Skip to content
Snippets Groups Projects
Commit 04f4d0e7 authored by Riabokon Stanislav(EPAM)[GCP]'s avatar Riabokon Stanislav(EPAM)[GCP]
Browse files

Merge branch 'delete-audience' into 'master' 

Removed audience property (GONRG-6243)

See merge request !460
parents e87903f8 888a55db
No related branches found
No related tags found
1 merge request!460Removed audience property (GONRG-6243)
Pipeline #160135 failed
Stage: build
Stage: coverage
Stage: containerize
Stage: scan
Stage: deploy
Stage: integration
Stage: publish
Hide whitespace changes
Inline Side-by-side
Showing
with 16 additions and 39 deletions
devops/gc/configmap/README.md
+ 0
6
View file @ 04f4d0e7
...@@ -41,12 +41,6 @@ First you need to set variables in **values.yaml** file using any code editor. S ...@@ -41,12 +41,6 @@ First you need to set variables in **values.yaml** file using any code editor. S
**springProfilesActive** | active spring profile | string | gcp | yes **springProfilesActive** | active spring profile | string | gcp | yes
**storageHost** | storage host | string | "http://storage" | yes **storageHost** | storage host | string | "http://storage" | yes
### Google Cloud variables
| Name | Description | Type | Default |Required |
|------|-------------|------|---------|---------|
**googleAudiences** | your Google Cloud client ID | string | - | yes
### Config variables ### Config variables
| Name | Description | Type | Default |Required | | Name | Description | Type | Default |Required |
......
devops/gc/configmap/templates/variables.yaml
+ 0
3
View file @ 04f4d0e7
...@@ -16,6 +16,3 @@ data: ...@@ -16,6 +16,3 @@ data:
SECURITY_HTTPS_CERTIFICATE_TRUST: "{{ .Values.data.securityHttpsCertificateTrust }}" SECURITY_HTTPS_CERTIFICATE_TRUST: "{{ .Values.data.securityHttpsCertificateTrust }}"
SPRING_PROFILES_ACTIVE: "{{ .Values.data.springProfilesActive }}" SPRING_PROFILES_ACTIVE: "{{ .Values.data.springProfilesActive }}"
STORAGE_HOST: "{{ .Values.data.storageHost }}" STORAGE_HOST: "{{ .Values.data.storageHost }}"
{{- if not .Values.conf.onPremEnabled }}
GOOGLE_AUDIENCES: "{{ .Values.data.googleAudiences }}"
{{- end }}
devops/gc/configmap/values.yaml
+ 0
2
View file @ 04f4d0e7
...@@ -14,8 +14,6 @@ data: ...@@ -14,8 +14,6 @@ data:
securityHttpsCertificateTrust: "true" securityHttpsCertificateTrust: "true"
springProfilesActive: "gcp" springProfilesActive: "gcp"
storageHost: "http://storage" storageHost: "http://storage"
# Google Cloud
googleAudiences: ""
conf: conf:
appName: "indexer" appName: "indexer"
configmap: "indexer-config" configmap: "indexer-config"
......
indexer-core/src/main/java/org/opengroup/osdu/indexer/config/IndexerConfigurationProperties.java
+ 0
1
View file @ 04f4d0e7
...@@ -67,7 +67,6 @@ public class IndexerConfigurationProperties { ...@@ -67,7 +67,6 @@ public class IndexerConfigurationProperties {
private String gaeVersion; private String gaeVersion;
private String googleCloudProject; private String googleCloudProject;
private String googleCloudProjectRegion; private String googleCloudProjectRegion;
private String googleAudiences;
public DeploymentEnvironment getDeploymentEnvironment(){ public DeploymentEnvironment getDeploymentEnvironment(){
return DeploymentEnvironment.valueOf(deploymentEnvironment); return DeploymentEnvironment.valueOf(deploymentEnvironment);
......
provider/indexer-gc/docs/gc/README.md
+ 14
16
View file @ 04f4d0e7
...@@ -8,7 +8,6 @@ Must have: ...@@ -8,7 +8,6 @@ Must have:
| name | value | description | sensitive? | source | | name | value | description | sensitive? | source |
|----------------------------------------------|---------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------|---------------------------------------------------| |----------------------------------------------|---------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------|---------------------------------------------------|
| `GOOGLE_AUDIENCES` | ex `*****.apps.googleusercontent.com` | Client ID for getting access to cloud resources | yes | <https://console.cloud.google.com/apis/credentials> |
| `SPRING_PROFILES_ACTIVE` | ex `gcp` | Spring profile that activate default configuration for Google Cloud environment | false | - | | `SPRING_PROFILES_ACTIVE` | ex `gcp` | Spring profile that activate default configuration for Google Cloud environment | false | - |
| `<ELASTICSEARCH_USER_ENV_VARIABLE_NAME>` | ex `user` | Elasticsearch user, name of that variable not defined at the service level, the name will be received through partition service. Each tenant can have it's own ENV name value, and it must be present in ENV of Indexer service, see [Partition properties set](#Properties-set-in-Partition-service) | yes | - | | `<ELASTICSEARCH_USER_ENV_VARIABLE_NAME>` | ex `user` | Elasticsearch user, name of that variable not defined at the service level, the name will be received through partition service. Each tenant can have it's own ENV name value, and it must be present in ENV of Indexer service, see [Partition properties set](#Properties-set-in-Partition-service) | yes | - |
| `<ELASTICSEARCH_PASSWORD_ENV_VARIABLE_NAME>` | ex `password` | Elasticsearch password, name of that variable not defined at the service level, the name will be received through partition service. Each tenant can have it's own ENV name value, and it must be present in ENV of Indexer service, see [Partition properties set](#Properties-set-in-Partition-service) | false | - | | `<ELASTICSEARCH_PASSWORD_ENV_VARIABLE_NAME>` | ex `password` | Elasticsearch password, name of that variable not defined at the service level, the name will be received through partition service. Each tenant can have it's own ENV name value, and it must be present in ENV of Indexer service, see [Partition properties set](#Properties-set-in-Partition-service) | false | - |
...@@ -132,24 +131,23 @@ TBD ...@@ -132,24 +131,23 @@ TBD
You will need to have the following environment variables defined. You will need to have the following environment variables defined.
| name | value | description | sensitive? | source | | name | value | description | sensitive? | source |
|-------------------------------------|-----------------------------------------------------------------|---------------------------------------------------------------------------------------------------|------------|------------------------------------------------------------| |-------------------------------------|----------------------------------------------------------------|---------------------------------------------------------------------------------------------------|------------|------------------------------------------------------------|
| `ELASTIC_PASSWORD` | `********` | Password for Elasticsearch | yes | output of infrastructure deployment | | `ELASTIC_PASSWORD` | `********` | Password for Elasticsearch | yes | output of infrastructure deployment |
| `ELASTIC_USER_NAME` | `********` | User name for Elasticsearch | yes | output of infrastructure deployment | | `ELASTIC_USER_NAME` | `********` | User name for Elasticsearch | yes | output of infrastructure deployment |
| `ELASTIC_HOST` | ex `elastic.domain.com` | Host Elasticsearch | yes | output of infrastructure deployment | | `ELASTIC_HOST` | ex `elastic.domain.com` | Host Elasticsearch | yes | output of infrastructure deployment |
