2 * ============LICENSE_START====================================
3 * DCAEGEN2-SERVICES-SDK
4 * =========================================================
5 * Copyright (C) 2019-2021 Nokia. All rights reserved.
6 * =========================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=====================================
21 package org.onap.dcaegen2.services.sdk.rest.services.cbs.client.model;
23 import org.immutables.value.Value;
24 import org.jetbrains.annotations.Nullable;
25 import org.onap.dcaegen2.services.sdk.rest.services.cbs.client.api.exceptions.CbsClientConfigurationException;
26 import org.onap.dcaegen2.services.sdk.security.ssl.ImmutableTrustStoreKeys;
27 import org.onap.dcaegen2.services.sdk.security.ssl.Passwords;
28 import org.onap.dcaegen2.services.sdk.security.ssl.SecurityKeysStore;
29 import org.onap.dcaegen2.services.sdk.security.ssl.TrustStoreKeys;
30 import org.slf4j.Logger;
31 import org.slf4j.LoggerFactory;
33 import java.nio.file.Files;
34 import java.nio.file.Paths;
35 import java.util.Optional;
38 * Immutable object which helps with construction of cloudRequestObject for specified Client. For usage take a look in
39 * CloudConfigurationClient.class
41 * @author <a href="mailto:przemyslaw.wasala@nokia.com">Przemysław Wąsala</a> on 11/16/18
42 * @version 1.0.0 can be passed to ReactiveCloudConfigurationProvider, can be constructed out of
43 * org.onap.dcaegen2.services.sdk library.
46 @Value.Immutable(prehash = true)
47 public interface CbsClientConfiguration {
48 Logger LOGGER = LoggerFactory.getLogger(CbsClientConfiguration.class);
50 String TRUST_JKS = "trust.jks";
51 String TRUST_PASS = "trust.pass";
52 Integer PORT_FOR_CBS_OVER_TLS = 10443;
55 * Name of environment variable containing path to the cacert.pem file.
57 String DCAE_CA_CERT_PATH = "DCAE_CA_CERTPATH";
60 * Name of environment variable containing Config Binding Service network hostname.
62 String ENV_CBS_HOSTNAME = "CONFIG_BINDING_SERVICE";
65 * Name of environment variable containing Config Binding Service network port.
67 String ENV_CBS_PORT = "CONFIG_BINDING_SERVICE_SERVICE_PORT";
70 * Name of environment variable containing current application name.
72 String ENV_APP_NAME = "HOSTNAME";
76 * Name of environment variable containing Consul host name.
78 * @deprecated CBS lookup in Consul service should not be needed,
79 * instead {@link #ENV_CBS_HOSTNAME} should be used directly.
82 String ENV_CONSUL_HOST = "CONSUL_HOST";
85 * Name of environment variable containing Config Binding Service <em>service name</em> as registered in Consul
88 * @deprecated CBS lookup in Consul service should not be needed,
89 * instead {@link #ENV_CBS_HOSTNAME} should be used directly.
92 String ENV_CBS_NAME = "CONFIG_BINDING_SERVICE";
110 default @Nullable TrustStoreKeys trustStoreKeys() {
116 default String consulHost() {
117 return "consul-server";
121 default Integer consulPort() {
126 default String cbsName() {
127 return "config-binding-service";
130 default String configMapFilePath() {
131 return "/app-config/application_config.yaml";
135 * Creates CbsClientConfiguration from system environment variables.
137 * @return an instance of CbsClientConfiguration
138 * @throws CbsClientConfigurationException when at least one of required parameters is missing
140 static CbsClientConfiguration fromEnvironment() {
141 String pathToCaCert = System.getenv(DCAE_CA_CERT_PATH);
143 ImmutableCbsClientConfiguration.Builder configBuilder = ImmutableCbsClientConfiguration.builder()
144 .hostname(getEnv(ENV_CBS_HOSTNAME))
145 .appName(getEnv(ENV_APP_NAME));
146 return Optional.ofNullable(pathToCaCert).filter(certPath -> !"".equals(certPath))
147 .map(certPath -> createSslHttpConfig(configBuilder, certPath))
148 .orElseGet(() -> createPlainHttpConfig(configBuilder));
151 static CbsClientConfiguration createPlainHttpConfig(ImmutableCbsClientConfiguration.Builder configBuilder) {
152 LOGGER.info("CBS client will use plain http protocol.");
155 .port(Integer.valueOf(getEnv(ENV_CBS_PORT)))
159 static CbsClientConfiguration createSslHttpConfig(ImmutableCbsClientConfiguration.Builder configBuilder,
160 String pathToCaCert) {
161 LOGGER.info("CBS client will use http over TLS.");
163 .trustStoreKeys(crateSecurityKeysFromEnvironment(createPathToJksFile(pathToCaCert)))
164 .port(PORT_FOR_CBS_OVER_TLS)
169 static TrustStoreKeys crateSecurityKeysFromEnvironment(String pathToCerts) {
170 LOGGER.info("Path to cert files: {}", pathToCerts + "/");
171 validateIfFilesExist(pathToCerts);
172 return ImmutableTrustStoreKeys.builder()
173 .trustStore(SecurityKeysStore.fromPath(Paths.get(pathToCerts + "/" + TRUST_JKS)))
174 .trustStorePassword(Passwords.fromPath(Paths.get(pathToCerts + "/" + TRUST_PASS)))
178 static String createPathToJksFile(String pathToCaCertPemFile) {
179 return pathToCaCertPemFile.substring(0, pathToCaCertPemFile.lastIndexOf("/"));
182 static String getEnv(String envName) {
183 String envValue = System.getenv(envName);
184 validateEnv(envName, envValue);
188 static void validateEnv(String envName, String envValue) {
189 if (envValue == null || "".equals(envValue)) {
190 throw new CbsClientConfigurationException("Cannot read " + envName + " from environment.");
194 static void validateIfFilesExist(String pathToFile) {
195 boolean areFilesExist = Files.exists(Paths.get(pathToFile + "/" + TRUST_JKS)) &&
196 Files.exists(Paths.get(pathToFile + "/" + TRUST_PASS));
198 if (!areFilesExist) {
199 throw new CbsClientConfigurationException("Required files do not exist in " + pathToFile + " directory.");