Commit b57e8655 authored by Morris Estepa's avatar Morris Estepa
Browse files

Merge branch 'aws-integration-2' into 'master'

File collection fix for dataset service

See merge request !199
parents 19885063 b6790393
Pipeline #111137 passed with stages
in 23 minutes and 38 seconds
# Copyright © Amazon Web Services
# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
......
# Dataset Service
dataset-aws is a [Spring Boot](https://spring.io/projects/spring-boot) service that provides a set of APIs to allow an application or an user to fetch storage/retrieval instructions for various types of datasets.
dataset-aws is a [Spring Boot](https://spring.io/projects/spring-boot) service that provides a set of APIs to allow an application or an user to fetch storage/retrieval instructions for
various types of datasets.
## Running Locally
These instructions will get you a copy of the project up and running on your local machine for development and testing purposes.
### Prerequisites
Pre-requisites
* JDK 8 (https://docs.aws.amazon.com/corretto/latest/corretto-8-ug/downloads-list.html)
......@@ -14,31 +17,34 @@ Pre-requisites
* OSDU Instance deployed on AWS
### Service Configuration
In order to run the service locally or remotely, you will need to have the following environment variables defined.
| name | example value | required | description | sensitive? |
|--------------------------|------------------------------------------------|----------|--------------------------------------------------------------------------------------------|------------|
| `LOCAL_MODE` | `true` | yes | Set to 'true' to use env vars in place of the k8s variable resolver | no |
| `APPLICATION_PORT` | `8080` | yes | The port the service will be hosted on. | no |
| `AWS_REGION` | `us-east-1` | yes | The region where resources needed by the service are deployed | no |
| `AWS_ACCESS_KEY_ID` | `ASIAXXXXXXXXXXXXXX` | yes | The AWS Access Key for a user with access to Backend Resources required by the service | yes |
| `AWS_SECRET_ACCESS_KEY` | `super-secret-key==` | yes | The AWS Secret Key for a user with access to Backend Resources required by the service | yes |
| `AWS_SESSION_TOKEN` | `session-token-xxxxxxxxxx` | no | AWS Session token needed if using an SSO user session to authenticate | yes |
| `ENVIRONMENT` | `osdu-prefix` | yes | The Resource Prefix defined during deployment | no |
| `LOG_LEVEL` | `DEBUG` | yes | The Log Level severity to use (https://www.tutorialspoint.com/log4j/log4j_logging_levels.htm) | no |
| `SSL_ENABLED` | `false` | no | Set to 'false' to disable SSL for local development | no |
| `ENTITLEMENTS_BASE_URL` | `http://localhost:8081` or `https://some-hosted-url` | yes | Specify the base url for an entitlements service instance. Can be run locally or remotely | no |
| `SCHEMA_BASE_URL` | `http://localhost:8082` or `https://some-hosted-url` | yes | Specify the base url for a schema service instance. Can be run locally or remotely | no |
| `STORAGE_BASE_URL` | `http://localhost:8083` or `https://some-hosted-url` | yes | Specify the base url for a storage service instance. Can be run locally or remotely | no |
| `DISABLE_CACHE` | `true` | no | Set to true to disable caching to redis. Either set this or configure cache config env vars | no |
| `CACHE_CLUSTER_ENDPOINT` | `127.0.0.1` | no | Redis endpoint uri. Either set this or DISABLE_CACHE | no |
| `CACHE_CLUSTER_PORT` | `6379` | no | Redis port. Either set this or DISABLE_CACHE | no |
| `CACHE_CLUSTER_KEY` | `xxxxxx` | no | Redis auth key. Either set this or DISABLE_CACHE | no |
| name | example value | required | description | sensitive? |
|--------------------------|------------------------------------------------------|----------|-----------------------------------------------------------------------------------------------|------------|
| `LOCAL_MODE` | `true` | yes | Set to 'true' to use env vars in place of the k8s variable resolver | no |
