[AAI][BABEL] Remove Hardcoded certificates
Use Certinitializer in order to retrieve needed certificates.
Change ModelLoader also as it needs valid certificate to communicate
with Babel.
Issue-ID: OOM-2693
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I64b8ede24643f942dc99956030c202c50d41ad1e
diff --git a/kubernetes/aai/components/aai-babel/resources/config/application.properties b/kubernetes/aai/components/aai-babel/resources/config/application.properties
index 21ed6cd..6a3a74c 100644
--- a/kubernetes/aai/components/aai-babel/resources/config/application.properties
+++ b/kubernetes/aai/components/aai-babel/resources/config/application.properties
@@ -1,14 +1,33 @@
+{{/*
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+# Copyright © 2021 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
server.port=9516
{{ if ( include "common.needTLS" .) }}
-server.ssl.key-store=${CONFIG_HOME}/auth/tomcat_keystore
+server.ssl.key-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12
+server.ssl.key-store-password=${KEYSTORE_PASSWORD}
+server.ssl.trust-store={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks
+server.ssl.trust-store-password=${TRUSTSTORE_PASSWORD}
server.ssl.client-auth=need
+server.ssl.key-store-type=PKCS12
{{ else }}
security.require-ssl=false
server.ssl.enabled=false
{{ end }}
+spring.main.allow-bean-definition-overriding=true
server.servlet.context-path=/services/babel-service
-
logging.config=${CONFIG_HOME}/logback.xml
-
tosca.mappings.config=${CONFIG_HOME}/tosca-mappings.json
diff --git a/kubernetes/aai/components/aai-babel/resources/config/auth/tomcat_keystore b/kubernetes/aai/components/aai-babel/resources/config/auth/tomcat_keystore
deleted file mode 100644
index e1d24d9..0000000
--- a/kubernetes/aai/components/aai-babel/resources/config/auth/tomcat_keystore
+++ /dev/null
Binary files differ
diff --git a/kubernetes/aai/components/aai-babel/resources/config/logback.xml b/kubernetes/aai/components/aai-babel/resources/config/logback.xml
index c29da77..125731c 100644
--- a/kubernetes/aai/components/aai-babel/resources/config/logback.xml
+++ b/kubernetes/aai/components/aai-babel/resources/config/logback.xml
@@ -1,6 +1,7 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
# Copyright © 2018 Amdocs, Bell Canada, AT&T
+# Modifications Copyright © 2021 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -27,25 +28,20 @@
<property name="auditLogName" value="audit" />
<property name="debugLogName" value="debug" />
- <property name="errorLogPattern"
- value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{RequestId}|%thread|%mdc{ServiceName}|%mdc{PartnerName}|%mdc{TargetEntity}|%mdc{TargetServiceName}|%.-5level|%logger|%mdc{ClassName}|%msg%n" />
+ <property name="errorLogPattern" value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{RequestId}|%thread|%mdc{ServiceName}|%mdc{PartnerName}|%mdc{TargetEntity}|%mdc{TargetServiceName}|%.-5level|%logger|%mdc{ClassName}|%msg%n" />
- <property name="auditLogPattern"
- value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{BeginTimestamp}|%mdc{EndTimestamp}|%mdc{RequestId}|%mdc{ServiceInstanceId}|%thread|%mdc{ServerFQDN}|%mdc{ServiceName}|%mdc{PartnerName}|%mdc{StatusCode}|%mdc{ResponseCode}|%mdc{ResponseDescription}|%logger|%.-5level|||%mdc{ElapsedTime}|%mdc{RemoteHost}|%mdc{ClientAddress}|%mdc{ClassName}|||%msg%n" />
+ <property name="auditLogPattern" value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{BeginTimestamp}|%mdc{EndTimestamp}|%mdc{RequestId}|%mdc{ServiceInstanceId}|%thread|%mdc{ServerFQDN}|%mdc{ServiceName}|%mdc{PartnerName}|%mdc{StatusCode}|%mdc{ResponseCode}|%mdc{ResponseDescription}|%logger|%.-5level|||%mdc{ElapsedTime}|%mdc{RemoteHost}|%mdc{ClientAddress}|%mdc{ClassName}|||%msg%n" />
- <property name="metricsLogPattern"
- value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{BeginTimestamp}|%mdc{EndTimestamp}|%mdc{RequestId}|%mdc{ServiceInstanceId}|%thread|%mdc{ServerFQDN}|%mdc{ServiceName}|%mdc{PartnerName}|%mdc{TargetEntity}|%mdc{TargetServiceName}|%mdc{StatusCode}|%mdc{ResponseCode}|%mdc{ResponseDescription}|%logger|%.-5level|||%mdc{ElapsedTime}|%mdc{RemoteHost}|%mdc{ClientAddress}|%mdc{ClassName}|||%msg%n" />
+ <property name="metricsLogPattern" value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%mdc{BeginTimestamp}|%mdc{EndTimestamp}|%mdc{RequestId}|%mdc{ServiceInstanceId}|%thread|%mdc{ServerFQDN}|%mdc{ServiceName}|%mdc{PartnerName}|%mdc{TargetEntity}|%mdc{TargetServiceName}|%mdc{StatusCode}|%mdc{ResponseCode}|%mdc{ResponseDescription}|%logger|%.-5level|||%mdc{ElapsedTime}|%mdc{RemoteHost}|%mdc{ClientAddress}|%mdc{ClassName}|||%msg%n" />