| `ELASTIC_PORT` | ex `9243` | Port Elasticsearch | yes | output of infrastructure deployment | | `ELASTIC_PORT` | ex `9243` | Port Elasticsearch | yes | output of infrastructure deployment |
| `GCLOUD_PROJECT` | ex `opendes` | Google Cloud Project Id | no | output of infrastructure deployment | | `GCLOUD_PROJECT` | ex `opendes` | Google Cloud Project Id | no | output of infrastructure deployment |
| `INDEXER_HOST` | ex `https://os-indexer-dot-opendes.appspot.com/api/indexer/v2/` | Indexer API endpoint | no | output of infrastructure deployment | | `INDEXER_HOST` | ex `https://os-indexer-dot-opendes.appspot.com/api/indexer/v2/` | Indexer API endpoint | no | output of infrastructure deployment |
| `ENTITLEMENTS_DOMAIN` | ex `opendes-gc.projects.com` | OSDU R2 to run tests under | no | - | | `ENTITLEMENTS_DOMAIN` | ex `opendes-gc.projects.com` | OSDU R2 to run tests under | no | - |
| `INTEGRATION_TEST_AUDIENCE` | `********` | client application ID | yes | <https://console.cloud.google.com/apis/credentials> | | `OTHER_RELEVANT_DATA_COUNTRIES` | ex `US` | valid legal tag with a other relevant data countries | no | - |
| `OTHER_RELEVANT_DATA_COUNTRIES` | ex `US` | valid legal tag with a other relevant data countries | no | - | | `LEGAL_TAG` | ex `opendes-demo-legaltag` | valid legal tag with a other relevant data countries from `DEFAULT_OTHER_RELEVANT_DATA_COUNTRIES` | no | - |
| `LEGAL_TAG` | ex `opendes-demo-legaltag` | valid legal tag with a other relevant data countries from `DEFAULT_OTHER_RELEVANT_DATA_COUNTRIES` | no | - | | `DEFAULT_DATA_PARTITION_ID_TENANT1` | ex `opendes` | HTTP Header 'Data-Partition-ID' | no | - |
| `DEFAULT_DATA_PARTITION_ID_TENANT1` | ex `opendes` | HTTP Header 'Data-Partition-ID' | no | - | | `DEFAULT_DATA_PARTITION_ID_TENANT2` | ex `opendes` | HTTP Header 'Data-Partition-ID' | no | - |
| `DEFAULT_DATA_PARTITION_ID_TENANT2` | ex `opendes` | HTTP Header 'Data-Partition-ID' | no | - |
| `SEARCH_INTEGRATION_TESTER` | `********` | Service account for API calls. Note: this user must have entitlements configured already | yes | <https://console.cloud.google.com/iam-admin/serviceaccounts> | | `SEARCH_INTEGRATION_TESTER` | `********` | Service account for API calls. Note: this user must have entitlements configured already | yes | <https://console.cloud.google.com/iam-admin/serviceaccounts> |
| `SEARCH_HOST` | ex `http://localhost:8080/api/search/v2/` | Endpoint of search service | no | - | | `SEARCH_HOST` | ex `http://localhost:8080/api/search/v2/` | Endpoint of search service | no | - |
| `STORAGE_HOST` | ex `http://os-storage-dot-opendes.appspot.com/api/storage/v2/` | Storage API endpoint | no | output of infrastructure deployment | | `STORAGE_HOST` | ex `http://os-storage-dot-opendes.appspot.com/api/storage/v2/` | Storage API endpoint | no | output of infrastructure deployment |
| `SECURITY_HTTPS_CERTIFICATE_TRUST` | ex `false` | Elastic client connection uses TrustSelfSignedStrategy(), if it is 'true' | false | output of infrastructure deployment | | `SECURITY_HTTPS_CERTIFICATE_TRUST` | ex `false` | Elastic client connection uses TrustSelfSignedStrategy(), if it is 'true' | false | output of infrastructure deployment |
**Entitlements configuration for integration accounts** **Entitlements configuration for integration accounts**
......
provider/indexer-gc/pom.xml
+ 1
1
View file @ 04f4d0e7
...@@ -19,7 +19,7 @@ ...@@ -19,7 +19,7 @@
<dependency> <dependency>
<groupId>org.opengroup.osdu</groupId> <groupId>org.opengroup.osdu</groupId>
<artifactId>core-lib-gcp</artifactId> <artifactId>core-lib-gcp</artifactId>
<version>0.19.0-rc2</version> <version>0.19.0-rc3</version>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.opengroup.osdu.indexer</groupId> <groupId>org.opengroup.osdu.indexer</groupId>
......
