Revert "[AAI][SPARKY] Automatically retrieve certs"
This reverts commit a9a41d84026f059aae70f9042c0b99af5b72e619.
aai-sparky-be with this patch fails often in the gate.
I expect this to be related to this patch as the stack trace contains
below error message:
java.io.IOException: keystore password was incorrect
Issue-ID: OOM-2683
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I53650671eae700ef553b2f9158744ab72d881820
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-default.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application-oxm-default.properties
similarity index 100%
rename from kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-default.properties
rename to kubernetes/aai/components/aai-sparky-be/resources/config/application-oxm-default.properties
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-override.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application-oxm-override.properties
similarity index 100%
rename from kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-override.properties
rename to kubernetes/aai/components/aai-sparky-be/resources/config/application-oxm-override.properties
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-schema-prod.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application-oxm-schema-prod.properties
similarity index 72%
rename from kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-schema-prod.properties
rename to kubernetes/aai/components/aai-sparky-be/resources/config/application-oxm-schema-prod.properties
index b6c5f68..094c815 100644
--- a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-oxm-schema-prod.properties
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application-oxm-schema-prod.properties
@@ -15,14 +15,14 @@
*/}}
oxm.schemaNodeDir=/opt/app/sparky/onap/oxm
-#schemaServiceTranslator is used to define whether to retreive the oxm from schema service microservice or read from the disk, possible values are schema-service/config
+#schemaServiceTranslator is used to define whether to retreive the oxm from schema service microservice or read from the disk, possible values are schema-service/config
oxm.schemaServiceTranslatorList=config
# The end point for onap is https://<hostname>:<port>/onap/schema-service/v1/
oxm.schemaServiceBaseUrl=https://<schema-service/config>/aai/schema-service/v1/
-oxm.schemaServiceKeystore=file:{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12
-oxm.schemaServiceTruststore=file:{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks
-oxm.schemaServiceKeystorePassword=${KEYSTORE_PASSWORD}
-oxm.schemaServiceTruststorePassword=${KEYSTORE_PASSWORD}
+oxm.schemaServiceKeystore=file:${CONFIG_HOME}/auth/aai-client-cert.p12
+oxm.schemaServiceTruststore=file:${CONFIG_HOME}/auth/tomcat_keystore
+oxm.schemaServiceKeystorePassword=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o
+oxm.schemaServiceTruststorePassword=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-resources.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application-resources.properties
similarity index 70%
rename from kubernetes/aai/components/aai-sparky-be/resources/config/application/application-resources.properties
rename to kubernetes/aai/components/aai-sparky-be/resources/config/application-resources.properties
index 2143bf8..59c0349 100644
--- a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-resources.properties
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application-resources.properties
@@ -19,7 +19,4 @@
resources.authType=SSL_BASIC
resources.basicAuthUserName=aai@aai.onap.org
resources.basicAuthPassword=1fia1ju61l871lfe18xp18xr18xt1lc41l531jrk1fek
-resources.trust-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks
-resources.trust-store-password=${TRUSTSTORE_PASSWORD}
-resources.client-cert={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12
-resources.client-cert-password=${KEYSTORE_PASSWORD}
\ No newline at end of file
