vault implemented
This commit is contained in:
Radek Davidek
parent
4629a2fae7
commit
4923d498ed
@ -1,22 +1,23 @@
|
|||||||
package cz.moneta.test.harness.endpoints.imq;
|
package cz.moneta.test.harness.endpoints.imq;
|
||||||
|
|
||||||
import cz.moneta.test.harness.connectors.messaging.IbmMqConnector;
|
|
||||||
import cz.moneta.test.harness.context.StoreAccessor;
|
|
||||||
import cz.moneta.test.harness.endpoints.Endpoint;
|
|
||||||
import cz.moneta.test.harness.messaging.MqMessageFormat;
|
|
||||||
import cz.moneta.test.harness.messaging.ReceivedMessage;
|
|
||||||
import cz.moneta.test.harness.connectors.VaultConnector;
|
|
||||||
import cz.moneta.test.harness.support.auth.Credentials;
|
|
||||||
import org.apache.logging.log4j.LogManager;
|
|
||||||
import org.apache.logging.log4j.Logger;
|
|
||||||
|
|
||||||
import java.time.Duration;
|
import java.time.Duration;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Optional;
|
import java.util.Optional;
|
||||||
|
|
||||||
|
import org.apache.logging.log4j.LogManager;
|
||||||
|
import org.apache.logging.log4j.Logger;
|
||||||
|
|
||||||
|
import cz.moneta.test.harness.connectors.VaultConnector;
|
||||||
|
import cz.moneta.test.harness.connectors.messaging.IbmMqConnector;
|
||||||
|
import cz.moneta.test.harness.context.StoreAccessor;
|
||||||
|
import cz.moneta.test.harness.endpoints.Endpoint;
|
||||||
|
import cz.moneta.test.harness.messaging.MqMessageFormat;
|
||||||
|
import cz.moneta.test.harness.messaging.ReceivedMessage;
|
||||||
|
import cz.moneta.test.harness.support.auth.Credentials;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* IBM MQ First Vision endpoint.
|
* IBM MQ First Vision endpoint. Provides high-level access to IBM MQ queues
|
||||||
* Provides high-level access to IBM MQ queues with configuration from StoreAccessor.
|
* with configuration from StoreAccessor.
|
||||||
* <p>
|
* <p>
|
||||||
* Credentials are loaded from HashiCorp Vault.
|
* Credentials are loaded from HashiCorp Vault.
|
||||||
*/
|
*/
|
||||||
@ -27,12 +28,15 @@ public class ImqFirstVisionEndpoint implements Endpoint {
|
|||||||
private final IbmMqConnector connector;
|
private final IbmMqConnector connector;
|
||||||
private final StoreAccessor store;
|
private final StoreAccessor store;
|
||||||
|
|
||||||
|
private String username, password, keystorePassword;
|
||||||
|
|
||||||
// Configuration keys
|
// Configuration keys
|
||||||
private static final String CONNECTION_NAME_LIST_KEY = "endpoints.imq-first-vision.connection-name-list";
|
private static final String CONNECTION_NAME_LIST_KEY = "endpoints.imq-first-vision.connection-name-list";
|
||||||
private static final String CHANNEL_KEY = "endpoints.imq-first-vision.channel";
|
private static final String CHANNEL_KEY = "endpoints.imq-first-vision.channel";
|
||||||
private static final String QUEUE_MANAGER_KEY = "endpoints.imq-first-vision.queue-manager";
|
private static final String QUEUE_MANAGER_KEY = "endpoints.imq-first-vision.queue-manager";
|
||||||
private static final String SSL_CIPHER_SUITE_KEY = "endpoints.imq-first-vision.ssl-cipher-suite";
|
private static final String SSL_CIPHER_SUITE_KEY = "endpoints.imq-first-vision.ssl-cipher-suite";
|
||||||
private static final String VAULT_PATH_KEY = "vault.imq-first-vision.secrets.path";
|
private static final String VAULT_PATH_KEY = "vault.imq-first-vision.secrets.path";
|
||||||
|
private static final String VAULT_KEYSTORE_PASSWORD_KEY = "keystorePassword";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Constructor that reads configuration from StoreAccessor.
|
* Constructor that reads configuration from StoreAccessor.
