aboutsummaryrefslogtreecommitdiffstats
path: root/installation/src/main
diff options
context:
space:
mode:
authorDan Timoney <dtimoney@att.com>2021-02-22 11:20:18 -0500
committerDan Timoney <dtimoney@att.com>2021-02-22 13:56:52 -0500
commit38d8f5f82c952db34e139488dd7619f620ecc742 (patch)
tree546e24c91091dccca66180bf0e9c93a1b9ac4f4d /installation/src/main
parent1e1fc55411b7569aae9f550046ca14e5db03d5cb (diff)
Remove embedded passwords
Updated properties files to use env variables instead of embedded default passwords. Change-Id: I7b5a796bbb5d386dda8cba47cbb977ec47838a11 Issue-ID: SDNC-1482 Signed-off-by: Dan Timoney <dtimoney@att.com> Former-commit-id: d0a86a8593f3832f11198e91c2343db6fad5a1a9
Diffstat (limited to 'installation/src/main')
-rwxr-xr-xinstallation/src/main/properties/aaiclient.properties6
-rw-r--r--installation/src/main/properties/ansible-adapter.properties4
-rw-r--r--installation/src/main/properties/data-migrator.properties12
-rw-r--r--installation/src/main/properties/dblib.properties8
-rw-r--r--installation/src/main/properties/generic-resource-api-dg.properties24
-rw-r--r--installation/src/main/properties/lcm-dg.properties4
-rw-r--r--installation/src/main/properties/mdsal-resource.properties4
-rw-r--r--installation/src/main/properties/optical-service-dg.properties8
-rw-r--r--installation/src/main/properties/sql-resource.properties2
-rw-r--r--installation/src/main/properties/svclogic.properties8
-rwxr-xr-xinstallation/src/main/properties/svclogic.properties.sdnctldb018
-rw-r--r--installation/src/main/yaml/docker-compose.yml61
12 files changed, 95 insertions, 54 deletions
diff --git a/installation/src/main/properties/aaiclient.properties b/installation/src/main/properties/aaiclient.properties
index 65683836..395510d7 100755
--- a/installation/src/main/properties/aaiclient.properties
+++ b/installation/src/main/properties/aaiclient.properties
@@ -27,11 +27,11 @@
# Certificate keystore and truststore
#
org.onap.ccsdk.sli.adaptors.aai.ssl.trust=/opt/onap/sdnc/data/stores/truststoreONAPall.jks
-org.onap.ccsdk.sli.adaptors.aai.ssl.trust.psswd=changeit
+org.onap.ccsdk.sli.adaptors.aai.ssl.trust.psswd=${AAI_TRUSTSTORE_PASSWORD}
org.onap.ccsdk.sli.adaptors.aai.host.certificate.ignore=true
-org.onap.ccsdk.sli.adaptors.aai.client.name=sdnc@sdnc.onap.org
-org.onap.ccsdk.sli.adaptors.aai.client.psswd=demo123456!
+org.onap.ccsdk.sli.adaptors.aai.client.name=${AAI_CLIENT_NAME}
+org.onap.ccsdk.sli.adaptors.aai.client.psswd=${AAI_CLIENT_PASSWORD}
org.onap.ccsdk.sli.adaptors.aai.application=openECOMP
#
diff --git a/installation/src/main/properties/ansible-adapter.properties b/installation/src/main/properties/ansible-adapter.properties
index 761758bb..3cc0f28b 100644
--- a/installation/src/main/properties/ansible-adapter.properties
+++ b/installation/src/main/properties/ansible-adapter.properties
@@ -30,7 +30,7 @@
# Define the name and path of any user-provided configuration (bootstrap) file that can be loaded
# to supply configuration options
org.onap.appc.bootstrap.file=appc.properties
-org.onap.appc.bootstrap.path=${user.home},/opt/opendaylight/current/properties
+org.onap.appc.bootstrap.path=${HOME},/opt/opendaylight/current/properties
appc.application.name=APPC
@@ -44,5 +44,5 @@ org.onap.appc.provider.adaptor.name=org.onap.appc.appc_ansible_adapter
# Default truststore path and password
org.onap.appc.adapter.ansible.trustStore=/opt/opendaylight/tls-client/mykeystore.js
-org.onap.appc.adapter.ansible.trustStore.trustPasswd=changeit
+org.onap.appc.adapter.ansible.trustStore.trustPasswd=${ANSIBLE_TRUSTSTORE_PASSWORD}
org.onap.appc.adapter.ansible.clientType=TRUST_ALL
diff --git a/installation/src/main/properties/data-migrator.properties b/installation/src/main/properties/data-migrator.properties
