Hi all, Myself, Lakshman and Kishanthan had a discussion related to the above matter and came to a conclusion that we need to have a separate repo for kernel-utils. Moving kernel utilities out of carbon kernel was previously discussed in order to provide Balerina and MSF4J standalone mode with the kernel utilities rather than having a dependency to the carbon core. We can use this kernel-utils repo to get the secure vault YAML configuration from the runtime. This way Carbon Secure Vault will have a dependency to the kernel-utils rather than having a dependency to the Carbon Core.
WDYT? On Thu, Mar 2, 2017 at 6:43 PM, Vidura Nanayakkara <[email protected]> wrote: > Hi all, > > Considering the Carbon Secure Vault's OSGi and Non-OSGi implementations we > are planning to: > > - Get the secure vault YAML configuration from the runtime in the OSGi > mode: This is because we can have multiple runtimes and each runtime can > have different configurations. > - Get the secure vault YAML configuration from system property (1st > priority) or classpath (2nd priority) in the non-OSGi mode > - Delegate providing other file paths (secret.properties, > master-key.yaml) to relevant implementation classes because other file > paths (secret.properties, master-key.yaml) are bound to the relevant > implementation. > > Considering the Carbon Secure Vault's OSGi implementation, I don't > currently have a way to get the secure vault YAML configuration from the > runtime (we cannot have carbon kernel as a dependency to carbon secvault > [6] since carbon configuration [5] will be dependent on carbon secvault [6] > and carbon kernel [7] will depend on carbon configuration [5] (this will > result in a cyclic dependency)). > > Therefore your input regarding how to get the secure vault YAML from > runtime in OSGi mode is appreciated. > > On Thu, Mar 2, 2017 at 6:35 PM, Vidura Nanayakkara <[email protected]> > wrote: > >> Hi, >> >> I am in the process of moving Carbon Configuration and Secure Vault from >> Carbon Kernel [7] <https://github.com/wso2/carbon-config> repository. >> Both these components will support OSGi mode as well as non-OSGi mode. >> Following >> are the reasons behind moving these into new repositories. >> >> Reasons for moving carbon configuration to a new repo: >> >> - The package is intended to provide configuration support for both >> OSGi and non-OSGi components and is to be used by MSF4J (OSGI and >> standalone mode), DAS etc. Therefore "org.wso2.carbon.configuration" >> should be a separate independent module (not inheriting the carbon >> kernel's >> parent pom) >> - Having the package within carbon kernel could lead into problems as >> having to release carbon kernel each time a change is made to >> "org.wso2.carbon.configuration" >> >> Reasons for moving carbon sec-vault to a new repo: >> >> - Carbon secure vault is to be used by the Carbon Kernal. However, >> the secure vault is provided via the carbon configuration module. >> Therefore >> we decided that it would be best if secure vault is released as a separate >> repository while carbon configuration module having a tight dependency to >> the secure vault (Since as for the above point, we have to make >> "org.wso2.carbon.configuration" a separate repository) >> - If we merge secure vault configuration with deployement.yaml and if >> there are cipher texts in deployment YAML, secure vault component has to >> depend on config component because secure vault configs reside in >> deployment YAML and config component has to depend on secure vault since >> we >> need to unciper the cipperd values in deployment YAML, that leads to >> cyclic >> dependency. >> >> According to the new structure, >> >> Carbon configuration will be in repo [5] >> <https://github.com/wso2/carbon-config> and Carbon Secure Vault will be >> in repo [6] <https://github.com/wso2/carbon-secvault>. This change will >> not have any major impact on any of the current implementations. The only >> change you have to make is to use the new maven dependencies and import any >> class used from the right package. New maven dependency information >> would be as follows for the components: >> >> *Carbon configuration* >> >> <dependency> >> <groupId>org.wso2.carbon</groupId> >> <artifactId>org.wso2.carbon.configuration</artifactId> >> <version>1.0.0-SNAPSHOT</version> >> </dependency> >> >> *Carbon Secure Vault* >> >> <dependency> >> <groupId>org.wso2.carbon</groupId> >> <artifactId>org.wso2.carbon.securevault</artifactId> >> <version>1.0.0-SNAPSHOT</version> >> </dependency> >> >> Both Carbon configuration and Carbon Secure Vault will have carbon >> features implemented that will be installed in the Carbon Kernel. New >> maven dependency information for the features of the above will be as >> follows: >> >> *Carbon configuration Feature* >> >> <dependency> >> <groupId>org.wso2.carbon</groupId> >> <artifactId>org.wso2.carbon.configuration.feature</artifactId> >> <version>1.0.0-SNAPSHOT</version> >> </dependency> >> >> *Carbon Secure Vault Feature* >> >> <dependency> >> <groupId>org.wso2.carbon</groupId> >> <artifactId>org.wso2.carbon.securevault.feature</artifactId> >> <version>1.0.0-SNAPSHOT</version> >> </dependency> >> >> Furthermore, maven configuration plugin [4] will be also moved to the >> Carbon Config [5] <https://github.com/wso2/carbon-config> repo. Carbon >> configuration maven plugin dependency information would be as mentioned >> below: >> >> <dependency> >> <groupId>org.wso2.carbon</groupId> >> <artifactId>org.wso2.carbon.configuration.maven.plugin</artifactId> >> <version>1.0.0-SNAPSHOT</version> >> </dependency> >> >> [1] Carbon Kernel Issue >> <https://github.com/wso2/carbon-kernel/issues/1312> >> [2] Carbon Sec-Vault Issue >> <https://github.com/wso2/carbon-secvault/issues/2> >> [3] Carbon Config Issue <https://github.com/wso2/carbon-config/issues/1> >> [4] [Architecture] Carbon C5 - Server Configuration Model >> [5] Carbon configuration repo <https://github.com/wso2/carbon-config> >> [6] Carbon Secvault Repo <https://github.com/wso2/carbon-secvault> >> [7] Carbon Kernel Repo <https://github.com/wso2/carbon-kernel> >> >> >> Best Regards, >> >> *Vidura Nanayakkara* >> Software Engineer >> >> Email : [email protected] >> Mobile : +94 (0) 717 919277 <+94%2071%20791%209277> >> Web : http://wso2.com >> Blog : https://medium.com/@viduran <http://wso2.com/> >> Twitter : http://twitter.com/viduranana >> LinkedIn : https://lk.linkedin.com/in/vidura-nanayakkara >> <http://wso2.com/> >> > > > > -- > Best Regards, > > *Vidura Nanayakkara* > Software Engineer > > Email : [email protected] > Mobile : +94 (0) 717 919277 <+94%2071%20791%209277> > Web : http://wso2.com > Blog : https://medium.com/@viduran <http://wso2.com/> > Twitter : http://twitter.com/viduranana > LinkedIn : https://lk.linkedin.com/in/vidura-nanayakkara > <http://wso2.com/> > -- Best Regards, *Vidura Nanayakkara* Software Engineer Email : [email protected] Mobile : +94 (0) 717 919277 Web : http://wso2.com Blog : https://medium.com/@viduran <http://wso2.com/> Twitter : http://twitter.com/viduranana LinkedIn : https://lk.linkedin.com/in/vidura-nanayakkara <http://wso2.com/>
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
