From 68830a739232e31feadc5b10c1e537197d86269f Mon Sep 17 00:00:00 2001 From: "k.kedron" Date: Tue, 27 Aug 2019 18:10:09 +0200 Subject: Fully HTTPS support in the catalog-be Fully HTTPS support: -Updated jvm configuration to support call to the SDC components using HTTPS. -Checkstyle in the recipes -Add support for disableHttp flag in the chef script -Add support for change the http to https in the python script -Fixed the --schema param in the importONAPNormativeALL and upgradeONAPNormative python scripts -Checkstyle in the importX python script -Disabled pycurl.SSL_VERIFYHOST to fix communication with the be component Issue-ID: SDC-2501 Signed-off-by: Krystian Kedron Change-Id: I588ba21638083694932a1af272f3bcbaa98268a7 --- .../recipes/1_create_consumer_and_user.rb | 27 +- .../recipes/2_check_Backend.rb | 17 +- .../recipes/3_import_Normatives.rb | 33 ++- .../templates/default/check_Backend_Health.py.erb | 3 +- .../templates/default/consumers.py.erb | 7 +- .../templates/default/user.py.erb | 7 +- .../cookbooks/sdc-catalog-be/attributes/default.rb | 2 + .../recipes/BE_2_setup_configuration.rb | 8 +- catalog-be/sdc-backend/startup.sh | 9 +- .../import/tosca/importNormativeElements.py | 26 +- .../scripts/import/tosca/importNormativeTypes.py | 281 +++++++++++---------- .../scripts/import/tosca/importONAPNormativeAll.py | 4 +- .../scripts/import/tosca/upgradeONAPNormative.py | 6 +- 13 files changed, 242 insertions(+), 188 deletions(-) diff --git a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/1_create_consumer_and_user.rb b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/1_create_consumer_and_user.rb index 14085bd0cb..97d140ab1f 100644 --- a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/1_create_consumer_and_user.rb +++ b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/1_create_consumer_and_user.rb @@ -1,34 +1,45 @@ -template "/tmp/user.py" do +if node['disableHttp'] + protocol = "https" + be_port = node['BE']['https_port'] +else + protocol = "http" + be_port = node['BE']['http_port'] +end + + +template "/var/tmp/user.py" do source "user.py.erb" sensitive true mode 0755 variables({ + :protocol => protocol, :be_ip => node['Nodes']['BE'], - :be_port => node['BE']['http_port'] + :be_port => be_port }) end -bash "excuting-create_user" do +bash "executing-create_user" do code <<-EOH - python /tmp/user.py + python /var/tmp/user.py rc=$? if [[ $rc != 0 ]]; then exit $rc; fi EOH end -template "/tmp/consumers.py" do +template "/var/tmp/consumers.py" do source "consumers.py.erb" sensitive true mode 0755 variables({ + :protocol => protocol, :be_ip => node['Nodes']['BE'], - :be_port => node['BE']['http_port'] + :be_port => be_port }) end -bash "excuting-consumers" do +bash "executing-consumers" do code <<-EOH - python /tmp/consumers.py + python /var/tmp/consumers.py rc=$? if [[ $rc != 0 ]]; then exit $rc; fi EOH diff --git a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/2_check_Backend.rb b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/2_check_Backend.rb index b929637b1a..0a551f2a52 100644 --- a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/2_check_Backend.rb +++ b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/2_check_Backend.rb @@ -1,16 +1,25 @@ -template "/tmp/check_Backend_Health.py" do +if node['disableHttp'] + protocol = "https" + be_port = node['BE']['https_port'] +else + protocol = "http" + be_port = node['BE']['http_port'] +end + +template "/var/tmp/check_Backend_Health.py" do source "check_Backend_Health.py.erb" sensitive true mode 0755 variables({ + :protocol => protocol, :be_ip => node['Nodes']['BE'], - :be_port => node['BE']['http_port'] + :be_port => be_port }) end -bash "excuting-check_Backend_Health" do +bash "executing-check_Backend_Health" do code <<-EOH - python /tmp/check_Backend_Health.py + python /var/tmp/check_Backend_Health.py rc=$? if [[ $rc != 0 ]]; then exit $rc; fi EOH diff --git a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/3_import_Normatives.rb