index 9bec60dd..74d389e5 100644
--- a/installation/src/main/properties/data-migrator.properties
+++ b/installation/src/main/properties/data-migrator.properties
@@ -17,10 +17,10 @@
# limitations under the License.
# ============LICENSE_END=========================================================
###
-org.onap.sdnc.datamigrator.source.host=http://10.53.234.213:30202
-org.onap.sdnc.datamigrator.source.user=admin
-org.onap.sdnc.datamigrator.source.password=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
-org.onap.sdnc.datamigrator.target.host=http://10.53.234.215:30202
-org.onap.sdnc.datamigrator.target.user=admin
-org.onap.sdnc.datamigrator.target.password=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+org.onap.sdnc.datamigrator.source.host=https://sdnc.onap:30267
+org.onap.sdnc.datamigrator.source.user=${ODL_USER}
+org.onap.sdnc.datamigrator.source.password=${ODL_PASSWORD}
+org.onap.sdnc.datamigrator.target.host=https://sdnc.onap:30267
+org.onap.sdnc.datamigrator.target.user=${ODL_USER}
+org.onap.sdnc.datamigrator.target.password=${ODL_PASSWORD}
org.onap.sdnc.datamigrator.data.path=/tmp \ No newline at end of file
diff --git a/installation/src/main/properties/dblib.properties b/installation/src/main/properties/dblib.properties
index 9506ac8d..f54e099e 100644
--- a/installation/src/main/properties/dblib.properties
+++ b/installation/src/main/properties/dblib.properties
@@ -23,11 +23,11 @@
org.onap.ccsdk.sli.dbtype=jdbc
org.onap.ccsdk.sli.jdbc.hosts=sdnctldb01
-org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://dbhost:3306/sdnctl
+org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://dbhost:3306/${MYSQL_DATABASE}
org.onap.ccsdk.sli.jdbc.driver=org.mariadb.jdbc.Driver
-org.onap.ccsdk.sli.jdbc.database=sdnctl
-org.onap.ccsdk.sli.jdbc.user=sdnctl
-org.onap.ccsdk.sli.jdbc.password=gamma
+org.onap.ccsdk.sli.jdbc.database=${MYSQL_DATABASE}
+org.onap.ccsdk.sli.jdbc.user=${MYSQL_USER}
+org.onap.ccsdk.sli.jdbc.password=${MYSQL_PASSWORD}
org.onap.ccsdk.sli.jdbc.connection.name=sdnctldb01
org.onap.ccsdk.sli.jdbc.connection.timeout=50
org.onap.ccsdk.sli.jdbc.request.timeout=100
diff --git a/installation/src/main/properties/generic-resource-api-dg.properties b/installation/src/main/properties/generic-resource-api-dg.properties
index d4127133..d633f926 100644
--- a/installation/src/main/properties/generic-resource-api-dg.properties
+++ b/installation/src/main/properties/generic-resource-api-dg.properties
@@ -1,23 +1,23 @@
restapi.templateDir=/opt/onap/sdnc/restapi/templates
controller.url=http://localhost:8181
-controller.user=admin
-controller.pwd=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+controller.user=${ODL_USER}
+controller.pwd=${ODL_HOST}
honeycomb.url=http://{honeycomb-instance-ip}:8183
-honeycomb.user=admin
-honeycomb.pwd=admin
+honeycomb.user=${HONEYCOMB_USER}
+honeycomb.pwd=${HONEYCOMB_PASSWORD}
restapi.trustStoreFileName=/opt/onap/sdnc/data/stores/truststore.openecomp.client.jks
-restapi.trustStorePassword=adminadmin
+restapi.trustStorePassword=${TRUSTSTORE_PASSWORD}
