Example 1 with SecurityPropertiesSchema
use of org.apache.nifi.minifi.commons.schema.SecurityPropertiesSchema in project nifi-minifi by apache.
the class ConfigTransformer method writeNiFiProperties.
protected static void writeNiFiProperties(ConfigSchema configSchema, OutputStream outputStream) throws IOException, ConfigurationChangeException {
try {
CorePropertiesSchema coreProperties = configSchema.getCoreProperties();
FlowFileRepositorySchema flowfileRepoSchema = configSchema.getFlowfileRepositoryProperties();
SwapSchema swapProperties = flowfileRepoSchema.getSwapProperties();
ContentRepositorySchema contentRepoProperties = configSchema.getContentRepositoryProperties();
ComponentStatusRepositorySchema componentStatusRepoProperties = configSchema.getComponentStatusRepositoryProperties();
SecurityPropertiesSchema securityProperties = configSchema.getSecurityProperties();
SensitivePropsSchema sensitiveProperties = securityProperties.getSensitiveProps();
ProvenanceRepositorySchema provenanceRepositorySchema = configSchema.getProvenanceRepositorySchema();
OrderedProperties orderedProperties = new OrderedProperties();
orderedProperties.setProperty(NIFI_VERSION_KEY, NIFI_VERSION, "# Core Properties #" + System.lineSeparator());
orderedProperties.setProperty("nifi.flow.configuration.file", "./conf/flow.xml.gz");
orderedProperties.setProperty("nifi.flow.configuration.archive.enabled", "false");
orderedProperties.setProperty("nifi.flow.configuration.archive.dir", "./conf/archive/");
orderedProperties.setProperty("nifi.flowcontroller.autoResumeState", "true");
orderedProperties.setProperty("nifi.flowcontroller.graceful.shutdown.period", coreProperties.getFlowControllerGracefulShutdownPeriod());
orderedProperties.setProperty("nifi.flowservice.writedelay.interval", coreProperties.getFlowServiceWriteDelayInterval());
orderedProperties.setProperty("nifi.administrative.yield.duration", coreProperties.getAdministrativeYieldDuration());
orderedProperties.setProperty("nifi.variable.registry.properties", coreProperties.getVariableRegistryProperties());
orderedProperties.setProperty("nifi.bored.yield.duration", coreProperties.getBoredYieldDuration(), "# If a component has no work to do (is \"bored\"), how long should we wait before checking again for work?");
orderedProperties.setProperty("nifi.authority.provider.configuration.file", "./conf/authority-providers.xml", "");
orderedProperties.setProperty("nifi.login.identity.provider.configuration.file", "./conf/login-identity-providers.xml");
orderedProperties.setProperty("nifi.templates.directory", "./conf/templates");
orderedProperties.setProperty("nifi.ui.banner.text", "");
orderedProperties.setProperty("nifi.ui.autorefresh.interval", "30 sec");
orderedProperties.setProperty("nifi.nar.library.directory", "./lib");
orderedProperties.setProperty("nifi.nar.working.directory", "./work/nar/");
orderedProperties.setProperty("nifi.documentation.working.directory", "./work/docs/components");
orderedProperties.setProperty("nifi.state.management.configuration.file", "./conf/state-management.xml", System.lineSeparator() + "####################" + "# State Management #" + "####################");
orderedProperties.setProperty("nifi.state.management.provider.local", "local-provider", "# The ID of the local state provider");
orderedProperties.setProperty("nifi.database.directory", "./database_repository", System.lineSeparator() + "# H2 Settings");
orderedProperties.setProperty("nifi.h2.url.append", ";LOCK_TIMEOUT=25000;WRITE_DELAY=0;AUTO_SERVER=FALSE");
