1) Create a CA certificate and a private key:
openssl genrsa -des3 -out CA-key.pem 2048
-openssl req -new -key CA-key.pem -x509 -days 1000 -out CA-cert.pem
+openssl req -new -key CA-key.pem -x509 -days 3600 -out CA-cert.pem
2) Create a keystore with a private key entry that is signed by the CA:
+Note: the "your name" must be "localhost" for the unittest to work.
+
keytool -genkeypair -alias policy_agent -keyalg RSA -keysize 2048 -keystore keystore.jks -validity 3650 -storepass policy_agent
keytool -certreq -alias policy_agent -file request.csr -keystore keystore.jks -ext san=dns:your.domain.com -storepass policy_agent
-openssl x509 -req -days 365 -in request.csr -CA CA-cert.pem -CAkey CA-key.pem -CAcreateserial -out ca_signed-cert.pem
+openssl x509 -req -days 3650 -in request.csr -CA CA-cert.pem -CAkey CA-key.pem -CAcreateserial -out ca_signed-cert.pem
keytool -importcert -alias ca_cert -file CA-cert.pem -keystore keystore.jks -trustcacerts -storepass policy_agent
keytool -importcert -alias policy_agent -file ca_signed-cert.pem -keystore keystore.jks -trustcacerts -storepass policy_agent
org.springframework: ERROR
org.springframework.data: ERROR
org.springframework.web.reactive.function.client.ExchangeFunctions: ERROR
+ org.springframework.web.servlet.DispatcherServlet: INFO
org.onap.ccsdk.oran.a1policymanagementservice: INFO
- # org.onap.ccsdk.oran.a1policymanagementservice.tasks: TRACE
+ pattern:
+ console: "%d{yyyy-MM-dd HH:mm:ss.SSS} [%-5level] [%thread] %logger{20} - %msg%n"
+ file: "%d{yyyy-MM-dd HH:mm:ss.SSS} [%-5level] [%thread] %logger{20} - %msg%n"
file:
name: /var/log/policy-agent/application.log
server:
http.proxy-host:
http.proxy-port: 0
http.proxy-type: HTTP
- # path where the service can store data
+ # path where the service can store data. This parameter is not relevant if S3 Object store is configured.
vardata-directory: /var/policy-management-service
# the config-file-schema-path referres to a location in the jar file. If this property is empty or missing,
# no schema validation will be executed.
# A file containing an authorization token, which shall be inserted in each HTTP header (authorization).
# If the file name is empty, no authorization token is sent.
auth-token-file:
+ # S3 object store usage is enabled by defining the bucket to use. This will override the vardata-directory parameter.
+ s3:
+ endpointOverride: http://localhost:9000
+ accessKeyId: minio
+ secretAccessKey: miniostorage
+ bucket:
-Subproject commit ca315932268e1c5da6a12201db4cfaef35df69bb
+Subproject commit 123ba96ee12d73d89aac9e274ae9e3cffe7249ea
<sonar-maven-plugin.version>3.7.0.1746</sonar-maven-plugin.version>
<jacoco-maven-plugin.version>0.8.5</jacoco-maven-plugin.version>
<exec-maven-plugin.version>3.0.0</exec-maven-plugin.version>
+ <software.amazon.awssdk.version>2.17.292</software.amazon.awssdk.version>
</properties>
<dependencies>
<dependency>
<artifactId>everit-json-schema</artifactId>
<version>1.13.0</version>
</dependency>
+ <dependency>
+ <groupId>software.amazon.awssdk</groupId>
+ <artifactId>s3</artifactId>
+ <version>${software.amazon.awssdk.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>io.micrometer</groupId>
+ <artifactId>micrometer-registry-prometheus</artifactId>
+ </dependency>
</dependencies>
<build>
<plugins>