b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/3_import_Normatives.rb index e8dc9675d1..b640b3afe9 100644 --- a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/3_import_Normatives.rb +++ b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/3_import_Normatives.rb @@ -1,37 +1,46 @@ -cookbook_file "/tmp/normatives.tar.gz" do +be_ip=node['Nodes'][:BE] + +if node['disableHttp'] + protocol = "https" + be_port = node['BE']['https_port'] + param="-i #{be_ip} -p #{be_port} --scheme #{protocol}" +else + protocol = "http" + be_port = node['BE']['http_port'] + param="-i #{be_ip} -p #{be_port}" +end + +cookbook_file "/var/tmp/normatives.tar.gz" do source "normatives.tar.gz" end -be_ip=node['Nodes'][:BE] -be_port=node['BE']['http_port'] - -bash "excuting-import_Normatives" do +bash "executing-import_Normatives" do code <<-EOH set -x - cd /tmp - tar xvfz /tmp/normatives.tar.gz - cd /tmp/normatives/scripts/import/tosca/ + cd /var/tmp + tar xvfz /var/tmp/normatives.tar.gz + cd /var/tmp/normatives/scripts/import/tosca/ /bin/chmod +x *.py # executing the normatives # add --debug=true to the importNormativeAll.py arguments to enable debug check_normative="/tmp/check_normative.out" - status_code=$(curl -s -o ${check_normative} -w "%{http_code}\\n" -X GET -H 'Content-Type: application/json;charset=UTF-8' -H 'USER_ID: jh0003' -H 'X-ECOMP-RequestID: cbe744a0-037b-458f-aab5-df6e543c4090' "http://#{be_ip}:#{be_port}/sdc2/rest/v1/screen") + status_code=$(curl -k -s -o ${check_normative} -w "%{http_code}\\n" -X GET -H 'Content-Type: application/json;charset=UTF-8' -H 'USER_ID: jh0003' -H 'X-ECOMP-RequestID: cbe744a0-037b-458f-aab5-df6e543c4090' "#{protocol}://#{be_ip}:#{be_port}/sdc2/rest/v1/screen") if [ "$status_code" != 200 ] ; then exit "$status_code" fi - #curl -s -X GET -H "Content-Type: application/json;charset=UTF-8" -H "USER_ID: jh0003" -H "X-ECOMP-RequestID: cbe744a0-037b-458f-aab5-df6e543c4090" "http://#{be_ip}:#{be_port}/sdc2/rest/v1/screen" > ${check_normative} + #curl -s -X GET -H "Content-Type: application/json;charset=UTF-8" -H "USER_ID: jh0003" -H "X-ECOMP-RequestID: cbe744a0-037b-458f-aab5-df6e543c4090" "#{protocol}://#{be_ip}:#{be_port}/sdc2/rest/v1/screen" > ${check_normative} resources_len=`cat ${check_normative}| jq '.["resources"]|length'` mkdir -p /var/lib/jetty/logs if [ $resources_len -eq 0 ] ; then - python importONAPNormativeAll.py -i #{be_ip} -p #{be_port} > /var/lib/jetty/logs/importNormativeAll.log + python importONAPNormativeAll.py #{param} > /var/lib/jetty/logs/importNormativeAll.log rc=$? if [[ $rc != 0 ]]; then exit $rc; fi else - python upgradeONAPNormative.py -i #{be_ip} -p #{be_port} > /var/lib/jetty/logs/upgradeNormative.log + python upgradeONAPNormative.py #{param} > /var/lib/jetty/logs/upgradeNormative.log rc=$? if [[ $rc != 0 ]]; then exit $rc; fi fi diff --git a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/templates/default/check_Backend_Health.py.erb b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/templates/default/check_Backend_Health.py.erb index 60e2da16e7..eb77f93c33 100644 --- a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/templates/default/check_Backend_Health.py.erb +++ b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/templates/default/check_Backend_Health.py.erb @@ -7,6 +7,7 @@ from datetime import datetime beStat=0 BE_IP="<%= @be_ip %>" BE_PORT="<%= @be_port %>" +PROTOCOL="<%= @protocol %>" class bcolors: HEADER = '\033[95m' @@ -23,7 +24,7 @@ class bcolors: # Functions ############################## def checkBackend(): - command="curl -s -o /dev/null -I -w \"%{http_code}\" -i http://" + BE_IP + ":" + BE_PORT + "/sdc2/rest/v1/user/jh0003" + command="curl -k -s -o /dev/null -I -w \"%{http_code}\" -i "+PROTOCOL+"://" + BE_IP + ":" + BE_PORT + "/sdc2/rest/v1/user/jh0003" proc = subprocess.Popen( command , shell=True , stdout=subprocess.PIPE ) (out, err) = proc.communicate() diff --git