orderedProperties.setProperty("nifi.flowfile.repository.implementation", "org.apache.nifi.controller.repository.WriteAheadFlowFileRepository", System.lineSeparator() + "# FlowFile Repository");
orderedProperties.setProperty("nifi.flowfile.repository.directory", "./flowfile_repository");
orderedProperties.setProperty("nifi.flowfile.repository.partitions", String.valueOf(flowfileRepoSchema.getPartitions()));
orderedProperties.setProperty("nifi.flowfile.repository.checkpoint.interval", flowfileRepoSchema.getCheckpointInterval());
orderedProperties.setProperty("nifi.flowfile.repository.always.sync", Boolean.toString(flowfileRepoSchema.getAlwaysSync()));
orderedProperties.setProperty("nifi.swap.manager.implementation", "org.apache.nifi.controller.FileSystemSwapManager", "");
orderedProperties.setProperty("nifi.queue.swap.threshold", String.valueOf(swapProperties.getThreshold()));
orderedProperties.setProperty("nifi.swap.in.period", swapProperties.getInPeriod());
orderedProperties.setProperty("nifi.swap.in.threads", String.valueOf(swapProperties.getInThreads()));
orderedProperties.setProperty("nifi.swap.out.period", swapProperties.getOutPeriod());
orderedProperties.setProperty("nifi.swap.out.threads", String.valueOf(swapProperties.getOutThreads()));
orderedProperties.setProperty("nifi.content.repository.implementation", "org.apache.nifi.controller.repository.FileSystemRepository", System.lineSeparator() + "# Content Repository");
orderedProperties.setProperty("nifi.content.claim.max.appendable.size", contentRepoProperties.getContentClaimMaxAppendableSize());
orderedProperties.setProperty("nifi.content.claim.max.flow.files", String.valueOf(contentRepoProperties.getContentClaimMaxFlowFiles()));
orderedProperties.setProperty("nifi.content.repository.archive.max.retention.period", "");
orderedProperties.setProperty("nifi.content.repository.archive.max.usage.percentage", "");
orderedProperties.setProperty("nifi.content.repository.archive.enabled", "false");
orderedProperties.setProperty("nifi.content.repository.directory.default", "./content_repository");
orderedProperties.setProperty("nifi.content.repository.always.sync", Boolean.toString(contentRepoProperties.getAlwaysSync()));
orderedProperties.setProperty("nifi.provenance.repository.implementation", provenanceRepositorySchema.getProvenanceRepository(), System.lineSeparator() + "# Provenance Repository Properties");
orderedProperties.setProperty("nifi.provenance.repository.rollover.time", provenanceRepositorySchema.getProvenanceRepoRolloverTimeKey());
orderedProperties.setProperty("nifi.provenance.repository.buffer.size", "10000", System.lineSeparator() + "# Volatile Provenance Respository Properties");
orderedProperties.setProperty("nifi.components.status.repository.implementation", "org.apache.nifi.controller.status.history.VolatileComponentStatusRepository", System.lineSeparator() + "# Component Status Repository");
orderedProperties.setProperty("nifi.components.status.repository.buffer.size", String.valueOf(componentStatusRepoProperties.getBufferSize()));
orderedProperties.setProperty("nifi.components.status.snapshot.frequency", componentStatusRepoProperties.getSnapshotFrequency());
orderedProperties.setProperty("nifi.web.war.directory", "./lib", System.lineSeparator() + "# web properties #");
orderedProperties.setProperty("nifi.web.http.host", "");
orderedProperties.setProperty("nifi.web.http.port", "8081");
orderedProperties.setProperty("nifi.web.https.host", "");
orderedProperties.setProperty("nifi.web.https.port", "");
orderedProperties.setProperty("nifi.web.jetty.working.directory", "./work/jetty");
orderedProperties.setProperty("nifi.web.jetty.threads", "200");
