diff options
author | k.kedron <k.kedron@partner.samsung.com> | 2019-08-27 18:10:09 +0200 |
---|---|---|
committer | Ofir Sonsino <ofir.sonsino@intl.att.com> | 2019-08-30 07:22:26 +0000 |
commit | 68830a739232e31feadc5b10c1e537197d86269f (patch) | |
tree | 3c66e6091ddbfc061b7b25555955fe158ae7a0c8 /catalog-be/src/main | |
parent | 0a65bd7d842fb8617b3c6a7b2d4a16af583dc8be (diff) |
Fully HTTPS support in the catalog-be
Fully HTTPS support:
-Updated jvm configuration to support call to
the SDC components using HTTPS.
-Checkstyle in the recipes
-Add support for disableHttp flag in the chef script
-Add support for change the http to https in the python script
-Fixed the --schema param in the importONAPNormativeALL and
upgradeONAPNormative python scripts
-Checkstyle in the importX python script
-Disabled pycurl.SSL_VERIFYHOST to fix communication with the be component
Issue-ID: SDC-2501
Signed-off-by: Krystian Kedron <k.kedron@partner.samsung.com>
Change-Id: I588ba21638083694932a1af272f3bcbaa98268a7
Diffstat (limited to 'catalog-be/src/main')
4 files changed, 165 insertions, 152 deletions
diff --git a/catalog-be/src/main/resources/scripts/import/tosca/importNormativeElements.py b/catalog-be/src/main/resources/scripts/import/tosca/importNormativeElements.py index 453ee3aebc..3d5e9fd13b 100644 --- a/catalog-be/src/main/resources/scripts/import/tosca/importNormativeElements.py +++ b/catalog-be/src/main/resources/scripts/import/tosca/importNormativeElements.py @@ -17,9 +17,11 @@ from importCommon import * # python importUsers.py [-f <input file> | --ifile=<input file> ] # # # ################################################################################################################################################################################# -def import_element(scheme, be_host, be_port, admin_user, exit_on_success, file_dir, url_suffix, element_name, element_form_name, +def import_element(scheme, be_host, be_port, admin_user, exit_on_success, file_dir, url_suffix, element_name, + element_form_name, with_metadata=False): - result = createNormativeElement(scheme, be_host, be_port, admin_user, file_dir, url_suffix, element_name, element_form_name, with_metadata) + result = createNormativeElement(scheme, be_host, be_port, admin_user, file_dir, url_suffix, element_name, + element_form_name, with_metadata) print_frame_line() print_name_and_return_code(result[0], result[1]) print_frame_line() @@ -31,7 +33,6 @@ def import_element(scheme, be_host, be_port, admin_user, exit_on_success, file_d error_and_exit(0, None) - def createNormativeElement(scheme, be_host, be_port, admin_user, file_dir, url_suffix, element_name, element_form_name, with_metadata=False): try: @@ -40,34 +41,37 @@ def createNormativeElement(scheme, be_host, be_port, admin_user, file_dir, url_s c = pycurl.Curl() url = scheme + '://' + be_host + ':' + be_port + url_suffix - c.setopt(c.URL, url) - c.setopt(c.POST, 1) + c.setopt(pycurl.URL, url) + c.setopt(pycurl.POST, 1) admin_header = 'USER_ID: ' + admin_user c.setopt(pycurl.HTTPHEADER, [admin_header]) type_file_name = file_dir + "/" + element_name - multi_part_form_data = create_multipart_form_data(element_form_name, type_file_name, with_metadata, element_name) + multi_part_form_data = create_multipart_form_data(element_form_name, type_file_name, with_metadata, + element_name) c.setopt(pycurl.HTTPPOST, multi_part_form_data) - c.setopt(c.WRITEFUNCTION, buffer.write) + c.setopt(pycurl.WRITEFUNCTION, buffer.write) if scheme == 'https': - c.setopt(c.SSL_VERIFYPEER, 0) + # security "man in middle" vulnerability + c.setopt(pycurl.SSL_VERIFYPEER, 0) + c.setopt(pycurl.SSL_VERIFYHOST, 0) c.perform() - http_res = c.getinfo(c.RESPONSE_CODE) + http_res = c.getinfo(pycurl.RESPONSE_CODE) if http_res is not None: debug("http response=", http_res) debug("response buffer", buffer.getvalue()) c.close() - return (element_name, http_res, buffer.getvalue()) + return element_name, http_res, buffer.getvalue() except Exception as inst: print("ERROR=" + str(inst)) - return (element_name, None, None) + return element_name, None, None def create_multipart_form_data(element_form_name, type_file_name, with_metadata, element_name): diff --git a/catalog-be/src/main/resources/scripts/import/tosca/importNormativeTypes.py b/catalog-be/src/main/resources/scripts/import/tosca/importNormativeTypes.py index 511e8417e4..b74cead75e 100644 --- a/catalog-be/src/main/resources/scripts/import/tosca/importNormativeTypes.py +++ b/catalog-be/src/main/resources/scripts/import/tosca/importNormativeTypes.py @@ -19,153 +19,158 @@ import importCommon ######################################################################################################################################################################################### def createNormativeType(scheme, beHost, bePort, adminUser, fileDir, ELEMENT_NAME, updateversion): - - try: - log("in create normative type ", ELEMENT_NAME) - debug("userId", adminUser) - debug("fileDir", fileDir) - - buffer = StringIO() - c = pycurl.Curl() - - url = scheme + '://' + beHost + ':' + bePort + '/sdc2/rest/v1/catalog/upload/multipart' - if updateversion != None: - url += '?createNewVersion=' + updateversion - c.setopt(c.URL, url) - c.setopt(c.POST, 1) - - adminHeader = 'USER_ID: ' + adminUser - #c.setopt(pycurl.HTTPHEADER, ['Content-Type: application/json', 'Accept: application/json', adminHeader]) - c.setopt(pycurl.HTTPHEADER, [adminHeader]) - - yml_path = fileDir + ELEMENT_NAME + "/" + ELEMENT_NAME + ".yml" - path = fileDir + ELEMENT_NAME + "/" + ELEMENT_NAME + ".zip" - - zf = zipfile.ZipFile(path, "w") - zf.write(yml_path, ELEMENT_NAME + '.yml') - zf.close() - - debug(path) - CURRENT_JSON_FILE=fileDir + ELEMENT_NAME + "/" + ELEMENT_NAME + ".json" - #sed -i 's/"userId": ".*",/"userId": "'${USER_ID}'",/' ${CURRENT_JSON_FILE} - - jsonFile = open(CURRENT_JSON_FILE) - - debug("before load json") - json_data = json.load(jsonFile, strict=False) - debug(json_data) - - jsonAsStr = json.dumps(json_data) - - send = [('resourceMetadata', jsonAsStr), ('resourceZip', (pycurl.FORM_FILE, path))] - debug(send) - c.setopt(pycurl.HTTPPOST, send) - - #data = json.dumps(user) - #c.setopt(c.POSTFIELDS, data) - - if scheme == 'https': - c.setopt(c.SSL_VERIFYPEER, 0) - - #c.setopt(c.WRITEFUNCTION, lambda x: None) - c.setopt(c.WRITEFUNCTION, buffer.write) - #print("before perform") - res = c.perform() - - #print("Before get response code") - httpRes = c.getinfo(c.RESPONSE_CODE) - if (httpRes != None): - debug("http response=", httpRes) - #print('Status: ' + str(responseCode)) - debug(buffer.getvalue()) - c.close() - - return (ELEMENT_NAME, httpRes, buffer.getvalue()) - - except Exception as inst: - print("ERROR=" + str(inst)) - return (ELEMENT_NAME, None, None) + try: + log("in create normative type ", ELEMENT_NAME) + debug("userId", adminUser) + debug("fileDir", fileDir) + + buffer = StringIO() + c = pycurl.Curl() + + url = scheme + '://' + beHost + ':' + bePort + '/sdc2/rest/v1/catalog/upload/multipart' + if updateversion != None: + url += '?createNewVersion=' + updateversion + c.setopt(pycurl.URL, url) + c.setopt(pycurl.POST, 1) + + adminHeader = 'USER_ID: ' + adminUser + # c.setopt(pycurl.HTTPHEADER, ['Content-Type: application/json', 'Accept: application/json', adminHeader]) + c.setopt(pycurl.HTTPHEADER, [adminHeader]) + + yml_path = fileDir + ELEMENT_NAME + "/" + ELEMENT_NAME + ".yml" + path = fileDir + ELEMENT_NAME + "/" + ELEMENT_NAME + ".zip" + + zf = zipfile.ZipFile(path, "w") + zf.write(yml_path, ELEMENT_NAME + '.yml') + zf.close() + + debug(path) + CURRENT_JSON_FILE = fileDir + ELEMENT_NAME + "/" + ELEMENT_NAME + ".json" + # sed -i 's/"userId": ".