This is an automated email from the ASF dual-hosted git repository. dgriffon pushed a commit to branch set-es-password-in-migration in repository https://gitbox.apache.org/repos/asf/unomi.git
commit 1a0556cacff1c5b54641eead86c935b77767d4e1 Author: David Griffon <[email protected]> AuthorDate: Fri Jul 29 17:03:29 2022 +0200 UNOMI-583 : add credential support to ES migration data --- .../unomi/itests/migration/Migrate16xTo200IT.java | 2 +- .../unomi/shell/migration/MigrationConfig.java | 4 ++++ .../unomi/shell/migration/actions/Migrate.java | 21 ++++++++++++++++++--- .../unomi/shell/migration/utils/HttpUtils.java | 7 +++++-- .../main/resources/org.apache.unomi.migration.cfg | 2 ++ 5 files changed, 30 insertions(+), 6 deletions(-) diff --git a/itests/src/test/java/org/apache/unomi/itests/migration/Migrate16xTo200IT.java b/itests/src/test/java/org/apache/unomi/itests/migration/Migrate16xTo200IT.java index 1372ba2d7..faf6a87e5 100644 --- a/itests/src/test/java/org/apache/unomi/itests/migration/Migrate16xTo200IT.java +++ b/itests/src/test/java/org/apache/unomi/itests/migration/Migrate16xTo200IT.java @@ -39,7 +39,7 @@ public class Migrate16xTo200IT extends BaseIT { public void waitForStartup() throws InterruptedException { // Restore snapshot from 1.6.x - try (CloseableHttpClient httpClient = HttpUtils.initHttpClient(true)) { + try (CloseableHttpClient httpClient = HttpUtils.initHttpClient(true, null)) { // Create snapshot repo HttpUtils.executePutRequest(httpClient, "http://localhost:9400/_snapshot/snapshots_repository/";, resourceAsString("migration/create_snapshots_repository.json"), null); // Get snapshot, insure it exists diff --git a/tools/shell-commands/src/main/java/org/apache/unomi/shell/migration/MigrationConfig.java b/tools/shell-commands/src/main/java/org/apache/unomi/shell/migration/MigrationConfig.java index 2e6b99587..da32faba2 100644 --- a/tools/shell-commands/src/main/java/org/apache/unomi/shell/migration/MigrationConfig.java +++ b/tools/shell-commands/src/main/java/org/apache/unomi/shell/migration/MigrationConfig.java @@ -38,6 +38,8 @@ import java.util.Map; public class MigrationConfig { public static final String CONFIG_ES_ADDRESS = "esAddress"; + public static final String CONFIG_ES_LOGIN = "esLogin"; + public static final String CONFIG_ES_PASSWORD = "esPassword"; public static final String CONFIG_TRUST_ALL_CERTIFICATES = "httpClient.trustAllCertificates"; public static final String INDEX_PREFIX = "indexPrefix"; public static final String NUMBER_OF_SHARDS = "number_of_shards"; @@ -49,6 +51,8 @@ public class MigrationConfig { static { Map<String, MigrationConfigProperty> m = new HashMap<>(); m.put(CONFIG_ES_ADDRESS, new MigrationConfigProperty("Enter ElasticSearch TARGET address (default: http://localhost:9200): ", "http://localhost:9200";)); + m.put(CONFIG_ES_LOGIN, new MigrationConfigProperty("Enter ElasticSearch TARGET login (default: none): ", "")); + m.put(CONFIG_ES_PASSWORD, new MigrationConfigProperty("Enter ElasticSearch TARGET password (default: none): ", "")); m.put(CONFIG_TRUST_ALL_CERTIFICATES, new MigrationConfigProperty("We need to initialize a HttpClient, do we need to trust all certificates ?", null)); m.put(INDEX_PREFIX, new MigrationConfigProperty("Enter ElasticSearch Unomi indices prefix (default: context): ", "context")); m.put(NUMBER_OF_SHARDS, new MigrationConfigProperty("Enter ElasticSearch index mapping configuration: number_of_shards (default: 3): ", "3")); diff --git a/tools/shell-commands/src/main/java/org/apache/unomi/shell/migration/actions/Migrate.java b/tools/shell-commands/src/main/java/org/apache/unomi/shell/migration/actions/Migrate.java index dd4946d5c..585bd20c6 100644 --- a/tools/shell-commands/src/main/java/org/apache/unomi/shell/migration/actions/Migrate.java +++ b/tools/shell-commands/src/main/java/org/apache/unomi/shell/migration/actions/Migrate.java @@ -19,6 +19,11 @@ package org.apache.unomi.shell.migration.actions; import groovy.lang.GroovyClassLoader; import groovy.lang.GroovyShell; import groovy.util.GroovyScriptEngine; +import org.apache.commons.lang3.StringUtils; +import org.apache.http.auth.AuthScope; +import org.apache.http.auth.UsernamePasswordCredentials; +import org.apache.http.client.CredentialsProvider; +import org.apache.http.impl.client.BasicCredentialsProvider; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.karaf.shell.api.action.Action; import org.apache.karaf.shell.api.action.Argument; @@ -42,7 +47,7 @@ import java.util.*; import java.util.stream.Collectors; import java.util.stream.Stream; -import static org.apache.unomi.shell.migration.MigrationConfig.CONFIG_TRUST_ALL_CERTIFICATES; +import static org.apache.unomi.shell.migration.MigrationConfig.*; @Command(scope = "unomi", name = "migrate", description = "This will Migrate your data in ES to be compliant with current version. " + "It's possible to configure the migration using OSGI configuration file: org.apache.unomi.migration.cfg, if no configuration is provided then questions will be prompted during the migration process.") @@ -97,8 +102,18 @@ public class Migrate implements Action { // reset migration config from previous stored users choices. migrationConfig.reset(); - - try (CloseableHttpClient httpClient = HttpUtils.initHttpClient(migrationConfig.getBoolean(CONFIG_TRUST_ALL_CERTIFICATES, session))) { + + // Handle credentials + CredentialsProvider credentialsProvider = null; + String login = migrationConfig.getString(CONFIG_ES_LOGIN, session); + if (StringUtils.isNotEmpty(login)) { + credentialsProvider = new BasicCredentialsProvider(); + UsernamePasswordCredentials credentials + = new UsernamePasswordCredentials(login, migrationConfig.getString(CONFIG_ES_PASSWORD, session)); + credentialsProvider.setCredentials(AuthScope.ANY, credentials); + } + + try (CloseableHttpClient httpClient = HttpUtils.initHttpClient(migrationConfig.getBoolean(CONFIG_TRUST_ALL_CERTIFICATES, session), credentialsProvider)) { // Compile scripts scripts = parseScripts(scripts, session, httpClient, migrationConfig); diff --git a/tools/shell-commands/src/main/java/org/apache/unomi/shell/migration/utils/HttpUtils.java b/tools/shell-commands/src/main/java/org/apache/unomi/shell/migration/utils/HttpUtils.java index b5fa7b93d..ec7a8a6dc 100644 --- a/tools/shell-commands/src/main/java/org/apache/unomi/shell/migration/utils/HttpUtils.java +++ b/tools/shell-commands/src/main/java/org/apache/unomi/shell/migration/utils/HttpUtils.java @@ -17,6 +17,7 @@ package org.apache.unomi.shell.migration.utils; import org.apache.http.HttpEntity; +import org.apache.http.client.CredentialsProvider; import org.apache.http.client.config.RequestConfig; import org.apache.http.client.methods.*; import org.apache.http.config.Registry; @@ -52,11 +53,13 @@ import java.util.Map; public class HttpUtils { private static final Logger logger = LoggerFactory.getLogger(HttpUtils.class); - public static CloseableHttpClient initHttpClient(boolean trustAllCertificates) throws IOException { + public static CloseableHttpClient initHttpClient(boolean trustAllCertificates, CredentialsProvider credentialsProvider) throws IOException { long requestStartTime = System.currentTimeMillis(); HttpClientBuilder httpClientBuilder = HttpClients.custom().useSystemProperties(); - + if (credentialsProvider != null) { + httpClientBuilder.setDefaultCredentialsProvider(credentialsProvider); + } if (trustAllCertificates) { try { SSLContext sslContext = SSLContext.getInstance("SSL"); diff --git a/tools/shell-commands/src/main/resources/org.apache.unomi.migration.cfg b/tools/shell-commands/src/main/resources/org.apache.unomi.migration.cfg index 960020cee..1921ba5cf 100644 --- a/tools/shell-commands/src/main/resources/org.apache.unomi.migration.cfg +++ b/tools/shell-commands/src/main/resources/org.apache.unomi.migration.cfg @@ -18,5 +18,7 @@ # Migration config used for silent migration # esAddress = http://localhost:9200 +# esLogin = elastic +# esPassword = password # httpClient.trustAllCertificates = true # indexPrefix = context \ No newline at end of file