restapi.keyStoreFileName=/opt/onap/sdnc/data/stores/sdnc.p12
-restapi.keyStorePassword=adminadmin
+restapi.keyStorePassword=${KEYSTORE_PASSWORD}
restapi.connection-oof-url=http://oof-osdf:8698/api/oof/v1/route
naming.gen-name.url=http://neng-serv:8080
-naming.gen-name.user=ccsdkapps
-naming.gen-name.pwd=ccsdkapps
-so.user=sdncaBpmn
-so.pwd=password1$
+naming.gen-name.user=${NENG_NAME}
+naming.gen-name.pwd=${NENG_PASSWORD}
+so.user=${SO_USER}
+so.pwd=${SO_PASSWORD}
cds.url=http://cds-blueprints-processor-http:8080
-cds.user=ccsdkapps
-cds.pwd=ccsdkapps
+cds.user=${CDS_USER}
+cds.pwd=${CDS_PASSWORD}
# Templates
restapi.sz.templatefile=security-zone-allotted-resource.json
diff --git a/installation/src/main/properties/lcm-dg.properties b/installation/src/main/properties/lcm-dg.properties
index a4cfc4aa..5a3a9e12 100644
--- a/installation/src/main/properties/lcm-dg.properties
+++ b/installation/src/main/properties/lcm-dg.properties
@@ -1,7 +1,7 @@
#ANSIBLE
ansible.agenturl=http://ansiblehost:8000/Dispatch
-ansible.user=sdnc
-ansible.password=sdnc
+ansible.user=${ANSIBLE_USER}
+ansible.password=${ANSIBLE_PASSWORD}
ansible.lcm.localparameters=
ansible.nodelist=
ansible.timeout=60
diff --git a/installation/src/main/properties/mdsal-resource.properties b/installation/src/main/properties/mdsal-resource.properties
index 47c8ebf7..f4dfab1a 100644
--- a/installation/src/main/properties/mdsal-resource.properties
+++ b/installation/src/main/properties/mdsal-resource.properties
@@ -19,8 +19,8 @@
# ============LICENSE_END=========================================================
###
-org.onap.ccsdk.sli.adaptors.resource.mdsal.sdnc-user=admin
-org.onap.ccsdk.sli.adaptors.resource.mdsal.sdnc-passwd=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+org.onap.ccsdk.sli.adaptors.resource.mdsal.sdnc-user=${ODL_USER}
+org.onap.ccsdk.sli.adaptors.resource.mdsal.sdnc-passwd=${ODL_PASSWORD}
org.onap.ccsdk.sli.adaptors.resource.mdsal.sdnc-host=localhost
org.onap.ccsdk.sli.adaptors.resource.mdsal.sdnc-protocol=http
org.onap.ccsdk.sli.adaptors.resource.mdsal.sdnc-port=8181
diff --git a/installation/src/main/properties/optical-service-dg.properties b/installation/src/main/properties/optical-service-dg.properties
index 37779f56..9d9778a3 100644
--- a/installation/src/main/properties/optical-service-dg.properties
+++ b/installation/src/main/properties/optical-service-dg.properties
@@ -1,7 +1,7 @@
restapi.templateDir=/opt/onap/sdnc/restapi/templates
controller.url=http://sdnc.onap:8282
-controller.user=admin
-controller.pwd=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+controller.user=${ODL_USER}
+controller.pwd=${ODL_PASSWORD}
odlUrlBase=http://sdnc-oam.onap:8282/restconf/operations
sdncEndpoint=SLI-API:execute-graph
@@ -15,8 +15,8 @@ restapi.template.so.response.filename=async-response-so.json
#URLS
sdnc.async.url=/asyncNotification
-so.username=sdncaBpmn
-so.password=password1$
+so.username=${SO_USER}
+so.password=${SO_PASSWORD}
tapi.cep.details.url=/cxf/tapi/v2/connectivities/service-interface-points?topology-id-or-name=otn&sip-id-or-name=