*",/"userId": "'${USER_ID}'",/' ${CURRENT_JSON_FILE} + + jsonFile = open(CURRENT_JSON_FILE) + + debug("before load json") + json_data = json.load(jsonFile, strict=False) + debug(json_data) + + jsonAsStr = json.dumps(json_data) + + send = [('resourceMetadata', jsonAsStr), ('resourceZip', (pycurl.FORM_FILE, path))] + debug(send) + c.setopt(pycurl.HTTPPOST, send) + + # data = json.dumps(user) + # c.setopt(c.POSTFIELDS, data) + + if scheme == 'https': + # security "man in middle" vulnerability + c.setopt(pycurl.SSL_VERIFYPEER, 0) + c.setopt(pycurl.SSL_VERIFYHOST, 0) + + # c.setopt(c.WRITEFUNCTION, lambda x: None) + c.setopt(pycurl.WRITEFUNCTION, buffer.write) + # print("before perform") + c.perform() + + # print("Before get response code") + httpRes = c.getinfo(pycurl.RESPONSE_CODE) + if (httpRes != None): + debug("http response=", httpRes) + # print('Status: ' + str(responseCode)) + debug(buffer.getvalue()) + c.close() + + return ELEMENT_NAME, httpRes, buffer.getvalue() + + except Exception as inst: + print("ERROR=" + str(inst)) + return ELEMENT_NAME, None, None def usage(): - print sys.argv[0], '[optional -s <scheme> | --scheme=<scheme>, default http] [-i <be host> | --ip=<be host>] [-p <be port> | --port=<be port> ] [-u <user userId> | --user=<user userId> ] [-v <true|false> | --updateversion=<true|false>]' + print sys.argv[0], \ + '[optional -s <scheme> | --scheme=<scheme>, default http] [-i <be host> | ' \ + '--ip=<be host>] [-p <be port> | --port=<be port> ] [-u <user userId> | --user=<user userId> ] ' \ + '[-v <true|false> | --updateversion=<true|false>]' def importNormativeTypes(scheme, beHost, bePort, adminUser, fileDir, updateversion): - - normativeTypes = [ "root", "compute", "softwareComponent", "webServer", "webApplication", "DBMS", "database", "objectStorage", "blockStorage", "containerRuntime", "containerApplication", "loadBalancer", "port", "network"] - #normativeTypes = [ "root" ] - responseCodes = [200, 201] - - if(updateversion == 'false'): - responseCodes = [200, 201, 409] - - results = [] - for normativeType in normativeTypes: - result = createNormativeType(scheme, beHost, bePort, adminUser, fileDir, normativeType, updateversion) - results.append(result) - if ( result[1] == None or result[1] not in responseCodes ): - print "Failed creating normative type " + normativeType + ". " + str(result[1]) - return results + normativeTypes = ["root", "compute", "softwareComponent", "webServer", "webApplication", "DBMS", "database", + "objectStorage", "blockStorage", "containerRuntime", "containerApplication", "loadBalancer", + "port", "network"] + # normativeTypes = [ "root" ] + responseCodes = [200, 201] + + if (updateversion == 'false'): + responseCodes = [200, 201, 409] + + results = [] + for normativeType in normativeTypes: + result = createNormativeType(scheme, beHost, bePort, adminUser, fileDir, normativeType, updateversion) + results.append(result) + if (result[1] == None or result[1] not in responseCodes): + print "Failed creating normative type " + normativeType + ". " + str(result[1]) + return results def main(argv): - print 'Number of arguments:', len(sys.argv), 'arguments.' - - beHost = 'localhost' - bePort = '8080' - adminUser = 'jh0003' - updateversion = 'true' - scheme = 'http' - - try: - opts, args = getopt.getopt(argv,"i:p:u:v:h:s:",["ip=","port=","user=","updateversion=","scheme="]) - except getopt.GetoptError: - usage() - error_and_exit(2, 'Invalid input') - - for opt, arg in opts: - #print opt, arg - if opt == '-h': - usage() - sys.exit(3) - elif opt in ("-i", "--ip"): - beHost = arg - elif opt in ("-p", "--port"): - bePort = arg - elif opt in ("-u", "--user"): - adminUser = arg - elif opt in ("-s", "--scheme"): - scheme = arg - elif opt in ("-v", "--updateversion"): - if (arg.lower() == "false" or arg.lower() == "no"): - updateversion = 'false' - - print 'scheme =',scheme,', be host =',beHost,', be port =', bePort,', user =', adminUser, ', updateversion =', updateversion - - if ( beHost == None ): - usage() - sys.exit(3) - - results = importNormativeTypes(scheme, beHost, bePort, adminUser, "../../../import/tosca/normative-types/", updateversion) - - print "-----------------------------" - for result in results: - print "{0:20} | {1:6}".format(result[0], result[1]) - print "-----------------------------" - - responseCodes = [200, 201] - - if(updateversion == 'false'): - responseCodes = [200, 201, 409] - - failedNormatives = filter(lambda x: x[1] == None or x[1] not in responseCodes, results) - if (len(failedNormatives) > 0): - error_and_exit(1, None) - else: - error_and_exit(0, None) + print 'Number of arguments:', len(sys.argv), 'arguments.' + + beHost = 'localhost' + bePort = '8080' + adminUser = 'jh0003' + updateversion = 'true' + scheme = 'http' + + try: + opts, args = getopt.getopt(argv, "i:p:u:v:h:s:", ["ip=", "port=", "user=", "updateversion=", "scheme="]) + except getopt.GetoptError: + usage() + error_and_exit(2, 'Invalid input') + + for opt, arg in opts: + # print opt, arg + if opt == '-h': + usage() + sys.exit(3) + elif opt in ("-i", "--ip"): + beHost = arg + elif opt in ("-p", "--port"): + bePort = arg + elif opt in ("-u", "--user"): + adminUser = arg + elif opt in ("-s", "--scheme"): + scheme = arg + elif opt in ("-v", "--updateversion"): + if (arg.lower() == "false" or arg.lower() == "no"): + updateversion = 'false' + + print 'scheme =', scheme, ', be host =', beHost, ', be port =', bePort, ', user =', adminUser, ', updateversion =', updateversion + + if (beHost == None): + usage() + sys.exit(3) + + results = importNormativeTypes(scheme, beHost, bePort, adminUser, "../../../import/tosca/normative-types/", + updateversion) + + print "-----------------------------" + for result in results: + print "{0:20} | {1:6}".format(result[0], result[1]) + print "-----------------------------" + + responseCodes = [200, 201] + + if (updateversion == 'false'): + responseCodes = [200, 201, 409] + + failedNormatives = filter(lambda x: x[1] == None or x[1] not in responseCodes, results) + if (len(failedNormatives) > 0): + error_and_exit(1, None) + else: + error_and_exit(0, None) if __name__ == "__main__": - main(sys.argv[1:]) - + main(sys.argv[1:]) diff --git a/catalog-be/src/main/resources/scripts/import/tosca/importONAPNormativeAll.py b/catalog-be/src/main/resources/scripts/import/tosca/importONAPNormativeAll.py index 30b5a5435d..3e9103a95f 100644 --- a/catalog-be/src/main/resources/scripts/import/tosca/importONAPNormativeAll.py +++ b/catalog-be/src/main/resources/scripts/import/tosca/importONAPNormativeAll.py @@ -63,9 +63,11 @@ def main(argv): updateversion = 'true' importCommon.debugFlag = False scheme = 'http' + opts = [] try: - opts, args = getopt.getopt(argv,"i:p:u:d:v:h",["ip=","port=","user=","debug=","updateversion="]) + opts, args = getopt.getopt(argv, "i:p:u:d:v:h:s", + ["scheme=", "ip=", "port=", "user=", "debug=", "updateversion="]) except getopt.GetoptError: usage() error_and_exit(2, 'Invalid input') diff --git a/catalog-be/src/main/resources/scripts/import/tosca/upgradeONAPNormative.py b/catalog-be/src/main/resources/scripts/import/tosca/upgradeONAPNormative.py index c6d217f986..b4447c26d1 100644 --- a/catalog-be/src/main/resources/scripts/import/tosca/upgradeONAPNormative.py +++ b/catalog-be/src/main/resources/scripts/import/tosca/upgradeONAPNormative.py @@ -59,9 +59,11 @@ def main(argv): updateOnapVersion = 'false' importCommon.debugFlag = False scheme = 'http' + opts = [] try: - opts, args = getopt.getopt(argv,"i:p:u:d:h",["ip=","port=","user=","debug="]) + opts, args = getopt.getopt(argv, "i:p:u:d:v:h:s", + ["scheme=", "ip=", "port=", "user=", "debug=", "updateversion="]) except getopt.GetoptError: usage() error_and_exit(2, 'Invalid input') @@ -103,7 +105,7 @@ def main(argv): importCategories(scheme, beHost, bePort, adminUser, False, fileLocation) fileLocation = baseFileLocation + "relationship-types/" - importNormativeRelationships(scheme, beHost, bePort, adminUser, False, fileLocation) + importNormativeRelationships(scheme, beHost, bePort, adminUser, False, fileLocation) fileLocation = baseFileLocation + "data-types/" importDataTypes(scheme, beHost, bePort, adminUser, False, fileLocation) |