AAF CADI updates to DMaaP Data Router
Change-Id: Ib2767848a40888f8dbd903541d7ee53241e20f5a
Issue-ID: DMAAP-1016
Signed-off-by: efiacor <fiachra.corcoran@est.tech>
diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties
new file mode 100644
index 0000000..90c4137
--- /dev/null
+++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties
@@ -0,0 +1,23 @@
+cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
+cadi_keyfile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.keyfile
+cadi_keystore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks
+cadi_keystore_password=]3V)($O&.Mv]W{f8^]6SxGNL
+cadi_key_password=]3V)($O&.Mv]W{f8^]6SxGNL
+cadi_alias=dmaap-dr-node@dmaap-dr.onap.org
+cadi_truststore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks
+cadi_truststore_password=(Rd,&{]%ePdp}4JZjqoJ2G+g
+
+aaf_env=DEV
+aaf_locate_url=https://aaf-onap-test.osaaf.org:8095
+aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect
+aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.1/token
+aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1
+cadi_protocols=TLSv1.1,TLSv1.2
+cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1
+fs_url=https://AAF_LOCATE_URL/AAF_NS.fs.2.1
+gui_url=https://AAF_LOCATE_URL/AAF_NS.gui.2.1
+
+cadi_latitude=53.423
+cadi_longitude=7.940
+
+cadi_loglevel=INFO
\ No newline at end of file
diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties
index 2046dbf..f2896cc 100644
--- a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties
+++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties
@@ -108,4 +108,22 @@
# The key used to generate passwords for node to node transfers
#
NodeAuthKey=Node123!
+#
+# DR_NODE DEFAULT ENABLED TLS PROTOCOLS
+NodeHttpsProtocols = TLSv1.1|TLSv1.2
+#
+# AAF type to generate permission string
+AAFType = org.onap.dmaap-dr.feed
+#
+# AAF default instance to generate permission string - default should be legacy
+AAFInstance = legacy
+#
+# AAF action to generate permission string - default should be publish
+AAFAction = publish
+#
+# AAF URL to connect to AAF server
+AafUrl = https://aaf-onap-test.osaaf.org:8095
+#
+# AAF CADI enabled flag
+CadiEnabled = false
diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/configmap.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/configmap.yaml
index cae0d71..a3882bc 100644
--- a/kubernetes/dmaap/components/dmaap-dr-node/templates/configmap.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/configmap.yaml
@@ -15,7 +15,7 @@
apiVersion: v1
kind: ConfigMap
metadata:
- name: {{ include "common.fullname" . }}-node-props-configmap
+ name: {{ include "common.fullname" . }}-configmap
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
@@ -23,7 +23,7 @@
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
data:
-{{ tpl (.Files.Glob "resources/config/node.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
---
apiVersion: v1
kind: ConfigMap
diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml
index 3e0e69e..ec31f3f 100644
--- a/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/statefulset.yaml
@@ -73,14 +73,17 @@
name: localtime
readOnly: false
- mountPath: /opt/app/datartr/etc/dedicatedFeed.json
+ name: {{ include "common.fullname" . }}-create-feed-config
subPath: dedicatedFeed.json
- name: create-feed
- mountPath: /opt/app/datartr/etc/createFeed.sh
+ name: {{ include "common.fullname" . }}-create-feed-config
subPath: createFeed.sh
- name: create-feed
- mountPath: /opt/app/datartr/etc/node.properties
+ name: {{ include "common.fullname" . }}-config
subPath: node.properties
- name: node-props
+ - mountPath: /opt/app/datartr/etc/drNodeCadi.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: drNodeCadi.properties
lifecycle:
postStart:
exec:
@@ -114,13 +117,23 @@
- name: localtime
hostPath:
path: /etc/localtime
- - name: create-feed
+ - name: {{ include "common.fullname" . }}-create-feed-config
configMap:
name: {{ include "common.fullname" . }}-create-feed-configmap
defaultMode: 0755
- - name: node-props
+ items:
+ - key: createFeed.sh
+ path: createFeed.sh
+ - key: dedicatedFeed.json
+ path: dedicatedFeed.json
+ - name: {{ include "common.fullname" . }}-config
configMap:
- name: {{ include "common.fullname" . }}-node-props-configmap
+ name: {{ include "common.fullname" . }}-configmap
+ items:
+ - key: node.properties
+ path: node.properties
+ - key: drNodeCadi.properties
+ path: drNodeCadi.properties
- name: {{ include "common.fullname" . }}-log-conf
configMap:
name: {{ include "common.fullname" . }}-log
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/drProvCadi.properties b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/drProvCadi.properties
new file mode 100644
index 0000000..6a87514
--- /dev/null
+++ b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/drProvCadi.properties
@@ -0,0 +1,23 @@
+cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
+cadi_keyfile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.keyfile
+cadi_keystore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks
+cadi_keystore_password=AT{];bvaDiytVD&oWhMZj0N5
+cadi_key_password=AT{];bvaDiytVD&oWhMZj0N5
+cadi_alias=dmaap-dr-prov@dmaap-dr.onap.org
+cadi_truststore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks
+cadi_truststore_password=ljlS@Y}0]{UO(TnwvEWkgJ%]
+
+aaf_env=DEV
+aaf_locate_url=https://aaf-onap-test.osaaf.org:8095
+aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect
+aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.1/token
+aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1
+cadi_protocols=TLSv1.1,TLSv1.2
+cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1
+fs_url=https://AAF_LOCATE_URL/AAF_NS.fs.2.1
+gui_url=https://AAF_LOCATE_URL/AAF_NS.gui.2.1
+
+cadi_latitude=53.423
+cadi_longitude=7.940
+
+cadi_loglevel=INFO
\ No newline at end of file
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties
index bb24d99..2b78b8e 100644
--- a/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties
+++ b/kubernetes/dmaap/components/dmaap-dr-prov/resources/config/provserver.properties
@@ -47,3 +47,20 @@
org.onap.dmaap.datarouter.db.url = jdbc:mariadb://{{.Values.config.dmaapDrDb.mariadbServiceName}}:{{.Values.config.dmaapDrDb.mariadbServicePort}}/datarouter
org.onap.dmaap.datarouter.db.login = datarouter
org.onap.dmaap.datarouter.db.password = datarouter
+
+# PROV - DEFAULT ENABLED TLS PROTOCOLS
+org.onap.dmaap.datarouter.provserver.https.include.protocols = TLSv1.1|TLSv1.2
+
+# AAF config
+org.onap.dmaap.datarouter.provserver.cadi.enabled = false
+
+org.onap.dmaap.datarouter.provserver.passwordencryption = PasswordEncryptionKey#@$%^&1234#
+org.onap.dmaap.datarouter.provserver.aaf.feed.type = org.onap.dmaap-dr.feed
+org.onap.dmaap.datarouter.provserver.aaf.sub.type = org.onap.dmaap-dr.sub
+org.onap.dmaap.datarouter.provserver.aaf.instance = legacy
+org.onap.dmaap.datarouter.provserver.aaf.action.publish = publish
+org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe
+
+# AAF URL to connect to AAF server
+org.onap.dmaap.datarouter.provserver.cadi.aaf.url = https://aaf-onap-test.osaaf.org:8095
+
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/configmap.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/configmap.yaml
index bd5886b..fe93cb0 100644
--- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/configmap.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/configmap.yaml
@@ -15,7 +15,7 @@
apiVersion: v1
kind: ConfigMap
metadata:
- name: {{ include "common.fullname" . }}-prov-props-configmap
+ name: {{ include "common.fullname" . }}-configmap
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
@@ -23,7 +23,7 @@
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
data:
-{{ tpl (.Files.Glob "resources/config/provserver.properties").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
---
apiVersion: v1
kind: ConfigMap
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml
index 573e90c..afd34d9 100644
--- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/deployment.yaml
@@ -69,10 +69,13 @@
name: localtime
readOnly: false
- mountPath: /opt/app/datartr/etc/provserver.properties
+ name: {{ include "common.fullname" . }}-config
subPath: provserver.properties
- name: prov-props
- - name: {{ include "common.fullname" . }}-logs
- mountPath: {{ .Values.global.loggingDirectory }}
+ - mountPath: /opt/app/datartr/etc/drProvCadi.properties
+ name: {{ include "common.fullname" . }}-config
+ subPath: drProvCadi.properties
+ - mountPath: {{ .Values.global.loggingDirectory }}
+ name: {{ include "common.fullname" . }}-logs
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
@@ -99,9 +102,14 @@
- name: localtime
hostPath:
path: /etc/localtime
- - name: prov-props
+ - name: {{ include "common.fullname" . }}-config
configMap:
- name: {{ include "common.fullname" . }}-prov-props-configmap
+ name: {{ include "common.fullname" . }}-configmap
+ items:
+ - key: provserver.properties
+ path: provserver.properties
+ - key: drProvCadi.properties
+ path: drProvCadi.properties
- name: {{ include "common.fullname" . }}-log-conf
configMap:
name: {{ include "common.fullname" . }}-log
diff --git a/kubernetes/dmaap/requirements.yaml b/kubernetes/dmaap/requirements.yaml
index cda78cf..3507bd8 100644
--- a/kubernetes/dmaap/requirements.yaml
+++ b/kubernetes/dmaap/requirements.yaml
@@ -24,7 +24,7 @@
- name: dmaap-bc
version: ~4.x-0
repository: 'file://components/dmaap-bc'
- condition: dmaap-bus-controller.enabled
+ condition: dmaap-bc.enabled
- name: dmaap-dr-node
version: ~4.x-0
repository: 'file://components/dmaap-dr-node'