orderedProperties.setProperty("nifi.sensitive.props.key", sensitiveProperties.getKey(), System.lineSeparator() + "# security properties #");
orderedProperties.setProperty("nifi.sensitive.props.algorithm", sensitiveProperties.getAlgorithm());
orderedProperties.setProperty("nifi.sensitive.props.provider", sensitiveProperties.getProvider());
orderedProperties.setProperty("nifi.security.keystore", securityProperties.getKeystore(), "");
orderedProperties.setProperty("nifi.security.keystoreType", securityProperties.getKeystoreType());
orderedProperties.setProperty("nifi.security.keystorePasswd", securityProperties.getKeystorePassword());
orderedProperties.setProperty("nifi.security.keyPasswd", securityProperties.getKeyPassword());
orderedProperties.setProperty("nifi.security.truststore", securityProperties.getTruststore());
orderedProperties.setProperty("nifi.security.truststoreType", securityProperties.getTruststoreType());
orderedProperties.setProperty("nifi.security.truststorePasswd", securityProperties.getTruststorePassword());
orderedProperties.setProperty("nifi.security.needClientAuth", "");
orderedProperties.setProperty("nifi.security.user.credential.cache.duration", "24 hours");
orderedProperties.setProperty("nifi.security.user.authority.provider", "file-provider");
orderedProperties.setProperty("nifi.security.user.login.identity.provider", "");
orderedProperties.setProperty("nifi.security.support.new.account.requests", "");
orderedProperties.setProperty("nifi.security.anonymous.authorities", "", "# Valid Authorities include: ROLE_MONITOR,ROLE_DFM,ROLE_ADMIN,ROLE_PROVENANCE,ROLE_NIFI");
orderedProperties.setProperty("nifi.security.ocsp.responder.url", "");
orderedProperties.setProperty("nifi.security.ocsp.responder.certificate", "");
orderedProperties.setProperty("nifi.cluster.is.node", "false", System.lineSeparator() + System.lineSeparator() + "# cluster node properties (only configure for cluster nodes) #");
orderedProperties.setProperty("nifi.cluster.is.manager", "false", System.lineSeparator() + "# cluster manager properties (only configure for cluster manager) #");
for (Map.Entry<String, String> entry : configSchema.getNifiPropertiesOverrides().entrySet()) {
orderedProperties.setProperty(entry.getKey(), entry.getValue());
}
orderedProperties.store(outputStream, PROPERTIES_FILE_APACHE_2_0_LICENSE);
} catch (NullPointerException e) {
throw new ConfigurationChangeException("Failed to parse the config YAML while creating the nifi.properties", e);
} finally {
outputStream.close();
}
}
Also used :
ComponentStatusRepositorySchema(org.apache.nifi.minifi.commons.schema.ComponentStatusRepositorySchema)
FlowFileRepositorySchema(org.apache.nifi.minifi.commons.schema.FlowFileRepositorySchema)
SwapSchema(org.apache.nifi.minifi.commons.schema.SwapSchema)
ConfigurationChangeException(org.apache.nifi.minifi.bootstrap.configuration.ConfigurationChangeException)
SensitivePropsSchema(org.apache.nifi.minifi.commons.schema.SensitivePropsSchema)
ContentRepositorySchema(org.apache.nifi.minifi.commons.schema.ContentRepositorySchema)
SecurityPropertiesSchema(org.apache.nifi.minifi.commons.schema.SecurityPropertiesSchema)
ProvenanceRepositorySchema(org.apache.nifi.minifi.commons.schema.ProvenanceRepositorySchema)
CorePropertiesSchema(org.apache.nifi.minifi.commons.schema.CorePropertiesSchema)
Map(java.util.Map)
HashMap(java.util.HashMap)
Example 2 with SecurityPropertiesSchema
use of org.apache.nifi.minifi.commons.schema.SecurityPropertiesSchema in project nifi-minifi by apache.
the class PullHttpChangeIngestor method run.
