Fully HTTPS support in the dcaedt-tools

Fully HTTPS support: -Updated the onap/base_sdc-jetty docker image version -Updated the chef script to properly used of the new docker image -Updated jvm configuration to support call to the SDC components using HTTPS. -Added buildRestClient method to create the DcaeRestClient supporting the SSL connection -Checkstyle in the recipes adn tools.Main method -Update the docker_run.sh: - Change JAVA_OPTIONS -Update docker_run script -Add proper dependency in the pom (waiting for solving the SDC-2554 bug) Issue-ID: SDC-2552 Signed-off-by: Krystian Kedron <k.kedron@partner.samsung.com> Change-Id: Ie8dd1f54619f1101c13de13ae3cbb296bba57210
author: k.kedron <k.kedron@partner.samsung.com> 2019-09-05 17:50:23 +0200
committer: Ofir Sonsino <ofir.sonsino@intl.att.com> 2019-09-06 09:11:47 +0000
commit: 176a760ebe4293c19eeb96cf88269215fce870a9 (patch)
tree: c559a1f2bafbf6147612b88a46a0299a579af57f /dcaedt_tools
parent: 64636c2148414c1fa5da4b46a69570cdab003837 (diff)
3 files changed, 62 insertions, 16 deletions
diff --git a/dcaedt_tools/pom.xml b/dcaedt_tools/pom.xml
index 5e63939..d0d0976 100644
--- a/dcaedt_tools/pom.xml
+++ b/dcaedt_tools/pom.xml
@@ -74,7 +74,7 @@
                                     <goal>copy-resources</goal>
                                 </goals>
                                 <configuration>
-                                    <outputDirectory>${project.parent.basedir}/docker/docker_tools/chef-solo/cookbooks/Deploy-DCAE/files/default</outputDirectory>
+                                    <outputDirectory>${project.parent.basedir}/docker/docker_tools/chef-repo/cookbooks/Deploy-DCAE/files/default</outputDirectory>
                                     <resources>
                                         <resource>
                                             <directory>${project.basedir}/src/main/resources/conf</directory>
@@ -260,5 +260,16 @@
             <artifactId>spring-web</artifactId>
             <version>5.0.9.RELEASE</version>
         </dependency>
+<!-- TO-DO: UNCOMMENT WHEN SDC-2554 BUG WILL BE SOLVE-->
+<!--        <dependency>-->
+<!--            <groupId>org.springframework</groupId>-->
+<!--            <artifactId>spring-core</artifactId>-->
+<!--            <version>${org.springframework.version}</version>-->
+<!--        </dependency>-->
+<!--        <dependency>-->
+<!--            <groupId>org.slf4j</groupId>-->
+<!--            <artifactId>slf4j-simple</artifactId>-->
+<!--            <version>1.7.26</version>-->
+<!--        </dependency>-->
     </dependencies>
 </project>
diff --git a/dcaedt_tools/src/main/java/tools/Main.java b/dcaedt_tools/src/main/java/tools/Main.java
index 3517c35..18c1a89 100644
--- a/dcaedt_tools/src/main/java/tools/Main.java
+++ b/dcaedt_tools/src/main/java/tools/Main.java
@@ -65,22 +65,22 @@ public class Main {
         IReport report = new Report();
         try {
             ObjectMapper mapper = new ObjectMapper();
-            DeployTemplateConfig deployTemplateConfig = mapper.readValue(new File(System.getProperty(CONFIG_FILE, "conf/config.json")), DeployTemplateConfig.class);
-            Environment environment = mapper.readValue(new File(System.getProperty(ENVIRONMENT_CONFIG, "conf/environment.json")), Environment.class);
-
+            DeployTemplateConfig deployTemplateConfig =
+                mapper.readValue(new File(System.getProperty(CONFIG_FILE, "conf/config.json")),
+                    DeployTemplateConfig.class);
+            Environment environment = mapper.readValue(
+                new File(System.getProperty(ENVIRONMENT_CONFIG, "conf/environment.json")),
+                Environment.class);
             IDcaeRestClient dcaeRestClient = new DcaeRestClient(environment.getCredential());
             dcaeRestClient.init(environment);
-
             Map<String, List<Resource>> elementsByFolderNames = dcaeRestClient.getDcaeCatalog();
-
-            TemplateContainer templateContainer = new TemplateContainer(report, dcaeRestClient, deployTemplateConfig.getTemplateInfo(), elementsByFolderNames);
-            Map<TemplateInfo, JsonObject> templateInfoToJsonObjectMap = templateContainer.getCdumps();
-
+            TemplateContainer templateContainer = new TemplateContainer(report, dcaeRestClient,
+                deployTemplateConfig.getTemplateInfo(), elementsByFolderNames);
+            Map<TemplateInfo, JsonObject> templateInfoToJsonObjectMap =
+                templateContainer.getCdumps();
             DeployTemplate deployTemplate = new DeployTemplate(report, dcaeRestClient);
             deployTemplate.deploy(templateInfoToJsonObjectMap);
-
             debugLogger.log( "VFCMT template deployment completed");
-
         } catch (RuntimeException e) {
             errLogger.log("ERROR - Template deployment failed with error " + e, e);
             report.setStatusCode(2);
diff --git a/dcaedt_tools/src/main/java/utilities/DcaeRestClient.java b/dcaedt_tools/src/main/java/utilities/DcaeRestClient.java
index f786671..e550510 100644
--- a/dcaedt_tools/src/main/java/utilities/DcaeRestClient.java
+++ b/dcaedt_tools/src/main/java/utilities/DcaeRestClient.java
@@ -22,9 +22,19 @@ package utilities;
 