a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/templates/default/consumers.py.erb b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/templates/default/consumers.py.erb index c5933201c1..798d79337c 100644 --- a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/templates/default/consumers.py.erb +++ b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/templates/default/consumers.py.erb @@ -6,6 +6,7 @@ from datetime import datetime BE_IP="<%= @be_ip %>" BE_PORT="<%= @be_port %>" +PROTOCOL="<%= @protocol %>" class bcolors: HEADER = '\033[95m' @@ -22,7 +23,7 @@ class bcolors: # Functions ############################## def checkBackend(): - command="curl -s -o /dev/null -I -w \"%{http_code}\" -i http://" + BE_IP + ":" + BE_PORT + "/sdc2/rest/v1/user/jh0003" + command="curl -k -s -o /dev/null -I -w \"%{http_code}\" -i "+PROTOCOL+"://" + BE_IP + ":" + BE_PORT + "/sdc2/rest/v1/user/jh0003" proc = subprocess.Popen( command , shell=True , stdout=subprocess.PIPE ) (out, err) = proc.communicate() @@ -31,7 +32,7 @@ def checkBackend(): def checkConsumer(consumerName): - command="curl -s -o /dev/null -I -w \"%{http_code}\" -i -H \"Accept: application/json; charset=UTF-8\" -H \"Content-Type: application/json\" -H \"USER_ID: jh0003\" http://" + BE_IP + ":" + BE_PORT + "/sdc2/rest/v1/consumers/" + consumerName + command="curl -k -s -o /dev/null -I -w \"%{http_code}\" -i -H \"Accept: application/json; charset=UTF-8\" -H \"Content-Type: application/json\" -H \"USER_ID: jh0003\" "+PROTOCOL+"://" + BE_IP + ":" + BE_PORT + "/sdc2/rest/v1/consumers/" + consumerName proc = subprocess.Popen( command , shell=True , stdout=subprocess.PIPE ) (out, err) = proc.communicate() @@ -41,7 +42,7 @@ def checkConsumer(consumerName): def createConsumer( consumerName, consumerSalt, consumerPass ): print '[INFO] ' + consumerName - command="curl -s -o /dev/null -w \"%{http_code}\" -X POST -i -H \"Accept: application/json; charset=UTF-8\" -H \"Content-Type: application/json\" -H \"USER_ID: jh0003\" http://" + BE_IP + ":" + BE_PORT + "/sdc2/rest/v1/consumers/ -d '{\"consumerName\": '" + consumerName + "', \"consumerSalt\": '" + consumerSalt + "',\"consumerPassword\": '" + consumerPass + "'}'" + command="curl -k -s -o /dev/null -w \"%{http_code}\" -X POST -i -H \"Accept: application/json; charset=UTF-8\" -H \"Content-Type: application/json\" -H \"USER_ID: jh0003\" "+PROTOCOL+"://" + BE_IP + ":" + BE_PORT + "/sdc2/rest/v1/consumers/ -d '{\"consumerName\": '" + consumerName + "', \"consumerSalt\": '" + consumerSalt + "',\"consumerPassword\": '" + consumerPass + "'}'" proc = subprocess.Popen( command , shell=True , stdout=subprocess.PIPE) diff --git a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/templates/default/user.py.erb b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/templates/default/user.py.erb index a97e451a84..f17ac8a22e 100644 --- a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/templates/default/user.py.erb +++ b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/templates/default/user.py.erb @@ -6,6 +6,7 @@ from datetime import datetime BE_IP="<%= @be_ip %>" BE_PORT="<%= @be_port %>" +PROTOCOL="<%= @protocol %>" class bcolors: HEADER = '\033[95m' @@ -22,7 +23,7 @@ class bcolors: # Functions ############################## def checkBackend(): - command="curl -s -o /dev/null -I -w \"%{http_code}\" -i -H \"Accept: application/json; charset=UTF-8\" -H \"Content-Type: application/json\" -H \"USER_ID: jh0003\" http://" + BE_IP + ":" + BE_PORT + "/sdc2/rest/v1/user/jh0003" + command="curl -k -s -o /dev/null -I -w \"%{http_code}\" -i -H \"Accept: application/json; charset=UTF-8\" -H \"Content-Type: application/json\" -H \"USER_ID: jh0003\" "+PROTOCOL+"://" + BE_IP + ":" + BE_PORT + "/sdc2/rest/v1/user/jh0003" proc = subprocess.Popen( command , shell=True , stdout=subprocess.PIPE ) (out, err) = proc.communicate() @@ -31,7 +32,7 @@ def checkBackend(): def checkUser(userName): - command="curl -s -o /dev/null -I -w \"%{http_code}\" -i -H \"Accept: application/json; charset=UTF-8\" -H \"Content-Type: application/json\" -H \"USER_ID: jh0003\" http://" + BE_IP + ":" + BE_PORT + "/sdc2/rest/v1/user/" + userName + command="curl -k -s -o /dev/null -I -w \"%{http_code}\" -i -H \"Accept: application/json; charset=UTF-8\" -H \"Content-Type: application/json\" -H \"USER_ID: jh0003\" "+PROTOCOL+"://" + BE_IP + ":" + BE_PORT + "/sdc2/rest/v1/user/" + userName proc = subprocess.Popen( command , shell=True , stdout=subprocess.PIPE ) (out, err) = proc.communicate() @@ -43,7 +44,7 @@ def checkUser(userName): def createUser( firstName, lastName, userId , email_dom , role ): print '[INFO] create first:[' + firstName + '], last:[' + lastName + '], Id:[' + userId + '], email:[' + userId + '@' + email_dom + '], role:[' + role +']' - command="curl -s -o /dev/null -w \"%{http_code}\" -X POST -i -H \"Accept: application/json; charset=UTF-8\" -H \"Content-Type: application/json\" -H \"USER_ID: jh0003\" http://" + BE_IP + ":" + BE_PORT + "/sdc2/rest/v1/user/ -d '{\"firstName\": '" + firstName + "', \"lastName\": '" + lastName + "',\"userId\": '" + userId + "',\"email\": '" + userId + "@" + email_dom + "',\"role\": '" + role + "'}'" + command="curl -k -s -o /dev/null -w \"%{http_code}\" -X POST -i -H \"Accept: application/json; charset=UTF-8\" -H \"Content-Type: application/json\" -H \"USER_ID: jh0003\" "+PROTOCOL+"://" + BE_IP + ":" + BE_PORT + "/sdc2/rest/v1/user/ -d '{\"firstName\": '" + firstName + "', \"lastName\": '" + lastName + "',\"userId\": '" + userId + "',\"email\": '" + userId + "@" + email_dom + "',\"role\": '" + role + "'}'" proc = subprocess.Popen( command , shell=True , stdout=subprocess.PIPE) (out, err) = proc.communicate() diff --git a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/attributes/default.rb b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/attributes/default.rb index af1726a977..d919088f1d 100644 --- a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/attributes/default.rb +++ b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/attributes/default.rb @@ -5,6 +5,8 @@ default['FE'][:http_port] = 8181 default['FE'][:https_port] = 9443 default['disableHttp'] = true default['cassandra'][:truststore_password] = "Aa123456" +# TO CHANGE THE TRUSTSTORE CERT THE JVM CONFIGURATION +# MUST BE ALSO CHANGE IN THE startup.sh FILE default['jetty'][:keystore_pwd] = "rTIS;B4kM]2GHcNK2c3B4&Ng" default['jetty'][:keymanager_pwd] = "rTIS;B4kM]2GHcNK2c3B4&Ng" default['jetty'][:truststore_pwd] = "Y,f975ZNJfVZhV*{+Y[}pA?0" diff --git a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_2_setup_configuration.rb b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_2_setup_configuration.rb index 20c144c056..6f455fc6f3 100644 --- a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_2_setup_configuration.rb +++ b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_2_setup_configuration.rb @@ -2,11 +2,11 @@ replication_factor=node['cassandra']['replication_factor'] if node['Pair_EnvName'] == "" - janusgraph_dcname_with_rep = node['cassandra']['datacenter_name'] + "," + replication_factor.to_s - conf_dcname_with_rep = node['cassandra']['datacenter_name'] + "','" + replication_factor.to_s + janusgraph_dcname_with_rep = node['cassandra']['datacenter_name'] + "," + replication_factor.to_s + conf_dcname_with_rep = node['cassandra']['datacenter_name'] + "','" + replication_factor.to_s else - janusgraph_dcname_with_rep = node['cassandra']['datacenter_name'] + "," + replication_factor.to_s + "," + node['cassandra']['cluster_name'] + node['Pair_EnvName'] + "," + replication_factor.to_s - conf_dcname_with_rep = node['cassandra']['datacenter_name'] + "','" + replication_factor.to_s + "','" + node['cassandra']['cluster_name'] + node['Pair_EnvName'] + "','" + replication_factor.to_s + janusgraph_dcname_with_rep = node['cassandra']['datacenter_name'] + "," + replication_factor.to_s + "," + node['cassandra']['cluster_name'] + node['Pair_EnvName'] + "," + replication_factor.to_s + conf_dcname_with_rep = node['cassandra']['datacenter_name'] + "','" + replication_factor.to_s + "','" + node['cassandra']['cluster_name'] + node['Pair_EnvName'] + "','" + replication_factor.to_s end diff --git a/catalog-be/sdc-backend/startup.sh b/catalog-be/sdc-backend/startup.sh index b2941372f3..1797c75c50 100644 --- a/catalog-be/sdc-backend/startup.sh +++ b/catalog-be/sdc-backend/startup.sh @@ -1,6 +1,13 @@ #!/bin/sh -JAVA_OPTIONS=" ${JAVA_OPTIONS} -Dconfig.home=${JETTY_BASE}/config -Dlog.home=${JETTY_BASE}/logs -Dlogback.configurationFile=${JETTY_BASE}/config/catalog-be/logback.xml -Dconfiguration.yaml=${JETTY_BASE}/config/catalog-be/configuration.yaml -Donboarding_configuration.yaml=${JETTY_BASE}/config/onboarding-be/onboarding_configuration.yaml" +JAVA_OPTIONS=" ${JAVA_OPTIONS} \ + -Dconfig.home=${JETTY_BASE}/config -Dlog.home=${JETTY_BASE}/logs \ + -Dlogback.configurationFile=${JETTY_BASE}/config/catalog-be/logback.xml \ + -Dconfiguration.yaml=${JETTY_BASE}/config/catalog-be/configuration.yaml \ + -Donboarding_configuration.yaml=${JETTY_BASE}/config/onboarding-be/onboarding_configuration.yaml \ + -Djavax.net.ssl.trustStore=${JETTY_BASE}/etc/org.onap.sdc.trust.jks \ + -Djavax.net.ssl.trustStorePassword=Y,f975ZNJfVZhV*{+Y[}pA?0 \ + -Djetty.console-capture.dir=${JETTY_BASE}/logs" cd /root/chef-solo chef-solo -c solo.rb -E ${ENVNAME} diff --git a/catalog-be/src/main/resources/scripts/import/tosca/importNormativeElements.py b/catalog-be/src/main/resources/scripts/import/tosca/importNormativeElements.py index 453ee3aebc..3d5e9fd13b 100644 --- a/catalog-be/src/main/resources/scripts/import/tosca/importNormativeElements.py +++ b/catalog-be/src/main/resources/scripts/import/tosca/importNormativeElements.py @@ -17,9 +17,11 @@ from importCommon import * # python importUsers.py [-f | --ifile= ] # # # ################################################################################################################################################################################# -def import_element(scheme, be_host, be_port, admin_user, exit_on_success, file_dir, url_suffix, element_name, element_form_name, +def import_element(scheme, be_host, be_port, admin_user, exit_on_success, file_dir, url_suffix, element_name, + element_form_name, with_metadata=False): - result = createNormativeElement(scheme, be_host, be_port, admin_user, file_dir, url_suffix, element_name, element_form_name, with_metadata) + result = createNormativeElement(scheme, be_host, be_port, admin_user, file_dir, url_suffix, element_name, + element_form_name, with_metadata) print_frame_line() print_name_and_return_code(result[0], result[1]) print_frame_line() @@ -31,7 +33,6 @@ def import_element(scheme, be_host, be_port, admin_user, exit_on_success, file_d error_and_exit(0, None) - def createNormativeElement(scheme, be_host, be_port, admin_user, file_dir, url_suffix, element_name, element_form_name, with_metadata=False): try: @@ -40,34 +41,37 @@ def createNormativeElement(scheme, be_host, be_port, admin_user, file_dir, url_s c = pycurl.Curl() url = scheme + '://' + be_host + ':' + be_port + url_suffix - c.setopt(c.URL, url) - c.setopt(c.POST, 1) + c.setopt(pycurl.URL, url) + c.setopt(pycurl.POST, 1) admin_header = 'USER_ID: ' + admin_user c.setopt(pycurl.HTTPHEADER, [admin_header]) type_file_name = file_dir + "/" + element_name - multi_part_form_data = create_multipart_form_data(element_form_name, type_file_name, with_metadata, element_name) + multi_part_form_data = create_multipart_form_data(element_form_name, type_file_name, with_metadata, + element_name) c.setopt(pycurl.HTTPPOST, multi_part_form_data) - c.setopt(c.WRITEFUNCTION, buffer.write) + c.setopt(pycurl.WRITEFUNCTION, buffer.write) if scheme == 'https': - c.setopt(c.SSL_VERIFYPEER, 0) + # security "man in middle" vulnerability + c.setopt(pycurl.SSL_VERIFYPEER, 0) + c.setopt(pycurl.SSL_VERIFYHOST, 0) c.perform() - http_res = c.getinfo(c.RESPONSE_CODE) + http_res = c.getinfo(pycurl.RESPONSE_CODE) if http_res is not None: debug("http response=", http_res) debug("response buffer", buffer.getvalue()) c.close() - return (element_name, http_res, buffer.getvalue()) + return element_name, http_res, buffer.getvalue() except Exception as inst: print("ERROR=" + str(inst)) - return (element_name, None, None) + return element_name, None, None def create_multipart_form_data(element_form_name, type_file_name, with_metadata, element_name): diff --git a/catalog-be/src/main/resources/scripts/import/tosca/importNormativeTypes.py b/catalog-be/src/main/resources/scripts/import/tosca/importNormativeTypes.py index 511e8417e4..b74cead75e 100644 --- a/catalog-be/src/main/resources/scripts/import/tosca/importNormativeTypes.py +++ b/catalog-be/src/main/resources/scripts/import/tosca/importNormativeTypes.py @@ -19,153 +19,158 @@ import importCommon ######################################################################################################################################################################################### def createNormativeType(scheme, beHost, bePort, adminUser, fileDir, ELEMENT_NAME, updateversion): - - try: - log("in create normative type ", ELEMENT_NAME) - debug("userId", adminUser) - debug("fileDir", fileDir) - - buffer = StringIO() - c = pycurl.Curl() - - url = scheme + '://' + beHost + ':' + bePort + '/sdc2/rest/v1/catalog/upload/multipart' - if updateversion != None: - url += '?createNewVersion=' + updateversion - c.setopt(c.URL, url) - c.setopt(c.POST, 1) - - adminHeader = 'USER_ID: ' + adminUser - #c.setopt(pycurl.HTTPHEADER, ['Content-Type: application/json', 'Accept: application/json', adminHeader]) - c.setopt(pycurl.HTTPHEADER, [adminHeader]) - - yml_path = fileDir + ELEMENT_NAME + "/" + ELEMENT_NAME + ".yml" - path = fileDir + ELEMENT_NAME + "/" + ELEMENT_NAME + ".zip" - - zf = zipfile.ZipFile(path, "w") - zf.write(yml_path, ELEMENT_NAME + '.yml') - zf.close() - - debug(path) - CURRENT_JSON_FILE=fileDir + ELEMENT_NAME + "/" + ELEMENT_NAME + ".json" - #sed -i 's/"userId": ".*",/"userId": "'${USER_ID}'",/' ${CURRENT_JSON_FILE} - - jsonFile = open(CURRENT_JSON_FILE) - - debug("before load json") - json_data = json.load(jsonFile, strict=False) - debug(json_data) - - jsonAsStr = json.dumps(json_data) - - send = [('resourceMetadata', jsonAsStr), ('resourceZip', (pycurl.FORM_FILE, path))] - debug(send) - c.setopt(pycurl.HTTPPOST, send) - - #data = json.dumps(user) - #c.setopt(c.POSTFIELDS, data) - - if scheme == 'https': - c.setopt(c.SSL_VERIFYPEER, 0) - - #c.setopt(c.WRITEFUNCTION, lambda x: None) - c.setopt(c.WRITEFUNCTION, buffer.write) - #print("before perform") - res = c.perform() - - #print("Before get response code") - httpRes = c.getinfo(c.RESPONSE_CODE) - if (httpRes != None): - debug("http response=", httpRes) - #print('Status: ' + str(responseCode)) - debug(buffer.getvalue()) - c.close() - - return (ELEMENT_NAME, httpRes, buffer.getvalue()) - - except Exception as inst: - print("ERROR=" + str(inst)) - return (ELEMENT_NAME, None, None) + try: + log("in create normative type ", ELEMENT_NAME) + debug("userId", adminUser) + debug("fileDir", fileDir) + + buffer = StringIO() + c = pycurl.Curl() + + url = scheme + '://' + beHost + ':' + bePort + '/sdc2/rest/v1/catalog/upload/multipart' + if updateversion != None: + url += '?createNewVersion=' + updateversion + c.setopt(pycurl.URL, url) + c.setopt(pycurl.POST, 1) + + adminHeader = 'USER_ID: ' + adminUser + # c.setopt(pycurl.HTTPHEADER, ['Content-Type: application/json', 'Accept: application/json', adminHeader]) + c.setopt(pycurl.HTTPHEADER, [adminHeader]) + + yml_path = fileDir + ELEMENT_NAME + "/" + ELEMENT_NAME + ".yml" + path = fileDir + ELEMENT_NAME + "/" + ELEMENT_NAME + ".zip" + + zf = zipfile.ZipFile(path, "w") + zf.write(yml_path, ELEMENT_NAME + '.yml') + zf.close() + + debug(path) + CURRENT_JSON_FILE = fileDir + ELEMENT_NAME + "/" + ELEMENT_NAME + ".json" + # sed -i 's/"userId": ".*",/"userId": "'${USER_ID}'",/' ${CURRENT_JSON_FILE} + + jsonFile = open(CURRENT_JSON_FILE) + + debug("before load json") + json_data = json.load(jsonFile, strict=False) + debug(json_data) + + jsonAsStr = json.dumps(json_data) + + send = [('resourceMetadata', jsonAsStr), ('resourceZip', (pycurl.FORM_FILE, path))] + debug(send) + c.setopt(pycurl.HTTPPOST, send) + + # data = json.dumps(user) + # c.setopt(c.POSTFIELDS, data) + + if scheme == 'https': + # security "man in middle" vulnerability + c.setopt(pycurl.SSL_VERIFYPEER, 0) + c.setopt(pycurl.SSL_VERIFYHOST, 0) + + # c.setopt(c.WRITEFUNCTION, lambda x: None) + c.setopt(pycurl.WRITEFUNCTION, buffer.write) + # print("before perform") + c.perform() + + # print("Before get response code") + httpRes = c.getinfo(pycurl.RESPONSE_CODE) + if (httpRes != None): + debug("http response=", httpRes) + # print('Status: ' + str(responseCode)) + debug(buffer.getvalue()) + c.close() + + return ELEMENT_NAME, httpRes, buffer.getvalue() + + except Exception as inst: + print("ERROR=" + str(inst)) + return ELEMENT_NAME, None, None def usage(): - print sys.argv[0], '[optional -s | --scheme=, default http] [-i | --ip=] [-p | --port= ] [-u | --user= ] [-v | --updateversion=]' + print sys.argv[0], \ + '[optional -s | --scheme=, default http] [-i | ' \ + '--ip=] [-p | --port= ] [-u | --user= ] ' \ + '[-v | --updateversion=]' def importNormativeTypes(scheme, beHost, bePort, adminUser, fileDir, updateversion): - - normativeTypes = [ "root", "compute", "softwareComponent", "webServer", "webApplication", "DBMS", "database", "objectStorage", "blockStorage", "containerRuntime", "containerApplication", "loadBalancer", "port", "network"] - #normativeTypes = [ "root" ] - responseCodes = [200, 201] - - if(updateversion == 'false'): - responseCodes = [200, 201, 409] - - results = [] - for normativeType in normativeTypes: - result = createNormativeType(scheme, beHost, bePort, adminUser, fileDir, normativeType, updateversion) - results.append(result) - if ( result[1] == None or result[1] not in responseCodes ): - print "Failed creating normative type " + normativeType + ". " + str(result[1]) - return results + normativeTypes = ["root", "compute", "softwareComponent", "webServer", "webApplication", "DBMS", "database", + "objectStorage", "blockStorage", "containerRuntime", "containerApplication", "loadBalancer", + "port", "network"] + # normativeTypes = [ "root" ] + responseCodes = [200, 201] + + if (updateversion == 'false'): + responseCodes = [200, 201, 409] + + results = [] + for normativeType in normativeTypes: + result = createNormativeType(scheme, beHost, bePort, adminUser, fileDir, normativeType, updateversion) + results.append(result) + if (result[1] == None or result[1] not in responseCodes): + print "Failed creating normative type " + normativeType + ". " + str(result[1]) + return results def main(argv): - print 'Number of arguments:', len(sys.argv), 'arguments.' - - beHost = 'localhost' - bePort = '8080' - adminUser = 'jh0003' - updateversion = 'true' - scheme = 'http' - - try: - opts, args = getopt.getopt(argv,"i:p:u:v:h:s:",["ip=","port=","user=","updateversion=","scheme="]) - except getopt.GetoptError: - usage() - error_and_exit(2, 'Invalid input') - - for opt, arg in opts: - #print opt, arg - if opt == '-h': - usage() - sys.exit(3) - elif opt in ("-i", "--ip"): - beHost = arg - elif opt in ("-p", "--port"): - bePort = arg - elif opt in ("-u", "--user"): - adminUser = arg - elif opt in ("-s", "--scheme"): - scheme = arg - elif opt in ("-v", "--updateversion"): - if (arg.lower() == "false" or arg.lower() == "no"): - updateversion = 'false' - - print 'scheme =',scheme,', be host =',beHost,', be port =', bePort,', user =', adminUser, ', updateversion =', updateversion - - if ( beHost == None ): - usage() - sys.exit(3) - - results = importNormativeTypes(scheme, beHost, bePort, adminUser, "../../../import/tosca/normative-types/", updateversion) - - print "-----------------------------" - for result in results: - print "{0:20} | {1:6}".format(result[0], result[1]) - print "-----------------------------" - - responseCodes = [200, 201] - - if(updateversion == 'false'): - responseCodes = [200, 201, 409] - - failedNormatives = filter(lambda x: x[1] == None or x[1] not in responseCodes, results) - if (len(failedNormatives) > 0): - error_and_exit(1, None) - else: - error_and_exit(0, None) + print 'Number of arguments:', len(sys.argv), 'arguments.' + + beHost = 'localhost' + bePort = '8080' + adminUser = 'jh0003' + updateversion = 'true' + scheme = 'http' + + try: + opts, args = getopt.getopt(argv, "i:p:u:v:h:s:", ["ip=", "port=", "user=", "updateversion=", "scheme="]) + except getopt.GetoptError: + usage() + error_and_exit(2, 'Invalid input') + + for opt, arg in opts: + # print opt, arg + if opt == '-h': + usage() + sys.exit(3) + elif opt in ("-i", "--ip"): + beHost = arg + elif opt in ("-p", "--port"): + bePort = arg + elif opt in ("-u", "--user"): + adminUser = arg + elif opt in ("-s", "--scheme"): + scheme = arg + elif opt in ("-v", "--updateversion"): + if (arg.lower() == "false" or arg.lower() == "no"): + updateversion = 'false' + + print 'scheme =', scheme, ', be host =', beHost, ', be port =', bePort, ', user =', adminUser, ', updateversion =', updateversion + + if (beHost == None): + usage() + sys.exit(3) + + results = importNormativeTypes(scheme, beHost, bePort, adminUser, "../../../import/tosca/normative-types/", + updateversion) + + print "-----------------------------" + for result in results: + print "{0:20} | {1:6}".format(result[0], result[1]) + print "-----------------------------" + + responseCodes = [200, 201] + + if (updateversion == 'false'): + responseCodes = [200, 201, 409] + + failedNormatives = filter(lambda x: x[1] == None or x[1] not in responseCodes, results) + if (len(failedNormatives) > 0): + error_and_exit(1, None) + else: + error_and_exit(0, None) if __name__ == "__main__": - main(sys.argv[1:]) - + main(sys.argv[1:]) diff --git a/catalog-be/src/main/resources/scripts/import/tosca/importONAPNormativeAll.py b/catalog-be/src/main/resources/scripts/import/tosca/importONAPNormativeAll.py index 30b5a5435d..3e9103a95f 100644 --- a/catalog-be/src/main/resources/scripts/import/tosca/importONAPNormativeAll.py +++ b/catalog-be/src/main/resources/scripts/import/tosca/importONAPNormativeAll.py @@ -63,9 +63,11 @@ def main(argv): updateversion = 'true' importCommon.debugFlag = False scheme = 'http' + opts = [] try: - opts, args = getopt.getopt(argv,"i:p:u:d:v:h",["ip=","port=","user=","debug=","updateversion="]) + opts, args = getopt.getopt(argv, "i:p:u:d:v:h:s", + ["scheme=", "ip=", "port=", "user=", "debug=", "updateversion="]) except getopt.GetoptError: usage() error_and_exit(2, 'Invalid input') diff --git a/catalog-be/src/main/resources/scripts/import/tosca/upgradeONAPNormative.py b/catalog-be/src/main/resources/scripts/import/tosca/upgradeONAPNormative.py index c6d217f986..b4447c26d1 100644 --- a/catalog-be/src/main/resources/scripts/import/tosca/upgradeONAPNormative.py +++ b/catalog-be/src/main/resources/scripts/import/tosca/upgradeONAPNormative.py @@ -59,9 +59,11 @@ def main(argv): updateOnapVersion = 'false' importCommon.debugFlag = False scheme = 'http' + opts = [] try: - opts, args = getopt.getopt(argv,"i:p:u:d:h",["ip=","port=","user=","debug="]) + opts, args = getopt.getopt(argv, "i:p:u:d:v:h:s", + ["scheme=", "ip=", "port=", "user=", "debug=", "updateversion="]) except getopt.GetoptError: usage() error_and_exit(2, 'Invalid input') @@ -103,7 +105,7 @@ def main(argv): importCategories(scheme, beHost, bePort, adminUser, False, fileLocation) fileLocation = baseFileLocation + "relationship-types/" - importNormativeRelationships(scheme, beHost, bePort, adminUser, False, fileLocation) + importNormativeRelationships(scheme, beHost, bePort, adminUser, False, fileLocation) fileLocation = baseFileLocation + "data-types/" importDataTypes(scheme, beHost, bePort, adminUser, False, fileLocation) -- cgit 1.2.3-korg