@Override
public void run() {
try {
logger.debug("Attempting to pull new config");
HttpUrl.Builder builder = new HttpUrl.Builder().host(hostReference.get()).port(portReference.get()).encodedPath(pathReference.get());
String query = queryReference.get();
if (!StringUtil.isNullOrEmpty(query)) {
builder = builder.encodedQuery(query);
}
final HttpUrl url = builder.scheme(connectionScheme).build();
final Request.Builder requestBuilder = new Request.Builder().get().url(url);
if (useEtag) {
requestBuilder.addHeader("If-None-Match", lastEtag);
}
final Request request = requestBuilder.build();
final OkHttpClient httpClient = httpClientReference.get();
final Call call = httpClient.newCall(request);
final Response response = call.execute();
logger.debug("Response received: {}", response.toString());
int code = response.code();
if (code == NOT_MODIFIED_STATUS_CODE) {
return;
}
if (code >= 400) {
throw new IOException("Got response code " + code + " while trying to pull configuration: " + response.body().string());
}
ResponseBody body = response.body();
if (body == null) {
logger.warn("No body returned when pulling a new configuration");
return;
}
ByteBuffer bodyByteBuffer = ByteBuffer.wrap(body.bytes());
ByteBuffer readOnlyNewConfig = null;
// checking if some parts of the configuration must be preserved
if (overrideSecurity) {
readOnlyNewConfig = bodyByteBuffer.asReadOnlyBuffer();
} else {
logger.debug("Preserving previous security properties...");
// get the current security properties from the current configuration file
final File configFile = new File(properties.get().getProperty(RunMiNiFi.MINIFI_CONFIG_FILE_KEY));
ConvertableSchema<ConfigSchema> configSchema = SchemaLoader.loadConvertableSchemaFromYaml(new FileInputStream(configFile));
ConfigSchema currentSchema = configSchema.convert();
SecurityPropertiesSchema secProps = currentSchema.getSecurityProperties();
// override the security properties in the pulled configuration with the previous properties
configSchema = SchemaLoader.loadConvertableSchemaFromYaml(new ByteBufferInputStream(bodyByteBuffer.duplicate()));
ConfigSchema newSchema = configSchema.convert();
newSchema.setSecurityProperties(secProps);
// return the updated configuration preserving the previous security configuration
readOnlyNewConfig = ByteBuffer.wrap(new Yaml().dump(newSchema.toMap()).getBytes()).asReadOnlyBuffer();
}
if (differentiator.isNew(readOnlyNewConfig)) {
logger.debug("New change received, notifying listener");
configurationChangeNotifier.notifyListeners(readOnlyNewConfig);
logger.debug("Listeners notified");
} else {
logger.debug("Pulled config same as currently running.");
}
if (useEtag) {
lastEtag = (new StringBuilder("\"")).append(response.header("ETag").trim()).append("\"").toString();
}
} catch (Exception e) {
logger.warn("Hit an exception while trying to pull", e);
}
}
Also used :
Call(okhttp3.Call)
OkHttpClient(okhttp3.OkHttpClient)
Request(okhttp3.Request)
ByteBufferInputStream(org.apache.nifi.minifi.bootstrap.util.ByteBufferInputStream)
IOException(java.io.IOException)
ByteBuffer(java.nio.ByteBuffer)
HttpUrl(okhttp3.HttpUrl)
FileInputStream(java.io.FileInputStream)
Yaml(org.yaml.snakeyaml.Yaml)
IOException(java.io.IOException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
ResponseBody(okhttp3.ResponseBody)
Response(okhttp3.Response)
SecurityPropertiesSchema(org.apache.nifi.minifi.commons.schema.SecurityPropertiesSchema)
File(java.io.File)
ConfigSchema(org.apache.nifi.minifi.commons.schema.ConfigSchema)
Example 3 with SecurityPropertiesSchema
use of org.apache.nifi.minifi.commons.schema.SecurityPropertiesSchema in project nifi-minifi by apache.
the class ConfigTransformer method addProvenanceReportingTask.
