus() { + return stateManagement.getStandbyStatus(); + } + + /** + * {@inheritDoc} + */ + @Override + public String getStandbyStatus(String resourceName) { + return stateManagement.getStandbyStatus(resourceName); + } + + /** + * {@inheritDoc} + */ + @Override + public void disableFailed(String resourceName) throws Exception { + stateManagement.disableFailed(resourceName); + + } + + /** + * {@inheritDoc} + */ + @Override + public void disableFailed() throws Exception { + stateManagement.disableFailed(); + } + + /** + * {@inheritDoc} + */ + @Override + public void promote() throws StandbyStatusException, Exception { + stateManagement.promote(); + } + + /** + * {@inheritDoc} + */ + @Override + public void demote() throws Exception { + stateManagement.demote(); + } + + /** + * {@inheritDoc} + */ + @Override + public String getResourceName() { + return StateManagementProperties.getProperty(StateManagementProperties.NODE_NAME); + } + + /** + * {@inheritDoc} + * @return + */ + @Override + public boolean lock(){ + try{ + stateManagement.lock(); + }catch(Exception e){ + logger.error("StateManagementFeature.lock() failed with exception: {}", e); + return false; + } + return true; + } + + /** + * {@inheritDoc} + * @throws Exception + */ + @Override + public boolean unlock(){ + try{ + stateManagement.unlock(); + }catch(Exception e){ + logger.error("StateManagementFeature.unlock() failed with exception: {}", e); + return false; + } + return true; + } + + /** + * {@inheritDoc} + * @throws Exception + */ + @Override + public boolean isLocked(){ + String admin = stateManagement.getAdminState(); + if(admin.equals(StateManagement.LOCKED)){ + return true; + }else{ + return false; + } + } + + @Override + public int getSequenceNumber() { + return SEQ_NUM; + } + + /** + * Read in the properties and initialize the StateManagementProperties. + */ + private static void initializeProperties(String configDir) + { + //Get the state management properties + try { + Properties pIm = + PropertyUtil.getProperties(configDir + "/feature-state-management.properties"); + StateManagementProperties.initProperties(pIm); + logger.info("initializeProperties: resourceName= {}", StateManagementProperties.getProperty(StateManagementProperties.NODE_NAME)); + } catch (IOException e1) { + logger.error("initializeProperties", e1); + } + } +} diff --git a/feature-state-management/src/main/java/org/onap/policy/drools/statemanagement/StateManagementProperties.java b/feature-state-management/src/main/java/org/onap/policy/drools/statemanagement/StateManagementProperties.java new file mode 100644 index 00000000..c8e17ea9 --- /dev/null +++ b/feature-state-management/src/main/java/org/onap/policy/drools/statemanagement/StateManagementProperties.java @@ -0,0 +1,64 @@ +/*- + * ============LICENSE_START======================================================= + * feature-state-management + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.drools.statemanagement; + +import java.util.Properties; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class StateManagementProperties { + // get an instance of logger + private static final Logger logger = LoggerFactory.getLogger(StateManagementProperties.class); + + public static final String NODE_NAME = "resource.name"; + public static final String SITE_NAME = "site_name"; + + public static final String DB_DRIVER = "javax.persistence.jdbc.driver"; + public static final String DB_URL = "javax.persistence.jdbc.url"; + public static final String DB_USER = "javax.persistence.jdbc.user"; + public static final String DB_PWD = "javax.persistence.jdbc.password"; + + private static Properties properties = null; + /* + * Initialize the parameter values from the feature-state-management.properties file values + * + * This is designed so that the Properties object is obtained from the feature-state-management.properties + * file and then is passed to this method to initialize the value of the parameters. + * This allows the flexibility of JUnit tests using getProperties(filename) to get the + * properties while runtime methods can use getPropertiesFromClassPath(filename). + * + */ + public static void initProperties (Properties prop){ + logger.info("StateManagementProperties.initProperties(Properties): entry"); + logger.info("\n\nStateManagementProperties.initProperties: Properties = \n{}\n\n", prop); + + properties = prop; + } + + public static String getProperty(String key){ + return properties.getProperty(key); + } + + public static Properties getProperties() { + return properties; + } +} |