tapi.delete.service.url=/cxf/tapi/v2/connectivities/tapi-services?topology-id-or-name=otn&service-id-or-name=
tapi.get.services.url=/cxf/tapi/v2/connectivities/tapi-services?topology-id-or-name=otn&service-id-or-name=
diff --git a/installation/src/main/properties/sql-resource.properties b/installation/src/main/properties/sql-resource.properties
index ac32f773..0e3714eb 100644
--- a/installation/src/main/properties/sql-resource.properties
+++ b/installation/src/main/properties/sql-resource.properties
@@ -19,5 +19,5 @@
# ============LICENSE_END=========================================================
###
-org.openecomp.sdnc.resource.sql.cryptkey=QtfJMKggVk
+org.onap.sdnc.resource.sql.cryptkey=${SQL_CRYPTKEY:-duMmyCrYptkEy}
diff --git a/installation/src/main/properties/svclogic.properties b/installation/src/main/properties/svclogic.properties
index 54d667cf..41ad460e 100644
--- a/installation/src/main/properties/svclogic.properties
+++ b/installation/src/main/properties/svclogic.properties
@@ -21,9 +21,9 @@
org.onap.ccsdk.sli.dbtype = dblib
#Note : the next 4 fields are only used if org.onap.ccsdk.sli.dbtype = jdbc
-org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://dbhost:3306/sdnctl
-org.onap.ccsdk.sli.jdbc.database=sdnctl
-org.onap.ccsdk.sli.jdbc.user=sdnctl
-org.onap.ccsdk.sli.jdbc.password=gamma
+org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://dbhost:3306/${MYSQL_DATABASE}
+org.onap.ccsdk.sli.jdbc.database=${MYSQL_DATABASE}
+org.onap.ccsdk.sli.jdbc.user=${MYSQL_USER}
+org.onap.ccsdk.sli.jdbc.password=${MYSQL_PASSWORD}
org.xml.sax.driver=org.apache.xerces.parsers.SAXParser
diff --git a/installation/src/main/properties/svclogic.properties.sdnctldb01 b/installation/src/main/properties/svclogic.properties.sdnctldb01
index 54d667cf..41ad460e 100755
--- a/installation/src/main/properties/svclogic.properties.sdnctldb01
+++ b/installation/src/main/properties/svclogic.properties.sdnctldb01
@@ -21,9 +21,9 @@
org.onap.ccsdk.sli.dbtype = dblib
#Note : the next 4 fields are only used if org.onap.ccsdk.sli.dbtype = jdbc
-org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://dbhost:3306/sdnctl
-org.onap.ccsdk.sli.jdbc.database=sdnctl
-org.onap.ccsdk.sli.jdbc.user=sdnctl
-org.onap.ccsdk.sli.jdbc.password=gamma
+org.onap.ccsdk.sli.jdbc.url=jdbc:mysql://dbhost:3306/${MYSQL_DATABASE}
+org.onap.ccsdk.sli.jdbc.database=${MYSQL_DATABASE}
+org.onap.ccsdk.sli.jdbc.user=${MYSQL_USER}
+org.onap.ccsdk.sli.jdbc.password=${MYSQL_PASSWORD}
org.xml.sax.driver=org.apache.xerces.parsers.SAXParser
diff --git a/installation/src/main/yaml/docker-compose.yml b/installation/src/main/yaml/docker-compose.yml
index 7adc6202..01c972c4 100644
--- a/installation/src/main/yaml/docker-compose.yml
+++ b/installation/src/main/yaml/docker-compose.yml
@@ -8,17 +8,21 @@ networks:
services:
+
db:
- image: mysql/mysql-server:5.6
+ image: mariadb:10.5
container_name: sdnc_db_container
ports:
- - "3306"
+ - "23306:3306"
environment:
- - MYSQL_ROOT_PASSWORD=openECOMP1.0
+ - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
- MYSQL_ROOT_HOST=%
- logging:
+ - MYSQL_USER=${MYSQL_USER}
+ - MYSQL_PASSWORD=${MYSQL_PASSWORD}
+ - MYSQL_DATABASE=${MYSQL_DATABASE}
+ logging:
driver: "json-file"
- options:
+ options:
max-size: "30m"
max-file: "5"
@@ -35,7 +39,11 @@ services:
- db:sdnctldb01
- db:sdnctldb02
environment:
- - MYSQL_ROOT_PASSWORD=openECOMP1.0
+ - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
+ - MYSQL_USER=${MYSQL_USER}
+ - MYSQL_PASSWORD=${MYSQL_PASSWORD}
+ - MYSQL_DATABASE=${MYSQL_DATABASE}
+ - ANSIBLE_TRUSTSTORE_PASSWORD=${ANSIBLE_TRUSTSTORE_PASSWORD}
logging:
driver: "json-file"
options:
@@ -57,13 +65,28 @@ services:
- db:sdnctldb02
- ansible:ansiblehost
environment:
- - MYSQL_ROOT_PASSWORD=openECOMP1.0
+ - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
- SDNC_CONFIG_DIR=/opt/onap/sdnc/data/properties
- SDNC_BIN=/opt/onap/sdnc/bin
- ODL_CERT_DIR=/tmp
- - ODL_ADMIN_USERNAME=admin
- - ODL_ADMIN_PASSWORD=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+ - ODL_ADMIN_USERNAME=${ODL_USER}
+ - ODL_ADMIN_PASSWORD=${ODL_PASSWORD}
+ - ODL_USER=${ODL_USER}
+ - ODL_PASSWORD=${ODL_PASSWORD}
- SDNC_DB_INIT=true
+ - HONEYCOMB_USER=${HONEYCOMB_USER}
+ - HONEYCOMB_PASSWORD=${HONEYCOMB_PASSWORD}
+ - TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}
+ - KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}
+ - SO_USER=${SO_USER}
+ - SO_PASSWORD=${SO_PASSWORD}
+ - NENG_USER=${NENG_USER}
+ - NENG_PASSWORD=${NENG_PASSWORD}
+ - CDS_USER=${CDS_USER}
+ - CDS_PASSWORD=${CDS_PASSWORD}
+ - ANSIBLE_USER=${ANSIBLE_USER}
+ - ANSIBLE_PASSWORD=${ANSIBLE_PASSWORD}
+ - SQL_CRYPTKEY=${SQL_CRYPTKEY}
- A1_TRUSTSTORE_PASSWORD=a1adapter
# The default truststore for A1 adapter can be overridden by mounting a new
# truststore (uncomment the lines below), whereas the corresponding password
@@ -97,7 +120,10 @@ services:
- db:sdnctldb02
- sdnc:sdnhost
environment:
- - MYSQL_ROOT_PASSWORD=openECOMP1.0
+ - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
+ - MYSQL_USER=${MYSQL_USER}
+ - MYSQL_PASSWORD=${MYSQL_PASSWORD}
+ - MYSQL_DATABASE=${MYSQL_DATABASE}
- SDNC_CONFIG_DIR=/opt/onap/ccsdk/data/properties
logging:
driver: "json-file"
@@ -119,6 +145,13 @@ services:
environment:
- SDNC_CONFIG_DIR=/opt/onap/sdnc/data/properties
- PROPERTY_DIR=/opt/onap/sdnc/data/properties
+ - MYSQL_USER=${MYSQL_USER}
+ - MYSQL_PASSWORD=${MYSQL_PASSWORD}
+ - MYSQL_DATABASE=${MYSQL_DATABASE}
+ - ODL_USER=${ODL_USER}
+ - ODL_PASSWORD=${ODL_PASSWORD}
+ - ASDC_USER=${ASDC_USER}
+ - ASDC_PASSWORD=${ASDC_PASSWORD}
logging:
driver: "json-file"
options:
@@ -139,6 +172,14 @@ services:
environment:
- SDNC_CONFIG_DIR=/opt/onap/sdnc/data/properties
- PROPERTY_DIR=/opt/onap/sdnc/data/properties
+ - MYSQL_USER=${MYSQL_USER}
+ - MYSQL_PASSWORD=${MYSQL_PASSWORD}
+ - MYSQL_DATABASE=${MYSQL_DATABASE}
+ - ODL_USER=${ODL_USER}
+ - ODL_PASSWORD=${ODL_PASSWORD}
+ - DMAAP_USER=${DMAAP_USER}
+ - DMAAP_PASSWORD=${DMAAP_PASSWORD}
+ - DMAAP_AUTHKEY=${DMAAP_AUTHKEY}
logging:
driver: "json-file"
options: