Code Review / oom.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
onap on kubernetes source files
[oom.git] / kubernetes / config / docker / init / src / config / message-router / dcae-startup-vm-message-router / docker_files / preconfigure-ecomp-keystopics.sh
1 #!/bin/bash
2
3 HOSTPORT="127.0.0.1:3904"
4 KEYDIR="."
5
6
7 # dictionary of API Keys and the tpics owned by each API key
8 declare -A topics
9 topics=( \
10 ["anonymous"]="APPC-CL APPC-TEST2 PDPD-CONFIGURATION POLICY-CL-MGT DCAE-CL-EVENT unauthenticated.SEC_MEASUREMENT_OUTPUT unauthenticated.TCA_EVENT_OUTPUT " \
11 ["apikey-SDC1"]="SDC-DISTR-NOTIF-TOPIC-SDC-OPENSOURCE-ENV1 SDC-DISTR-STATUS-TOPIC-SDC-OPENSOURCE-ENV1" \
12 ["apikey-APPC1"]="APPC-TEST1" \
13 ["apikey-PORTAL1"]="ECOMP-PORTAL-INBOX" \
14 ["apikey-PORTALAPP1"]="ECOMP-PORTAL-OUTBOX-APP1" \
15 ["apikey-PORTALDBC1"]="ECOMP-PORTAL-OUTBOX-DBC1" \
16 ["apikey-PORTALSDC1"]="ECOMP-PORTAL-OUTBOX-SDC1" \
17 ["apikey-PORTALVID1"]="ECOMP-PORTAL-OUTBOX-VID1" \
18 ["apikey-PORTALPOL1"]="ECOMP-PORTAL-OUTBOX-POL1" \
19 )
20
21 # dictionary of producers for each topic
22 declare -A acl_producers
23 acl_producers=(\
24 ["SDC-DISTR-NOTIF-TOPIC-SDC-OPENSOURCE-ENV1"]="apikey-sdc1" \
25 ["SDC-DISTR-STATUS-TOPIC-SDC-OPENSOURCE-ENV1"]="apikey-sdc1" \
26 ["ECOMP-PORTAL-INBOX"]="apikey-PORTALAPP1 apikey-PORTALDBC1 apikey-PORTALSDC1 apikey-PORTALVID1 apikey-PORTALPOL1" \
27 ["ECOMP-PORTAL-OUTBOX-APP1"]="apikey-PORTAL1" \
28 ["ECOMP-PORTAL-OUTBOX-DBC1"]="apikey-PORTAL1" \
29 ["ECOMP-PORTAL-OUTBOX-SDC1"]="apikey-PORTAL1" \
30 ["ECOMP-PORTAL-OUTBOX-VID1"]="apikey-PORTAL1" \
31 ["ECOMP-PORTAL-OUTBOX-POL1"]="apikey-PORTAL1" \
32 ["APPC-TEST1"]="apikey-APPC1" \
33 )
34
35 # dictionary of consumers for each topic
36 declare -A acl_consumers
37 acl_consumers=(\
38 ["SDC-DISTR-NOTIF-TOPIC-SDC-OPENSOURCE-ENV1"]="apikey-sdc1" \
39 ["SDC-DISTR-STATUS-TOPIC-SDC-OPENSOURCE-ENV1"]="apikey-sdc1" \
40 ["ECOMP-PORTAL-INBOX"]="apikey-PORTAL1" \
41 ["ECOMP-PORTAL-OUTBOX-APP1"]="apikey-PORTALAPP1" \
42 ["ECOMP-PORTAL-OUTBOX-DBC1"]="apikey-PORTALDBC1" \
43 ["ECOMP-PORTAL-OUTBOX-SDC1"]="apikey-PORTALSDC1" \
44 ["ECOMP-PORTAL-OUTBOX-VID1"]="apikey-PORTALVID1" \
45 ["ECOMP-PORTAL-OUTBOX-POL1"]="apikey-PORTALPOL1" \
46 ["APPC-TEST1"]="apikey-APPC1" \
47 )
48
49 myrun () {
50     CMD="$1"
51     echo "CMD:[$CMD]"
52     eval $CMD
53 }
54
55 getowner () {
56     local -n outowner=$2
57     target_topic="$1"
58     echo "look for owner for $target_topic"
59     for o in "${!topics[@]}"; do 
60         keytopics=${topics[$o]}
61         for topic in ${keytopics}; do
62             if [ "$topic" == "-" ]; then
63                 continue
64             fi
65             if [ "$topic" == "$target_topic" ]; then
66                 echo "found owner $o"
67                 outowner=$o
68                 return
69             fi
70         done
71     done
72 }
73
74 add_acl () {
75     acl_group="$1"
76     topic="$2"
77     client="$3"
78     echo " adding $client to group $acl_group for topic $2"
79
80     getowner "$topic" owner
81     echo "==owner for $topic is $owner"
82
83
84     if [ -z "$owner" ]; then
85         echo "No owner API key found for topic $topic"
86         #exit
87     fi
88     OWNER_API_KEYFILE="${KEYDIR}/${owner}.key"
89     if [ ! -e $API_KEYFILE ]; then
90         echo "No API key file $OWNER_API_KEYFILE for owner $owner of topic $topic, exit "
91         #exit
92     fi 
93
94     CLIENT_API_KEYFILE="${KEYDIR}/${client}.key"
95     if [ ! -e $CLIENT_API_KEYFILE ]; then
96         echo "No API key file $CLIENT_API_KEYFILE for client $client, exit "
97         #exit
98     else
99         CLIENTKEY=`cat ${CLIENT_API_KEYFILE} |jq -r ".key"`
100         UEBAPIKEYSECRET=`cat ${OWNER_API_KEYFILE} |jq -r ".secret"`
101         UEBAPIKEYKEY=`cat ${OWNER_API_KEYFILE} |jq -r ".key"`
102         time=`date --iso-8601=seconds`
103         signature=$(echo -n "$time" | openssl sha1 -hmac $UEBAPIKEYSECRET -binary | openssl base64)
104         xAuth=$UEBAPIKEYKEY:$signature
105         xDate="$time"
106         CMD="curl -i -H \"Content-Type: application/json\"  -H \"X-CambriaAuth:$xAuth\"  -H \"X-CambriaDate:$xDate\" -X PUT http://${HOSTPORT}/topics/${topic}/${acl_group}/${CLIENTKEY}"
107         myrun "$CMD"
108     fi
109 }
110
111
112 for key in "${!topics[@]}"; do 
113     # try to create key if no such key exists
114     API_KEYFILE="${KEYDIR}/${key}.key"
115     if [ "$key" != "anonymous" ]; then
116         if [ -e ${API_KEYFILE} ]; then
117             echo "API key for $key already exists, no need to create new"
118         else
119             echo "generating API key $key"
120             echo '{"email":"no email","description":"API key for '$key'"}' > /tmp/input.txt
121
122             CMD="curl -s -o ${API_KEYFILE} -H \"Content-Type: application/json\" -X POST -d @/tmp/input.txt http://${HOSTPORT}/apiKeys/create"
123             myrun "$CMD"
124             echo "API key for $key has been created: "; cat ${API_KEYFILE}
125             echo "generating API key $key done"; echo
126         fi
127     fi
128
129     # create the topics for this key
130     keytopics=${topics[$key]}
131     for topic in ${keytopics}; do
132         if [ "$topic" == "-" ]; then
133             continue
134         fi
135         if [ "$key" == "anonymous" ]; then
136             echo "creating anonymous topic $topic"
137             CMD="curl  -H \"Content-Type:text/plain\" -X POST -d @/tmp/sample.txt http://${HOSTPORT}/events/${topic}"
138             myrun "$CMD"
139             echo "done creating anonymous topic $topic"; echo
140         else
141             echo "creating API key secured topic $topic for API key $key"
142             UEBAPIKEYSECRET=`cat ${API_KEYFILE} |jq -r ".secret"`
143             UEBAPIKEYKEY=`cat ${API_KEYFILE} |jq -r ".key"`
144             echo '{"topicName":"'${topic}'","topicDescription":"'$key' API Key secure topic","partitionCount":"1","replicationCount":"1","transactionEnabled":"true"}' > /tmp/topicname.txt
145             time=`date --iso-8601=seconds`
146             signature=$(echo -n "$time" | openssl sha1 -hmac $UEBAPIKEYSECRET -binary | openssl base64)
147             xAuth=$UEBAPIKEYKEY:$signature
148             xDate="$time"
149             CMD="curl -i -H \"Content-Type: application/json\"  -H \"X-CambriaAuth: $xAuth\"  -H \"X-CambriaDate: $xDate\" -X POST -d @/tmp/topicname.txt http://${HOSTPORT}/topics/create"
150             myrun "$CMD"
151             echo "done creating api key topic $topic"
152             echo
153         fi
154     done
155 done
156
157
158 echo 
159 echo "============ post loading state of topics ================="
160 CMD="curl http://${HOSTPORT}/topics"
161 myrun "$CMD"
162 for key in "${!topics[@]}"; do 
163     keytopics=${topics[$key]}
164     echo "---------- key: ${key} "
165     for topic in ${keytopics}; do
166         if [ "$topic" == "-" ]; then
167             continue
168         fi
169         CMD="curl http://${HOSTPORT}/topics/${topic}"
170         myrun "$CMD"
171         echo
172     done
173     echo "end of key: ${key} secured topics"
174 done
175
176
177 # adding publisher and subscriber ACL 
178 for topic in "${!acl_consumers[@]}"; do 
179     consumers=${acl_consumers[$topic]}
180     for consumer in ${consumers}; do
181         add_acl "consumers" "$topic" "$consumer"
182     done
183 done
184
185 for topic in "${!acl_producers[@]}"; do 
186     producers=${acl_producers[$topic]}
187     for producer in ${producers}; do
188         add_acl "producers" "$topic" "$producer"
189     done
190 done
191
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).