From 49e073139d5c55529047c7cb7333dc3cb55491eb Mon Sep 17 00:00:00 2001 From: Jakub Cechacek Date: Mon, 13 Nov 2017 19:52:41 +0100 Subject: [PATCH] Updated Vert.X config --- .../src/main/resources/defaults.properties | 19 +- .../vertx/config-es-basic-auth.json | 269 ++++++++++++++++++ .../integration/vertx/config.template.json | 94 ------ tools/docker/deployments/push.sh | 6 + tools/job_scripts/rest-tests-build-vertx.sh | 1 - tools/use_vertx.sh | 2 +- 6 files changed, 286 insertions(+), 105 deletions(-) create mode 100644 apiman-it-commons/src/main/resources/io/apiman/test/integration/vertx/config-es-basic-auth.json delete mode 100644 apiman-it-commons/src/main/resources/io/apiman/test/integration/vertx/config.template.json create mode 100755 tools/docker/deployments/push.sh diff --git a/apiman-it-commons/src/main/resources/defaults.properties b/apiman-it-commons/src/main/resources/defaults.properties index 959a12a..85473a0 100644 --- a/apiman-it-commons/src/main/resources/defaults.properties +++ b/apiman-it-commons/src/main/resources/defaults.properties @@ -20,10 +20,16 @@ apiman.gw1.host = ${apiman.host} apiman.gw1.port = 8443 apiman.gw1.protocol = https +# Test IP address (should be the address your primary interface) +apiman.test.address = 127.0.0.1 + +# Tools binding configuration +apiman.test.tools.address = localhost + # Deployment server connection -apiman.test.deploy.host = ${apiman.host} -apiman.test.deploy.port = ${apiman.port} -apiman.test.deploy.protocol = ${apiman.protocol} +apiman.test.deploy.host = ${apiman.test.tools.address} +apiman.test.deploy.port = 8181 +apiman.test.deploy.protocol = http # Additional configuration apiman.test.jdbc.ds = java:jboss/datasources/apimanqe @@ -31,11 +37,6 @@ apiman.test.delay = 5000 apiman.test.setup.delay = 2500 apiman.test.js.timeout = 5000 -# Test IP address (should be the address your primary interface) -apiman.test.address = 127.0.0.1 - -# Tools binding configuration -apiman.test.tools.address = localhost apiman.test.proxy.start = true apiman.test.proxy.address = ${env:MACHINE_IP} @@ -45,7 +46,7 @@ apiman.test.ldap.address = ${apiman.test.tools.address} apiman.test.ldap.port = 10389 apiman.test.kc.address = ${apiman.test.tools.address} -apiman.test.kc.port = 8081 +apiman.test.kc.port = 8180 apiman.test.kc.realm = qerealm apiman.test.kc.application = apiman diff --git a/apiman-it-commons/src/main/resources/io/apiman/test/integration/vertx/config-es-basic-auth.json b/apiman-it-commons/src/main/resources/io/apiman/test/integration/vertx/config-es-basic-auth.json new file mode 100644 index 0000000..315cc17 --- /dev/null +++ b/apiman-it-commons/src/main/resources/io/apiman/test/integration/vertx/config-es-basic-auth.json @@ -0,0 +1,269 @@ +{ // Example ElasticSearch based config + "variables": { + "apiman": { + "es": { + "protocol": "http", + "host": "localhost", + "port": 19200, + "username": null, + "password": null, + "timeout": 10000 + } + } + }, + + "registry": { + "class": "io.apiman.gateway.engine.es.PollCachingESRegistry", + "config": { + "client": { + "type": "jest", + "protocol": "${apiman.es.protocol}", + "host": "${apiman.es.host}", + "port": "${apiman.es.port}", + "initialize": true, + "username": "${apiman.es.username}", + "password": "${apiman.es.password}", + "timeout": "${apiman.es.timeout}"//, + //"cache-polling-interval": 15 + //"index": "" + } + } + }, + + // Gateway error writer + // A "trace" version of the error writer - comment out/remove this to suppress stack traces + // in the JSON/XML payload returned by the gateway when an error occurs. + "writers": { + "error": { + "class": "io.apiman.gateway.engine.impl.TracePolicyErrorWriter", + "config": {} + }//, + // "policy-failure": { + // "class": "", + // "config": {} + // } + }, + + "encrypter": { + "class": "io.apiman.gateway.engine.impl.DefaultDataEncrypter", + "config": {} + }, + + "plugin-registry": { + "class": "io.apiman.gateway.platforms.vertx3.engine.VertxPluginRegistry", + "config": {} + }, + + "connector-factory": { + "class": "io.apiman.gateway.platforms.vertx3.connector.ConnectorFactory", + "config": { + // ----------------------------------------------- + // SSL/TLS settings for the gateway connector(s). + // ----------------------------------------------- + "tls": { + // Enable devMode for HTTPS connections (gateway trusts any certificate). + // This should *NOT* be used in production mode. *Use with great care.* + "devMode": true + + // Whether self-signed certificates should be automatically trusted. *Use with great care.* + // "allowSelfSigned": false, + + // Whether certificate host checks should be bypassed. *Use with great care.* + // "allowAnyHost": false, + + // Trust store contains certificate(s) trusted by gateway. + // "trustStore": "/path/to/your/truststore.jks", + // "trustStorePassword": "abc123", + + // Key store contains gateway's keys (including private components: keep it safe). + // "keyStore": "/path/to/your/keystore.jks", + // "keyStorePassword": "abc123", + + // By default all keys can be used (will try all). If alias list provided, will only attempt to use listed keys. + // "keyAliases": "mykey,myotherkey", + + // Allowed TLS/SSL protocols and ciphers suites as CSV. Availability will vary depending on your JVM impl. + // Uses JVM defaults depending if not explicitly provided. + // See: https://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html + // You may wish to consider global JVM settings by modifying java.security + // "allowedProtocols": "TLSv1.2,TLSv1.1", + // "allowedCiphers": "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,...", + // "disallowedCiphers": "..." + } + } + }, + + "policy-factory": { + "class": "io.apiman.gateway.engine.policy.PolicyFactoryImpl", + "config": {} + }, + + "logger-factory": { + "class": "io.apiman.gateway.platforms.vertx3.logging.VertxLoggerDelegate", + "config": {} + }, + + // Elasticsearch Metrics Settings + "metrics": { + "class": "io.apiman.gateway.engine.es.ESMetrics", + "config": { + "client": { + "type": "jest", + "protocol": "${apiman.es.protocol}", + "host": "${apiman.es.host}", + "port": "${apiman.es.port}", + "initialize": true, + "username": "${apiman.es.username}", + "password": "${apiman.es.password}", + "timeout": "${apiman.es.timeout}" + } + } + }, + + "components": { + // Shared State Component Settings + "ISharedStateComponent": { + "class": "io.apiman.gateway.engine.es.ESSharedStateComponent", + "config": { + "client": { + "type": "jest", + "protocol": "${apiman.es.protocol}", + "host": "${apiman.es.host}", + "port": "${apiman.es.port}", + "initialize": true, + "username": "${apiman.es.username}", + "password": "${apiman.es.password}", + "timeout": "${apiman.es.timeout}" + } + } + }, + + // Rate Limiter Component Settings + "IRateLimiterComponent": { + "class": "io.apiman.gateway.engine.es.ESRateLimiterComponent", + "config": { + "client": { + "type": "jest", + "protocol": "${apiman.es.protocol}", + "host": "${apiman.es.host}", + "port": "${apiman.es.port}", + "initialize": true, + "username": "${apiman.es.username}", + "password": "${apiman.es.password}", + "timeout": "${apiman.es.timeout}" + } + } + }, + + // Cache Store Component Settings + "ICacheStoreComponent": { + "class": "io.apiman.gateway.engine.es.ESCacheStoreComponent", + "config": { + "client": { + "type": "jest", + "protocol": "${apiman.es.protocol}", + "host": "${apiman.es.host}", + "port": "${apiman.es.port}", + "initialize": true, + "username": "${apiman.es.username}", + "password": "${apiman.es.password}", + "timeout": "${apiman.es.timeout}" + } + } + }, + + // Execute Blocking Component + "IExecuteBlockingComponent": { + "class": "io.apiman.gateway.platforms.vertx3.components.ExecuteBlockingComponentImpl", + "config": {} + }, + + // JDBC Component Settings + "IJdbcComponent": { + "class": "io.apiman.gateway.platforms.vertx3.components.JdbcClientComponentImpl", + "config": {} + }, + + // LDAP Component Settings + "ILdapComponent": { + "class": "io.apiman.gateway.platforms.vertx3.components.LdapClientComponentImpl", + "config": {} + }, + + // HTTP Component Settings + "IHttpClientComponent": { + "class": "io.apiman.gateway.platforms.vertx3.components.HttpClientComponentImpl", + "config": {} + }, + + // Policy Failure Factory Component + "IPolicyFailureFactoryComponent": { + "class": "io.apiman.gateway.platforms.vertx3.components.PolicyFailureFactoryComponent", + "config": {} + }, + + // Buffer Factory Component + "IBufferFactoryComponent": { + "class": "io.apiman.gateway.platforms.vertx3.components.BufferFactoryComponentImpl", + "config": {} + }, + + // Periodic Component + "IPeriodicComponent": { + "class": "io.apiman.gateway.platforms.vertx3.components.PeriodicComponentImpl", + "config": {} + } + }, + + // Host-name to bind to for this machine. + "hostname": "localhost", + + // You can force a particular endpoint to be reported here (e.g. + // if you have some clustered setup with exotic DNS setup) + //"publicEndpoint": "localhost", + + // Verticle configuration + // Port - The port a given verticle listens on (where relevant) + // Count - Number of given verticle type launched, or "auto" for automatic. + "verticles": { + "http": { + "port": 8082, + "count": "auto" + }, + // Configure the following SSL section to enable SSL/TLS. + "https": { + "port": 8443, + "count": 0 + }, + // The Gateway API; this will be the port to set in the UI. + // e.g. http://localhost:8081 or https://gateway.machine:8081 + // Configure the following SSL section to enable SSL/TLS. + "api": { + "port": 8081, + "count": 1 + } + }, + + "ssl": { + "keystore": { + "path": "${APIMAN_KEYSTORE}", + "password": "secret" + }, + "truststore": { + "path": "${APIMAN_KEYSTORE}", + "password": "secret" + } + }, + + // Gateway API Authentication. See documentation for further possibilities.. + "auth": { + "type": "BASIC", + "config": { + "username": "${GW_AUTH_USERNAME:-admin}", + "password": "${GW_AUTH_PASSWORD:-admin}" + } + }, + + // When reporting an API's endpoint, prefer secure (i.e. https). You should probably change this after enabling HTTPS. + "preferSecure": false +} diff --git a/apiman-it-commons/src/main/resources/io/apiman/test/integration/vertx/config.template.json b/apiman-it-commons/src/main/resources/io/apiman/test/integration/vertx/config.template.json deleted file mode 100644 index 3f2730f..0000000 --- a/apiman-it-commons/src/main/resources/io/apiman/test/integration/vertx/config.template.json +++ /dev/null @@ -1,94 +0,0 @@ -{ - "hostname": "localhost", - "verticles": { - "http": {"port": 8082, "count": 1}, - "https": {"port": 8444, "count": 1}, - "api": {"port": 8081, "count": 1}, - "policy": {"port": -1, "count": 1} - }, - "auth": { - "required": "basic", - "realm": "apiman-gateway", - "basic": { - "admin": "jGl25bVBBBW96Qi9Te4V37Fnqchz/Eu4qB9vKrRIqRg=" - } - }, - "ssl": { - "keystore": { - "path": "${APIMAN_KEYSTORE}", - "password": "secret" - }, - "truststore": { - "path": "${APIMAN_KEYSTORE}", - "password": "secret" - } - }, - "preferSecure": true, - "registry": { - "class": "io.apiman.gateway.engine.es.ESRegistry", - "config": { - "client": { - "type": "jest", - "cluster-name": "elasticsearch", - "host": "127.0.0.1", - "port": "9200", - "initialize": true - } - } - }, - "connector-factory": { - "class": "io.apiman.gateway.platforms.vertx3.connector.ConnectorFactory", - "config": { - } - }, - "plugin-registry": { - "class": "io.apiman.gateway.platforms.vertx3.engine.VertxPluginRegistry", - "config": {} - }, - "policy-factory": { - "class": "io.apiman.gateway.engine.policy.PolicyFactoryImpl", - "config": {} - }, - "metrics": { - "class": "io.apiman.gateway.engine.impl.InMemoryMetrics", - "config": {} - }, - "components": { - "IHttpClientComponent": { - "class": "io.apiman.gateway.platforms.vertx3.components.HttpClientComponentImpl", - "config": {} - }, - "ISharedStateComponent": { - "class": "io.apiman.gateway.engine.es.ESSharedStateComponent", - "config": { - "client": { - "type": "jest", - "cluster-name": "elasticsearch", - "host": "127.0.0.1", - "port": "9200", - "initialize": true - } - } - }, - "IRateLimiterComponent": { - "class": "io.apiman.gateway.engine.es.ESRateLimiterComponent", - "config": { - "client": { - "type": "jest", - "cluster-name": "elasticsearch", - "host": "127.0.0.1", - "port": "9200", - "initialize": true - } - } - }, - "IPolicyFailureFactoryComponent": { - "class": "io.apiman.gateway.platforms.vertx3.components.PolicyFailureFactoryComponent", - "config": {} - }, - "IBufferFactoryComponent": { - "class": "io.apiman.gateway.platforms.vertx3.components.BufferFactoryComponentImpl", - "config": {} - } - } -} diff --git a/tools/docker/deployments/push.sh b/tools/docker/deployments/push.sh new file mode 100755 index 0000000..3dd8c33 --- /dev/null +++ b/tools/docker/deployments/push.sh @@ -0,0 +1,6 @@ +#!/usr/bin/env bash + +IMAGE_LOCAL=apimanqe/ldap + +docker build -t ${IMAGE_LOCAL} $( dirname "${BASH_SOURCE[0]}" ) +docker push ${IMAGE_LOCAL} diff --git a/tools/job_scripts/rest-tests-build-vertx.sh b/tools/job_scripts/rest-tests-build-vertx.sh index 2822fea..4435169 100755 --- a/tools/job_scripts/rest-tests-build-vertx.sh +++ b/tools/job_scripts/rest-tests-build-vertx.sh @@ -16,7 +16,6 @@ sleep 30 # Configure vertx gateway ${TEST_SOURCES}/tools/use_vertx.sh -envsubst < $VERTX_CFG_TEMPLATE > $VERTX_CFG # Start the gateway java -version diff --git a/tools/use_vertx.sh b/tools/use_vertx.sh index 1eb7a53..b6f1f92 100755 --- a/tools/use_vertx.sh +++ b/tools/use_vertx.sh @@ -9,6 +9,6 @@ curl -X POST -u ${CREDENTIALS} -H ${CONTENT_TYPE} ${ENDPOINT} -d '{ "name" : "vertx", "description" : "Vert.X gateway", "type": "REST", - "configuration": "{\"endpoint\":\"http://localhost:8081/\",\"username\":\"admin\",\"password\":\"admin\"}" + "configuration": "{\"endpoint\":\"http://localhost:8081/\",\"username\":\"${GW_AUTH_USERNAME:-admin}\",\"password\":\"${GW_AUTH_PASSWORD:-admin}\"}" }'