testing/indexer-test-core/src/main/java/org/opengroup/osdu/util/Config.java
+ 0
6
View file @ 04f4d0e7
...@@ -16,8 +16,6 @@ public class Config { ...@@ -16,8 +16,6 @@ public class Config {
private static final String DEFAULT_DATA_PARTITION_ID_TENANT2 = ""; private static final String DEFAULT_DATA_PARTITION_ID_TENANT2 = "";
private static final String DEFAULT_SEARCH_INTEGRATION_TESTER = ""; private static final String DEFAULT_SEARCH_INTEGRATION_TESTER = "";
private static final String DEFAULT_TARGET_AUDIENCE = "";
private static final String DEFAULT_LEGAL_TAG = ""; private static final String DEFAULT_LEGAL_TAG = "";
private static final String DEFAULT_OTHER_RELEVANT_DATA_COUNTRIES = ""; private static final String DEFAULT_OTHER_RELEVANT_DATA_COUNTRIES = "";
...@@ -39,10 +37,6 @@ public class Config { ...@@ -39,10 +37,6 @@ public class Config {
return getEnvironmentVariableOrDefaultValue("LEGAL_TAG", DEFAULT_LEGAL_TAG); return getEnvironmentVariableOrDefaultValue("LEGAL_TAG", DEFAULT_LEGAL_TAG);
} }
public static String getTargetAudience() {
return getEnvironmentVariableOrDefaultValue("INTEGRATION_TEST_AUDIENCE", DEFAULT_TARGET_AUDIENCE);
}
public static String getKeyValue() { public static String getKeyValue() {
return getEnvironmentVariableOrDefaultValue("SEARCH_INTEGRATION_TESTER", DEFAULT_SEARCH_INTEGRATION_TESTER); return getEnvironmentVariableOrDefaultValue("SEARCH_INTEGRATION_TESTER", DEFAULT_SEARCH_INTEGRATION_TESTER);
} }
......
testing/indexer-test-gc/src/test/java/org/opengroup/osdu/util/JwtTokenUtil.java
+ 1
3
View file @ 04f4d0e7
...@@ -66,8 +66,6 @@ class JwtTokenUtil { ...@@ -66,8 +66,6 @@ class JwtTokenUtil {
} }
private static String getJwt(String serviceAccountFile) throws IOException { private static String getJwt(String serviceAccountFile) throws IOException {
String targetAudience = Config.getTargetAudience();
long currentTime = Clock.SYSTEM.currentTimeMillis(); long currentTime = Clock.SYSTEM.currentTimeMillis();
InputStream stream = new ByteArrayInputStream(Base64.getDecoder().decode(serviceAccountFile)); InputStream stream = new ByteArrayInputStream(Base64.getDecoder().decode(serviceAccountFile));
...@@ -83,7 +81,7 @@ class JwtTokenUtil { ...@@ -83,7 +81,7 @@ class JwtTokenUtil {
payload.setExpirationTimeSeconds(currentTime / 1000 + 3600); payload.setExpirationTimeSeconds(currentTime / 1000 + 3600);
payload.setAudience("https://www.googleapis.com/oauth2/v4/token"); payload.setAudience("https://www.googleapis.com/oauth2/v4/token");
payload.setIssuer(credential.getServiceAccountId()); payload.setIssuer(credential.getServiceAccountId());
payload.set("target_audience", targetAudience); payload.set("target_audience", "osdu");
JsonFactory jsonFactory = JacksonFactory.getDefaultInstance(); JsonFactory jsonFactory = JacksonFactory.getDefaultInstance();
String signedJwt = null; String signedJwt = null;
......
testing/readme.md
+ 0
1
View file @ 04f4d0e7
...@@ -14,7 +14,6 @@ ...@@ -14,7 +14,6 @@
5) Update **DEFAULT_SEARCH_INTEGRATION_TESTER** variable in Config file with base64 encoded value to service account json key 5) Update **DEFAULT_SEARCH_INTEGRATION_TESTER** variable in Config file with base64 encoded value to service account json key
6) Update **DEFAULT_SEARCH_ON_BEHALF_INTEGRATION_TESTER** variable in Config file with base64 encoded value to service account json key (it will be used for slb-on-behalf-header) 6) Update **DEFAULT_SEARCH_ON_BEHALF_INTEGRATION_TESTER** variable in Config file with base64 encoded value to service account json key (it will be used for slb-on-behalf-header)
7) Have credentials for Elastic Cluster and update **DEFAULT_ELASTIC_HOST**, **DEFAULT_ELASTIC_USER_NAME** and **DEFAULT_ELASTIC_PASSWORD**. 7) Have credentials for Elastic Cluster and update **DEFAULT_ELASTIC_HOST**, **DEFAULT_ELASTIC_USER_NAME** and **DEFAULT_ELASTIC_PASSWORD**.
8) Update **DEFAULT_TARGET_AUDIENCE** with the Google audience
Note: Note:
1) Config (Config.java) file is present in org.opengroup.osdu.util package 1) Config (Config.java) file is present in org.opengroup.osdu.util package
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment