Hi all, Considering the Carbon Secure Vault's OSGi and Non-OSGi implementations we are planning to:
- Get the secure vault YAML configuration from the runtime in the OSGi mode: This is because we can have multiple runtimes and each runtime can have different configurations. - Get the secure vault YAML configuration from system property (1st priority) or classpath (2nd priority) in the non-OSGi mode - Delegate providing other file paths (secret.properties, master-key.yaml) to relevant implementation classes because other file paths (secret.properties, master-key.yaml) are bound to the relevant implementation. Considering the Carbon Secure Vault's OSGi implementation, I don't currently have a way to get the secure vault YAML configuration from the runtime (we cannot have carbon kernel as a dependency to carbon secvault [6] since carbon configuration [5] will be dependent on carbon secvault [6] and carbon kernel [7] will depend on carbon configuration [5] (this will result in a cyclic dependency)). Therefore your input regarding how to get the secure vault YAML from runtime in OSGi mode is appreciated. On Thu, Mar 2, 2017 at 6:35 PM, Vidura Nanayakkara <[email protected]> wrote: > Hi, > > I am in the process of moving Carbon Configuration and Secure Vault from > Carbon Kernel [7] <https://github.com/wso2/carbon-config> repository. > Both these components will support OSGi mode as well as non-OSGi mode. > Following > are the reasons behind moving these into new repositories. > > Reasons for moving carbon configuration to a new repo: > > - The package is intended to provide configuration support for both > OSGi and non-OSGi components and is to be used by MSF4J (OSGI and > standalone mode), DAS etc. Therefore "org.wso2.carbon.configuration" > should be a separate independent module (not inheriting the carbon kernel's > parent pom) > - Having the package within carbon kernel could lead into problems as > having to release carbon kernel each time a change is made to > "org.wso2.carbon.configuration" > > Reasons for moving carbon sec-vault to a new repo: > > - Carbon secure vault is to be used by the Carbon Kernal. However, the > secure vault is provided via the carbon configuration module. Therefore we > decided that it would be best if secure vault is released as a separate > repository while carbon configuration module having a tight dependency to > the secure vault (Since as for the above point, we have to make > "org.wso2.carbon.configuration" a separate repository) > - If we merge secure vault configuration with deployement.yaml and if > there are cipher texts in deployment YAML, secure vault component has to > depend on config component because secure vault configs reside in > deployment YAML and config component has to depend on secure vault since we > need to unciper the cipperd values in deployment YAML, that leads to cyclic > dependency. > > According to the new structure, > > Carbon configuration will be in repo [5] > <https://github.com/wso2/carbon-config> and Carbon Secure Vault will be > in repo [6] <https://github.com/wso2/carbon-secvault>. This change will > not have any major impact on any of the current implementations. The only > change you have to make is to use the new maven dependencies and import any > class used from the right package. New maven dependency information would > be as follows for the components: > > *Carbon configuration* > > <dependency> > <groupId>org.wso2.carbon</groupId> > <artifactId>org.wso2.carbon.configuration</artifactId> > <version>1.0.0-SNAPSHOT</version> > </dependency> > > *Carbon Secure Vault* > > <dependency> > <groupId>org.wso2.carbon</groupId> > <artifactId>org.wso2.carbon.securevault</artifactId> > <version>1.0.0-SNAPSHOT</version> > </dependency> > > Both Carbon configuration and Carbon Secure Vault will have carbon > features implemented that will be installed in the Carbon Kernel. New > maven dependency information for the features of the above will be as > follows: > > *Carbon configuration Feature* > > <dependency> > <groupId>org.wso2.carbon</groupId> > <artifactId>org.wso2.carbon.configuration.feature</artifactId> > <version>1.0.0-SNAPSHOT</version> > </dependency> > > *Carbon Secure Vault Feature* > > <dependency> > <groupId>org.wso2.carbon</groupId> > <artifactId>org.wso2.carbon.securevault.feature</artifactId> > <version>1.0.0-SNAPSHOT</version> > </dependency> > > Furthermore, maven configuration plugin [4] will be also moved to the > Carbon Config [5] <https://github.com/wso2/carbon-config> repo. Carbon > configuration maven plugin dependency information would be as mentioned > below: > > <dependency> > <groupId>org.wso2.carbon</groupId> > <artifactId>org.wso2.carbon.configuration.maven.plugin</artifactId> > <version>1.0.0-SNAPSHOT</version> > </dependency> > > [1] Carbon Kernel Issue > <https://github.com/wso2/carbon-kernel/issues/1312> > [2] Carbon Sec-Vault Issue > <https://github.com/wso2/carbon-secvault/issues/2> > [3] Carbon Config Issue <https://github.com/wso2/carbon-config/issues/1> > [4] [Architecture] Carbon C5 - Server Configuration Model > [5] Carbon configuration repo <https://github.com/wso2/carbon-config> > [6] Carbon Secvault Repo <https://github.com/wso2/carbon-secvault> > [7] Carbon Kernel Repo <https://github.com/wso2/carbon-kernel> > > > Best Regards, > > *Vidura Nanayakkara* > Software Engineer > > Email : [email protected] > Mobile : +94 (0) 717 919277 <+94%2071%20791%209277> > Web : http://wso2.com > Blog : https://medium.com/@viduran <http://wso2.com/> > Twitter : http://twitter.com/viduranana > LinkedIn : https://lk.linkedin.com/in/vidura-nanayakkara > <http://wso2.com/> > -- Best Regards, *Vidura Nanayakkara* Software Engineer Email : [email protected] Mobile : +94 (0) 717 919277 Web : http://wso2.com Blog : https://medium.com/@viduran <http://wso2.com/> Twitter : http://twitter.com/viduranana LinkedIn : https://lk.linkedin.com/in/vidura-nanayakkara <http://wso2.com/>
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
