From deb3c99e0228ba2b0b189d49c58e559aadd0ab1a Mon Sep 17 00:00:00 2001 From: "aravind.est" Date: Sun, 18 May 2025 21:44:24 +0100 Subject: [PATCH] NCMP adapter - Add support for kafka SCRAM-SHA-512 Kafka producer configuration modified to accept the SCRAM-SHA-512 based authentication Issue-ID: NONRTRIC-1020 Change-Id: Iefa4a30c1bec2a71d7c511ada54fa8e1b4e0892f Signed-off-by: aravind.est --- adapters/ncmp-to-teiv-adapter/Dockerfile | 2 +- adapters/ncmp-to-teiv-adapter/pom.xml | 1 - .../ncmp_to_teiv_adapter/KafkaProducerConfig.java | 13 +++++++- .../ncmp_to_teiv_adapter/KafkaSecurityConfig.java | 39 ++++++++++++++++++++++ .../{application.properties => application.yaml} | 35 ++++++++++++------- adapters/pom.xml | 5 ++- 6 files changed, 77 insertions(+), 18 deletions(-) create mode 100644 adapters/ncmp-to-teiv-adapter/src/main/java/org/oran/smo/ncmp_to_teiv_adapter/KafkaSecurityConfig.java rename adapters/ncmp-to-teiv-adapter/src/main/resources/{application.properties => application.yaml} (54%) diff --git a/adapters/ncmp-to-teiv-adapter/Dockerfile b/adapters/ncmp-to-teiv-adapter/Dockerfile index c2f075d..b06dbef 100644 --- a/adapters/ncmp-to-teiv-adapter/Dockerfile +++ b/adapters/ncmp-to-teiv-adapter/Dockerfile @@ -26,7 +26,7 @@ RUN apt-get update && \ ARG JAR WORKDIR /opt/app/teiv -ADD src/main/resources/application.properties /opt/app/teiv/config/application.properties +ADD src/main/resources/application.yaml /opt/app/teiv/config/application.yaml ADD target/${JAR} /opt/app/teiv/ncmp-to-teiv-adapter.jar CMD ["/bin/sh", "-c", "java -jar ncmp-to-teiv-adapter.jar"] diff --git a/adapters/ncmp-to-teiv-adapter/pom.xml b/adapters/ncmp-to-teiv-adapter/pom.xml index 76e0e8c..c37b512 100644 --- a/adapters/ncmp-to-teiv-adapter/pom.xml +++ b/adapters/ncmp-to-teiv-adapter/pom.xml @@ -30,7 +30,6 @@ adapters 0.2.0-SNAPSHOT - org.oran.smo ncmp-to-teiv-adapter 0.0.1-SNAPSHOT jar diff --git a/adapters/ncmp-to-teiv-adapter/src/main/java/org/oran/smo/ncmp_to_teiv_adapter/KafkaProducerConfig.java b/adapters/ncmp-to-teiv-adapter/src/main/java/org/oran/smo/ncmp_to_teiv_adapter/KafkaProducerConfig.java index 8547cf9..8644dc9 100644 --- a/adapters/ncmp-to-teiv-adapter/src/main/java/org/oran/smo/ncmp_to_teiv_adapter/KafkaProducerConfig.java +++ b/adapters/ncmp-to-teiv-adapter/src/main/java/org/oran/smo/ncmp_to_teiv_adapter/KafkaProducerConfig.java @@ -20,6 +20,8 @@ package org.oran.smo.ncmp_to_teiv_adapter; import io.cloudevents.CloudEvent; +import lombok.RequiredArgsConstructor; +import org.apache.kafka.clients.admin.AdminClientConfig; import org.apache.kafka.clients.producer.ProducerConfig; import org.apache.kafka.common.serialization.StringSerializer; import io.cloudevents.kafka.CloudEventSerializer; @@ -34,18 +36,27 @@ import java.util.HashMap; import java.util.Map; @Configuration +@RequiredArgsConstructor public class KafkaProducerConfig { + private final KafkaSecurityConfig securityConfig; + @Value("${spring.kafka.bootstrap-servers}") private String bootstrapServer; + @Value("${spring.kafka.security.enabled}") + private boolean securityEnabled; + @Bean public ProducerFactory producerFactory() { Map configProps = new HashMap<>(); configProps.put(ProducerConfig.BOOTSTRAP_SERVERS_CONFIG, bootstrapServer); configProps.put(ProducerConfig.KEY_SERIALIZER_CLASS_CONFIG, StringSerializer.class); configProps.put(ProducerConfig.VALUE_SERIALIZER_CLASS_CONFIG, CloudEventSerializer.class); - + if (securityConfig.isEnabled()) { + configProps.put(AdminClientConfig.SECURITY_PROTOCOL_CONFIG, securityConfig.getProtocol()); + configProps.putAll(securityConfig.getProperties()); + } return new DefaultKafkaProducerFactory<>(configProps); } diff --git a/adapters/ncmp-to-teiv-adapter/src/main/java/org/oran/smo/ncmp_to_teiv_adapter/KafkaSecurityConfig.java b/adapters/ncmp-to-teiv-adapter/src/main/java/org/oran/smo/ncmp_to_teiv_adapter/KafkaSecurityConfig.java new file mode 100644 index 0000000..c8096ab --- /dev/null +++ b/adapters/ncmp-to-teiv-adapter/src/main/java/org/oran/smo/ncmp_to_teiv_adapter/KafkaSecurityConfig.java @@ -0,0 +1,39 @@ +/* + * ============LICENSE_START======================================================= + * Copyright (C) 2024 Ericsson + * Modifications Copyright (C) 2024 OpenInfra Foundation Europe + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ +package org.oran.smo.ncmp_to_teiv_adapter; + +import java.util.Map; +import lombok.Data; +import lombok.extern.slf4j.Slf4j; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.context.annotation.Configuration; + +@Configuration +@Data +@Slf4j +@ConfigurationProperties("spring.kafka.security") +public class KafkaSecurityConfig { + private boolean enabled = false; + + private String protocol; + + private Map properties; +} diff --git a/adapters/ncmp-to-teiv-adapter/src/main/resources/application.properties b/adapters/ncmp-to-teiv-adapter/src/main/resources/application.yaml similarity index 54% rename from adapters/ncmp-to-teiv-adapter/src/main/resources/application.properties rename to adapters/ncmp-to-teiv-adapter/src/main/resources/application.yaml index 5295984..62ffd8e 100644 --- a/adapters/ncmp-to-teiv-adapter/src/main/resources/application.properties +++ b/adapters/ncmp-to-teiv-adapter/src/main/resources/application.yaml @@ -15,18 +15,29 @@ # # SPDX-License-Identifier: Apache-2.0 # ============LICENSE_END========================================================= +spring: + application: + name: ncmp-to-teiv-adapter + kafka: + bootstrap-servers: localhost:9093 + security: + enabled: false + protocol: SASL_PLAINTEXT + properties: + sasl.mechanism: SCRAM-SHA-512 + sasl.jaas.config: org.apache.kafka.common.security.scram.ScramLoginModule required username="" password=""; + producer: + key-serializer: org.apache.kafka.common.serialization.StringSerializer + value-serializer: io.cloudevents.kafka.CloudEventSerializer -spring.application.name=ncmp-to-teiv-adapter +kafka: + topic: topology-inventory-ingestion -spring.kafka.bootstrap-servers=localhost:9093 -spring.kafka.producer.key-serializer=org.apache.kafka.common.serialization.StringSerializer -spring.kafka.producer.value-serializer=io.cloudevents.kafka.CloudEventSerializer -kafka.topic=topology-inventory-ingestion +send-sample-ocucp-event: false -send-sample-ocucp-event=false - -polling.base-url=http://localhost:8883/ncmp/v1/ch -polling.data-store-url=/data/ds/ncmp-datastore:passthrough-running -polling.searches-url=/id-searches -polling.include-descendants=false -polling.interval=60000 +polling: + base-url: http://localhost:8883/ncmp/v1/ch + data-store-url: /data/ds/ncmp-datastore:passthrough-running + searches-url: /id-searches + include-descendants: false + interval: 60000 \ No newline at end of file diff --git a/adapters/pom.xml b/adapters/pom.xml index 3cde48b..5497a35 100644 --- a/adapters/pom.xml +++ b/adapters/pom.xml @@ -21,8 +21,8 @@ --> + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> 4.0.0 org.oran.smo @@ -30,7 +30,6 @@ 0.2.0-SNAPSHOT - org.oran.smo adapters 0.2.0-SNAPSHOT pom -- 2.16.6