+resources.trust-store=tomcat_keystore
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-ssl.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application-ssl.properties
similarity index 66%
rename from kubernetes/aai/components/aai-sparky-be/resources/config/application/application-ssl.properties
rename to kubernetes/aai/components/aai-sparky-be/resources/config/application-ssl.properties
index 073e9d3..26565bb 100644
--- a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-ssl.properties
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application-ssl.properties
@@ -15,8 +15,8 @@
*/}}
server.port=8000
-server.ssl.key-store=file:{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12
-server.ssl.key-store-password=${KEYSTORE_PASSWORD}
+server.ssl.key-store=file:${CONFIG_HOME}/auth/org.onap.aai.p12
+server.ssl.key-store-password=OBF:1cqc1l4h1qhu1j751p3j1kmy1ncw1o6g1hf418571g7i1d9r1dan1ga8185f1hfy1o461ncu1kjo1p671j7x1qjg1l8t1cne
server.ssl.enabled-protocols=TLSv1.1,TLSv1.2
-server.ssl.trust-store=file:{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks
-server.ssl.trust-store-password=${KEYSTORE_PASSWORD}
+server.ssl.trust-store=file:${CONFIG_HOME}/auth/truststoreONAPall.jks
+server.ssl.trust-store-password=OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application-sync.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application-sync.properties
similarity index 100%
rename from kubernetes/aai/components/aai-sparky-be/resources/config/application/application-sync.properties
rename to kubernetes/aai/components/aai-sparky-be/resources/config/application-sync.properties
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/application.properties
similarity index 76%
rename from kubernetes/aai/components/aai-sparky-be/resources/config/application/application.properties
rename to kubernetes/aai/components/aai-sparky-be/resources/config/application.properties
index a9e5908..1ae00d9 100644
--- a/kubernetes/aai/components/aai-sparky-be/resources/config/application/application.properties
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/application.properties
@@ -27,11 +27,11 @@
spring.profiles.active=camel,ssl,fe-prod,oxm-schema-prod,oxm-default,resources,portal,aai-proxy
portal.cadiFileLocation={{.Values.config.cadiFileLocation}}
+portal.cadiFileLocation={{.Values.config.cadiFileLocation}}
searchservice.hostname={{.Values.global.searchData.serviceName}}
searchservice.port=9509
-searchservice.client-cert={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12
-searchservice.client-cert-password=${KEYSTORE_PASSWORD}
-searchservice.truststore={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks
-searchservice.truststore-password=${TRUSTSTORE_PASSWORD}
+searchservice.client-cert=client-cert-onap.p12
+searchservice.client-cert-password=1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+searchservice.truststore=tomcat_keystore
schema.ingest.file=${CONFIG_HOME}/schemaIngest.properties
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/logback.xml b/kubernetes/aai/components/aai-sparky-be/resources/config/application/logback.xml
deleted file mode 100644
index cd5338f..0000000
--- a/kubernetes/aai/components/aai-sparky-be/resources/config/application/logback.xml
+++ /dev/null
@@ -1,187 +0,0 @@
-<configuration scan="true" scanPeriod="3 seconds" debug="false">
- <!--{{/*
- # Copyright © 2018 AT&T
- # Copyright © 2021 Orange
- #
- # Licensed under the Apache License, Version 2.0 (the "License");
- # you may not use this file except in compliance with the License.
- # You may obtain a copy of the License at
- #
- # http://www.apache.org/licenses/LICENSE-2.0
- #
- # Unless required by applicable law or agreed to in writing, software
- # distributed under the License is distributed on an "AS IS" BASIS,
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- # See the License for the specific language governing permissions and
- # limitations under the License.
- */}}-->
- <!--<jmxConfigurator /> -->
- <!-- directory path for all other type logs -->
-
- <property name="logDir" value="/var/log/onap" />
-
- <!-- <ECOMP-component-name>::= "MSO" | "DCAE" | "ASDC " | "AAI" |"Policy"
- | "SDNC" | "AC" -->
- <property name="componentName" value="AAI-UI"></property>
-
- <!-- default eelf log file names -->
- <property name="generalLogName" value="error" />
- <property name="metricsLogName" value="metrics" />
- <property name="auditLogName" value="audit" />
- <property name="debugLogName" value="debug" />
-
- <property name="errorLogPattern" value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{RequestId}|%thread|AAIUI|%mdc{PartnerName}|%logger|%.-5level|%msg%n" />
- <property name="auditMetricPattern" value="%m%n" />
-
- <property name="logDirectory" value="${logDir}/${componentName}" />
-
-
- <!-- Example evaluator filter applied against console appender -->
- <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
- <encoder>
- <pattern>${errorLogPattern}</pattern>
- </encoder>
- </appender>
-
- <!-- ============================================================================ -->
- <!-- EELF Appenders -->
- <!-- ============================================================================ -->
-
- <!-- The EELFAppender is used to record events to the general application
- log -->
-
- <appender name="EELF" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${generalLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip
-</fileNamePattern>
- <maxHistory>60</maxHistory>
- </rollingPolicy>
- <encoder>
- <pattern>${errorLogPattern}</pattern>
- </encoder>
- </appender>
- <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender">
- <!-- deny all events with a level below INFO, that is TRACE and DEBUG -->
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>INFO</level>
- </filter>
- <queueSize>256</queueSize>
- <appender-ref ref="EELF" />
- </appender>
-
-
- <!-- EELF Audit Appender. This appender is used to record audit engine related
- logging events. The audit logger and appender are specializations of the
- EELF application root logger and appender. This can be used to segregate
- Policy engine events from other components, or it can be eliminated to record
- these events as part of the application root log. -->
-
- <appender name="EELFAudit" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${auditLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip
-</fileNamePattern>
- <maxHistory>60</maxHistory>
- </rollingPolicy>
- <encoder>
- <pattern>${auditMetricPattern}</pattern>
- </encoder>
- </appender>
- <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="EELFAudit" />
- </appender>
-
- <appender name="EELFMetrics" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${metricsLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip
-</fileNamePattern>
- <maxHistory>60</maxHistory>
- </rollingPolicy>
- <encoder>
- <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n"</pattern> -->
- <pattern>${auditMetricPattern}</pattern>
- </encoder>
- </appender>
-
-
- <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="EELFMetrics" />
- </appender>
-
- <appender name="EELFDebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${debugLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip
-</fileNamePattern>
- <maxHistory>60</maxHistory>
- </rollingPolicy>
- <encoder>
- <pattern>${errorLogPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="EELFDebug" />
- <includeCallerData>false</includeCallerData>
- </appender>
-
- <!-- ============================================================================ -->
- <!-- EELF loggers -->
- <!-- ============================================================================ -->
- <logger name="com.att.eelf" level="info" additivity="false">
- <appender-ref ref="asyncEELF" />
- <appender-ref ref="asyncEELFDebug" />
- <appender-ref ref="STDOUT" />
- </logger>
-
- <logger name="com.att.eelf.audit" level="info" additivity="false">
- <appender-ref ref="asyncEELFAudit" />
- </logger>
- <logger name="com.att.eelf.metrics" level="info" additivity="false">
- <appender-ref ref="asyncEELFMetrics" />
- </logger>
-
- <!-- Spring related loggers -->
- <logger name="org.springframework" level="WARN" />
- <logger name="org.springframework.beans" level="WARN" />
- <logger name="org.springframework.web" level="WARN" />
- <logger name="com.blog.spring.jms" level="WARN" />
-
- <!-- Sparky loggers -->
- <logger name="org.onap" level="INFO">
- <appender-ref ref="STDOUT" />
- </logger>
-
- <!-- Other Loggers that may help troubleshoot -->
- <logger name="net.sf" level="WARN" />
- <logger name="org.apache.commons.httpclient" level="WARN" />
- <logger name="org.apache.commons" level="WARN" />
- <logger name="org.apache.coyote" level="WARN" />
- <logger name="org.apache.jasper" level="WARN" />
-
- <!-- Camel Related Loggers (including restlet/servlet/jaxrs/cxf logging.
