Commit 5a4865d5 authored by Rustam Lotsmanenko (EPAM)'s avatar Rustam Lotsmanenko (EPAM)
Browse files

GONRG-1610 update README.md & change int tester from file to base64 string

parent 545ee6f3
......@@ -24,6 +24,7 @@ In order to run the service locally or remotely, you will need to have the follo
| `GCP_BACKUP_BUCKET` | ex `osdu-cicd-epam-backup-service` | Storage bucket for backups | no | https://console.cloud.google.com/storage |
| `GCP_PROJECT_ID` | ex `osdu-cicd-epam` | GCP project id | no | - |
| `GOOGLE_APPLICATION_CREDENTIALS` | ex `/path/to/directory/service-key.json` | Service account credentials, you only need this if running locally | yes | https://console.cloud.google.com/iam-admin/serviceaccounts |
| `SPRING_CLOUD_GCP_DATASTORE_NAMESPACE` | ex `opendes` | The namespace of the datastore to keep backup configurations | no | |
| `SPRING_CLOUD_GCP_SQL_DATABASENAME` | ex `postgres` | The name of the database to connect | yes | |
| `SPRING_CLOUD_GCP_SQL_INSTANCECONNECTIONNAME` | ex `xxx-xx-xxxx:us-central1:test-mysql` | Connection name | yes | |
| `GCP_SQL_BACKUP_KIND` | ex `sql#backupRun` | | yes | |
......@@ -117,25 +118,18 @@ cd provider/backup-gcp && mvn spring-boot:run
| name | value | description | sensitive? | source |
| --- | --- | --- | --- | --- |
| `BACKUP_SERVICE_HOST` | ex`http://localhost:8080/backup/v1` | Service endpoint | no | - |
| `BACKUP_SERVICE_HOST` | ex`http://localhost:8080` | Service endpoint | no | - |
| `DATA_PARTITION_ID` | `opendes` | OSDU tenant used for testing | no | - |
| `INTEGRATION_TESTER` | ex`/path/to/directory/service-key.json` | Service account .json for API calls. Note: this user must have entitlements configured already | yes | https://console.cloud.google.com/iam-admin/serviceaccounts |
| `NO_DATA_ACCESS_TESTER` | ex`/path/to/directory/service-key.json` | Service account .json without data access | yes | https://console.cloud.google.com/iam-admin/serviceaccounts |
| `GCP_DEPLOY_FILE` | ex`/path/to/directory/service-key.json` | Service account for test data tear down, must have cloud role configured | yes | https://console.cloud.google.com/iam-admin/serviceaccounts |
| `INTEGRATION_TESTER` | ex`ew0KIC***` | Service account for API calls as Base64 encoded string | yes | https://console.cloud.google.com/iam-admin/serviceaccounts |
| `INTEGRATION_TEST_AUDIENCE` | `****` | client application ID | yes | https://console.cloud.google.com/apis/credentials |
| `DATASTORE_NAMESPACE` | ex `opendes` | OSDU tenant used for testing | no | - |
**Entitlements configuration for integration accounts**
| INTEGRATION_TESTER | NO_DATA_ACCESS_TESTER |
| --- | --- |
| users<br/>service.backup| users |
**Cloud roles configuration for integration accounts**
| INTEGRATION_TESTER |
| --- |
| users<br/>service.backup.admin|
| GCP_DEPLOY_FILE|
| --- |
| Cloud Datastore Owner |
Execute following command to build code and run all the integration tests:
......
......@@ -2,12 +2,13 @@ server.servlet.contextPath=/api/backup/v1
server.port=8080
logging.level.org.springframework=INFO
logging.level.org.springframework.boot.autoconfigure=ERROR
logging.level.org.springframework.boot.autoconfigure=INFO
log.prefix=backup
#Core
osdu.entitlements.url=https://os-entitlements-gcp-jvmvia5dea-uc.a.run.app/entitlements/v1
osdu.entitlements.app-key=test
#Scheduler configuration
osdu.scheduler.tear-down-time-unit=hours
osdu.scheduler.tear-down-period=24
osdu.scheduler.backup-time-unit=hours
......@@ -17,8 +18,6 @@ osdu.scheduler.initial-delay=1
gcp.backup-bucket=osdu-cicd-epam-backup-service
gcp.project-id=osdu-cicd-epam
LOG_PREFIX=${log.prefix}
spring.cloud.gcp.datastore.namespace=opendes
spring.cloud.gcp.sql.databaseName=postgres
spring.cloud.gcp.sql.instanceConnectionName=osdu-cicd-epam:us-central1:test-postgre
......