|
||||||
@ -46,25 +50,14 @@ public class ImqFirstVisionEndpoint implements Endpoint {
|
|||||||
String queueManager = getConfig(QUEUE_MANAGER_KEY);
|
String queueManager = getConfig(QUEUE_MANAGER_KEY);
|
||||||
String sslCipherSuite = getConfig(SSL_CIPHER_SUITE_KEY);
|
String sslCipherSuite = getConfig(SSL_CIPHER_SUITE_KEY);
|
||||||
|
|
||||||
// Load credentials from Vault
|
loadCredentialsFromVault();
|
||||||
String vaultPath = getVaultPath();
|
|
||||||
Credentials credentials = loadCredentialsFromVault(vaultPath);
|
|
||||||
|
|
||||||
// SSL configuration (optional)
|
// SSL configuration (optional)
|
||||||
String keystorePath = "/home/kamma/aa/mq-docker/truststore.jks";
|
String keystorePath = "/home/kamma/aa/mq-docker/truststore.jks";
|
||||||
String keystorePassword = "changeit";
|
|
||||||
|
|
||||||
try {
|
try {
|
||||||
this.connector = new IbmMqConnector(
|
this.connector = new IbmMqConnector(connectionNameList, channel, queueManager, username, password,
|
||||||
connectionNameList,
|
keystorePath, keystorePassword, sslCipherSuite);
|
||||||
channel,
|
|
||||||
queueManager,
|
|
||||||
credentials.getUsername(),
|
|
||||||
credentials.getPassword(),
|
|
||||||
keystorePath,
|
|
||||||
keystorePassword,
|
|
||||||
sslCipherSuite
|
|
||||||
);
|
|
||||||
|
|
||||||
LOG.info("Initialized IBM MQ First Vision endpoint for queue manager: {}", queueManager);
|
LOG.info("Initialized IBM MQ First Vision endpoint for queue manager: {}", queueManager);
|
||||||
|
|
||||||
@ -78,25 +71,16 @@ public class ImqFirstVisionEndpoint implements Endpoint {
|
|||||||
*/
|
*/
|
||||||
private String getConfig(String key) {
|
private String getConfig(String key) {
|
||||||
return Optional.ofNullable(store.getConfig(key))
|
return Optional.ofNullable(store.getConfig(key))
|
||||||
.orElseThrow(() -> new IllegalStateException(
|
.orElseThrow(() -> new IllegalStateException("You need to configure " + key));
|
||||||
"You need to configure " + key));
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get vault path from configuration.
|
|
||||||
*/
|
|
||||||
private String getVaultPath() {
|
|
||||||
return Optional.ofNullable(store.getConfig(VAULT_PATH_KEY))
|
|
||||||
.orElseThrow(() -> new IllegalStateException(
|
|
||||||
"You need to configure " + VAULT_PATH_KEY));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Load credentials from HashiCorp Vault.
|
* Load credentials from HashiCorp Vault.
|
||||||
*/
|
*/
|
||||||
private Credentials loadCredentialsFromVault(String vaultPath) {
|
private void loadCredentialsFromVault() {
|
||||||
try {
|
try {
|
||||||
// Get vault URL from configuration
|
// Get vault URL from configuration
|
||||||
|
String vaultPath = getConfig(VAULT_PATH_KEY);
|
||||||
String vaultUrl = getConfig("vault.url");
|
String vaultUrl = getConfig("vault.url");
|
||||||
String vaultUser = getConfig("vault.user");
|
String vaultUser = getConfig("vault.user");
|
||||||
String vaultPassword = getConfig("vault.password");
|
String vaultPassword = getConfig("vault.password");
|
||||||
@ -105,9 +89,15 @@ public class ImqFirstVisionEndpoint implements Endpoint {
|
|||||||
|
|
||||||
Optional<Credentials> credentials = vaultConnector.getUsernameAndPassword(vaultPath);
|
Optional<Credentials> credentials = vaultConnector.getUsernameAndPassword(vaultPath);
|
||||||
|
|
||||||
return credentials.orElseThrow(() -> new IllegalStateException(
|
if (credentials.isPresent()) {
|
||||||
"Credentials not found in Vault at path: " + vaultPath));
|
this.username = credentials.get().getUsername();
|
||||||
|
this.password = credentials.get().getPassword();
|
||||||
|
this.keystorePassword = vaultConnector.getValue(vaultPath, VAULT_KEYSTORE_PASSWORD_KEY)
|
||||||
|
.map(Object::toString).orElse(null);
|
||||||
|
LOG.info("Successfully loaded credentials from Vault for path: {}", vaultPath);
|
||||||
|
} else {
|
||||||
|
throw new IllegalStateException("Credentials not found in Vault at path: " + vaultPath);
|
||||||
|
}
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
throw new IllegalStateException("Failed to load credentials from Vault", e);
|
throw new IllegalStateException("Failed to load credentials from Vault", e);
|
||||||
}
|
}
|
||||||
@ -116,7 +106,8 @@ public class ImqFirstVisionEndpoint implements Endpoint {
|
|||||||
/**
|
/**
|
||||||
* Send a message to a queue.
|
* Send a message to a queue.
|
||||||
*
|
*
|
||||||
* @param queueName Physical queue name or logical name (from ImqFirstVisionQueue)
|
* @param queueName Physical queue name or logical name (from
|
||||||
|
* ImqFirstVisionQueue)
|
||||||
* @param payload Message payload
|
* @param payload Message payload
|
||||||
* @param format Message format
|
* @param format Message format
|
||||||
* @param properties JMS properties
|
* @param properties JMS properties
|
||||||
@ -144,16 +135,15 @@ public class ImqFirstVisionEndpoint implements Endpoint {
|
|||||||
* @param timeout Timeout duration
|
* @param timeout Timeout duration
|
||||||
* @return Received message
|
* @return Received message
|
||||||
*/
|
*/
|
||||||
public ReceivedMessage receive(String queueName, String messageSelector,
|
public ReceivedMessage receive(String queueName, String messageSelector, MqMessageFormat format, Duration timeout) {
|
||||||
MqMessageFormat format, Duration timeout) {
|
|
||||||
return connector.receive(queueName, messageSelector, format, timeout);
|
return connector.receive(queueName, messageSelector, format, timeout);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Receive a message from a queue using logical queue name.
|
* Receive a message from a queue using logical queue name.
|
||||||
*/
|
*/
|
||||||
public ReceivedMessage receive(ImqFirstVisionQueue queue, String messageSelector,
|
public ReceivedMessage receive(ImqFirstVisionQueue queue, String messageSelector, MqMessageFormat format,
|
||||||
MqMessageFormat format, Duration timeout) {
|
Duration timeout) {
|
||||||
String physicalQueueName = resolveQueue(queue);
|
String physicalQueueName = resolveQueue(queue);
|
||||||
return connector.receive(physicalQueueName, messageSelector, format, timeout);
|
return connector.receive(physicalQueueName, messageSelector, format, timeout);
|
||||||
}
|
}
|
||||||
@ -167,16 +157,16 @@ public class ImqFirstVisionEndpoint implements Endpoint {
|
|||||||
* @param maxMessages Maximum number of messages
|
* @param maxMessages Maximum number of messages
|
||||||
* @return List of received messages
|
* @return List of received messages
|
||||||
*/
|
*/
|
||||||
public List<ReceivedMessage> browse(String queueName, String messageSelector,
|
public List<ReceivedMessage> browse(String queueName, String messageSelector, MqMessageFormat format,
|
||||||
MqMessageFormat format, int maxMessages) {
|
int maxMessages) {
|
||||||
return connector.browse(queueName, messageSelector, format, maxMessages);
|
return connector.browse(queueName, messageSelector, format, maxMessages);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Browse a queue using logical queue name.
|
* Browse a queue using logical queue name.
|
||||||
*/
|
*/
|
||||||
public List<ReceivedMessage> browse(ImqFirstVisionQueue queue, String messageSelector,
|
public List<ReceivedMessage> browse(ImqFirstVisionQueue queue, String messageSelector, MqMessageFormat format,
|
||||||
MqMessageFormat format, int maxMessages) {
|
int maxMessages) {
|
||||||
String physicalQueueName = resolveQueue(queue);
|
String physicalQueueName = resolveQueue(queue);
|
||||||
return connector.browse(physicalQueueName, messageSelector, format, maxMessages);
|
return connector.browse(physicalQueueName, messageSelector, format, maxMessages);
|
||||||
}
|
}
|
||||||
@ -189,9 +179,8 @@ public class ImqFirstVisionEndpoint implements Endpoint {
|
|||||||
*/
|
*/
|
||||||
public String resolveQueue(String logicalName) {
|
public String resolveQueue(String logicalName) {
|
||||||
String configKey = "endpoints.imq-first-vision." + logicalName + ".queue";
|
String configKey = "endpoints.imq-first-vision." + logicalName + ".queue";
|
||||||
return Optional.ofNullable(store.getConfig(configKey))
|
return Optional.ofNullable(store.getConfig(configKey)).orElseThrow(
|
||||||
.orElseThrow(() -> new IllegalStateException(
|
() -> new IllegalStateException("Queue '" + logicalName + "' is not configured in " + configKey));
|
||||||
"Queue '" + logicalName + "' is not configured in " + configKey));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user