| 2020-06-18 | 2.0.0 | Henrik Andersson | Bronze Release |
| | | | |
+------------+----------+------------------+-------------------+
+| 2020-07-29 | 2.0.1 | Henrik Andersson | Bronze Maintenance|
+| | | | Release |
+| | | | |
++------------+----------+------------------+-------------------+
Summary
| 2020-06-18 | 2.0.0 | Henrik Andersson | Bronze Release |
| | | | |
+------------+----------+------------------+-------------------+
+| 2020-07-29 | 2.0.1 | Henrik Andersson | Bronze Maintenance|
+| | | | Release |
+| | | | |
++------------+----------+------------------+-------------------+
Release Data
| **Purpose of the delivery** | Improved stability |
| | |
+-----------------------------+---------------------------------------------------+
+
+Bronze Maintenance
+------------------
++-----------------------------+---------------------------------------------------+
+| **Project** | Non-RT RIC |
+| | |
++-----------------------------+---------------------------------------------------+
+| **Repo/commit-ID** | nonrtric/5d4f252a530a0d9abbf2a363354c5e56e8f2f33e |
+| | |
++-----------------------------+---------------------------------------------------+
+| **Release designation** | Bronze |
+| | |
++-----------------------------+---------------------------------------------------+
+| **Release date** | 2020-07-29 |
+| | |
++-----------------------------+---------------------------------------------------+
+| **Purpose of the delivery** | Introduce configuration of certificates |
+| | |
++-----------------------------+---------------------------------------------------+
--- /dev/null
+The keystore.jks and truststore.jks files are created by using the following commands (note that this is an example):
+
+1) Create a CA certificate and a private key:
+
+openssl genrsa -des3 -out CA-key.pem 2048
+openssl req -new -key CA-key.pem -x509 -days 1000 -out CA-cert.pem
+
+2) Create a keystore with a private key entry that is signed by the CA:
+
+keytool -genkeypair -alias policy_agent -keyalg RSA -keysize 2048 -keystore keystore.jks -validity 3650 -storepass policy_agent
+keytool -certreq -alias policy_agent -file request.csr -keystore keystore.jks -ext san=dns:your.domain.com -storepass policy_agent
+openssl x509 -req -days 365 -in request.csr -CA CA-cert.pem -CAkey CA-key.pem -CAcreateserial -out ca_signed-cert.pem
+keytool -importcert -alias ca_cert -file CA-cert.pem -keystore keystore.jks -trustcacerts -storepass policy_agent
+keytool -importcert -alias policy_agent -file ca_signed-cert.pem -keystore keystore.jks -trustcacerts -storepass policy_agent
+
+
+3) Create a trust store containing the CA cert (to trust all certs signed by the CA):
+
+keytool -genkeypair -alias not_used -keyalg RSA -keysize 2048 -keystore truststore.jks -validity 3650 -storepass policy_agent
+keytool -importcert -alias ca_cert -file CA-cert.pem -keystore truststore.jks -trustcacerts -storepass policy_agent
+
+
+4) Command for listing of the contents of jks files, examples:
+keytool -list -v -keystore keystore.jks -storepass policy_agent
+keytool -list -v -keystore truststore.jks -storepass policy_agent
+
+## License
+
+Copyright (C) 2020 Nordix Foundation. All rights reserved.
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import reactor.core.publisher.Mono;
-
+import lombok.Getter;
/**
* Factory for A1 clients that supports four different protocol versions of the
* A1 api.