......@@ -4,12 +4,11 @@ public class Config {
public static final String BACKUP_SERVICE_BASE_URL = "";
public static final String INTEGRATION_TESTER = "";
private static final String NO_DATA_ACCESS_TESTER = "";
public static final String DATA_PARTITION_ID = "";
public static String getBackupServiceBaseUrl() {
return getEnvironmentVariableOrDefaultValue("BACKUP_SERVICE_BASE_URL", BACKUP_SERVICE_BASE_URL);
return getEnvironmentVariableOrDefaultValue("BACKUP_SERVICE_HOST", BACKUP_SERVICE_BASE_URL);
}
public static String getIntegrationTester() {
......@@ -20,10 +19,6 @@ public class Config {
return getEnvironmentVariableOrDefaultValue("DATA_PARTITION_ID", DATA_PARTITION_ID);
}
public static String getNoAccessTester() {
return getEnvironmentVariableOrDefaultValue("NO_DATA_ACCESS_TESTER", NO_DATA_ACCESS_TESTER);
}
private static String getEnvironmentVariableOrDefaultValue(String key, String defaultValue) {
String environmentVariable = getEnvironmentVariable(key);
......
......@@ -34,12 +34,9 @@ import javax.ws.rs.core.MediaType;
public abstract class HttpClient {
protected static String accessToken;
protected static String noDataAccessToken;
public abstract String getAccessToken() throws IOException;
public abstract String getNoDataAccessToken() throws IOException;
public ClientResponse send(String path, String httpMethod, Map<String, String> headers)
throws Exception {
return send(path, httpMethod, headers, "");
......
......@@ -3,8 +3,6 @@ package org.opengroup.osdu.backup;
public class ConfigGCP {
private static final String INTEGRATION_TEST_AUDIENCE = "";
private static final String GCP_DEPLOY_FILE = "";
private static final String DATASTORE_NAMESPACE = "";
public static String getTargetAudience() {
return getEnvironmentVariableOrDefaultValue("INTEGRATION_TEST_AUDIENCE", INTEGRATION_TEST_AUDIENCE);
......
......@@ -14,13 +14,4 @@ public class HttpClientGCP extends HttpClient {
return "Bearer " + accessToken;
}
@Override
public String getNoDataAccessToken() throws IOException {
if (noDataAccessToken == null || noDataAccessToken.isEmpty()) {
noDataAccessToken = new GoogleServiceAccount(
Config.getNoAccessTester())
.getAuthToken(ConfigGCP.getTargetAudience());
}
return "Bearer " + noDataAccessToken;
}
}
......@@ -23,10 +23,11 @@ import com.google.gson.JsonParser;
import io.jsonwebtoken.JwtBuilder;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import java.io.FileInputStream;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.Base64;
import java.util.HashMap;
import java.util.Map;
import org.apache.http.HttpResponse;
......@@ -42,8 +43,12 @@ public class GoogleServiceAccount {
final ServiceAccountCredentials serviceAccount;
public GoogleServiceAccount(String serviceAccountJson) throws IOException {
try (InputStream inputStream = new FileInputStream(serviceAccountJson)) {
public GoogleServiceAccount(String serviceAccountEncoded) throws IOException {
this(Base64.getDecoder().decode(serviceAccountEncoded));
}
public GoogleServiceAccount(byte[] serviceAccountJson) throws IOException {
try (InputStream inputStream = new ByteArrayInputStream(serviceAccountJson)) {
this.serviceAccount = ServiceAccountCredentials.fromStream(inputStream);
}
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment