When vim_accounts msgs arrive in the Kafka bus, vim password is decrypted
and stored in the SQL database. The ideal scenario would be to store it
encrypted in the SQL DB and decrypt it on demand, but that would require
to store the schema_version, instantiate a DbMongo client everywhere it is
needed and a few other modifications that would severely pollute the codebase.
There needs to be a modification in the future on the osm_common side to make
this more doable.
Signed-off-by: Benjamin Diaz <bdiaz@whitestack.com>
ENV OSMMON_VCA_HOST localhost
ENV OSMMON_VCA_SECRET secret
ENV OSMMON_VCA_USER admin
ENV OSMMON_VCA_HOST localhost
ENV OSMMON_VCA_SECRET secret
ENV OSMMON_VCA_USER admin
+ENV OSMMON_DATABASE_COMMONKEY changeme
self.common_db = dbmongo.DbMongo()
self.common_db.db_connect({'host': cfg.MONGO_URI.split(':')[0],
'port': int(cfg.MONGO_URI.split(':')[1]),
self.common_db = dbmongo.DbMongo()
self.common_db.db_connect({'host': cfg.MONGO_URI.split(':')[0],
'port': int(cfg.MONGO_URI.split(':')[1]),
+ 'name': 'osm',
+ 'commonkey': cfg.OSMMON_DATABASE_COMMONKEY})
def get_vnfr(self, nsr_id: str, member_index: int):
vnfr = self.common_db.get_one("vnfrs",
def get_vnfr(self, nsr_id: str, member_index: int):
vnfr = self.common_db.get_one("vnfrs",
return vdur
raise ValueError('vdur not found for nsr-id %s, member_index %s and vdu_name %s', nsr_id, member_index,
vdu_name)
return vdur
raise ValueError('vdur not found for nsr-id %s, member_index %s and vdu_name %s', nsr_id, member_index,
vdu_name)
+
+ def decrypt_vim_password(self, vim_password: str, schema_version: str, vim_id: str):
+ return self.common_db.decrypt(vim_password, schema_version, vim_id)
if message.topic == "vim_account":
if message.key == "create" or message.key == "edit":
if message.topic == "vim_account":
if message.key == "create" or message.key == "edit":
+ values['vim_password'] = self.common_db.decrypt_vim_password(values['vim_password'],
+ values['schema_version'],
+ values['_id'])
self.auth_manager.store_auth_credentials(values)
if message.key == "delete":
self.auth_manager.delete_auth_credentials(values)
self.auth_manager.store_auth_credentials(values)
if message.key == "delete":
self.auth_manager.delete_auth_credentials(values)
CfgParam('OSMMON_VCA_HOST', "localhost", six.text_type),
CfgParam('OSMMON_VCA_SECRET', "secret", six.text_type),
CfgParam('OSMMON_VCA_USER', "admin", six.text_type),
CfgParam('OSMMON_VCA_HOST', "localhost", six.text_type),
CfgParam('OSMMON_VCA_SECRET', "secret", six.text_type),
CfgParam('OSMMON_VCA_USER', "admin", six.text_type),
+ CfgParam('OSMMON_DATABASE_COMMONKEY', "changeme", six.text_type),
]
_config_dict = {cfg.key: cfg for cfg in _configuration}
]
_config_dict = {cfg.key: cfg for cfg in _configuration}