 import json.Credential;
 import json.Environment;
+import org.apache.http.config.Registry;
+import org.apache.http.config.RegistryBuilder;
+import org.apache.http.conn.socket.ConnectionSocketFactory;
+import org.apache.http.conn.socket.PlainConnectionSocketFactory;
+import org.apache.http.conn.ssl.NoopHostnameVerifier;
+import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
+import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
 import org.apache.http.impl.client.CloseableHttpClient;
 import org.apache.http.impl.client.HttpClientBuilder;
+import org.apache.http.impl.client.HttpClients;
+import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
 import org.apache.http.message.BasicHeader;
+import org.apache.http.ssl.SSLContextBuilder;
 import org.onap.sdc.dcae.composition.restmodels.CreateVFCMTRequest;
 import org.onap.sdc.dcae.composition.restmodels.canvas.DcaeComponentCatalog;
 import org.onap.sdc.dcae.composition.restmodels.sdc.Resource;
@@ -36,6 +46,10 @@ import org.springframework.web.client.RestTemplate;
 import tools.LoggerDebug;
 
 import javax.annotation.PostConstruct;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLException;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
@@ -49,7 +63,6 @@ public class DcaeRestClient implements IDcaeRestClient {
     private static LoggerDebug debugLogger = LoggerDebug.getInstance();
     private static final String GET_RESOURCES_BY_CATEGORY = "/getResourcesByCategory";
     private static final String CREATE_VFCMT = "/createVFCMT";
-    private static final String ELEMENTS = "/elements";
 	private static final String CATALOG = "/catalog";
 
 
@@ -75,11 +88,15 @@ public class DcaeRestClient implements IDcaeRestClient {
     public void init(Environment environment) {
         credential = environment.getCredential();
         debugLogger.log("Connecting to server host: " + environment.getDcaeBeHost() + ", port: " + environment.getDcaeBePort());
-        CloseableHttpClient httpClient = HttpClientBuilder.create().setDefaultHeaders(defaultHeaders(credential)).build();
-        HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory();
-        requestFactory.setHttpClient(httpClient);
-        client = new RestTemplate(requestFactory);
+        try {
+            HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory();
+            requestFactory.setHttpClient(buildRestClient());
+            client = new RestTemplate(requestFactory);
+        } catch (SSLException e) {
+            debugLogger.log("ERROR: Build rest client failed because: " + e.getMessage());
+        }
         uri = String.format("%s:%s%s", environment.getDcaeBeHost(), environment.getDcaeBePort(), environment.getApiPath());
+        debugLogger.log("end function");
     }
 
     private List<BasicHeader> defaultHeaders(Credential credential) {
@@ -176,4 +193,22 @@ public class DcaeRestClient implements IDcaeRestClient {
     public void updateResource(ResourceDetailed vfcmt) {
         // Do nothing
     }
+
+    private CloseableHttpClient buildRestClient() throws SSLException {
+        SSLContextBuilder builder = new SSLContextBuilder();
+        try {
+            builder.loadTrustMaterial(null, new TrustSelfSignedStrategy());
+            SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
+                SSLContext.getDefault(), NoopHostnameVerifier.INSTANCE);
+            Registry<ConnectionSocketFactory> registry =
+                RegistryBuilder.<ConnectionSocketFactory>create()
+                    .register("http", new PlainConnectionSocketFactory()).register("https", sslsf)
+                    .build();
+            PoolingHttpClientConnectionManager cm =
+                new PoolingHttpClientConnectionManager(registry);
+            return HttpClients.custom().setSSLSocketFactory(sslsf).setConnectionManager(cm).build();
+        } catch (NoSuchAlgorithmException | KeyStoreException e) {
+            throw new SSLException(e);
+        }
+    }
 }
author	k.kedron <k.kedron@partner.samsung.com>	2019-09-05 17:50:23 +0200
committer	Ofir Sonsino <ofir.sonsino@intl.att.com>	2019-09-06 09:11:47 +0000
commit	176a760ebe4293c19eeb96cf88269215fce870a9 (patch)
tree	c559a1f2bafbf6147612b88a46a0299a579af57f /dcaedt_tools
parent	64636c2148414c1fa5da4b46a69570cdab003837 (diff)