| `APPLICATION_PORT` | `8080` | yes | The port the service will be hosted on. | no |
| `AWS_REGION` | `us-east-1` | yes | The region where resources needed by the service are deployed | no |
| `AWS_ACCESS_KEY_ID` | `ASIAXXXXXXXXXXXXXX` | yes | The AWS Access Key for a user with access to Backend Resources required by the service | yes |
| `AWS_SECRET_ACCESS_KEY` | `super-secret-key==` | yes | The AWS Secret Key for a user with access to Backend Resources required by the service | yes |
| `AWS_SESSION_TOKEN` | `session-token-xxxxxxxxxx` | no | AWS Session token needed if using an SSO user session to authenticate | yes |
| `ENVIRONMENT` | `osdu-prefix` | yes | The Resource Prefix defined during deployment | no |
| `LOG_LEVEL` | `DEBUG` | yes | The Log Level severity to use (https://www.tutorialspoint.com/log4j/log4j_logging_levels.htm) | no |
| `SSL_ENABLED` | `false` | no | Set to 'false' to disable SSL for local development | no |
| `ENTITLEMENTS_BASE_URL` | `http://localhost:8081` or `https://some-hosted-url` | yes | Specify the base url for an entitlements service instance. Can be run locally or remotely | no |
| `SCHEMA_BASE_URL` | `http://localhost:8082` or `https://some-hosted-url` | yes | Specify the base url for a schema service instance. Can be run locally or remotely | no |
| `STORAGE_BASE_URL` | `http://localhost:8083` or `https://some-hosted-url` | yes | Specify the base url for a storage service instance. Can be run locally or remotely | no |
| `DISABLE_CACHE` | `true` | no | Set to true to disable caching to redis. Either set this or configure cache config env vars | no |
| `CACHE_CLUSTER_ENDPOINT` | `127.0.0.1` | no | Redis endpoint uri. Either set this or DISABLE_CACHE | no |
| `CACHE_CLUSTER_PORT` | `6379` | no | Redis port. Either set this or DISABLE_CACHE | no |
| `CACHE_CLUSTER_KEY` | `xxxxxx` | no | Redis auth key. Either set this or DISABLE_CACHE | no |
### Run Locally
Check that maven is installed:
example:
```bash
$ mvn --version
Apache Maven 3.8.3 (ff8e977a158738155dc465c6a97ffaf31982d739)
......@@ -48,6 +54,7 @@ Java version: 1.8.0_312, vendor: Amazon.com Inc., runtime: /Library/Java/JavaVir
```
You may need to configure access to the remote maven repository that holds the OSDU dependencies. Copy one of the below files' content to your .m2 folder
* For development against the OSDU GitLab environment, leverage: `<REPO_ROOT>~/.mvn/community-maven.settings.xml`
* For development in an AWS Environment, leverage: `<REPO_ROOT>/provider/dataset-aws/maven/settings.xml`
......@@ -73,57 +80,57 @@ java -jar provider/dataset-aws/target/dataset-aws-*.*.*-SNAPSHOT-spring-boot.jar
```
## Testing
### Running Integration Tests
This section describes how to run OSDU Integration tests (testing/dataset-test-aws).
You will need to have the following environment variables defined.
| name | example value | description | sensitive? |
| --- | --- | --- | --- |
| `AWS_ACCESS_KEY_ID` | `ASIAXXXXXXXXXXXXXX` | The AWS Access Key for a user with access to Backend Resources required by the service | yes |
| `AWS_SECRET_ACCESS_KEY` | `super-secret-key==` | The AWS Secret Key for a user with access to Backend Resources required by the service | yes |
| `AWS_SESSION_TOKEN` | `session-token-xxxxxxxxx` | AWS Session token needed if using an SSO user session to authenticate | yes |
| `AWS_COGNITO_USER_POOL_ID` | `us-east-1_xxxxxxxx` | User Pool Id for the reference cognito | no |
| `AWS_COGNITO_CLIENT_ID` | `xxxxxxxxxxxx` | Client ID for the Auth Flow integrated with the Cognito User Pool | no |
| `AWS_COGNITO_AUTH_FLOW` | `USER_PASSWORD_AUTH` | Auth flow used by reference cognito deployment | no |
| `AWS_COGNITO_AUTH_PARAMS_USER` | `int-test-user@testing.com` | Int Test Username | no |
| `AWS_COGNITO_AUTH_PARAMS_USER_NO_ACCESS` | `no-access-user@testing.com` | Int Test No Access Username | no |
| `AWS_COGNITO_AUTH_PARAMS_PASSWORD` | `some-secure-password` | Int Test User/NoAccessUser Password | yes |
| `DATASET_URL` | `http://localhost:8080/api/dataset/v1/` | The url where the Dataset API is hosted | no |
| `STORAGE_URL` | `http://localhost:8081/api/storage/v2/` or `https://some-hosted-url/api/storage/v2/` | The url where the Storage API is hosted. Can be run locally or remotely | no |
| `LEGAL_URL` | `http://localhost:8082/api/legal/v1/` or `https://some-hosted-url/api/legal/v1/` | The url where the Legal API is hosted. Can be run locally or remotely | no |
| `DMS_BASE_URL` | `http://localhost:8083` or `https://some-hosted-url` | yes | Specify the base url for a DMS service instance. Can be run locally or remotely | no |
| `DOMAIN` | `example.com` | Domain used by ACL | no |
| `DEPLOY_ENV` | `empty` | Unused env var, set to 'empty'. | no |
| `TENANT_NAME` | `int-test-dataset` | Data Partition Id used by int tests | no |
| `SSM_ENABLED` | `true` | yes | Set to 'true' to use SSM to resolve config properties, otherwise use env vars | no |
**Creating a new user to use for integration tests**
```
aws cognito-idp admin-create-user --user-pool-id ${AWS_COGNITO_USER_POOL_ID} --username ${AWS_COGNITO_AUTH_PARAMS_USER} --user-attributes Name=email,Value=${AWS_COGNITO_AUTH_PARAMS_USER} Name=email_verified,Value=True --message-action SUPPRESS
### Running Integration Tests
This section describes how to run OSDU Integration tests (testing/dataset-test-aws).
You will need to have the following environment variables defined.
| name | example value | description | sensitive? |
|------------------------------------------|--------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------|---------------------------------------------------------------------------------|
| `AWS_ACCESS_KEY_ID` | `ASIAXXXXXXXXXXXXXX` | The AWS Access Key for a user with access to Backend Resources required by the service | yes |
| `AWS_SECRET_ACCESS_KEY` | `super-secret-key==` | The AWS Secret Key for a user with access to Backend Resources required by the service | yes |
| `AWS_SESSION_TOKEN` | `session-token-xxxxxxxxx` | AWS Session token needed if using an SSO user session to authenticate | yes |
| `AWS_COGNITO_USER_POOL_ID` | `us-east-1_xxxxxxxx` | User Pool Id for the reference cognito | no |
| `AWS_COGNITO_CLIENT_ID` | `xxxxxxxxxxxx` | Client ID for the Auth Flow integrated with the Cognito User Pool | no |
| `AWS_COGNITO_AUTH_FLOW` | `USER_PASSWORD_AUTH` | Auth flow used by reference cognito deployment | no |
| `AWS_COGNITO_AUTH_PARAMS_USER` | `int-test-user@testing.com` | Int Test Username | no |
| `AWS_COGNITO_AUTH_PARAMS_USER_NO_ACCESS` | `no-access-user@testing.com` | Int Test No Access Username | no |
| `AWS_COGNITO_AUTH_PARAMS_PASSWORD` | `some-secure-password` | Int Test User/NoAccessUser Password | yes |
| `DATASET_URL` | `http://localhost:8080/api/dataset/v1/` | The url where the Dataset API is hosted | no |
| `STORAGE_URL` | `http://localhost:8081/api/storage/v2/` or `https://some-hosted-url/api/storage/v2/` | The url where the Storage API is hosted. Can be run locally or remotely | no |
| `LEGAL_URL` | `http://localhost:8082/api/legal/v1/` or `https://some-hosted-url/api/legal/v1/` | The url where the Legal API is hosted. Can be run locally or remotely | no |
| `DMS_BASE_URL` | `http://localhost:8083` or `https://some-hosted-url` | yes | Specify the base url for a DMS service instance. Can be run locally or remotely | no |
| `DOMAIN` | `example.com` | Domain used by ACL | no |
| `DEPLOY_ENV` | `empty` | Unused env var, set to 'empty'. | no |
| `TENANT_NAME` | `int-test-dataset` | Data Partition Id used by int tests | no |
| `SSM_ENABLED` | `true` | yes | Set to 'true' to use SSM to resolve config properties, otherwise use env vars | no |
**Creating a new user to use for integration tests**
```bash
aws cognito-idp admin-create-user --user-pool-id ${AWS_COGNITO_USER_POOL_ID} --username ${AWS_COGNITO_AUTH_PARAMS_USER} --user-attributes Name=email,Value=${AWS_COGNITO_AUTH_PARAMS_USER} Name=email_verified,Value=True --message-action SUPPRESS
aws cognito-idp initiate-auth --auth-flow ${AWS_COGNITO_AUTH_FLOW} --client-id ${AWS_COGNITO_CLIENT_ID} --auth-parameters USERNAME=${AWS_COGNITO_AUTH_PARAMS_USER},PASSWORD=${AWS_COGNITO_AUTH_PARAMS_PASSWORD}
```
**Entitlements group configuration for integration accounts**
<br/>
In order to add user entitlements, run entitlements bootstrap scripts in the entitlements project
**Entitlements group configuration for integration accounts**
<br/>
In order to add user entitlements, run entitlements bootstrap scripts in the entitlements project
| AWS_COGNITO_AUTH_PARAMS_USER | AWS_COGNITO_AUTH_PARAMS_USER_NO_ACCESS |
|----| --- |
| service.entitlements.user | service.entitlements.user |
| service.dataset.admin | service.dataset.admin |
| service.dataset.editor |
| service.dataset.viewer |
| service.storage.admin |
| service.storage.creater |
| service.storage.viewer |
| service.legal.user |
| service.delivery.viewer |
Execute following command to build code and run all the integration tests:
|------------------------------|----------------------------------------|
| service.entitlements.user | service.entitlements.user |
| service.dataset.admin | service.dataset.admin |
| service.dataset.editor | |
| service.dataset.viewer | |
| service.storage.admin | |
| service.storage.creater | |
| service.storage.viewer | |
| service.legal.user | |
| service.delivery.viewer | |
Execute following command to build code and run all the integration tests:
### Run Tests Simulating Pipeline
......@@ -138,23 +145,24 @@ testing/dataset-test-aws/build-aws/run-tests.sh```
```
### Run Tests Using mvn
Set required env vars and execute the following:
```
```bash
mvn clean package -f testing/pom.xml -pl dataset-test-core,dataset-test-aws -DskipTests
mvn test -f testing/dataset-test-aws/pom.xml
```
## License
Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
[http://www.apache.org/licenses/LICENSE-2.0](http://www.apache.org/licenses/LICENSE-2.0)
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
......
# Copyright © 2021 Amazon Web Services
# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# https://docs.spring.io/spring-boot/docs/current/reference/html/deployment.html
FROM amazoncorretto:8
ARG JAR_FILE=provider/dataset-aws/target/*spring-boot.jar
......
# Copyright © 2021 Amazon Web Services
# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import argparse
import boto3
import json
import os
import argparse
# Create the build-info.json
parser = argparse.ArgumentParser(description="")
......@@ -24,25 +24,23 @@ parser = argparse.ArgumentParser(description="")
parser.add_argument("--branch", type=str, help="")
# env - CODEBUILD_RESOLVED_SOURCE_VERSION
parser.add_argument("--commit", type=str, help="")
parser.add_argument("--commit", type=str, help="")
# env - CODEBUILD_BUILD_ID
parser.add_argument("--buildid", type=str, help="")
parser.add_argument("--buildid", type=str, help="")
# env - CODEBUILD_BUILD_NUMBER
parser.add_argument("--buildnumber", type=str, help="")
parser.add_argument("--buildnumber", type=str, help="")
# Get from directory name
parser.add_argument("--reponame", type=str, help="")
parser.add_argument("--reponame", type=str, help="")
# env OUTPUT_DIR
parser.add_argument("--outdir", type=str, help="")
parser.add_argument("--outdir", type=str, help="")
# full ecr image and tag, and any other artifacts
parser.add_argument("--artifact", type=str, action="append", help="")
args = parser.parse_args()
branch = args.branch
......
# Copyright © 2021 Amazon Web Services
# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html
# https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-env-vars.html
version: 0.2
env:
......@@ -63,7 +63,7 @@ phases:
- printenv
- echo "Building primary service assemblies..."
- mvn -B test install sonar:sonar -pl .,dataset-core,provider/dataset-aws -Ddeployment.environment=prod -Dsonar.login=${SONAR_USERNAME} -Dsonar.password=${SONAR_PASSWORD} -Dsonar.branch.name=${BRANCH_NAME}
- mvn -B test install sonar:sonar -pl .,dataset-core,provider/dataset-aws -Ddeployment.environment=prod -Dsonar.login=${SONAR_USERNAME} -Dsonar.password=${SONAR_PASSWORD} -Dsonar.branch.name=${BRANCH_NAME}
# Suspended until further notice
# - echo "Copying assemblies to dist..."
......
# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
if [ -n $USE_SELF_SIGNED_SSL_CERT ]; then
export SSL_KEY_PASSWORD=$RANDOM$RANDOM$RANDOM
export SSL_KEY_STORE_PASSWORD=$SSL_KEY_PASSWORD
export SSL_KEY_STORE_DIR=/tmp/certs
export SSL_KEY_STORE_NAME=osduonaws.p12
export SSL_KEY_STORE_PATH=$SSL_KEY_STORE_DIR/$SSL_KEY_STORE_NAME
export SSL_KEY_ALIAS=osduonaws
if [ -n $USE_SELF_SIGNED_SSL_CERT ];
then
export SSL_KEY_PASSWORD=$RANDOM$RANDOM$RANDOM;
export SSL_KEY_STORE_PASSWORD=$SSL_KEY_PASSWORD;
export SSL_KEY_STORE_DIR=/tmp/certs;
export SSL_KEY_STORE_NAME=osduonaws.p12;
export SSL_KEY_STORE_PATH=$SSL_KEY_STORE_DIR/$SSL_KEY_STORE_NAME;
export SSL_KEY_ALIAS=osduonaws;
./ssl.sh;
./ssl.sh
fi
java $JAVA_OPTS -jar /app.jar
\ No newline at end of file
java $JAVA_OPTS -jar /app.jar
# Copyright © 2021 Amazon Web Services
# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#!/usr/bin/env bash
......@@ -25,10 +25,9 @@
# fi
if [ -n $USE_SELF_SIGNED_SSL_CERT ];
then
mkdir -p $SSL_KEY_STORE_DIR
pushd $SSL_KEY_STORE_DIR
keytool -genkeypair -alias $SSL_KEY_ALIAS -keyalg RSA -keysize 2048 -storetype PKCS12 -keystore $SSL_KEY_STORE_NAME -validity 3650 -keypass $SSL_KEY_PASSWORD -storepass $SSL_KEY_PASSWORD -dname "CN=localhost, OU=AWS, O=Energy, L=Houston, ST=TX, C=US"
popd
if [ -n $USE_SELF_SIGNED_SSL_CERT ]; then
mkdir -p $SSL_KEY_STORE_DIR
pushd $SSL_KEY_STORE_DIR
keytool -genkeypair -alias $SSL_KEY_ALIAS -keyalg RSA -keysize 2048 -storetype PKCS12 -keystore $SSL_KEY_STORE_NAME -validity 3650 -keypass $SSL_KEY_PASSWORD -storepass $SSL_KEY_PASSWORD -dname "CN=localhost, OU=AWS, O=Energy, L=Houston, ST=TX, C=US"
popd
fi
<?xml version="1.0" encoding="UTF-8"?>
<!--
Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
......@@ -17,8 +17,8 @@ limitations under the License.
-->
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
<profiles>
<profile>
......
<?xml version="1.0" encoding="UTF-8"?>
<!--
Copyright © 2021 Amazon Web Services
Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
......@@ -16,7 +16,8 @@
limitations under the License.
-->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>os-dataset</artifactId>
......@@ -35,6 +36,7 @@
<aws.version>1.11.1018</aws.version>
<deployment.environment>dev</deployment.environment>
<version.number>0.15.0-SNAPSHOT</version.number>
<jackson-annotations.version>2.13.2</jackson-annotations.version>
</properties>
<dependencyManagement>
......@@ -122,6 +124,11 @@
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
<version>${jackson-annotations.version}</version>
</dependency>
<!-- Testing packages -->
<dependency>
......
// Copyright © 2021 Amazon Web Services
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
......@@ -12,7 +12,7 @@
// See the License for the specific language governing permissions and
// limitations under the License.
package org.opengroup.osdu.dataset.provider.aws.security;
package org.opengroup.osdu.dataset.provider.aws.api;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
......@@ -22,6 +22,7 @@ import org.springframework.web.bind.annotation.ResponseBody;
@Controller
public class WhoamiController {
@RequestMapping(value = "/whoami")
@ResponseBody
public String whoami() {
......@@ -32,7 +33,7 @@ public class WhoamiController {
String details = String.valueOf(auth.getPrincipal());
return "user: " + userName + "<BR>" +
"roles: " + roles + "<BR>" +
"details: " + details + "<BR>";
"roles: " + roles + "<BR>" +
"details: " + details + "<BR>";
}
}
// Copyright © 2021 Amazon Web Services
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
......@@ -19,28 +19,24 @@ import org.opengroup.osdu.core.aws.cache.DummyCache;
import org.opengroup.osdu.core.aws.ssm.K8sLocalParameterProvider;
import org.opengroup.osdu.core.aws.ssm.K8sParameterNotFoundException;
import org.opengroup.osdu.core.common.cache.ICache;
import org.opengroup.osdu.core.common.cache.RedisCache;
import org.opengroup.osdu.core.common.cache.VmCache;
import org.opengroup.osdu.core.common.model.http.DpsHeaders;
import org.opengroup.osdu.core.common.cache.RedisCache;
import org.opengroup.osdu.core.common.util.Crc32c;
import org.opengroup.osdu.dataset.provider.aws.config.ProviderConfigurationBag;
import org.opengroup.osdu.dataset.provider.aws.model.DmsRegistrations;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import java.util.Map;
@Component("DmsRegistrationCache")
public class DmsRegistrationCache implements ICache<String, DmsRegistrations> {
@Value("${aws.elasticache.cluster.endpoint:null}")
String REDIS_SEARCH_HOST;
@Value("${aws.elasticache.cluster.port:null}")
String REDIS_SEARCH_PORT;
@Value("${aws.elasticache.cluster.key:null}")
String REDIS_SEARCH_KEY;
private ICache cache;
public DmsRegistrationCache() throws K8sParameterNotFoundException, JsonProcessingException {
@Autowired
public DmsRegistrationCache(ProviderConfigurationBag providerConfigurationBag) throws K8sParameterNotFoundException, JsonProcessingException {
K8sLocalParameterProvider provider = new K8sLocalParameterProvider();
if (provider.getLocalMode()) {
if (Boolean.parseBoolean(System.getenv("DISABLE_CACHE"))) {
......@@ -48,22 +44,18 @@ public class DmsRegistrationCache implements ICache<String, DmsRegistrations> {
}
this.cache = new VmCache<>(60, 10);
} else {
String host = provider.getParameterAsStringOrDefault("CACHE_CLUSTER_ENDPOINT", REDIS_SEARCH_HOST);
int port = Integer.parseInt(provider.getParameterAsStringOrDefault("CACHE_CLUSTER_PORT", REDIS_SEARCH_PORT));
String host = provider.getParameterAsStringOrDefault("CACHE_CLUSTER_ENDPOINT", providerConfigurationBag.redisSearchHost);
int port = Integer.parseInt(provider.getParameterAsStringOrDefault("CACHE_CLUSTER_PORT", providerConfigurationBag.redisSearchPort));
Map<String, String> credential = provider.getCredentialsAsMap("CACHE_CLUSTER_KEY");
String password;
if (credential != null) {
password = credential.get("token");
} else {
password = REDIS_SEARCH_KEY;
}
String password = credential != null ? credential.get("token") : providerConfigurationBag.redisSearchKey;
this.cache = new RedisCache(host, port, password, 60, String.class, DmsRegistrations.class);
}
}
public static String getCacheKey(DpsHeaders headers) {
String key = String.format("dms-registration:%s:%s", headers.getPartitionIdWithFallbackToAccountId(),
headers.getAuthorization());
headers.getAuthorization());
return Crc32c.hashToBase64EncodedString(key);
}
......