Commit 815544c2 authored by Hema Vishnu Pola [Microsoft]'s avatar Hema Vishnu Pola [Microsoft]
Browse files

Added config based Enable/disable of SSL for elastic search for debugging

parent e25efd11
...@@ -21,7 +21,7 @@ ...@@ -21,7 +21,7 @@
<groupId>org.opengroup.osdu</groupId> <groupId>org.opengroup.osdu</groupId>
<artifactId>core-lib-azure</artifactId> <artifactId>core-lib-azure</artifactId>
<packaging>jar</packaging> <packaging>jar</packaging>
<version>0.0.11</version> <version>0.0.12</version>
<name>core-lib-azure</name> <name>core-lib-azure</name>
<properties> <properties>
......
...@@ -14,6 +14,7 @@ ...@@ -14,6 +14,7 @@
package org.opengroup.osdu.elastic.dependencies; package org.opengroup.osdu.elastic.dependencies;
import com.azure.core.exception.ResourceNotFoundException;
import com.azure.security.keyvault.secrets.SecretClient; import com.azure.security.keyvault.secrets.SecretClient;
import com.azure.security.keyvault.secrets.models.KeyVaultSecret; import com.azure.security.keyvault.secrets.models.KeyVaultSecret;
import lombok.AllArgsConstructor; import lombok.AllArgsConstructor;
...@@ -61,7 +62,8 @@ public class ElasticCredentialRepository implements IElasticRepository { ...@@ -61,7 +62,8 @@ public class ElasticCredentialRepository implements IElasticRepository {
URL esURL = getElasticURL(); URL esURL = getElasticURL();
String username = getSecretWithValidation("elastic-username"); String username = getSecretWithValidation("elastic-username");
String password = getSecretWithValidation("elastic-password"); String password = getSecretWithValidation("elastic-password");
return buildSettings(esURL, username, password); boolean sslEnabled = Boolean.parseBoolean(getSecretWithDefault("elastic-ssl-enabled", "true"));
return buildSettings(esURL, username, password, sslEnabled);
} }
/** /**
...@@ -69,17 +71,28 @@ public class ElasticCredentialRepository implements IElasticRepository { ...@@ -69,17 +71,28 @@ public class ElasticCredentialRepository implements IElasticRepository {
* @param esURL URL for ES cluster * @param esURL URL for ES cluster
* @param username Username for ES cluster * @param username Username for ES cluster
* @param password Password for ES cluster * @param password Password for ES cluster
* @param sslEnabled ES cluster ssl communication enabled or not
* @return {@link ClusterSettings} representing the cluster * @return {@link ClusterSettings} representing the cluster
*/ */
private ClusterSettings buildSettings( private ClusterSettings buildSettings(
final URL esURL, final URL esURL,
final String username, final String username,
final String password) { final String password,
failIfNotHTTPS(esURL); final boolean sslEnabled) {
return ClusterSettings.builder() ClusterSettings.ClusterSettingsBuilder builder = ClusterSettings.builder()
.host(esURL.getHost()) .host(esURL.getHost())
.port(esURL.getPort()) .port(esURL.getPort())
.userNameAndPassword(String.format("%s:%s", username, password)) .userNameAndPassword(String.format("%s:%s", username, password));
if (!sslEnabled) {
return builder
.https(false)
.tls(false)
.build();
}
failIfNotHTTPS(esURL);
return builder
.https(true) .https(true)
.tls(true) .tls(true)
.build(); .build();
...@@ -125,6 +138,27 @@ public class ElasticCredentialRepository implements IElasticRepository { ...@@ -125,6 +138,27 @@ public class ElasticCredentialRepository implements IElasticRepository {
String secretValue = secret.getValue(); String secretValue = secret.getValue();
Validators.checkNotNullAndNotEmpty(secretValue, "Secret Value for Secret with name " + secretName); Validators.checkNotNullAndNotEmpty(secretValue, "Secret Value for Secret with name " + secretName);
return secretValue; return secret.getValue();
} }
/**
* Get the secret with a default value. If the secret is not found or is null return the default value.
* @param secretName name of secret
* @param defaultValue to be used in case the secret is null or empty.
* @return Secret value. It is guaranteed to be returned with either default value or a non null, non empty secret.
*/
private String getSecretWithDefault(final String secretName, final String defaultValue) {
Validators.checkNotNull(secretName, "Secret with name " + secretName);
KeyVaultSecret secret;
try {
secret = secretClient.getSecret(secretName);
if (secret == null || secret.getValue() == null || secret.getValue().isEmpty()) {
return defaultValue;
}
} catch (ResourceNotFoundException secretNotFound) {
return defaultValue;
}
return secret.getValue();
}
} }
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment