Merge branch 'OCF115-create-table-in-database-for-dynamic-configuration' into 'staging' (b401e3b0) · Commits · OCF / capif

helm/capif/charts/ocf-helper/templates/ocf-helper-configmap.yaml

+6 −1

Original line number	Diff line number	Diff line
		@@ -13,6 +13,7 @@ data:
		'col_services': "serviceapidescriptions",
		'col_security': "security",
		'col_event': "eventsdetails",
		'col_capif_configuration': "capif_configuration",
		'host': '{{ .Values.env.mongoHost }}',
		'port': "{{ .Values.env.mongoPort }}"
		}
		@@ -22,3 +23,7 @@ data:
		"port": {{ quote .Values.env.vaultPort }},
		"token": {{ quote .Values.env.vaultAccessToken }}
		}

		{{- if .Values.capifConfiguration }}
		capif_configuration: {{ .Values.capifConfiguration \| toYaml \| nindent 6 }}
		{{- end }}
		No newline at end of file

+18 −0

Original line number	Diff line number	Diff line
		@@ -25,6 +25,24 @@ env:
		mongoInitdbRootPassword: example
		logLevel: "INFO"

		capifConfiguration:
		config_name: "default"
		config_version: "1.0"
		config_description: "Default CAPIF Configuration"
		settings:
		certificates_expiry:
		ttl_superadmin_cert: "4300h"
		ttl_invoker_cert: "4300h"
		ttl_provider_cert: "4300h"
		security_method_priority:
		oauth: 1
		pki: 2
		psk: 3
		acl_policy_settings:
		allowed_total_invocations: 5
		allowed_invocations_per_second: 10
		allowed_invocation_time_range_days: 365

		serviceAccount:
		# Specifies whether a service account should be created
		create: true

+5 −0

Original line number	Diff line number	Diff line
		@@ -9,6 +9,7 @@ data:
		'password': 'example',
		'db': 'capif_users',
		'col': 'user',
		'col_capif_configuration': 'capif_configuration',
		'admins': 'admins',
		'host': '{{ .Values.env.mongoHost }}',
		'port': '{{ .Values.env.mongoPort }}'
		@@ -29,3 +30,7 @@ data:
		admin_users: {admin_user: "admin",
		admin_pass: "password123"}
		}

		{{- if .Values.capifConfiguration }}
		capif_configuration: {{ .Values.capifConfiguration \| toYaml \| nindent 6 }}
		{{- end }}

+8 −0

Original line number	Diff line number	Diff line
		@@ -24,6 +24,14 @@ env:
		logLevel: "INFO"
		timeout: "30"

		capifConfiguration:
		config_name: "default"
		config_version: "1.0"
		config_description: "Default Register Configuration"
		settings:
		certificates_expiry:
		ttl_superadmin_cert: "4300h"

		serviceAccount:
		# Specifies whether a service account should be created
		create: true

+8 −1

Original line number	Diff line number	Diff line
		@@ -18,6 +18,9 @@ from .responses import bad_request_error, not_found_error, forbidden_error, inte
		from ..config import Config
		from ..util import dict_to_camel_case, serialize_clean_camel_case

		from api_invoker_management.db.db import MongoDatabse


		publisher_ops = Publisher()


		@@ -38,11 +41,14 @@ class InvokerManagementOperations(Resource):

		def __sign_cert(self, publick_key, invoker_id):

		capif_config = self.db.get_col_by_name("capif_configuration").find_one({"config_name": "default"})
		ttl_invoker_cert = capif_config.get("settings", {}).get("certificates_expiry", {}).get("ttl_invoker_cert", "4300h")

		url = f"http://{self.config['ca_factory']['url']}:{self.config['ca_factory']['port']}/v1/pki_int/sign/my-ca"
		headers = {'X-Vault-Token': self.config['ca_factory']['token']}
		data = {
		'format': 'pem_bundle',
		'ttl': '43000h',
		'ttl': ttl_invoker_cert,
		'csr': publick_key,
		'common_name': invoker_id
		}
		@@ -58,6 +64,7 @@ class InvokerManagementOperations(Resource):
		Resource.__init__(self)
		self.auth_manager = AuthManager()
		self.config = Config().get_config()
		self.db = MongoDatabse()

		def add_apiinvokerenrolmentdetail(self, apiinvokerenrolmentdetail, username, uuid):