protected static void addProvenanceReportingTask(final Element element, ConfigSchema configSchema) throws ConfigurationChangeException {
try {
ProvenanceReportingSchema provenanceProperties = configSchema.getProvenanceReportingProperties();
final Element taskElement = element.getOwnerDocument().createElement("reportingTask");
addTextElement(taskElement, "id", "Provenance-Reporting");
addTextElement(taskElement, "name", "Site-To-Site-Provenance-Reporting");
addTextElement(taskElement, "comment", provenanceProperties.getComment());
addTextElement(taskElement, "class", DEFAULT_PROV_REPORTING_TASK_CLASS);
addTextElement(taskElement, "schedulingPeriod", provenanceProperties.getSchedulingPeriod());
addTextElement(taskElement, "scheduledState", "RUNNING");
addTextElement(taskElement, "schedulingStrategy", provenanceProperties.getSchedulingStrategy());
Map<String, Object> attributes = new HashMap<>();
attributes.put("Destination URL", provenanceProperties.getDestinationUrl());
attributes.put("Input Port Name", provenanceProperties.getPortName());
attributes.put("Instance URL", provenanceProperties.getOriginatingUrl());
attributes.put("Compress Events", provenanceProperties.getUseCompression());
attributes.put("Batch Size", provenanceProperties.getBatchSize());
attributes.put("Communications Timeout", provenanceProperties.getTimeout());
SecurityPropertiesSchema securityProps = configSchema.getSecurityProperties();
if (securityProps.useSSL()) {
attributes.put("SSL Context Service", "SSL-Context-Service");
}
addConfiguration(taskElement, attributes);
element.appendChild(taskElement);
} catch (Exception e) {
throw new ConfigurationChangeException("Failed to parse the config YAML while trying to add the Provenance Reporting Task", e);
}
}
Also used :
HashMap(java.util.HashMap)
SecurityPropertiesSchema(org.apache.nifi.minifi.commons.schema.SecurityPropertiesSchema)
ProvenanceReportingSchema(org.apache.nifi.minifi.commons.schema.ProvenanceReportingSchema)
Element(org.w3c.dom.Element)
ConfigurationChangeException(org.apache.nifi.minifi.bootstrap.configuration.ConfigurationChangeException)
InvalidConfigurationException(org.apache.nifi.minifi.bootstrap.exception.InvalidConfigurationException)
ConfigurationChangeException(org.apache.nifi.minifi.bootstrap.configuration.ConfigurationChangeException)
TransformerException(javax.xml.transform.TransformerException)
DOMException(org.w3c.dom.DOMException)
IOException(java.io.IOException)
ParserConfigurationException(javax.xml.parsers.ParserConfigurationException)
Example 4 with SecurityPropertiesSchema
use of org.apache.nifi.minifi.commons.schema.SecurityPropertiesSchema in project nifi-minifi by apache.
the class ConfigTransformer method createFlowXml.
protected static DOMSource createFlowXml(ConfigSchema configSchema) throws IOException, ConfigurationChangeException, ConfigTransformerException {
try {
// create a new, empty document
final DocumentBuilderFactory docFactory = DocumentBuilderFactory.newInstance();
docFactory.setNamespaceAware(true);
final DocumentBuilder docBuilder = docFactory.newDocumentBuilder();
final Document doc = docBuilder.newDocument();
// populate document with controller state
final Element rootNode = doc.createElement("flowController");
doc.appendChild(rootNode);
CorePropertiesSchema coreProperties = configSchema.getCoreProperties();
addTextElement(rootNode, "maxTimerDrivenThreadCount", String.valueOf(coreProperties.getMaxConcurrentThreads()));
addTextElement(rootNode, "maxEventDrivenThreadCount", String.valueOf(coreProperties.getMaxConcurrentThreads()));
FlowControllerSchema flowControllerProperties = configSchema.getFlowControllerProperties();
final Element element = doc.createElement("rootGroup");
rootNode.appendChild(element);
ProcessGroupSchema processGroupSchema = configSchema.getProcessGroupSchema();
processGroupSchema.setId(ROOT_GROUP);
processGroupSchema.setName(flowControllerProperties.getName());
processGroupSchema.setComment(flowControllerProperties.getComment());
addProcessGroup(doc, element, processGroupSchema, new ParentGroupIdResolver(processGroupSchema));
SecurityPropertiesSchema securityProperties = configSchema.getSecurityProperties();
if (securityProperties.useSSL()) {
Element controllerServicesNode = doc.getElementById("controllerServices");
if (controllerServicesNode == null) {
controllerServicesNode = doc.createElement("controllerServices");
}
rootNode.appendChild(controllerServicesNode);
addSSLControllerService(controllerServicesNode, securityProperties);
}
ProvenanceReportingSchema provenanceProperties = configSchema.getProvenanceReportingProperties();
if (provenanceProperties != null) {
final Element reportingTasksNode = doc.createElement("reportingTasks");
rootNode.appendChild(reportingTasksNode);
addProvenanceReportingTask(reportingTasksNode, configSchema);
}
return new DOMSource(doc);
} catch (final ParserConfigurationException | DOMException | TransformerFactoryConfigurationError | IllegalArgumentException e) {
throw new ConfigTransformerException(e);
} catch (Exception e) {
throw new ConfigTransformerException("Failed to parse the config YAML while writing the top level of the flow xml", e);
}
}
Also used :
TransformerFactoryConfigurationError(javax.xml.transform.TransformerFactoryConfigurationError)
DOMSource(javax.xml.transform.dom.DOMSource)
DocumentBuilderFactory(javax.xml.parsers.DocumentBuilderFactory)
Element(org.w3c.dom.Element)
RemoteProcessGroupSchema(org.apache.nifi.minifi.commons.schema.RemoteProcessGroupSchema)
ProcessGroupSchema(org.apache.nifi.minifi.commons.schema.ProcessGroupSchema)
ProvenanceReportingSchema(org.apache.nifi.minifi.commons.schema.ProvenanceReportingSchema)
Document(org.w3c.dom.Document)
InvalidConfigurationException(org.apache.nifi.minifi.bootstrap.exception.InvalidConfigurationException)
ConfigurationChangeException(org.apache.nifi.minifi.bootstrap.configuration.ConfigurationChangeException)
TransformerException(javax.xml.transform.TransformerException)
DOMException(org.w3c.dom.DOMException)
IOException(java.io.IOException)
ParserConfigurationException(javax.xml.parsers.ParserConfigurationException)
DOMException(org.w3c.dom.DOMException)
DocumentBuilder(javax.xml.parsers.DocumentBuilder)
SecurityPropertiesSchema(org.apache.nifi.minifi.commons.schema.SecurityPropertiesSchema)
ParserConfigurationException(javax.xml.parsers.ParserConfigurationException)
FlowControllerSchema(org.apache.nifi.minifi.commons.schema.FlowControllerSchema)
CorePropertiesSchema(org.apache.nifi.minifi.commons.schema.CorePropertiesSchema)
Aggregations
SecurityPropertiesSchema (org.apache.nifi.minifi.commons.schema.SecurityPropertiesSchema)4
IOException (java.io.IOException)3
ConfigurationChangeException (org.apache.nifi.minifi.bootstrap.configuration.ConfigurationChangeException)3
HashMap (java.util.HashMap)2
ParserConfigurationException (javax.xml.parsers.ParserConfigurationException)2
TransformerException (javax.xml.transform.TransformerException)2
InvalidConfigurationException (org.apache.nifi.minifi.bootstrap.exception.InvalidConfigurationException)2
CorePropertiesSchema (org.apache.nifi.minifi.commons.schema.CorePropertiesSchema)2
ProvenanceReportingSchema (org.apache.nifi.minifi.commons.schema.ProvenanceReportingSchema)2
DOMException (org.w3c.dom.DOMException)2
Element (org.w3c.dom.Element)2
File (java.io.File)1
FileInputStream (java.io.FileInputStream)1
ByteBuffer (java.nio.ByteBuffer)1
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
Map (java.util.Map)1
DocumentBuilder (javax.xml.parsers.DocumentBuilder)1
DocumentBuilderFactory (javax.xml.parsers.DocumentBuilderFactory)1
TransformerFactoryConfigurationError (javax.xml.transform.TransformerFactoryConfigurationError)1
DOMSource (javax.xml.transform.dom.DOMSource)1
