diff options
author | waqas.ikram <waqas.ikram@est.tech> | 2021-12-10 10:20:19 +0000 |
---|---|---|
committer | waqas.ikram <waqas.ikram@est.tech> | 2021-12-10 10:20:32 +0000 |
commit | 53688429bc4fd48f2965d4004925cee258e4efb3 (patch) | |
tree | 6d11b522505295ae81102050ce8714e5d6ef0b31 /bpmn/mso-infrastructure-bpmn/src | |
parent | 88e933d5441c48daaf354e935803b51aaaf5700d (diff) |
Fix for livenessProbe failing OOMCustom_Workflow
Change-Id: I9c5bbaaff6c141f88e55f6bb727e3f1b9d5eca39
Issue-ID: SO-3674
Signed-off-by: waqas.ikram <waqas.ikram@est.tech>
Diffstat (limited to 'bpmn/mso-infrastructure-bpmn/src')
4 files changed, 114 insertions, 63 deletions
diff --git a/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/CXFConfiguration.java b/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/CXFConfiguration.java index 6c75bdb58f..4659d77b62 100644 --- a/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/CXFConfiguration.java +++ b/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/CXFConfiguration.java @@ -42,9 +42,12 @@ import org.onap.so.logging.cxf.interceptor.SOAPLoggingInInterceptor; import org.onap.so.logging.cxf.interceptor.SOAPLoggingOutInterceptor; import org.onap.so.logging.jaxrs.filter.SOAuditLogContainerFilter; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Qualifier; +import org.springframework.boot.autoconfigure.web.servlet.DispatcherServletAutoConfiguration; import org.springframework.boot.web.servlet.ServletRegistrationBean; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import org.springframework.web.servlet.DispatcherServlet; import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider; @@ -66,7 +69,7 @@ public class CXFConfiguration { @Autowired private WorkflowOnboardingSupport workflowOnboardingSupport; - + @Autowired private SOAuditLogContainerFilter soAuditLogContainerFilter; @@ -80,8 +83,8 @@ public class CXFConfiguration { private VnfAdapterNotify vnfAdapterNotifyServiceImpl; @Bean - public ServletRegistrationBean cxfServlet() { - return new ServletRegistrationBean(new CXFServlet(), "/*"); + public ServletRegistrationBean<CXFServlet> cxfServlet() { + return new ServletRegistrationBean<CXFServlet>(new CXFServlet(), "/*"); } @Bean @@ -108,7 +111,8 @@ public class CXFConfiguration { public Server rsServer() { JAXRSServerFactoryBean endpoint = new JAXRSServerFactoryBean(); endpoint.setBus(bus); - endpoint.setServiceBeans(Arrays.<Object>asList(wmr, workflowResource, workflowAsyncResource, workflowOnboardingSupport)); + endpoint.setServiceBeans( + Arrays.<Object>asList(wmr, workflowResource, workflowAsyncResource, workflowOnboardingSupport)); endpoint.setAddress("/"); endpoint.setFeatures(Arrays.asList(createSwaggerFeature(), new LoggingFeature())); endpoint.setProviders(Arrays.asList(new JacksonJsonProvider(mapper), soAuditLogContainerFilter)); diff --git a/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/MSOInfrastructureApplication.java b/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/MSOInfrastructureApplication.java index 6900f3099d..c0214a976a 100644 --- a/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/MSOInfrastructureApplication.java +++ b/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/MSOInfrastructureApplication.java @@ -25,8 +25,6 @@ package org.onap.so.bpmn.infrastructure; import java.util.List; import java.util.concurrent.Executor; import javax.annotation.PostConstruct; -import org.camunda.bpm.application.PreUndeploy; -import org.camunda.bpm.application.ProcessApplicationInfo; import org.camunda.bpm.engine.ProcessEngine; import org.camunda.bpm.engine.repository.DeploymentBuilder; import org.onap.logging.filter.spring.MDCTaskDecorator; @@ -34,6 +32,7 @@ import org.onap.so.bpmn.common.DefaultToShortClassNameBeanNameGenerator; import org.onap.so.db.catalog.beans.Workflow; import org.onap.so.db.catalog.client.CatalogDbClient; import org.onap.so.logger.LoggingAnchor; +import org.onap.so.security.SoBasicHttpSecurityConfigurer; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; @@ -52,12 +51,6 @@ import org.springframework.context.annotation.Primary; import org.springframework.scheduling.annotation.EnableAsync; import org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor; -import javax.annotation.PostConstruct; -import java.util.List; -import java.util.concurrent.Executor; - -import static java.util.Collections.singletonMap; -import static org.springframework.boot.context.config.ConfigFileApplicationListener.*; /** * @since Version 1.0 * @@ -66,17 +59,18 @@ import static org.springframework.boot.context.config.ConfigFileApplicationListe @SpringBootApplication @EnableAsync @ComponentScan(basePackages = {"org.onap"}, nameGenerator = DefaultToShortClassNameBeanNameGenerator.class, - excludeFilters = {@Filter(type = FilterType.ANNOTATION, classes = SpringBootApplication.class)}) -@EnableAutoConfiguration(exclude= FreeMarkerAutoConfiguration.class) + excludeFilters = {@Filter(type = FilterType.ANNOTATION, classes = SpringBootApplication.class), + @Filter(type = FilterType.ASSIGNABLE_TYPE, value = SoBasicHttpSecurityConfigurer.class)}) +@EnableAutoConfiguration(exclude = FreeMarkerAutoConfiguration.class) public class MSOInfrastructureApplication extends SpringBootServletInitializer { private static final Logger logger = LoggerFactory.getLogger(MSOInfrastructureApplication.class); - + @Override