Verified Commit 074f356b authored by João Capucho's avatar João Capucho
Browse files

Integration with secrets controller for automatic unsealing 

Implements an optional integration with the secrets controller to
transparently unseal secret characteristics.
parent d679a3c6

src/main/java/org/etsi/osl/osom/lcm/LcmBaseExecutor.java

+11 −2
Original line number Diff line number Diff line
@@ -150,14 +150,23 @@ public abstract class LcmBaseExecutor { 
				if (c.getName().equals(charName)) {

					if (c.getValue() != null) {

						if (c.getValue().getValue() != null) {

                            // Unseal secrets as needed

                            if (c.getValueType().equals(EValueType.SECRET.getValue())) {

                                final var secretsClient = this.vars.getServiceOrderManager().getSecretsClient();

                                if (secretsClient.isPresent()) {

                                    c.getValue().setValue(

                                            secretsClient.get().unseal(c.getValue().getValue(), c.getName()));

                                }

                            }



							return Optional.of(c);

						}

					}

				}

			}

		}

		Characteristic z = null;

		return Optional.ofNullable(z);



		return Optional.empty();

	}



	public void setCharValFromStringType(String charName, String newValue) {

src/main/java/org/etsi/osl/osom/lcm/SecretsClient.java

0 → 100644
+47 −0
Original line number Diff line number Diff line 
package org.etsi.osl.osom.lcm;



import com.fasterxml.jackson.core.JsonProcessingException;

import com.fasterxml.jackson.databind.ObjectMapper;

import org.apache.camel.ProducerTemplate;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.beans.factory.annotation.Value;

import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;

import org.springframework.stereotype.Service;



@Service

@ConditionalOnExpression("${SECRETS_CONTROLLER_ENABLE:false}")

public class SecretsClient {

    private final ProducerTemplate producerTemplate;



    private final String unsealSecretQueue;



    private final ObjectMapper mapper = new ObjectMapper();



    @Autowired

    public SecretsClient(

            ProducerTemplate producerTemplate,

            @Value("${SECRETS_CHARACTERISTIC_UNSEAL}") String unsealSecretQueue

    ) {

        this.producerTemplate = producerTemplate;

        this.unsealSecretQueue = unsealSecretQueue;

    }



    public String unseal(String uri, String characteristic) {

        try {

            final var cmd = new UnsealCharacteristicCommand(uri, characteristic);

            final var payload = this.mapper.writeValueAsString(cmd);

            final var responseRaw = this.producerTemplate.requestBody(this.unsealSecretQueue, payload, String.class);

            final var response = this.mapper.readValue(responseRaw, String.class);



            if (response == null)

                return "";



            return response;

        } catch (JsonProcessingException e) {

            throw new RuntimeException(e);

        }

    }



    private record UnsealCharacteristicCommand(String secretURI, String characteristic) {

    }

}

src/main/java/org/etsi/osl/osom/management/ServiceOrderManager.java

+9 −11
Original line number Diff line number Diff line
@@ -20,11 +20,7 @@ 
package org.etsi.osl.osom.management;



import java.io.IOException;

import java.util.ArrayList;

import java.util.Arrays;

import java.util.HashMap;

import java.util.List;

import java.util.Map;

import java.util.*;

import java.util.stream.Collectors;

import com.fasterxml.jackson.annotation.JsonInclude;

import com.fasterxml.jackson.databind.ObjectMapper;
@@ -35,6 +31,7 @@ import org.etsi.osl.model.nfv.DeploymentDescriptor; 
import org.etsi.osl.model.nfv.NetworkServiceDescriptor;

import org.etsi.osl.model.nfv.ScaleDescriptor;

import org.etsi.osl.osom.lcm.ChatClient;

import org.etsi.osl.osom.lcm.SecretsClient;

import org.etsi.osl.osom.serviceactions.NSActionRequestPayload;

import org.etsi.osl.tmf.pm628.model.MeasurementCollectionJob;

import org.etsi.osl.tmf.pm628.model.MeasurementCollectionJobFVO;
@@ -208,6 +205,8 @@ public class ServiceOrderManager { 
    @Autowired

	private ChatClient chatClient;



    @Autowired

    private Optional<SecretsClient> secretsClient;



	@Transactional

	public void processOrder(ServiceOrder serviceOrder) {
@@ -1213,8 +1212,7 @@ public class ServiceOrderManager { 
    return chatClient;

  }



  







  public Optional<SecretsClient> getSecretsClient() {

      return this.secretsClient;

  }

}

src/main/resources/application.yml

+5 −1
Original line number Diff line number Diff line
@@ -129,3 +129,7 @@ CRD_PATCH_CR_REQ: "jms:queue:CRD.PATCH.CR_REQ" 
#TMF628 ACTIONS

PM_MEASUREMENT_COLLECTION_JOB_ADD:         "jms:queue:PM.MEASUREMENTCOLLECTIONJOB.ADD"

PM_MEASUREMENT_COLLECTION_JOB_UPDATE:      "jms:queue:PM.MEASUREMENTCOLLECTIONJOB.UPDATE"



# Secrets controller ACTIONS

SECRETS_CONTROLLER_ENABLE: false

SECRETS_CHARACTERISTIC_UNSEAL: "jms:queue:SECRETS.CHARACTERISTIC.UNSEAL?exchangePattern=InOut"