DCAEGEN2-1919 add HTTPS and change log rotation
Change-Id: I7859dde9460620e18edca887f5dfc611639b268c
Issue-ID: DCAEGEN2-1919
Signed-off-by: Schmalzried, Terry (ts862m) <ts862m@att.com>
diff --git a/etc/common_logger.config b/etc/common_logger.config
index fb625bb..e26a485 100644
--- a/etc/common_logger.config
+++ b/etc/common_logger.config
@@ -1,5 +1,5 @@
# ================================================================================
-# Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2017-2019 AT&T Intellectual Property. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -31,11 +31,11 @@
# sizeMaxBytes: >= 0 (0 means no limit, else maximum filesize in Bytes)
# backupCount: >= 0 (Number of rotated backup files to retain. If rotateMethod=time, 0 retains *all* backups. If rotateMethod=size, 0 retains *no* backups.)
#
-rotateMethod = time
+rotateMethod = size
timeRotateIntervalType = midnight
timeRotateInterval = 1
-sizeMaxBytes = 0
-backupCount = 6
+sizeMaxBytes = 10000000
+backupCount = 4
#--- Parameters that define log filenames and their initial LogLevel threshold
diff --git a/etc/config.json b/etc/config.json
index b6f997b..1868386 100644
--- a/etc/config.json
+++ b/etc/config.json
@@ -21,13 +21,12 @@
},
"handlers": {
"file": {
- "class": "logging.handlers.TimedRotatingFileHandler",
+ "class": "logging.handlers.RotatingFileHandler",
"formatter": "local",
"filename" : "logs/policy_handler.log",
"level": "DEBUG",
- "when": "midnight",
- "interval": 1,
- "backupCount": 10,
+ "maxBytes": 200000000,
+ "backupCount": 5,
"delay": true
}
},
@@ -41,4 +40,4 @@
"handlers": ["file"]
}
}
-}
\ No newline at end of file
+}
diff --git a/policyhandler/service_activator.py b/policyhandler/service_activator.py
index 9c8a1b2..c1e5b8c 100644
--- a/policyhandler/service_activator.py
+++ b/policyhandler/service_activator.py
@@ -35,6 +35,7 @@
import requests
from .config import Config, Settings
+from .discovery import DiscoveryClient
from .onap.audit import (REQUEST_X_ECOMP_REQUESTID, Audit, AuditHttpCode,
Metrics)
from .policy_consts import TARGET_ENTITY
@@ -93,6 +94,9 @@
ServiceActivator._target_entity = config_sa.get(
TARGET_ENTITY, ServiceActivator.DEFAULT_TARGET_ENTITY)
ServiceActivator._url = config_sa.get("url", "")
+ if not ServiceActivator._url:
+ ServiceActivator._url = DiscoveryClient.get_service_url(audit,
+ ServiceActivator._target_entity)
if ServiceActivator._url:
ServiceActivator._url_register = urljoin(ServiceActivator._url,
config_sa.get("path_register", ""))
diff --git a/policyhandler/web_server.py b/policyhandler/web_server.py
index dfd1b51..9c2656e 100644
--- a/policyhandler/web_server.py
+++ b/policyhandler/web_server.py
@@ -19,6 +19,8 @@
import json
from datetime import datetime
+import os
+import time
import cherrypy
@@ -44,16 +46,18 @@
protocol = "http"
tls_info = ""
- # if Config.tls_server_cert_file and Config.tls_private_key_file:
- # cherrypy.server.ssl_module = 'builtin'
- # cherrypy.server.ssl_certificate = Config.tls_server_cert_file
- # cherrypy.server.ssl_private_key = Config.tls_private_key_file
- # if Config.tls_server_ca_chain_file:
- # cherrypy.server.ssl_certificate_chain = Config.tls_server_ca_chain_file
- # protocol = "https"
- # tls_info = "cert: {} {} {}".format(Config.tls_server_cert_file,
- # Config.tls_private_key_file,
- # Config.tls_server_ca_chain_file)
+ if Config.tls_server_cert_file and Config.tls_private_key_file:
+ tm_cert = os.path.getmtime(Config.tls_server_cert_file)
+ tm_key = os.path.getmtime(Config.tls_private_key_file)
+ cherrypy.server.ssl_module = 'builtin'
+ cherrypy.server.ssl_certificate = Config.tls_server_cert_file
+ cherrypy.server.ssl_private_key = Config.tls_private_key_file
+ if Config.tls_server_ca_chain_file:
+ cherrypy.server.ssl_certificate_chain = Config.tls_server_ca_chain_file
+ protocol = "https"
+ tls_info = "cert: {} {} {}".format(Config.tls_server_cert_file,
+ Config.tls_private_key_file,
+ Config.tls_server_ca_chain_file)
cherrypy.tree.mount(_PolicyWeb(), '/')
@@ -63,6 +67,19 @@
json.dumps(cherrypy.config))
cherrypy.engine.start()
+ # If HTTPS server certificate changes, exit to let kubernetes restart us
+ if Config.tls_server_cert_file and Config.tls_private_key_file:
+ while True:
+ time.sleep(600)
+ c_tm_cert = os.path.getmtime(Config.tls_server_cert_file)
+ c_tm_key = os.path.getmtime(Config.tls_private_key_file)
+ if c_tm_cert > tm_cert or c_tm_key > tm_key:
+ PolicyWeb.logger.info("cert or key file updated")
+ cherrypy.engine.stop()
+ cherrypy.engine.exit()
+ break
+
+
class _PolicyWeb(object):
"""REST API of policy-handler"""
diff --git a/pom.xml b/pom.xml
index 43f1421..ea01cb0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -29,7 +29,7 @@
<groupId>org.onap.dcaegen2.platform</groupId>
<artifactId>policy-handler</artifactId>
<name>dcaegen2-platform-policy-handler</name>
- <version>5.0.0-SNAPSHOT</version>
+ <version>5.0.1-SNAPSHOT</version>
<url>http://maven.apache.org</url>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
diff --git a/run_policy.sh b/run_policy.sh
index 8055bea..478fc67 100644
--- a/run_policy.sh
+++ b/run_policy.sh
@@ -47,4 +47,5 @@
echo "---------------------------------------------"
echo "$(date +%Y-%m-%d_%T.%N): exit ${BASH_SOURCE[0]} that was started on ${STARTED}"
+rm -f ${LOG_FILE}.2[0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]_[0-9][0-9][0-9][0-9][0-9][0-9]
mv ${LOG_FILE} ${LOG_FILE}.$(date +%Y-%m-%d_%H%M%S)
diff --git a/setup.py b/setup.py
index eeef5c2..3bfc162 100644
--- a/setup.py
+++ b/setup.py
@@ -22,7 +22,7 @@
setup(
name='policyhandler',
description='DCAE-Controller policy-handler to communicate with policy-engine',
- version="5.0.0",
+ version="5.0.1",
author='Alex Shatov',
packages=['policyhandler'],
zip_safe=False,
diff --git a/version.properties b/version.properties
index c5c1fd9..d49fe4b 100644
--- a/version.properties
+++ b/version.properties
@@ -1,6 +1,6 @@
major=5
minor=0
-patch=0
+patch=1
base_version=${major}.${minor}.${patch}
release_version=${base_version}
snapshot_version=${base_version}-SNAPSHOT