protected SpringApplicationBuilder configure(SpringApplicationBuilder application) { - return application - .sources(MSOInfrastructureApplication.class); + return application.sources(MSOInfrastructureApplication.class); } + @Autowired private ProcessEngine processEngine; @@ -118,17 +112,17 @@ public class MSOInfrastructureApplication extends SpringBootServletInitializer { @PostConstruct public void postConstruct() { DeploymentBuilder deploymentBuilder = processEngine.getRepositoryService().createDeployment(); -// try { -// DeploymentBuilder deploymentBuilder = processEngine.getRepositoryService().createDeployment(); -// deployCustomWorkflows(deploymentBuilder); -// } catch (Exception e) { -// logger.warn("Unable to invoke deploymentBuilder: " + e.getMessage()); -// } + // try { + // DeploymentBuilder deploymentBuilder = processEngine.getRepositoryService().createDeployment(); + // deployCustomWorkflows(deploymentBuilder); + // } catch (Exception e) { + // logger.warn("Unable to invoke deploymentBuilder: " + e.getMessage()); + // } } -// @PreUndeploy -// public void cleanup(ProcessEngine processEngine, ProcessApplicationInfo processApplicationInfo, -// List<ProcessEngine> processEngines) {} + // @PreUndeploy + // public void cleanup(ProcessEngine processEngine, ProcessApplicationInfo processApplicationInfo, + // List<ProcessEngine> processEngines) {} @Bean @Primary @@ -147,7 +141,7 @@ public class MSOInfrastructureApplication extends SpringBootServletInitializer { logger.info("Attempting to deploy custom workflows"); try { List<Workflow> workflows = catalogDbClient.findWorkflowBySource(SDC_SOURCE); - logger.info("SDC workflows: {}", workflows ); + logger.info("SDC workflows: {}", workflows); if (workflows != null && !workflows.isEmpty()) { for (Workflow workflow : workflows) { String workflowName = workflow.getName(); diff --git a/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/SoBpmnInfraBasicHttpSecurityConfigurer.java b/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/SoBpmnInfraBasicHttpSecurityConfigurer.java new file mode 100644 index 0000000000..15347f1dc5 --- /dev/null +++ b/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/SoBpmnInfraBasicHttpSecurityConfigurer.java @@ -0,0 +1,50 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2021 Nordix Foundation. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ +package org.onap.so.bpmn.infrastructure; + +import org.onap.so.security.HttpSecurityConfigurer; +import org.onap.so.security.SoUserCredentialConfiguration; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Primary; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.stereotype.Component; +import org.springframework.util.StringUtils; + +/** + * @author Waqas Ikram (waqas.ikram@est.tech) + * + */ +@Primary +@Component("basic") +public class SoBpmnInfraBasicHttpSecurityConfigurer implements HttpSecurityConfigurer { + + @Autowired + private SoUserCredentialConfiguration soUserCredentialConfiguration; + + @Override + public void configure(final HttpSecurity http) throws Exception { + http.csrf().disable().authorizeRequests() + .antMatchers("/app-api/manage", "/app-api/manage/health", "/app-api/manage/info").permitAll() + .antMatchers("/**") + .hasAnyRole(StringUtils.collectionToDelimitedString(soUserCredentialConfiguration.getRoles(), ",")) + .and().httpBasic(); + } + +} diff --git a/bpmn/mso-infrastructure-bpmn/src/main/resources/application.yaml b/bpmn/mso-infrastructure-bpmn/src/main/resources/application.yaml index e68d1bad80..3a0060ff79 100644 --- a/bpmn/mso-infrastructure-bpmn/src/main/resources/application.yaml +++ b/bpmn/mso-infrastructure-bpmn/src/main/resources/application.yaml @@ -1,41 +1,44 @@ -server: - port: 8080 - tomcat: - max-threads: 50 +server: + port: 8080 + tomcat: + max-threads: 50 mso: - infra: - auditInventory: false - camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A -spring: - http: - multipart: - enabled: false - main: - allow-bean-definition-overriding: true + infra: + auditInventory: false + camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A +spring: + http: + multipart: + enabled: false + main: + allow-bean-definition-overriding: true + mvc: + servlet: + path: /app-api camunda: - bpm: - application: - delete-upon-undeploy: false - scan-for-process-definitions: true - deploy-changed-only: true - job-execution: - deployment-aware: true + bpm: + application: + delete-upon-undeploy: false + scan-for-process-definitions: true + deploy-changed-only: true + job-execution: + deployment-aware: true #Actuator management: - endpoints: - web: - base-path: /manage - exposure: - include: "*" - metrics: - se-global-registry: false - export: - prometheus: - enabled: true # Whether exporting of metrics to Prometheus is enabled. - step: 1m # Step size (i.e. reporting frequency) to use. + endpoints: + web: + base-path: /manage + exposure: + include: '*' + metrics: + se-global-registry: false + export: + prometheus: + enabled: true # Whether exporting of metrics to Prometheus is enabled. + step: 1m # Step size (i.e. reporting frequency) to use. org: - onap: - so: - adapters: - network: - encryptionKey: 07a7159d3bf51a0e53be7a8f89699be7 + onap: + so: + adapters: + network: + encryptionKey: 07a7159d3bf51a0e53be7a8f89699be7
\ No newline at end of file |