- May aid in troubleshooting) -->
- <logger name="org.apache.camel" level="WARN" />
- <logger name="org.apache.cxf" level="WARN" />
- <logger name="org.apache.camel.processor.interceptor" level="WARN" />
- <logger name="org.apache.cxf.jaxrs.interceptor" level="WARN" />
- <logger name="org.apache.cxf.service" level="WARN" />
- <logger name="org.restlet" level="WARN" />
- <logger name="org.apache.camel.component.restlet" level="WARN" />
-
- <!-- logback internals logging -->
- <logger name="ch.qos.logback.classic" level="WARN" />
- <logger name="ch.qos.logback.core" level="WARN" />
-
- <root>
- <appender-ref ref="asyncEELF" />
- <appender-ref ref="STDOUT" />
- <!-- <appender-ref ref="asyncEELFDebug" /> -->
- </root>
-
-</configuration>
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/auth/client-cert-onap.p12 b/kubernetes/aai/components/aai-sparky-be/resources/config/auth/client-cert-onap.p12
new file mode 100644
index 0000000..aa4ae74
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/auth/client-cert-onap.p12
Binary files differ
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/auth/org.onap.aai.p12 b/kubernetes/aai/components/aai-sparky-be/resources/config/auth/org.onap.aai.p12
new file mode 100644
index 0000000..b2449c6
--- /dev/null
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/auth/org.onap.aai.p12
Binary files differ
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties
index 7a0fb82..2592e5c 100644
--- a/kubernetes/aai/components/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/portal/BOOT-INF/classes/portal.properties
@@ -46,4 +46,4 @@
ext_req_read_timeout=20000
#Add AAF namespace if the app is centralized
-auth_namespace={{ .Values.certInitializer.fqi_namespace }}
+auth_namespace={{.Values.config.aafNamespace}}
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/portal/cadi.properties b/kubernetes/aai/components/aai-sparky-be/resources/config/portal/cadi.properties
index baefd98..1f154b6 100644
--- a/kubernetes/aai/components/aai-sparky-be/resources/config/portal/cadi.properties
+++ b/kubernetes/aai/components/aai-sparky-be/resources/config/portal/cadi.properties
@@ -6,18 +6,14 @@
# AAF Environment Designation
#if you are running aaf service from a docker image you have to use aaf service IP and port number
-aaf_id={{ .Values.certInitializer.fqi }}
+aaf_id={{.Values.config.aafUsername}}
#Encrypt the password using AAF Jar
-aaf_password={{ .Values.certInitializer.aafDeployPass }}
+aaf_password={{.Values.config.aafPassword}}
# Sample CADI Properties, from CADI 1.4.2
#hostname=org.onap.aai.orr
csp_domain=PROD
# Add Absolute path to Keyfile
-cadi_keyfile={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.keyfile
-cadi_keystore={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12
-cadi_keystore_password=${KEYSTORE_PASSWORD}
-
-cadi_alias={{ .Values.certInitializer.fqi }}
+cadi_keyfile={{.Values.config.cadiKeyFile}}
# This is required to accept Certificate Authentication from Certman certificates.
# can be TEST, IST or PROD
@@ -27,9 +23,9 @@
cadi_loglevel=DEBUG
# Add Absolute path to truststore2018.jks
-cadi_truststore={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks
+cadi_truststore={{.Values.config.cadiTrustStore}}
# Note: This is the ONLY password that doesn't have to be encrypted. All Java's TrustStores are this passcode by default, because they are public certs
-cadi_truststore_password=${TRUSTSTORE_PASSWORD}
+cadi_truststore_password={{.Values.config.cadiTrustStorePassword}}
# how to turn on SSL Logging
#javax.net.debug=ssl
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/roles.config b/kubernetes/aai/components/aai-sparky-be/resources/config/roles.config
similarity index 100%
rename from kubernetes/aai/components/aai-sparky-be/resources/config/application/roles.config
rename to kubernetes/aai/components/aai-sparky-be/resources/config/roles.config
diff --git a/kubernetes/aai/components/aai-sparky-be/resources/config/application/users.config b/kubernetes/aai/components/aai-sparky-be/resources/config/users.config
similarity index 100%
rename from kubernetes/aai/components/aai-sparky-be/resources/config/application/users.config
rename to kubernetes/aai/components/aai-sparky-be/resources/config/users.config