private static final Logger logger = LoggerFactory.getLogger(A1ClientFactory.class);
+ @Getter
private final ApplicationConfig appConfig;
@Autowired
assertNoControllerConfig(ric, version);
return new OscA1Client(ric.getConfig(), this.appConfig.getWebClientConfig());
} else if (version == A1ProtocolType.SDNC_OSC_STD_V1_1 || version == A1ProtocolType.SDNC_OSC_OSC_V1) {
- return new SdncOscA1Client(version, ric.getConfig(), getControllerConfig(ric));
+ return new SdncOscA1Client(version, ric.getConfig(), getControllerConfig(ric),
+ this.appConfig.getWebClientConfig());
} else if (version == A1ProtocolType.SDNC_ONAP) {
- return new SdncOnapA1Client(ric.getConfig(), getControllerConfig(ric));
+ return new SdncOnapA1Client(ric.getConfig(), getControllerConfig(ric), this.appConfig.getWebClientConfig());
} else {
logger.error("Unhandled protocol: {}", version);
throw new ServiceException("Unhandled protocol");
import org.immutables.value.Value;
import org.oransc.policyagent.configuration.ControllerConfig;
import org.oransc.policyagent.configuration.RicConfig;
+import org.oransc.policyagent.configuration.WebClientConfig;
import org.oransc.policyagent.repository.Policy;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
private final RicConfig ricConfig;
private final AsyncRestClient restClient;
- public SdncOnapA1Client(RicConfig ricConfig, ControllerConfig controllerConfig) {
- this(ricConfig, controllerConfig, new AsyncRestClient(controllerConfig.baseUrl() + "/restconf/operations"));
+ public SdncOnapA1Client(RicConfig ricConfig, ControllerConfig controllerConfig, WebClientConfig clientConfig) {
+ this(ricConfig, controllerConfig,
+ new AsyncRestClient(controllerConfig.baseUrl() + "/restconf/operations", clientConfig));
logger.debug("SdncOnapA1Client for ric: {}, a1ControllerBaseUrl: {}", ricConfig.name(),
controllerConfig.baseUrl());
}
import org.json.JSONObject;
import org.oransc.policyagent.configuration.ControllerConfig;
import org.oransc.policyagent.configuration.RicConfig;
+import org.oransc.policyagent.configuration.WebClientConfig;
import org.oransc.policyagent.repository.Policy;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
*
* @throws IllegalArgumentException when the protocolType is wrong.
*/
- public SdncOscA1Client(A1ProtocolType protocolType, RicConfig ricConfig, ControllerConfig controllerConfig) {
+ public SdncOscA1Client(A1ProtocolType protocolType, RicConfig ricConfig, ControllerConfig controllerConfig,
+ WebClientConfig clientConfig) {
this(protocolType, ricConfig, controllerConfig,
- new AsyncRestClient(controllerConfig.baseUrl() + "/restconf/operations"));
+ new AsyncRestClient(controllerConfig.baseUrl() + "/restconf/operations", clientConfig));
logger.debug("SdncOscA1Client for ric: {}, a1Controller: {}", ricConfig.name(), controllerConfig);
}
protected DmaapMessageHandler getDmaapMessageHandler() {
if (this.dmaapMessageHandler == null) {
String agentBaseUrl = "http://localhost:" + this.localServerHttpPort;
- AsyncRestClient agentClient = new AsyncRestClient(agentBaseUrl);
+ AsyncRestClient agentClient = new AsyncRestClient(agentBaseUrl, this.applicationConfig.getWebClientConfig());
AsyncRestClient producer = new AsyncRestClient(this.applicationConfig.getDmaapProducerTopicUrl(),
this.applicationConfig.getWebClientConfig());
this.dmaapMessageHandler = new DmaapMessageHandler(producer, agentClient);
}
AsyncRestClient createNotificationClient(final String url) {
- return new AsyncRestClient(url);
+ return new AsyncRestClient(url, this.a1ClientFactory.getAppConfig().getWebClientConfig());
}
private Flux<PolicyType> synchronizePolicyTypes(Ric ric, A1Client a1Client) {
@Test
void createClientWithWrongProtocol_thenErrorIsThrown() {
try {
- new SdncOscA1Client(A1ProtocolType.STD_V1_1, null, null, null);
+ new SdncOscA1Client(A1ProtocolType.STD_V1_1, null, null, new AsyncRestClient("", null));
fail("Should have thrown exception.");
} catch (IllegalArgumentException e) {
return;