This is an automated email from the ASF dual-hosted git repository.
joewitt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/nifi.git
The following commit(s) were added to refs/heads/main by this push:
new f9fb4223a7 NIFI-13894 Removed protected and additional keys properties
This closes #9415
f9fb4223a7 is described below
commit f9fb4223a74282b74f845ae9544910ebc7235c55
Author: exceptionfactory <[email protected]>
AuthorDate: Thu Oct 17 14:56:25 2024 -0500
NIFI-13894 Removed protected and additional keys properties
This closes #9415
- Removed nifi.sensitive.props.key.protected placeholder
- Removed nifi.sensitive.props.additional.keys placeholder
Signed-off-by: Joseph Witt <[email protected]>
---
.../bootstrap/service/MiNiFiPropertiesGenerator.java | 6 +-----
.../nifi/minifi/commons/api/MiNiFiProperties.java | 1 -
.../properties/conf/protected.nifi.properties | 19 -------------------
.../nifi-framework/nifi-resources/pom.xml | 2 --
.../src/main/resources/conf/nifi.properties | 2 --
.../src/main/resources/conf/nifi-registry.properties | 3 ---
.../resources/conf/clustered/node1/nifi.properties | 2 --
.../resources/conf/clustered/node2/nifi.properties | 2 --
.../src/test/resources/conf/default/nifi.properties | 2 --
.../src/test/resources/conf/pythonic/nifi.properties | 2 --
10 files changed, 1 insertion(+), 40 deletions(-)
diff --git
a/minifi/minifi-bootstrap/src/main/java/org/apache/nifi/minifi/bootstrap/service/MiNiFiPropertiesGenerator.java
b/minifi/minifi-bootstrap/src/main/java/org/apache/nifi/minifi/bootstrap/service/MiNiFiPropertiesGenerator.java
index aabb679e49..62371c7956 100644
---
a/minifi/minifi-bootstrap/src/main/java/org/apache/nifi/minifi/bootstrap/service/MiNiFiPropertiesGenerator.java
+++
b/minifi/minifi-bootstrap/src/main/java/org/apache/nifi/minifi/bootstrap/service/MiNiFiPropertiesGenerator.java
@@ -139,19 +139,15 @@ public class MiNiFiPropertiesGenerator {
Triple.of(NiFiProperties.FLOW_CONFIGURATION_FILE,
"./conf/flow.json.gz", EMPTY)
);
- static final String PROTECTED_POSTFIX = ".protected";
static final Map<String, String> MINIFI_TO_NIFI_PROPERTY_MAPPING =
Map.ofEntries(
entry(MiNiFiProperties.NIFI_MINIFI_FLOW_CONFIG.getKey(),
NiFiProperties.FLOW_CONFIGURATION_FILE),
entry(MiNiFiProperties.NIFI_MINIFI_SECURITY_KEYSTORE.getKey(),
NiFiProperties.SECURITY_KEYSTORE),
entry(MiNiFiProperties.NIFI_MINIFI_SECURITY_KEYSTORE_TYPE.getKey(),
NiFiProperties.SECURITY_KEYSTORE_TYPE),
entry(MiNiFiProperties.NIFI_MINIFI_SECURITY_KEYSTORE_PASSWD.getKey(),
NiFiProperties.SECURITY_KEYSTORE_PASSWD),
- entry(MiNiFiProperties.NIFI_MINIFI_SECURITY_KEYSTORE_PASSWD.getKey() +
PROTECTED_POSTFIX, NiFiProperties.SECURITY_KEYSTORE_PASSWD + PROTECTED_POSTFIX),
entry(MiNiFiProperties.NIFI_MINIFI_SECURITY_KEY_PASSWD.getKey(),
NiFiProperties.SECURITY_KEY_PASSWD),
- entry(MiNiFiProperties.NIFI_MINIFI_SECURITY_KEY_PASSWD.getKey() +
PROTECTED_POSTFIX, NiFiProperties.SECURITY_KEY_PASSWD + PROTECTED_POSTFIX),
entry(MiNiFiProperties.NIFI_MINIFI_SECURITY_TRUSTSTORE.getKey(),
NiFiProperties.SECURITY_TRUSTSTORE),
entry(MiNiFiProperties.NIFI_MINIFI_SECURITY_TRUSTSTORE_TYPE.getKey(),
NiFiProperties.SECURITY_TRUSTSTORE_TYPE),
-
entry(MiNiFiProperties.NIFI_MINIFI_SECURITY_TRUSTSTORE_PASSWD.getKey(),
NiFiProperties.SECURITY_TRUSTSTORE_PASSWD),
- entry(MiNiFiProperties.NIFI_MINIFI_SECURITY_TRUSTSTORE_PASSWD.getKey()
+ PROTECTED_POSTFIX, NiFiProperties.SECURITY_TRUSTSTORE_PASSWD +
PROTECTED_POSTFIX)
+
entry(MiNiFiProperties.NIFI_MINIFI_SECURITY_TRUSTSTORE_PASSWD.getKey(),
NiFiProperties.SECURITY_TRUSTSTORE_PASSWD)
);
static final String DEFAULT_SENSITIVE_PROPERTIES_ENCODING_ALGORITHM =
"NIFI_PBKDF2_AES_GCM_256";
diff --git
a/minifi/minifi-commons/minifi-commons-api/src/main/java/org/apache/nifi/minifi/commons/api/MiNiFiProperties.java
b/minifi/minifi-commons/minifi-commons-api/src/main/java/org/apache/nifi/minifi/commons/api/MiNiFiProperties.java
index 1c34cb5d98..34a58bcec3 100644
---
a/minifi/minifi-commons/minifi-commons-api/src/main/java/org/apache/nifi/minifi/commons/api/MiNiFiProperties.java
+++
b/minifi/minifi-commons/minifi-commons-api/src/main/java/org/apache/nifi/minifi/commons/api/MiNiFiProperties.java
@@ -123,7 +123,6 @@ public enum MiNiFiProperties {
public static final String MINIFI_LOG_DIRECTORY =
"nifi.minifi.log.directory";
public static final String MINIFI_APP_LOG_FILE =
"nifi.minifi.app.log.file";
public static final String MINIFI_BOOTSTRAP_LOG_FILE =
"nifi.minifi.bootstrap.log.file";
- public static final String ADDITIONAL_SENSITIVE_PROPERTIES_KEY =
"nifi.minifi.sensitive.props.additional.keys";
private final String key;
private final String defaultValue;
diff --git
a/nifi-framework-bundle/nifi-framework/nifi-properties-loader/src/test/resources/properties/conf/protected.nifi.properties
b/nifi-framework-bundle/nifi-framework/nifi-properties-loader/src/test/resources/properties/conf/protected.nifi.properties
deleted file mode 100644
index 208e6e31d0..0000000000
---
a/nifi-framework-bundle/nifi-framework/nifi-properties-loader/src/test/resources/properties/conf/protected.nifi.properties
+++ /dev/null
@@ -1,19 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-nifi.flow.configuration.file=./conf/flow.json.gz
-
-nifi.security.keystorePasswd=Ycac+pAe3AdHbCAC||ImnArC6KZJ+WXDMwJw2cjpOpNJFk1s5XyfbkrB8=
-nifi.security.keystorePasswd.protected=aes/gcm/128
diff --git a/nifi-framework-bundle/nifi-framework/nifi-resources/pom.xml
b/nifi-framework-bundle/nifi-framework/nifi-resources/pom.xml
index f2e8a5f1f2..bc755180de 100644
--- a/nifi-framework-bundle/nifi-framework/nifi-resources/pom.xml
+++ b/nifi-framework-bundle/nifi-framework/nifi-resources/pom.xml
@@ -78,9 +78,7 @@
<nifi.nar.unpack.uber.jar>false</nifi.nar.unpack.uber.jar>
<nifi.upload.working.directory>./work/uploads</nifi.upload.working.directory>
- <nifi.sensitive.props.key.protected />
<nifi.sensitive.props.algorithm>NIFI_PBKDF2_AES_GCM_256</nifi.sensitive.props.algorithm>
- <nifi.sensitive.props.additional.keys />
<nifi.remote.input.socket.port>9990</nifi.remote.input.socket.port>
<nifi.remote.input.secure>true</nifi.remote.input.secure>
diff --git
a/nifi-framework-bundle/nifi-framework/nifi-resources/src/main/resources/conf/nifi.properties
b/nifi-framework-bundle/nifi-framework/nifi-resources/src/main/resources/conf/nifi.properties
index e113c0443c..a0b2e5eb36 100644
---
a/nifi-framework-bundle/nifi-framework/nifi-resources/src/main/resources/conf/nifi.properties
+++
b/nifi-framework-bundle/nifi-framework/nifi-resources/src/main/resources/conf/nifi.properties
@@ -184,9 +184,7 @@ nifi.web.https.ciphersuites.exclude=
# security properties #
nifi.sensitive.props.key=
-nifi.sensitive.props.key.protected=${nifi.sensitive.props.key.protected}
nifi.sensitive.props.algorithm=${nifi.sensitive.props.algorithm}
-nifi.sensitive.props.additional.keys=${nifi.sensitive.props.additional.keys}
nifi.security.autoreload.enabled=${nifi.security.autoreload.enabled}
nifi.security.autoreload.interval=${nifi.security.autoreload.interval}
diff --git
a/nifi-registry/nifi-registry-core/nifi-registry-resources/src/main/resources/conf/nifi-registry.properties
b/nifi-registry/nifi-registry-core/nifi-registry-resources/src/main/resources/conf/nifi-registry.properties
index 5260e0a9ea..e674f3c82c 100644
---
a/nifi-registry/nifi-registry-core/nifi-registry-resources/src/main/resources/conf/nifi-registry.properties
+++
b/nifi-registry/nifi-registry-core/nifi-registry-resources/src/main/resources/conf/nifi-registry.properties
@@ -39,9 +39,6 @@
nifi.registry.security.authorizer=${nifi.registry.security.authorizer}
nifi.registry.security.identity.providers.configuration.file=${nifi.registry.security.identity.providers.configuration.file}
nifi.registry.security.identity.provider=${nifi.registry.security.identity.provider}
-# sensitive property protection properties #
-# nifi.registry.sensitive.props.additional.keys=
-
# providers properties #
nifi.registry.providers.configuration.file=${nifi.registry.providers.configuration.file}
diff --git
a/nifi-system-tests/nifi-system-test-suite/src/test/resources/conf/clustered/node1/nifi.properties
b/nifi-system-tests/nifi-system-test-suite/src/test/resources/conf/clustered/node1/nifi.properties
index dec42cd86a..3ef42c2f32 100644
---
a/nifi-system-tests/nifi-system-test-suite/src/test/resources/conf/clustered/node1/nifi.properties
+++
b/nifi-system-tests/nifi-system-test-suite/src/test/resources/conf/clustered/node1/nifi.properties
@@ -153,9 +153,7 @@ nifi.web.proxy.host=
# security properties #
nifi.sensitive.props.key=nifi-system-tests
-nifi.sensitive.props.key.protected=
nifi.sensitive.props.algorithm=NIFI_PBKDF2_AES_GCM_256
-nifi.sensitive.props.additional.keys=
nifi.security.keystore=certs/keystore.p12
nifi.security.keystoreType=PKCS12
diff --git
a/nifi-system-tests/nifi-system-test-suite/src/test/resources/conf/clustered/node2/nifi.properties
b/nifi-system-tests/nifi-system-test-suite/src/test/resources/conf/clustered/node2/nifi.properties
index 4011f357e2..74e7a3595b 100644
---
a/nifi-system-tests/nifi-system-test-suite/src/test/resources/conf/clustered/node2/nifi.properties
+++
b/nifi-system-tests/nifi-system-test-suite/src/test/resources/conf/clustered/node2/nifi.properties
@@ -153,9 +153,7 @@ nifi.web.proxy.host=
# security properties #
nifi.sensitive.props.key=nifi-system-tests
-nifi.sensitive.props.key.protected=
nifi.sensitive.props.algorithm=NIFI_PBKDF2_AES_GCM_256
-nifi.sensitive.props.additional.keys=
nifi.security.keystore=certs/keystore.p12
nifi.security.keystoreType=PKCS12
diff --git
a/nifi-system-tests/nifi-system-test-suite/src/test/resources/conf/default/nifi.properties
b/nifi-system-tests/nifi-system-test-suite/src/test/resources/conf/default/nifi.properties
index 9c24a2ab9b..3576381fbc 100644
---
a/nifi-system-tests/nifi-system-test-suite/src/test/resources/conf/default/nifi.properties
+++
b/nifi-system-tests/nifi-system-test-suite/src/test/resources/conf/default/nifi.properties
@@ -154,9 +154,7 @@ nifi.web.proxy.host=
# security properties #
nifi.sensitive.props.key=nifi-system-tests
-nifi.sensitive.props.key.protected=
nifi.sensitive.props.algorithm=NIFI_PBKDF2_AES_GCM_256
-nifi.sensitive.props.additional.keys=
nifi.security.keystore=certs/keystore.p12
nifi.security.keystoreType=PKCS12
diff --git
a/nifi-system-tests/nifi-system-test-suite/src/test/resources/conf/pythonic/nifi.properties
b/nifi-system-tests/nifi-system-test-suite/src/test/resources/conf/pythonic/nifi.properties
index e53459e955..0fdfa37765 100644
---
a/nifi-system-tests/nifi-system-test-suite/src/test/resources/conf/pythonic/nifi.properties
+++
b/nifi-system-tests/nifi-system-test-suite/src/test/resources/conf/pythonic/nifi.properties
@@ -158,9 +158,7 @@ nifi.web.proxy.host=
# security properties #
nifi.sensitive.props.key=nifi-system-tests
-nifi.sensitive.props.key.protected=
nifi.sensitive.props.algorithm=NIFI_PBKDF2_AES_GCM_256
-nifi.sensitive.props.additional.keys=
nifi.security.keystore=certs/keystore.p12
nifi.security.keystoreType=PKCS12