<!-- ============================================================================ -->
<!-- EELF Appenders -->
<!-- ============================================================================ -->
- <appender name="EELF"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <appender name="EELF" class="ch.qos.logback.core.rolling.RollingFileAppender">
<file>${logDirectory}/${generalLogName}.log</file>
<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip
- </fileNamePattern>
+ <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip</fileNamePattern>
<maxHistory>60</maxHistory>
</rollingPolicy>
<encoder>
@@ -65,12 +61,10 @@
are specializations of the EELF application root logger and appender. This can be used to segregate Policy engine events
from other components, or it can be eliminated to record these events as part of the application root log. -->
- <appender name="EELFAudit"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <appender name="EELFAudit" class="ch.qos.logback.core.rolling.RollingFileAppender">
<file>${logDirectory}/${auditLogName}.log</file>
<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip
- </fileNamePattern>
+ <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip</fileNamePattern>
<maxHistory>60</maxHistory>
</rollingPolicy>
<encoder>
@@ -82,12 +76,10 @@
<appender-ref ref="EELFAudit" />
</appender>
- <appender name="EELFMetrics"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <appender name="EELFMetrics" class="ch.qos.logback.core.rolling.RollingFileAppender">
<file>${logDirectory}/${metricsLogName}.log</file>
<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip
- </fileNamePattern>
+ <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip</fileNamePattern>
<maxHistory>60</maxHistory>
</rollingPolicy>
<encoder>
@@ -100,14 +92,10 @@
<appender-ref ref="EELFMetrics" />
</appender>
- <appender name="EELFDebug"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>
- ${logDirectory}/${debugLogName}.log
- </file>
+ <appender name="EELFDebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${debugLogName}.log</file>
<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip
- </fileNamePattern>
+ <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip</fileNamePattern>
<maxHistory>60</maxHistory>
</rollingPolicy>
<encoder>
@@ -119,9 +107,7 @@
<!-- allow only events with a level below INFO, that is TRACE and DEBUG -->
<filter class="ch.qos.logback.core.filter.EvaluatorFilter">
<evaluator class="ch.qos.logback.classic.boolex.GEventEvaluator">
- <expression>
- e.level.toInt() < INFO.toInt()
- </expression>
+ <expression>e.level.toInt() < INFO.toInt()</expression>
</evaluator>
<OnMismatch>DENY</OnMismatch>
<OnMatch>NEUTRAL</OnMatch>
@@ -131,6 +117,15 @@
<includeCallerData>false</includeCallerData>
</appender>
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>${errorLogPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="AsyncSysOut" class="ch.qos.logback.classic.AsyncAppender">
+ <appender-ref ref="STDOUT" />
+ </appender>
+
<!-- ============================================================================ -->
<!-- Default / root appenders -->
<!-- This determines the logging level for 3rd party code -->
@@ -138,29 +133,34 @@
<root level="INFO">
<appender-ref ref="asyncEELF" />
- <appender-ref ref="asyncEELFDebug" />
-</root>
+ <appender-ref ref="asyncEELFDebug" />
+ <appender-ref ref="AsyncSysOut" />
+ </root>
<!-- ============================================================================ -->
<!-- EELF loggers -->
<!-- ============================================================================ -->
<logger name="com.att.eelf" level="INFO" additivity="false">
- <appender-ref ref="asyncEELF" />
-</logger>
+ <appender-ref ref="asyncEELF" />
+ <appender-ref ref="AsyncSysOut" />
+ </logger>
<!-- The level of this logger determines the contents of the debug log -->
<logger name="com.att.eelf.debug" level="INFO" additivity="false">
- <appender-ref ref="asyncEELFDebug" />
-</logger>
+ <appender-ref ref="asyncEELFDebug" />
+ <appender-ref ref="AsyncSysOut" />
+ </logger>
<logger name="com.att.eelf.audit" level="INFO" additivity="false">
- <appender-ref ref="asyncEELFAudit" />
-</logger>
+ <appender-ref ref="asyncEELFAudit" />
+ <appender-ref ref="AsyncSysOut" />
+ </logger>
<logger name="com.att.eelf.metrics" level="INFO" additivity="false">
- <appender-ref ref="asyncEELFMetrics" />
-</logger>
+ <appender-ref ref="asyncEELFMetrics" />
+ <appender-ref ref="AsyncSysOut" />
+ </logger>
<!-- ============================================================================ -->
<!-- Non-EELF loggers -->