From 53688429bc4fd48f2965d4004925cee258e4efb3 Mon Sep 17 00:00:00 2001 From: "waqas.ikram" Date: Fri, 10 Dec 2021 10:20:19 +0000 Subject: Fix for livenessProbe failing OOM Change-Id: I9c5bbaaff6c141f88e55f6bb727e3f1b9d5eca39 Issue-ID: SO-3674 Signed-off-by: waqas.ikram --- .../so/bpmn/infrastructure/CXFConfiguration.java | 12 ++++-- .../MSOInfrastructureApplication.java | 40 ++++++++--------- .../SoBpmnInfraBasicHttpSecurityConfigurer.java | 50 ++++++++++++++++++++++ 3 files changed, 75 insertions(+), 27 deletions(-) create mode 100644 bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/SoBpmnInfraBasicHttpSecurityConfigurer.java (limited to 'bpmn/mso-infrastructure-bpmn/src/main/java') diff --git a/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/CXFConfiguration.java b/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/CXFConfiguration.java index 6c75bdb58f..4659d77b62 100644 --- a/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/CXFConfiguration.java +++ b/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/CXFConfiguration.java @@ -42,9 +42,12 @@ import org.onap.so.logging.cxf.interceptor.SOAPLoggingInInterceptor; import org.onap.so.logging.cxf.interceptor.SOAPLoggingOutInterceptor; import org.onap.so.logging.jaxrs.filter.SOAuditLogContainerFilter; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Qualifier; +import org.springframework.boot.autoconfigure.web.servlet.DispatcherServletAutoConfiguration; import org.springframework.boot.web.servlet.ServletRegistrationBean; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import org.springframework.web.servlet.DispatcherServlet; import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider; @@ -66,7 +69,7 @@ public class CXFConfiguration { @Autowired private WorkflowOnboardingSupport workflowOnboardingSupport; - + @Autowired private SOAuditLogContainerFilter soAuditLogContainerFilter; @@ -80,8 +83,8 @@ public class CXFConfiguration { private VnfAdapterNotify vnfAdapterNotifyServiceImpl; @Bean - public ServletRegistrationBean cxfServlet() { - return new ServletRegistrationBean(new CXFServlet(), "/*"); + public ServletRegistrationBean cxfServlet() { + return new ServletRegistrationBean(new CXFServlet(), "/*"); } @Bean @@ -108,7 +111,8 @@ public class CXFConfiguration { public Server rsServer() { JAXRSServerFactoryBean endpoint = new JAXRSServerFactoryBean(); endpoint.setBus(bus); - endpoint.setServiceBeans(Arrays.asList(wmr, workflowResource, workflowAsyncResource, workflowOnboardingSupport)); + endpoint.setServiceBeans( + Arrays.asList(wmr, workflowResource, workflowAsyncResource, workflowOnboardingSupport)); endpoint.setAddress("/"); endpoint.setFeatures(Arrays.asList(createSwaggerFeature(), new LoggingFeature())); endpoint.setProviders(Arrays.asList(new JacksonJsonProvider(mapper), soAuditLogContainerFilter)); diff --git a/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/MSOInfrastructureApplication.java b/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/MSOInfrastructureApplication.java index 6900f3099d..c0214a976a 100644 --- a/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/MSOInfrastructureApplication.java +++ b/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/MSOInfrastructureApplication.java @@ -25,8 +25,6 @@ package org.onap.so.bpmn.infrastructure; import java.util.List; import java.util.concurrent.Executor; import javax.annotation.PostConstruct; -import org.camunda.bpm.application.PreUndeploy; -import org.camunda.bpm.application.ProcessApplicationInfo; import org.camunda.bpm.engine.ProcessEngine; import org.camunda.bpm.engine.repository.DeploymentBuilder; import org.onap.logging.filter.spring.MDCTaskDecorator; @@ -34,6 +32,7 @@ import org.onap.so.bpmn.common.DefaultToShortClassNameBeanNameGenerator; import org.onap.so.db.catalog.beans.Workflow; import org.onap.so.db.catalog.client.CatalogDbClient; import org.onap.so.logger.LoggingAnchor; +import org.onap.so.security.SoBasicHttpSecurityConfigurer; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; @@ -52,12 +51,6 @@ import org.springframework.context.annotation.Primary; import org.springframework.scheduling.annotation.EnableAsync; import org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor; -import javax.annotation.PostConstruct; -import java.util.List; -import java.util.concurrent.Executor; - -import static java.util.Collections.singletonMap; -import static org.springframework.boot.context.config.ConfigFileApplicationListener.*; /** * @since Version 1.0 * @@ -66,17 +59,18 @@ import static org.springframework.boot.context.config.ConfigFileApplicationListe @SpringBootApplication @EnableAsync @ComponentScan(basePackages = {"org.onap"}, nameGenerator = DefaultToShortClassNameBeanNameGenerator.class, - excludeFilters = {@Filter(type = FilterType.ANNOTATION, classes = SpringBootApplication.class)}) -@EnableAutoConfiguration(exclude= FreeMarkerAutoConfiguration.class) + excludeFilters = {@Filter(type = FilterType.ANNOTATION, classes = SpringBootApplication.class), + @Filter(type = FilterType.ASSIGNABLE_TYPE, value = SoBasicHttpSecurityConfigurer.class)}) +@EnableAutoConfiguration(exclude = FreeMarkerAutoConfiguration.class) public class MSOInfrastructureApplication extends SpringBootServletInitializer { private static final Logger logger = LoggerFactory.getLogger(MSOInfrastructureApplication.class); - + @Override protected SpringApplicationBuilder configure(SpringApplicationBuilder application) { - return application - .sources(MSOInfrastructureApplication.class); + return application.sources(MSOInfrastructureApplication.class); } + @Autowired private ProcessEngine processEngine; @@ -118,17 +112,17 @@ public class MSOInfrastructureApplication extends SpringBootServletInitializer { @PostConstruct public void postConstruct() { DeploymentBuilder deploymentBuilder = processEngine.getRepositoryService().createDeployment(); -// try { -// DeploymentBuilder deploymentBuilder = processEngine.getRepositoryService().createDeployment(); -// deployCustomWorkflows(deploymentBuilder); -// } catch (Exception e) { -// logger.warn("Unable to invoke deploymentBuilder: " + e.getMessage()); -// } + // try { + // DeploymentBuilder deploymentBuilder = processEngine.getRepositoryService().createDeployment(); + // deployCustomWorkflows(deploymentBuilder); + // } catch (Exception e) { + // logger.warn("Unable to invoke deploymentBuilder: " + e.getMessage()); + // } } -// @PreUndeploy -// public void cleanup(ProcessEngine processEngine, ProcessApplicationInfo processApplicationInfo, -// List processEngines) {} + // @PreUndeploy + // public void cleanup(ProcessEngine processEngine, ProcessApplicationInfo processApplicationInfo, + // List processEngines) {} @Bean @Primary @@ -147,7 +141,7 @@ public class MSOInfrastructureApplication extends SpringBootServletInitializer { logger.info("Attempting to deploy custom workflows"); try { List workflows = catalogDbClient.findWorkflowBySource(SDC_SOURCE); - logger.info("SDC workflows: {}", workflows ); + logger.info("SDC workflows: {}", workflows); if (workflows != null && !workflows.isEmpty()) { for (Workflow workflow : workflows) { String workflowName = workflow.getName(); diff --git a/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/SoBpmnInfraBasicHttpSecurityConfigurer.java b/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/SoBpmnInfraBasicHttpSecurityConfigurer.java new file mode 100644 index 0000000000..15347f1dc5 --- /dev/null +++ b/bpmn/mso-infrastructure-bpmn/src/main/java/org/onap/so/bpmn/infrastructure/SoBpmnInfraBasicHttpSecurityConfigurer.java @@ -0,0 +1,50 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2021 Nordix Foundation. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ +package org.onap.so.bpmn.infrastructure; + +import org.onap.so.security.HttpSecurityConfigurer; +import org.onap.so.security.SoUserCredentialConfiguration; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Primary; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.stereotype.Component; +import org.springframework.util.StringUtils; + +/** + * @author Waqas Ikram (waqas.ikram@est.tech) + * + */ +@Primary +@Component("basic") +public class SoBpmnInfraBasicHttpSecurityConfigurer implements HttpSecurityConfigurer { + + @Autowired + private SoUserCredentialConfiguration soUserCredentialConfiguration; + + @Override + public void configure(final HttpSecurity http) throws Exception { + http.csrf().disable().authorizeRequests() + .antMatchers("/app-api/manage", "/app-api/manage/health", "/app-api/manage/info").permitAll() + .antMatchers("/**") + .hasAnyRole(StringUtils.collectionToDelimitedString(soUserCredentialConfiguration.getRoles(), ",")) + .and().httpBasic(); + } + +} -- cgit 1.2.3-korg